Možda tražite i:
racunar se sam gasi
Racunar se ne gasi nego restartuje
Gasi se racunar!
Gasi se racunar ...

MyCity » Ambulanta -> Arhiva Ambulante » Racunar se gasi

Racunar se gasi

Napisano na dan: 22.2.2010

Racunar se gasi

Sledeća strana

Pagination

Odgovori

trajan Poslao: 22 Feb 2010 10:08 Idi na vrh
offline trajan Novi MyCity građanin Pridružio: 10 Feb 2006 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Evo vec treci put pokusavam da vam posaljem logove ali kad kopiram gmer 3 izbaci mi fatalnu grsku i ugasi komp. Problem je sledeci,od pre otprilike mesec dana racunar je uporio i nekoliko puta mi se zabagovao pa moram da ga restartujem.Od pre par dana mi se desava da pocrni ekran kao da je iskljucen.Imam 32bitni licenciran windows. DDS (Ver_09-12-01.01) - NTFSx86 Run by User at 9:08:27,65 on pon 22.02.2010 Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_17 Microsoft Windows XP Professional 5.1.2600.2.1251.381.1033.18.511.215 [GMT 1:00] AV: avast! antivirus 4.8.1368 [VPS 100221-1] On-access scanning enabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: Norton Internet Worm Protection disabled {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch C:\WINDOWS\system32\svchost -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\IObit\IObit Security 360\IS360srv.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\system32\SCForte.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\IObit\IObit Security 360\IS360tray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Weather Watcher\ww.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\User\Desktop\dds.scr C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe C:\WINDOWS\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = [Link mogu videti samo ulogovani korisnici] uSearch Page = [Link mogu videti samo ulogovani korisnici] uSearch Bar = [Link mogu videti samo ulogovani korisnici] mDefault_Page_URL = [Link mogu videti samo ulogovani korisnici] mDefault_Search_URL = [Link mogu videti samo ulogovani korisnici] mSearch Page = [Link mogu videti samo ulogovani korisnici] mStart Page = [Link mogu videti samo ulogovani korisnici] mSearch Bar = [Link mogu videti samo ulogovani korisnici] uInternet Connection Wizard,ShellNext = iexplore uSearchAssistant = [Link mogu videti samo ulogovani korisnici] uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici] mSearchAssistant = [Link mogu videti samo ulogovani korisnici] uURLSearchHooks: &Yahoo! Companion: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\ycomp5_6_2_0.dll BHO: Yahoo! Companion BHO: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\ycomp5_6_2_0.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll TB: &Yahoo! Companion: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\ycomp5_6_2_0.dll TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File TB: {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No File TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File TB: {E738F11F-B0F3-4E0D-A5CA-6ED7B0BD4F5D} - No File uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [WeatherWatcher] c:\program files\weather watcher\ww.exe uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [Advanced SystemCare 3] "c:\program files\iobit\advanced systemcare 3\AWC.exe" /startup uRun: [SmartRAM] "c:\program files\iobit\advanced systemcare 3\Sup_SmartRAM.exe" /m uRunServices: [MS Shell Services] c:\program files\teslain kidlogger\MainWnd.exe -m mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe mRun: [PCSuiteTrayApplication] c:\program files\nokia\nokia pc suite 6\LaunchApplication.exe -startup mRun: [nusbantivirus] "c:\program files\naevius usb antivirus\usbantivirus.exe" -hide mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [IObit Security 360] "c:\program files\iobit\iobit security 360\IS360tray.exe" /autostart mRun: [UIUCU] c:\docume~1\user\locals~1\temp\UIUCU.EXE -CLEAN_UP -S dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRun: [Nokia.PCSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog uPolicies-explorer: ForceActiveDesktopOn = 0 (0x0) uPolicies-explorer: NoActiveDesktop = 2 (0x2) uPolicies-system: Wallpaper = IE: &Search IE: Add to AMV Converter... - c:\program files\mp3 player utilities 4.15\amvconverter\grab.html IE: MediaManager tool grab multimedia file - c:\program files\mp3 player utilities 4.15\mediamanager\grab.html IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [Link mogu videti samo ulogovani korisnici] DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - [Link mogu videti samo ulogovani korisnici] TCP: {9B5225C2-7F5E-441B-ACAD-FEC7B3765330} = 192.168.0.254,212.200.36.11 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\Skype4COM.dll Notify: AtiExtEvent - Ati2evxx.dll SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - No File LSA: Authentication Packages = msv1_0 nwprovau ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\user\applic~1\mozilla\firefox\profiles\v8nkt1cn.default\ FF - prefs.js: browser.search.defaulturl - [Link mogu videti samo ulogovani korisnici]{searchTerms}?babsrc=browsersearch FF - prefs.js: browser.search.selectedEngine - FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici] FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici] FF - component: c:\documents and settings\user\application data\mozilla\firefox\profiles\v8nkt1cn.default\extensions\{7378b8c2-fc38-41b8-a8c9-875d1f5b0a24}\components\NativeComponent.dll FF - component: c:\documents and settings\user\application data\mozilla\firefox\profiles\v8nkt1cn.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\documents and settings\user\application data\facebook\npfbplugin_1_0_1.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\google updater\2.4.1636.7222\npCIDetect13.dll FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\mozilla firefox\plugins\npgcplug.dll FF - plugin: c:\program files\mozilla firefox\plugins\npracplug.dll FF - plugin: c:\program files\openoffice.org 2.0\program\npsoplugin.dll FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); ============= SERVICES / DRIVERS =============== R0 iteraid;ITERAID_Service_Install;c:\windows\system32\drivers\iteraid.sys [2006-7-27 25067] R0 MPRIFL;MPRIFL;c:\windows\system32\drivers\mprifl.sys [2008-1-31 17264] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-6-15 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-6-15 20560] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2008-6-15 138680] R2 IS360service;IS360service;c:\program files\iobit\iobit security 360\is360srv.exe [2009-11-7 311568] R2 ServiceAceSpy;SCfortify;c:\windows\system32\SCForte.exe [2009-7-19 577872] R2 WinFLdrv;WinFLdrv;c:\windows\system32\WinFLdrv.sys [2009-10-23 10752] R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2008-6-15 254040] R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2008-6-15 352920] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-7-12 133104] S2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebsearch\bar\2.bin\mwssvc.exe --> c:\progra~1\mywebsearch\bar\2.bin\mwssvc.exe [?] S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2006-7-27 25244] S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2006-10-30 33792] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2009-1-20 18176] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2009-1-20 7680] S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2009-1-20 42112] S3 USBModem000;LGE Mobile USB Modem TC;c:\windows\system32\drivers\usbser.sys [2006-8-3 25600] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\msn messenger\usnsvc.exe [2007-1-19 97136] S4 Dmu-rs012m;Dmu-rs012m; [x] =============== Created Last 30 ================ 2010-02-21 10:40:57 54156 ---ha-w- c:\windows\QTFont.qfn 2010-02-21 10:40:57 1409 ----a-w- c:\windows\QTFont.for 2010-02-19 18:47:36 0 d-----w- c:\docume~1\alluse~1\applic~1\PCPitstop 2010-02-19 18:47:34 0 d-----w- c:\program files\PCPitstop 2010-02-11 08:16:19 0 d-----w- c:\docume~1\user\applic~1\Facebook 2010-02-03 15:19:14 0 d-----w- c:\docume~1\user\applic~1\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 2010-02-02 07:35:46 0 d-----w- c:\docume~1\user\applic~1\Agnitum 2010-02-01 12:09:27 0 d-----w- c:\program files\Agnitum 2010-01-23 22:47:30 618496 ----a-w- c:\windows\system32\MSSTTFTTM.ocx 2010-01-23 22:47:29 98304 ----a-w- c:\windows\system32\Msdxm11.ocx 2010-01-23 22:47:28 212992 ----a-w- c:\windows\system32\sql.dll 2010-01-23 22:47:27 0 d-----w- c:\program files\MP3 Cutter 2010-01-23 17:20:53 0 d-----w- C:\Intel ==================== Find3M ==================== 2008-09-24 21:24:57 774144 ----a-w- c:\program files\RngInterstitial.dll 2008-06-10 13:09:36 80 --sha-w- c:\windows\system32\indata.dat 2007-10-16 10:16:45 22073376 -csha-w- c:\windows\system32\drivers\fidbox.dat ============= FINISH: 9:09:59,25 =============== [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici]

Profil

diarno Poslao: 22 Feb 2010 15:55 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav i Dobrodosao na Forum Pazljivo isprati sledece uputstvo : Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

trajan Poslao: 25 Feb 2010 11:40 Idi na vrh
offline trajan Novi MyCity građanin Pridružio: 10 Feb 2006 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 24 Feb 2010 10:28 ComboFix 10-02-23.04 - User 24.02.2010 10:11:27.3.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1251.381.1033.18.511.282 [GMT 1:00] Running from: c:\documents and settings\User\Desktop\ComboFix.exe FW: Norton Internet Worm Protection disabled {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} . ADS - netcfgx.dll: deleted 68 bytes in 1 streams. ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat c:\documents and settings\User\Application Data\.# c:\documents and settings\User\Application Data\AD ON Multimedia c:\documents and settings\User\Application Data\AD ON Multimedia\eBay Shortcuts\config.ini c:\documents and settings\User\Application Data\AD ON Multimedia\eBay Shortcuts\eBayShortcuts.exe c:\documents and settings\User\Application Data\BITS c:\documents and settings\User\Application Data\BITS\BITS.ini c:\documents and settings\User\Application Data\BITS\DHTTable.dat c:\documents and settings\User\Application Data\BITS\UPnP.ini c:\program files\FlashGet Network c:\program files\FlashGet Network\FlashGet universal\fgoption.ini c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat c:\windows\system32\dumphive.exe c:\windows\system32\Process.exe c:\windows\system32\SrchSTS.exe c:\windows\system32\taskmgr.dll c:\windows\system32\tmp.reg c:\windows\system32\VCCLSID.exe c:\windows\system32\WS2Fix.exe ----- BITS: Possible infected sites ----- [Link mogu videti samo ulogovani korisnici] . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_MYWEBSEARCHSERVICE -------\Service_MyWebSearchService ((((((((((((((((((((((((( Files Created from 2010-01-24 to 2010-02-24 ))))))))))))))))))))))))))))))) . 2010-02-22 10:17 . 2010-02-11 18:53 38848 ----a-w- c:\windows\system32\avastSS.scr 2010-02-22 10:17 . 2010-02-11 18:53 153184 ----a-w- c:\windows\system32\aswBoot.exe 2010-02-22 10:12 . 2010-02-22 10:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software 2010-02-19 18:47 . 2010-02-19 18:49 -------- d-----w- c:\documents and settings\All Users\Application Data\PCPitstop 2010-02-19 18:47 . 2010-02-19 20:39 -------- d-----w- c:\program files\PCPitstop 2010-02-11 08:16 . 2010-02-11 08:16 50354 ----a-w- c:\documents and settings\User\Application Data\Facebook\uninstall.exe 2010-02-11 08:16 . 2010-02-11 08:16 -------- d-----w- c:\documents and settings\User\Application Data\Facebook 2010-02-03 15:19 . 2010-02-03 15:19 -------- d-----w- c:\documents and settings\User\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 2010-02-03 15:18 . 2009-07-19 17:19 38200 ----a-w- c:\documents and settings\User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-02-02 07:35 . 2010-02-22 10:14 -------- d-----w- c:\documents and settings\User\Application Data\Agnitum 2010-02-01 22:04 . 2010-02-01 22:04 847040 ----a-w- c:\documents and settings\User\Application Data\Facebook\axfbootloader.dll 2010-02-01 22:04 . 2010-02-01 22:04 5578752 ----a-w- c:\documents and settings\User\Application Data\Facebook\npfbplugin_1_0_1.dll 2010-02-01 12:09 . 2010-02-22 10:14 -------- d-----w- c:\program files\Agnitum . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-22 10:17 . 2007-11-19 09:23 -------- d-----w- c:\program files\Alwil Software 2010-02-22 10:08 . 2006-08-29 09:54 -------- d-----w- c:\documents and settings\User\Application Data\OpenOffice.org2 2010-02-19 20:40 . 2007-09-08 11:28 -------- d-----w- c:\documents and settings\User\Application Data\Skype 2010-02-19 19:45 . 2009-12-10 21:10 -------- d-----w- c:\program files\ALCATEL PC Suite 2010-02-19 17:51 . 2009-07-19 22:41 -------- d-----w- c:\documents and settings\User\Application Data\skypePM 2010-02-05 08:35 . 2007-06-05 15:51 -------- d-----w- c:\program files\Google 2010-01-30 17:28 . 2008-04-20 19:24 -------- d-----w- c:\documents and settings\User\Application Data\WeatherWatcher 2010-01-23 22:47 . 2010-01-23 22:47 -------- d-----w- c:\program files\MP3 Cutter 2010-01-23 22:42 . 2006-11-20 19:35 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2010-01-23 17:18 . 2010-01-23 17:18 2837016 ----a-w- c:\documents and settings\User\Application Data\Uniblue\DriverScanner\Download\pci_ven_8086_dev_27708_3_0_1011.exe 2010-01-23 17:16 . 2009-12-04 17:42 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverScanner 2010-01-16 22:48 . 2007-09-03 17:43 -------- d-----w- c:\program files\MotoKup 2010-01-16 22:33 . 2009-01-22 21:27 -------- d-----w- c:\program files\Motorola USB Treiber 2010-01-16 17:11 . 2006-07-27 14:08 -------- d-----w- c:\program files\Common Files\Adobe 2010-01-15 17:23 . 2010-01-15 17:23 -------- d-----w- c:\program files\AMR to MP3 Converter 2010-01-15 17:18 . 2010-01-15 17:18 -------- d-----w- c:\program files\LitexMedia 2010-01-09 19:26 . 2009-10-23 23:09 -------- d-----w- c:\program files\Folder Lock 2010-01-09 18:19 . 2009-10-22 15:24 -------- d-----w- c:\program files\Common Files\DVDVideoSoft 2010-01-09 18:19 . 2009-10-22 15:24 -------- d-----w- c:\program files\DVDVideoSoft 2010-01-08 11:14 . 2009-10-12 18:24 -------- d-----w- c:\documents and settings\User\Application Data\MagicEffect Photo 2009-12-28 07:03 . 2007-11-14 22:21 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstCCD.exe 2009-12-28 07:03 . 2007-11-14 22:21 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCSFEMsi.exe 2009-12-28 07:03 . 2007-11-14 22:21 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCS.exe 2009-12-21 10:12 . 2009-12-21 10:12 38261728 ----a-w- c:\documents and settings\User\Application Data\Uniblue\DriverScanner\Download\usb_vid_03f0_pid_1d1710_1_1_3.exe 2009-12-14 08:06 . 2009-12-14 08:06 152576 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2009-12-14 08:06 . 2009-12-14 08:06 79488 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2008-09-24 21:24 . 2008-09-24 21:25 774144 ----a-w- c:\program files\RngInterstitial.dll 2008-06-10 13:09 . 2008-08-05 08:32 80 --sha-w- c:\windows\system32\indata.dat 2007-10-16 10:16 . 2007-09-24 15:57 22073376 -csha-w- c:\windows\system32\drivers\fidbox.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2009-06-16 15:22 1144712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-06-16 1144712] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-06-16 1144712] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WeatherWatcher"="c:\program files\Weather Watcher\ww.exe" [2008-01-22 1028096] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-12 39408] "Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-11-20 2335880] "SmartRAM"="c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" [2009-02-19 202064] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360] "nusbantivirus"="c:\program files\Naevius USB Antivirus\usbantivirus.exe" [2009-08-19 1956864] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-11-30 198160] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672] "IObit Security 360"="c:\program files\IObit\IObit Security 360\IS360tray.exe" [2009-12-24 1280272] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] "Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^User^Start Menu^Programs^Startup^OpenOffice.org 2.0.lnk] path=c:\documents and settings\User\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk backup=c:\windows\pss\OpenOffice.org 2.0.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^User^Start Menu^Programs^Startup^Winamp Agent.lnk] path=c:\documents and settings\User\Start Menu\Programs\Startup\Winamp Agent.lnk backup=c:\windows\pss\Winamp Agent.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2004-10-13 16:24 1694208 ------w- c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync] 2007-06-19 08:17 1241088 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication] 2007-06-18 13:10 271360 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2009-11-30 13:18 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 iteraid;ITERAID_Service_Install;c:\windows\system32\drivers\iteraid.sys [27.7.2006 14:47 25067] R0 MPRIFL;MPRIFL;c:\windows\system32\drivers\mprifl.sys [31.1.2008 13:49 17264] R2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [7.11.2009 19:06 311568] R2 ServiceAceSpy;SCfortify;c:\windows\system32\SCForte.exe [19.7.2009 17:41 577872] R2 WinFLdrv;WinFLdrv;c:\windows\system32\WinFLdrv.sys [23.10.2009 23:48 10752] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12.7.2009 20:21 133104] S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [27.7.2006 15:09 25244] S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [30.10.2006 20:52 33792] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [20.1.2009 12:47 18176] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [20.1.2009 12:47 7680] S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [20.1.2009 12:47 42112] S3 USBModem000;LGE Mobile USB Modem TC;c:\windows\system32\drivers\usbser.sys [3.8.2006 20:30 25600] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\MSN Messenger\usnsvc.exe [19.1.2007 11:54 97136] S4 Dmu-rs012m;Dmu-rs012m; [x] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Contents of the 'Scheduled Tasks' folder 2010-02-24 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-15 10:49] 2010-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-12 19:21] 2010-02-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-12 19:21] 2010-02-24 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job - c:\program files\Ask.com\UpdateTask.exe [2009-06-16 15:22] . . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] uSearch Page = [Link mogu videti samo ulogovani korisnici] uSearch Bar = [Link mogu videti samo ulogovani korisnici] mDefault_Search_URL = [Link mogu videti samo ulogovani korisnici] mStart Page = [Link mogu videti samo ulogovani korisnici] mSearch Bar = [Link mogu videti samo ulogovani korisnici] uInternet Connection Wizard,ShellNext = iexplore uSearchAssistant = [Link mogu videti samo ulogovani korisnici] uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici] mSearchAssistant = [Link mogu videti samo ulogovani korisnici] IE: &Search IE: Add to AMV Converter... - c:\program files\MP3 Player Utilities 4.15\AMVConverter\grab.html IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 4.15\MediaManager\grab.html TCP: {9B5225C2-7F5E-441B-ACAD-FEC7B3765330} = 192.168.0.254,212.200.36.11 FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\v8nkt1cn.default\ FF - prefs.js: browser.search.defaulturl - [Link mogu videti samo ulogovani korisnici]{searchTerms}?babsrc=browsersearch FF - prefs.js: browser.search.selectedEngine - FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici] FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici] FF - component: c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\v8nkt1cn.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\NativeComponent.dll FF - component: c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\v8nkt1cn.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\documents and settings\User\Application Data\Facebook\npfbplugin_1_0_1.dll FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npgcplug.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npracplug.dll FF - plugin: c:\program files\OpenOffice.org 2.0\program\npsoplugin.dll FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - ORPHANS REMOVED - - - - WebBrowser-{E738F11F-B0F3-4E0D-A5CA-6ED7B0BD4F5D} - (no file) HKCU-RunServices-MS Shell Services - c:\program files\Teslain KidLogger\MainWnd.exe MSConfigStartUp-AVG7_CC - c:\progra~1\Grisoft\AVGFRE~1\avgcc.exe MSConfigStartUp-Di dictionary - c:\program files\Di recnik\Di.exe MSConfigStartUp-flockbox - c:\program files\My Lockbox\flockbox.exe MSConfigStartUp-SmartRAM - c:\program files\IObit\Advanced WindowsCare V2\MemCleaner.exe ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2010-02-24 10:20 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(712) c:\windows\system32\Ati2evxx.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Google\Update\1.2.183.13\GoogleCrashHandler.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\CDBurnerXP\NMSAccessU.exe c:\windows\system32\wdfmgr.exe c:\windows\system32\Ati2evxx.exe c:\windows\system32\wscntfy.exe c:\program files\PC Connectivity Solution\ServiceLayer.exe . ************************************************************************ . Completion time: 2010-02-24 10:23:36 - machine was rebooted ComboFix-quarantined-files.txt 2010-02-24 09:23 ComboFix2.txt 2007-10-13 18:37 Pre-Run: 3.102.687.232 bytes free Post-Run: 3.039.404.032 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - 9D607002BA5954CAA6487A49035C89F1 Dopuna: 25 Feb 2010 11:40 Sta dalje?

Profil

diarno Poslao: 26 Feb 2010 13:27 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jesi li sam instalirao program Ace Spy?

Profil

trajan Poslao: 26 Feb 2010 18:02 Idi na vrh
offline trajan Novi MyCity građanin Pridružio: 10 Feb 2006 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 26 Feb 2010 17:51 Neznam.moguce. Dopuna: 26 Feb 2010 17:56 nevidim ga u instaliranim programima Dopuna: 26 Feb 2010 18:02 Inace je vec bolje stanje racunara-skoro pa normalno radi.

Profil

diarno Poslao: 26 Feb 2010 18:06 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\windows\system32\SCForte.exe Driver:: ServiceAceSpy Dmu-rs012m` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

trajan Poslao: 26 Feb 2010 23:56 Idi na vrh
offline trajan Novi MyCity građanin Pridružio: 10 Feb 2006 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 10-02-23.04 - User 26.02.2010 18:16:07.4.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.511.95 [GMT 1:00] Running from: c:\documents and settings\User\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\User\Desktop\CFScript.txt AV: avast! Antivirus On-access scanning disabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: Norton Internet Worm Protection disabled {990F9400-4CEE-43EA-A83A-D013ADD8EA6E} FILE :: "c:\windows\system32\SCForte.exe" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat c:\windows\system32\SCForte.exe ----- BITS: Possible infected sites ----- [Link mogu videti samo ulogovani korisnici] . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_SERVICEACESPY -------\Service_Dmu-rs012m -------\Service_ServiceAceSpy ((((((((((((((((((((((((( Files Created from 2010-01-26 to 2010-02-26 ))))))))))))))))))))))))))))))) . 2010-02-24 10:42 . 2010-02-11 18:42 162512 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-02-24 10:42 . 2010-02-11 18:38 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-02-24 10:42 . 2010-02-11 18:39 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-02-24 10:42 . 2010-02-11 18:42 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-02-24 10:42 . 2010-02-11 18:38 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2010-02-24 10:42 . 2010-02-11 18:38 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys 2010-02-24 10:42 . 2010-02-11 18:38 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2010-02-19 18:47 . 2010-02-19 18:49 -------- d-----w- c:\documents and settings\All Users\Application Data\PCPitstop 2010-02-19 18:47 . 2010-02-19 20:39 -------- d-----w- c:\program files\PCPitstop 2010-02-11 08:16 . 2010-02-11 08:16 50354 ----a-w- c:\documents and settings\User\Application Data\Facebook\uninstall.exe 2010-02-11 08:16 . 2010-02-11 08:16 -------- d-----w- c:\documents and settings\User\Application Data\Facebook 2010-02-03 15:19 . 2010-02-03 15:19 -------- d-----w- c:\documents and settings\User\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 2010-02-02 07:35 . 2010-02-22 10:14 -------- d-----w- c:\documents and settings\User\Application Data\Agnitum 2010-02-01 22:04 . 2010-02-01 22:04 847040 ----a-w- c:\documents and settings\User\Application Data\Facebook\axfbootloader.dll 2010-02-01 22:04 . 2010-02-01 22:04 5578752 ----a-w- c:\documents and settings\User\Application Data\Facebook\npfbplugin_1_0_1.dll 2010-02-01 12:09 . 2010-02-22 10:14 -------- d-----w- c:\program files\Agnitum . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-02-26 16:37 . 2006-08-29 09:54 -------- d-----w- c:\documents and settings\User\Application Data\OpenOffice.org2 2010-02-25 09:37 . 2009-10-30 22:30 -------- d-----w- c:\program files\Microsoft Silverlight 2010-02-24 10:41 . 2010-02-22 10:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software 2010-02-24 10:02 . 2006-07-27 13:46 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-02-24 10:02 . 2009-10-30 21:16 -------- d-----w- c:\program files\eSobi 2010-02-24 10:01 . 2009-07-19 16:38 -------- d-----w- c:\program files\DreamRender 2010-02-24 09:53 . 2009-09-24 11:04 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit 2010-02-22 10:17 . 2007-11-19 09:23 -------- d-----w- c:\program files\Alwil Software 2010-02-19 20:40 . 2007-09-08 11:28 -------- d-----w- c:\documents and settings\User\Application Data\Skype 2010-02-19 19:45 . 2009-12-10 21:10 -------- d-----w- c:\program files\ALCATEL PC Suite 2010-02-19 17:51 . 2009-07-19 22:41 -------- d-----w- c:\documents and settings\User\Application Data\skypePM 2010-02-11 18:53 . 2010-02-24 10:41 38848 ----a-w- c:\windows\system32\avastSS.scr 2010-02-11 18:53 . 2010-02-24 10:41 153184 ----a-w- c:\windows\system32\aswBoot.exe 2010-02-05 08:35 . 2007-06-05 15:51 -------- d-----w- c:\program files\Google 2010-01-30 17:28 . 2008-04-20 19:24 -------- d-----w- c:\documents and settings\User\Application Data\WeatherWatcher 2010-01-23 22:47 . 2010-01-23 22:47 -------- d-----w- c:\program files\MP3 Cutter 2010-01-23 22:42 . 2006-11-20 19:35 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2010-01-23 17:18 . 2010-01-23 17:18 2837016 ----a-w- c:\documents and settings\User\Application Data\Uniblue\DriverScanner\Download\pci_ven_8086_dev_27708_3_0_1011.exe 2010-01-23 17:16 . 2009-12-04 17:42 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverScanner 2010-01-16 22:48 . 2007-09-03 17:43 -------- d-----w- c:\program files\MotoKup 2010-01-16 22:33 . 2009-01-22 21:27 -------- d-----w- c:\program files\Motorola USB Treiber 2010-01-16 17:11 . 2006-07-27 14:08 -------- d-----w- c:\program files\Common Files\Adobe 2010-01-15 17:23 . 2010-01-15 17:23 -------- d-----w- c:\program files\AMR to MP3 Converter 2010-01-15 17:18 . 2010-01-15 17:18 -------- d-----w- c:\program files\LitexMedia 2010-01-09 19:26 . 2009-10-23 23:09 -------- d-----w- c:\program files\Folder Lock 2010-01-09 18:19 . 2009-10-22 15:24 -------- d-----w- c:\program files\Common Files\DVDVideoSoft 2010-01-09 18:19 . 2009-10-22 15:24 -------- d-----w- c:\program files\DVDVideoSoft 2010-01-08 11:14 . 2009-10-12 18:24 -------- d-----w- c:\documents and settings\User\Application Data\MagicEffect Photo 2009-12-31 16:14 . 2004-08-04 12:00 352640 ----a-w- c:\windows\system32\drivers\srv.sys 2009-12-28 07:03 . 2007-11-14 22:21 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstCCD.exe 2009-12-28 07:03 . 2007-11-14 22:21 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCSFEMsi.exe 2009-12-28 07:03 . 2007-11-14 22:21 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCS.exe 2009-12-22 05:42 . 2004-08-04 12:00 662016 ----a-w- c:\windows\system32\wininet.dll 2009-12-22 05:42 . 2004-08-04 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll 2009-12-21 10:12 . 2009-12-21 10:12 38261728 ----a-w- c:\documents and settings\User\Application Data\Uniblue\DriverScanner\Download\usb_vid_03f0_pid_1d1710_1_1_3.exe 2009-12-16 12:58 . 2006-07-27 13:29 343040 ----a-w- c:\windows\system32\mspaint.exe 2009-12-14 08:06 . 2009-12-14 08:06 152576 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2009-12-14 08:06 . 2009-12-14 08:06 79488 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2009-12-14 07:35 . 2004-08-04 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll 2009-12-08 18:55 . 2004-08-04 12:00 2180352 ------w- c:\windows\system32\ntoskrnl.exe 2009-12-08 18:19 . 2004-08-03 22:59 2057728 ------w- c:\windows\system32\ntkrnlpa.exe 2009-12-04 14:41 . 2004-08-04 12:00 453760 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2008-09-24 21:24 . 2008-09-24 21:25 774144 ----a-w- c:\program files\RngInterstitial.dll 2008-06-10 13:09 . 2008-08-05 08:32 80 --sha-w- c:\windows\system32\indata.dat 2007-10-16 10:16 . 2007-09-24 15:57 22073376 -csha-w- c:\windows\system32\drivers\fidbox.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WeatherWatcher"="c:\program files\Weather Watcher\ww.exe" [2008-01-22 1028096] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-12 39408] "Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2010-02-08 2343632] "SmartRAM"="c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" [2010-01-22 200280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360] "nusbantivirus"="c:\program files\Naevius USB Antivirus\usbantivirus.exe" [2009-08-19 1956864] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-11-30 198160] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672] "IObit Security 360"="c:\program files\IObit\IObit Security 360\IS360tray.exe" [2009-12-24 1280272] "avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-02-11 2756488] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] "Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk backup=c:\windows\pss\InterVideo WinCinema Manager.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^User^Start Menu^Programs^Startup^OpenOffice.org 2.0.lnk] path=c:\documents and settings\User\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk backup=c:\windows\pss\OpenOffice.org 2.0.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^User^Start Menu^Programs^Startup^Winamp Agent.lnk] path=c:\documents and settings\User\Start Menu\Programs\Startup\Winamp Agent.lnk backup=c:\windows\pss\Winamp Agent.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2004-10-13 16:24 1694208 ------w- c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync] 2007-06-19 08:17 1241088 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication] 2007-06-18 13:10 271360 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-10-11 03:17 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2009-11-30 13:18 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\InterVideo\\DVD6\\WinDVD.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 iteraid;ITERAID_Service_Install;c:\windows\system32\drivers\iteraid.sys [27.7.2006 14:47 25067] R0 MPRIFL;MPRIFL;c:\windows\system32\drivers\mprifl.sys [31.1.2008 13:49 17264] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [24.2.2010 11:42 162512] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [24.2.2010 11:42 19024] R2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [7.11.2009 19:06 311568] R2 WinFLdrv;WinFLdrv;c:\windows\system32\WinFLdrv.sys [23.10.2009 23:48 10752] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12.7.2009 20:21 133104] S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [27.7.2006 15:09 25244] S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [30.10.2006 20:52 33792] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [20.1.2009 12:47 18176] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [20.1.2009 12:47 7680] S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [20.1.2009 12:47 42112] S3 USBModem000;LGE Mobile USB Modem TC;c:\windows\system32\drivers\usbser.sys [3.8.2006 20:30 25600] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\MSN Messenger\usnsvc.exe [19.1.2007 11:54 97136] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Contents of the 'Scheduled Tasks' folder 2010-02-26 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-15 10:49] 2010-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cab6339bd2af86.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-12 19:21] 2010-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-12 19:21] . . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] uSearch Page = [Link mogu videti samo ulogovani korisnici] uSearch Bar = [Link mogu videti samo ulogovani korisnici] mDefault_Search_URL = [Link mogu videti samo ulogovani korisnici] mStart Page = [Link mogu videti samo ulogovani korisnici] mSearch Bar = [Link mogu videti samo ulogovani korisnici] uInternet Connection Wizard,ShellNext = iexplore uSearchAssistant = [Link mogu videti samo ulogovani korisnici] uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici] mSearchAssistant = [Link mogu videti samo ulogovani korisnici] IE: &Search IE: Add to AMV Converter... - c:\program files\MP3 Player Utilities 4.15\AMVConverter\grab.html IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 4.15\MediaManager\grab.html TCP: {9B5225C2-7F5E-441B-ACAD-FEC7B3765330} = 192.168.0.254,212.200.36.11 FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\v8nkt1cn.default\ FF - prefs.js: browser.search.defaulturl - [Link mogu videti samo ulogovani korisnici]{searchTerms}?babsrc=browsersearch FF - prefs.js: browser.search.selectedEngine - FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici] FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici] FF - component: c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\v8nkt1cn.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\NativeComponent.dll FF - component: c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\v8nkt1cn.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\documents and settings\User\Application Data\Facebook\npfbplugin_1_0_1.dll FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll FF - plugin: c:\program files\Google\Update\1.2.183.17\npGoogleOneClick8.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npgcplug.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npracplug.dll FF - plugin: c:\program files\OpenOffice.org 2.0\program\npsoplugin.dll FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - ORPHANS REMOVED - - - - BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\Ask.com\GenericAskToolbar.dll ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2010-02-26 23:49 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(720) c:\windows\system32\Ati2evxx.dll c:\windows\system32\cscdll.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files\Google\Update\1.2.183.17\GoogleCrashHandler.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\CDBurnerXP\NMSAccessU.exe c:\windows\system32\wdfmgr.exe c:\windows\system32\Ati2evxx.exe c:\program files\PC Connectivity Solution\ServiceLayer.exe . ************************************************************************ . Completion time: 2010-02-26 23:53:54 - machine was rebooted ComboFix-quarantined-files.txt 2010-02-26 22:53 ComboFix2.txt 2010-02-24 09:23 ComboFix3.txt 2007-10-13 18:37 Pre-Run: 7.723.634.688 bytes free Post-Run: 7.720.644.608 bytes free - - End Of File - - 7ABE3F7EB268E0A5F0AF72574561BD94

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Racunar se gasi

Ko je trenutno na forumu

Ukupno su 1319 korisnika na forumu :: 74 registrovanih, 9 sakrivenih i 1236 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 015, 357magnum, amonsrb, Apok, ArchaBasha, blatruc82, Boris BM, Borski1977, Botovac, bounty hunters, Cirkon, dankisha, deLacy, DonRumataEstorski, Dungorth, Ezbuck, Fog of War, Folkstar, fortissimo, Giskard, gregorxix, ibssa, jalos, Jeremiah, Jose, Kajzer Soze, Kalem, Knovakov, Kobrim, Kolimator, Kubovac, laurusri, leopard83, M74AB3, mat, Mcdado, mercedesamg, Mihajlo, Miler88, MiljanXD, mir, mkukoleca, nevjerna beba, niksa517, nobutado, Orc, Panter, pceklic, Pekman, pfc74, Polifon, Pop78, rodoljub, Rothmans, Sevetar, ShtagodShtagod, Siti2, Sky diver 29, Solunac na steroidima, spalev, Stanlio, stegonosa, suton, tajvankanasta, Tila Painen, tooooom, Tvrtko I, vaso1, Vatreni Zmaj, Velizar Laro, xAlex2, Zastava, zixo, Zoran1959

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by