MyCity » Ambulanta -> Arhiva Ambulante » Winoffice.exe

Winoffice.exe

Napisano na dan: 4.2.2011

Strana:
1
2

Winoffice.exe

Sledeća strana

Pagination

Odgovori

Strana:
1
2

mladja037 Poslao: 04 Feb 2011 16:07 Idi na vrh
offline mladja037 Novi MyCity građanin Pridružio: 16 Okt 2007 Poruke: 14	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Prvo sve da vas pozdravim kao novi clan. Pri startovanju windowsa uvek mi se pokrenu i ovi programi (virusi) antivirus ne prijavljuje nista. Pocelo je pre jedmo mesec dana. :SSS molim za pomoc. DDS (Ver_10-12-12.02) - NTFSx86 Run by User at 15:16:44.09 on Fri 02/04/2011 Internet Explorer: 9.0.7930.16406 BrowserJavaVersion: 1.6.0_23 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3071.1952 [GMT 1:00] AV: Microsoft Security Essentials Enabled/Updated {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials Enabled/Updated {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender Disabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork c:\xampp\apache\bin\apache.exe C:\xampp\filezillaftp\filezillaserver.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe c:\xampp\mysql\bin\mysqld.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\taskeng.exe C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe C:\xampp\apache\bin\apache.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\SoundDriverReg.exe C:\Program Files\WinOffice\WinOffice11.exe C:\Program Files\WinOffice\WinOffice11.exe C:\Program Files\Stardock\ObjectDockPlus2\ObjectDock.exe C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Stardock\ObjectDockPlus2\ObjectDockTray.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchProtocolHost.exe C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\User\Downloads\dds.pif C:\Windows\system32\conhost.exe C:\Windows\system32\SearchProtocolHost.exe ============== Pseudo HJT Report =============== uStart Page = about:blank mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [Realtek High Definiton Audio Manager] c:\windows\SoundDriverReg.exe mRun: [WinOffice Tools Windows XP SP3] c:\program files\winoffice\WinOffice11.exe hide StartupFolder: c:\users\user\appdata\roaming\micros~1\windows\startm~1\programs\startup\stardo~1.lnk - c:\program files\stardock\objectdockplus2\ObjectDock.exe mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: {729E18B3-9D65-41F3-8FC2-070143BE1935} = 208.67.222.222,208.67.220.220 TCP: {B5941270-CD6A-41E3-A8EA-98DC97DA264F} = 208.67.222.222,208.67.220.220 TCP: 84745323033737 = 208.67.222.222,208.67.220.220 TCP: A6564735075656460294144402230282053545E492 = 208.67.222.222,208.67.220.220 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Hosts: 213.128.84.140 adserver1.adtech.com.tr Hosts: 213.128.84.140 adserver2.adtech.com.tr Hosts: 213.128.84.140 adserver3.adtech.com.tr Hosts: 213.128.84.140 adserver4.adtech.com.tr Hosts: 213.128.84.140 adserver5.adtech.com.tr Note: multiple HOSTS entries found. Please refer to Attach.txt ================= FIREFOX =================== FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\ss6eqjiy.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar&search= FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.2.183.17\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll FF - plugin: c:\users\user\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} ============= SERVICES / DRIVERS =============== R1 cdrblock;cdrblock;c:\windows\system32\drivers\cdrblock.sys [2009-9-18 20864] R1 cdrport;cdrport;c:\windows\system32\drivers\cdrport.sys [2009-9-18 4608] R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 165264] R1 MpKsl360c27d1;MpKsl360c27d1;c:\programdata\microsoft\microsoft antimalware\definition updates\{baee9777-ea09-4a52-a903-35af70197cd6}\MpKsl360c27d1.sys [2011-2-4 28752] R1 MpKsl83543d89;MpKsl83543d89;c:\programdata\microsoft\microsoft antimalware\definition updates\{baee9777-ea09-4a52-a903-35af70197cd6}\MpKsl83543d89.sys [2011-2-4 28752] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128] R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\apache.exe [2008-12-10 24636] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2010-8-13 1051968] R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2009-9-3 97536] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-10-3 20952] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-3-25 43392] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 54144] R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2010-11-11 206360] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-5-22 167936] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2010-2-24 10064] S2 FlexService;Remote Connections Service;"c:\program files\rapidbit\cisvc.exe" --> c:\program files\rapidbit\cisvc.exe [?] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-9-8 133104] S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-10-3 304464] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [2007-4-23 83208] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336] =============== Created Last 30 ================ 2011-02-04 14:12:58 28752 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{baee9777-ea09-4a52-a903-35af70197cd6}\MpKsl83543d89.sys 2011-02-04 10:22:48 28752 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{baee9777-ea09-4a52-a903-35af70197cd6}\MpKsl360c27d1.sys 2011-02-03 23:59:39 5890896 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{baee9777-ea09-4a52-a903-35af70197cd6}\mpengine.dll 2011-01-30 13:25:23 81920 ---ha-w- c:\windows\system32\v3shrtkgn.dll 2011-01-30 12:41:50 -------- d-----w- c:\program files\WinOffice 2011-01-30 10:32:26 375808 ----a-w- c:\windows\SoundDriverReg.exe 2011-01-30 10:26:50 -------- d-----w- C:\Portable 2011-01-29 22:46:21 -------- d-----w- c:\program files\JDownloader 2011-01-29 21:19:10 -------- d-----w- c:\users\user\appdata\local\ODUI 2011-01-29 21:17:50 -------- d-----w- c:\users\user\appdata\roaming\Stardock 2011-01-29 21:17:23 -------- dc-h--w- c:\progra~2\{0F4A7EFE-5950-4389-BF36-1E625D72456B} 2011-01-29 21:17:22 -------- d-----w- c:\progra~2\Stardock 2011-01-29 21:17:05 -------- d-----w- c:\users\user\appdata\local\PackageAware 2011-01-29 20:57:51 -------- d-----w- c:\program files\Yahoo! 2011-01-29 16:02:20 2381824 ----a-w- c:\windows\system32\mshtml.tlb 2011-01-29 16:02:20 1448448 ----a-w- c:\windows\system32\inetcpl.cpl 2011-01-29 15:12:10 -------- d-----w- c:\program files\Feedback Tool 2011-01-29 14:00:00 -------- d-----w- c:\users\user\DoctorWeb 2011-01-26 10:44:56 439632 ------w- c:\progra~2\microsoft\microsoft antimalware\definition updates\{87895768-45ab-4348-98e6-12be6d0dce7e}\gapaengine.dll 2011-01-25 21:03:05 6273872 ----a-w- c:\progra~2\microsoft\microsoft antimalware\definition updates\updates\mpengine.dll 2011-01-25 21:02:38 -------- d-----w- c:\program files\Microsoft Security Client 2011-01-25 21:02:20 240008 ----a-w- c:\windows\system32\drivers\netio.sys 2011-01-13 20:19:59 479752 ----a-w- c:\windows\system32\XAudio2_0.dll 2011-01-13 20:11:14 -------- d-----w- c:\windows\system32\directx 2011-01-13 18:14:58 -------- d-----w- C:\Games ==================== Find3M ==================== 2011-01-29 13:01:32 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-12-03 12:15:47 1409 ----a-w- c:\windows\QTFont.for 2010-11-25 19:49:07 955904 ----a-w- c:\windows\Winregfile.swq ============= FINISH: 15:17:54.97 =============== mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png

Profil

helen1 Poslao: 04 Feb 2011 16:19 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

mladja037 Poslao: 04 Feb 2011 16:38 Idi na vrh
offline mladja037 Novi MyCity građanin Pridružio: 16 Okt 2007 Poruke: 14	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 11-01-31.02 - User 02/04/2011 16:25:35.1.2 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3071.1390 [GMT 1:00] Running from: C:\Users\User\Downloads\ComboFix.exe AV: Microsoft Security Essentials Disabled/Updated {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials Disabled/Updated {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender Disabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Windows\My.ini . ((((((((((((((((((((((((( Files Created from 2011-01-04 to 2011-02-04 ))))))))))))))))))))))))))))))) . 2011-02-04 15:33:02 . 2011-02-04 15:33:10 -------- d-----w- C:\Users\User\AppData\Local\temp 2011-02-04 15:33:02 . 2011-02-04 15:33:02 -------- d-----w- C:\Users\Default\AppData\Local\temp 2011-02-04 14:12:58 . 2011-02-04 14:12:58 28752 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BAEE9777-EA09-4A52-A903-35AF70197CD6}\MpKsl83543d89.sys 2011-02-04 10:22:48 . 2011-02-04 10:22:48 28752 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BAEE9777-EA09-4A52-A903-35AF70197CD6}\MpKsl360c27d1.sys 2011-02-03 23:59:39 . 2011-01-13 09:41:52 5890896 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BAEE9777-EA09-4A52-A903-35AF70197CD6}\mpengine.dll 2011-01-30 13:25:23 . 2011-01-30 13:25:23 81920 ---ha-w- C:\Windows\system32\v3shrtkgn.dll 2011-01-30 12:41:50 . 2011-02-02 16:56:50 -------- d-----w- C:\Program Files\WinOffice 2011-01-30 10:32:26 . 2011-01-30 10:32:26 375808 ----a-w- C:\Windows\SoundDriverReg.exe 2011-01-30 10:26:50 . 2011-01-30 10:32:14 -------- d-----w- C:\Portable 2011-01-29 22:46:21 . 2011-02-02 15:53:05 -------- d-----w- C:\Program Files\JDownloader 2011-01-29 21:19:10 . 2011-01-29 21:19:10 -------- d-----w- C:\Users\User\AppData\Local\ODUI 2011-01-29 21:17:50 . 2011-01-29 21:17:50 -------- d-----w- C:\Users\User\AppData\Roaming\Stardock 2011-01-29 21:17:23 . 2011-01-29 21:17:23 -------- dc-h--w- C:\ProgramData\{0F4A7EFE-5950-4389-BF36-1E625D72456B} 2011-01-29 21:17:22 . 2011-01-29 21:17:22 -------- d-----w- C:\ProgramData\Stardock 2011-01-29 21:17:05 . 2011-01-29 21:17:05 -------- d-----w- C:\Users\User\AppData\Local\PackageAware 2011-01-29 20:57:51 . 2011-01-29 20:57:59 -------- d-----w- C:\Program Files\Yahoo! 2011-01-29 16:02:20 . 2010-11-01 23:03:02 1448448 ----a-w- C:\Windows\system32\inetcpl.cpl 2011-01-29 16:02:20 . 2010-11-01 22:59:07 2381824 ----a-w- C:\Windows\system32\mshtml.tlb 2011-01-29 15:12:10 . 2011-01-29 15:12:10 -------- d-----w- C:\Program Files\Feedback Tool 2011-01-29 14:00:00 . 2011-01-29 14:32:07 -------- d-----w- C:\Users\User\DoctorWeb 2011-01-29 13:02:02 . 2011-01-29 13:02:02 -------- d-----w- C:\Program Files\Common Files\Java 2011-01-29 13:01:30 . 2011-01-29 13:01:30 -------- d-----w- C:\Program Files\Java 2011-01-26 10:44:56 . 2011-01-26 10:43:58 439632 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{87895768-45AB-4348-98E6-12BE6D0DCE7E}\gapaengine.dll 2011-01-25 21:03:05 . 2010-11-10 04:33:37 6273872 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll 2011-01-25 21:02:38 . 2011-01-25 21:03:55 -------- d-----w- C:\Program Files\Microsoft Security Client 2011-01-25 21:02:20 . 2010-04-09 07:24:46 240008 ----a-w- C:\Windows\system32\drivers\netio.sys 2011-01-13 20:19:59 . 2008-05-30 13:11:46 3850760 ----a-w- C:\Windows\system32\D3DX9_38.dll 2011-01-13 18:14:58 . 2011-01-30 10:39:08 -------- d-----w- C:\Games . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-29 13:01:32 . 2010-04-19 08:33:26 472808 ----a-w- C:\Windows\system32\deployJava1.dll 2011-01-13 09:41:52 . 2010-10-29 20:27:51 5890896 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2010-12-03 12:15:47 . 2010-12-03 12:15:47 1409 ----a-w- C:\Windows\QTFont.for 2010-11-25 19:49:07 . 2010-11-25 19:49:07 955904 ----a-w- C:\Windows\Winregfile.swq . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-08-20 10:35:20 6265376] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2010-03-12 13:13:04 202256] "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe" [2010-11-30 12:20:36 997408] "Realtek High Definiton Audio Manager"="C:\Windows\SoundDriverReg.exe" [2011-01-30 10:32:26 375808] "WinOffice Tools Windows XP SP3"="C:\Program Files\WinOffice\WinOffice11.exe" [2010-11-25 19:49:07 955904] C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDockPlus2\ObjectDock.exe [2011-1-29 4142448] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer3"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-05-14 10:44:46 248552 ----a-w- C:\Program Files\Common Files\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinOffice Tools Windows XP SP3] 2010-11-25 19:49:07 955904 ----a-w- C:\Program Files\WinOffice\WinOffice11.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Google Update"="C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Malwarebytes' Anti-Malware"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" R0 kyisujp;kyisujp;C:\Windows\System32\drivers\reyxt.sys [x] R0 vwhmofye;vwhmofye;C:\Windows\System32\drivers\glcik.sys [x] R2 FlexService;Remote Connections Service;C:\Program Files\RapidBIT\cisvc.exe [x] R2 gupdate;Google Update Service (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-08 19:52:01 133104] R2 MBAMService;MBAMService;C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 13:39:34 304464] R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 20:25:38 54144] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 11:26:42 206360] R3 s115bus;Sony Ericsson Device 115 driver (WDM);C:\Windows\system32\DRIVERS\s115bus.sys [2007-04-23 11:54:46 83208] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-13 23:52:10 14336] S1 cdrblock;cdrblock;C:\Windows\system32\DRIVERS\cdrblock.sys [2007-05-31 08:40:58 20864] S1 cdrport;cdrport;C:\Windows\system32\DRIVERS\cdrport.sys [2005-03-11 14:28:30 4608] S1 MpKsl360c27d1;MpKsl360c27d1;C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BAEE9777-EA09-4A52-A903-35AF70197CD6}\MpKsl360c27d1.sys [2011-02-04 10:22:48 28752] S1 MpKsl83543d89;MpKsl83543d89;C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BAEE9777-EA09-4A52-A903-35AF70197CD6}\MpKsl83543d89.sys [2011-02-04 14:12:58 28752] S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 23:52:04 48128] S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\apache.exe [2008-12-09 23:10:14 24636] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-08-13 10:34:08 1051968] S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys [2008-08-07 09:01:44 97536] S3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys [2010-04-29 13:39:26 20952] S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 20:25:38 43392] S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-05-22 12:52:04 167936] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-24 12:41:50 10064] --- Other Services/Drivers In Memory --- NewlyCreated - MPKSL83543D89 NewlyCreated - PXLDAPOB Deregistered - pxldapob HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contents of the 'Scheduled Tasks' folder 2011-02-04 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-08 19:52:03 . 2009-09-08 19:52:01] 2011-01-14 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-08 19:52:03 . 2009-09-08 19:52:01] 2011-01-13 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1285926362-3488048106-1201779807-1000Core.job - C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-13 16:06:44 . 2010-10-17 02:22:14] 2011-01-14 C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1285926362-3488048106-1201779807-1000UA.job - C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-13 16:06:44 . 2010-10-17 02:22:14] . . ------- Supplementary Scan ------- . uStart Page = about:blank IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: {729E18B3-9D65-41F3-8FC2-070143BE1935} = 208.67.222.222,208.67.220.220 TCP: {B5941270-CD6A-41E3-A8EA-98DC97DA264F} = 208.67.222.222,208.67.220.220 TCP: 84745323033737 = 208.67.222.222,208.67.220.220 TCP: A6564735075656460294144402230282053545E492 = 208.67.222.222,208.67.220.220 FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ss6eqjiy.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar&search= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} . - - - - ORPHANS REMOVED - - - - AddRemove-{909F8EBC-EC7F-48FF-0085-475D818F0F31} - C:\Users\User\Downloads\fovnfsu2\fovnfsu2\EAUninstall.exe

Profil

helen1 Poslao: 04 Feb 2011 17:00 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nisi mi ceo log postavio.

Profil

mladja037 Poslao: 04 Feb 2011 18:21 Idi na vrh
offline mladja037 Novi MyCity građanin Pridružio: 16 Okt 2007 Poruke: 14	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 11-01-31.02 - User 02/04/2011 18:11:00.2.2 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3071.1967 [GMT 1:00] Running from: c:\users\User\Downloads\ComboFix.exe AV: Microsoft Security Essentials Disabled/Updated {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials Disabled/Updated {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender Disabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . c:\windows\My.ini . ((((((((((((((((((((((((( Files Created from 2011-01-04 to 2011-02-04 ))))))))))))))))))))))))))))))) . 2011-02-04 17:18 . 2011-02-04 17:18 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-02-04 15:40 . 2011-02-04 15:40 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{290775F5-9A94-4649-AF03-42CA09C04597}\MpKsl6cd85d00.sys 2011-02-04 15:39 . 2011-01-13 09:41 5890896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{290775F5-9A94-4649-AF03-42CA09C04597}\mpengine.dll 2011-02-04 15:33 . 2011-02-04 17:18 -------- d-----w- c:\users\User\AppData\Local\temp 2011-01-30 13:25 . 2011-01-30 13:25 81920 ---ha-w- c:\windows\system32\v3shrtkgn.dll 2011-01-30 12:41 . 2011-02-02 16:56 -------- d-----w- c:\program files\WinOffice 2011-01-30 10:32 . 2011-01-30 10:32 375808 ----a-w- c:\windows\SoundDriverReg.exe 2011-01-30 10:26 . 2011-01-30 10:32 -------- d-----w- C:\Portable 2011-01-29 22:46 . 2011-02-02 15:53 -------- d-----w- c:\program files\JDownloader 2011-01-29 21:19 . 2011-01-29 21:19 -------- d-----w- c:\users\User\AppData\Local\ODUI 2011-01-29 21:17 . 2011-01-29 21:17 -------- d-----w- c:\users\User\AppData\Roaming\Stardock 2011-01-29 21:17 . 2011-01-29 21:17 -------- dc-h--w- c:\programdata\{0F4A7EFE-5950-4389-BF36-1E625D72456B} 2011-01-29 21:17 . 2011-01-29 21:17 -------- d-----w- c:\programdata\Stardock 2011-01-29 21:17 . 2011-01-29 21:17 -------- d-----w- c:\users\User\AppData\Local\PackageAware 2011-01-29 20:57 . 2011-01-29 20:57 -------- d-----w- c:\program files\Yahoo! 2011-01-29 16:02 . 2010-11-01 23:03 1448448 ----a-w- c:\windows\system32\inetcpl.cpl 2011-01-29 16:02 . 2010-11-01 22:59 2381824 ----a-w- c:\windows\system32\mshtml.tlb 2011-01-29 15:12 . 2011-01-29 15:12 -------- d-----w- c:\program files\Feedback Tool 2011-01-29 14:00 . 2011-01-29 14:32 -------- d-----w- c:\users\User\DoctorWeb 2011-01-29 13:02 . 2011-01-29 13:02 -------- d-----w- c:\program files\Common Files\Java 2011-01-29 13:01 . 2011-01-29 13:01 -------- d-----w- c:\program files\Java 2011-01-26 10:44 . 2011-01-26 10:43 439632 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{87895768-45AB-4348-98E6-12BE6D0DCE7E}\gapaengine.dll 2011-01-25 21:03 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll 2011-01-25 21:02 . 2011-01-25 21:03 -------- d-----w- c:\program files\Microsoft Security Client 2011-01-25 21:02 . 2010-04-09 07:24 240008 ----a-w- c:\windows\system32\drivers\netio.sys 2011-01-13 20:19 . 2008-05-30 13:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll 2011-01-13 18:14 . 2011-01-30 10:39 -------- d-----w- C:\Games . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-29 13:01 . 2010-04-19 08:33 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-01-13 09:41 . 2010-10-29 20:27 5890896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2010-12-03 12:15 . 2010-12-03 12:15 1409 ----a-w- c:\windows\QTFont.for 2010-11-25 19:49 . 2010-11-25 19:49 955904 ----a-w- c:\windows\Winregfile.swq . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-08-20 6265376] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-12 202256] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408] "Realtek High Definiton Audio Manager"="c:\windows\SoundDriverReg.exe" [2011-01-30 375808] "WinOffice Tools Windows XP SP3"="c:\program files\WinOffice\WinOffice11.exe" [2010-11-25 955904] c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDockPlus2\ObjectDock.exe [2011-1-29 4142448] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer3"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinOffice Tools Windows XP SP3] 2010-11-25 19:49 955904 ----a-w- c:\program files\WinOffice\WinOffice11.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Google Update"="c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" R0 kyisujp;kyisujp;c:\windows\System32\drivers\reyxt.sys [x] R0 vwhmofye;vwhmofye;c:\windows\System32\drivers\glcik.sys [x] R2 FlexService;Remote Connections Service;c:\program files\RapidBIT\cisvc.exe [x] R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-09-08 133104] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360] R3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336] S1 cdrblock;cdrblock;c:\windows\system32\DRIVERS\cdrblock.sys [2007-05-31 20864] S1 cdrport;cdrport;c:\windows\system32\DRIVERS\cdrport.sys [2005-03-11 4608] S1 MpKsl6cd85d00;MpKsl6cd85d00;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{290775F5-9A94-4649-AF03-42CA09C04597}\MpKsl6cd85d00.sys [2011-02-04 28752] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\apache.exe [2008-12-09 24636] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-08-13 1051968] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952] S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-22 167936] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-24 10064] --- Other Services/Drivers In Memory --- NewlyCreated - MPKSL6CD85D00 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contents of the 'Scheduled Tasks' folder 2011-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-08 19:52] 2011-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-08 19:52] 2011-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1285926362-3488048106-1201779807-1000Core.job - c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-13 02:22] 2011-01-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1285926362-3488048106-1201779807-1000UA.job - c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-13 02:22] . . ------- Supplementary Scan ------- . uStart Page = about:blank IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: {729E18B3-9D65-41F3-8FC2-070143BE1935} = 208.67.222.222,208.67.220.220 TCP: {B5941270-CD6A-41E3-A8EA-98DC97DA264F} = 208.67.222.222,208.67.220.220 TCP: 84745323033737 = 208.67.222.222,208.67.220.220 TCP: A6564735075656460294144402230282053545E492 = 208.67.222.222,208.67.220.220 FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ss6eqjiy.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar&search= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} . . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1285926362-3488048106-1201779807-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):b8,85,8b,6a,2d,3b,bd,9b,02,12,04,bc,1a,65,2f,e4,90,f3,0f,47,1f, 82,df,a1,28,15,b0,12,b9,bb,1a,b6,82,dd,1a,ba,cf,6e,f3,24,00,00,00,00,00,00,\ [HKEY_USERS\S-1-5-21-1285926362-3488048106-1201779807-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):12,39,4c,5c,2f,7d,db,20,d0,cd,c5,36,bc,9b,77,b5,b5,c6,97,a6,1c, b5,ff,6e,f1,a9,ea,3d,6e,66,1b,54,15,2a,6b,34,0d,cf,9a,3a,00,00,00,00,00,00,\ [HKEY_USERS\S-1-5-21-1285926362-3488048106-1201779807-1000_Classes\CLSID\{b5093046-0e64-40dc-a6d2-bfb6ca31445b}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ [HKEY_USERS\S-1-5-21-1285926362-3488048106-1201779807-1000_Classes\CLSID\{c58a53ea-4f02-45c7-ae1d-ba8763d70f58}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:00000141 "Therad"=dword:00000022 "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,76,63,b3,77,0d,4a,ec,df,45,74,63,24,3c,17,49,93,91,bf,75,10,b9,30,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'Explorer.exe'(4684) c:\program files\Stardock\ObjectDockPlus2\DockShellHook.dll . Completion time: 2011-02-04 18:20:20 ComboFix-quarantined-files.txt 2011-02-04 17:20 Pre-Run: 43,955,175,424 bytes free Post-Run: 43,663,613,952 bytes free - - End Of File - - 41BDC13BA28519C389E3F5E23F480F5A

Profil

helen1 Poslao: 04 Feb 2011 19:13 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uploaduj mi: c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{290775F5-9A94-4649-AF03-42CA09C04597}\MpKsl6cd85d00.sys preko sledeceg linka: http://www.mycity.rs/ambulanta-upload.php

Profil

mladja037 Poslao: 04 Feb 2011 19:23 Idi na vrh
offline mladja037 Novi MyCity građanin Pridružio: 16 Okt 2007 Poruke: 14	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ne postoji pod tim nazivom

Profil

helen1 Poslao: 05 Feb 2011 02:21 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\windows\system32\v3shrtkgn.dll c:\windows\SoundDriverReg.exe c:\windows\Winregfile.swq Folder:: c:\program files\WinOffice Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WinOffice Tools Windows XP SP3"=- "Realtek High Definiton Audio Manager"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinOffice Tools Windows XP SP3]` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

mladja037 Poslao: 05 Feb 2011 10:20 Idi na vrh
offline mladja037 Novi MyCity građanin Pridružio: 16 Okt 2007 Poruke: 14	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 11-01-31.02 - User 02/05/2011 9:52.3.2 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3071.1932 [GMT 1:00] Running from: c:\users\User\Desktop\ComboFix.exe Command switches used :: c:\users\User\Desktop\CFScript.txt AV: Microsoft Security Essentials Disabled/Updated {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials Disabled/Updated {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender Disabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point FILE :: "c:\windows\SoundDriverReg.exe" "c:\windows\system32\v3shrtkgn.dll" "c:\windows\Winregfile.swq" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\WinOffice c:\program files\WinOffice\WinOffice11.exe c:\windows\SoundDriverReg.exe c:\windows\system32\v3shrtkgn.dll c:\windows\Winregfile.swq . ((((((((((((((((((((((((( Files Created from 2011-01-05 to 2011-02-05 ))))))))))))))))))))))))))))))) . 2011-02-05 09:16 . 2011-02-05 09:16 -------- d-----w- c:\users\User\AppData\Local\temp 2011-02-05 09:16 . 2011-02-05 09:16 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-02-05 08:44 . 2011-02-05 08:44 28752 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C862302D-6478-4F7A-BF0D-B49167B24FFB}\MpKsl3ef36ee1.sys 2011-02-04 17:29 . 2011-01-13 09:41 5890896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C862302D-6478-4F7A-BF0D-B49167B24FFB}\mpengine.dll 2011-01-30 10:26 . 2011-01-30 10:32 -------- d-----w- C:\Portable 2011-01-29 22:46 . 2011-02-02 15:53 -------- d-----w- c:\program files\JDownloader 2011-01-29 21:19 . 2011-01-29 21:19 -------- d-----w- c:\users\User\AppData\Local\ODUI 2011-01-29 21:17 . 2011-01-29 21:17 -------- d-----w- c:\users\User\AppData\Roaming\Stardock 2011-01-29 21:17 . 2011-01-29 21:17 -------- dc-h--w- c:\programdata\{0F4A7EFE-5950-4389-BF36-1E625D72456B} 2011-01-29 21:17 . 2011-01-29 21:17 -------- d-----w- c:\programdata\Stardock 2011-01-29 21:17 . 2011-01-29 21:17 -------- d-----w- c:\users\User\AppData\Local\PackageAware 2011-01-29 20:57 . 2011-01-29 20:57 -------- d-----w- c:\program files\Yahoo! 2011-01-29 16:02 . 2010-11-01 23:03 1448448 ----a-w- c:\windows\system32\inetcpl.cpl 2011-01-29 16:02 . 2010-11-01 22:59 2381824 ----a-w- c:\windows\system32\mshtml.tlb 2011-01-29 15:12 . 2011-01-29 15:12 -------- d-----w- c:\program files\Feedback Tool 2011-01-29 14:00 . 2011-01-29 14:32 -------- d-----w- c:\users\User\DoctorWeb 2011-01-29 13:02 . 2011-01-29 13:02 -------- d-----w- c:\program files\Common Files\Java 2011-01-29 13:01 . 2011-01-29 13:01 -------- d-----w- c:\program files\Java 2011-01-26 10:44 . 2011-01-26 10:43 439632 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{87895768-45AB-4348-98E6-12BE6D0DCE7E}\gapaengine.dll 2011-01-25 21:03 . 2010-11-10 04:33 6273872 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll 2011-01-25 21:02 . 2011-01-25 21:03 -------- d-----w- c:\program files\Microsoft Security Client 2011-01-25 21:02 . 2010-04-09 07:24 240008 ----a-w- c:\windows\system32\drivers\netio.sys 2011-01-13 20:19 . 2008-05-30 13:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll 2011-01-13 18:14 . 2011-01-30 10:39 -------- d-----w- C:\Games . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-29 13:01 . 2010-04-19 08:33 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-01-13 09:41 . 2010-10-29 20:27 5890896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2010-12-03 12:15 . 2010-12-03 12:15 1409 ----a-w- c:\windows\QTFont.for . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-08-20 6265376] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-12 202256] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408] c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDockPlus2\ObjectDock.exe [2011-1-29 4142448] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer3"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Google Update"="c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe" /c [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" R0 kyisujp;kyisujp;c:\windows\System32\drivers\reyxt.sys [x] R0 vwhmofye;vwhmofye;c:\windows\System32\drivers\glcik.sys [x] R2 FlexService;Remote Connections Service;c:\program files\RapidBIT\cisvc.exe [x] R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-09-08 133104] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360] R3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\DRIVERS\s115bus.sys [2007-04-23 83208] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336] S1 cdrblock;cdrblock;c:\windows\system32\DRIVERS\cdrblock.sys [2007-05-31 20864] S1 cdrport;cdrport;c:\windows\system32\DRIVERS\cdrport.sys [2005-03-11 4608] S1 MpKsl3ef36ee1;MpKsl3ef36ee1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C862302D-6478-4F7A-BF0D-B49167B24FFB}\MpKsl3ef36ee1.sys [2011-02-05 28752] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\apache.exe [2008-12-09 24636] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-08-13 1051968] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-08-07 97536] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952] S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-22 167936] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-24 10064] --- Other Services/Drivers In Memory --- NewlyCreated - CFCATCHME NewlyCreated - MPKSL3EF36EE1 Deregistered - CFcatchme HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contents of the 'Scheduled Tasks' folder 2011-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-08 19:52] 2011-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-09-08 19:52] 2011-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1285926362-3488048106-1201779807-1000Core.job - c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-13 02:22] 2011-01-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1285926362-3488048106-1201779807-1000UA.job - c:\users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-13 02:22] . . ------- Supplementary Scan ------- . uStart Page = about:blank IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: {729E18B3-9D65-41F3-8FC2-070143BE1935} = 208.67.222.222,208.67.220.220 TCP: {B5941270-CD6A-41E3-A8EA-98DC97DA264F} = 208.67.222.222,208.67.220.220 TCP: 84745323033737 = 208.67.222.222,208.67.220.220 TCP: A6564735075656460294144402230282053545E492 = 208.67.222.222,208.67.220.220 FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ss6eqjiy.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar&search= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} . . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1285926362-3488048106-1201779807-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):b8,85,8b,6a,2d,3b,bd,9b,02,12,04,bc,1a,65,2f,e4,90,f3,0f,47,1f, 82,df,a1,28,15,b0,12,b9,bb,1a,b6,82,dd,1a,ba,cf,6e,f3,24,00,00,00,00,00,00,\ [HKEY_USERS\S-1-5-21-1285926362-3488048106-1201779807-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):12,39,4c,5c,2f,7d,db,20,d0,cd,c5,36,bc,9b,77,b5,b5,c6,97,a6,1c, b5,ff,6e,f1,a9,ea,3d,6e,66,1b,54,15,2a,6b,34,0d,cf,9a,3a,00,00,00,00,00,00,\ [HKEY_USERS\S-1-5-21-1285926362-3488048106-1201779807-1000_Classes\CLSID\{b5093046-0e64-40dc-a6d2-bfb6ca31445b}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ [HKEY_USERS\S-1-5-21-1285926362-3488048106-1201779807-1000_Classes\CLSID\{c58a53ea-4f02-45c7-ae1d-ba8763d70f58}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:00000141 "Therad"=dword:00000022 "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,76,63,b3,77,0d,4a,ec,df,45,74,63,24,3c,17,49,93,91,bf,75,10,b9,30,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2011-02-05 10:18:39 ComboFix-quarantined-files.txt 2011-02-05 09:18 ComboFix2.txt 2011-02-04 17:20 Pre-Run: 43,592,261,632 bytes free Post-Run: 43,278,385,152 bytes free - - End Of File - - A16468CC5FFC4CA1662DC329F67E5B3B

Profil

helen1 Poslao: 05 Feb 2011 15:27 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U folderu: C:\Qoobox\Quarantine\ potrazi fajl SoundDriverReg.exe.vir i uploaduj mi ga preko: http://www.mycity.rs/ambulanta-upload.php Uploaduj mi i: c:\windows\System32\drivers\reyxt.sys c:\windows\System32\drivers\glcik.sys

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Winoffice.exe

Ko je trenutno na forumu

Ukupno su 983 korisnika na forumu :: 59 registrovanih, 5 sakrivenih i 919 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., aramis s, bestguarder, bigfoot, bladesu, BlekMen, bojankrstc, bokisha253, BRATORIII, cemix, CHARLIE JA., cinoeye, darcaud, darios, darkojbn, dejina811, Dimitrise93, Djokislav, DragoslavS, drimer, Dukelander, dule10savic, goxin, ikan, Ivica1102, kobaja77, kubura91, ljuba, mercedesamg, Mercury, mgolub, Mi lao shu, milenko crazy north, moldway, Nemanja.M, nenooo, nikoladim, Nobunaga, NoOneEver Dreams, opt1, pein, procesor, Recce, repac, savaskytec, shaja1, slonic_tonic, solic, srbijaiznadsvega, Srle993, theNedjeljko, trajkoni018, uruk, vukovi, Webb, wolf431, YugoSlav, Zimbabwe, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by