MyCity » Ambulanta -> Arhiva Ambulante » Sporo

Sporo

Napisano na dan: 1.2.2009

Strana:
1
2

Sporo

Sledeća strana

Pagination

Odgovori

Strana:
1
2

return void Poslao: 01 Feb 2009 21:23 Idi na vrh
offline return void Anti Malware Fighter Rank 1 Pridružio: 02 Jan 2008 Poruke: 2167	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:17:59 PM, on 2/1/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.20935) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\VistaDrive\VistaDrive.exe C:\Program Files\LClock\LClock.exe C:\Program Files\Xtras\VisualTaskTips\VisualTaskTips.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Program Files\PCI Audio Applications\Bin\EchoCtrl.exe C:\WINDOWS\Mixer.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe C:\WINDOWS\system32\nod64.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe E:\Programi\Opera browser\opera.exe C:\Documents and Settings\Mirkovic\Desktop\New Folder\TR3.exe.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [Link mogu videti samo ulogovani korisnici] R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks= O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Programi\Ac.Reader\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:\Programi\Real Player\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {6919b1b2-a9da-4223-86f2-b1d26c60cfd0} - C:\WINDOWS\system32\nuzeroto.dll (file missing) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe O4 - HKLM\..\Run: [VisualTaskTips] C:\Program Files\Xtras\VisualTaskTips\VisualTaskTips.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [QuickTime Task] "E:\Programi\quik time plajer\qttask.exe" -atboottime O4 - HKLM\..\Run: [flockbox] E:\Programi\kutija\My Lockbox\flockbox.exe /a O4 - HKLM\..\Run: [track monitor] E:\Programi\za MSN\MSN Track Monitor\msntrack.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [C-Media Echo Control] C:\Program Files\PCI Audio Applications\Bin\EchoCtrl.exe O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Nod32 Service] nod64.exe O4 - HKLM\..\RunServices: [Nod32 Service] nod64.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe O4 - HKCU\..\Run: [ShellToys XP Utility Manager] "C:\Program Files\CFi\ShellToys\CFiShlMan.exe" -start O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-19\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [RAM Medic] C:\Program Files\Iomatic\RAM Medic\RAMMedic.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [ShellToys XP Utility Manager] "C:\Program Files\CFi\ShellToys\CFiShlMan.exe" -start (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [munapajelo] Rundll32.exe "C:\WINDOWS\system32\tuhemoye.dll",s (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Global Startup: Rainlendar.lnk = C:\Program Files\Xtras\Rainlendar\Rainlendar.exe O8 - Extra context menu item: Add to Windows &Live Favorites - [Link mogu videti samo ulogovani korisnici] O8 - Extra context menu item: Download all with Free Download Manager - [Link mogu videti samo ulogovani korisnici]\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - [Link mogu videti samo ulogovani korisnici]\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download with Free Download Manager - [Link mogu videti samo ulogovani korisnici]\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - [Link mogu videti samo ulogovani korisnici] O20 - AppInit_DLLs: C:\WINDOWS\system32\jutepeso.dll c:\windows\system32\reyahezi.dll c:\windows\system32\finelenu.dll O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\finelenu.dll (file missing) O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\finelenu.dll (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe -- End of file - 9601 bytes ovako,otvorio sam ovu temu [Link mogu videti samo ulogovani korisnici] i tu su mi rekli da se obratim ovde ako se mozda nije nesto pogorsalo na mom kompu

Profil

dr_Bora Poslao: 01 Feb 2009 21:35 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Klikni desnim tasterom miša na avast! ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Program settings.... U prozoru koji se otvori, pod Troubleshooting, čekiraj opciju Disable avast! self-defence i klikni OK. Takođe, klikni desnim tasterom miša na avast! ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Stop OnAccess Protection. Napomena: Ne zaboravi da uključiš ove opcije po završetku čišćenja. Skini ComboFix sa jedne od sledecih adresa na Desktop: [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

return void Poslao: 02 Feb 2009 15:16 Idi na vrh
offline return void Anti Malware Fighter Rank 1 Pridružio: 02 Jan 2008 Poruke: 2167	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! dr_Bora ::Pozdrav... Klikni desnim tasterom miša na avast! ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Program settings.... U prozoru koji se otvori, pod Troubleshooting, čekiraj opciju Disable avast! self-defence i klikni OK. Takođe, klikni desnim tasterom miša na avast! ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Stop OnAccess Protection. Napomena: Ne zaboravi da uključiš ove opcije po završetku čišćenja. Skini ComboFix sa jedne od sledecih adresa na Desktop: [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati. e brate,pa ovo je zarazeno sa virusom...ne mogu da skinem... daj neke druge linkove...

Profil

dr_Bora Poslao: 02 Feb 2009 17:19 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! To nije zaraženo virusom. Isključi avast!, skini program i isprati uputstvo.

Profil

return void Poslao: 02 Feb 2009 20:53 Idi na vrh
offline return void Anti Malware Fighter Rank 1 Pridružio: 02 Jan 2008 Poruke: 2167	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-02-02.01 - Mirkovic 2009-02-02 20:18:20.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.128.9 [GMT 1:00] Running from: c:\documents and settings\Mirkovic\Desktop\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system\oeminfo.ini c:\windows\system32\_000007_.tmp.dll c:\windows\system32\afaduleb.ini c:\windows\system32\avupahot.ini c:\windows\system32\edoreyaw.ini c:\windows\system32\emilipus.ini c:\windows\system32\ICON.ico c:\windows\system32\ivogagam.ini c:\windows\system32\ogososuw.ini c:\windows\system32\ojipezuy.ini c:\windows\system32\osudegek.ini c:\windows\system32\pokg2GX4.exe.a_a c:\windows\system32\usuwisiy.ini c:\windows\system32\utupusuv.ini c:\windows\system32\uwupomus.ini . ((((((((((((((((((((((((( Files Created from 2009-01-02 to 2009-02-02 ))))))))))))))))))))))))))))))) . 2009-01-23 17:35 . 2009-01-23 17:45 <DIR> d-------- c:\documents and settings\Mirkovic\Application Data\uTorrent 2009-01-22 13:51 . 2009-01-22 13:51 <DIR> d-------- c:\documents and settings\Mirkovic\Application Data\Apple Computer 2009-01-21 15:20 . 2009-01-21 15:20 <DIR> d-------- c:\documents and settings\Mirkovic\Application Data\AVI ReComp 2009-01-20 18:04 . 2009-01-20 18:04 <DIR> d-------- c:\windows\uninstall\Counter-Strike eXtreme v1.6 2009-01-20 18:04 . 2009-01-20 18:04 <DIR> d-------- c:\windows\uninstall 2009-01-19 22:21 . 2009-01-19 22:21 <DIR> d-------- c:\program files\Common Files\SWF Studio 2009-01-19 22:14 . 2009-01-19 22:14 <DIR> d-------- c:\documents and settings\Mirkovic\Application Data\Morpheus Software 2009-01-14 21:03 . 2009-01-14 21:03 360,580 --a------ c:\windows\eSellerateEngine.dll 2009-01-14 14:51 . 2009-01-14 14:51 <DIR> d-------- C:\267e2098476a6492c11404a3c26805 2009-01-14 14:42 . 2009-01-14 14:42 <DIR> d-------- c:\program files\Microsoft ActiveSync 2009-01-14 14:41 . 2009-01-14 14:43 <DIR> d-------- c:\windows\SHELLNEW 2009-01-14 14:40 . 2009-01-14 14:40 <DIR> d-------- c:\program files\Microsoft.NET 2009-01-14 14:01 . 2009-01-14 14:01 <DIR> d-------- c:\documents and settings\Mirkovic\Application Data\AdobeUM 2009-01-09 19:52 . 2009-01-09 19:56 <DIR> d-------- c:\documents and settings\Mirkovic\Application Data\HideIP . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-02 19:37 --------- d-----w c:\documents and settings\Mirkovic\Application Data\Free Download Manager 2009-01-20 21:33 --------- d-----w c:\program files\Mozilla Firefox 3 Beta 5 2009-01-07 12:22 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-27 07:00 --------- d-----w c:\program files\Microsoft Silverlight 2008-12-25 19:12 --------- d-----w c:\documents and settings\Mirkovic\Application Data\Rainlendar 2008-12-25 18:54 --------- d-----w c:\program files\microsoft frontpage 2008-12-25 18:49 --------- d-----w c:\program files\Windows Media Connect 2 2008-12-19 20:47 --------- d-----w c:\documents and settings\Administrator\Application Data\AVI ReComp 2008-12-17 18:23 --------- d-----w c:\documents and settings\Administrator\Application Data\SAU KP 2008-12-14 15:00 --------- d-----w c:\documents and settings\Administrator\Application Data\Free Download Manager 2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys 2008-12-09 09:45 --------- d-----w c:\program files\directx 2008-12-09 09:39 --------- d-----w c:\program files\Microids 2008-12-09 09:38 --------- d-----w c:\program files\Common Files\InstallShield 2008-12-03 08:28 --------- d-----w c:\program files\Axon Data 2008-11-22 20:22 274,229 ----a-w c:\windows\DJ Music Mixer Uninstaller.exe 2008-05-15 12:12 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat 2007-10-23 07:16 22,524 -c--a-w c:\documents and settings\Administrator\Application Data\usrstats.dat 2004-10-12 05:44 57,344 -c--a-w c:\windows\system32\config\systemprofile\InstHelp.dll 2004-10-12 05:44 57,344 -c--a-w c:\documents and settings\Default User\InstHelp.dll 2004-10-12 05:44 57,344 ----a-w c:\documents and settings\Mirkovic\InstHelp.dll 2004-10-12 05:44 57,344 ----a-w c:\documents and settings\Administrator\InstHelp.dll 2008-07-03 11:38 368,640 --sh--r c:\windows\system32\nod64.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\CFi] @="{2DBD5D71-CBB7-41D1-B170-511646B170BD}" [HKEY_CLASSES_ROOT\CLSID\{2DBD5D71-CBB7-41D1-B170-511646B170BD}] 2005-11-24 15:57 55296 --a------ c:\progra~1\CFi\SHELLT~1\CFiShlJP.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TaskSwitchXP"="c:\program files\TaskSwitchXP\TaskSwitchXP.exe" [2006-08-04 62976] "ShellToys XP Utility Manager"="c:\program files\CFi\ShellToys\CFiShlMan.exe" [2006-08-26 43008] "Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2006-08-20 2068527] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VistaDrive"="c:\windows\VistaDrive\VistaDrive.exe" [2006-09-20 215845] "LClock"="c:\program files\LClock\LClock.exe" [2004-09-19 65536] "VisualTaskTips"="c:\program files\Xtras\VisualTaskTips\VisualTaskTips.exe" [2006-05-28 36864] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2006-04-20 421888] "QuickTime Task"="e:\programi\quik time plajer\qttask.exe" [2007-10-19 286720] "NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "C-Media Echo Control"="c:\program files\PCI Audio Applications\Bin\EchoCtrl.exe" [2001-12-05 147456] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-06-16 185896] "C-Media Mixer"="Mixer.exe" [2002-01-28 c:\windows\mixer.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "TaskSwitchXP"="c:\program files\TaskSwitchXP\TaskSwitchXP.exe" [2006-08-04 62976] "RAM Medic"="c:\program files\Iomatic\RAM Medic\RAMMedic.exe" [2004-01-24 1235968] "ShellToys XP Utility Manager"="c:\program files\CFi\ShellToys\CFiShlMan.exe" [2006-08-26 43008] "Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2006-08-20 2068527] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "tscuninstall"="c:\windows\system32\tscupgrd.exe" [2006-12-09 44544] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Rainlendar.lnk - c:\program files\Xtras\Rainlendar\Rainlendar.exe [2007-10-02 118784] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{067B597C-C099-4A08-A180-E5FEC5DCF2DF}"= "c:\progra~1\CFi\SHELLT~1\CFiShlEx.dll" [2004-07-19 43008] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.ffds"= ffdshow.ax [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Shareaza\\Shareaza.exe"= "c:\\Program Files\\uTorrent\\utorrent.exe"= "e:\\Igrice\\Kanter\\hl.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\dplaysvr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "e:\\Igrice\\Counter Strike 1.8 Goiceasoft\\cstrike.exe"= "Ø[‘\|€ø"= Ø[‘\|€ø:Nod32 Service R0 FVDSCSI;FVDSCSI; [x] R3 ddsxeiservice;ddsxeiservice2;e:\programi\sxe\sXe Injected\ddsxei.sys [2008-09-16 46464] R3 MaplomL;MaplomL; [x] R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-08-02 32512] R4 cdawdm;cdawdm; [x] S1 aswSP;avast! Self Protection; [x] S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560] S2 SVKP;SVKP;c:\windows\system32\SVKP.sys [2007-10-02 2368] S3 iadusb;MT882;c:\windows\system32\DRIVERS\glauiad.sys [2006-03-20 30336] --- Other Services/Drivers In Memory --- Deregistered - Aavmker4 Deregistered - AFD Deregistered - aswFsBlk Deregistered - aswMon2 Deregistered - aswRdr Deregistered - aswSP Deregistered - aswTdi Deregistered - aswUpdSv Deregistered - AudioSrv Deregistered - audstub Deregistered - avast! Antivirus Deregistered - avast! Mail Scanner Deregistered - avast! Web Scanner Deregistered - Beep Deregistered - BITS Deregistered - Browser Deregistered - Cdfs Deregistered - CryptSvc Deregistered - DcomLaunch Deregistered - Dhcp Deregistered - dmio Deregistered - dmload Deregistered - dmserver Deregistered - Dnscache Deregistered - ERSvc Deregistered - EventSystem Deregistered - FastUserSwitchingCompatibility Deregistered - Fips Deregistered - FltMgr Deregistered - Ftdisk Deregistered - Gpc Deregistered - helpsvc Deregistered - HTTP Deregistered - ImapiService Deregistered - IPSec Deregistered - KSecDD Deregistered - lanmanserver Deregistered - lanmanworkstation Deregistered - LmHosts Deregistered - mnmdd Deregistered - MountMgr Deregistered - MRxDAV Deregistered - MRxSmb Deregistered - Msfs Deregistered - mssmbios Deregistered - Mup Deregistered - NDIS Deregistered - NdisTapi Deregistered - Ndisuio Deregistered - NdisWan Deregistered - NDProxy Deregistered - NetBIOS Deregistered - NetBT Deregistered - Netman Deregistered - Nla Deregistered - Npfs Deregistered - Ntfs Deregistered - Null Deregistered - PartMgr Deregistered - ParVdm Deregistered - PolicyAgent Deregistered - PptpMiniport Deregistered - prodrv06 Deregistered - prohlp02 Deregistered - prosync1 Deregistered - ProtectedStorage Deregistered - PSched Deregistered - RasAcd Deregistered - Rasl2tp Deregistered - RasMan Deregistered - RasPppoe Deregistered - Raspti Deregistered - Rdbss Deregistered - RDPCDD Deregistered - rdpdr Deregistered - RemoteRegistry Deregistered - RpcSs Deregistered - rspndr Deregistered - SamSs Deregistered - Schedule Deregistered - seclogon Deregistered - SENS Deregistered - sfhlp01 Deregistered - ShellHWDetection Deregistered - Spooler Deregistered - sr Deregistered - srservice Deregistered - Srv Deregistered - SSDPSRV Deregistered - stisvc Deregistered - SVKP Deregistered - swenum Deregistered - TapiSrv Deregistered - Tcpip Deregistered - TermDD Deregistered - TermService Deregistered - Themes Deregistered - TrkWks Deregistered - Update Deregistered - VgaSave Deregistered - VolSnap Deregistered - W32Time Deregistered - Wanarp Deregistered - WebClient Deregistered - winmgmt Deregistered - wscsvc Deregistered - WZCSVC . Contents of the 'Scheduled Tasks' folder 2009-02-02 c:\windows\Tasks\GoogleUpdateTaskUser.job - c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-04 18:43] 2007-10-03 c:\windows\Tasks\RegistryMedicAuotScan.job - c:\program files\Iomatic\Registry Medic\RegMedical.exe [2004-10-07 18:09] . - - - - ORPHANS REMOVED - - - - BHO-{6919b1b2-a9da-4223-86f2-b1d26c60cfd0} - c:\windows\system32\nuzeroto.dll HKCU-Run-Yahoo! Pager - c:\program files\Yahoo!\Messenger\YahooMessenger.exe HKLM-Run-flockbox - e:\programi\kutija\My Lockbox\flockbox.exe HKLM-Run-track monitor - e:\programi\za MSN\MSN Track Monitor\msntrack.exe HKU-Default-Run-Yahoo! Pager - c:\program files\Yahoo!\Messenger\YahooMessenger.exe HKU-Default-Run-googletalk - c:\program files\Google\Google Talk\googletalk.exe HKU-Default-RunOnce-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\FlashUtil9e.exe HKU-Default-RunOnce-nltide3 - rundll32 advpack.dll . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] uSearchMigratedDefaultURL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Connection Wizard,ShellNext = [Link mogu videti samo ulogovani korisnici] uInternet Settings,ProxyServer = socks= IE: Add to Windows &Live Favorites - [Link mogu videti samo ulogovani korisnici] IE: Download all with Free Download Manager - [Link mogu videti samo ulogovani korisnici]\program files\Free Download Manager\dlall.htm IE: Download selected with Free Download Manager - [Link mogu videti samo ulogovani korisnici]\program files\Free Download Manager\dlselected.htm IE: Download with Free Download Manager - [Link mogu videti samo ulogovani korisnici]\program files\Free Download Manager\dllink.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk DPF: Microsoft XML Parser for Java - [Link mogu videti samo ulogovani korisnici]\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\Mirkovic\Application Data\Mozilla\Firefox\Profiles\87ytf53d.default\ FF - plugin: e:\programi\Ac.Reader\Reader\browser\nppdf32.dll FF - plugin: e:\programi\Opera browser\program\plugins\npdsplay.dll FF - plugin: e:\programi\Opera browser\program\plugins\NPOFFICE.DLL FF - plugin: e:\programi\Opera browser\program\plugins\npqtplugin.dll FF - plugin: e:\programi\Opera browser\program\plugins\npqtplugin2.dll FF - plugin: e:\programi\Opera browser\program\plugins\npqtplugin3.dll FF - plugin: e:\programi\Opera browser\program\plugins\npqtplugin4.dll FF - plugin: e:\programi\Opera browser\program\plugins\npqtplugin5.dll FF - plugin: e:\programi\Opera browser\program\plugins\npqtplugin6.dll FF - plugin: e:\programi\Opera browser\program\plugins\npqtplugin7.dll FF - plugin: e:\programi\Opera browser\program\plugins\NPSWF32.dll FF - plugin: e:\programi\Opera browser\program\plugins\npwmsdrm.dll FF - plugin: e:\programi\quik time plajer\Plugins\npqtplugin.dll FF - plugin: e:\programi\quik time plajer\Plugins\npqtplugin2.dll FF - plugin: e:\programi\quik time plajer\Plugins\npqtplugin3.dll FF - plugin: e:\programi\quik time plajer\Plugins\npqtplugin4.dll FF - plugin: e:\programi\quik time plajer\Plugins\npqtplugin5.dll FF - plugin: e:\programi\quik time plajer\Plugins\npqtplugin6.dll FF - plugin: e:\programi\quik time plajer\Plugins\npqtplugin7.dll FF - plugin: e:\programi\Real Player\Netscape6\nppl3260.dll FF - plugin: e:\programi\Real Player\Netscape6\nprjplug.dll FF - plugin: e:\programi\Real Player\Netscape6\nprpjplug.dll . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2009-02-02 20:30:44 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(2428-) c:\program files\Xtras\VisualTaskTips\VttHooks.dll c:\progra~1\CFi\SHELLT~1\CFiShlJP.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\windows\system32\wscntfy.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe . ************************************************************************ . Completion time: 2009-02-02 20:46:36 - machine was rebooted ComboFix-quarantined-files.txt 2009-02-02 19:46:15 Pre-Run: 1,279,655,936 bytes free Post-Run: 1,924,431,872 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect Current=2 Default=2 Failed=0 LastKnownGood=4 Sets=1,2,3,4 327 --- E O F --- 2009-02-01 23:15:15

Profil

dr_Bora Poslao: 02 Feb 2009 21:06 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zamolio bih te da restartuješ kompjuter i postaviš svež ComboFix log (pokreni ga dvoklikom i postavi log koji dobiješ).

Profil

return void Poslao: 02 Feb 2009 22:30 Idi na vrh
offline return void Anti Malware Fighter Rank 1 Pridružio: 02 Jan 2008 Poruke: 2167	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-02-02.01 - Mirkovic 2009-02-02 21:49:36.2 - NTFSx86 Running from: c:\documents and settings\Mirkovic\Desktop\ComboFix.exe . ((((((((((((((((((((((((( Files Created from 2009-01-02 to 2009-02-02 ))))))))))))))))))))))))))))))) . 2009-01-23 17:35 . 2009-01-23 17:45 <DIR> d-------- c:\documents and settings\Mirkovic\Application Data\uTorrent 2009-01-22 13:51 . 2009-01-22 13:51 <DIR> d-------- c:\documents and settings\Mirkovic\Application Data\Apple Computer 2009-01-21 15:20 . 2009-01-21 15:20 <DIR> d-------- c:\documents and settings\Mirkovic\Application Data\AVI ReComp 2009-01-20 18:04 . 2009-01-20 18:04 <DIR> d-------- c:\windows\uninstall\Counter-Strike eXtreme v1.6 2009-01-20 18:04 . 2009-01-20 18:04 <DIR> d-------- c:\windows\uninstall 2009-01-19 22:21 . 2009-01-19 22:21 <DIR> d-------- c:\program files\Common Files\SWF Studio 2009-01-19 22:14 . 2009-01-19 22:14 <DIR> d-------- c:\documents and settings\Mirkovic\Application Data\Morpheus Software 2009-01-14 21:03 . 2009-01-14 21:03 360,580 --a------ c:\windows\eSellerateEngine.dll 2009-01-14 14:51 . 2009-01-14 14:51 <DIR> d-------- C:\267e2098476a6492c11404a3c26805 2009-01-14 14:42 . 2009-01-14 14:42 <DIR> d-------- c:\program files\Microsoft ActiveSync 2009-01-14 14:41 . 2009-01-14 14:43 <DIR> d-------- c:\windows\SHELLNEW 2009-01-14 14:40 . 2009-01-14 14:40 <DIR> d-------- c:\program files\Microsoft.NET 2009-01-14 14:01 . 2009-01-14 14:01 <DIR> d-------- c:\documents and settings\Mirkovic\Application Data\AdobeUM 2009-01-09 19:52 . 2009-01-09 19:56 <DIR> d-------- c:\documents and settings\Mirkovic\Application Data\HideIP . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-02 20:19 --------- d-----w c:\documents and settings\Mirkovic\Application Data\Free Download Manager 2009-01-20 21:33 --------- d-----w c:\program files\Mozilla Firefox 3 Beta 5 2009-01-07 12:22 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-27 07:00 --------- d-----w c:\program files\Microsoft Silverlight 2008-12-25 19:12 --------- d-----w c:\documents and settings\Mirkovic\Application Data\Rainlendar 2008-12-25 18:54 --------- d-----w c:\program files\microsoft frontpage 2008-12-25 18:49 --------- d-----w c:\program files\Windows Media Connect 2 2008-12-19 20:47 --------- d-----w c:\documents and settings\Administrator\Application Data\AVI ReComp 2008-12-17 18:23 --------- d-----w c:\documents and settings\Administrator\Application Data\SAU KP 2008-12-14 15:00 --------- d-----w c:\documents and settings\Administrator\Application Data\Free Download Manager 2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys 2008-12-09 09:45 --------- d-----w c:\program files\directx 2008-12-09 09:39 --------- d-----w c:\program files\Microids 2008-12-09 09:38 --------- d-----w c:\program files\Common Files\InstallShield 2008-12-03 08:28 --------- d-----w c:\program files\Axon Data 2008-11-22 20:22 274,229 ----a-w c:\windows\DJ Music Mixer Uninstaller.exe 2008-05-15 12:12 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat 2007-10-23 07:16 22,524 -c--a-w c:\documents and settings\Administrator\Application Data\usrstats.dat 2004-10-12 05:44 57,344 -c--a-w c:\windows\system32\config\systemprofile\InstHelp.dll 2004-10-12 05:44 57,344 -c--a-w c:\documents and settings\Default User\InstHelp.dll 2004-10-12 05:44 57,344 ----a-w c:\documents and settings\Mirkovic\InstHelp.dll 2004-10-12 05:44 57,344 ----a-w c:\documents and settings\Administrator\InstHelp.dll 2008-07-03 11:38 368,640 --sh--r c:\windows\system32\nod64.exe . ((((((((((((((((((((((((((((( [Link mogu videti samo ulogovani korisnici] ))))))))))))))))))))))))))))))))))))))))) . + 2009-02-02 20:20:22 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_610.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\CFi] @="{2DBD5D71-CBB7-41D1-B170-511646B170BD}" [HKEY_CLASSES_ROOT\CLSID\{2DBD5D71-CBB7-41D1-B170-511646B170BD}] 2005-11-24 15:57 55296 --a------ c:\progra~1\CFi\SHELLT~1\CFiShlJP.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TaskSwitchXP"="c:\program files\TaskSwitchXP\TaskSwitchXP.exe" [2006-08-04 62976] "ShellToys XP Utility Manager"="c:\program files\CFi\ShellToys\CFiShlMan.exe" [2006-08-26 43008] "Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2006-08-20 2068527] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VistaDrive"="c:\windows\VistaDrive\VistaDrive.exe" [2006-09-20 215845] "LClock"="c:\program files\LClock\LClock.exe" [2004-09-19 65536] "VisualTaskTips"="c:\program files\Xtras\VisualTaskTips\VisualTaskTips.exe" [2006-05-28 36864] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2006-04-20 421888] "QuickTime Task"="e:\programi\quik time plajer\qttask.exe" [2007-10-19 286720] "NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "C-Media Echo Control"="c:\program files\PCI Audio Applications\Bin\EchoCtrl.exe" [2001-12-05 147456] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-06-16 185896] "C-Media Mixer"="Mixer.exe" [2002-01-28 c:\windows\mixer.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "TaskSwitchXP"="c:\program files\TaskSwitchXP\TaskSwitchXP.exe" [2006-08-04 62976] "RAM Medic"="c:\program files\Iomatic\RAM Medic\RAMMedic.exe" [2004-01-24 1235968] "ShellToys XP Utility Manager"="c:\program files\CFi\ShellToys\CFiShlMan.exe" [2006-08-26 43008] "Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2006-08-20 2068527] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "tscuninstall"="c:\windows\system32\tscupgrd.exe" [2006-12-09 44544] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{067B597C-C099-4A08-A180-E5FEC5DCF2DF}"= "c:\progra~1\CFi\SHELLT~1\CFiShlEx.dll" [2004-07-19 43008] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.ffds"= ffdshow.ax [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Shareaza\\Shareaza.exe"= "c:\\Program Files\\uTorrent\\utorrent.exe"= "e:\\Igrice\\Kanter\\hl.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\WINDOWS\\system32\\dplaysvr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "e:\\Igrice\\Counter Strike 1.8 Goiceasoft\\cstrike.exe"= "Ø[‘\|€ø"= Ø[‘\|€ø:Nod32 Service R0 FVDSCSI;FVDSCSI; [x] R3 ddsxeiservice;ddsxeiservice2;e:\programi\sxe\sXe Injected\ddsxei.sys [2008-09-16 46464] R3 MaplomL;MaplomL; [x] R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-08-02 32512] R4 cdawdm;cdawdm; [x] S1 aswSP;avast! Self Protection; [x] S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560] S2 SVKP;SVKP;c:\windows\system32\SVKP.sys [2007-10-02 2368] S3 iadusb;MT882;c:\windows\system32\DRIVERS\glauiad.sys [2006-03-20 30336] --- Other Services/Drivers In Memory --- Deregistered - Aavmker4 Deregistered - AFD Deregistered - ALG Deregistered - aswFsBlk Deregistered - aswMon2 Deregistered - aswRdr Deregistered - aswSP Deregistered - aswTdi Deregistered - aswUpdSv Deregistered - AudioSrv Deregistered - audstub Deregistered - avast! Antivirus Deregistered - avast! Mail Scanner Deregistered - avast! Web Scanner Deregistered - Beep Deregistered - BITS Deregistered - Browser Deregistered - Cdfs Deregistered - CryptSvc Deregistered - DcomLaunch Deregistered - Dhcp Deregistered - dmio Deregistered - dmload Deregistered - dmserver Deregistered - Dnscache Deregistered - ERSvc Deregistered - EventSystem Deregistered - FastUserSwitchingCompatibility Deregistered - Fips Deregistered - FltMgr Deregistered - Ftdisk Deregistered - Gpc Deregistered - helpsvc Deregistered - HTTP Deregistered - ImapiService Deregistered - IpNat Deregistered - IPSec Deregistered - KSecDD Deregistered - lanmanserver Deregistered - lanmanworkstation Deregistered - LmHosts Deregistered - mnmdd Deregistered - MountMgr Deregistered - MRxDAV Deregistered - MRxSmb Deregistered - Msfs Deregistered - mssmbios Deregistered - Mup Deregistered - NDIS Deregistered - NdisTapi Deregistered - Ndisuio Deregistered - NdisWan Deregistered - NDProxy Deregistered - NetBIOS Deregistered - NetBT Deregistered - Netman Deregistered - Nla Deregistered - Npfs Deregistered - Ntfs Deregistered - Null Deregistered - PartMgr Deregistered - ParVdm Deregistered - PolicyAgent Deregistered - PptpMiniport Deregistered - prodrv06 Deregistered - prohlp02 Deregistered - prosync1 Deregistered - ProtectedStorage Deregistered - PSched Deregistered - RasAcd Deregistered - Rasl2tp Deregistered - RasMan Deregistered - RasPppoe Deregistered - Raspti Deregistered - Rdbss Deregistered - RDPCDD Deregistered - rdpdr Deregistered - RemoteRegistry Deregistered - RpcSs Deregistered - rspndr Deregistered - SamSs Deregistered - Schedule Deregistered - seclogon Deregistered - SENS Deregistered - sfhlp01 Deregistered - SharedAccess Deregistered - ShellHWDetection Deregistered - Spooler Deregistered - sr Deregistered - srservice Deregistered - Srv Deregistered - SSDPSRV Deregistered - stisvc Deregistered - SVKP Deregistered - swenum Deregistered - TapiSrv Deregistered - Tcpip Deregistered - TermDD Deregistered - TermService Deregistered - Themes Deregistered - TrkWks Deregistered - Update Deregistered - VgaSave Deregistered - VolSnap Deregistered - W32Time Deregistered - Wanarp Deregistered - WebClient Deregistered - winmgmt Deregistered - wscsvc Deregistered - wuauserv Deregistered - WZCSVC . Contents of the 'Scheduled Tasks' folder 2009-02-02 c:\windows\Tasks\GoogleUpdateTaskUser.job - c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-04 18:43] 2007-10-03 c:\windows\Tasks\RegistryMedicAuotScan.job - c:\program files\Iomatic\Registry Medic\RegMedical.exe [2004-10-07 18:09] . . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] uSearchMigratedDefaultURL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Connection Wizard,ShellNext = [Link mogu videti samo ulogovani korisnici] uInternet Settings,ProxyServer = socks= IE: Add to Windows &Live Favorites - [Link mogu videti samo ulogovani korisnici] IE: Download all with Free Download Manager - [Link mogu videti samo ulogovani korisnici]\program files\Free Download Manager\dlall.htm IE: Download selected with Free Download Manager - [Link mogu videti samo ulogovani korisnici]\program files\Free Download Manager\dlselected.htm IE: Download with Free Download Manager - [Link mogu videti samo ulogovani korisnici]\program files\Free Download Manager\dllink.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk DPF: Microsoft XML Parser for Java - [Link mogu videti samo ulogovani korisnici]\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\Mirkovic\Application Data\Mozilla\Firefox\Profiles\87ytf53d.default\ FF - plugin: e:\programi\Ac.Reader\Reader\browser\nppdf32.dll FF - plugin: e:\programi\Opera browser\program\plugins\npdsplay.dll FF - plugin: e:\programi\Opera browser\program\plugins\NPOFFICE.DLL FF - plugin: e:\programi\Opera browser\program\plugins\npqtplugin.dll FF - plugin: e:\programi\Opera browser\program\plugins\npqtplugin2.dll FF - plugin: e:\programi\Opera browser\program\plugins\npqtplugin3.dll FF - plugin: e:\programi\Opera browser\program\plugins\npqtplugin4.dll FF - plugin: e:\programi\Opera browser\program\plugins\npqtplugin5.dll FF - plugin: e:\programi\Opera browser\program\plugins\npqtplugin6.dll FF - plugin: e:\programi\Opera browser\program\plugins\npqtplugin7.dll FF - plugin: e:\programi\Opera browser\program\plugins\NPSWF32.dll FF - plugin: e:\programi\Opera browser\program\plugins\npwmsdrm.dll FF - plugin: e:\programi\quik time plajer\Plugins\npqtplugin.dll FF - plugin: e:\programi\quik time plajer\Plugins\npqtplugin2.dll FF - plugin: e:\programi\quik time plajer\Plugins\npqtplugin3.dll FF - plugin: e:\programi\quik time plajer\Plugins\npqtplugin4.dll FF - plugin: e:\programi\quik time plajer\Plugins\npqtplugin5.dll FF - plugin: e:\programi\quik time plajer\Plugins\npqtplugin6.dll FF - plugin: e:\programi\quik time plajer\Plugins\npqtplugin7.dll FF - plugin: e:\programi\Real Player\Netscape6\nppl3260.dll FF - plugin: e:\programi\Real Player\Netscape6\nprjplug.dll FF - plugin: e:\programi\Real Player\Netscape6\nprpjplug.dll . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2009-02-02 22:06:47 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(4012) c:\program files\Xtras\VisualTaskTips\VttHooks.dll c:\progra~1\CFi\SHELLT~1\CFiShlJP.dll . Completion time: 2009-02-02 22:21:25 ComboFix-quarantined-files.txt 2009-02-02 21:21:10 Pre-Run: 1,957,277,696 bytes free Post-Run: 1,945,133,056 bytes free Current=2 Default=2 Failed=0 LastKnownGood=4 Sets=1,2,3,4 287 --- E O F --- 2009-02-01 23:15:15

Profil

dr_Bora Poslao: 02 Feb 2009 22:43 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Aktiviraj prikaz skrivenih file-ova: [Link mogu videti samo ulogovani korisnici] Uploaduj sledeće file-ove: c:\documents and settings\Administrator\InstHelp.dll c:\windows\system32\nod64.exe Upload link: [Link mogu videti samo ulogovani korisnici] ------------------------------------------------------------------------------------- Preuzmi gmer.zip sa ovog linka i sačuvaj na Desktopu. Raspakuj ga u neki folder. Dupli klik na gmer.exe za početak: Izaberi Rootkit/Malware Tab na vrhu. Klikni na Scan. Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati rezultate skeniranja u Clipboard. Iskoristi opciju Paste u Notepad-u da bi to prebacio u tekst. Snimi taj tekst iz Notepada kao file1.txt. Ponovi ovo isto sa Autostart Tab-om. Snimi taj tekst iz Notepada kao file2.txt. Iskoristi opciju Prikači fajl ispod polja za pisanje poruke na forumu, i prikači nam ovde ta dva fajla koja smo malopre snimili.

Profil

return void Poslao: 03 Feb 2009 23:12 Idi na vrh
offline return void Anti Malware Fighter Rank 1 Pridružio: 02 Jan 2008 Poruke: 2167	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! uploudovao sam fajlove ali kad sam poceo da skeniram,ono se pojavi neka plava slika na ekranu i nesto pise...nekoliko sekundi posle,komp se restartovao...

Profil

dr_Bora Poslao: 04 Feb 2009 16:25 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi program RootRepeal na Desktop. Raspakuj RootRepeal.zip u neki folder. Dvoklikom pokreni RootRepeal.exe. Pređi na Report karticu (klikom na Report taster, dole, desno). Klikni Scan taster. U prozoru koji se otvori (Select Scan), obeleži kućice ispred svih stavki i klikni OK. U narednom prozoru (Select Drives) obeleži kućicu ispred sistemskog diska (obično C:\) i klikni OK. Po završetku procesa, klikni Save Report i sačuvaj izveštaj o skeniranju. Iskopiraj sadržaj tog izveštaja u iduću poruku.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Sporo

Ko je trenutno na forumu

Ukupno su 1999 korisnika na forumu :: 104 registrovanih, 7 sakrivenih i 1888 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 5253 - dana 09 Dec 2025 16:26

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: -[CoA]-, 015, Abebe Bikila, Aleksandar Tomić, aleksmajstor, alex71, ALFASPORTIVO, amaterSRB, as2025, babaroga, Badja, bojanM84, Boris BM, brundo65, Burovnyak, cifra, Coficab, damirZR, Dannyboy, Despot Đurađ, Djokislav, djonsule, dolinalima, Dovla, Dukelander, Dzigy, Egzekutor13, ElvisP, Filip1, Gitzherai, GORDI, halkin gol, Haris, HrcAk47, iceburn, ILGromovnik, Istman, ivan_8282, ivran064, Jose, K-1A, Kiki98TZ, kokodakalo, Kozi-RS, krkalon, Lazarus, Lazur_01, Lep1na, Litostroton, Makeitdrip, MarijaC84, mauglibn, maxim_von_burdengate, mačković, Mercury, mgolub, miljannis, Milometer, MiloradKomadic, Milos ZA, milos.cbr, Mitogna, moldway, momcilob55, nelezele, nikoladim, nnovakis, Ns1975, omen, partyzan, Pekman, peradetlić, perko91, Peruta, Petarvu, Povratak1912, rakivan, raster12, Resnica, Sevatar, Sharpshooter, snik, SOVO515, Su 57, synergia, tanakadzo, Timočka Divizija, tomigun, Tvrtko I, vaci, Vasilije Budović, VJ, voja64, volimpivuvolimrakiju, vrlenija, Wepp, wolf431, zeka013, ZlatniRez, zodiac94, zokizemun, Zrcalo, Žrnov, 79693

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by