Možda tražite i:
problem s kasperskym
Kaspersky Anti-Virus PROBLEM !!!
Kaspersky Admin Kit problem

MyCity » Ambulanta -> Arhiva Ambulante » problem sa kasperskim

problem sa kasperskim

Napisano na dan: 14.8.2008

Strana:
1
2

problem sa kasperskim

Sledeća strana

Pagination

Odgovori

Strana:
1
2

borov Poslao: 14 Avg 2008 11:28 Idi na vrh
offline borov Novi MyCity građanin Pridružio: 22 Jul 2006 Poruke: 11	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! pozdrav skinuo sam kaspersky 8.0.0.454 i nece da se aktivira. verovatno mi neki virus pravi probleme. imao sam nod 32 koji je propustio neki virus i sada imam svega i svacega na kompu. evo loga sa ComboFix-a ComboFix 08-08-13.02 - user 2008-08-14 10:21:03.1 - NTFSx86 Running from: C:\Documents and Settings\user\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\_desktop.ini C:\20.08.07\_desktop.ini C:\20.08.DO 25.08\_desktop.ini C:\2008 slike\_desktop.ini C:\2008 slike\536 T 153 MERCEDES 124\_desktop.ini C:\2008 slike\AUDI A6 ZA PG\_desktop.ini C:\2008 slike\ba 488 36\_desktop.ini C:\2008 slike\bager budva\_desktop.ini C:\2008 slike\bager cat budva\_desktop.ini C:\2008 slike\BD 176 28 OPEL ASTRA\_desktop.ini C:\2008 slike\BD 190 82 Toyota yaris NLB leas. Dancar d.o.o\_desktop.ini C:\2008 slike\bd 190 82 toyota yaris\_desktop.ini C:\2008 slike\BG 779 066 OPEL CORSA\_desktop.ini C:\2008 slike\br 159 17 vw golf2\_desktop.ini C:\2008 slike\br 178 53 vw golf 2 popravljen\_desktop.ini C:\2008 slike\BR 19 95 MERCEDES 123\_desktop.ini C:\2008 slike\br 206 78 vw golf 3 taxi\_desktop.ini C:\2008 slike\br 219 19 opel kadet\_desktop.ini C:\2008 slike\BR 246 64 RENAULT KANGO\_desktop.ini C:\2008 slike\br 261 20 yugo\_desktop.ini C:\2008 slike\br 303 18 alfa 156 pero\_desktop.ini C:\2008 slike\BR 313 31 LANCIA\_desktop.ini C:\2008 slike\BR 314 54 VW GOLF 3\_desktop.ini C:\2008 slike\BR 327 85 Pasat kasko steta saric\_desktop.ini C:\2008 slike\br 331 55 peugeot 106\_desktop.ini C:\2008 slike\br 331 82 audi a4\_desktop.ini C:\2008 slike\br 332 90 ford star taxi\_desktop.ini C:\2008 slike\br 333 85 ford mon.star taxi 2\_desktop.ini C:\2008 slike\br 333 85 ford mondeo star taxi\_desktop.ini C:\2008 slike\br 335 68 passat\_desktop.ini C:\2008 slike\br 340 68 renault cangu\_desktop.ini C:\2008 slike\BR 350 71 MERCEDES 200D\_desktop.ini C:\2008 slike\BR 358 46 AUDI A6\_desktop.ini C:\2008 slike\br 359 27 ford explorer\_desktop.ini C:\2008 slike\br 360 97 skoda fabia\_desktop.ini C:\2008 slike\br 362 90 alfa\_desktop.ini C:\2008 slike\BR 367 15 PEUGEOT 307\_desktop.ini C:\2008 slike\br 368 40 mercedes cl\_desktop.ini C:\2008 slike\br 368 64 ford c max star taxi\_desktop.ini C:\2008 slike\br 368 65 ford c max star taxi\_desktop.ini C:\2008 slike\BR 372 10 HYNDAI djip kasko p\_desktop.ini C:\2008 slike\br 377 362 audi 100\_desktop.ini C:\2008 slike\CITROEN C4 JELENIC YA KASKO POL\_desktop.ini C:\2008 slike\djip nedjo sutomore\_desktop.ini C:\2008 slike\HN 238 25 POLO\_desktop.ini C:\2008 slike\hsk ma 38 hyundai tucson njemac\_desktop.ini C:\2008 slike\hummer h3 kasko\_desktop.ini C:\2008 slike\iveco kombi za irenu k.p\_desktop.ini C:\2008 slike\kasko p. br 361 90 golf 5\_desktop.ini C:\2008 slike\kasko terius dehacu papan\_desktop.ini C:\2008 slike\ko 237 07 buba wol\_desktop.ini C:\2008 slike\kotor rajo pasat i cuv dzip k.p\_desktop.ini C:\2008 slike\mitsubishi pajero za kasko polisu\_desktop.ini C:\2008 slike\nk 470 04 opel omega\_desktop.ini C:\2008 slike\nk 499 07 man kami.za moma\_desktop.ini C:\2008 slike\OPEL KADET bez tablica sutomore\_desktop.ini C:\2008 slike\p 3123 golf 2\_desktop.ini C:\2008 slike\pg 114 483 ford mondeo\_desktop.ini C:\2008 slike\pg 896 92 dacia\_desktop.ini C:\2008 slike\ul 109 00 fiat\_desktop.ini C:\2008 slike\UL 116 46 PEUGEOT 106\_desktop.ini C:\2008 slike\UL 116 61 MERCED.KOMBI\_desktop.ini C:\2008 slike\ul 128 00 vw golf3\_desktop.ini C:\2008 slike\ul 142 50 passat\_desktop.ini C:\2008 slike\ul 158 66 vw polo\_desktop.ini C:\2008 slike\ul 167 06 mercedes e 270 cdi\_desktop.ini C:\2008 slike\UL 61 91 GOLF 2\_desktop.ini C:\2008 slike\ul171 25 renault kangoo\_desktop.ini C:\22.07.07\_desktop.ini C:\ALFA BOBO YIVA\_desktop.ini C:\apartmani ulcinj\_desktop.ini C:\asko import 23.10.07\_desktop.ini C:\ASKO IMPORT PRADA ZA IRENU\_desktop.ini C:\asko import terios.za irenu\_desktop.ini C:\asko import\_desktop.ini C:\audi a6 ko301 30 kas.p.steta vido\_desktop.ini C:\audi a6 sveti stefan\_desktop.ini C:\AUTO TAMARIS TIVAT ZA IRENU\_desktop.ini C:\auto tamaris\_desktop.ini C:\autobus kasko ct169 23\_desktop.ini C:\bigovic\_desktop.ini C:\bmw ul\_desktop.ini C:\Bon Voyage-za Igora\_desktop.ini C:\boro\_desktop.ini C:\boro\IGOR\_desktop.ini C:\boro\Posao\_desktop.ini C:\boro\Posao\osig. Stanovi\_desktop.ini C:\boro\Posao\osig. Stanovi\57 raicevic\_desktop.ini C:\boro\Posao\osig. Stanovi\58 storno\_desktop.ini C:\boro\Posao\osig. Stanovi\59 milicevic\_desktop.ini C:\boro\Posao\osig. Stanovi\60 storno\_desktop.ini C:\boro\Posao\osig. Stanovi\61 storno\_desktop.ini C:\boro\Posao\osig. Stanovi\62 miseljic\_desktop.ini C:\boro\Posao\osig. Stanovi\63 aleksijevic\_desktop.ini C:\boro\Posao\ZELJKO\_desktop.ini C:\BUS BD192 17\_desktop.ini C:\citroen c4 ko262 15\_desktop.ini C:\CITROEN C4 STETA ZELJKA\_desktop.ini C:\corona - hiundai\_desktop.ini C:\Documents and Settings\All Users\Documents\_desktop.ini C:\Documents and Settings\All Users\Documents\My Music\_desktop.ini C:\Documents and Settings\All Users\Documents\My Music\My Playlists\_desktop.ini C:\Documents and Settings\All Users\Documents\My Music\Sample Music\_desktop.ini C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\_desktop.ini C:\Documents and Settings\All Users\Documents\My Music\Sample Playlists\000F7F1A\_desktop.ini C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\_desktop.ini C:\Documents and Settings\All Users\Documents\My Music\Sync Playlists\00AFD156\_desktop.ini C:\Documents and Settings\All Users\Documents\My Pictures\_desktop.ini C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\_desktop.ini C:\Documents and Settings\All Users\Documents\My Videos\_desktop.ini C:\eldorado kasko lokal\_desktop.ini C:\elison-lada niva\_desktop.ini C:\familija\_desktop.ini C:\fiat punto za irenu\_desktop.ini C:\fiat stilo kasko pol. za svetlanu\_desktop.ini C:\ford\_desktop.ini C:\gliser j.r\_desktop.ini C:\great wall -asko imp 3 dzipa\_desktop.ini C:\hn vespa\_desktop.ini C:\hotel otrant\_desktop.ini C:\imovina\_desktop.ini C:\izvjestaji Veljko L\_desktop.ini C:\izvjestaji Veljko L\procjena 2007\_desktop.ini C:\k.s.m\_desktop.ini C:\kamion reno ct 182-70kas\_desktop.ini C:\KASKO MULTIVEN VW ZA HN\_desktop.ini C:\KASKO PIKAP\_desktop.ini C:\kasko pol. sutomore\_desktop.ini C:\KASKO POL.PEZO 207.KO\_desktop.ini C:\kasko slike za polisu suzuki br331 12\_desktop.ini C:\KASKO TOYOTA YARIS\_desktop.ini C:\kasko voz.tivat zeljko\_desktop.ini C:\kasko za igora\_desktop.ini C:\kontenjer\_desktop.ini C:\KRAJ 2007 SLIKE\_desktop.ini C:\kuca kod autobuske\_desktop.ini C:\kuca ul\_desktop.ini C:\lada kasko\_desktop.ini C:\lalic26.09\_desktop.ini C:\lazar\_desktop.ini C:\MAKEDONSKO 8 UDESA\_desktop.ini C:\masine\_desktop.ini C:\mediteran auto skola\_desktop.ini C:\mercedes expo commerce\_desktop.ini C:\micu. pajero -kasko\_desktop.ini C:\motor hn0246 misita\_desktop.ini C:\motor hn0246 misita\expo com.man ko252 93\_desktop.ini C:\music\_desktop.ini C:\music\Ayo-Joyfull\_desktop.ini C:\music\Barbra Streisand - Love Songs\_desktop.ini C:\music\Beatles- Hey Jude\_desktop.ini C:\music\best rock ballads\_desktop.ini C:\music\Billy Idol - Greatest Hits\_desktop.ini C:\music\Bryan Ferry & Roxi Music - Streetlife 20 Greatest Hits\_desktop.ini C:\music\Cardigans-Acoustic-2006\_desktop.ini C:\music\Doobie Brothers - Greatest Hits (2001)\_desktop.ini C:\music\Elvis Presley-Essential\_desktop.ini C:\music\miladin sobic\_desktop.ini C:\music\miladin sobic\Sobic- singli\_desktop.ini C:\music\miladin sobic\Sobic- Umjesto gluposti 1982\_desktop.ini C:\music\miladin sobic\Sobic - demo snimci\_desktop.ini C:\music\miladin sobic\Sobic - Oziljak 1981\_desktop.ini C:\music\ost\-Peter_Tosh_-_Gold\_desktop.ini C:\music\ost\_desktop.ini C:\music\ost\01-Skid_Row\_desktop.ini C:\music\ost\01-Skid_Row\01-Skid Row\_desktop.ini C:\music\ost\AIR-DISCOGRAPHY\_desktop.ini C:\music\ost\AIR-DISCOGRAPHY\Air-10000 Hz Legend\_desktop.ini C:\music\ost\AIR-DISCOGRAPHY\Air-Moon Safari\_desktop.ini C:\music\ost\AIR-DISCOGRAPHY\Air-Moon Safari\Air-Moon Safari\_desktop.ini C:\music\ost\AIR-DISCOGRAPHY\Air-Talkie Walkie\_desktop.ini C:\music\ost\AIR-DISCOGRAPHY\Air - Premiers Symptomes\_desktop.ini C:\music\ost\AIR-DISCOGRAPHY\Air -The Virgin Suicides (OST)\_desktop.ini C:\music\ost\American Gangster -Soundtrack\_desktop.ini C:\music\ost\Arctic Monkeys - Favourite Worst Nightmare\_desktop.ini C:\music\ost\autoodgovornost docs\_desktop.ini C:\music\ost\bon jovi -new jersey\_desktop.ini C:\music\ost\dnevni izvestaji finansije docs\_desktop.ini C:\music\ost\dopisi docs\_desktop.ini C:\music\ost\evidencije - obrasci docs\_desktop.ini C:\music\ost\Frank Zappa-best of\_desktop.ini C:\music\ost\granicno os docs\_desktop.ini C:\music\ost\guns n roses-Apettite for destruction\_desktop.ini C:\music\ost\Hooverphonic - The President Of The LSD Golf Club (2007)\_desktop.ini C:\music\ost\izvestaji docs\_desktop.ini C:\music\ost\izvestaji docs\izvestaji 2007\_desktop.ini C:\music\ost\izvestaji docs\izvestaji 2008\_desktop.ini C:\music\ost\Juno Soundtrack\_desktop.ini C:\music\ost\kasko -X- docs\_desktop.ini C:\music\ost\kasko -X- docs\kontejneri kasko\_desktop.ini C:\music\ost\kasko -X- docs\kontejneri kasko\slike\_desktop.ini C:\music\ost\kasko -X- docs\kontejneri kasko\slike\14.01.08\_desktop.ini C:\music\ost\kasko -X- docs\kontejneri kasko\slike\30.01.08\_desktop.ini C:\music\ost\kasko -X- docs\slike kasko\_desktop.ini C:\music\ost\kasko -X- docs\slike kasko\iveco30.01.08\_desktop.ini C:\music\ost\kasko -X- docs\slike kasko\kontenjeri jadroagent\_desktop.ini C:\music\ost\kasko -X- docs\slike kasko\kontenjeri jadroagent\frigo 40,03.01.08\_desktop.ini C:\music\ost\kasko -X- docs\slike kasko\mitsubishi pajero cronus\_desktop.ini C:\music\ost\kasko -X- docs\slike kasko\seat altea cronus\_desktop.ini C:\music\ost\kasko -X- docs\vozila kasko\_desktop.ini C:\music\ost\kasko plovila docs\_desktop.ini C:\music\ost\marketing docs\_desktop.ini C:\music\ost\masine od loma -III -docs\_desktop.ini C:\music\ost\MORCHEEBA-DISCOGRAPHY\_desktop.ini C:\music\ost\MORCHEEBA-DISCOGRAPHY\1.Morcheeba-Who Can You Trust(1996)\_desktop.ini C:\music\ost\MORCHEEBA-DISCOGRAPHY\2.Morcheeba-Big Calm(1998-)\_desktop.ini C:\music\ost\MORCHEEBA-DISCOGRAPHY\3.Morcheeba-Fragments of Freedom(2000)\_desktop.ini C:\music\ost\MORCHEEBA-DISCOGRAPHY\4.Morcheeba-Charango(2002)\_desktop.ini C:\music\ost\MORCHEEBA-DISCOGRAPHY\5.Morcheeba-Parts Of The Process(2003)\_desktop.ini C:\music\ost\MORCHEEBA-DISCOGRAPHY\6.Morcheeba-The Antidote(2005)\_desktop.ini C:\music\ost\MORCHEEBA-DISCOGRAPHY\6.Morcheeba-The Antidote(2005)\Morcheeba - The Antidote\_desktop.ini C:\music\ost\MORCHEEBA-DISCOGRAPHY\7.Morcheeba - Get Mashed (2005)\_desktop.ini C:\music\ost\MORCHEEBA-DISCOGRAPHY\7.Morcheeba - The Platinum Collection(2006)\_desktop.ini C:\music\ost\MORCHEEBA-DISCOGRAPHY\8.Morcheeba-Dive Deep(2007)\_desktop.ini C:\music\ost\Motley Crue- DR Feelgood\_desktop.ini C:\music\ost\nezgoda docs\_desktop.ini C:\music\ost\nezgoda docs\info turizam\_desktop.ini C:\music\ost\Nick Cave-Abbatoir Blues#Lyre of Orpheus\_desktop.ini C:\music\ost\Nick Cave-Abbatoir Blues#Lyre of Orpheus\Abattoir Blues\_desktop.ini C:\music\ost\Nick Cave-Abbatoir Blues#Lyre of Orpheus\Lyre of Orpheus\_desktop.ini C:\music\ost\obav osig plovila docs\_desktop.ini C:\music\ost\obj u izgradnji -VII-docs\_desktop.ini C:\music\ost\odgovornost iz djel docs\_desktop.ini C:\music\ost\osig elek racunara i proc- XVII-docs\_desktop.ini C:\music\ost\osig kredita docs\_desktop.ini C:\music\ost\osig opasnosti od prekida rada zbog pozara -IX-docs\_desktop.ini C:\music\ost\osiguranici docs\_desktop.ini C:\music\ost\osiguranici docs\2007\_desktop.ini C:\music\ost\osiguranici docs\2007\Somova Natalija - imovina\_desktop.ini C:\music\ost\osiguranici docs\2008\_desktop.ini C:\music\ost\pokretna tehnika-XIX-docs\_desktop.ini C:\music\ost\ponude docs\_desktop.ini C:\music\ost\pozar-I- docs\_desktop.ini C:\music\ost\pozar-I- docs\NUSHI KOL\_desktop.ini C:\music\ost\pozar-I- docs\STANOVIC LEONARD\_desktop.ini C:\music\ost\prov kradja i razbojnistvo -IV-docs\_desktop.ini C:\music\ost\putnicko zdr os docs\_desktop.ini C:\music\ost\RAGE AGAINST THE MACHINE - Evil Empire\_desktop.ini C:\music\ost\RAGE AGAINST THE MACHINE - Rage against the machine\_desktop.ini C:\music\ost\SIMON & GARFUNKEL -ESSENTIAL\_desktop.ini C:\music\ost\stan i stv dom doc\_desktop.ini C:\music\ost\Tanita Tikaram- Best of\_desktop.ini C:\music\ost\transport docs\_desktop.ini C:\music\ost\transport docs\fotosi\_desktop.ini C:\music\ost\transport docs\fotosi\8 mart bukova gradja 12.07\_desktop.ini C:\music\ost\transport docs\TARIFE\_desktop.ini C:\music\ost\transport docs\UGOVORI\_desktop.ini C:\music\ost\transport docs\UPUTSTVA, PRIJAVA OSIGURANJA\_desktop.ini C:\music\ost\transport docs\USLOVI\_desktop.ini C:\music\ost\ugovori docs\_desktop.ini C:\music\ost\upitnici docs\_desktop.ini C:\music\ost\vaya con dios-best of\_desktop.ini C:\music\ost\WALDECK-Balance of the force\_desktop.ini C:\music\ost\WALDECK-Ballroom Stories\_desktop.ini C:\music\ost\zakoni docs\_desktop.ini C:\music\The Beatles-Hard Days Night\_desktop.ini C:\music\The Beatles-Hard Days Night\The Beatles - Hard Days Night - 1964\_desktop.ini C:\music\The Very Best of MTV Unplugged\_desktop.ini C:\music\The Very Best of MTV Unplugged\Covers\_desktop.ini C:\N.M.T.G.za irenu 2 busa\_desktop.ini C:\New Folder\_desktop.ini C:\nis audi a6 budva\_desktop.ini C:\NMTG BUS 1 I 2 CARINA\_desktop.ini C:\NMTG d.o.o\_desktop.ini C:\olimpia expres bus2 za irenu\_desktop.ini C:\pasat\_desktop.ini C:\PEUGEOT 407 RADULOVIC\_desktop.ini C:\preuzeto\_desktop.ini C:\preuzeto\New Folder\_desktop.ini C:\RECYCLER\_desktop.ini C:\renaut megan kasko bd\_desktop.ini C:\sasa radovic\_desktop.ini C:\skoda octavia tivat\_desktop.ini C:\skoda oktavija za irenu pg k.p\_desktop.ini C:\skoda za irenu\_desktop.ini C:\slike\_desktop.ini C:\slike\01,02.09\_desktop.ini C:\slike\01.11.06.ul golf audi a6 ford eskord\_desktop.ini C:\slike\04.12.06.pasat br305 55\_desktop.ini C:\slike\05.09.golf5\_desktop.ini C:\slike\08.09.ford esk\_desktop.ini C:\slike\08.11.06.fiat marea.br297 99\_desktop.ini C:\slike\08.12.06.golf 4.p200 285.mediteran go.i.matz\_desktop.ini C:\slike\09.11.06.golfovi 2.bd116 44.bd51 37\_desktop.ini C:\slike\11 10.fiat bravo br282 33\_desktop.ini C:\slike\11.12.06.jeta.br279 08\_desktop.ini C:\slike\12.10.lada dizdarevic ul123 32\_desktop.ini C:\slike\12.12.06.hjundai br 296 96\_desktop.ini C:\slike\13.12.06.br308 04.daewoo lanos\_desktop.ini C:\slike\14.09.merced\_desktop.ini C:\slike\14.10 multiprint golf2\_desktop.ini C:\slike\19.09.gol.audi\_desktop.ini C:\slike\19.10.ford eskord pg 308 23\_desktop.ini C:\slike\20.09.audigolf\_desktop.ini C:\slike\20.10audi 80br28308\_desktop.ini C:\slike\22.08.06 ren.lav\_desktop.ini C:\slike\22.09.bmw\_desktop.ini C:\slike\23.08.06.vektra\_desktop.ini C:\slike\24.10merc.vito.br177.60\_desktop.ini C:\slike\25 08 06 golf 2\_desktop.ini C:\slike\25.09.fiatmar\_desktop.ini C:\slike\26.10fi.uno ul141 90.i merc.pv222 60\_desktop.ini C:\slike\27.09.pun.mer.ilic\_desktop.ini C:\slike\27.10.bmw.mup.audi bd122 17\_desktop.ini C:\slike\28 .08.06.MAZDA 6\_desktop.ini C:\slike\28.12.06.golf 3br243 52\_desktop.ini C:\slike\28.29..08.06\_desktop.ini C:\slike\28.29..08.06\golf 2 29.08.06\_desktop.ini C:\slike\28.29..08.06\punto 29.08\_desktop.ini C:\slike\30.10.ul 47 01 fiat uno\_desktop.ini C:\slike\31.08.06 audi\_desktop.ini C:\slike\31.10.seat toledo nk 387 10\_desktop.ini C:\slike\audi a3hn118 28.06 11 06 jokanovic\_desktop.ini C:\slike\audia3 br297 97.pezo.vw caddy 21 12.06 kasko\_desktop.ini C:\slike\familija 2\_desktop.ini C:\slike\fiat brava\_desktop.ini C:\slike\fiat punto br299 51\_desktop.ini C:\slike\g i m 14.08\_desktop.ini C:\slike\gilf br 173 30\_desktop.ini C:\slike\golf 2 br 130 65 usluzni zap\_desktop.ini C:\slike\golf 2 golf 3 fiat uno\_desktop.ini C:\slike\golf 3 br 284 28\_desktop.ini C:\slike\golf 3 br29389\_desktop.ini C:\slike\golf bd149 77.ford fiesta bd119 21.budva\_desktop.ini C:\slike\hjundaji\_desktop.ini C:\slike\jeeta br 143 90\_desktop.ini C:\slike\mazda 01.10\_desktop.ini C:\slike\merc.15 08\_desktop.ini C:\slike\mercedes br 28817\_desktop.ini C:\slike\mercedes c klasa ul 104 99\_desktop.ini C:\slike\mup golf 5\_desktop.ini C:\slike\New Folder\_desktop.ini C:\slike\New Folder\AUDI UL\_desktop.ini C:\slike\New Folder\golf 12 08\_desktop.ini C:\WINDOWS\system32\AutoRun.inf C:\WINDOWS\system32\drivers\npf.sys C:\WINDOWS\system32\pthreadVC.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_NPF -------\Legacy_tcpsr -------\Legacy_WINDOWS_LOG -------\Service_NPF ((((((((((((((((((((((((( Files Created from 2008-07-14 to 2008-08-14 ))))))))))))))))))))))))))))))) . 2008-08-14 09:07 . 2008-08-14 09:09 <DIR> d-------- C:\Program Files\Trojan Remover 2008-08-14 09:07 . 2008-08-14 09:07 <DIR> d-------- C:\Documents and Settings\user\Application Data\Simply Super Software 2008-08-14 09:07 . 2008-08-14 09:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software 2008-08-14 09:07 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll 2008-08-14 09:07 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll 2008-08-14 09:07 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll 2008-08-14 09:07 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll 2008-08-14 09:07 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll 2008-08-13 15:29 . 2008-08-13 15:51 96,976 --a------ C:\WINDOWS\system32\drivers\klin.dat 2008-08-13 15:29 . 2008-08-13 15:29 87,855 --a------ C:\WINDOWS\system32\drivers\klick.dat 2008-08-13 15:27 . 2008-08-13 15:27 <DIR> d-------- C:\Program Files\Kaspersky Lab 2008-08-13 15:27 . 2008-08-14 10:28 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx 2008-08-13 15:27 . 2008-08-14 10:28 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2008-08-13 15:27 . 2008-08-14 10:28 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2008-08-13 15:27 . 2008-08-14 10:28 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-08-13 11:00 . 2008-08-13 11:00 <DIR> d-------- C:\Documents and Settings\user\Application Data\Malwarebytes 2008-08-13 09:50 . 2008-08-13 09:51 <DIR> d-------- C:\KASKO VOZ.ZA POLISE 2008-08-13 08:44 . 2004-08-04 14:00 1,875,968 --a--c--- C:\WINDOWS\system32\dllcache\msir3jp.lex 2008-08-13 08:43 . 2004-08-04 14:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll 2008-08-13 08:42 . 2004-08-04 14:00 1,677,824 --a--c--- C:\WINDOWS\system32\dllcache\chsbrkr.dll 2008-08-13 08:41 . 2004-05-13 00:39 876,653 --a--c--- C:\WINDOWS\system32\dllcache\fp4awel.dll 2008-08-13 08:38 . 2008-08-13 08:38 749 -rah----- C:\WINDOWS\WindowsShell.Manifest 2008-08-13 08:38 . 2008-08-13 08:38 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest 2008-08-13 08:38 . 2008-08-13 08:38 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest 2008-08-13 08:38 . 2008-08-13 08:38 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest 2008-08-13 08:38 . 2008-08-13 08:38 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest 2008-08-13 08:30 . 2004-08-03 22:31 20,992 --a------ C:\WINDOWS\system32\drivers\RTL8139.sys 2008-08-13 08:25 . 2004-08-04 14:00 1,086,058 -ra------ C:\WINDOWS\SET42.tmp 2008-08-13 08:25 . 2004-08-04 14:00 1,042,903 -ra------ C:\WINDOWS\SET3F.tmp 2008-08-13 08:25 . 2004-08-04 14:00 13,753 -ra------ C:\WINDOWS\SET4E.tmp 2008-08-12 15:53 . 2008-08-12 15:53 <DIR> d-------- C:\Program Files\Lavasoft 2008-08-12 15:53 . 2008-08-12 15:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-08-12 14:47 . 2008-08-14 10:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-08-12 14:21 . 2008-08-12 14:21 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-08-12 14:21 . 2008-08-12 14:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-08-12 14:21 . 2008-08-12 14:21 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Malwarebytes 2008-08-12 14:21 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-08-12 14:21 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-08-12 14:20 . 2008-08-13 12:39 <DIR> d-------- C:\Program Files\SpywareGuard 2008-08-12 11:49 . 2008-08-12 11:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2008-08-12 10:47 . 2008-08-12 10:47 124 --a------ C:\WINDOWS\wininit.ini 2008-08-12 09:00 . 2008-08-12 09:01 766,383 --a------ C:\WINDOWS\system32\kjgdpz.exe 2008-08-12 08:46 . 2008-08-12 08:46 19,063 --a------ C:\WINDOWS\xubafixow.sys 2008-08-12 08:46 . 2008-08-12 08:46 18,452 --a------ C:\Documents and Settings\user\Application Data\onomowopy.bat 2008-08-12 08:46 . 2008-08-12 08:46 16,991 --a------ C:\WINDOWS\system32\efaka.vbs 2008-08-12 08:46 . 2008-08-12 08:46 15,349 --a------ C:\WINDOWS\jyda.dat 2008-08-12 08:46 . 2008-08-12 08:46 14,686 --a------ C:\Documents and Settings\user\Application Data\duwym.bat 2008-08-12 08:46 . 2008-08-12 08:46 14,592 --a------ C:\WINDOWS\system32\akefam._sy 2008-08-12 08:46 . 2008-08-12 08:46 13,864 --a------ C:\Documents and Settings\All Users\Application Data\yhofyxec.com 2008-08-12 08:46 . 2008-08-12 08:46 12,365 --a------ C:\WINDOWS\evypexilaz.bin 2008-08-12 08:46 . 2008-08-12 08:46 11,123 --a------ C:\WINDOWS\sijehogoz.sys 2008-08-12 08:46 . 2008-08-12 08:46 11,063 --a------ C:\WINDOWS\wycevugu.pif 2008-08-12 08:46 . 2008-08-12 08:46 11,059 --a------ C:\WINDOWS\system32\umecexapux.inf 2008-08-12 08:46 . 2008-08-12 08:46 10,148 --a------ C:\Program Files\Common Files\kufe.bat 2008-08-12 08:46 . 2008-08-12 08:46 10,030 --a------ C:\Documents and Settings\All Users\Application Data\ujiqi.scr 2008-08-12 08:46 . 2008-08-12 08:46 10,017 --a------ C:\Documents and Settings\All Users\Application Data\cami.bin 2008-08-11 15:17 . 2008-08-11 15:17 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Share-to-Web Upload Folder 2008-08-11 15:04 . 2008-08-13 15:24 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-08-04 15:28 . 2008-08-13 12:06 199,839,744 --a------ C:\WINDOWS\MEMORY.DMP 2008-08-04 13:53 . 2004-08-04 14:00 16,384 --a--c--- C:\WINDOWS\system32\dllcache\isignup.exe 2008-08-04 13:40 . 2004-08-04 14:00 1,086,058 -ra------ C:\WINDOWS\SETD7.tmp 2008-08-04 13:40 . 2004-08-04 14:00 1,042,903 -ra------ C:\WINDOWS\SETD4.tmp 2008-08-04 13:40 . 2004-08-04 14:00 13,753 -ra------ C:\WINDOWS\SETE3.tmp 2008-07-31 09:50 . 2008-07-31 09:50 371,158 --a------ C:\WINDOWS\lsas.exe.vir 2008-07-31 09:50 . 2008-07-31 09:50 0 -rahs---- C:\khn 2008-07-29 20:21 . 2008-07-29 20:21 218,376 --a------ C:\WINDOWS\system32\klogon.dll 2008-07-29 20:20 . 2008-07-29 20:20 24,774 --a------ C:\WINDOWS\system32\drivers\klopp.dat 2008-07-28 14:39 . 2008-07-31 09:58 <DIR> d-------- C:\Documents and Settings\user\Application Data\skypePM 2008-07-28 14:39 . 2008-07-28 14:39 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat 2008-07-28 14:37 . 2008-07-31 15:45 <DIR> d-------- C:\Documents and Settings\user\Application Data\Skype 2008-07-28 14:36 . 2008-07-28 14:36 <DIR> d-------- C:\Program Files\Skype 2008-07-28 14:36 . 2008-07-28 14:36 <DIR> d-------- C:\Program Files\Common Files\Skype 2008-07-28 14:35 . 2008-07-28 14:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype 2008-07-21 18:34 . 2008-07-21 18:34 121,872 --a------ C:\WINDOWS\system32\drivers\kl1.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-14 08:01 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-08-13 13:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-08-13 09:56 114 ----a-w C:\sccfg.sys 2008-08-12 13:52 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-08-12 11:03 --------- d-----w C:\Program Files\Trend Micro System Cleaner 2008-08-12 06:46 15,465 ----a-w C:\Program Files\Common Files\xicuzo.lib 2008-08-12 06:46 11,101 ----a-w C:\Program Files\Common Files\uvacam.db 2008-08-12 06:46 10,275 ----a-w C:\Program Files\Common Files\bikyzepocy._dl 2008-08-12 06:25 --------- d-----w C:\Program Files\ESET 2008-07-31 13:46 --------- d-----w C:\Documents and Settings\user\Application Data\OpenOffice.org2 2008-07-24 10:40 --------- d-----w C:\Documents and Settings\user\Application Data\Datalayer 2008-05-16 09:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe 2008-01-25 13:41 38,247,322 ----a-w C:\Program Files\ABBYY_Finereader_8.0.0.706-BY_JAWAIDARSHAD_UPDOWNWORLD.NET.rar 2007-12-12 13:49 1,933,172 ----a-w C:\Program Files\ContactKeeper136.exe 2007-12-10 10:16 1,197,439 ----a-w C:\Program Files\ten_setup.zip 2007-08-08 12:25 164 ---ha-w C:\Documents and Settings\All Users\hpothb07.dat 2007-08-08 12:25 0 ---ha-w C:\Documents and Settings\user\hpothb07.dat 2007-08-08 12:25 0 ---ha-w C:\Documents and Settings\Default User\hpothb07.dat 2007-08-08 12:25 0 ---ha-w C:\Documents and Settings\Administrator\hpothb07.dat 2007-08-08 12:24 0 ---ha-w C:\Documents and Settings\user\Application Data\hpothb07.dat 2007-08-08 12:24 0 ---ha-w C:\Documents and Settings\NetworkService\hpothb07.dat 2007-08-08 12:24 0 ---ha-w C:\Documents and Settings\LocalService\hpothb07.dat 2007-07-17 08:32 1,232 ---ha-w C:\Program Files\hpothb07.dat 2007-07-17 08:31 2,051 ---ha-w C:\Program Files\hpothb07.tif 2007-04-17 13:54 527,643 ----a-w C:\Program Files\topclock.zip 2007-03-20 10:50 1,964,866 ----a-w C:\Program Files\ContactKeeper132.exe 2007-02-13 12:17 74,973 ----a-w C:\Program Files\aclock.exe 2007-01-29 13:17 19,666,504 ----a-w C:\Program Files\QuickTimeInstaller.exe 2006-05-30 20:56 56 ----a-w C:\Program Files\Common Files\appop.log 2005-09-21 16:02 718,336 ----a-w C:\Program Files\ABBYY FineReader 8.0 Professional Edition.msi 2003-04-21 13:09 245,408 ----a-w C:\Program Files\unicows.dll 2002-03-11 10:06 1,822,520 ----a-w C:\Program Files\instmsiW.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TopmostClock"="C:\Program Files\Topmost Clock\TopMostClock.exe" [2002-09-07 23:52 540672] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360] "ContactKeeper Birthday reminder"="C:\Program Files\ContactKeeper\ContactKeeper.exe" [2007-11-26 19:27 892928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 21:21 57344] "TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [2008-07-30 15:00 909904] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-07-29 20:20 206088] "RTHDCPL"="RTHDCPL.EXE" [2005-10-15 03:51 14864384 C:\WINDOWS\RTHDCPL.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360] C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\ SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [2003-08-29 19:05:35 360448] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ira88.sys] @="Driver" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk backup=C:\WINDOWS\pss\InterVideo WinCinema Manager.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^user^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] path=C:\Documents and Settings\user\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk backup=C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^user^Start Menu^Programs^Startup^OpenOffice.org 2.0.lnk] path=C:\Documents and Settings\user\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ContactKeeper Birthday reminder] --a------ 2007-11-26 19:27 892928 C:\Program Files\ContactKeeper\ContactKeeper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] --a------ 2004-08-04 14:00 15360 C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] --a------ 2006-10-27 00:47 31016 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2006-10-30 19:36 256576 C:\Program Files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] --a------ 2007-01-19 12:55 5674352 C:\Program Files\MSN Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication] --a------ 2006-06-15 13:36 229376 C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync] --a------ 2006-06-27 17:21 1449984 C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon] --a------ 2002-04-17 20:42 69632 C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] --a------ 2007-07-30 08:53 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINCINEMAMGR] --a------ 2005-04-30 04:50 278528 C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] -ra------ 2005-05-04 04:43 69632 C:\WINDOWS\Alcmtr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] --a------ 2004-08-04 14:00 110592 C:\WINDOWS\system32\bthprops.cpl [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] -ra------ 2005-10-15 03:51 14864384 C:\WINDOWS\RTHDCPL.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\kasperskyantivirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\WINDOWS\\system32\\spoolsv.exe"= "C:\\WINDOWS\\system32\\svchost.exe"= "C:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 ivicd;Ivi CDVD Filter Driver;C:\WINDOWS\system32\drivers\ivicd.sys [2005-01-12 15:29] R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [2008-01-29 18:29] R3 klfltdev;Kaspersky Lab KLFltDev;C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 19:02] R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 18:06] S0 ira88;ira88;C:\WINDOWS\system32\Drivers\Ira88.sys [] S3 iviudf;iviudf;C:\WINDOWS\system32\drivers\IviUdf.sys [2005-01-13 05:28] S3 usnjsvc;Usluga Messenger Sharing Folders USN Journal Reader;C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 12:54] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aef1a9e4-49b2-11dd-80af-0016764ef714}] \Shell\AutoRun\command - E:\xmnm2.cmd \Shell\explore\Command - E:\xmnm2.cmd \Shell\open\Command - E:\xmnm2.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db4bd79a-3e81-11dc-bf4b-0016764ef714}] \shell\autorun\command - E:\sysnt.exe \shell\explore\command - E:\sysnt.exe \shell\open\command - E:\sysnt.exe . Contents of the 'Scheduled Tasks' folder 2008-03-03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 15:57] . - - - - ORPHANS REMOVED - - - - HKCU-Run-[system] - C:\WINDOWS\system32\drivers\services.exe MSConfigStartUp-Virus-Bursters - C:\Program Files\Virus-Bursters\virus-bursters.exe . ------- Supplementary Scan ------- . R0 -: HKCU-Main,Start Page = hxxp://www.google.com R1 -: HKCU-Internet Connection Wizard,ShellNext = iexplore O8 -: add to anti-banner O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O17 -: HKLM\CCS\Interface\{F9E61CCF-B7D0-4A3F-8B56-461E2FA31C3A}: NameServer = 195.66.160.1,195.66.160.2 O16 -: {E0511BF1-B5C0-4F1A-BB3D-036F6DE51C5C} - hxxp://nadzor085.avers.com.tw/WebCamX.cab C:\WINDOWS\Downloaded Program Files\WebCamX.inf C:\WINDOWS\system32\AudioDec.dll C:\WINDOWS\system32\IPCamera.ini C:\WINDOWS\system32\Xrypassd.dll C:\WINDOWS\system32\ijl15.dll C:\WINDOWS\system32\AvsCodec51.dll C:\WINDOWS\system32\NVDHD50.dll C:\WINDOWS\system32\NVDMD50.dll C:\WINDOWS\system32\decode.dll C:\WINDOWS\system32\RTClientSDK70.dll C:\WINDOWS\Downloaded Program Files\WebCamX.ocx ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-08-14 10:31:46 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\ati2evxx.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\ati2evxx.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\ufdsvc.exe C:\WINDOWS\system32\wscntfy.exe . ************************************************************************ . Completion time: 2008-08-14 10:36:10 - machine was rebooted ComboFix-quarantined-files.txt 2008-08-14 08:35:59 Pre-Run: 53,274,443,776 bytes free Post-Run: 53,365,882,880 bytes free 609 --- E O F --- 2008-07-10 13:52:15 Dopuna: 14 Avg 2008 11:28 evo napravih i Hijack-ov logo Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:11:26, on 14.8.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ufdsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\Program Files\Topmost Clock\TopMostClock.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\notepad.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: IEVkbdBHO - {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKCU\..\Run: [TopmostClock] C:\Program Files\Topmost Clock\TopMostClock.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ContactKeeper Birthday reminder] "C:\Program Files\ContactKeeper\ContactKeeper.exe" /Reminder O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Web traffic protection statistics - {1f460357-8a94-4d71-9ca3-aa4acf32ed8e} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [searching] Search from the Address bar O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - a1540.g.akamai.net/7/1540/52/20061205/qtins.....plugin.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {E0511BF1-B5C0-4F1A-BB3D-036F6DE51C5C} (WebCamX Control) - nadzor085.avers.com.tw/WebCamX.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E5F588A9-6A2A-4FD5-B628-EEC13CA4857A}: NameServer = 195.66.160.1 195.66.160.2 O17 - HKLM\System\CCS\Services\Tcpip\..\{F9E61CCF-B7D0-4A3F-8B56-461E2FA31C3A}: NameServer = 195.66.160.1,195.66.160.2 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Internet Security (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe O23 - Service: UFD Command Service (UFDSVC) - Generic - C:\WINDOWS\system32\ufdsvc.exe -- End of file - 6370 bytes

Profil

MoscowBeast Poslao: 14 Avg 2008 11:44 Idi na vrh
offline MoscowBeast Nepopravljivi optimista Civil Works Team Leader @ IKEA Centres Russia Pridružio: 22 Jun 2005 Poruke: 7912 Gde živiš: Moskva, Rusija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! A da ti ipak ispostujes pravilo otvaranja teme u Ambulanti iz http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html?

Profil

borov Poslao: 14 Avg 2008 13:57 Idi na vrh
offline borov Novi MyCity građanin Pridružio: 22 Jul 2006 Poruke: 11	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! evo, ispostovano od tacke do tacke Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:52:06, on 14.8.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ufdsvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\Program Files\Topmost Clock\TopMostClock.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\user\Desktop\New Folder\nesto.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: IEVkbdBHO - {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKCU\..\Run: [TopmostClock] C:\Program Files\Topmost Clock\TopMostClock.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ContactKeeper Birthday reminder] "C:\Program Files\ContactKeeper\ContactKeeper.exe" /Reminder O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Web traffic protection statistics - {1f460357-8a94-4d71-9ca3-aa4acf32ed8e} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [searching] Search from the Address bar O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - a1540.g.akamai.net/7/1540/52/20061205/qtins.....plugin.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {E0511BF1-B5C0-4F1A-BB3D-036F6DE51C5C} (WebCamX Control) - nadzor085.avers.com.tw/WebCamX.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E5F588A9-6A2A-4FD5-B628-EEC13CA4857A}: NameServer = 195.66.160.1 195.66.160.2 O17 - HKLM\System\CCS\Services\Tcpip\..\{F9E61CCF-B7D0-4A3F-8B56-461E2FA31C3A}: NameServer = 195.66.160.1,195.66.160.2 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Internet Security (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe O23 - Service: UFD Command Service (UFDSVC) - Generic - C:\WINDOWS\system32\ufdsvc.exe -- End of file - 6269 bytes

Profil

bobby Poslao: 14 Avg 2008 17:52 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! borov ::evo, ispostovano od tacke do tacke Nisi, nije sve jedno da li covek postavi HijackThis log, onako kako je tamo napisano, ili na svoju ruku pusti ComboFix, koji nije samo program za pravljenje nekih tamo logova, vec vrsi i ogromne izmene na sistemu. Ja sada treba da gledam u carobnu kuglu da bih pogodio kakvo je stajne tacno bilo pre pustanja ComboFixa, da bih mogao da pohvatam konce infekciji. Javljam se kasnije veceras, kada mi proradi carobna kugla.

Profil

borov Poslao: 14 Avg 2008 23:22 Idi na vrh
offline borov Novi MyCity građanin Pridružio: 22 Jul 2006 Poruke: 11	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Citat:Javljam se kasnije veceras, kada mi proradi carobna kugla. ok, hvala na trudu, citacu rano ujutru

Profil

bobby Poslao: 15 Avg 2008 09:16 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Izvini, nisam sinoc uspeo nista da uradim, migrena je ucinila svoje. Sada cu da ti napisem sta i kako. Dopuna: 15 Avg 2008 9:16 Otvoriti Notepad i iskopirati sledeci tekst: File:: C:\WINDOWS\system32\kjgdpz.exe C:\WINDOWS\xubafixow.sys C:\Documents and Settings\user\Application Data\onomowopy.bat C:\WINDOWS\system32\efaka.vbs C:\WINDOWS\jyda.dat C:\Documents and Settings\user\Application Data\duwym.bat C:\WINDOWS\system32\akefam._sy C:\Documents and Settings\All Users\Application Data\yhofyxec.com C:\WINDOWS\evypexilaz.bin C:\WINDOWS\sijehogoz.sys C:\WINDOWS\wycevugu.pif C:\WINDOWS\system32\umecexapux.inf C:\Program Files\Common Files\kufe.bat C:\Documents and Settings\All Users\Application Data\ujiqi.scr C:\Documents and Settings\All Users\Application Data\cami.bin C:\WINDOWS\lsas.exe.vir C:\Program Files\Common Files\xicuzo.lib C:\Program Files\Common Files\uvacam.db C:\Program Files\Common Files\bikyzepocy._dl C:\WINDOWS\system32\Drivers\Ira88.sys Driver:: ira88 Registry:: [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{db4bd79a-3e81-11dc-bf4b-0016764ef714}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aef1a9e4-49b2-11dd-80af-0016764ef714}] DirLook:: C:\khn Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja. Rekao bih da imas i neki inficirani USB flash, ili slican uredjaj (MP3 plejer, SD kartica za digitalni foto aparat, eksterni HD...) Imas li ideju koji uredjaj to moze da bude? Ako imas, javi da vidimo da li je jos inficiran.

Profil

borov Poslao: 15 Avg 2008 10:08 Idi na vrh
offline borov Novi MyCity građanin Pridružio: 22 Jul 2006 Poruke: 11	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! evo malo napomena kako je sve teklo. kada sam pervukao ikonicu pitao je da li da startuje combofix kao ono unknown publisher ili kako se vec pise, rekao sam yes pa update combofix, no (nisam znao da li ce skripta da radi ako ga updatujem pa ono oko prava koriscenja (licence), yes ili prihvatam pa je on odradio posao i restartovao komp posle restarta se konektovao na adsl, startovao se trojan remover i odradio fast scan i onda combo yavrsio i napravio ovaj log P.S. sto se tice fleske imam jednu koja ima problem sa autoran-om. ranije mi je bilo da kada je ubacim i kliknem na nju otvori prozor open with - kao da je u pitanju fajl a ne uredjaj, pa sam je nesto cistio i sada je eventualno problem da na nekoj masini otvori autorun a na nekoj ne. ComboFix 08-08-13.02 - user 2008-08-15 9:39:11.2 - NTFSx86 Running from: C:\Documents and Settings\user\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\user\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: C:\Documents and Settings\All Users\Application Data\cami.bin C:\Documents and Settings\All Users\Application Data\ujiqi.scr C:\Documents and Settings\All Users\Application Data\yhofyxec.com C:\Documents and Settings\user\Application Data\duwym.bat C:\Documents and Settings\user\Application Data\onomowopy.bat C:\Program Files\Common Files\bikyzepocy._dl C:\Program Files\Common Files\kufe.bat C:\Program Files\Common Files\uvacam.db C:\Program Files\Common Files\xicuzo.lib C:\WINDOWS\evypexilaz.bin C:\WINDOWS\jyda.dat C:\WINDOWS\lsas.exe.vir C:\WINDOWS\sijehogoz.sys C:\WINDOWS\system32\akefam._sy C:\WINDOWS\system32\Drivers\Ira88.sys C:\WINDOWS\system32\efaka.vbs C:\WINDOWS\system32\kjgdpz.exe C:\WINDOWS\system32\umecexapux.inf C:\WINDOWS\wycevugu.pif C:\WINDOWS\xubafixow.sys . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\All Users\Application Data\cami.bin C:\Documents and Settings\All Users\Application Data\ujiqi.scr C:\Documents and Settings\All Users\Application Data\yhofyxec.com C:\Documents and Settings\user\Application Data\duwym.bat C:\Documents and Settings\user\Application Data\onomowopy.bat C:\Program Files\Common Files\bikyzepocy._dl C:\Program Files\Common Files\kufe.bat C:\Program Files\Common Files\uvacam.db C:\Program Files\Common Files\xicuzo.lib C:\WINDOWS\evypexilaz.bin C:\WINDOWS\jyda.dat C:\WINDOWS\lsas.exe.vir C:\WINDOWS\sijehogoz.sys C:\WINDOWS\system32\akefam._sy C:\WINDOWS\system32\efaka.vbs C:\WINDOWS\system32\kjgdpz.exe C:\WINDOWS\system32\umecexapux.inf C:\WINDOWS\wycevugu.pif C:\WINDOWS\xubafixow.sys . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_ira88 -------\Service_ira88 ((((((((((((((((((((((((( Files Created from 2008-07-15 to 2008-08-15 ))))))))))))))))))))))))))))))) . 2008-08-14 11:10 . 2008-08-14 11:10 <DIR> d-------- C:\Program Files\Trend Micro 2008-08-14 09:07 . 2008-08-14 09:09 <DIR> d-------- C:\Program Files\Trojan Remover 2008-08-14 09:07 . 2008-08-14 09:07 <DIR> d-------- C:\Documents and Settings\user\Application Data\Simply Super Software 2008-08-14 09:07 . 2008-08-14 09:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software 2008-08-14 09:07 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll 2008-08-14 09:07 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll 2008-08-14 09:07 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll 2008-08-14 09:07 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll 2008-08-14 09:07 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll 2008-08-13 15:29 . 2008-08-13 15:51 96,976 --a------ C:\WINDOWS\system32\drivers\klin.dat 2008-08-13 15:29 . 2008-08-13 15:29 87,855 --a------ C:\WINDOWS\system32\drivers\klick.dat 2008-08-13 15:27 . 2008-08-13 15:27 <DIR> d-------- C:\Program Files\Kaspersky Lab 2008-08-13 15:27 . 2008-08-15 09:44 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx 2008-08-13 15:27 . 2008-08-15 09:44 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2008-08-13 15:27 . 2008-08-15 09:44 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2008-08-13 15:27 . 2008-08-15 09:44 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-08-13 11:00 . 2008-08-13 11:00 <DIR> d-------- C:\Documents and Settings\user\Application Data\Malwarebytes 2008-08-13 09:50 . 2008-08-13 09:51 <DIR> d-------- C:\KASKO VOZ.ZA POLISE 2008-08-13 08:44 . 2004-08-04 14:00 1,875,968 --a--c--- C:\WINDOWS\system32\dllcache\msir3jp.lex 2008-08-13 08:43 . 2004-08-04 14:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll 2008-08-13 08:42 . 2004-08-04 14:00 1,677,824 --a--c--- C:\WINDOWS\system32\dllcache\chsbrkr.dll 2008-08-13 08:41 . 2004-05-13 00:39 876,653 --a--c--- C:\WINDOWS\system32\dllcache\fp4awel.dll 2008-08-13 08:38 . 2008-08-13 08:38 749 -rah----- C:\WINDOWS\WindowsShell.Manifest 2008-08-13 08:38 . 2008-08-13 08:38 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest 2008-08-13 08:38 . 2008-08-13 08:38 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest 2008-08-13 08:38 . 2008-08-13 08:38 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest 2008-08-13 08:38 . 2008-08-13 08:38 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest 2008-08-13 08:30 . 2004-08-03 22:31 20,992 --a------ C:\WINDOWS\system32\drivers\RTL8139.sys 2008-08-13 08:25 . 2004-08-04 14:00 1,086,058 -ra------ C:\WINDOWS\SET42.tmp 2008-08-13 08:25 . 2004-08-04 14:00 1,042,903 -ra------ C:\WINDOWS\SET3F.tmp 2008-08-13 08:25 . 2004-08-04 14:00 13,753 -ra------ C:\WINDOWS\SET4E.tmp 2008-08-12 15:53 . 2008-08-12 15:53 <DIR> d-------- C:\Program Files\Lavasoft 2008-08-12 15:53 . 2008-08-12 15:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-08-12 14:47 . 2008-08-15 09:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-08-12 14:21 . 2008-08-12 14:21 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-08-12 14:21 . 2008-08-12 14:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-08-12 14:21 . 2008-08-12 14:21 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Malwarebytes 2008-08-12 14:21 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-08-12 14:21 . 2008-07-30 20:07 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-08-12 14:20 . 2008-08-13 12:39 <DIR> d-------- C:\Program Files\SpywareGuard 2008-08-12 11:49 . 2008-08-12 11:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2008-08-12 10:47 . 2008-08-12 10:47 124 --a------ C:\WINDOWS\wininit.ini 2008-08-11 15:17 . 2008-08-11 15:17 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Share-to-Web Upload Folder 2008-08-11 15:04 . 2008-08-13 15:24 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-08-04 15:28 . 2008-08-13 12:06 199,839,744 --a------ C:\WINDOWS\MEMORY.DMP 2008-08-04 13:53 . 2004-08-04 14:00 16,384 --a--c--- C:\WINDOWS\system32\dllcache\isignup.exe 2008-08-04 13:40 . 2004-08-04 14:00 1,086,058 -ra------ C:\WINDOWS\SETD7.tmp 2008-08-04 13:40 . 2004-08-04 14:00 1,042,903 -ra------ C:\WINDOWS\SETD4.tmp 2008-08-04 13:40 . 2004-08-04 14:00 13,753 -ra------ C:\WINDOWS\SETE3.tmp 2008-07-31 09:50 . 2008-07-31 09:50 0 -rahs---- C:\khn 2008-07-29 20:21 . 2008-07-29 20:21 218,376 --a------ C:\WINDOWS\system32\klogon.dll 2008-07-29 20:20 . 2008-07-29 20:20 24,774 --a------ C:\WINDOWS\system32\drivers\klopp.dat 2008-07-28 14:39 . 2008-07-31 09:58 <DIR> d-------- C:\Documents and Settings\user\Application Data\skypePM 2008-07-28 14:39 . 2008-07-28 14:39 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat 2008-07-28 14:37 . 2008-07-31 15:45 <DIR> d-------- C:\Documents and Settings\user\Application Data\Skype 2008-07-28 14:36 . 2008-07-28 14:36 <DIR> d-------- C:\Program Files\Skype 2008-07-28 14:36 . 2008-07-28 14:36 <DIR> d-------- C:\Program Files\Common Files\Skype 2008-07-28 14:35 . 2008-07-28 14:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype 2008-07-21 18:34 . 2008-07-21 18:34 121,872 --a------ C:\WINDOWS\system32\drivers\kl1.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-14 08:01 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-08-13 13:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-08-13 09:56 114 ----a-w C:\sccfg.sys 2008-08-12 13:52 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-08-12 11:03 --------- d-----w C:\Program Files\Trend Micro System Cleaner 2008-08-12 06:25 --------- d-----w C:\Program Files\ESET 2008-07-31 13:46 --------- d-----w C:\Documents and Settings\user\Application Data\OpenOffice.org2 2008-07-24 10:40 --------- d-----w C:\Documents and Settings\user\Application Data\Datalayer 2008-01-25 13:41 38,247,322 ----a-w C:\Program Files\ABBYY_Finereader_8.0.0.706-BY_JAWAIDARSHAD_UPDOWNWORLD.NET.rar 2007-12-12 13:49 1,933,172 ----a-w C:\Program Files\ContactKeeper136.exe 2007-12-10 10:16 1,197,439 ----a-w C:\Program Files\ten_setup.zip 2007-08-08 12:25 164 ---ha-w C:\Documents and Settings\All Users\hpothb07.dat 2007-08-08 12:25 0 ---ha-w C:\Documents and Settings\user\hpothb07.dat 2007-08-08 12:25 0 ---ha-w C:\Documents and Settings\Default User\hpothb07.dat 2007-08-08 12:25 0 ---ha-w C:\Documents and Settings\Administrator\hpothb07.dat 2007-08-08 12:24 0 ---ha-w C:\Documents and Settings\user\Application Data\hpothb07.dat 2007-08-08 12:24 0 ---ha-w C:\Documents and Settings\NetworkService\hpothb07.dat 2007-08-08 12:24 0 ---ha-w C:\Documents and Settings\LocalService\hpothb07.dat 2007-07-17 08:32 1,232 ---ha-w C:\Program Files\hpothb07.dat 2007-07-17 08:31 2,051 ---ha-w C:\Program Files\hpothb07.tif 2007-04-17 13:54 527,643 ----a-w C:\Program Files\topclock.zip 2007-03-20 10:50 1,964,866 ----a-w C:\Program Files\ContactKeeper132.exe 2007-02-13 12:17 74,973 ----a-w C:\Program Files\aclock.exe 2007-01-29 13:17 19,666,504 ----a-w C:\Program Files\QuickTimeInstaller.exe 2006-05-30 20:56 56 ----a-w C:\Program Files\Common Files\appop.log 2005-09-21 16:02 718,336 ----a-w C:\Program Files\ABBYY FineReader 8.0 Professional Edition.msi 2003-04-21 13:09 245,408 ----a-w C:\Program Files\unicows.dll 2002-03-11 10:06 1,822,520 ----a-w C:\Program Files\instmsiW.exe . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of C:\khn ---- C:\khn\ ((((((((((((((((((((((((((((( snapshot@2008-08-14_10.35.08.89 ))))))))))))))))))))))))))))))))))))))))) . - 2008-08-13 06:51:26 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat + 2008-08-14 13:53:15 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat - 2008-08-13 06:51:26 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat + 2008-08-14 13:53:15 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat - 2008-08-13 06:51:26 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-08-14 13:53:15 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TopmostClock"="C:\Program Files\Topmost Clock\TopMostClock.exe" [2002-09-07 23:52 540672] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360] "ContactKeeper Birthday reminder"="C:\Program Files\ContactKeeper\ContactKeeper.exe" [2007-11-26 19:27 892928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 21:21 57344] "TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [2008-07-30 15:00 909904] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-07-29 20:20 206088] "RTHDCPL"="RTHDCPL.EXE" [2005-10-15 03:51 14864384 C:\WINDOWS\RTHDCPL.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360] C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\ SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [2003-08-29 19:05:35 360448] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ira88.sys] @="Driver" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk backup=C:\WINDOWS\pss\InterVideo WinCinema Manager.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^user^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] path=C:\Documents and Settings\user\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk backup=C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^user^Start Menu^Programs^Startup^OpenOffice.org 2.0.lnk] path=C:\Documents and Settings\user\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ContactKeeper Birthday reminder] --a------ 2007-11-26 19:27 892928 C:\Program Files\ContactKeeper\ContactKeeper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] --a------ 2004-08-04 14:00 15360 C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] --a------ 2006-10-27 00:47 31016 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2006-10-30 19:36 256576 C:\Program Files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] --a------ 2007-01-19 12:55 5674352 C:\Program Files\MSN Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication] --a------ 2006-06-15 13:36 229376 C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync] --a------ 2006-06-27 17:21 1449984 C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon] --a------ 2002-04-17 20:42 69632 C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] --a------ 2007-07-30 08:53 68856 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINCINEMAMGR] --a------ 2005-04-30 04:50 278528 C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] -ra------ 2005-05-04 04:43 69632 C:\WINDOWS\Alcmtr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] --a------ 2004-08-04 14:00 110592 C:\WINDOWS\system32\bthprops.cpl [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] -ra------ 2005-10-15 03:51 14864384 C:\WINDOWS\RTHDCPL.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\kasperskyantivirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\WINDOWS\\system32\\spoolsv.exe"= "C:\\WINDOWS\\system32\\svchost.exe"= "C:\\Program Files\\InterVideo\\DVD8\\WinDVD.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 ivicd;Ivi CDVD Filter Driver;C:\WINDOWS\system32\drivers\ivicd.sys [2005-01-12 15:29] R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [2008-01-29 18:29] R3 klfltdev;Kaspersky Lab KLFltDev;C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 19:02] R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 18:06] S3 iviudf;iviudf;C:\WINDOWS\system32\drivers\IviUdf.sys [2005-01-13 05:28] S3 usnjsvc;Usluga Messenger Sharing Folders USN Journal Reader;C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 12:54] . Contents of the 'Scheduled Tasks' folder 2008-03-03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 15:57] . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-08-15 09:48:34 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... C:\DOCUME~1\user\LOCALS~1\Temp\RGI2.tmp scan completed successfully hidden files: 1 ********************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\ati2evxx.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\ufdsvc.exe C:\WINDOWS\system32\ati2evxx.exe . ************************************************************************ . Completion time: 2008-08-15 9:53:02 - machine was rebooted ComboFix-quarantined-files.txt 2008-08-15 07:52:50 ComboFix2.txt 2008-08-14 08:36:14 Pre-Run: 51,577,425,920 bytes free Post-Run: 51,745,234,944 bytes free 272 --- E O F --- 2008-08-14 13:53:23 Citat: Izvini, nisam sinoc uspeo nista da uradim, migrena je ucinila svoje. nemas razloga da se izvinjavas, ti si taj koji pomaze i kad god mozes to je u redu, nemas obavezu da to mora da bude odmah i sl

Profil

bobby Poslao: 15 Avg 2008 10:40 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hajmo da resimo taj USB flash Skini sledeci program - http://amf.mycity.rs/personal/bobby/USB_blocker/usb_blocker_beta.exe - startuj ga i odaberi opciju Auto block - ubaci USB stick u komp i sacekaj koji sekund (recimo 5-10 sekundi) - program je sada uradio analizu sticka (vidi se u donjem delu programa, u logu) Kada sve to zavrsis, log u donjem delu programa ce sadrzati sve podatke koji su meni potrebni da bih video da li je stick zarazen. Klikni desnim dugmetom misa na log/izvestaj i odaberi Save log. Automatski ce se otvoriti Notepad i u njemu izvestaj. Iskopiraj mi taj izvestaj ovde na forum. Ukoliko utvrdim da je stick zarazen, onda imamo jos par koraka da odradimo.

Profil

borov Poslao: 15 Avg 2008 10:56 Idi na vrh
offline borov Novi MyCity građanin Pridružio: 22 Jul 2006 Poruke: 11	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! evo ga, i nista nije bolelo USB_blocker by bobby Started at 15.8.2008 10:51:19 Scanning for connected USB Mass storage... ======================================== ======================================== Scanning for other storage... ======================================== C: 7d2edd93-f00f-11da-8811-806d6172696f ======================================== New device connected at 15.8.2008 10:51:38 Scanning for connected USB Mass storage... ======================================== E: 182f9d61-e6ac-11dc-802b-0016764ef714 ======================================== Scanning USB mass storage for autorun.inf and desktop.ini files... ======================================== desktop.ini found on E: File E:\zapisnici o ostec vozila\_desktop.ini renamed successfully Sanitizing Shell Menu... No key for GUID: 182f9d61-e6ac-11dc-802b-0016764ef714 ========================================

Profil

bobby Poslao: 15 Avg 2008 11:02 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hmmm... ovaj USB flash nije imao nikakav autorun. Klikni duplo u USB_blockeru gore levo na slovo koje oznacava ovaj tvoj USB flash drive, to ce ga deaktivirati (videces poruku dole kraj sata). Onda izvadi USB flash iz kompa, iskljuci USB_blocker, pa ubaci USB flash ponovo. Vidi da li je sada sve OK sa njim. Pride svega ovoga, nije to USB flash koji je bio zarazen (ono sto sam ti spominjao u prethodnim postovima). Druga dva USB uredjaja su bila prikljucivana na tvoj komp, a bila su zarazena. Ne bih ti znao reci kada je to bilo, moze biti juce, moze biti pre par meseci, to se ne vidi iz logova.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » problem sa kasperskim

Ko je trenutno na forumu

Ukupno su 810 korisnika na forumu :: 37 registrovanih, 8 sakrivenih i 765 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., babaroga, bobomicek, Boris Bosiljčić, Centauro, dankisha, darkangel, Denaya, djboj, Djokkinen, DonRumataEstorski, DPera, goxin, jackreacher011011, kihot, Koridor, Krusarac, Marko Marković, MB120mm, mercedesamg, milenko crazy north, Nemanja.M, nenad81, nikoladim, novator, nuke92, Panter, pein, raketaš, Rogan33, S1Mk3, SlaKoj, Srki94, stegonosa, VJ, voja64, wizzardone

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by