MyCity » Ambulanta -> Arhiva Ambulante » molim za pomoc

molim za pomoc

Napisano na dan: 26.1.2010

molim za pomoc

Sledeća strana

Pagination

Odgovori

gardinho Poslao: 26 Jan 2010 12:23 Idi na vrh
offline gardinho Građanin Pridružio: 16 Jun 2009 Poruke: 44	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: ZDRAVO, Koristim laptop usporava mi, radi malo sporije, povremeno koci, ne znam sta mu je ali sam siguran da postoje neki virusi na njemu(javlja mi to i anti virus ali ne moze da ga ukloni cini mi se, pise da je trojanac ne znam nista vise) da li vise ili manje opasni nemam predstave, uglavno poslacu vam podatke pa ako ste u prilici molim da mi pomognete da ga precesljam i ocistim ukoliko to bude moguce, unaprijed zahvalan laptop je Acer emachine 1,9GH dual core, orginalni operativni sistem VISTA servis pac 2 RAM 2GB, od antivirusa imam nod32 koji update radi preko interneta, u dodatku cu vam poslati fajlove i podatke koje i trazite na pocetku otvaranja teme Veliko hvala, POZDRAV DDS (Ver_09-12-01.01) - NTFSx86 Run by gardovic at 10:33:46,35 on uto 26.01.2010 Internet Explorer: 8.0.6001.18882 BrowserJavaVersion: 1.6.0_17 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.381.1033.18.1790.863 [GMT 1:00] AV: ESET Smart Security 3.0 On-access scanning enabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} SP: ESET Smart Security 3.0 enabled (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448} SP: Windows Defender enabled (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} FW: ESET Personal firewall enabled {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\rundll32.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Program Files\EMACHINES\eMachines Recovery Management\Service\ETService.exe C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Program Files\Launch Manager\QtZyEmachine.EXE C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\conime.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\gardovic\Downloads\dds.com C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uSearch Page = uSearch Bar = mStart Page = hxxp://home.sweetim.com uInternet Settings,ProxyOverride = *.local mSearchAssistant = BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Ask Toolbar BHO: {f0d4b231-da4b-4daf-81e4-dfee4931a4aa} - c:\program files\asksbar\bar\1.bin\ASKSBAR.DLL TB: BS.Player ControlBar: {2c688203-7eb3-4327-9995-1cb417ba23f9} - c:\program files\bs.player controlbar\BSToolbar.dll TB: Ask Toolbar: {f0d4b239-da4b-4daf-81e4-dfee4931a4aa} - c:\program files\asksbar\bar\1.bin\ASKSBAR.DLL TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -startup uRun: [Live PC Care] "c:\programdata\8fb1da0\LP8fb1.exe" /s /d mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe mRun: [BkupTray] "c:\program files\newtech infosystems\nti backup now 5\BkupTray.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [LManager] c:\progra~1\launch~1\QtZyEmachine.EXE mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [WarReg_PopUp] c:\program files\emachines\wr_popup\WarReg_PopUp.exe mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\autoca~1.lnk - c:\program files\common files\autodesk shared\acstart17.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: &Search - edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZRfox000 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL ================= FIREFOX =================== FF - ProfilePath - c:\users\gardovic\appdata\roaming\mozilla\firefox\profiles\8j47us04.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://google.com FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q= FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\google updater\2.4.1487.6512\npCIDetect13.dll FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\microsoft\office live\npOLW.dll FF - plugin: c:\program files\mozilla firefox\plugins\NPAskSBr.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\users\gardovic\appdata\roaming\mozilla\firefox\profiles\8j47us04.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); ============= SERVICES / DRIVERS =============== R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\newtech infosystems\nti backup now 5\client\Agentsvc.exe [2008-3-3 16384] R2 ekrn;Eset Service;c:\program files\eset\eset smart security\ekrn.exe [2008-7-1 468224] R2 ETService;Empowering Technology Service;c:\program files\emachines\emachines recovery management\service\ETService.exe [2008-10-14 24576] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\newtech infosystems\nti backup now 5\BackupSvc.exe [2008-4-7 50424] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\newtech infosystems\nti backup now 5\SchedulerSvc.exe [2008-4-4 131072] R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-18 11032] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2008-8-27 212992] S2 EsetNod32Fix;Nod32 AV;c:\windows\regedit.exe [2008-1-21 134656] S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504] S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-10-14 24064] =============== Created Last 30 ================ 2010-01-26 08:58:29 0 d-sh--w- c:\users\gardovic\appdata\roaming\Live PC Care 2010-01-26 08:58:28 0 d-sh--w- c:\programdata\LPARJBLBPCG 2010-01-26 08:57:59 0 d-sh--w- c:\programdata\8fb1da0 2010-01-13 11:23:01 58094 ----a-w- c:\windows\FontData.fdb 2010-01-13 09:31:22 0 d-----w- c:\program files\CCleaner 2010-01-13 09:11:53 0 d-----w- C:\8d3fd6da5fcecc09242f03c038dd 2010-01-13 09:11:10 72704 ----a-w- c:\windows\system32\fontsub.dll 2010-01-13 09:11:10 156672 ----a-w- c:\windows\system32\t2embed.dll 2010-01-13 08:36:51 0 d-----w- c:\program files\common files\Corel 2010-01-12 21:09:30 57667 ----a-w- c:\windows\system32\ieuinit.inf 2010-01-10 01:49:26 0 d-----w- C:\My Music ==================== Find3M ==================== 2010-01-22 07:28:55 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys 2010-01-16 12:36:27 28124 ----a-w- c:\programdata\nvModes.dat 2010-01-14 10:12:06 181120 ------w- c:\windows\system32\MpSigStub.exe 2010-01-02 06:38:20 916480 ----a-w- c:\windows\system32\wininet.dll 2010-01-02 06:32:33 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-01-02 06:32:33 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-01-02 04:57:00 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-12-01 14:57:01 86016 ----a-w- c:\windows\inf\infstor.dat 2009-12-01 14:57:01 51200 ----a-w- c:\windows\inf\infpub.dat 2009-12-01 14:57:01 143360 ----a-w- c:\windows\inf\infstrng.dat 2009-11-26 23:11:00 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-11-26 14:26:41 37665 ----a-w- c:\windows\fonts\GlobalUserInterface.CompositeFont 2009-11-03 21:43:29 24064 ----a-w- c:\windows\system32\nshhttp.dll 2009-11-03 21:42:10 30720 ----a-w- c:\windows\system32\httpapi.dll 2009-10-29 09:17:42 2048 ----a-w- c:\windows\system32\tzres.dll 2009-07-20 09:30:23 723 ----a-w- c:\program files\install.adb 2008-01-21 02:57:01 174 --sha-w- c:\program files\desktop.ini 2006-11-02 12:39:34 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat 2006-11-02 12:39:34 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat 2006-11-02 12:39:34 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat 2006-11-02 12:39:34 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat 2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2005-03-22 03:49:14 287232 ----a-w- c:\program files\Adobelmsvc Installer.dll 2005-03-22 02:29:36 19533824 ----a-w- c:\program files\Photoshop.exe 2005-03-22 01:48:18 150644 ----a-w- c:\program files\TypeLibrary.tlb 2005-03-22 01:48:16 2142208 ----a-w- c:\program files\PSArt.dll 2005-03-22 01:48:14 1748992 ----a-w- c:\program files\PSViews.dll 2005-03-22 01:48:14 1323008 ----a-w- c:\program files\Photoshop.dll 2005-03-22 01:43:50 1144622 ----a-w- c:\program files\Tw10122.dat 2005-03-22 01:41:12 19980288 ----a-w- c:\program files\ImageReady.exe 2005-03-22 01:13:04 41984 ----a-w- c:\program files\Plugin.dll 2005-03-16 16:57:34 61440 ----a-w- c:\program files\regsresen_US.dll 2005-03-13 11:10:58 4096000 ----a-w- c:\program files\PDFL70.dll 2005-03-13 10:01:44 1805824 ----a-w- c:\program files\AGM.dll 2005-03-10 18:31:36 3715072 ----a-w- c:\program files\MPS.dll 2005-03-09 15:59:30 1560169 ----a-w- c:\program files\AdobeLM.dll 2005-03-09 02:32:48 151552 ----a-w- c:\program files\AXE8SharedExpat.dll 2005-03-09 02:32:48 151552 ----a-w- c:\program files\AXE16SharedExpat.dll 2005-03-09 02:17:28 475136 ----a-w- c:\program files\AdobeXMP.dll 2005-03-09 02:07:42 630784 ----a-w- c:\program files\ACE.dll 2005-03-09 02:07:42 266240 ----a-w- c:\program files\ARE.dll 2005-03-09 02:07:42 217088 ----a-w- c:\program files\BIBUtils.dll 2005-03-09 02:07:42 2162688 ----a-w- c:\program files\CoolType.dll 2005-03-09 02:07:42 180224 ----a-w- c:\program files\Bib.dll 2005-03-08 05:23:12 4153344 ----a-w- c:\program files\VersionCue.dll 2005-03-08 05:23:12 3170304 ----a-w- c:\program files\VersionCueUI.dll 2005-03-03 13:39:24 425984 ----a-w- c:\program files\AdobeUpdater.dll 2005-03-01 14:46:58 45486 ----a-w- c:\program files\Photoshop Read Me.wri 2005-02-25 11:50:00 157035 ----a-w- c:\program files\LegalNotices.pdf 2005-02-17 16:34:40 24971130 ----a-w- c:\program files\Photoshop_9.0_en-us.zip 2005-02-17 09:28:10 663552 ----a-w- c:\program files\FileInfo.dll 2005-02-15 00:03:42 561152 ----a-w- c:\program files\JP2KLib.dll 2005-02-11 11:45:00 13842 ----a-w- c:\program files\Activation ReadMe.htm 2005-02-10 11:36:14 143360 ----a-w- c:\program files\epic_eula.dll 2005-02-08 11:43:58 49152 ----a-w- c:\program files\persresen_US.dll 2005-02-08 11:43:58 45056 ----a-w- c:\program files\eularesen_US.dll 2005-02-07 06:45:06 5632 ----a-w- c:\program files\agldt28l.dll 2005-01-19 12:31:00 155648 ----a-w- c:\program files\epic_regs.dll 2005-01-18 10:31:12 114688 ----a-w- c:\program files\epic_pers.dll 2005-01-12 12:23:20 180224 ----a-w- c:\program files\pdfsettings.dll 2004-08-24 13:55:48 126976 ----a-w- c:\program files\asneu.dll 2004-06-22 10:57:52 589824 ----a-w- c:\program files\libagluc28.dll 2003-05-08 16:34:06 499712 ----a-w- c:\program files\msvcp71.dll 2003-05-08 16:32:52 348160 ----a-w- c:\program files\msvcr71.dll 2000-08-28 22:19:16 401462 ----a-w- c:\program files\MSVCP60.DLL 1999-12-03 04:01:32 22800 ----a-w- c:\program files\Shfolder.dll 1999-02-01 22:00:00 266293 ----a-w- c:\program files\Msvcrt.dll ============= FINISH: 10:36:20,15 =============== mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png

Profil

argus Poslao: 26 Jan 2010 13:22 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

gardinho Poslao: 26 Jan 2010 13:58 Idi na vrh
offline gardinho Građanin Pridružio: 16 Jun 2009 Poruke: 44	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 26 Jan 2010 13:56 ComboFix 10-01-25.06 - gardovic 26.01.2010 13:40:34.4.2 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.381.1033.18.1790.785 [GMT 1:00] Running from: c:\users\gardovic\Desktop\ComboFix.exe AV: ESET Smart Security 3.0 On-access scanning disabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: ESET Personal firewall disabled {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} SP: ESET Smart Security 3.0 disabled (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448} SP: Windows Defender enabled (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-2835369665-648357609-2305586480-500 c:\$recycle.bin\S-1-5-21-885978545-3571331056-212409877-500 c:\program files\Cheat Engine\dbk32.sys c:\users\gardovic\AppData\Roaming\Live PC Care c:\users\gardovic\AppData\Roaming\Live PC Care\cookies.sqlite c:\users\gardovic\AppData\Roaming\Live PC Care\Instructions.ini c:\users\gardovic\AppData\Roaming\Live PC Care\MSO.exe c:\windows\system32\oem7.inf . ((((((((((((((((((((((((( Files Created from 2009-12-26 to 2010-01-26 ))))))))))))))))))))))))))))))) . 2010-01-26 12:49 . 2010-01-26 12:49 -------- d-----w- c:\users\gardovic\AppData\Local\temp 2010-01-26 12:49 . 2010-01-26 12:49 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-01-26 08:59 . 2010-01-26 08:59 9 ----a-w- c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\kernel32.exe 2010-01-26 08:59 . 2010-01-26 08:59 57 ----a-w- c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\PE.exe 2010-01-26 08:59 . 2010-01-26 08:59 79 ----a-w- c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\kernel32.dll 2010-01-26 08:59 . 2010-01-26 08:59 69 ----a-w- c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\FW.dll 2010-01-26 08:59 . 2010-01-26 08:59 60 ----a-w- c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\fix.sys 2010-01-26 08:59 . 2010-01-26 08:59 5 ----a-w- c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\PE.dll 2010-01-26 08:59 . 2010-01-26 08:59 47 ----a-w- c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\exec.exe 2010-01-26 08:59 . 2010-01-26 08:59 22 ----a-w- c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\fix.exe 2010-01-26 08:59 . 2010-01-26 08:59 18 ----a-w- c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\FS.exe 2010-01-26 08:58 . 2010-01-26 08:58 67 ----a-w- c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\pal.dll 2010-01-26 08:58 . 2010-01-26 08:58 29 ----a-w- c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\ddv.drv 2010-01-26 08:58 . 2010-01-26 08:58 58 ----a-w- c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\snl2w.exe 2010-01-26 08:58 . 2010-01-26 08:58 58 ----a-w- c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\ppal.sys 2010-01-26 08:58 . 2010-01-26 08:58 37 ----a-w- c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\PE.sys 2010-01-26 08:58 . 2010-01-26 08:58 34 ----a-w- c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\FS.dll 2010-01-26 08:58 . 2010-01-26 08:58 22 ----a-w- c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\cb.dll 2010-01-26 08:58 . 2010-01-26 08:58 -------- d-sh--w- c:\programdata\LPARJBLBPCG 2010-01-26 08:57 . 2010-01-26 09:17 -------- d-sh--w- c:\programdata\8fb1da0 2010-01-13 09:31 . 2010-01-13 09:31 -------- d-----w- c:\program files\CCleaner 2010-01-13 09:11 . 2010-01-13 09:11 -------- d-----w- C:\8d3fd6da5fcecc09242f03c038dd 2010-01-13 09:11 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll 2010-01-13 09:11 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll 2010-01-13 08:36 . 2010-01-13 08:36 -------- d-----w- c:\program files\Common Files\Corel 2010-01-10 01:49 . 2010-01-10 01:49 -------- d-----w- C:\My Music . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-26 12:48 . 2009-10-07 21:05 -------- d-----w- c:\program files\Cheat Engine 2010-01-26 09:14 . 2009-01-30 10:58 12 ----a-w- c:\windows\bthservsdp.dat 2010-01-26 06:24 . 2009-01-03 23:48 -------- d-----w- c:\programdata\Google Updater 2010-01-23 13:20 . 2009-02-20 01:55 -------- d-----w- c:\users\gardovic\AppData\Roaming\Skype 2010-01-22 07:28 . 2009-05-26 12:08 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys 2010-01-22 06:32 . 2009-02-20 01:58 -------- d-----w- c:\users\gardovic\AppData\Roaming\skypePM 2010-01-22 06:30 . 2009-07-28 14:47 -------- d-----r- c:\program files\Skype 2010-01-22 06:18 . 2009-03-12 20:31 -------- d-----w- c:\program files\Microsoft Silverlight 2010-01-16 12:36 . 2008-12-27 23:32 28124 ----a-w- c:\programdata\nvModes.dat 2010-01-14 10:12 . 2009-10-03 09:28 181120 ------w- c:\windows\system32\MpSigStub.exe 2010-01-13 10:52 . 2008-02-18 06:55 -------- d-----w- c:\programdata\Microsoft Help 2010-01-13 10:52 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-01-13 09:32 . 2009-02-12 23:33 -------- d-----w- c:\users\gardovic\AppData\Roaming\Azureus 2010-01-13 08:40 . 2008-12-27 02:50 108192 ----a-w- c:\users\gardovic\AppData\Local\GDIPFONTCACHEV1.DAT 2010-01-13 08:39 . 2009-05-26 12:16 10134 ----a-r- c:\users\gardovic\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\ARPPRODUCTICON.exe 2010-01-13 08:39 . 2009-05-26 12:16 65536 ----a-r- c:\users\gardovic\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe 2010-01-02 06:38 . 2010-01-21 20:30 916480 ----a-w- c:\windows\system32\wininet.dll 2010-01-02 06:32 . 2010-01-21 20:30 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-01-02 06:32 . 2010-01-21 20:30 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-01-02 04:57 . 2010-01-21 20:30 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-12-29 20:17 . 2008-10-14 05:44 -------- d-----w- c:\program files\Google 2009-12-07 22:24 . 2009-06-10 10:25 -------- d-----w- c:\users\gardovic\AppData\Roaming\Apple Computer 2009-12-02 14:32 . 2009-03-15 15:55 -------- d-----w- c:\program files\Common Files\Real 2009-12-02 14:32 . 2009-12-02 14:32 -------- d-----w- c:\program files\Common Files\xing shared 2009-12-02 14:31 . 2009-12-02 14:31 -------- d-----w- c:\program files\real 2009-12-01 15:06 . 2009-12-01 15:05 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-12-01 15:06 . 2009-12-01 15:05 -------- d-----w- c:\program files\iTunes 2009-12-01 15:05 . 2009-12-01 15:05 -------- d-----w- c:\program files\iPod 2009-12-01 15:05 . 2009-06-10 10:20 -------- d-----w- c:\program files\Common Files\Apple 2009-12-01 15:01 . 2009-12-01 15:01 -------- d-----w- c:\program files\QuickTime 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Application Data\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-11-30 18:52 . 2009-11-21 18:52 439816 ----a-w- c:\users\gardovic\AppData\Roaming\Real\Update\setup3.09\setup.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-26 23:11 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-11-03 21:43 . 2009-12-10 00:01 24064 ----a-w- c:\windows\system32\nshhttp.dll 2009-11-03 21:42 . 2009-12-10 00:01 30720 ----a-w- c:\windows\system32\httpapi.dll 2009-11-03 19:41 . 2009-12-10 00:01 411648 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-29 09:17 . 2009-11-26 09:32 2048 ----a-w- c:\windows\system32\tzres.dll 2009-07-20 09:30 . 2009-07-20 09:30 723 ----a-w- c:\program files\install.adb 2005-03-22 03:49 . 2005-03-22 03:49 287232 ----a-w- c:\program files\Adobelmsvc Installer.dll 2005-03-22 02:29 . 2005-03-22 02:29 19533824 ----a-w- c:\program files\Photoshop.exe 2005-03-22 01:48 . 2005-03-22 01:48 150644 ----a-w- c:\program files\TypeLibrary.tlb 2005-03-22 01:48 . 2005-03-22 01:48 2142208 ----a-w- c:\program files\PSArt.dll 2005-03-22 01:48 . 2005-03-22 01:48 1748992 ----a-w- c:\program files\PSViews.dll 2005-03-22 01:48 . 2005-03-22 01:48 1323008 ----a-w- c:\program files\Photoshop.dll 2005-03-22 01:43 . 2005-03-22 01:43 1144622 ----a-w- c:\program files\Tw10122.dat 2005-03-22 01:41 . 2005-03-22 01:41 19980288 ----a-w- c:\program files\ImageReady.exe 2005-03-22 01:13 . 2005-03-22 01:13 41984 ----a-w- c:\program files\Plugin.dll 2005-03-16 16:57 . 2005-03-16 16:57 61440 ----a-w- c:\program files\regsresen_US.dll 2005-03-13 11:10 . 2005-03-13 11:10 4096000 ----a-w- c:\program files\PDFL70.dll 2005-03-13 10:01 . 2005-03-13 10:01 1805824 ----a-w- c:\program files\AGM.dll 2005-03-10 18:31 . 2005-03-10 18:31 3715072 ----a-w- c:\program files\MPS.dll 2005-03-09 15:59 . 2005-03-09 15:59 1560169 ----a-w- c:\program files\AdobeLM.dll 2005-03-09 02:32 . 2005-03-09 02:32 151552 ----a-w- c:\program files\AXE8SharedExpat.dll 2005-03-09 02:32 . 2005-03-09 02:32 151552 ----a-w- c:\program files\AXE16SharedExpat.dll 2005-03-09 02:17 . 2005-03-09 02:17 475136 ----a-w- c:\program files\AdobeXMP.dll 2005-03-09 02:07 . 2005-03-09 02:07 630784 ----a-w- c:\program files\ACE.dll 2005-03-09 02:07 . 2005-03-09 02:07 266240 ----a-w- c:\program files\ARE.dll 2005-03-09 02:07 . 2005-03-09 02:07 217088 ----a-w- c:\program files\BIBUtils.dll 2005-03-09 02:07 . 2005-03-09 02:07 2162688 ----a-w- c:\program files\CoolType.dll 2005-03-09 02:07 . 2005-03-09 02:07 180224 ----a-w- c:\program files\Bib.dll 2005-03-08 05:23 . 2005-03-08 05:23 4153344 ----a-w- c:\program files\VersionCue.dll 2005-03-08 05:23 . 2005-03-08 05:23 3170304 ----a-w- c:\program files\VersionCueUI.dll 2005-03-03 13:39 . 2005-03-03 13:39 425984 ----a-w- c:\program files\AdobeUpdater.dll 2005-03-01 14:46 . 2005-03-01 14:46 45486 ----a-w- c:\program files\Photoshop Read Me.wri 2005-02-25 11:50 . 2005-02-25 11:50 157035 ----a-w- c:\program files\LegalNotices.pdf 2005-02-17 16:34 . 2005-02-17 16:34 24971130 ----a-w- c:\program files\Photoshop_9.0_en-us.zip 2005-02-17 09:28 . 2005-02-17 09:28 663552 ----a-w- c:\program files\FileInfo.dll 2005-02-15 00:03 . 2005-02-15 00:03 561152 ----a-w- c:\program files\JP2KLib.dll 2005-02-11 11:45 . 2005-02-11 11:45 13842 ----a-w- c:\program files\Activation ReadMe.htm 2005-02-10 11:36 . 2005-02-10 11:36 143360 ----a-w- c:\program files\epic_eula.dll 2005-02-08 11:43 . 2005-02-08 11:43 49152 ----a-w- c:\program files\persresen_US.dll 2005-02-08 11:43 . 2005-02-08 11:43 45056 ----a-w- c:\program files\eularesen_US.dll 2005-02-07 06:45 . 2005-02-07 06:45 5632 ----a-w- c:\program files\agldt28l.dll 2005-01-19 12:31 . 2005-01-19 12:31 155648 ----a-w- c:\program files\epic_regs.dll 2005-01-18 10:31 . 2005-01-18 10:31 114688 ----a-w- c:\program files\epic_pers.dll 2005-01-12 12:23 . 2005-01-12 12:23 180224 ----a-w- c:\program files\pdfsettings.dll 2004-08-24 13:55 . 2004-08-24 13:55 126976 ----a-w- c:\program files\asneu.dll 2004-06-22 10:57 . 2004-06-22 10:57 589824 ----a-w- c:\program files\libagluc28.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-27 68856] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-08-06 6265376] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-02-13 1033512] "BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-07 34040] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-20 13543968] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-08-20 92704] "LManager"="c:\progra~1\LAUNCH~1\QtZyEmachine.EXE" [2008-06-24 817672] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-10-14 24064] "WarReg_PopUp"="c:\program files\eMachines\WR_PopUp\WarReg_PopUp.exe" [2008-05-09 49152] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-07-01 1447168] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-12-02 198160] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(b):03,71,29,5d,a7,6e,ca,01 R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [3.3.2008 22:11 16384] R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [1.7.2008 9:02 468224] R2 ETService;Empowering Technology Service;c:\program files\EMACHINES\eMachines Recovery Management\Service\ETService.exe [14.10.2008 6:42 24576] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [7.4.2008 7:42 50424] R2 regi;regi;c:\windows\System32\drivers\regi.sys [18.4.2007 4:09 11032] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [27.8.2008 6:49 212992] S2 EsetNod32Fix;Nod32 AV;c:\windows\regedit.exe [21.1.2008 3:34 134656] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [4.4.2008 12:03 131072] S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21.1.2008 3:33 21504] S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [14.10.2008 6:44 24064] --- Other Services/Drivers In Memory --- NewlyCreated - UXLCRKOB Deregistered - uxlcrkob [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contents of the 'Scheduled Tasks' folder 2010-01-26 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-27 13:16] 2010-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-18 21:03] 2010-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-18 21:03] . . ------- Supplementary Scan ------- . mStart Page = hxxp://home.sweetim.com uInternet Settings,ProxyOverride = .local IE: &Search - edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZRfox000 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html FF - ProfilePath - c:\users\gardovic\AppData\Roaming\Mozilla\Firefox\Profiles\8j47us04.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://google.com FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q= FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1487.6512\npCIDetect13.dll FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPAskSBr.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: c:\users\gardovic\AppData\Roaming\Mozilla\Firefox\Profiles\8j47us04.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - ORPHANS REMOVED - - - - WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) HKCU-Run-Live PC Care - c:\programdata\8fb1da0\LP8fb1.exe *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2010-01-26 13:49 Windows 6.0.6002 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKCU\Software\Microsoft\Windows\CurrentVersion\Run msnmsgr = "c:\program files\Windows Live\Messenger\msnmsgr.exe" /background??s scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2010-01-26 13:52:24 ComboFix-quarantined-files.txt 2010-01-26 12:52 ComboFix2.txt 2009-03-23 16:12 Pre-Run: 6.605.688.832 bytes free Post-Run: 6.577.532.928 bytes free - - End Of File - - CF6ED69A75AD5FBC45DFDAE4042EB14C Dopuna: 26 Jan 2010 13:58 mozda trebam napomenuti da su mi najveci problemi se javili kada se pojavio Live PC Care on mi je i javio to postojanje trojan virusa

Profil

argus Poslao: 26 Jan 2010 17:54 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovako, prvo pronadji ovaj fajl , evo ti putanja: C:\Qoobox\Quarantine\c:\program files\Cheat Engine\dbk32.sys Posalji ga preko ovog linka http://www.mycity.rs/ambulanta-upload.php --------------------- Zatim odradi sledece: Otvoriti Notepad i iskopirati sledeci tekst: File:: c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\kernel32.exe c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\PE.exe c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\kernel32.dll c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\FW.dll c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\fix.sys c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\PE.dll c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\exec.exe c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\fix.exe c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\FS.exe c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\pal.dll c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\ddv.drv c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\snl2w.exe c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\ppal.sys c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\PE.sys c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\FS.dll c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\cb.dll Folder:: c:\programdata\LPARJBLBPCG c:\programdata\8fb1da0 Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

gardinho Poslao: 26 Jan 2010 19:50 Idi na vrh
offline gardinho Građanin Pridružio: 16 Jun 2009 Poruke: 44	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! POSLAO SAM POTREBNI FAJ PREKO VASEG LINKA, e nasvaku vam saljem log nakon ciscenja/skeniranja ComboFix 10-01-26.01 - gardovic 26.01.2010 19:37:39.5.2 - x86 Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.381.1033.18.1790.853 [GMT 1:00] Running from: c:\users\gardovic\Desktop\ComboFix.exe Command switches used :: c:\users\gardovic\Desktop\CFScript.txt AV: ESET Smart Security 3.0 On-access scanning disabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: ESET Personal firewall disabled {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} SP: ESET Smart Security 3.0 disabled (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448} SP: Windows Defender enabled (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} FILE :: "c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\cb.dll" "c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\ddv.drv" "c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\exec.exe" "c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\fix.exe" "c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\fix.sys" "c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\FS.dll" "c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\FS.exe" "c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\FW.dll" "c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\kernel32.dll" "c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\kernel32.exe" "c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\pal.dll" "c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\PE.dll" "c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\PE.exe" "c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\PE.sys" "c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\ppal.sys" "c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\snl2w.exe" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\programdata\8fb1da0 c:\programdata\LPARJBLBPCG c:\programdata\LPARJBLBPCG\LPDJCG.cfg c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\cb.dll c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\ddv.drv c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\exec.exe c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\fix.exe c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\fix.sys c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\FS.dll c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\FS.exe c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\FW.dll c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\kernel32.dll c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\kernel32.exe c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\pal.dll c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\PE.dll c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\PE.exe c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\PE.sys c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\ppal.sys c:\users\gardovic\AppData\Roaming\Microsoft\Windows\Recent\snl2w.exe . ((((((((((((((((((((((((( Files Created from 2009-12-26 to 2010-01-26 ))))))))))))))))))))))))))))))) . 2010-01-26 18:44 . 2010-01-26 18:44 -------- d-----w- c:\users\gardovic\AppData\Local\temp 2010-01-26 18:44 . 2010-01-26 18:44 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-01-26 18:44 . 2010-01-26 18:44 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-01-26 13:12 . 2008-12-15 14:20 1677824 -c--a-w- c:\programdata\Microsoft\Windows\WER\ReportQueue\Report0371c7f4\bsplayer.exe 2010-01-26 13:12 . 2008-12-15 14:20 1677824 -c--a-w- c:\programdata\Application Data\Microsoft\Windows\WER\ReportQueue\Report0371c7f4\bsplayer.exe 2010-01-26 13:12 . 2008-12-15 14:20 1677824 -c--a-w- c:\programdata\Application Data\Application Data\Microsoft\Windows\WER\ReportQueue\Report0371c7f4\bsplayer.exe 2010-01-26 13:12 . 2008-12-15 14:20 1677824 -c--a-w- c:\programdata\Application Data\Application Data\Application Data\Microsoft\Windows\WER\ReportQueue\Report0371c7f4\bsplayer.exe 2010-01-26 13:12 . 2008-12-15 14:20 1677824 -c--a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\WER\ReportQueue\Report0371c7f4\bsplayer.exe 2010-01-26 13:12 . 2008-12-15 14:20 1677824 -c--a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\WER\ReportQueue\Report0371c7f4\bsplayer.exe 2010-01-26 13:12 . 2008-12-15 14:20 1677824 -c--a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\WER\ReportQueue\Report0371c7f4\bsplayer.exe 2010-01-26 13:12 . 2008-12-15 14:20 1677824 -c--a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\WER\ReportQueue\Report0371c7f4\bsplayer.exe 2010-01-26 13:12 . 2008-12-15 14:20 1677824 -c--a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\WER\ReportQueue\Report0371c7f4\bsplayer.exe 2010-01-26 13:12 . 2008-12-15 14:20 1677824 -c--a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\WER\ReportQueue\Report0371c7f4\bsplayer.exe 2010-01-26 13:12 . 2008-12-15 14:20 1677824 -c--a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\WER\ReportQueue\Report0371c7f4\bsplayer.exe 2010-01-13 09:31 . 2010-01-13 09:31 -------- d-----w- c:\program files\CCleaner 2010-01-13 09:11 . 2010-01-13 09:11 -------- d-----w- C:\8d3fd6da5fcecc09242f03c038dd 2010-01-13 09:11 . 2009-10-19 13:38 156672 ----a-w- c:\windows\system32\t2embed.dll 2010-01-13 09:11 . 2009-10-19 13:35 72704 ----a-w- c:\windows\system32\fontsub.dll 2010-01-13 08:36 . 2010-01-13 08:36 -------- d-----w- c:\program files\Common Files\Corel 2010-01-10 01:49 . 2010-01-10 01:49 -------- d-----w- C:\My Music . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-26 13:44 . 2009-01-30 10:58 12 ----a-w- c:\windows\bthservsdp.dat 2010-01-26 12:48 . 2009-10-07 21:05 -------- d-----w- c:\program files\Cheat Engine 2010-01-26 06:24 . 2009-01-03 23:48 -------- d-----w- c:\programdata\Google Updater 2010-01-23 13:20 . 2009-02-20 01:55 -------- d-----w- c:\users\gardovic\AppData\Roaming\Skype 2010-01-22 07:28 . 2009-05-26 12:08 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys 2010-01-22 06:32 . 2009-02-20 01:58 -------- d-----w- c:\users\gardovic\AppData\Roaming\skypePM 2010-01-22 06:30 . 2009-07-28 14:47 -------- d-----r- c:\program files\Skype 2010-01-22 06:18 . 2009-03-12 20:31 -------- d-----w- c:\program files\Microsoft Silverlight 2010-01-16 12:36 . 2008-12-27 23:32 28124 ----a-w- c:\programdata\nvModes.dat 2010-01-14 10:12 . 2009-10-03 09:28 181120 ------w- c:\windows\system32\MpSigStub.exe 2010-01-13 10:52 . 2008-02-18 06:55 -------- d-----w- c:\programdata\Microsoft Help 2010-01-13 10:52 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-01-13 09:32 . 2009-02-12 23:33 -------- d-----w- c:\users\gardovic\AppData\Roaming\Azureus 2010-01-13 08:40 . 2008-12-27 02:50 108192 ----a-w- c:\users\gardovic\AppData\Local\GDIPFONTCACHEV1.DAT 2010-01-13 08:39 . 2009-05-26 12:16 10134 ----a-r- c:\users\gardovic\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\ARPPRODUCTICON.exe 2010-01-13 08:39 . 2009-05-26 12:16 65536 ----a-r- c:\users\gardovic\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe 2010-01-02 06:38 . 2010-01-21 20:30 916480 ----a-w- c:\windows\system32\wininet.dll 2010-01-02 06:32 . 2010-01-21 20:30 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-01-02 06:32 . 2010-01-21 20:30 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-01-02 04:57 . 2010-01-21 20:30 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-12-29 20:17 . 2008-10-14 05:44 -------- d-----w- c:\program files\Google 2009-12-07 22:24 . 2009-06-10 10:25 -------- d-----w- c:\users\gardovic\AppData\Roaming\Apple Computer 2009-12-02 14:32 . 2009-03-15 15:55 -------- d-----w- c:\program files\Common Files\Real 2009-12-02 14:32 . 2009-12-02 14:32 -------- d-----w- c:\program files\Common Files\xing shared 2009-12-02 14:31 . 2009-12-02 14:31 -------- d-----w- c:\program files\real 2009-12-01 15:06 . 2009-12-01 15:05 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-12-01 15:06 . 2009-12-01 15:05 -------- d-----w- c:\program files\iTunes 2009-12-01 15:05 . 2009-12-01 15:05 -------- d-----w- c:\program files\iPod 2009-12-01 15:05 . 2009-06-10 10:20 -------- d-----w- c:\program files\Common Files\Apple 2009-12-01 15:01 . 2009-12-01 15:01 -------- d-----w- c:\program files\QuickTime 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Application Data\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-12-01 14:43 . 2009-12-01 14:43 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe 2009-11-30 18:52 . 2009-11-21 18:52 439816 ----a-w- c:\users\gardovic\AppData\Roaming\Real\Update\setup3.09\setup.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-29 12:03 . 2009-11-29 12:03 484976 ----a-w- c:\programdata\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Google Toolbar\Update\gtb569B.tmp.exe 2009-11-26 23:11 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2009-11-03 21:43 . 2009-12-10 00:01 24064 ----a-w- c:\windows\system32\nshhttp.dll 2009-11-03 21:42 . 2009-12-10 00:01 30720 ----a-w- c:\windows\system32\httpapi.dll 2009-11-03 19:41 . 2009-12-10 00:01 411648 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-29 09:17 . 2009-11-26 09:32 2048 ----a-w- c:\windows\system32\tzres.dll 2009-07-20 09:30 . 2009-07-20 09:30 723 ----a-w- c:\program files\install.adb 2005-03-22 03:49 . 2005-03-22 03:49 287232 ----a-w- c:\program files\Adobelmsvc Installer.dll 2005-03-22 02:29 . 2005-03-22 02:29 19533824 ----a-w- c:\program files\Photoshop.exe 2005-03-22 01:48 . 2005-03-22 01:48 150644 ----a-w- c:\program files\TypeLibrary.tlb 2005-03-22 01:48 . 2005-03-22 01:48 2142208 ----a-w- c:\program files\PSArt.dll 2005-03-22 01:48 . 2005-03-22 01:48 1748992 ----a-w- c:\program files\PSViews.dll 2005-03-22 01:48 . 2005-03-22 01:48 1323008 ----a-w- c:\program files\Photoshop.dll 2005-03-22 01:43 . 2005-03-22 01:43 1144622 ----a-w- c:\program files\Tw10122.dat 2005-03-22 01:41 . 2005-03-22 01:41 19980288 ----a-w- c:\program files\ImageReady.exe 2005-03-22 01:13 . 2005-03-22 01:13 41984 ----a-w- c:\program files\Plugin.dll 2005-03-16 16:57 . 2005-03-16 16:57 61440 ----a-w- c:\program files\regsresen_US.dll 2005-03-13 11:10 . 2005-03-13 11:10 4096000 ----a-w- c:\program files\PDFL70.dll 2005-03-13 10:01 . 2005-03-13 10:01 1805824 ----a-w- c:\program files\AGM.dll 2005-03-10 18:31 . 2005-03-10 18:31 3715072 ----a-w- c:\program files\MPS.dll 2005-03-09 15:59 . 2005-03-09 15:59 1560169 ----a-w- c:\program files\AdobeLM.dll 2005-03-09 02:32 . 2005-03-09 02:32 151552 ----a-w- c:\program files\AXE8SharedExpat.dll 2005-03-09 02:32 . 2005-03-09 02:32 151552 ----a-w- c:\program files\AXE16SharedExpat.dll 2005-03-09 02:17 . 2005-03-09 02:17 475136 ----a-w- c:\program files\AdobeXMP.dll 2005-03-09 02:07 . 2005-03-09 02:07 630784 ----a-w- c:\program files\ACE.dll 2005-03-09 02:07 . 2005-03-09 02:07 266240 ----a-w- c:\program files\ARE.dll 2005-03-09 02:07 . 2005-03-09 02:07 217088 ----a-w- c:\program files\BIBUtils.dll 2005-03-09 02:07 . 2005-03-09 02:07 2162688 ----a-w- c:\program files\CoolType.dll 2005-03-09 02:07 . 2005-03-09 02:07 180224 ----a-w- c:\program files\Bib.dll 2005-03-08 05:23 . 2005-03-08 05:23 4153344 ----a-w- c:\program files\VersionCue.dll 2005-03-08 05:23 . 2005-03-08 05:23 3170304 ----a-w- c:\program files\VersionCueUI.dll 2005-03-03 13:39 . 2005-03-03 13:39 425984 ----a-w- c:\program files\AdobeUpdater.dll 2005-03-01 14:46 . 2005-03-01 14:46 45486 ----a-w- c:\program files\Photoshop Read Me.wri 2005-02-25 11:50 . 2005-02-25 11:50 157035 ----a-w- c:\program files\LegalNotices.pdf 2005-02-17 16:34 . 2005-02-17 16:34 24971130 ----a-w- c:\program files\Photoshop_9.0_en-us.zip 2005-02-17 09:28 . 2005-02-17 09:28 663552 ----a-w- c:\program files\FileInfo.dll 2005-02-15 00:03 . 2005-02-15 00:03 561152 ----a-w- c:\program files\JP2KLib.dll 2005-02-11 11:45 . 2005-02-11 11:45 13842 ----a-w- c:\program files\Activation ReadMe.htm 2005-02-10 11:36 . 2005-02-10 11:36 143360 ----a-w- c:\program files\epic_eula.dll 2005-02-08 11:43 . 2005-02-08 11:43 49152 ----a-w- c:\program files\persresen_US.dll 2005-02-08 11:43 . 2005-02-08 11:43 45056 ----a-w- c:\program files\eularesen_US.dll 2005-02-07 06:45 . 2005-02-07 06:45 5632 ----a-w- c:\program files\agldt28l.dll 2005-01-19 12:31 . 2005-01-19 12:31 155648 ----a-w- c:\program files\epic_regs.dll 2005-01-18 10:31 . 2005-01-18 10:31 114688 ----a-w- c:\program files\epic_pers.dll 2005-01-12 12:23 . 2005-01-12 12:23 180224 ----a-w- c:\program files\pdfsettings.dll 2004-08-24 13:55 . 2004-08-24 13:55 126976 ----a-w- c:\program files\asneu.dll 2004-06-22 10:57 . 2004-06-22 10:57 589824 ----a-w- c:\program files\libagluc28.dll . ((((((((((((((((((((((((((((( SnapShot@2010-01-26_12.49.33 ))))))))))))))))))))))))))))))))))))))))) . - 2008-01-21 01:58 . 2010-01-26 09:20 51138 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2008-01-21 01:58 . 2010-01-26 14:03 51138 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin - 2006-11-02 13:02 . 2010-01-26 09:20 77550 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2006-11-02 13:02 . 2010-01-26 14:03 77550 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2008-12-27 02:50 . 2010-01-26 09:20 12020 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2835369665-648357609-2305586480-1000_UserData.bin + 2008-12-27 02:50 . 2010-01-26 14:03 12020 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2835369665-648357609-2305586480-1000_UserData.bin - 2010-01-26 09:18 . 2010-01-26 09:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2010-01-26 14:02 . 2010-01-26 14:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2010-01-26 14:02 . 2010-01-26 14:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2010-01-26 09:18 . 2010-01-26 09:18 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-27 68856] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 249856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="RtHDVCpl.exe" [2008-08-06 6265376] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-02-13 1033512] "BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-07 34040] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-20 13543968] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-08-20 92704] "LManager"="c:\progra~1\LAUNCH~1\QtZyEmachine.EXE" [2008-06-24 817672] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-10-14 24064] "WarReg_PopUp"="c:\program files\eMachines\WR_PopUp\WarReg_PopUp.exe" [2008-05-09 49152] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-07-01 1447168] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-12-02 198160] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(b):03,71,29,5d,a7,6e,ca,01 R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [3.3.2008 22:11 16384] R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [1.7.2008 9:02 468224] R2 ETService;Empowering Technology Service;c:\program files\EMACHINES\eMachines Recovery Management\Service\ETService.exe [14.10.2008 6:42 24576] R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [7.4.2008 7:42 50424] R2 regi;regi;c:\windows\System32\drivers\regi.sys [18.4.2007 4:09 11032] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [27.8.2008 6:49 212992] S2 EsetNod32Fix;Nod32 AV;c:\windows\regedit.exe [21.1.2008 3:34 134656] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [4.4.2008 12:03 131072] S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [21.1.2008 3:33 21504] S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [14.10.2008 6:44 24064] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contents of the 'Scheduled Tasks' folder 2010-01-26 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-27 13:16] 2010-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-18 21:03] 2010-01-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-18 21:03] . . ------- Supplementary Scan ------- . mStart Page = hxxp://home.sweetim.com uInternet Settings,ProxyOverride = .local IE: &Search - edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZRfox000 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html FF - ProfilePath - c:\users\gardovic\AppData\Roaming\Mozilla\Firefox\Profiles\8j47us04.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://google.com FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q= FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1487.6512\npCIDetect13.dll FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPAskSBr.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: c:\users\gardovic\AppData\Roaming\Mozilla\Firefox\Profiles\8j47us04.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2010-01-26 19:44 Windows 6.0.6002 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKCU\Software\Microsoft\Windows\CurrentVersion\Run msnmsgr = "c:\program files\Windows Live\Messenger\msnmsgr.exe" /background??s scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2010-01-26 19:47:40 ComboFix-quarantined-files.txt 2010-01-26 18:47 ComboFix2.txt 2010-01-26 12:52 ComboFix3.txt 2009-03-23 16:12 Pre-Run: 6.446.407.680 bytes free Post-Run: 6.412.599.296 bytes free - - End Of File - - 88E4F03865850D6E13B40141744D19CA

Profil

argus Poslao: 26 Jan 2010 22:42 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Moram da te zamolim da upload-ujes jos jednom onaj file, imamo problema posto se selimo na drugi server, tako da nismo dobili file. Za svaki slucaj upload-uj ga i preko ovog linka http://www.speedyshare.com/ i postavi mi link za download da mogu da ga skinem. Veoma je vazno, hvala.

Profil

gardinho Poslao: 26 Jan 2010 23:07 Idi na vrh
offline gardinho Građanin Pridružio: 16 Jun 2009 Poruke: 44	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! speedyshare.com/files/20xxx2799/dbk32.sys.vir Evo brate, nadam se da je to to... izvini ti, i hvala veliko na vrmenu posvecenom meni, pozzz

Profil

argus Poslao: 27 Jan 2010 20:33 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Preuzmi ovaj file na desktop, pokreni ga, klikni yes\ok https://www.mycity.rs/must-login.png Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » molim za pomoc

Ko je trenutno na forumu

Ukupno su 457 korisnika na forumu :: 16 registrovanih, 0 sakrivenih i 441 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., bbogdan, Bubimir, darkojbn, dekan.m, drimer, DrugiREI, Marko Marković, Milos82, miodrag, prle122, vladaa012, yrraf, zziko, 1107

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by