MyCity » Ambulanta -> Arhiva Ambulante » Provjera loga

Provjera loga

Napisano na dan: 29.12.2008

Provjera loga

Sledeća strana

Pagination

Odgovori

acomitrovic Poslao: 29 Dec 2008 13:56 Idi na vrh
offline acomitrovic Novi MyCity građanin Pridružio: 29 Dec 2008 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:46:43, on 29.12.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Eset\nod32kui.exe C:\WINDOWS\gtwatch.exe C:\WINDOWS\Gtwatch.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\RMClient\PMCTray.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\AutoCAD 2007\acad.exe C:\Program Files\Common Files\Autodesk Shared\WSCommCntr1.exe C:\Program Files\Google\Picasa3\Picasa3.exe C:\Documents and Settings\Macrohard\My Documents\SKINUTO SA INTERNETA\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157 R3 - URLSearchHook: HamLinks Toolbar - {7adf87fb-c108-4a73-8135-1cca9779fb5b} - C:\Program Files\HamLinks\tbHam0.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: HamLinks Toolbar - {7adf87fb-c108-4a73-8135-1cca9779fb5b} - C:\Program Files\HamLinks\tbHam0.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: HamLinks Toolbar - {7adf87fb-c108-4a73-8135-1cca9779fb5b} - C:\Program Files\HamLinks\tbHam0.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Gtwatch] C:\WINDOWS\gtwatch.exe O4 - HKLM\..\Run: [JobHisInit] C:\Program Files\RMClient\JobHisInit.exe O4 - HKLM\..\Run: [MplSetUp] C:\Program Files\RMClient\MplSetUp.exe O4 - HKLM\..\Run: [] C:\WINDOWS\Gtwatch.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Gadwin PrintScreen 2.6] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user') O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe O4 - Global Startup: SmartDeviceMonitor for Client.lnk = C:\Program Files\RMClient\PMClient.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Download Video on This Page - C:\Program Files\Tomato\TubeDownload\IEPage.html O8 - Extra context menu item: Download Video This Links To - C:\Program Files\Tomato\TubeDownload\IELink.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Download Video - {45B79C91-E9B5-4551-8C43-03EF82B4BC63} - C:\Program Files\Tomato\TubeDownload\IEPage.html O9 - Extra 'Tools' menuitem: Download Video on This Page - {45B79C91-E9B5-4551-8C43-03EF82B4BC63} - C:\Program Files\Tomato\TubeDownload\IEPage.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com/fwlink/?linkid=39204 O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Canon Camera Access Library 8 (CCALib8-) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe -- End of file - 7826 bytes

Profil

bobby Poslao: 29 Dec 2008 15:06 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Na sta se konkretno zalis?

Profil

acomitrovic Poslao: 29 Dec 2008 17:54 Idi na vrh
offline acomitrovic Novi MyCity građanin Pridružio: 29 Dec 2008 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Izvini što nisam objasnio problem.To je log sa računara na poslu.Najviše radim u AutoCAD-u i u poslednje vrijeme se ACAD 2007 jako sporo diže i ponekad se "zakuje",pa je potrebno isključiti na Task Manager-u,što ranije nije bio slučaj,dok ACAD2004 sasvim dobro radi(Njega držim instaliranog pošto Sewer+,koji ja imam licenciran ne radi na novijim verzijama). Računar je sasvim dobar i ranije nije ovako sporo radio. Ako nemate vremena,nije toliko bitno. Pozdrav

Profil

bobby Poslao: 29 Dec 2008 20:17 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nije do vremena. Bilo mi je potrebno da znam barem neke pocetne vektore od kojih da krenem. Sada cu da pogledam log, pa cu da ti napisem sta i kako dalje. Dopuna: 29 Dec 2008 20:17 Nema niceg spornog u tom logu. Daj da pustimo jos jedan program, da vidimo sta ce njegov log da kaze: Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

acomitrovic Poslao: 29 Dec 2008 21:28 Idi na vrh
offline acomitrovic Novi MyCity građanin Pridružio: 29 Dec 2008 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Znaš bobby kad si čitav dan na računaru,pa više ne znaš gde si.Ja hladno dođem sa posla u stan i pročitam poruku i skeniran kućni računar,uradim sve po tvom uputstvu,ali pogrešan računar.Doduše i kući radim na istim programima,ACAD,Sewer itd.Znači.šaljem ti log sa mog ličnog računara,mada su slični.Ako je ovaj u redu,onda mi je to i značajnije,jer privatno radim projekte (vodovod,kanalizacija,projekti izvedenog stanja i slično). Molim te pogledaj ovaj log. Pozdrav, Aco Mitrović sa Pala ComboFix 08-12-28.04 - mh 2008-12-29 21:05:18.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.457 [GMT 1:00] Running from: c:\documents and settings\mh\Desktop\ComboFix.exe AV: AVG Anti-Virus Free On-access scanning disabled (Updated) AV: AVG 7.5.552 On-access scanning enabled (Updated) . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . C:\autorun.inf c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013 c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini D:\Autorun.inf . ((((((((((((((((((((((((( Files Created from 2008-11-28 to 2008-12-29 ))))))))))))))))))))))))))))))) . 2225-04-08 20:09 . 2225-04-08 20:09 3,120 --a------ c:\windows\kgdswhree.ini 2020-12-29 19:25 . 2020-12-29 19:25 3,120 --a------ c:\windows\kgdssys.ini 2008-12-29 17:58 . 2008-12-29 17:58 236 --a------ C:\sqmdata03.sqm 2008-12-29 17:58 . 2008-12-29 17:58 200 --a------ C:\sqmnoopt03.sqm 2008-12-29 17:54 . 2008-12-29 17:54 <DIR> d-------- c:\documents and settings\mh\Application Data\SkypeCallRecorder 2008-12-29 17:53 . 2008-12-29 21:10 <DIR> d-------- c:\program files\SkypeCallRecorder 2008-12-28 23:45 . 2008-12-28 23:45 236 --a------ C:\sqmdata02.sqm 2008-12-28 23:45 . 2008-12-28 23:45 200 --a------ C:\sqmnoopt02.sqm 2008-12-28 23:24 . 2008-12-28 23:24 <DIR> d-------- c:\program files\Common Files\Aladdin Shared 2008-12-28 23:20 . 2008-12-28 23:20 <DIR> d-------- c:\program files\Rocscience 2008-12-28 01:27 . 2008-12-28 01:27 236 --a------ C:\sqmdata01.sqm 2008-12-28 01:27 . 2008-12-28 01:27 200 --a------ C:\sqmnoopt01.sqm 2008-12-27 21:35 . 2008-12-27 21:35 <DIR> d-------- c:\program files\uTorrent 2008-12-27 21:35 . 2008-12-28 09:37 <DIR> d-------- c:\documents and settings\mh\Application Data\uTorrent 2008-12-26 21:54 . 2008-12-26 21:54 236 --a------ C:\sqmdata00.sqm 2008-12-26 21:54 . 2008-12-26 21:54 200 --a------ C:\sqmnoopt00.sqm 2008-12-26 20:01 . 2000-08-19 18:14 688,128 --a------ c:\windows\system32\BCGCB473.dll 2008-12-26 19:58 . 2008-12-26 19:58 <DIR> d-------- c:\program files\WexTech 2008-12-26 19:58 . 2008-12-26 19:58 <DIR> d-------- c:\program files\Common Files\LHSPF 2008-12-26 19:58 . 2000-05-02 10:03 225,280 --a------ c:\windows\system32\awrtl30.dll 2008-12-26 19:58 . 1998-08-04 11:22 111,616 --------- c:\windows\system32\Ltih30tb.dll 2008-12-26 19:57 . 2000-10-20 13:25 487,184 --a------ c:\windows\system32\Mrt7enu.dll 2008-12-26 19:57 . 2000-10-20 13:25 446,464 --a------ c:\windows\system32\hhactivex.dll 2008-12-26 19:57 . 2000-10-20 13:25 79,360 --a------ c:\windows\system32\acdbres.dll 2008-12-26 19:57 . 2000-10-20 13:25 31,744 --a------ c:\windows\system32\Hlp95en.dll 2008-12-26 19:54 . 2008-12-26 19:58 <DIR> d-------- c:\program files\Common Files\Wextech Shared 2008-12-26 19:52 . 2008-12-26 20:03 <DIR> d-------- c:\program files\AutoCAD 2002 2008-12-26 19:16 . 2008-12-26 19:16 109,192 --ah----- c:\windows\system32\mlfcache.dat 2008-12-26 17:20 . 2008-12-28 09:50 <DIR> dr-h----- C:\$VAULT$.AVG 2008-12-26 17:06 . 2008-12-26 17:06 <DIR> d-------- c:\program files\Ashampoo 2008-12-26 16:56 . 2008-12-28 08:49 <DIR> d-------- c:\documents and settings\mh\Application Data\AVG7 2008-12-26 16:56 . 2008-12-26 16:56 <DIR> d-------- c:\documents and settings\LocalService\Application Data\AVG7 2008-12-26 16:55 . 2008-12-26 16:55 <DIR> d-------- c:\documents and settings\All Users\Application Data\Grisoft 2008-12-26 16:55 . 2008-12-26 17:19 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg7 2008-12-21 21:12 . 2008-12-21 21:12 <DIR> d-------- c:\program files\IrfanView 2008-12-13 18:43 . 2008-09-27 12:24 428 --a------ C:\ma477.bin 2008-12-12 22:47 . 2008-12-12 22:47 3,751,995 --a------ c:\windows\system32\GPhotos.scr 2008-12-10 20:56 . 2008-12-10 20:56 <DIR> d-------- c:\program files\Typhoon Software 2008-12-10 20:56 . 2008-12-29 21:08 53,312 --a------ c:\windows\system32\drivers\pssdklbf.sys 2008-12-10 20:56 . 2008-12-29 21:08 36,928 --a------ c:\windows\system32\drivers\pssdk41.sys 2008-12-08 19:30 . 2008-12-08 19:31 <DIR> d-------- c:\program files\SopCast 2008-12-07 08:17 . 2008-12-07 08:17 <DIR> d-------- c:\program files\Real 2008-12-07 08:17 . 2008-12-07 08:17 <DIR> d-------- c:\program files\Common Files\xing shared 2008-12-07 08:17 . 2008-12-07 08:17 <DIR> d-------- c:\program files\Common Files\Real 2008-12-06 09:30 . 2008-12-06 09:30 <DIR> d-------- c:\program files\Spybot - Search & Destroy 2008-12-06 09:30 . 2008-12-06 18:51 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-11-29 08:12 . 2008-11-29 08:12 <DIR> d-------- c:\program files\FormatFactory . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-29 20:11 --------- d-----w c:\documents and settings\mh\Application Data\Skype 2008-12-29 16:54 --------- d-----w c:\documents and settings\mh\Application Data\skypePM 2008-12-28 22:42 --------- d-----w c:\program files\Common Files\Autodesk Shared 2008-12-28 22:41 --------- d-----w c:\program files\Common Files\Wise Installation Wizard 2008-12-28 22:20 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-28 21:00 148,312 ----a-w c:\documents and settings\mh\Application Data\GDIPFONTCACHEV1.DAT 2008-12-28 17:42 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater 2008-12-27 11:03 --------- d-----w c:\documents and settings\mh\Application Data\ZoomBrowser EX 2008-12-27 11:02 --------- d-----w c:\documents and settings\All Users\Application Data\ZoomBrowser 2008-12-26 19:01 --------- d-----w c:\program files\SL-King 2008-12-26 18:41 --------- d-----w c:\program files\Radimpex 2008-12-26 16:30 --------- d-----w c:\program files\Norton SystemWorks 2008-12-26 15:46 --------- d-----w c:\documents and settings\All Users\Application Data\avg8 2008-12-11 19:57 921,632 ----a-w C:\PA207.DAT 2008-12-07 07:17 348,160 ----a-w c:\windows\system32\msvcr71.dll 2008-12-01 15:53 --------- d-----w c:\program files\Google 2008-11-29 07:38 --------- d-----w c:\program files\Autodesk 2008-11-29 07:21 --------- d-----w c:\documents and settings\mh\Application Data\LimeWire 2008-11-27 19:21 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer 2008-11-27 16:13 --------- d-----w c:\program files\Look 110 2008-11-27 16:13 --------- d-----w c:\program files\Common Files\Look110 2008-11-26 16:18 --------- d-----w c:\program files\Windows Live 2008-11-26 16:18 --------- d-----w c:\program files\Microsoft 2008-11-26 15:55 --------- d-----w c:\program files\Common Files\Windows Live 2008-11-26 00:39 --------- d-----w c:\program files\AVG 2008-11-25 23:58 --------- d-----w c:\documents and settings\mh\Application Data\Ipref 2008-11-11 19:24 --------- d-----w c:\program files\Ipref 2008-10-21 20:20 561,152 ----a-w c:\windows\AJScreensaver.scr 2008-11-25 21:04 122,880 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll 2007-06-29 08:16 32 --sha-w c:\windows\{1AA9496E-D86D-4F41-BBA3-871F3D31DC01}.dat 2007-06-29 08:17 32 --sha-w c:\windows\{32291D01-820F-4C83-ADBC-3FA13AFAD10F}.dat 2007-06-29 08:16 32 --sha-w c:\windows\{EE474DA8-41EB-498F-984D-E33BB296DE19}.dat 2007-06-29 08:16 32 --sha-w c:\windows\system32\{053EE95C-8EBA-4EAF-88FB-E0DDC15126F0}.dat 2007-06-29 08:16 32 --sha-w c:\windows\system32\{536BFF3C-CC4E-4293-B05B-680DC0A075C1}.dat 2007-06-29 08:17 32 --sha-w c:\windows\system32\{A4FB32A7-1145-45A2-95AC-4E0D550FCAE6}.dat 2008-08-14 08:53 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008081420080815\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "EPSON Stylus DX4400 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE" [2007-03-01 180736] "NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-02-10 1937408] "ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2007-11-06 791792] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-09-09 3513344] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-11-13 2105176] "Gadwin PrintScreen"="c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe" [2008-12-09 495616] "Skype Call Recorder"="c:\program files\SkypeCallRecorder\SkypeCallRecorder.exe" [2008-12-08 1180160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-11-25 29744] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-12-07 185872] "AVG7_CC"="c:\progra~1\Grisoft\AVG7\avgcc.exe" [2008-12-27 590848] "AntiSpyWare2Guard"="c:\program files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe" [2007-08-14 2334040] "SoundMan"="SOUNDMAN.EXE" [2004-12-22 c:\windows\SOUNDMAN.EXE] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "AVG7_Run"="c:\progra~1\Grisoft\AVG7\avgw.exe" [2008-12-27 219136] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] "IE7-10"="advpack.dll" [2007-07-22 c:\windows\system32\advpack.dll] c:\documents and settings\All Users\Start Menu\Programs\Startup\ PC Lighthouse.lnk - c:\program files\Typhoon Software\PC Lighthouse\PC Lighthouse.exe [2008-12-10 1015808] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoCAD Startup Accelerator.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk backup=c:\windows\pss\AutoCAD Startup Accelerator.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk backup=c:\windows\pss\Microsoft Office.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadwin PrintScreen 2.6] --a------ 2008-12-09 12:08 495616 c:\program files\Gadwin Systems\PrintScreen\PrintScreen.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2008-03-14 21:14 77824 c:\program files\Java\jre1.6.0\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] --a------ 2004-12-20 19:41 33792 c:\program files\Winamp\winampa.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "wuauserv"=2 (0x2) "srservice"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Program Files\\SopCast\\SopCast.exe"= "c:\\Program Files\\SopCast\\adv\\SopAdver.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Grisoft\\AVG7\\avginet.exe"= "c:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"= "c:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R2 AASW2_Service;Ashampoo AntiSpyWare 2 Service;c:\program files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe [2008-12-26 728920] R3 PAC207;Look 110;c:\windows\system32\DRIVERS\PFC027.SYS [2008-11-27 507264] R3 PsSdk41;PsSdk41;\??\c:\windows\system32\Drivers\pssdk41.sys [2008-12-10 36928] R3 PsSdkLBF;PsSdkLBF;\??\c:\windows\system32\Drivers\pssdklbf.sys [2008-12-10 53312] S2 63F3D464;63F3D464;c:\windows\system32\6260E4E2.EXE -k [] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;"c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-10-14 29744] S3 GPU-Z;GPU-Z;\??\c:\docume~1\mh\LOCALS~1\Temp\GPU-Z.sys [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{031e2ede-5011-11dd-bdef-000c76986854}] \Shell\Auto\command - F:\auto.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe \Shell\explore\Command - F:\3wcxx91.cmd \Shell\open\Command - F:\3wcxx91.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{06dc2448-4902-11dc-9f1d-000c76986854}] \Shell\AutoRun\command - F:\yt8a.exe \Shell\Explore\Command - F:\yt8a.exe \Shell\Open\Command - F:\yt8a.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d0f7a56-2ab7-11dd-bd98-000c76986854}] \Shell\Auto\command - F:\auto.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe \Shell\explore\Command - F:\3wcxx91.cmd \Shell\open\Command - F:\3wcxx91.cmd . Contents of the 'Scheduled Tasks' folder 2008-12-06 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 14:21] 2008-12-26 c:\windows\Tasks\Norton SystemWorks One Button Checkup.job - c:\program files\Norton SystemWorks\OBC.exe [2002-08-29 20:30] . - - - - ORPHANS REMOVED - - - - MSConfigStartUp-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe . ------- Supplementary Scan ------- . uDefault_Search_URL = hxxp://www.google.com/ie uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\mh\Application Data\Mozilla\Firefox\Profiles\602ldo58.default\ FF - prefs.js: browser.startup.homepage - hxxp://www3.serbiancafe.com/lat/evropa/\|http://www.politika.rs/\|http://radiostanica.com/stanice.php?loc=Srb\|http://mail.google.com/mail/?zx=vkmz474yxqq1&shva=1#inbox\|http://www.yahoo.com/\|http://bl124w.blu124.mail.live.com/mail/InboxLight.aspx?n=1926881603\|http://webmail.teol.net/showmail.php?Folder=Inbox&unique=192841229191593&FolderLoad=1 FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1399.3742\npCIDetect13.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava11.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava12.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava13.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava14.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava32.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjpi160.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npoji610.dll . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-12-29 21:09:10 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(744) c:\program files\Ashampoo\Ashampoo AntiSpyWare 2\Guard.dll - - - - - - - > 'lsass.exe'(800) c:\program files\Ashampoo\Ashampoo AntiSpyWare 2\Guard.dll - - - - - - - > 'csrss.exe'(720) c:\program files\Ashampoo\Ashampoo AntiSpyWare 2\Guard.dll . ------------------------ Other Running Processes ------------------------ . c:\progra~1\Grisoft\AVG7\avgamsvr.exe c:\progra~1\Grisoft\AVG7\avgupsvc.exe c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe c:\progra~1\NORTON~1\SPEEDD~1\NOPDB.EXE c:\program files\Canon\CAL\CALMAIN.exe . ************************************************************************ . Completion time: 2008-12-29 21:13:56 - machine was rebooted [mh] ComboFix-quarantined-files.txt 2008-12-29 20:13:52 Pre-Run: 8,759,713,792 bytes free Post-Run: 8,635,015,168 bytes free 255

Profil

bobby Poslao: 30 Dec 2008 17:06 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nije sve jedno sa kog racunara je log. Ovaj ovde ti je bio zarazen (a postoji mogucnost da jos uvek jeste zarazen) crvom koji se siri putem USB memorija. Hoces da u ovoj temi resavamo ovaj kucni racunar, a da za onaj s posla otvoris drugu temu?

Profil

acomitrovic Poslao: 30 Dec 2008 20:54 Idi na vrh
offline acomitrovic Novi MyCity građanin Pridružio: 29 Dec 2008 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav bobby, sad sam stigao i čitam poruku.Vjerovatno je sa USB-a nešto prešlo,primjetio sam neki Autorun ili tako nešto,koji se stalno pojavljuje,iako ga brišem. Važi,ova tema za kućni a otvoriću sutra novu temu za računar na poslu. Pozdrav, Aco Mitrović

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Provjera loga

Ko je trenutno na forumu

Ukupno su 906 korisnika na forumu :: 32 registrovanih, 4 sakrivenih i 870 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: bankulen, Ben Roj, bojank, BSD, djo97, doktor1964, DPera, draggan, gorican, hyla, Karla, Krvava Devetka, kybonacci, Lazarus, m0nstrum_, Mi lao shu, mikrimaus, milenko crazy north, Motocar, nebkv, Nemanja.M, panzerwaffe, Parker, slonic_tonic, sombrero, SR-3m, Srki94, Srle993, stalja, vaso1, Wrangler, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by