MyCity » Ambulanta -> Arhiva Ambulante » siszyd32.exe

siszyd32.exe

Napisano na dan: 19.12.2009

siszyd32.exe

Sledeća strana

Pagination

Odgovori

deluxe0507 Poslao: 19 Dec 2009 14:30 Idi na vrh
offline deluxe0507 Ugledni građanin Pridružio: 19 Jan 2008 Poruke: 388 Gde živiš: podzemlje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Primetio sam da u svarima koje mi se podizu zajedno sa sistemom imam i ovo siszyd32.exe koji se navodno nalazi u folderu startup ali ga tamo nema ni kada stavim podesavanja foldera da mi prikazuje skrivene foldere,kada probam da ga iskljucim da se ne podize sa sistemom on je opet tu da li neko zna sta je ovo i kako ga ukloniti

Profil

dr_Bora Poslao: 19 Dec 2009 14:39 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Trebaće nam malo više informacija... http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html Postavi ovde tražene logove.

Profil

deluxe0507 Poslao: 19 Dec 2009 16:43 Idi na vrh
offline deluxe0507 Ugledni građanin Pridružio: 19 Jan 2008 Poruke: 388 Gde živiš: podzemlje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 19 Dec 2009 16:28 evo UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-12-01.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 3.9.2009 1:27:57 System Uptime: 17.12.2009 13:12:56 (25 hours ago) Motherboard: ASUSTeK Computer INC. \| \| M4N78 Processor: AMD Phenom(tm) 9650 Quad-Core Processor \| AM2 \| 2299/200mhz ==== Disk Partitions ========================= B: RAMDisk FAT 0 GiB total, 0,031 GiB free. C: is FIXED (NTFS) - 44 GiB total, 13,679 GiB free. D: is CDROM (CDFS) E: is FIXED (NTFS) - 422 GiB total, 279,777 GiB free. F: is CDROM () ==== Disabled Device Manager Items ============= Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A} Description: Nokia 6120 classic Device ID: ROOT\WPD\0000 Manufacturer: Nokia Name: Nokia 6120 classic PNP Device ID: ROOT\WPD\0000 Service: WUDFRd ==== System Restore Points =================== RP110: 8.11.2009 18:56:01 - System Checkpoint RP111: 9.11.2009 12:27:41 - Installed QuickTime RP112: 10.11.2009 14:47:36 - System Checkpoint RP113: 11.11.2009 16:00:24 - System Checkpoint RP114: 12.11.2009 3:00:14 - Software Distribution Service 3.0 RP115: 13.11.2009 13:18:23 - Advance System Optimizer Fri, Nov 13, 09 13:18 RP116: 13.11.2009 13:44:41 - Before uninstall VidToMP3.com Toolbar RP117: 14.11.2009 19:59:11 - System Checkpoint RP118: 15.11.2009 23:05:54 - System Checkpoint RP119: 18.11.2009 7:44:43 - System Checkpoint RP120: 18.11.2009 19:27:24 - Installed Vegas Pro 9.0 RP121: 19.11.2009 21:00:26 - System Checkpoint RP122: 20.11.2009 21:02:31 - System Checkpoint RP123: 22.11.2009 10:55:41 - System Checkpoint RP124: 22.11.2009 12:51:49 - Installed RssReader RP125: 22.11.2009 22:07:01 - RP126: 22.11.2009 22:07:56 - Unsigned driver install RP127: 23.11.2009 23:43:40 - System Checkpoint RP128: 24.11.2009 22:45:42 - Software Distribution Service 3.0 RP129: 26.11.2009 7:38:37 - System Checkpoint RP130: 27.11.2009 8:08:01 - System Checkpoint RP131: 28.11.2009 13:01:32 - System Checkpoint RP132: 28.11.2009 16:58:26 - Before uninstall RssReader RP133: 28.11.2009 16:58:30 - Removed RssReader RP134: 29.11.2009 17:00:34 - System Checkpoint RP135: 30.11.2009 19:03:21 - System Checkpoint RP136: 1.12.2009 19:37:27 - System Checkpoint RP137: 3.12.2009 13:45:21 - System Checkpoint RP138: 3.12.2009 20:05:01 - Systweak Registry Cleaner Thu, Dec 03, 09 20:04 RP139: 3.12.2009 20:15:58 - Advance System Optimizer Thu, Dec 03, 09 20:15 RP140: 3.12.2009 20:16:48 - Advance System Optimizer Thu, Dec 03, 09 20:16 RP141: 3.12.2009 20:21:08 - Systweak System Cleaner Thu, Dec 03, 09 20:20 RP142: 4.12.2009 20:38:08 - System Checkpoint RP143: 5.12.2009 20:42:39 - System Checkpoint RP144: 7.12.2009 13:46:22 - System Checkpoint RP145: 9.12.2009 7:46:01 - System Checkpoint RP146: 10.12.2009 3:00:14 - Software Distribution Service 3.0 RP147: 10.12.2009 13:42:01 - Installed Hemera Photo Clip Art RP148: 10.12.2009 14:42:19 - Installed Windows XP Wudf01005. RP149: 10.12.2009 23:06:42 - Before uninstall Hemera Photo Clip Art RP150: 10.12.2009 23:06:49 - Configured Hemera Photo Clip Art RP151: 11.12.2009 23:46:03 - System Checkpoint RP152: 13.12.2009 1:07:14 - System Checkpoint RP153: 14.12.2009 1:54:27 - System Checkpoint RP154: 14.12.2009 14:33:59 - Advance System Optimizer Mon, Dec 14, 09 14:33 RP155: 14.12.2009 14:34:10 - Systweak Registry Cleaner Mon, Dec 14, 09 14:34 RP156: 15.12.2009 16:20:55 - System Checkpoint RP157: 15.12.2009 17:42:31 - Printer Driver Adobe PDF Converter Installed RP158: 14.12.2009 23:28:33 - System Checkpoint RP159: 16.12.2009 13:50:11 - System Checkpoint RP160: 16.12.2009 15:20:39 - Software Distribution Service 3.0 RP161: 18.12.2009 1:05:02 - System Checkpoint ==== Installed Programs ====================== %WS4_ARP_DISPLAY% 7-Zip 4.57 Acrobat.com Add or Remove Adobe Creative Suite 3 Master Collection Adobe Acrobat 8 Professional Adobe After Effects CS3 Adobe After Effects CS3 Presets Adobe After Effects CS3 Template Projects & Footage Adobe After Effects CS3 Third Party Content Adobe AIR Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe BridgeTalk Plugin CS3 Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color EU Extra Settings Adobe Color JA Extra Settings Adobe Color NA Recommended Settings Adobe Contribute CS3 Adobe Creative Suite 3 Master Collection Adobe Default Language CS3 Adobe Device Central CS3 Adobe Dreamweaver CS3 Adobe Encore CS3 Adobe Encore CS3 Library Adobe ExtendScript Toolkit 2 Adobe Extension Manager CS3 Adobe Fireworks CS3 Adobe Flash CS3 Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Flash Player 9 ActiveX Adobe Flash Video Encoder Adobe Fonts All Adobe Help Viewer CS3 Adobe Illustrator CS3 Adobe InDesign CS3 Adobe InDesign CS3 Icon Handler Adobe Linguistics CS3 Adobe Media Player Adobe MotionPicture Color Files Adobe PDF Library Files Adobe Photoshop CS3 Adobe Premiere Pro CS3 Adobe Premiere Pro CS3 Functional Content Adobe Premiere Pro CS3 Third Party Content Adobe Reader 9 Adobe Setup Adobe Shockwave Player Adobe SING CS3 Adobe Soundbooth CS3 Adobe Soundbooth CS3 Codecs Adobe Soundbooth CS3 Scores Adobe Stock Photos CS3 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe Version Cue CS3 Server Adobe Video Profiles Adobe WAS CS3 Adobe WinSoft Linguistics Plugin Adobe XMP DVA Panels CS3 Adobe XMP Panels CS3 Advanced System Optimizer AHV content for Acrobat and Flash AIMP2 Alky for Applications (Windows XP) AMD Processor Driver Apple Software Update ATI Display Driver µTorrent avast! Antivirus ConvertHelper 2.2 Electronics Workbench V5.12 EZXTwisted Far Cry 2 FeedReader FileZilla Client 3.2.7.1 FL Studio 9 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB970653-v3) Hotfix for Windows XP (KB976098-v2) IL Download Manager Java(TM) 6 Update 12 Junk Mail filter update K-Lite Codec Pack 5.1.0 (Basic) Kels' CPL Bonus Pack! Magic ISO Maker v5.5 (build 0276) Malwarebytes' Anti-Malware Maximus Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB953297) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office Professional Edition 2003 Microsoft Silverlight Microsoft User-Mode Driver Framework Feature Pack 1.5 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30304 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Mozilla Firefox (3.5.6) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688-) MSXML 6.0 Parser Nero 7 Ultra Edition neroxml Nokia Connectivity Cable Driver Nokia PC Suite Notepad++ NRadioBox 1.2 NVIDIA Drivers PaySlots zzbz.303227 PC Connectivity Solution PC Wizard 2008 2008.1.8.4 PDF Settings PIXresizer 2.0.4 PoiZone Pro Evolution Soccer 2009 PunkBuster Services QuickTime QuickTime Alternative 2.8.0 Real Alternative 1.8.2 Realtek High Definition Audio Driver Rob Papen Albino 2 Sawer Security Update for Windows Internet Explorer 7 (KB976325) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Search 4 - KB963093 Security Update for Windows XP (KB923561) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960715) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371-v2) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB968537) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238-) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318-) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Segoe UI Steinberg Hypersonic 2 Syncrosoft's License Control SyncroSoft Emu (Remove only) ToolTipFixer 2.0 Total Commander (Remove or Repair) Total Video Converter 3.50 Toxic Biohazard Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Windows XP (KB961503) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) Vegas Pro 9.0 VideoGet Virtual DJ - Atomix Productions WebFldrs XP Winamp Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1) Windows Driver Package - Nokia Modem (02/15/2007 3.1) Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1) Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Sign-in Assistant Windows Live Upload Tool Windows Rights Management Client Backwards Compatibility SP2 Windows Rights Management Client with Service Pack 2 WinRAR archiver XAMPP 1.7.0 Xilisoft DVD Ripper Ultimate Your Uninstaller! 2008 Version 6.0 Zend Studio for Eclipse - 6.1.0 ==== Event Viewer Messages From Past Week ======== 16.12.2009 23:00:06, warning: Windows File Protection [64008] - The protected system file c:\program files\internet explorer\iexplore.exe could not be verified as valid because Windows File Protection is terminating. Use the SFC utility to verify the integrity of the file at a later time. 16.12.2009 23:00:05, information: Windows File Protection [64002] - File replacement was attempted on the protected system file c:\program files\internet explorer\iexplore.exe. This file was restored to the original version to maintain system stability. The file version of the system file is 7.0.6000.16945. 16.12.2009 15:22:13, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 8 for Windows XP. 16.12.2009 15:21:14, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000010' while processing the file '_940312_' on the volume 'Ramdisk'. It has stopped monitoring the volume. 16.12.2009 12:19:57, error: W32Time [34] - The time service has detected that the system time needs to be changed by +86399 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com (ntp.m\|0x1\|192.168.1.7:123->207.46.197.32:123) is working properly. 16.12.2009 12:19:29, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. 15.12.2009 14:01:09, error: Service Control Manager [7000] - The My Web Search Service service failed to start due to the following error: The system cannot find the path specified. 15.12.2009 14:01:09, error: Service Control Manager [7000] - The adfs service failed to start due to the following error: The system cannot find the file specified. ==== End Of File =========================== https://www.mycity.rs/must-login.png Dopuna: 19 Dec 2009 16:43 https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png

Profil

dr_Bora Poslao: 20 Dec 2009 02:06 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nedostaju: - prvi/glavni DDS log; DDS.txt - treći Gmer log (Autostart scan)

Profil

deluxe0507 Poslao: 20 Dec 2009 09:33 Idi na vrh
offline deluxe0507 Ugledni građanin Pridružio: 19 Jan 2008 Poruke: 388 Gde živiš: podzemlje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 20 Dec 2009 9:25 Evo DDS DDS (Ver_09-12-01.01) - NTFSx86 Run by HALAPA at 9:22:11,87 on sub 19.12.2009 Internet Explorer: 7.0.5730.13 Microsoft Windows XP Professional 5.1.2600.3.1250.381.1033.18.3327.2465 [GMT 1:00] AV: avast! antivirus 4.8.1368 [VPS 091219-1] On-access scanning enabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\Ati2evxx.exe c:\Program Files\Alwil Software\Avast4\aswUpdSv.exe c:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe E:\Program Files\uTorrent\uTorrent.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe e:\xampp\apache\bin\apache.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe e:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe E:\xampp\apache\bin\apache.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\NeoSmart Technologies\ToolTipFixer\ToolTipFixer.exe c:\Program Files\Alwil Software\Avast4\ashMaiSv.exe c:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter E:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.bin C:\WINDOWS\system32\msiexec.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Documents and Settings\HALAPA\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://search.mywebsearch.com/mywebsearch/default.jhtml?ptnrS=GRfox000&ptb=tfE9MYFL3hrJChupgcWOaw uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - e:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - e:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - e:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - e:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - e:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [AdobeBridge] uRun: [uTorrent] "e:\program files\utorrent\uTorrent.exe" mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe mRun: [<NO NAME>] mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRun: [LClock] c:\program files\lclock\LClock.exe dRun: [Nokia.PCSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N dPolicies-explorer: ForceClassicControlPanel = 1 (0x1) IE: Append to existing PDF - e:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert link target to Adobe PDF - e:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - e:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - e:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - e:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - e:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - e:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - e:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - e:\progra~1\micros~1\office11\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - {17A84966-F1E9-4645-AA9E-5E771EE1C859} - e:\progra~1\nuclea~1\videoget\plugins\VIDEOG~1.DLL IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - e:\progra~1\micros~1\office11\REFIEBAR.DLL DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\halapa\applic~1\mozilla\firefox\profiles\57dur9n5.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - google.rs FF - prefs.js: keyword.URL - hxxp://urlseek.vmn.net/search.php?type=dns&tbn=vidtomp3dn&q= FF - plugin: c:\documents and settings\halapa\application data\mozilla\plugins\np-mswmp.dll FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll FF - plugin: e:\program files\quicktime alternative\plugins\npqtplugin.dll FF - plugin: e:\program files\quicktime alternative\plugins\npqtplugin2.dll FF - plugin: e:\program files\quicktime alternative\plugins\npqtplugin3.dll FF - plugin: e:\program files\quicktime alternative\plugins\npqtplugin4.dll FF - plugin: e:\program files\quicktime alternative\plugins\npqtplugin5.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ ---- FIREFOX POLICIES ---- FF - user.js: zend.ZDE_Path - e:\program files\zend\zend studio for eclipse - 6.1.0\ZendStudio.exe c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); ============= SERVICES / DRIVERS =============== R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-9-4 114768] R1 vcdrom;Virtual CD-ROM Device Driver;c:\program files\system\cpl bonus\vcdrom.sys [2009-9-3 8576] R2 Apache2.2;Apache2.2;e:\xampp\apache\bin\apache.exe [2008-12-10 24636] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-9-4 20560] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-9-4 138680] R2 StarWindServiceAE;StarWind AE Service;e:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2007-5-28 275968] R2 ToolTipFixer;ToolTipFixer;c:\program files\neosmart technologies\tooltipfixer\ToolTipFixer.exe [2008-10-14 61952] R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-9-4 254040] R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-9-4 352920] R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2009-9-21 33792] R3 ramdisk;Windows RAM Disk Driver;c:\windows\system32\drivers\ramdisk.sys [2009-2-14 10431] S2 MyWebSearchService;My Web Search Service;c:\progra~1\mywebs~1\bar\1.bin\mwssvc.exe --> c:\progra~1\mywebs~1\bar\1.bin\mwssvc.exe [?] =============== Created Last 30 ================ 2009-12-18 16:00:14 305152 ----a-w- c:\windows\IsUninst.exe 2009-12-18 16:00:06 0 d-----w- c:\documents and settings\halapa\WINDOWS 2009-12-16 18:12:44 148 ----a-w- c:\windows\system32\fjhdyfhsn.bat 2009-12-15 17:09:28 0 d-----w- c:\program files\common files\Control Panels 2009-12-15 17:07:32 0 d-----w- c:\docume~1\alluse~1\applic~1\ALM 2009-12-15 14:30:51 2463976 ----a-w- c:\windows\system32\NPSWF32.dll 2009-12-15 14:30:51 190696 ----a-w- c:\windows\system32\NPSWF32_FlashUtil.exe 2009-12-15 14:24:23 0 d-----w- c:\program files\Bonjour 2009-12-15 14:19:46 0 d-----w- c:\program files\common files\Macrovision Shared 2009-12-13 11:48:09 0 d-----w- C:\NRadioBoxData 2009-12-10 13:42:09 0 d-----w- c:\documents and settings\halapa\Phone Browser 2009-12-10 13:41:07 0 d-----w- c:\program files\common files\PCSuite 2009-12-10 13:41:06 0 d-----w- c:\program files\common files\Nokia 2009-12-10 13:40:50 0 d-----w- c:\program files\PC Connectivity Solution 2009-12-10 13:40:46 8320 ----a-w- c:\windows\system32\drivers\nmwcdc.sys 2009-12-10 13:40:46 12288 ----a-w- c:\windows\system32\drivers\nmwcdcm.sys 2009-12-10 13:40:46 12288 ----a-w- c:\windows\system32\drivers\nmwcdcj.sys 2009-12-10 13:40:45 65536 ----a-w- c:\windows\system32\nmwcdcocls.dll 2009-12-10 13:40:45 137216 ----a-w- c:\windows\system32\drivers\nmwcd.sys 2009-12-10 13:40:42 90624 ----a-w- c:\windows\system32\nmwcdcls.dll 2009-12-10 13:40:42 0 d-----w- c:\program files\Nokia 2009-12-10 12:43:50 0 d-----w- c:\docume~1\alluse~1\applic~1\Hemera 2009-12-10 12:43:03 0 d-----w- c:\docume~1\halapa\applic~1\Hemera 2009-12-09 11:48:32 265728 -c----w- c:\windows\system32\dllcache\http.sys 2009-12-06 20:06:46 0 d-----w- c:\docume~1\halapa\applic~1\Feedreader 2009-11-30 18:24:36 216064 ----a-w- c:\windows\iun3405.exe 2009-11-24 21:45:47 0 d-----w- c:\program files\MSXML 4.0 2009-11-23 09:55:02 0 d-----w- c:\docume~1\halapa\applic~1\Sony Creative Software 2009-11-22 21:09:28 471 ----a-w- c:\windows\system32\Datei4 2009-11-22 21:09:28 471 ----a-w- c:\windows\system32\Datei2 2009-11-22 21:09:28 470 ----a-w- c:\windows\system32\Datei3 2009-11-22 21:09:28 470 ----a-w- c:\windows\system32\Datei1 2009-11-22 21:09:28 469 ----a-w- c:\windows\system32\Datei7 2009-11-22 21:09:28 469 ----a-w- c:\windows\system32\Datei5 2009-11-22 21:09:28 468 ----a-w- c:\windows\system32\Datei0 2009-11-22 21:09:28 467 ----a-w- c:\windows\system32\Datei9 2009-11-22 21:09:28 467 ----a-w- c:\windows\system32\Datei8 2009-11-22 21:09:28 467 ----a-w- c:\windows\system32\Datei10 2009-11-22 21:09:28 465 ----a-w- c:\windows\system32\Datei6 2009-11-22 21:07:04 147425 ----a-w- c:\windows\system32\SYNSOACC-Aide.chm 2009-11-22 21:07:04 120468 ----a-w- c:\windows\system32\SYNSOACC-Hilfe.chm 2009-11-22 21:07:04 114279 ----a-w- c:\windows\system32\SYNSOACC-Help.chm 2009-11-22 21:07:03 45056 ----a-w- c:\windows\system32\Synsopos.exe 2009-11-22 21:07:02 708608 ----a-w- c:\windows\system32\SYNSOACC.dll 2009-11-22 21:07:02 147456 ----a-w- c:\windows\system32\SynsoLChk.dll 2009-11-22 21:02:09 0 d-----w- c:\program files\Steinberg ==================== Find3M ==================== 2009-12-03 15:14:06 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-03 15:13:56 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-10-29 07:46:59 832512 ----a-w- c:\windows\system32\wininet.dll 2009-10-29 07:46:52 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-10-29 07:46:50 17408 ----a-w- c:\windows\system32\corpol.dll 2009-10-21 05:38:36 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:38:36 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20:16 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-18 10:44:01 233472 ----a-w- c:\windows\system32\REX Shared Library.dll 2009-10-13 10:38:09 270336 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 17:58:48 150016 ----a-w- c:\windows\system32\rastls.dll 2009-10-12 13:28:47 79872 ----a-w- c:\windows\system32\raschap.dll 2009-09-23 17:57:48 30996 ----a-w- c:\windows\fonts\Harabara.ttf 2009-09-02 23:29:12 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009090320090904\index.dat ============= FINISH: 9:22:29,37 =============== Dopuna: 20 Dec 2009 9:33 https://www.mycity.rs/must-login.png

Profil

dr_Bora Poslao: 20 Dec 2009 09:39 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

deluxe0507 Poslao: 20 Dec 2009 09:55 Idi na vrh
offline deluxe0507 Ugledni građanin Pridružio: 19 Jan 2008 Poruke: 388 Gde živiš: podzemlje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-12-19.01 - HALAPA 19.12.2009 9:45.1.4 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.381.1033.18.3327.2739 [GMT 1:00] Running from: c:\documents and settings\HALAPA\Desktop\ComboFix.exe AV: avast! antivirus 4.8.1368 [VPS 091219-1] On-access scanning disabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\local.txt . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_MYWEBSEARCHSERVICE -------\Service_MyWebSearchService ((((((((((((((((((((((((( Files Created from 2009-11-19 to 2009-12-19 ))))))))))))))))))))))))))))))) . 2009-12-18 16:00 . 1998-07-30 11:51 305152 ----a-w- c:\windows\IsUninst.exe 2009-12-18 16:00 . 2009-12-18 16:00 -------- d-----w- c:\documents and settings\HALAPA\WINDOWS 2009-12-16 18:12 . 2009-12-16 18:12 148 ----a-w- c:\windows\system32\fjhdyfhsn.bat 2009-12-16 16:29 . 2009-12-16 16:29 1924200 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player.exe 2009-12-16 16:29 . 2009-12-17 12:13 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS 2009-12-15 20:51 . 2009-12-15 20:51 4844296 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2009-12-15 17:23 . 2007-03-20 13:49 2781184 ----a-w- c:\documents and settings\HALAPA\Application Data\Adobe\Dreamweaver 9\Configuration\Flash Player\authplay.dll 2009-12-15 17:09 . 2009-12-15 17:09 -------- d-----w- c:\program files\Common Files\Control Panels 2009-12-15 17:07 . 2009-12-15 17:07 -------- d-----w- c:\documents and settings\All Users\Application Data\ALM 2009-12-15 16:54 . 2009-12-15 16:54 -------- d-----w- c:\program files\QuickTime 2009-12-15 14:30 . 2007-02-20 15:04 190696 ----a-w- c:\windows\system32\NPSWF32_FlashUtil.exe 2009-12-15 14:30 . 2007-02-20 15:04 2463976 ----a-w- c:\windows\system32\NPSWF32.dll 2009-12-15 14:24 . 2009-12-15 14:24 -------- d-----w- c:\program files\Bonjour 2009-12-15 14:19 . 2009-12-15 14:19 -------- d-----w- c:\program files\Common Files\Macrovision Shared 2009-12-13 11:48 . 2009-12-15 13:35 -------- d-----w- C:\NRadioBoxData 2009-12-10 13:45 . 2009-12-10 13:45 -------- d-----w- c:\documents and settings\HALAPA\Application Data\Nokia Multimedia Player 2009-12-10 13:42 . 2009-12-10 13:42 -------- d-----w- c:\documents and settings\HALAPA\Phone Browser 2009-12-10 13:40 . 2007-02-22 09:15 90624 ----a-w- c:\windows\system32\nmwcdcls.dll 2009-12-10 13:40 . 2009-12-10 13:40 9728 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstPCS.exe 2009-12-10 13:40 . 2009-12-10 13:40 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstCCD.exe 2009-12-10 13:40 . 2009-12-10 13:40 15360 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstPCSFEMsi.exe 2009-12-10 13:40 . 2007-04-02 04:45 44338384 ----a-r- c:\documents and settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Nokia_PC_Suite_683_rel_14_1_EA.exe 2009-12-10 12:43 . 2009-12-10 12:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Hemera 2009-12-10 12:43 . 2009-12-10 12:43 -------- d-----w- c:\documents and settings\HALAPA\Application Data\Hemera 2009-12-09 11:48 . 2009-10-20 16:20 265728 -c----w- c:\windows\system32\dllcache\http.sys 2009-12-06 20:06 . 2009-12-06 20:26 -------- d-----w- c:\documents and settings\HALAPA\Application Data\Feedreader 2009-11-30 21:59 . 2009-11-30 21:59 -------- d-----w- c:\documents and settings\HALAPA\Local Settings\Application Data\Help 2009-11-30 18:24 . 2009-11-30 18:24 216064 ----a-w- c:\windows\iun3405.exe 2009-11-24 21:45 . 2009-11-24 21:45 -------- d-----w- c:\program files\MSXML 4.0 2009-11-23 09:55 . 2009-11-23 09:55 -------- d-----w- c:\documents and settings\HALAPA\Application Data\Sony Creative Software 2009-11-22 21:07 . 2005-11-03 16:14 45056 ----a-w- c:\windows\system32\Synsopos.exe 2009-11-22 21:07 . 2005-11-08 19:02 708608 ----a-w- c:\windows\system32\SYNSOACC.dll 2009-11-22 21:07 . 2005-11-08 10:20 147456 ----a-w- c:\windows\system32\SynsoLChk.dll 2009-11-22 21:02 . 2009-11-22 21:02 -------- d-----w- c:\program files\Steinberg 2009-11-22 11:52 . 2009-11-22 11:52 129 ----a-w- c:\documents and settings\HALAPA\Local Settings\Application Data\fusioncache.dat 2009-11-22 11:51 . 2009-11-24 14:12 -------- d-----w- c:\documents and settings\HALAPA\Local Settings\Application Data\ApplicationHistory 2009-11-20 15:16 . 2009-11-20 15:16 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-19 08:50 . 2009-09-21 14:51 -------- d-----w- c:\documents and settings\HALAPA\Application Data\uTorrent 2009-12-19 08:17 . 2009-09-04 15:32 -------- d-----w- c:\documents and settings\All Users\Application Data\KONAMI 2009-12-18 20:00 . 2009-09-13 11:05 -------- d-----w- c:\documents and settings\HALAPA\Application Data\AIMP 2009-12-16 18:13 . 2009-12-16 18:12 16 ----a-w- c:\windows\system32\config\systemprofile\Application Data\fvgqad.dat 2009-12-15 20:49 . 2009-09-22 14:39 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-12-15 17:11 . 2009-09-21 16:31 -------- d-----w- c:\program files\Common Files\Adobe 2009-12-15 16:48 . 2009-09-04 12:00 62312 ----a-w- c:\documents and settings\HALAPA\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-12-10 22:07 . 2009-09-02 23:37 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-10 13:44 . 2009-12-10 13:41 -------- d-----w- c:\documents and settings\HALAPA\Application Data\Nokia 2009-12-10 13:41 . 2009-12-10 13:41 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite 2009-12-10 13:41 . 2009-12-10 13:40 -------- d-----w- c:\documents and settings\HALAPA\Application Data\PC Suite 2009-12-10 13:41 . 2009-12-10 13:40 -------- d-----w- c:\program files\DIFX 2009-12-10 13:41 . 2009-12-10 13:41 -------- d-----w- c:\program files\Common Files\PCSuite 2009-12-10 13:41 . 2009-12-10 13:41 -------- d-----w- c:\program files\Common Files\Nokia 2009-12-10 13:41 . 2009-12-10 13:40 -------- d-----w- c:\program files\Nokia 2009-12-10 13:40 . 2009-12-10 13:40 -------- d-----w- c:\program files\PC Connectivity Solution 2009-12-10 13:40 . 2009-11-09 13:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations 2009-12-10 12:41 . 2009-10-12 09:13 -------- d-----w- c:\program files\Common Files\InstallShield 2009-12-09 10:38 . 2009-09-07 18:10 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet 2009-12-03 15:14 . 2009-10-12 16:06 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-03 15:13 . 2009-10-12 16:06 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-11-24 23:54 . 2009-09-04 11:57 1280480 ----a-w- c:\windows\system32\aswBoot.exe 2009-11-24 23:51 . 2009-09-04 11:57 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-11-24 23:50 . 2009-09-04 11:57 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-11-24 23:50 . 2009-09-04 11:57 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-11-24 23:50 . 2009-09-04 11:57 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-11-24 23:49 . 2009-09-04 11:57 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-11-24 23:48 . 2009-09-04 11:57 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-11-24 23:47 . 2009-09-04 11:57 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-11-24 23:47 . 2009-09-04 11:57 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-11-23 18:18 . 2009-09-21 16:54 -------- d-----w- c:\documents and settings\HALAPA\Application Data\Steinberg 2009-11-23 09:55 . 2009-11-18 18:30 -------- d-----w- c:\documents and settings\HALAPA\Application Data\Sony 2009-11-22 21:07 . 2009-09-21 16:50 -------- d-----w- c:\program files\Syncrosoft 2009-11-18 18:31 . 2009-11-18 18:31 -------- d-----w- c:\documents and settings\HALAPA\Application Data\Publish Providers 2009-11-18 18:27 . 2009-11-18 18:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony 2009-11-13 12:40 . 2009-11-13 12:40 -------- d-----w- c:\documents and settings\HALAPA\Application Data\EmailNotifier 2009-11-09 11:27 . 2009-09-02 23:24 -------- d-----w- c:\program files\QuickTime Alternative 2009-11-09 11:27 . 2009-11-09 11:27 -------- d-----w- c:\program files\Apple Software Update 2009-11-09 11:27 . 2009-11-09 11:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple 2009-11-05 13:17 . 2009-11-05 13:17 -------- d-----w- c:\documents and settings\HALAPA\Application Data\Subversion 2009-11-05 13:14 . 2009-11-05 13:14 -------- d--h--w- c:\program files\Zero G Registry 2009-11-01 18:30 . 2009-09-28 13:13 -------- d-----w- c:\documents and settings\HALAPA\Application Data\Ahead 2009-10-29 07:46 . 2008-12-20 22:15 832512 ----a-w- c:\windows\system32\wininet.dll 2009-10-29 07:46 . 2009-10-06 14:16 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-10-29 07:46 . 2009-02-12 15:25 17408 ----a-w- c:\windows\system32\corpol.dll 2009-10-25 10:13 . 2009-10-19 16:45 -------- d-----w- c:\program files\Common Files\AVSMedia 2009-10-25 10:13 . 2009-10-19 16:46 -------- d-----w- c:\program files\AVS4YOU 2009-10-21 05:38 . 2008-04-14 02:42 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:38 . 2008-04-14 02:41 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2008-04-13 21:23 265728 ----a-w- c:\windows\system32\drivers\http.sys 2009-10-18 10:44 . 2009-10-18 10:44 233472 ----a-w- c:\windows\system32\REX Shared Library.dll 2009-10-13 10:38 . 2009-02-12 15:31 270336 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 17:58 . 2009-02-12 15:31 150016 ----a-w- c:\windows\system32\rastls.dll 2009-10-12 13:28 . 2008-04-14 02:42 79872 ----a-w- c:\windows\system32\raschap.dll 2009-09-25 14:43 . 2009-09-25 14:43 1924440 ----a-w- c:\documents and settings\HALAPA\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe 2009-09-21 17:44 . 2009-09-21 17:44 3128 ----a-r- c:\documents and settings\HALAPA\Application Data\Microsoft\Installer\{D1EBF11E-8CE3-4EF5-8E2D-FD5B8D6BD294}\ARPPRODUCTICON.exe 2009-09-21 17:32 . 2009-09-21 17:32 3128 ----a-r- c:\documents and settings\HALAPA\Application Data\Microsoft\Installer\{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}\ARPPRODUCTICON.exe 2009-09-21 17:12 . 2009-09-21 17:09 3828846 ----a-w- c:\documents and settings\HALAPA\Application Data\OpenCandy\maximus_install.exe 2009-09-21 15:54 . 2009-09-21 15:54 716272 ----a-w- c:\windows\system32\drivers\sptd.sys . ------- Sigcheck ------- [-] 2009-02-12 . 25A740D70E8007814A48D3FA1B34FA34 . 361600 . . [5.1.2600.5649] . . c:\windows\system32\drivers\tcpip.sys [-] 2009-02-12 . F2DF0FDBD41B34112EE05ED04258F052 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="e:\program files\uTorrent\uTorrent.exe" [2009-12-12 289584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-13 208952] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 455168] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_3"="advpack.dll" [2009-10-29 124928] [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2009\\pes2009.exe"= "e:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FarCry2.exe"= "e:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Launcher.exe"= "e:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2Editor.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "e:\\Program Files\\Ubisoft\\Far Cry 2\\bin\\FC2ServerLauncher.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "e:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Image-Line\\Sawer\\Sawer.exe"= "c:\\Program Files\\Nero\\Nero 7\\Nero MediaHome\\NeroMediaHome.exe"= "c:\\Program Files\\Nero\\Nero 7\\Nero MediaHome\\NMMediaServer.exe"= "e:\\xampp\\apache\\bin\\apache.exe"= "e:\\Program Files\\Zend\\Zend Studio for Eclipse - 6.1.0\\ZendStudio.exe"= "e:\\Program Files\\Sony\\Vegas Pro 9.0\\VegSrv90.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"= "e:\\Program Files\\KONAMI\\Pro Evolution Soccer 2010\\pes2010.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server "3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server "50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server "50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21.9.2009 16:54 716272] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [4.9.2009 12:57 114768] R1 vcdrom;Virtual CD-ROM Device Driver;c:\program files\System\CPL Bonus\vcdrom.sys [3.9.2009 0:13 8576] R2 Apache2.2;Apache2.2;e:\xampp\apache\bin\apache.exe [10.12.2008 0:10 24636] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4.9.2009 12:57 20560] R2 ToolTipFixer;ToolTipFixer;c:\program files\NeoSmart Technologies\ToolTipFixer\ToolTipFixer.exe [14.10.2008 18:33 61952] R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [21.9.2009 17:51 33792] R3 ramdisk;Windows RAM Disk Driver;c:\windows\system32\drivers\ramdisk.sys [14.2.2009 9:00 10431] --- Other Services/Drivers In Memory --- NewlyCreated - VCDROM . ------- Supplementary Scan ------- . uStart Page = hxxp://search.mywebsearch.com/mywebsearch/default.jhtml?ptnrS=GRfox000&ptb=tfE9MYFL3hrJChupgcWOaw uInternet Settings,ProxyOverride = .local IE: Append to existing PDF - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert link target to Adobe PDF - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - e:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: E&xport to Microsoft Excel - e:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\HALAPA\Application Data\Mozilla\Firefox\Profiles\57dur9n5.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - google.rs FF - prefs.js: keyword.URL - hxxp://urlseek.vmn.net/search.php?type=dns&tbn=vidtomp3dn&q= FF - plugin: c:\documents and settings\HALAPA\Application Data\Mozilla\plugins\np-mswmp.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: e:\program files\QuickTime Alternative\Plugins\npqtplugin.dll FF - plugin: e:\program files\QuickTime Alternative\Plugins\npqtplugin2.dll FF - plugin: e:\program files\QuickTime Alternative\Plugins\npqtplugin3.dll FF - plugin: e:\program files\QuickTime Alternative\Plugins\npqtplugin4.dll FF - plugin: e:\program files\QuickTime Alternative\Plugins\npqtplugin5.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- FF - user.js: zend.ZDE_Path - e:\program files\Zend\Zend Studio for Eclipse - 6.1.0\ZendStudio.exe . - - - - ORPHANS REMOVED - - - - HKCU-Run-AdobeBridge - (no file) HKU-Default-Run-LClock - c:\program files\LClock\LClock.exe *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-12-19 09:49 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spla.sys >>UNKNOWN [0x8A630938]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xf74cbf28 \Driver\ACPI -> ACPI.sys @ 0xf7249cb8 \Driver\atapi -> atapi.sys @ 0xf71deb40 IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8 ParseProcedure -> ntkrnlpa.exe @ 0x805827e8 \Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8 ParseProcedure -> ntkrnlpa.exe @ 0x805827e8 NDIS: NVIDIA nForce 10/100/1000 Mbps Ethernet -> SendCompleteHandler -> NDIS.sys @ 0xf70d4bb0 PacketIndicateHandler -> NDIS.sys @ 0xf70e1b21 SendHandler -> NDIS.sys @ 0xf70bf87b user & kernel MBR OK ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(748-) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(2936) c:\windows\system32\WININET.dll c:\windows\system32\msi.dll c:\windows\system32\ieframe.dll c:\windows\system32\WPDShServiceObj.dll c:\program files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll c:\program files\Nokia\Nokia PC Suite 6\PCSCM.dll c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_eng.nlr c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\PnkBstrB.exe e:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe . ************************************************************************ . Completion time: 2009-12-19 09:51:31 - machine was rebooted ComboFix-quarantined-files.txt 2009-12-19 08:51 Pre-Run: 17.026.310.144 bytes free Post-Run: 18.750.455.808 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer - - End Of File - - 4C7287D12EC0230038DAC9F5D1126D9F

Profil

dr_Bora Poslao: 20 Dec 2009 11:07 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\windows\system32\fjhdyfhsn.bat c:\windows\system32\config\systemprofile\Application Data\fvgqad.dat DDS:: uStart Page = hxxp://search.mywebsearch.com/mywebsearch/default.jhtml?ptnrS=GRfox000&ptb=tfE9MYFL3hrJChupgcWOaw Firefox:: FF - ProfilePath - c:\documents and settings\HALAPA\Application Data\Mozilla\Firefox\Profiles\57dur9n5.default\ FF - prefs.js: keyword.URL - hxxp://urlseek.vmn.net/search.php?type=dns&tbn=vidtomp3dn&q=` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » siszyd32.exe

Ko je trenutno na forumu

Ukupno su 880 korisnika na forumu :: 8 registrovanih, 0 sakrivenih i 872 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Bluper, havoc995, Marko Marković, mgolub, milenko crazy north, Ne doznajem se u oružje, robytz, wizzardone

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by