MyCity » Ambulanta -> Arhiva Ambulante » zarazen kompjuter

zarazen kompjuter

Napisano na dan: 11.6.2009

Strana:
1
2
3

zarazen kompjuter

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

nadjime Poslao: 17 Jun 2009 22:30 Idi na vrh
offline nadjime Građanin Pridružio: 07 Jun 2008 Poruke: 104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 17 Jun 2009 22:25 ona je sve uradila kako ste rekli.Prvo je dezinstalitala ComboFix.exe. ovaj prvi,pokrenula je ovaj drugi i on je nesto radio,pa se resetovao. Ali nam nije nikakav tekst izbacilo,pa da vam objavimo. Je li to u redu? Dopuna: 17 Jun 2009 22:30 Sta dalje da radimo?

Profil

diarno Poslao: 17 Jun 2009 22:38 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! pogledaj u C particiji dal postoji dokument Combofix.txt pa ga okaci ovde.

Profil

nadjime Poslao: 21 Jun 2009 15:58 Idi na vrh
offline nadjime Građanin Pridružio: 07 Jun 2008 Poruke: 104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 19 Jun 2009 14:38 ComboFix 09-06-16.05 - x 19.06.2009 11:43.4 - NTFSx86 Running from: c:\documents and settings\x\Desktop\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_6to4 -------\Legacy_dhcpsrv -------\Legacy_msncache -------\Legacy_msupdate -------\Legacy_POWERMANAGER -------\Legacy_protect -------\Legacy_sopidkc -------\Service_msncache -------\Service_PowerManager ((((((((((((((((((((((((( Files Created from 2009-05-19 to 2009-06-19 ))))))))))))))))))))))))))))))) . 2009-06-13 17:25 . 2009-06-13 17:25 -------- d-----w- c:\documents and settings\x\DoctorWeb . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-18 19:18 . 2008-05-24 16:04 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-06-10 11:36 . 2008-10-24 18:41 -------- d-----w- c:\documents and settings\x\Application Data\skypePM 2009-06-10 11:36 . 2008-10-23 20:00 -------- d-----w- c:\documents and settings\x\Application Data\Skype 2009-05-19 16:31 . 2009-04-25 09:35 0 ----a-w- c:\windows\system32\drivers\1d91fa8d.sys 2009-05-08 14:47 . 2009-05-07 21:24 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-05-08 14:47 . 2009-05-07 21:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-05-08 14:40 . 2009-05-08 14:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-05-08 14:30 . 2009-05-07 21:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files 2009-05-08 14:13 . 2009-05-08 14:13 -------- d-----w- c:\program files\Realtek Sound Manager 2009-05-08 14:13 . 2004-10-06 15:50 -------- d-----w- c:\program files\AvRack 2009-05-08 14:13 . 2009-05-08 14:12 -------- d-----w- c:\program files\Realtek AC97 2009-05-08 13:04 . 2004-10-06 06:17 22776 ----a-w- c:\windows\system32\emptyregdb.dat 2009-05-08 10:10 . 2009-05-08 10:10 36864 ----a-w- c:\windows\system32\slrundll.exe 2009-05-08 06:37 . 2008-03-10 18:01 -------- d-----w- c:\program files\Winamp 2009-05-08 05:55 . 2009-05-08 05:49 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-05-07 19:55 . 2009-05-07 19:55 -------- d-----w- c:\documents and settings\x\Application Data\TuneUp Software 2009-05-07 13:38 . 2008-10-10 20:50 90112 ----a-w- c:\windows\unvise32qt.exe 2009-05-07 13:38 . 2006-07-14 14:29 970752 ----a-w- c:\windows\UNRecode.exe 2009-05-07 13:38 . 2006-07-14 14:29 970752 ----a-w- c:\windows\UNNeroVision.exe 2009-05-07 13:29 . 2004-10-06 15:53 26624 ----a-w- c:\windows\system32\xpsp1hfm.exe 2009-05-07 13:13 . 2004-10-06 16:03 323584 ----a-w- c:\windows\system32\nwiz.exe 2009-05-07 13:12 . 1998-10-01 19:00 39936 ----a-w- c:\windows\system32\MAPISRVR.EXE 2009-05-07 13:12 . 2004-10-06 16:03 290816 ----a-w- c:\windows\system32\keystone.exe 2009-05-07 13:11 . 2002-08-29 03:41 172544 ----a-w- c:\windows\system32\jview.exe 2009-05-07 13:11 . 2002-08-29 03:41 14848 ----a-w- c:\windows\system32\jdbgmgr.exe 2009-05-07 13:11 . 2004-08-03 23:56 22016 ----a-w- c:\windows\system32\faxpatch.exe 2009-05-07 13:05 . 2004-08-03 23:56 8704 ----a-w- c:\windows\system32\spdwnwxp.exe 2009-05-07 13:05 . 2007-07-15 21:46 165376 ----a-w- c:\windows\system32\SpoonUninstall.exe 2009-05-07 13:05 . 2004-08-03 23:56 22016 ----a-w- c:\windows\system32\spupdwxp.exe 2009-05-07 12:50 . 2007-08-08 18:21 47104 ----a-w- c:\windows\system32\uwdf.exe 2009-05-07 12:46 . 2002-08-29 03:41 171520 ----a-w- c:\windows\system32\wjview.exe 2009-05-07 12:46 . 2002-08-29 03:41 81920 ----a-w- c:\windows\system32\wmpstub.exe 2009-05-07 12:42 . 2008-10-29 18:17 9728 ----a-w- c:\windows\system32\comsdupd.exe 2009-05-07 12:42 . 2002-08-29 03:41 50176 ----a-w- c:\windows\system32\clspack.exe 2009-05-06 22:51 . 2005-01-18 06:58 300032 ----a-w- c:\windows\uninst.exe 2009-05-06 22:51 . 2005-01-18 06:58 302592 ----a-w- c:\windows\unin040c.exe 2009-05-06 22:51 . 2005-08-09 21:38 274432 ----a-w- c:\windows\TLCUninstall.exe 2009-05-06 22:51 . 2004-10-06 15:49 307712 ----a-w- c:\windows\IsUninst.exe 2009-05-06 22:10 . 1999-08-02 09:47 391680 ----a-w- c:\program files\YuRecnik.exe 2009-05-06 22:10 . 1999-08-02 09:40 224256 ----a-w- c:\program files\MiniYuRecnik.exe 2009-05-06 22:10 . 1999-01-25 04:27 29184 ----a-w- c:\program files\Uninstal.exe 2009-05-06 19:45 . 2004-10-06 16:00 335872 ----a-r- c:\windows\Anvshell.exe 2009-05-06 19:45 . 2004-10-06 16:00 24576 -c--a-r- c:\windows\ANVUNIS.exe 2009-05-06 18:57 . 2004-10-09 22:26 1094656 ----a-w- c:\documents and settings\Recnik\Recnik.EXE 2009-05-06 18:49 . 2008-11-18 14:55 2560 ----a-w- c:\windows\_MSRSTRT.EXE 2009-05-06 18:01 . 2008-12-25 23:32 184320 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-05-06 17:56 . 2007-08-08 18:21 38912 ----a-w- c:\windows\system32\wdfmgr.exe 2009-05-06 17:56 . 2004-10-06 16:03 73728 ----a-w- c:\windows\system32\nvsvc32.exe 2009-05-06 17:54 . 2004-10-10 00:35 221184 ----a-w- c:\windows\system32\srkey.exe 2009-04-28 15:06 . 2006-12-12 23:45 -------- d-----w- c:\program files\Recnik20 2009-04-28 14:35 . 2009-02-01 12:48 -------- d-----w- c:\program files\Mp3 Knife 2009-04-28 14:35 . 2009-02-01 13:06 -------- d-----w- c:\program files\DVD Knife 2009-01-07 20:56 . 2007-03-12 01:08 1123 ----a-w- c:\program files\Yurecnik.ini 2009-01-07 11:54 . 2007-03-12 01:08 258 ----a-w- c:\program files\Mini-YuRecnik.ini 2007-08-07 21:20 . 2004-10-08 04:05 778240 ----a-w- c:\program files\Mv2Player.exe 2007-03-12 01:07 . 2007-03-12 01:06 10819 ---ha-w- c:\program files\Yurecnik.GID 2007-03-12 01:06 . 2007-03-12 01:06 1909 ----a-w- c:\program files\uninstal.log 2007-02-17 23:17 . 2005-05-11 00:02 313 ----a-w- c:\program files\MV2Player.rcn 2007-02-17 23:17 . 2005-05-11 00:02 10751 ----a-w- c:\program files\MV2Player.ini 2007-02-17 23:17 . 2005-05-11 00:02 36 ----a-w- c:\program files\LastSet.mv2 1999-08-02 09:35 . 1999-08-02 09:35 9559 ----a-w- c:\program files\YURECNIK.HLP 1999-08-02 09:35 . 1999-08-02 09:35 57 ----a-w- c:\program files\Yurecnik.CNT 1999-07-29 09:43 . 1999-07-29 09:43 2447472 ----a-w- c:\program files\Reci.dat 1996-09-06 12:08 . 1996-09-06 12:08 30070 ----a-w- c:\program files\Fb_deflt.dic 1996-02-23 15:26 . 1996-02-23 15:26 469504 -c--a-w- c:\program files\Fb_11k8.dll 1996-02-23 14:59 . 1996-02-23 14:59 34816 ----a-w- c:\program files\Fb_spch.dll 1996-02-23 14:48 . 1996-02-23 14:48 4608 ----a-w- c:\program files\Fb_timer.dll 1996-02-23 14:46 . 1996-02-23 14:46 29184 ----a-w- c:\program files\Fb_ngn.exe 1996-02-23 14:21 . 1996-02-23 14:21 16896 ----a-w- c:\program files\Uraspec.exe 1996-02-23 14:17 . 1996-02-23 14:17 18432 ----a-w- c:\program files\Dictmgr.exe 1993-11-29 08:32 . 1993-11-29 08:32 16896 ----a-w- c:\program files\Monologw.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-01-28 185872] "SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2006-11-17 577536] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "NvMediaCenter"="c:\windows\System32\NVMCTRAY.DLL" [2003-04-02 49152] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk] backup=c:\windows\pss\Bluetooth.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk] backup=c:\windows\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PalTalk.lnk] backup=c:\windows\pss\PalTalk.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^x^Start Menu^Programs^Startup^PowerReg Scheduler V3.exe] backup=c:\windows\pss\PowerReg Scheduler V3.exeStartup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015 "1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016 "500:UDP"= 500:UDP:@xpsp2res.dll,-22017 S1 1d91fa8d;1d91fa8d;c:\windows\system32\drivers\1d91fa8d.sys [25.4.2009 11:35 0] S3 autorun;autorun;\??\c:\huadio.tmp --> c:\huadio.tmp [?] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [10.12.2008 19:51 29744] S3 ISOUSB;Vimicro UVC generic driver;c:\windows\system32\drivers\vgeneric.sys [28.10.2008 22:20 64000] S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\Windows Live\Messenger\usnsvc.exe [18.10.2007 12:31 98328] S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [29.10.2008 21:04 249984] S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [29.10.2008 21:04 476032] . - - - - ORPHANS REMOVED - - - - BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file) . ------- Supplementary Scan ------- . mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/http://www.yahoo.com/ext/search/search.html uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=1665&gct=&gc=1&q=%s IE: &Search - ?p=ZCfox000 IE: Send to &Bluetooth Device... - c:\program files\D-Link\Bluetooth Software\btsendto_ie_ctx.htm DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\x\Application Data\Mozilla\Firefox\Profiles\255yjv76.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.ba/ FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=1665&gct=&gc=1&q= FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npkimi.dll FF - plugin: c:\program files\Opera75\Program\Plugins\npdrmv2.dll FF - plugin: c:\program files\Opera75\Program\Plugins\npdsplay.dll FF - plugin: c:\program files\Opera75\Program\Plugins\Npindeo.dll FF - plugin: c:\program files\Opera75\Program\Plugins\nppl3260.dll FF - plugin: c:\program files\Opera75\Program\Plugins\nprjplug.dll FF - plugin: c:\program files\Opera75\Program\Plugins\nprpjplug.dll FF - plugin: c:\program files\Opera75\Program\Plugins\NPSWF32.dll FF - plugin: c:\program files\Opera75\Program\Plugins\npwmsdrm.dll . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-06-19 11:50 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\autorun] "ImagePath"="\??\C:\huadio.tmp" . Completion time: 2009-06-19 11:56 ComboFix-quarantined-files.txt 2009-06-19 09:55 ComboFix2.txt 2009-06-15 16:47 Pre-Run: 6.374.752.256 bytes free Post-Run: 6.361.452.544 bytes free 190 Dopuna: 19 Jun 2009 14:40 nadamo se da je ovako ispravno Dopuna: 20 Jun 2009 21:12 ComboFix 09-06-16.05 - x 19.06.2009 11:43.4 - NTFSx86 Running from: c:\documents and settings\x\Desktop\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_6to4 -------\Legacy_dhcpsrv -------\Legacy_msncache -------\Legacy_msupdate -------\Legacy_POWERMANAGER -------\Legacy_protect -------\Legacy_sopidkc -------\Service_msncache -------\Service_PowerManager ((((((((((((((((((((((((( Files Created from 2009-05-19 to 2009-06-19 ))))))))))))))))))))))))))))))) . 2009-06-13 17:25 . 2009-06-13 17:25 -------- d-----w- c:\documents and settings\x\DoctorWeb . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-18 19:18 . 2008-05-24 16:04 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-06-10 11:36 . 2008-10-24 18:41 -------- d-----w- c:\documents and settings\x\Application Data\skypePM 2009-06-10 11:36 . 2008-10-23 20:00 -------- d-----w- c:\documents and settings\x\Application Data\Skype 2009-05-19 16:31 . 2009-04-25 09:35 0 ----a-w- c:\windows\system32\drivers\1d91fa8d.sys 2009-05-08 14:47 . 2009-05-07 21:24 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-05-08 14:47 . 2009-05-07 21:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-05-08 14:40 . 2009-05-08 14:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-05-08 14:30 . 2009-05-07 21:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files 2009-05-08 14:13 . 2009-05-08 14:13 -------- d-----w- c:\program files\Realtek Sound Manager 2009-05-08 14:13 . 2004-10-06 15:50 -------- d-----w- c:\program files\AvRack 2009-05-08 14:13 . 2009-05-08 14:12 -------- d-----w- c:\program files\Realtek AC97 2009-05-08 13:04 . 2004-10-06 06:17 22776 ----a-w- c:\windows\system32\emptyregdb.dat 2009-05-08 10:10 . 2009-05-08 10:10 36864 ----a-w- c:\windows\system32\slrundll.exe 2009-05-08 06:37 . 2008-03-10 18:01 -------- d-----w- c:\program files\Winamp 2009-05-08 05:55 . 2009-05-08 05:49 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-05-07 19:55 . 2009-05-07 19:55 -------- d-----w- c:\documents and settings\x\Application Data\TuneUp Software 2009-05-07 13:38 . 2008-10-10 20:50 90112 ----a-w- c:\windows\unvise32qt.exe 2009-05-07 13:38 . 2006-07-14 14:29 970752 ----a-w- c:\windows\UNRecode.exe 2009-05-07 13:38 . 2006-07-14 14:29 970752 ----a-w- c:\windows\UNNeroVision.exe 2009-05-07 13:29 . 2004-10-06 15:53 26624 ----a-w- c:\windows\system32\xpsp1hfm.exe 2009-05-07 13:13 . 2004-10-06 16:03 323584 ----a-w- c:\windows\system32\nwiz.exe 2009-05-07 13:12 . 1998-10-01 19:00 39936 ----a-w- c:\windows\system32\MAPISRVR.EXE 2009-05-07 13:12 . 2004-10-06 16:03 290816 ----a-w- c:\windows\system32\keystone.exe 2009-05-07 13:11 . 2002-08-29 03:41 172544 ----a-w- c:\windows\system32\jview.exe 2009-05-07 13:11 . 2002-08-29 03:41 14848 ----a-w- c:\windows\system32\jdbgmgr.exe 2009-05-07 13:11 . 2004-08-03 23:56 22016 ----a-w- c:\windows\system32\faxpatch.exe 2009-05-07 13:05 . 2004-08-03 23:56 8704 ----a-w- c:\windows\system32\spdwnwxp.exe 2009-05-07 13:05 . 2007-07-15 21:46 165376 ----a-w- c:\windows\system32\SpoonUninstall.exe 2009-05-07 13:05 . 2004-08-03 23:56 22016 ----a-w- c:\windows\system32\spupdwxp.exe 2009-05-07 12:50 . 2007-08-08 18:21 47104 ----a-w- c:\windows\system32\uwdf.exe 2009-05-07 12:46 . 2002-08-29 03:41 171520 ----a-w- c:\windows\system32\wjview.exe 2009-05-07 12:46 . 2002-08-29 03:41 81920 ----a-w- c:\windows\system32\wmpstub.exe 2009-05-07 12:42 . 2008-10-29 18:17 9728 ----a-w- c:\windows\system32\comsdupd.exe 2009-05-07 12:42 . 2002-08-29 03:41 50176 ----a-w- c:\windows\system32\clspack.exe 2009-05-06 22:51 . 2005-01-18 06:58 300032 ----a-w- c:\windows\uninst.exe 2009-05-06 22:51 . 2005-01-18 06:58 302592 ----a-w- c:\windows\unin040c.exe 2009-05-06 22:51 . 2005-08-09 21:38 274432 ----a-w- c:\windows\TLCUninstall.exe 2009-05-06 22:51 . 2004-10-06 15:49 307712 ----a-w- c:\windows\IsUninst.exe 2009-05-06 22:10 . 1999-08-02 09:47 391680 ----a-w- c:\program files\YuRecnik.exe 2009-05-06 22:10 . 1999-08-02 09:40 224256 ----a-w- c:\program files\MiniYuRecnik.exe 2009-05-06 22:10 . 1999-01-25 04:27 29184 ----a-w- c:\program files\Uninstal.exe 2009-05-06 19:45 . 2004-10-06 16:00 335872 ----a-r- c:\windows\Anvshell.exe 2009-05-06 19:45 . 2004-10-06 16:00 24576 -c--a-r- c:\windows\ANVUNIS.exe 2009-05-06 18:57 . 2004-10-09 22:26 1094656 ----a-w- c:\documents and settings\Recnik\Recnik.EXE 2009-05-06 18:49 . 2008-11-18 14:55 2560 ----a-w- c:\windows\_MSRSTRT.EXE 2009-05-06 18:01 . 2008-12-25 23:32 184320 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-05-06 17:56 . 2007-08-08 18:21 38912 ----a-w- c:\windows\system32\wdfmgr.exe 2009-05-06 17:56 . 2004-10-06 16:03 73728 ----a-w- c:\windows\system32\nvsvc32.exe 2009-05-06 17:54 . 2004-10-10 00:35 221184 ----a-w- c:\windows\system32\srkey.exe 2009-04-28 15:06 . 2006-12-12 23:45 -------- d-----w- c:\program files\Recnik20 2009-04-28 14:35 . 2009-02-01 12:48 -------- d-----w- c:\program files\Mp3 Knife 2009-04-28 14:35 . 2009-02-01 13:06 -------- d-----w- c:\program files\DVD Knife 2009-01-07 20:56 . 2007-03-12 01:08 1123 ----a-w- c:\program files\Yurecnik.ini 2009-01-07 11:54 . 2007-03-12 01:08 258 ----a-w- c:\program files\Mini-YuRecnik.ini 2007-08-07 21:20 . 2004-10-08 04:05 778240 ----a-w- c:\program files\Mv2Player.exe 2007-03-12 01:07 . 2007-03-12 01:06 10819 ---ha-w- c:\program files\Yurecnik.GID 2007-03-12 01:06 . 2007-03-12 01:06 1909 ----a-w- c:\program files\uninstal.log 2007-02-17 23:17 . 2005-05-11 00:02 313 ----a-w- c:\program files\MV2Player.rcn 2007-02-17 23:17 . 2005-05-11 00:02 10751 ----a-w- c:\program files\MV2Player.ini 2007-02-17 23:17 . 2005-05-11 00:02 36 ----a-w- c:\program files\LastSet.mv2 1999-08-02 09:35 . 1999-08-02 09:35 9559 ----a-w- c:\program files\YURECNIK.HLP 1999-08-02 09:35 . 1999-08-02 09:35 57 ----a-w- c:\program files\Yurecnik.CNT 1999-07-29 09:43 . 1999-07-29 09:43 2447472 ----a-w- c:\program files\Reci.dat 1996-09-06 12:08 . 1996-09-06 12:08 30070 ----a-w- c:\program files\Fb_deflt.dic 1996-02-23 15:26 . 1996-02-23 15:26 469504 -c--a-w- c:\program files\Fb_11k8.dll 1996-02-23 14:59 . 1996-02-23 14:59 34816 ----a-w- c:\program files\Fb_spch.dll 1996-02-23 14:48 . 1996-02-23 14:48 4608 ----a-w- c:\program files\Fb_timer.dll 1996-02-23 14:46 . 1996-02-23 14:46 29184 ----a-w- c:\program files\Fb_ngn.exe 1996-02-23 14:21 . 1996-02-23 14:21 16896 ----a-w- c:\program files\Uraspec.exe 1996-02-23 14:17 . 1996-02-23 14:17 18432 ----a-w- c:\program files\Dictmgr.exe 1993-11-29 08:32 . 1993-11-29 08:32 16896 ----a-w- c:\program files\Monologw.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-01-28 185872] "SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2006-11-17 577536] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "NvMediaCenter"="c:\windows\System32\NVMCTRAY.DLL" [2003-04-02 49152] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk] backup=c:\windows\pss\Bluetooth.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk] backup=c:\windows\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PalTalk.lnk] backup=c:\windows\pss\PalTalk.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^x^Start Menu^Programs^Startup^PowerReg Scheduler V3.exe] backup=c:\windows\pss\PowerReg Scheduler V3.exeStartup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015 "1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016 "500:UDP"= 500:UDP:@xpsp2res.dll,-22017 S1 1d91fa8d;1d91fa8d;c:\windows\system32\drivers\1d91fa8d.sys [25.4.2009 11:35 0] S3 autorun;autorun;\??\c:\huadio.tmp --> c:\huadio.tmp [?] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [10.12.2008 19:51 29744] S3 ISOUSB;Vimicro UVC generic driver;c:\windows\system32\drivers\vgeneric.sys [28.10.2008 22:20 64000] S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\Windows Live\Messenger\usnsvc.exe [18.10.2007 12:31 98328] S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [29.10.2008 21:04 249984] S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [29.10.2008 21:04 476032] . - - - - ORPHANS REMOVED - - - - BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file) . ------- Supplementary Scan ------- . mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/http://www.yahoo.com/ext/search/search.html uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=1665&gct=&gc=1&q=%s IE: &Search - ?p=ZCfox000 IE: Send to &Bluetooth Device... - c:\program files\D-Link\Bluetooth Software\btsendto_ie_ctx.htm DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\x\Application Data\Mozilla\Firefox\Profiles\255yjv76.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.sweetim.com/search.asp?src=2&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.ba/ FF - prefs.js: keyword.URL - hxxp://toolbar.ask.com/toolbarv/askRedirect?o=1665&gct=&gc=1&q= FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npkimi.dll FF - plugin: c:\program files\Opera75\Program\Plugins\npdrmv2.dll FF - plugin: c:\program files\Opera75\Program\Plugins\npdsplay.dll FF - plugin: c:\program files\Opera75\Program\Plugins\Npindeo.dll FF - plugin: c:\program files\Opera75\Program\Plugins\nppl3260.dll FF - plugin: c:\program files\Opera75\Program\Plugins\nprjplug.dll FF - plugin: c:\program files\Opera75\Program\Plugins\nprpjplug.dll FF - plugin: c:\program files\Opera75\Program\Plugins\NPSWF32.dll FF - plugin: c:\program files\Opera75\Program\Plugins\npwmsdrm.dll . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-06-19 11:50 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\autorun] "ImagePath"="\??\C:\huadio.tmp" . Completion time: 2009-06-19 11:56 ComboFix-quarantined-files.txt 2009-06-19 09:55 ComboFix2.txt 2009-06-15 16:47 Pre-Run: 6.374.752.256 bytes free Post-Run: 6.361.452.544 bytes free 190 Dopuna: 20 Jun 2009 21:13 izvinjavamo se na greški bila je zamenila. Dopuna: 21 Jun 2009 15:58 diarno ::pogledaj u C particiji dal postoji dokument Combofix.txt pa ga okaci ovde. DA LI SMO NA PRAVOM PUTU

Profil

diarno Poslao: 21 Jun 2009 20:40 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\windows\system32\drivers\1d91fa8d.sys Driver:: 1d91fa8d` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

nadjime Poslao: 23 Jun 2009 15:08 Idi na vrh
offline nadjime Građanin Pridružio: 07 Jun 2008 Poruke: 104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-06-21.01 - x 22.06.2009 23:17.6 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.255.103 [GMT 2:00] Running from: c:\documents and settings\x\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\x\Desktop\CFScript.txt AV: AntiVir Desktop On-access scanning disabled (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: "c:\windows\system32\drivers\1d91fa8d.sys" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_1d91fa8d ((((((((((((((((((((((((( Files Created from 2009-05-22 to 2009-06-22 ))))))))))))))))))))))))))))))) . 2009-06-22 19:10 . 2009-06-22 19:11 -------- d-----w- C:\32788R22FWJFW.0.tmp 2009-06-21 14:28 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2009-06-21 14:28 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2009-06-21 14:28 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2009-06-21 14:28 . 2009-06-21 14:28 -------- d-----w- c:\program files\Avira 2009-06-21 14:28 . 2009-06-21 14:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2009-06-13 17:25 . 2009-06-13 17:25 -------- d-----w- c:\documents and settings\x\DoctorWeb . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-21 17:22 . 2008-05-24 16:04 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-06-10 11:36 . 2008-10-24 18:41 -------- d-----w- c:\documents and settings\x\Application Data\skypePM 2009-06-10 11:36 . 2008-10-23 20:00 -------- d-----w- c:\documents and settings\x\Application Data\Skype 2009-05-08 14:47 . 2009-05-07 21:24 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-05-08 14:47 . 2009-05-07 21:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-05-08 14:40 . 2009-05-08 14:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-05-08 14:30 . 2009-05-07 21:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files 2009-05-08 14:13 . 2009-05-08 14:13 -------- d-----w- c:\program files\Realtek Sound Manager 2009-05-08 14:13 . 2009-05-08 14:12 -------- d-----w- c:\program files\Realtek AC97 2009-05-08 13:04 . 2004-10-06 06:17 22776 ----a-w- c:\windows\system32\emptyregdb.dat 2009-05-08 10:10 . 2009-05-08 10:10 36864 ----a-w- c:\windows\system32\slrundll.exe 2009-05-08 06:37 . 2008-03-10 18:01 -------- d-----w- c:\program files\Winamp 2009-05-07 19:55 . 2009-05-07 19:55 -------- d-----w- c:\documents and settings\x\Application Data\TuneUp Software 2009-05-07 13:38 . 2008-10-10 20:50 90112 ----a-w- c:\windows\unvise32qt.exe 2009-05-07 13:38 . 2006-07-14 14:29 970752 ----a-w- c:\windows\UNRecode.exe 2009-05-07 13:38 . 2006-07-14 14:29 970752 ----a-w- c:\windows\UNNeroVision.exe 2009-05-07 13:29 . 2004-10-06 15:53 26624 ----a-w- c:\windows\system32\xpsp1hfm.exe 2009-05-07 13:13 . 2004-10-06 16:03 323584 ----a-w- c:\windows\system32\nwiz.exe 2009-05-07 13:12 . 1998-10-01 19:00 39936 ----a-w- c:\windows\system32\MAPISRVR.EXE 2009-05-07 13:12 . 2004-10-06 16:03 290816 ----a-w- c:\windows\system32\keystone.exe 2009-05-07 13:11 . 2002-08-29 03:41 172544 ----a-w- c:\windows\system32\jview.exe 2009-05-07 13:11 . 2002-08-29 03:41 14848 ----a-w- c:\windows\system32\jdbgmgr.exe 2009-05-07 13:11 . 2004-08-03 23:56 22016 ----a-w- c:\windows\system32\faxpatch.exe 2009-05-07 13:05 . 2004-08-03 23:56 8704 ----a-w- c:\windows\system32\spdwnwxp.exe 2009-05-07 13:05 . 2007-07-15 21:46 165376 ----a-w- c:\windows\system32\SpoonUninstall.exe 2009-05-07 13:05 . 2004-08-03 23:56 22016 ----a-w- c:\windows\system32\spupdwxp.exe 2009-05-07 12:50 . 2007-08-08 18:21 47104 ----a-w- c:\windows\system32\uwdf.exe 2009-05-07 12:46 . 2002-08-29 03:41 171520 ----a-w- c:\windows\system32\wjview.exe 2009-05-07 12:46 . 2002-08-29 03:41 81920 ----a-w- c:\windows\system32\wmpstub.exe 2009-05-07 12:42 . 2008-10-29 18:17 9728 ----a-w- c:\windows\system32\comsdupd.exe 2009-05-07 12:42 . 2002-08-29 03:41 50176 ----a-w- c:\windows\system32\clspack.exe 2009-05-06 22:51 . 2005-01-18 06:58 300032 ----a-w- c:\windows\uninst.exe 2009-05-06 22:51 . 2005-01-18 06:58 302592 ----a-w- c:\windows\unin040c.exe 2009-05-06 22:51 . 2005-08-09 21:38 274432 ----a-w- c:\windows\TLCUninstall.exe 2009-05-06 22:51 . 2004-10-06 15:49 307712 ----a-w- c:\windows\IsUninst.exe 2009-05-06 22:10 . 1999-08-02 09:47 391680 ----a-w- c:\program files\YuRecnik.exe 2009-05-06 22:10 . 1999-08-02 09:40 224256 ----a-w- c:\program files\MiniYuRecnik.exe 2009-05-06 22:10 . 1999-01-25 04:27 29184 ----a-w- c:\program files\Uninstal.exe 2009-05-06 19:45 . 2004-10-06 16:00 335872 ----a-r- c:\windows\Anvshell.exe 2009-05-06 19:45 . 2004-10-06 16:00 24576 -c--a-r- c:\windows\ANVUNIS.exe 2009-05-06 18:57 . 2004-10-09 22:26 1094656 ----a-w- c:\documents and settings\Recnik\Recnik.EXE 2009-05-06 18:49 . 2008-11-18 14:55 2560 ----a-w- c:\windows\_MSRSTRT.EXE 2009-05-06 18:01 . 2008-12-25 23:32 184320 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-05-06 17:56 . 2007-08-08 18:21 38912 ----a-w- c:\windows\system32\wdfmgr.exe 2009-05-06 17:56 . 2004-10-06 16:03 73728 ----a-w- c:\windows\system32\nvsvc32.exe 2009-05-06 17:54 . 2004-10-10 00:35 221184 ----a-w- c:\windows\system32\srkey.exe 2009-04-28 15:06 . 2006-12-12 23:45 -------- d-----w- c:\program files\Recnik20 2009-04-28 14:35 . 2009-02-01 12:48 -------- d-----w- c:\program files\Mp3 Knife 2009-04-28 14:35 . 2009-02-01 13:06 -------- d-----w- c:\program files\DVD Knife 2009-01-07 20:56 . 2007-03-12 01:08 1123 ----a-w- c:\program files\Yurecnik.ini 2009-01-07 11:54 . 2007-03-12 01:08 258 ----a-w- c:\program files\Mini-YuRecnik.ini 2007-08-07 21:20 . 2004-10-08 04:05 778240 ----a-w- c:\program files\Mv2Player.exe 2007-03-12 01:07 . 2007-03-12 01:06 10819 ---ha-w- c:\program files\Yurecnik.GID 2007-03-12 01:06 . 2007-03-12 01:06 1909 ----a-w- c:\program files\uninstal.log 2007-02-17 23:17 . 2005-05-11 00:02 313 ----a-w- c:\program files\MV2Player.rcn 2007-02-17 23:17 . 2005-05-11 00:02 10751 ----a-w- c:\program files\MV2Player.ini 2007-02-17 23:17 . 2005-05-11 00:02 36 ----a-w- c:\program files\LastSet.mv2 1999-08-02 09:35 . 1999-08-02 09:35 9559 ----a-w- c:\program files\YURECNIK.HLP 1999-08-02 09:35 . 1999-08-02 09:35 57 ----a-w- c:\program files\Yurecnik.CNT 1999-07-29 09:43 . 1999-07-29 09:43 2447472 ----a-w- c:\program files\Reci.dat 1996-09-06 12:08 . 1996-09-06 12:08 30070 ----a-w- c:\program files\Fb_deflt.dic 1996-02-23 15:26 . 1996-02-23 15:26 469504 -c--a-w- c:\program files\Fb_11k8.dll 1996-02-23 14:59 . 1996-02-23 14:59 34816 ----a-w- c:\program files\Fb_spch.dll 1996-02-23 14:48 . 1996-02-23 14:48 4608 ----a-w- c:\program files\Fb_timer.dll 1996-02-23 14:46 . 1996-02-23 14:46 29184 ----a-w- c:\program files\Fb_ngn.exe 1996-02-23 14:21 . 1996-02-23 14:21 16896 ----a-w- c:\program files\Uraspec.exe 1996-02-23 14:17 . 1996-02-23 14:17 18432 ----a-w- c:\program files\Dictmgr.exe 1993-11-29 08:32 . 1993-11-29 08:32 16896 ----a-w- c:\program files\Monologw.exe . ((((((((((((((((((((((((((((( SnapShot@2009-06-15_16.41.40 ))))))))))))))))))))))))))))))))))))))))) . + 2009-06-21 14:28 . 2009-02-13 10:50 28376 c:\windows\system32\drivers\ssmdrv.sys + 2009-05-08 05:49 . 2009-03-24 14:08 55640 c:\windows\system32\drivers\avgntflt.sys - 2009-05-08 05:49 . 2009-05-08 05:55 55640 c:\windows\system32\drivers\avgntflt.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-01-28 185872] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2006-11-17 577536] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "NvMediaCenter"="c:\windows\System32\NVMCTRAY.DLL" [2003-04-02 49152] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk] backup=c:\windows\pss\Bluetooth.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk] backup=c:\windows\pss\Microsoft Office.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PalTalk.lnk] backup=c:\windows\pss\PalTalk.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^x^Start Menu^Programs^Startup^PowerReg Scheduler V3.exe] backup=c:\windows\pss\PowerReg Scheduler V3.exeStartup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015 "1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016 "500:UDP"= 500:UDP:@xpsp2res.dll,-22017 R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [21.6.2009 16:28 108289] S3 autorun;autorun;\??\c:\huadio.tmp --> c:\huadio.tmp [?] S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [10.12.2008 19:51 29744] S3 ISOUSB;Vimicro UVC generic driver;c:\windows\system32\drivers\vgeneric.sys [28.10.2008 22:20 64000] S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\Windows Live\Messenger\usnsvc.exe [18.10.2007 12:31 98328] S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [29.10.2008 21:04 249984] S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [29.10.2008 21:04 476032] . - - - - ORPHANS REMOVED - - - - BHO-{201f27d4-3704-41d6-89c1-aa35e39143ed} - (no file) . ------- Supplementary Scan ------- . mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/http://www.yahoo.com/ext/search/search.html uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=1665&gct=&gc=1&q=%s IE: &Search - ?p=ZCfox000 IE: Send to &Bluetooth Device... - c:\program files\D-Link\Bluetooth Software\btsendto_ie_ctx.htm DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-06-22 23:23 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\autorun] "ImagePath"="\??\C:\huadio.tmp" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(3376) c:\windows\System32\btneighborhood.dll c:\windows\System32\wbtapi.dll c:\windows\System32\btwpimif.dll c:\windows\System32\btosif.dll c:\windows\system32\btrez.dll c:\windows\system32\CSH.dll c:\windows\system32\BtXpPanel.Dll . Completion time: 2009-06-22 23:28 ComboFix-quarantined-files.txt 2009-06-22 21:28 ComboFix2.txt 2009-06-19 09:56 ComboFix3.txt 2009-06-15 16:47 Pre-Run: 6.048.780.288 bytes free Post-Run: 6.036.242.432 bytes free 194

Profil

diarno Poslao: 23 Jun 2009 15:45 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! I kakvo je sad stanje?

Profil

nadjime Poslao: 23 Jun 2009 16:07 Idi na vrh
offline nadjime Građanin Pridružio: 07 Jun 2008 Poruke: 104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 23 Jun 2009 16:05 internet joj još ne moze pa neznamo sta bi moglo biti. a sa virusima je bolje stanje, Dopuna: 23 Jun 2009 16:07 mozeli biti da su virusi poremetili , PODATKE SIFRU I TO

Profil

diarno Poslao: 23 Jun 2009 19:23 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! stvarno ne znam sta bi moglo biti probaj sa ovim programom http://www.snapfiles.com/get/winsockxpfix.html klikni fix pa restartuj racunar..

Profil

nadjime Poslao: 23 Jun 2009 19:47 Idi na vrh
offline nadjime Građanin Pridružio: 07 Jun 2008 Poruke: 104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 23 Jun 2009 19:42 da li su ovo uredu tekstovi do sat kojesmo okacili Dopuna: 23 Jun 2009 19:47 klikni fix pa restartuj racunar.. jeli pomoću ovog programa ili normalno 1 to da uradi

Profil

diarno Poslao: 23 Jun 2009 20:16 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! pomocu tog programa...i da u redu su

Profil

MyCity » Ambulanta -> Arhiva Ambulante » zarazen kompjuter

Ko je trenutno na forumu

Ukupno su 830 korisnika na forumu :: 41 registrovanih, 8 sakrivenih i 781 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: anta, Atomski čoban, bojank, Boris90, cikadeda, dankisha, darionis, drimer, dushan, FOX, Georgius, Ivica1102, Karla, Krvava Devetka, laurusri, Lošmi, mercedesamg, Metanoja, mik7, milenko crazy north, MiroslavD, mrav pesadinac, Ne doznajem se u oružje, nemkea71, nikoladim, nuke92, Oscar, pein, Pohovani_00, radoznao, Romibrat, Srle993, stegonosa, Trpe Grozni, Tvrtko I, vathra, vladulns, vlajkox, wolverined4, zeo, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by