fajlovi

2

fajlovi

offline
  • Pridružio: 17 Okt 2006
  • Poruke: 53

Ni pomocu Tools menia nije uspeo da nadje ovaj BIT89.tmp

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Otvoriti Notepad i iskopirati sledeci tekst:

File::
c:\windows\system32\nod64.exe
c:\windows\poppers.exe
c:\windows\BIT89.tmp
c:\windows\BIT7F.tmp
c:\windows\BIT80.tmp
c:\windows\BITB6.tmp
c:\windows\BITB3.tmp
c:\windows\BITB2.tmp
c:\windows\BITB1.tmp
c:\windows\BITB0.tmp
c:\windows\BITA7.tmp
c:\windows\BITA6.tmp
c:\windows\BITA5.tmp
c:\windows\BITA4.tmp
c:\windows\BITA3.tmp
c:\windows\BIT98.tmp
c:\windows\BIT95.tmp
c:\windows\BIT92.tmp
c:\windows\BIT8F.tmp
c:\windows\BIT8C.tmp
c:\windows\BIT4F.tmp
c:\windows\BIT48.tmp
c:\windows\BIT41.tmp
c:\windows\BIT3E.tmp
c:\windows\BIT3D.tmp
c:\windows\BIT3C.tmp
c:\windows\BIT84.tmp
c:\windows\BIT86.tmp
c:\windows\BIT82.tmp
c:\windows\BIT81.tmp

Registry::
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
"Nod32 Service"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Nod32 Service"=-


Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

offline
  • Pridružio: 17 Okt 2006
  • Poruke: 53

Evo ga:
mycity.rs/must-login.png

ComboFix 09-02-08.02 - Customer 2009-02-17 21:04:16.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.570 [GMT 0:00]
Running from: c:\documents and settings\Customer\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Customer\Desktop\CFScript.txt
AV: Norman Security Suite ver. 7.00 *On-access scanning enabled* (Updated)
FW: Persoonlijke firewall *enabled*
* Created a new restore point
* Resident AV is active


WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
- REDUCED FUNCTIONALITY MODE -
.

((((((((((((((((((((((((( Files Created from 2009-01-17 to 2009-02-17 )))))))))))))))))))))))))))))))
.

2009-02-13 12:51 . 2009-02-13 20:11 81,288 --a------ c:\windows\system32\drivers\iksyssec.sys
2009-02-13 12:51 . 2009-02-13 20:11 66,952 --a------ c:\windows\system32\drivers\iksysflt.sys
2009-02-13 12:51 . 2009-02-13 20:11 40,840 --a------ c:\windows\system32\drivers\ikfilesec.sys
2009-02-13 12:51 . 2008-06-02 15:19 29,576 --a------ c:\windows\system32\drivers\kcom.sys
2009-02-13 12:50 . 2009-02-13 20:47 <DIR> d-------- c:\program files\Spyware Doctor
2009-02-13 12:50 . 2009-02-13 12:50 <DIR> d-------- c:\documents and settings\Customer\Application Data\PC Tools
2009-02-13 12:48 . 2009-02-13 12:48 <DIR> d-------- c:\program files\Google
2009-02-13 12:48 . 2009-02-14 18:36 <DIR> d-------- c:\documents and settings\All Users\Application Data\Google Updater
2009-02-12 15:54 . 2008-05-16 10:28 212,024 --a------ c:\windows\system32\nscrnsav.scr
2009-02-12 15:54 . 2008-02-07 11:12 79,752 --a------ c:\windows\system32\drivers\ndis_rd.sys
2009-02-12 15:54 . 2008-02-07 11:12 74,624 --a------ c:\windows\system32\drivers\tdi_rd.sys
2009-02-12 15:54 . 2008-04-16 11:57 42,552 --a------ c:\windows\system32\drivers\ale_nf.sys
2009-02-12 15:54 . 2008-09-02 11:48 19,512 --a------ c:\windows\system32\drivers\nvcw32mf.sys
2009-02-12 15:52 . 2009-02-17 20:34 <DIR> d-------- c:\program files\Norman
2009-02-06 17:14 . 2009-02-09 11:02 792,381 --ah----- c:\windows\BIT89.tmp
2009-02-06 16:55 . 2009-02-09 11:07 792,381 --ah----- c:\windows\BIT7F.tmp
2009-02-06 16:50 . 2009-02-17 20:47 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2009-02-06 16:48 . 2009-02-06 16:51 339,968 --ah----- c:\windows\BIT80.tmp
2009-02-04 20:47 . 2009-02-04 20:47 <DIR> d-------- c:\program files\microsoft frontpage
2009-02-04 16:17 . 2009-02-09 11:04 0 --ah----- c:\windows\BITB6.tmp
2009-02-04 16:17 . 2009-02-09 11:04 0 --ah----- c:\windows\BITB3.tmp
2009-02-04 16:17 . 2009-02-09 11:04 0 --ah----- c:\windows\BITB2.tmp
2009-02-04 16:17 . 2009-02-09 11:04 0 --ah----- c:\windows\BITB1.tmp
2009-02-04 16:17 . 2009-02-09 11:04 0 --ah----- c:\windows\BITB0.tmp
2009-02-04 16:17 . 2009-02-09 11:03 0 --ah----- c:\windows\BITA7.tmp
2009-02-04 16:17 . 2009-02-09 11:03 0 --ah----- c:\windows\BITA6.tmp
2009-02-04 16:17 . 2009-02-09 11:03 0 --ah----- c:\windows\BITA5.tmp
2009-02-04 16:17 . 2009-02-09 11:03 0 --ah----- c:\windows\BITA4.tmp
2009-02-04 16:17 . 2009-02-09 11:03 0 --ah----- c:\windows\BITA3.tmp
2009-02-04 16:17 . 2009-02-09 11:03 0 --ah----- c:\windows\BIT98.tmp
2009-02-04 16:16 . 2009-02-09 11:03 0 --ah----- c:\windows\BIT95.tmp
2009-02-04 16:16 . 2009-02-09 11:03 0 --ah----- c:\windows\BIT92.tmp
2009-02-04 16:16 . 2009-02-09 11:03 0 --ah----- c:\windows\BIT8F.tmp
2009-02-04 16:16 . 2009-02-09 11:02 0 --ah----- c:\windows\BIT8C.tmp
2009-02-04 16:14 . 2009-02-09 11:04 0 --ah----- c:\windows\BIT4F.tmp
2009-02-04 16:06 . 2009-02-09 11:04 792,381 --ah----- c:\windows\BIT48.tmp
2009-02-04 15:57 . 2009-02-04 16:30 339,968 --ah----- c:\windows\BIT41.tmp
2009-02-04 15:57 . 2009-02-04 16:20 339,968 --ah----- c:\windows\BIT3E.tmp
2009-02-04 15:57 . 2009-02-04 16:25 339,968 --ah----- c:\windows\BIT3D.tmp
2009-02-04 15:57 . 2009-02-04 16:15 339,968 --ah----- c:\windows\BIT3C.tmp
2009-02-04 00:43 . 2009-02-04 00:43 <DIR> d-------- c:\documents and settings\Customer\Application Data\Ahead
2009-02-04 00:42 . 2009-02-04 00:42 <DIR> d-------- c:\documents and settings\All Users\Application Data\Ahead
2009-02-03 22:07 . 2009-02-17 20:35 <DIR> d-------- c:\program files\DNA
2009-02-03 22:07 . 2009-02-03 22:07 <DIR> d-------- c:\program files\BitTorrent
2009-02-03 22:07 . 2009-02-17 20:55 <DIR> d-------- c:\documents and settings\Customer\Application Data\DNA
2009-02-03 22:07 . 2009-02-04 16:33 <DIR> d-------- c:\documents and settings\Customer\Application Data\BitTorrent
2009-02-03 11:33 . 2009-02-03 11:33 <DIR> d-------- c:\documents and settings\Customer\Application Data\Uniblue
2009-02-03 11:33 . 2009-02-03 11:36 <DIR> d-------- c:\documents and settings\All Users\Application Data\DriverScanner
2009-02-03 11:31 . 2009-02-03 11:33 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
2009-02-03 09:09 . 2009-02-03 09:09 339,968 --a------ c:\windows\poppers.exe
2009-02-03 09:09 . 2009-02-03 09:09 339,968 ---h----- c:\windows\BIT84.tmp
2009-02-02 11:03 . 2003-06-18 17:31 17,920 --a------ c:\windows\system32\mdimon.dll
2009-02-02 11:03 . 2009-02-02 11:03 376 --a------ c:\windows\ODBC.INI
2009-02-02 11:02 . 2009-02-02 11:02 <DIR> d-------- c:\program files\Microsoft.NET
2009-02-02 11:02 . 2009-02-02 11:02 <DIR> d-------- c:\program files\Microsoft ActiveSync
2009-02-02 11:00 . 2009-02-02 11:02 <DIR> d-------- c:\windows\SHELLNEW
2009-02-02 10:56 . 2009-02-02 10:56 <DIR> dr-h----- C:\MSOCache
2009-01-30 23:04 . 2009-01-30 23:04 <DIR> d-------- c:\program files\Common Files\xing shared
2009-01-30 23:03 . 2009-01-30 23:03 <DIR> d-------- c:\program files\Real
2009-01-30 23:03 . 2009-01-30 23:04 <DIR> d-------- c:\program files\Common Files\Real
2009-01-30 23:03 . 2009-01-30 23:03 499,712 --a------ c:\windows\system32\msvcp71.dll
2009-01-30 23:03 . 2009-01-30 23:03 348,160 --a------ c:\windows\system32\msvcr71.dll
2009-01-28 19:31 . 2007-07-02 00:08 1,539 --a------ C:\Disk Cleanup.lnk
2009-01-27 10:52 . 2009-01-27 10:53 <DIR> d-------- c:\program files\QuickTime
2009-01-25 22:15 . 2009-01-25 22:15 <DIR> d-------- c:\program files\NCH Software
2009-01-25 22:15 . 2009-01-25 22:15 <DIR> d-------- c:\documents and settings\All Users\Application Data\NCH Software
2009-01-25 22:13 . 2009-01-29 09:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\NCH Swift Sound
2009-01-25 22:10 . 2009-01-29 09:48 <DIR> d-------- c:\program files\NCH Swift Sound
2009-01-24 11:07 . 2008-10-16 20:38 6,066,176 --------- c:\windows\system32\dllcache\ieframe.dll
2009-01-24 11:07 . 2007-04-17 09:32 2,455,488 --------- c:\windows\system32\dllcache\ieapfltr.dat
2009-01-24 11:07 . 2007-03-08 05:10 991,232 --------- c:\windows\system32\dllcache\ieframe.dll.mui
2009-01-24 11:07 . 2008-10-16 20:38 459,264 --------- c:\windows\system32\dllcache\msfeeds.dll
2009-01-24 11:07 . 2008-10-16 20:38 383,488 --------- c:\windows\system32\dllcache\ieapfltr.dll
2009-01-24 11:07 . 2008-10-16 20:38 267,776 --------- c:\windows\system32\dllcache\iertutil.dll
2009-01-24 11:07 . 2008-10-16 20:38 63,488 --------- c:\windows\system32\dllcache\icardie.dll
2009-01-24 11:07 . 2008-10-16 20:38 52,224 --------- c:\windows\system32\dllcache\msfeedsbs.dll
2009-01-24 11:07 . 2008-10-16 13:11 13,824 --------- c:\windows\system32\dllcache\ieudinit.exe
2009-01-24 10:34 . 2008-04-14 00:15 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
2009-01-24 10:34 . 2008-04-14 00:15 15,104 --a------ c:\windows\system32\dllcache\usbscan.sys
2009-01-24 10:31 . 2008-04-14 00:17 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2009-01-24 10:31 . 2008-04-14 00:17 25,856 --a------ c:\windows\system32\dllcache\usbprint.sys
2009-01-24 10:28 . 2008-04-14 00:15 32,128 --a------ c:\windows\system32\drivers\usbccgp.sys
2009-01-24 10:28 . 2008-04-14 00:15 32,128 --a------ c:\windows\system32\dllcache\usbccgp.sys
2009-01-24 10:23 . 2009-01-24 10:23 <DIR> d--h----- c:\documents and settings\All Users\Application Data\CanonBJ
2009-01-24 10:23 . 2009-01-25 13:00 460,629 --a------ c:\windows\system32\USB
2009-01-24 10:22 . 2008-02-05 20:00 216,064 --a------ c:\windows\system32\CNMLM8T.DLL
2009-01-18 22:03 . 2009-01-18 22:03 <DIR> d-------- c:\windows\system32\scripting
2009-01-18 21:58 . 2008-04-13 22:58 2,940,928 --------- c:\windows\system32\dllcache\wmploc.dll
2009-01-18 21:55 . 2008-04-13 22:06 144,384 --------- c:\windows\system32\drivers\hdaudbus.sys
2009-01-18 21:55 . 2008-04-14 00:10 10,240 --------- c:\windows\system32\drivers\sffp_mmc.sys
2009-01-18 21:54 . 2006-12-29 00:31 19,569 --a------ c:\windows\005304_.tmp
2009-01-18 20:10 . 2009-01-18 20:10 <DIR> d-------- c:\program files\Web Page Maker V2
2009-01-18 20:03 . 2009-01-18 20:03 <DIR> d-------- C:\Web Page Maker V2

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-12 23:25 --------- d-----w c:\program files\Bonjour
2009-02-07 23:25 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-02-07 23:16 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-07 23:07 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2009-02-07 22:58 --------- d-----w c:\program files\Symantec
2009-02-06 17:06 339,968 ---ha-w c:\windows\BIT86.tmp
2009-02-06 17:01 339,968 ---ha-w c:\windows\BIT82.tmp
2009-02-06 16:46 339,968 ---ha-w c:\windows\BIT81.tmp
2009-02-04 20:42 514 ----a-w c:\program files\Shortcut to Spyware Doctor.lnk
2009-02-04 20:31 --------- d-----w c:\documents and settings\Customer\Application Data\MSN6
2009-01-13 18:51 --------- d-----w c:\program files\iTunes
2009-01-13 18:51 --------- d-----w c:\program files\iPod
2009-01-13 18:51 --------- d-----w c:\program files\Common Files\Apple
2009-01-13 18:51 --------- d-----w c:\documents and settings\Customer\Application Data\Apple Computer
2009-01-13 18:51 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2009-01-13 18:51 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-13 18:50 --------- d-----w c:\program files\Apple Software Update
2009-01-13 18:49 --------- d-----w c:\documents and settings\All Users\Application Data\Apple
2009-01-11 13:31 --------- d-----w c:\program files\Common Files\Adobe AIR
2009-01-11 13:30 --------- d-----w c:\program files\Common Files\Adobe
2008-12-30 05:05 --------- d-----w c:\documents and settings\Customer\Application Data\InterVideo
2008-12-28 07:41 --------- d-----w c:\program files\OFFICE11
2008-12-25 03:54 --------- d-----w c:\documents and settings\Customer\Application Data\Web Page Maker V2
2008-12-13 06:40 3,593,216 ------w c:\windows\system32\dllcache\mshtml.dll
2008-12-11 10:57 333,952 ------w c:\windows\system32\dllcache\srv.sys
2008-04-14 05:42 339,968 --sh--r c:\windows\system32\nod64.exe
.

((((((((((((((((((((((((((((( SnapShot@2009-02-14_18.52.20.68 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-02-13 20:56:15 40,844 ----a-w c:\windows\system32\perfc009.dat
+ 2009-02-14 19:13:58 40,844 ----a-w c:\windows\system32\perfc009.dat
- 2009-02-13 20:56:15 312,814 ----a-w c:\windows\system32\perfh009.dat
+ 2009-02-14 19:13:58 312,814 ----a-w c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ibmmessages"="c:\program files\IBM\Messages By IBM\ibmmessages.exe" [2003-01-07 495616]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-02-04 342848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2003-06-24 126976]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2003-06-24 561152]
"TPHOTKEY"="c:\progra~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe" [2003-01-25 94208]
"BMMGAG"="c:\progra~1\ThinkPad\UTILIT~1\pwrmonit.dll" [2003-01-17 64000]
"BMMLREF"="c:\program files\ThinkPad\Utilities\BMMLREF.EXE" [2003-01-17 20480]
"QCWLICON"="c:\program files\ThinkPad\ConnectUtilities\QCWLICON.EXE" [2003-03-27 53248]
"TPKMAPMN"="c:\program files\ThinkPad\Utilities\TpKmapMn.exe" [2003-02-17 32835]
"EZEJMNAP"="c:\progra~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe" [2002-12-24 204800]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-01-16 294912]
"tgcmd"="c:\program files\Support.com\bin\tgcmd.exe" [2002-10-16 1622016]
"ibmmessages"="c:\program files\IBM\Messages By IBM\ibmmessages.exe" [2003-01-07 495616]
"StorageGuard"="c:\program files\VERITAS Software\Update Manager\sgtray.exe" [2002-06-18 155648]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2003-01-10 106551]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-01-30 185872]
"Norman ZANDA"="c:\program files\Norman\Npm\Bin\ZLH.EXE" [2008-06-02 277616]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2009-02-13 1168264]
"S3TRAY2"="S3Tray2.exe" [2001-10-12 c:\windows\system32\S3Tray2.exe]
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 c:\windows\system32\Ati2mdxx.exe]
"BluetoothAuthenticationAgent"="irprops.cpl" [2008-04-14 c:\windows\system32\irprops.cpl]
"TP4EX"="tp4ex.exe" [2002-09-04 c:\windows\system32\TP4EX.exe]
"Nod32 Service"="nod64.exe" [2008-04-14 c:\windows\system32\nod64.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Nod32 Service"="nod64.exe" [2008-04-14 c:\windows\system32\nod64.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Support.com\\Bin\\tgcmd.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

P2 NPFSvc32;Norman Personal Firewall Service;c:\program files\Norman\Npf\Bin\npfsvc32.exe [2009-02-12 597104]
R0 NDIS_RD;Norman Firewall NDIS driver;c:\windows\system32\drivers\ndis_rd.sys [2009-02-12 79752]
R1 IBMTPCHK;IBMTPCHK;c:\windows\system32\drivers\IBMBLDID.SYS [2008-09-09 2295]
R1 NPROSEC;Norman Security driver;c:\program files\Norman\Ngs\Bin\nprosec.sys [2009-02-12 53816]
R1 TDI_RD;Norman Firewall TDI driver;c:\windows\system32\drivers\tdi_rd.sys [2009-02-12 74624]
R1 TPPWR;TPPWR;c:\windows\system32\drivers\TPPWR.SYS [2008-09-09 15360]
R2 Ndiskio;Ndiskio;c:\program files\Norman\Nse\Bin\Ndiskio.sys [2009-02-12 20448]
R2 NPROSECSVC;Norman Security service;c:\program files\Norman\Ngs\Bin\nprosec.exe [2009-02-12 121912]
R2 NVOY;Norman's Very Own supplY of resources;c:\program files\Norman\npm\bin\nvoy.exe [2009-02-12 121912]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2009-02-13 356920]
R3 nsesvc;Norman Scanner Engine Service;c:\program files\Norman\Nse\Bin\Nsesvc.exe [2009-02-12 183352]
R3 NvcMFlt;NvcMFlt;c:\windows\system32\drivers\nvcw32mf.sys [2009-02-12 19512]
R3 nvcoas;Norman Virus Control on-access component;c:\program files\Norman\nvc\bin\Nvcoas.exe [2009-02-12 191544]
R3 NVCScheduler;Norman Virus Control Scheduler;c:\program files\Norman\npm\bin\nvcsched.exe [2009-02-12 154680]
S3 PCDRDRV;Pcdr Helper Driver;\??\c:\progra~1\PC-DOC~1\DIAGNO~1\PCDRDRV.sys --> c:\progra~1\PC-DOC~1\DIAGNO~1\PCDRDRV.sys [?]

--- Other Services/Drivers In Memory ---

*Deregistered* - mchInjDrv
.
Contents of the 'Scheduled Tasks' folder

2008-09-09 c:\windows\Tasks\BMMTask.job
- c:\progra~1\ThinkPad\UTILIT~1\BMMTASK.EXE [2003-01-17 08:32]

2009-02-17 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-13 12:48]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.nl/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-02-17 21:05:02
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2464)
c:\program files\Norman\nvc\bin\Niphk.dll
c:\progra~1\ThinkPad\UTILIT~1\pwrmonit.dll
.
Completion time: 2009-02-17 21:08:44
ComboFix-quarantined-files.txt 2009-02-17 21:08:31

Pre-Run: 25,175,322,624 bytes free
Post-Run: 25,165,471,744 bytes free

247 --- E O F --- 2009-01-27 10:15:15

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Iskljuci Antivirus, i firewall i pokusaj ponovo.

Ko je trenutno na forumu
 

Ukupno su 1111 korisnika na forumu :: 35 registrovanih, 9 sakrivenih i 1067 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: babaroga, BlekMen, bojank, celik, Chainsaw, dragoljub11987, Fabius, Frunze, Georgius, hologram, JOntra, Karla, krkalon, ladro, laurusri, Leonov, Luka Blažević, milanovic, milenko crazy north, milutin134, MiroslavD, nemkea71, procesor, Singidunumac, Sir Budimir, slonic_tonic, Srle993, tmanda323, vladaa012, vladulns, yufighter, Yugol33, zillbg, zziko, Čivi