Možda tražite i:
Računar koči, a ja ne pratim uputstvo za otvaranje teme
Racunar koci
Koči računar
Koči mi računar

MyCity » Ambulanta -> Arhiva Ambulante » Koci racunar

Koci racunar

Napisano na dan: 2.10.2008

Koci racunar

Sledeća strana

Pagination

Odgovori

milena1402 Poslao: 02 Okt 2008 13:45 Idi na vrh
offline milena1402 Građanin Pridružio: 14 Avg 2006 Poruke: 108	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:43:12, on 2.10.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\878RMTMon.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\878RMT.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Administrator\Desktop\HTD.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Reader 8.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\WINDOWS\system32\msxml71.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll O2 - BHO: iercptbho - {D4CDC21D-43BE-4101-A1EF-E379F134771E} - C:\Documents and Settings\Administrator\Local Settings\Application Data\qip\iercpt.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [TV Card Remote Control Device Monitor] C:\WINDOWS\878RMTMon.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Somefox] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\video1163.cfg.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [nlpo_01] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [Link mogu videti samo ulogovani korisnici] O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 5260 bytes

Profil

dr_Bora Poslao: 02 Okt 2008 19:47 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Poz... * Klikni desnim tasterom miša na AVG ikonicu ( ) u donjem, desnom uglu ekrana. * Kada se pokrene AVG Control Center, dvoklikni na AVG Resident Shield komponentu. * U prozoru koji se otvori, deštikliraj opciju Turn on AVG Resident Shield i klikni OK. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. Skini ComboFix sa jedne od sledecih adresa na Desktop: [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

milena1402 Poslao: 02 Okt 2008 20:39 Idi na vrh
offline milena1402 Građanin Pridružio: 14 Avg 2006 Poruke: 108	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-10-01.06 - Administrator 2008-10-02 20:34:15.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.678 [GMT 2:00] Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Administrator\Application Data\Antivirus2008y C:\Documents and Settings\Administrator\Start Menu\Antivirus2008y C:\Documents and Settings\Administrator\Start Menu\Antivirus2008y\Antivirus 2008.lnk C:\Documents and Settings\Administrator\Start Menu\Antivirus2008y\Uninstall Antivirus 2008.lnk C:\WINDOWS\install.exe C:\WINDOWS\system32\rtl60.bpl . ((((((((((((((((((((((((( Files Created from 2008-09-02 to 2008-10-02 ))))))))))))))))))))))))))))))) . 2008-09-30 21:34 . 2008-09-30 21:34 97,928 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys 2008-09-30 21:34 . 2008-09-30 21:34 76,040 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys 2008-09-30 21:34 . 2008-09-30 21:34 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll 2008-09-30 21:33 . 2008-10-02 12:56 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg 2008-09-30 21:33 . 2008-09-30 21:33 <DIR> d-------- C:\Program Files\AVG 2008-09-30 21:16 . 2008-09-30 21:16 <DIR> d-------- C:\Program Files\CCleaner 2008-09-30 21:05 . 2008-09-30 21:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg8 2008-09-30 20:41 . 2008-09-30 20:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2008-09-23 18:25 . 2008-06-13 15:10 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys 2008-09-23 18:25 . 2008-06-13 15:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-09-23 17:34 . 2008-09-24 00:55 <DIR> d--h----- C:\WINDOWS\$hf_mig$ 2008-09-23 15:53 . 2008-09-23 15:53 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Logs 2008-09-23 15:47 . 2008-09-23 16:02 <DIR> d-------- C:\Program Files\RegistryDoctor2008 2008-09-23 15:34 . 2008-09-23 15:58 <DIR> d-------- C:\Program Files\SecureExpertCleaner 2008-09-23 15:34 . 2008-09-23 15:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SEC 2008-09-23 15:33 . 2008-09-23 15:33 <DIR> d-------- C:\My Downloads 2008-09-22 22:08 . 2008-09-22 22:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WinZip . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-10-02 14:18 --------- d-----w C:\Program Files\audiograbber 2008-09-30 18:37 --------- d-----w C:\Program Files\Eset 2008-09-24 17:41 --------- d-----w C:\Documents and Settings\Administrator\Application Data\LimeWire 2008-09-23 14:01 --------- d-----w C:\Program Files\QuickTime 2008-08-28 12:23 163,644 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2008-08-11 14:07 --------- d-----w C:\Documents and Settings\Administrator\Application Data\skypePM 2008-08-11 13:07 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Skype 2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll 2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe 2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll 2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll 2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll 2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll 2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll 2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll 2008-07-07 20:32 253,952 ----a-w C:\WINDOWS\system32\es.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 1667584] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-08-02 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TV Card Remote Control Device Monitor"="C:\WINDOWS\878RMTMon.exe" [2005-07-14 352256] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-16 13529088] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-16 86016] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-10-01 1234712] "nwiz"="nwiz.exe" [2008-05-16 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.I420"= i420vfw.dll "VIDC.ACDV"= ACDV.dll "VIDC.X264"= x264vfw.dll "VIDC.HFYU"= huffyuv.dll "vidc.i263"= i263_32.drv "vidc.yv12"= yv12vfw.dll "msacm.imc"= imc32.acm [HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^LimeWire On Startup.lnk] path=C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\LimeWire On Startup.lnk backup=C:\WINDOWS\pss\LimeWire On Startup.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^RAID Manager.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAID Manager.lnk backup=C:\WINDOWS\pss\RAID Manager.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Scheduler for OEM.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Scheduler for OEM.lnk backup=C:\WINDOWS\pss\Scheduler for OEM.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] --a------ 2004-08-04 00:56 15360 C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] --a------ 2008-05-16 14:01 13529088 C:\WINDOWS\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] -ra------ 2008-05-30 15:54 21718312 C:\Program Files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2004-12-06 21:31 36975 C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinSys2] -ra------ 2006-04-29 05:36 208896 C:\WINDOWS\system32\WinSys2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] -ra------ 2005-03-10 03:43 69632 C:\WINDOWS\ALCMTR.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut] --------- 2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] --a------ 2008-05-16 14:01 1630208 C:\WINDOWS\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] -ra------ 2005-03-23 07:28 14202368 C:\WINDOWS\RTHDCPL.EXE [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "D:\\Games\\Counter-Strike\\hl.exe"= "D:\\Programi\\LimeWire\\LimeWire.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= "C:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "C:\\Program Files\\AVG\\AVG8\\avgupd.exe"= R0 iteraid;ITERAID_Service_Install;C:\WINDOWS\system32\DRIVERS\iteraid.sys [2004-12-10 25105] R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-09-30 97928] R2 878TVCard;Bt878 TV Card - Video Capture;C:\WINDOWS\system32\drivers\Bt878.sys [2006-05-20 214692] R2 878TVTuner;Bt878 TV Card - TV Tuner;C:\WINDOWS\system32\drivers\BtTuner.sys [2006-05-20 12160] R2 878Xbar;Bt878 TV Card - Crossbar;C:\WINDOWS\system32\drivers\BtXbar.sys [2006-05-20 8704] R2 avg8emc;AVG Free8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-09-30 875288] R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-09-30 231704] R2 AvgTdiX;AVG Free8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-09-30 76040] S3 FXDRV;FXDRV;E:\Fxdrv.sys [ ] Newly Created Service - CATCHME Newly Created Service - PROCEXP90 . - - - - ORPHANS REMOVED - - - - HKCU-Run-msnmsgr - C:\Program Files\MSN Messenger\msnmsgr.exe MSConfigStartUp-Antivirus2008y - C:\Program Files\Antivirus2008y\antvrs.exe MSConfigStartUp-MsnMsgr - C:\Program Files\MSN Messenger\msnmsgr.exe MSConfigStartUp-QuickTime Task - C:\Program Files\QuickTime\qttask.exe MSConfigStartUp-Device Detector - DevDetect.exe . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\frs0y1c4.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - [Link mogu videti samo ulogovani korisnici] FF -: plugin - C:\Program Files\Java\jre1.5.0_01\bin\NPJava11.dll FF -: plugin - C:\Program Files\Java\jre1.5.0_01\bin\NPJava12.dll FF -: plugin - C:\Program Files\Java\jre1.5.0_01\bin\NPJava13.dll FF -: plugin - C:\Program Files\Java\jre1.5.0_01\bin\NPJava14.dll FF -: plugin - C:\Program Files\Java\jre1.5.0_01\bin\NPJava32.dll FF -: plugin - C:\Program Files\Java\jre1.5.0_01\bin\NPJPI150_01.dll FF -: plugin - C:\Program Files\Java\jre1.5.0_01\bin\NPOJI610.dll . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2008-10-02 20:35:50 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run TV Card Remote Control Device Monitor = C:\WINDOWS\878RMTMon.exe?????o??????????T?a??D2?x????????o??????????????x???????????????????x?2?????`@2?????????????????x?2??????D2?????????T?a?x?2?m?a?x??????????????\|?D2??o???????????????o???????????????????????????????????o??h????????????o??(????o????A???? scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-10-02 20:37:04 ComboFix-quarantined-files.txt 2008-10-02 18:37:00 Pre-Run: 18.659.389.440 bytes free Post-Run: 18,704,932,864 bytes free 176 --- E O F --- 2008-09-25 01:08:27

Profil

dr_Bora Poslao: 02 Okt 2008 20:50 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `Folder:: C:\Program Files\RegistryDoctor2008 C:\Program Files\SecureExpertCleaner C:\Documents and Settings\All Users\Application Data\SEC DirLook:: C:\Documents and Settings\Administrator\Application Data\Logs` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

milena1402 Poslao: 02 Okt 2008 21:06 Idi na vrh
offline milena1402 Građanin Pridružio: 14 Avg 2006 Poruke: 108	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-10-01.06 - Administrator 2008-10-02 21:02:04.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.685 [GMT 2:00] Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\Administrator\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\All Users\Application Data\SEC C:\Documents and Settings\All Users\Application Data\SEC\schedule.dat C:\Program Files\RegistryDoctor2008 C:\Program Files\SecureExpertCleaner . ((((((((((((((((((((((((( Files Created from 2008-09-02 to 2008-10-02 ))))))))))))))))))))))))))))))) . 2008-09-30 21:34 . 2008-09-30 21:34 97,928 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys 2008-09-30 21:34 . 2008-09-30 21:34 76,040 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys 2008-09-30 21:34 . 2008-09-30 21:34 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll 2008-09-30 21:33 . 2008-10-02 12:56 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg 2008-09-30 21:33 . 2008-09-30 21:33 <DIR> d-------- C:\Program Files\AVG 2008-09-30 21:16 . 2008-09-30 21:16 <DIR> d-------- C:\Program Files\CCleaner 2008-09-30 21:05 . 2008-09-30 21:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg8 2008-09-30 20:41 . 2008-09-30 20:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2008-09-23 18:25 . 2008-06-13 15:10 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys 2008-09-23 18:25 . 2008-06-13 15:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-09-23 17:34 . 2008-09-24 00:55 <DIR> d--h----- C:\WINDOWS\$hf_mig$ 2008-09-23 15:53 . 2008-09-23 15:53 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Logs 2008-09-23 15:33 . 2008-09-23 15:33 <DIR> d-------- C:\My Downloads 2008-09-22 22:08 . 2008-09-22 22:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WinZip . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-10-02 14:18 --------- d-----w C:\Program Files\audiograbber 2008-09-30 18:37 --------- d-----w C:\Program Files\Eset 2008-09-24 17:41 --------- d-----w C:\Documents and Settings\Administrator\Application Data\LimeWire 2008-09-23 14:01 --------- d-----w C:\Program Files\QuickTime 2008-08-28 12:23 163,644 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2008-08-11 14:07 --------- d-----w C:\Documents and Settings\Administrator\Application Data\skypePM 2008-08-11 13:07 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Skype 2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll 2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe 2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll 2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll 2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll 2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll 2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll 2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll 2008-07-07 20:32 253,952 ----a-w C:\WINDOWS\system32\es.dll . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of C:\Documents and Settings\Administrator\Application Data\Logs ---- 2008-09-23 15:54 232 --a------ C:\Documents and Settings\Administrator\Application Data\Logs\update.log ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 1667584] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-08-02 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TV Card Remote Control Device Monitor"="C:\WINDOWS\878RMTMon.exe" [2005-07-14 352256] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-16 13529088] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-16 86016] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-10-01 1234712] "nwiz"="nwiz.exe" [2008-05-16 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.I420"= i420vfw.dll "VIDC.ACDV"= ACDV.dll "VIDC.X264"= x264vfw.dll "VIDC.HFYU"= huffyuv.dll "vidc.i263"= i263_32.drv "vidc.yv12"= yv12vfw.dll "msacm.imc"= imc32.acm [HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^LimeWire On Startup.lnk] path=C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\LimeWire On Startup.lnk backup=C:\WINDOWS\pss\LimeWire On Startup.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^RAID Manager.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAID Manager.lnk backup=C:\WINDOWS\pss\RAID Manager.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Scheduler for OEM.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Scheduler for OEM.lnk backup=C:\WINDOWS\pss\Scheduler for OEM.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] --a------ 2004-08-04 00:56 15360 C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] --a------ 2008-05-16 14:01 13529088 C:\WINDOWS\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] -ra------ 2008-05-30 15:54 21718312 C:\Program Files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2004-12-06 21:31 36975 C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinSys2] -ra------ 2006-04-29 05:36 208896 C:\WINDOWS\system32\WinSys2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] -ra------ 2005-03-10 03:43 69632 C:\WINDOWS\ALCMTR.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut] --------- 2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] --a------ 2008-05-16 14:01 1630208 C:\WINDOWS\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] -ra------ 2005-03-23 07:28 14202368 C:\WINDOWS\RTHDCPL.EXE [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "D:\\Games\\Counter-Strike\\hl.exe"= "D:\\Programi\\LimeWire\\LimeWire.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= "C:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "C:\\Program Files\\AVG\\AVG8\\avgupd.exe"= R0 iteraid;ITERAID_Service_Install;C:\WINDOWS\system32\DRIVERS\iteraid.sys [2004-12-10 25105] R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-09-30 97928] R2 878TVCard;Bt878 TV Card - Video Capture;C:\WINDOWS\system32\drivers\Bt878.sys [2006-05-20 214692] R2 878TVTuner;Bt878 TV Card - TV Tuner;C:\WINDOWS\system32\drivers\BtTuner.sys [2006-05-20 12160] R2 878Xbar;Bt878 TV Card - Crossbar;C:\WINDOWS\system32\drivers\BtXbar.sys [2006-05-20 8704] R2 avg8emc;AVG Free8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-09-30 875288] R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-09-30 231704] R2 AvgTdiX;AVG Free8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-09-30 76040] S3 FXDRV;FXDRV;E:\Fxdrv.sys [ ] Newly Created Service - CATCHME Newly Created Service - PROCEXP90 . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2008-10-02 21:03:31 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run TV Card Remote Control Device Monitor = C:\WINDOWS\878RMTMon.exe?????o??????????T?a??D2?x????????o??????????????x???????????????????x?2?????`@2?????????????????x?2??????D2?????????T?a?x?2?m?a?x??????????????\|?D2??o???????????????o???????????????????????????????????o??h????????????o??(????o????A???? scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-10-02 21:04:30 ComboFix-quarantined-files.txt 2008-10-02 19:04:28 ComboFix2.txt 2008-10-02 18:37:06 Pre-Run: 18.818.613.248 bytes free Post-Run: 18,808,180,736 bytes free 158 --- E O F --- 2008-09-25 01:08:27

Profil

dr_Bora Poslao: 02 Okt 2008 21:27 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovo izgleda čisto. Postoji li trenutno neki problem?

Profil

milena1402 Poslao: 02 Okt 2008 21:29 Idi na vrh
offline milena1402 Građanin Pridružio: 14 Avg 2006 Poruke: 108	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Vise ne, hvala ti puno, evo sve se sredilo koliko vidim. Hvala!

Profil

dr_Bora Poslao: 02 Okt 2008 21:30 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok. Uradi sledeće: Klikni START a zatim RUN U liniju za unos teksta ukucaj Combofix /u i klikni OK Sačekaj da se proces deinstalacije završi Gornja procedura će: Obrisati sledeće: ComboFix i njegove file-ove i foldere VundoFix Backups folder, ako postoji C:\Deckard folder, ako postoji C:\OtMoveIt folder, ako postoji Resetovati podešavanja sata na kompjuteru Sakriti ekstenzije file-ova, ako je potrebno Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno Resetovati System Restore To je sve.

Profil

milena1402 Poslao: 02 Okt 2008 22:34 Idi na vrh
offline milena1402 Građanin Pridružio: 14 Avg 2006 Poruke: 108	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! OK i hvala puuuuuuuno jos jednom!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Koci racunar

Ko je trenutno na forumu

Ukupno su 1001 korisnika na forumu :: 89 registrovanih, 12 sakrivenih i 900 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 037, 357magnum, 8u47, Andrija357, Apok, aramis s, arezina, arsa, Asparagus, Asteker, Betty25, Bobrock1, Bubimir, casual03, Centauro, Chainsaw, Clouseau, cvrle312, DeerHunter, deLacy, dj.ape, domacinivan, DrMrPr, fićo32, Folkstar, g_g, Gheljda, ILGromovnik, Ilija Cvorovic, istina, Ivan Campo, Jomini, Jonbonjovi, Kanader, kolle.the.kid, Kosmos Banja Luka, Laika8010, lcc, Lester Freamon, LjubisaR, M74AB3, marewfc, marko308, markoni.slo, Marky, max power, mačković, Milan A. Nikolic, mile.ilic75, milenko crazy north, milimoj, mist-mist, mnn2, nebidrag, nebkv, Nikola9223, nikoladim, nnovakis, Nobunaga, Orc, Oscar, Pilence, PrincipL, Pururin, rednap, royst33, sekretar, Semprini, SlaKoj, Szigetwar, Tandrkalo, trajkoni018, tuja, umpah-pah, Vanderx, vathra, Vica1958, VladaKG1980, voja64, vrlenija, vuksa72, wizzardone, yrraf, Zdilar, zexon, Zimbabwe, Zorge, zvomar, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by