MyCity » Ambulanta -> Arhiva Ambulante » Task manager i registy editing has been disabled

Task manager i registy editing has been disabled

Napisano na dan: 25.1.2009

Strana:
1
2
3
4
5
6
7
8

Task manager i registy editing has been disabled

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3
4
5
6
7
8

veljko-94 Poslao: 27 Jan 2009 18:35 Idi na vrh
offline veljko-94 Zaslužni građanin Veljko Pridružio: 29 Jul 2008 Poruke: 615 Gde živiš: Zemun	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png

Profil

dr_Bora Poslao: 27 Jan 2009 19:58 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hajde ponovi skeniranje dr.Web CureIt-om i postavi ovde log skeniranja.

Profil

veljko-94 Poslao: 27 Jan 2009 21:00 Idi na vrh
offline veljko-94 Zaslužni građanin Veljko Pridružio: 29 Jul 2008 Poruke: 615 Gde živiš: Zemun	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sad nece ni to.....na pola skeniranja plavi ekran i restart!

Profil

dr_Bora Poslao: 27 Jan 2009 21:09 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da li je nešto detektovao dok je radio? Restartuj PC i postavi svež Gmer: Rootkit/Malware log.

Profil

veljko-94 Poslao: 27 Jan 2009 21:21 Idi na vrh
offline veljko-94 Zaslužni građanin Veljko Pridružio: 29 Jul 2008 Poruke: 615 Gde živiš: Zemun	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! GMER 1.0.14.14536 - http://www.gmer.net Rootkit scan 2009-01-27 21:18:29 Windows 5.1.2600 Service Pack 3 ---- System - GMER 1.0.14 ---- SSDT d347bus.sys (PnP BIOS Extension/ ) ZwClose [0xBA679818] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwCreateKey [0xBA6797D0] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwCreatePagingFile [0xBA66DA20] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwEnumerateKey [0xBA66E2A8] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwEnumerateValueKey [0xBA679910] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwOpenKey [0xBA679794] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwQueryKey [0xBA66E2C8] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwQueryValueKey [0xBA679866] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwSetSystemPowerState [0xBA6790B0] SSDT sphn.sys ZwSetValueKey [0xBA6C919A] INT 0x62 ? 8A822BF8 INT 0x63 ? 8A50ABF8 INT 0x73 ? 8A822BF8 INT 0x73 ? 8A822BF8 INT 0x73 ? 8A893BF8 INT 0x73 ? 8A50ABF8 INT 0x73 ? 8A822BF8 INT 0x82 ? 8A822BF8 INT 0x83 ? 8A50ABF8 INT 0x94 ? 8A50ABF8 INT 0xB4 ? 8A50ABF8 INT 0xB4 ? 8A50ABF8 INT 0xB4 ? 8A50ABF8 INT 0xB4 ? 8A50ABF8 ---- Kernel code sections - GMER 1.0.14 ---- ? sphn.sys The system cannot find the file specified. ! .text USBPORT.SYS!DllUnload B8F9D8AC 5 Bytes JMP 8A50A1D8 ? C:\WINDOWS\system32\drivers\kkjpp.sys The system cannot find the file specified. ! ---- User code sections - GMER 1.0.14 ---- .text D:\live\Windows Live\Messenger\msnmsgr.exe[980] kernel32.dll!SetUnhandledExceptionFilter 7C8449FD 5 Bytes JMP 0056DBBD D:\live\Windows Live\Messenger\msnmsgr.exe (Windows Live Messenger/Microsoft Corporation) ---- Kernel IAT/EAT - GMER 1.0.14 ---- IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [BA6BBD92] sphn.sys ---- Devices - GMER 1.0.14 ---- Device \FileSystem\Ntfs \Ntfs 8A8201F8 Device \FileSystem\Ntfs \Ntfs 8A77A280 Device \FileSystem\Fastfat \FatCdrom 8A123500 Device \FileSystem\Fastfat \FatCdrom 8A0CCB88 Device \FileSystem\Udfs \UdfsCdRom 8961F1F8 Device \FileSystem\Udfs \UdfsCdRom 8A60DC58 Device \FileSystem\Udfs \UdfsDisk 8961F1F8 Device \FileSystem\Udfs \UdfsDisk 8A60DC58 AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (Eset Personal Firewall TDI filter/ESET) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 VMkbd.sys (VMware keyboard filter driver (32-bit)/VMware, Inc.) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 VMkbd.sys (VMware keyboard filter driver (32-bit)/VMware, Inc.) Device \Driver\usbuhci \Device\USBPDO-0 8A5091F8 Device \Driver\dmio \Device\DmControl\DmIoDaemon 8A8911F8 Device \Driver\dmio \Device\DmControl\DmConfig 8A8911F8 Device \Driver\dmio \Device\DmControl\DmPnP 8A8911F8 Device \Driver\dmio \Device\DmControl\DmInfo 8A8911F8 Device \Driver\usbuhci \Device\USBPDO-1 8A5091F8 Device \Driver\usbuhci \Device\USBPDO-2 8A5091F8 Device \Driver\usbehci \Device\USBPDO-3 8A4D91F8 Device \Driver\usbuhci \Device\USBPDO-4 8A5091F8 AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET) Device \Driver\usbuhci \Device\USBPDO-5 8A5091F8 Device \Driver\usbuhci \Device\USBPDO-6 8A5091F8 Device \Driver\Ftdisk \Device\HarddiskVolume1 8A8231F8 AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis) Device \Driver\usbehci \Device\USBPDO-7 8A4D91F8 Device \Driver\Ftdisk \Device\HarddiskVolume2 8A8231F8 AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis) Device \Driver\Cdrom \Device\CdRom0 8A2212A0 Device \FileSystem\Rdbss \Device\FsWrap 8A07C790 Device \Driver\Ftdisk \Device\HarddiskVolume3 8A8231F8 AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis) Device \Driver\Cdrom \Device\CdRom1 8A2212A0 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 8A27B190 Device \Driver\atapi \Device\Ide\IdePort0 8A27B190 Device \Driver\atapi \Device\Ide\IdePort1 8A27B190 Device \Driver\atapi \Device\Ide\IdePort2 8A27B190 Device \Driver\atapi \Device\Ide\IdePort3 8A27B190 Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-10 8A27B190 Device \Driver\Ftdisk \Device\HarddiskVolume4 8A8231F8 AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis) Device \Driver\Ftdisk \Device\HarddiskVolume5 8A8231F8 AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume5 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis) Device \Driver\NetBT \Device\NetBT_Tcpip_{DAE50B85-7031-49ED-B3B3-EE6BD618DB5E} 89FAA500 Device \Driver\NetBT \Device\NetBt_Wins_Export 89FAA500 Device \Driver\NetBT \Device\NetbiosSmb 89FAA500 Device \Driver\usbhub \Device\00000092 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \Driver\NetBT \Device\NetBT_Tcpip_{D9516BC9-0F7C-4CD7-B884-86DBDAB7FDE8} 89FAA500 Device \Driver\usbhub \Device\00000093 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \Driver\usbhub \Device\00000094 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \FileSystem\Srv \Device\LanmanServer 8A0C1308 Device \Driver\usbhub \Device\00000095 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \Driver\NetBT \Device\NetBT_Tcpip_{EBE1A9A0-31A4-42EF-A421-FEC25EA4AB54} 89FAA500 AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET) AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET) Device \Driver\usbuhci \Device\USBFDO-0 8A5091F8 Device \Driver\usbuhci \Device\USBFDO-0 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \Driver\usbuhci \Device\USBFDO-1 8A5091F8 Device \Driver\usbuhci \Device\USBFDO-1 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \Driver\usbuhci \Device\USBFDO-2 8A5091F8 Device \Driver\usbuhci \Device\USBFDO-2 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A3072E8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A071BE8 Device \Driver\usbehci \Device\USBFDO-3 8A4D91F8 Device \Driver\usbehci \Device\USBFDO-3 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A3072E8 Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A071BE8 Device \FileSystem\Npfs \Device\NamedPipe 89FF1150 Device \Driver\usbuhci \Device\USBFDO-4 8A5091F8 Device \Driver\usbuhci \Device\USBFDO-4 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \Driver\Ftdisk \Device\FtControl 8A8231F8 Device \Driver\usbuhci \Device\USBFDO-5 8A5091F8 Device \Driver\usbuhci \Device\USBFDO-5 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \Driver\NetBT \Device\NetBT_Tcpip_{E12A78D5-456D-4396-9125-6F2025FE350F} 89FAA500 Device \FileSystem\Msfs \Device\Mailslot 8A310030 Device \Driver\usbuhci \Device\USBFDO-6 8A5091F8 Device \Driver\usbuhci \Device\USBFDO-6 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \Driver\usbehci \Device\USBFDO-7 8A4D91F8 Device \Driver\usbehci \Device\USBFDO-7 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \Driver\usbhub \Device\0000008c hcmon.sys (VMware USB monitor/VMware, Inc.) Device \Driver\d347prt \Device\Scsi\d347prt1Port5Path0Target0Lun0 8A28B6F0 Device \Driver\JRAID \Device\Scsi\JRAID1 8A8901F8 Device \Driver\d347prt \Device\Scsi\d347prt1 8A28B6F0 Device \Driver\usbhub \Device\0000008d hcmon.sys (VMware USB monitor/VMware, Inc.) Device \FileSystem\Fastfat \Fat 8A123500 Device \FileSystem\Fastfat \Fat 8A0CCB88 AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer 8A1588D8 Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer 8A1588D8 Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer 8A1588D8 Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer 8A1588D8 Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer 8A1588D8 Device \FileSystem\Cdfs \Cdfs 89FCD500 Device \FileSystem\Cdfs \Cdfs 8A2CAAF8 ---- Modules - GMER 1.0.14 ---- Module _________ BA5D0000-BA5E8000 (98304 bytes) ---- Registry - GMER 1.0.14 ---- Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xF9 0x9E 0xD1 0x91 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xAD 0xBA 0xD2 0xA1 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x5C 0x0B 0xA5 0xF0 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x19 0xD8 0x1A 0x54 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf40 Reg HKLM\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf40@khjeh 0x20 0x02 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf40@hj34z0 0x42 0x57 0x6D 0xA1 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xF9 0x9E 0xD1 0x91 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xF9 0x9E 0xD1 0x91 ... Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000 ---- Files - GMER 1.0.14 ---- File C:\Documents and Settings\veljko™\My Documents\Downloads\Adobe Fireworks CS4 v10.0 [RH]\Adobe CS4 Master Collection - (zabranjeno)s only [RH]\ACS4MC- Keygen (X-FORCE)\Keygen\Script blocker\Extra Script Block\Block Adobe Activation.app\Contents\Resources\description.rtfd\TXT.rtf 101 bytes File C:\Documents and Settings\veljko™\My Documents\Downloads\Adobe Fireworks CS4 v10.0 [RH]\Adobe CS4 Master Collection - (zabranjeno)s only [RH]\ACS4MC- Keygen (X-FORCE)\Keygen\Script blocker\Extra Script Block\__MACOSX\Block Adobe Activation.app\Contents\Resources\Scripts\._main.scpt 82 bytes ---- EOF - GMER 1.0.14 ----

Profil

dr_Bora Poslao: 27 Jan 2009 21:29 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi The Avenger na Desktop. Raspakuj arhivu u neki folder Dvoklikom pokreni avenger.exe Iskopiraj tekst koji se nalazi unutar Kod polja u (beli) prozor programa: `Files to delete: C:\WINDOWS\system32\drivers\kkjpp.sys Drivers to delete: asc3360pr` Klikni Execute, a zatim Yes u sledeća dva prozora koji će se otvoriti Kompjuter će se restartovati (u određenim slučajevima: dva puta) i započeti će proces čišćenja/skeniranja Kada proces bude završen, logfile C:\avenger.txt će se otvoriti u Notepad-u Iskopiraj sadržaj dobijenog loga u temu na forumu.

Profil

veljko-94 Poslao: 27 Jan 2009 21:59 Idi na vrh
offline veljko-94 Zaslužni građanin Veljko Pridružio: 29 Jul 2008 Poruke: 615 Gde živiš: Zemun	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! evo ga http://swandog46.geekstogo.com Platform: Windows XP ***************** Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger *************** Beginning to process script file: Rootkit scan active. Hidden driver "dupv" found! Could not open driver dupv for rootkit scan. Error:c0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Rootkit scan completed. Error: file "C:\WINDOWS\system32\drivers\kkjpp.sys" not found! Deletion of file "C:\WINDOWS\system32\drivers\kkjpp.sys" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\asc3360pr" not found! Deletion of driver "asc3360pr" failed! Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND) --> the object does not exist Completed script processing. ***************** Finished! Terminate.

Profil

dr_Bora Poslao: 27 Jan 2009 22:36 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hajde daj još (samo) jedan svež Gmer Rootkit/malware log.

Profil

veljko-94 Poslao: 27 Jan 2009 22:53 Idi na vrh
offline veljko-94 Zaslužni građanin Veljko Pridružio: 29 Jul 2008 Poruke: 615 Gde živiš: Zemun	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! GMER 1.0.14.14536 - http://www.gmer.net Rootkit scan 2009-01-27 22:49:38 Windows 5.1.2600 Service Pack 3 ---- System - GMER 1.0.14 ---- SSDT d347bus.sys (PnP BIOS Extension/ ) ZwClose [0xBA679818] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwCreateKey [0xBA6797D0] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwCreatePagingFile [0xBA66DA20] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwEnumerateKey [0xBA66E2A8] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwEnumerateValueKey [0xBA679910] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwOpenKey [0xBA679794] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwQueryKey [0xBA66E2C8] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwQueryValueKey [0xBA679866] SSDT d347bus.sys (PnP BIOS Extension/ ) ZwSetSystemPowerState [0xBA6790B0] SSDT spww.sys ZwSetValueKey [0xBA6C919A] INT 0x62 ? 8A822BF8 INT 0x63 ? 8A50ABF8 INT 0x73 ? 8A822BF8 INT 0x73 ? 8A822BF8 INT 0x73 ? 8A893BF8 INT 0x73 ? 8A50ABF8 INT 0x73 ? 8A822BF8 INT 0x82 ? 8A822BF8 INT 0x83 ? 8A50ABF8 INT 0x94 ? 8A50ABF8 INT 0xB4 ? 8A50ABF8 INT 0xB4 ? 8A50ABF8 INT 0xB4 ? 8A50ABF8 INT 0xB4 ? 8A50ABF8 ---- Kernel code sections - GMER 1.0.14 ---- ? spww.sys The system cannot find the file specified. ! .text USBPORT.SYS!DllUnload B8EDC8AC 5 Bytes JMP 8A50A1D8 ---- User code sections - GMER 1.0.14 ---- .text D:\live\Windows Live\Messenger\msnmsgr.exe[964] kernel32.dll!SetUnhandledExceptionFilter 7C8449FD 5 Bytes JMP 0056DBBD D:\live\Windows Live\Messenger\msnmsgr.exe (Windows Live Messenger/Microsoft Corporation) ---- Kernel IAT/EAT - GMER 1.0.14 ---- IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [BA6BBD92] spww.sys ---- Devices - GMER 1.0.14 ---- Device \FileSystem\Ntfs \Ntfs 8A8201F8 Device \FileSystem\Ntfs \Ntfs 8A7426F0 Device \FileSystem\Fastfat \FatCdrom 8A0944D8 Device \FileSystem\Fastfat \FatCdrom 89FCE0B8 AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (Eset Personal Firewall TDI filter/ESET) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 VMkbd.sys (VMware keyboard filter driver (32-bit)/VMware, Inc.) AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 VMkbd.sys (VMware keyboard filter driver (32-bit)/VMware, Inc.) Device \Driver\usbuhci \Device\USBPDO-0 8A5091F8 Device \Driver\dmio \Device\DmControl\DmIoDaemon 8A8911F8 Device \Driver\dmio \Device\DmControl\DmConfig 8A8911F8 Device \Driver\dmio \Device\DmControl\DmPnP 8A8911F8 Device \Driver\dmio \Device\DmControl\DmInfo 8A8911F8 Device \Driver\usbuhci \Device\USBPDO-1 8A5091F8 Device \Driver\usbuhci \Device\USBPDO-2 8A5091F8 Device \Driver\usbehci \Device\USBPDO-3 8A4D81F8 Device \Driver\usbuhci \Device\USBPDO-4 8A5091F8 AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET) Device \Driver\usbuhci \Device\USBPDO-5 8A5091F8 Device \Driver\IpFilterDriver \Device\IPFILTERDRIVER B4EF12B4 Device \Driver\usbuhci \Device\USBPDO-6 8A5091F8 Device \Driver\Ftdisk \Device\HarddiskVolume1 8A8231F8 AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis) Device \Driver\usbehci \Device\USBPDO-7 8A4D81F8 Device \Driver\Ftdisk \Device\HarddiskVolume2 8A8231F8 AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis) Device \Driver\Cdrom \Device\CdRom0 8A274008 Device \FileSystem\Rdbss \Device\FsWrap 89F6B4B8 Device \Driver\Ftdisk \Device\HarddiskVolume3 8A8231F8 AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis) Device \Driver\Cdrom \Device\CdRom1 8A274008 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 8A23E8A0 Device \Driver\atapi \Device\Ide\IdePort0 8A23E8A0 Device \Driver\atapi \Device\Ide\IdePort1 8A23E8A0 Device \Driver\atapi \Device\Ide\IdePort2 8A23E8A0 Device \Driver\atapi \Device\Ide\IdePort3 8A23E8A0 Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-10 8A23E8A0 Device \Driver\Ftdisk \Device\HarddiskVolume4 8A8231F8 AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume4 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis) Device \Driver\Ftdisk \Device\HarddiskVolume5 8A8231F8 AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume5 tdrpman.sys (Acronis Try&Decide and Restore Points Volume Filter Driver/Acronis) Device \Driver\NetBT \Device\NetBT_Tcpip_{DAE50B85-7031-49ED-B3B3-EE6BD618DB5E} 89FBA500 Device \Driver\NetBT \Device\NetBt_Wins_Export 89FBA500 Device \Driver\usbhub \Device\00000091 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \Driver\NetBT \Device\NetbiosSmb 89FBA500 Device \Driver\usbhub \Device\00000092 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \Driver\NetBT \Device\NetBT_Tcpip_{D9516BC9-0F7C-4CD7-B884-86DBDAB7FDE8} 89FBA500 Device \Driver\usbhub \Device\00000093 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \Driver\usbhub \Device\00000094 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \FileSystem\Srv \Device\LanmanServer 8A16E320 Device \Driver\NetBT \Device\NetBT_Tcpip_{EBE1A9A0-31A4-42EF-A421-FEC25EA4AB54} 89FBA500 AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET) AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (Eset Personal Firewall TDI filter/ESET) Device \Driver\usbuhci \Device\USBFDO-0 8A5091F8 Device \Driver\usbuhci \Device\USBFDO-0 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \Driver\usbuhci \Device\USBFDO-1 8A5091F8 Device \Driver\usbuhci \Device\USBFDO-1 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \Driver\usbuhci \Device\USBFDO-2 8A5091F8 Device \Driver\usbuhci \Device\USBFDO-2 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8A087500 Device \Driver\usbehci \Device\USBFDO-3 8A4D81F8 Device \Driver\usbehci \Device\USBFDO-3 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \FileSystem\MRxSmb \Device\LanmanRedirector 8A087500 Device \Driver\usbuhci \Device\USBFDO-4 8A5091F8 Device \Driver\usbuhci \Device\USBFDO-4 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \FileSystem\Npfs \Device\NamedPipe 8A2C9500 Device \Driver\Ftdisk \Device\FtControl 8A8231F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{E12A78D5-456D-4396-9125-6F2025FE350F} 89FBA500 Device \Driver\usbuhci \Device\USBFDO-5 8A5091F8 Device \Driver\usbuhci \Device\USBFDO-5 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \FileSystem\Msfs \Device\Mailslot 8A2D0C48 Device \Driver\asc3360pr \Device\asc3360pr BAE165A0 Device \Driver\usbuhci \Device\USBFDO-6 8A5091F8 Device \Driver\usbuhci \Device\USBFDO-6 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \Driver\usbhub \Device\0000008b hcmon.sys (VMware USB monitor/VMware, Inc.) Device \Driver\usbehci \Device\USBFDO-7 8A4D81F8 Device \Driver\usbehci \Device\USBFDO-7 hcmon.sys (VMware USB monitor/VMware, Inc.) Device \Driver\usbhub \Device\0000008c hcmon.sys (VMware USB monitor/VMware, Inc.) Device \Driver\d347prt \Device\Scsi\d347prt1Port5Path0Target0Lun0 8A2DB820 Device \Driver\JRAID \Device\Scsi\JRAID1 8A8901F8 Device \Driver\d347prt \Device\Scsi\d347prt1 8A2DB820 Device \Driver\usbhub \Device\0000008d hcmon.sys (VMware USB monitor/VMware, Inc.) Device \FileSystem\Fastfat \Fat 8A0944D8 Device \FileSystem\Fastfat \Fat 89FCE0B8 AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer 8A2D3380 Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer 8A2D3380 Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer 8A2D3380 Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer 8A2D3380 Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer 8A2D3380 Device \FileSystem\Cdfs \Cdfs 8A13F500 Device \FileSystem\Cdfs \Cdfs 89F463C8 ---- Modules - GMER 1.0.14 ---- Module _________ BA5D0000-BA5E8000 (98304 bytes) ---- Registry - GMER 1.0.14 ---- Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xF9 0x9E 0xD1 0x91 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xAD 0xBA 0xD2 0xA1 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x5C 0x0B 0xA5 0xF0 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x19 0xD8 0x1A 0x54 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf40 Reg HKLM\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf40@khjeh 0x20 0x02 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\d347prt\Cfg\0Jf40@hj34z0 0x3A 0x7A 0x10 0x63 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xF9 0x9E 0xD1 0x91 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xF9 0x9E 0xD1 0x91 ... Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90 Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000 ---- Files - GMER 1.0.14 ---- File C:\Documents and Settings\veljko™\My Documents\Downloads\Adobe Fireworks CS4 v10.0 [RH]\Adobe CS4 Master Collection - (zabranjeno)s only [RH]\ACS4MC- Keygen (X-FORCE)\Keygen\Script blocker\Extra Script Block\Block Adobe Activation.app\Contents\Resources\description.rtfd\TXT.rtf 101 bytes File C:\Documents and Settings\veljko™\My Documents\Downloads\Adobe Fireworks CS4 v10.0 [RH]\Adobe CS4 Master Collection - (zabranjeno)s only [RH]\ACS4MC- Keygen (X-FORCE)\Keygen\Script blocker\Extra Script Block\__MACOSX\Block Adobe Activation.app\Contents\Resources\Scripts\._main.scpt 82 bytes ---- EOF - GMER 1.0.14 ----

Profil

dr_Bora Poslao: 28 Jan 2009 17:11 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Reci mi kakvo je sada stanje.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Task manager i registy editing has been disabled

Ko je trenutno na forumu

Ukupno su 1205 korisnika na forumu :: 41 registrovanih, 9 sakrivenih i 1155 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: aleksmajstor, Atomski čoban, Bobrock1, Brana01, cavatina, darkojbn, deLacy, Denaya, gorican, gzoki, hatman, havoc995, ikan, Karla, kikisp, Kriglord, Kubovac, laganini123, laki_bb, ljuba, madza, mercedesamg, Mercury, Mixelotti, Mlav, mnn2, nebkv, panzerwaffe, pein, Plava bluza, S2M, shone34, slonic_tonic, stegonosa, suton, theNedjeljko, Valter071, vesthepes, Vlad000, zeo, |_MeD_|

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by