Ne mogu da pristupim nekim sajtovima

Ne mogu da pristupim nekim sajtovima

  • Pridružio: 07 Sep 2008
  • Poruke: 49

Preusmerili su me ovde...

Dobila sam nov komp, i sad nece da pristupi nekim sajtovima, prvo sam milila da je samo u pitanju medjutim nece da pristupi avg-ovom, niti nodovom i jos nekim koji su nebitni, al avg mi je bitan da bih updejtovala antivirus. A posto nece da dozvoli pristup microsoftu nece da mi instalira msn (kad pokusam kaze mi da nisam konektovana na net...)probala sam ono podesavanje MTU - i to nije uspelo...

Poreverila sam firewall nista ne blokira.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:03:48 PM, on 3/9/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\Program Files\LClock\LClock.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Documents and Settings\Administrator\Desktop\New Folder\tr3.exe.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: &Google Search - [Link mogu videti samo ulogovani korisnici]\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - [Link mogu videti samo ulogovani korisnici]\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - [Link mogu videti samo ulogovani korisnici]\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - [Link mogu videti samo ulogovani korisnici]\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - [Link mogu videti samo ulogovani korisnici]\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - [Link mogu videti samo ulogovani korisnici]\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: wbsys.dll,avgrsstx.dll
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8-) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

End of file - 5626 bytes

  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd


* Klikni desnim tasterom miša na AVG ikonicu ( ) u donjem, desnom uglu ekrana.
* Kada se pokrene AVG Control Center, dvoklikni na AVG Resident Shield komponentu.
* U prozoru koji se otvori, deštikliraj opciju Turn on AVG Resident Shield i klikni OK.

Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja.


Skini ComboFix sa jedne od sledecih adresa na Desktop:
[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

  • Pridružio: 07 Sep 2008
  • Poruke: 49

Evo ga...

ComboFix 09-03-06.02 - Administrator 2009-03-09 22:34:10.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.3327.2543 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: AVG Internet Security *On-access scanning disabled* (Outdated)
FW: AVG Firewall *disabled*
* Created a new restore point

((((((((((((((((((((((((( Files Created from 2009-02-09 to 2009-03-09 )))))))))))))))))))))))))))))))

2009-03-09 20:10 . 2009-03-09 20:10 268 --ah----- C:\sqmdata02.sqm
2009-03-09 20:10 . 2009-03-09 20:10 244 --ah----- C:\sqmnoopt02.sqm
2009-03-09 00:46 . 2009-03-09 00:46 268 --ah----- C:\sqmdata01.sqm
2009-03-09 00:46 . 2009-03-09 00:46 244 --ah----- C:\sqmnoopt01.sqm
2009-03-08 20:07 . 2009-03-08 20:07 <DIR> d-------- c:\windows\system32\drivers\Avg
2009-03-08 20:07 . 2009-03-08 20:07 96,520 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-03-08 20:07 . 2009-03-08 20:07 74,376 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-03-08 20:07 . 2009-03-08 20:07 12,424 --a------ c:\windows\system32\drivers\avgrkx86.sys
2009-03-08 20:07 . 2009-03-08 20:07 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-03-08 20:03 . 2009-03-08 20:03 <DIR> d-------- c:\program files\AVG
2009-03-08 20:03 . 2009-03-08 20:03 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-03-08 20:03 . 2009-03-08 20:03 45,568 --a------ c:\windows\system32\avgfwdx.dll
2009-03-08 20:03 . 2009-03-08 20:03 22,528 --a------ c:\windows\system32\drivers\avgfwdx.sys
2009-03-07 15:32 . 2009-03-07 15:32 <DIR> d-------- c:\documents and settings\All Users\Application Data\TEMP
2009-03-07 15:31 . 2009-03-07 15:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\Sony
2009-03-07 15:20 . 2009-03-07 15:20 <DIR> d-------- c:\windows\system32\XPSViewer
2009-03-07 15:20 . 2009-03-07 15:20 <DIR> d-------- c:\program files\Reference Assemblies
2009-03-07 15:19 . 2006-06-29 14:07 14,048 --------- c:\windows\system32\spmsg2.dll
2009-03-07 04:36 . 2009-03-07 04:36 <DIR> d-------- c:\program files\Hewlett-Packard
2009-03-07 04:36 . 2007-12-10 09:00 430,080 --a------ c:\windows\system32\ZSHP1018.EXE
2009-03-07 04:36 . 2007-12-10 09:00 128,380 --a------ c:\windows\system32\hp1018.img
2009-03-07 04:36 . 2007-12-10 09:00 106,496 --a------ c:\windows\system32\ZSPOOL.DLL
2009-03-07 04:36 . 2007-12-10 09:00 102,400 --a------ c:\windows\system32\ZLhp1018.DLL
2009-03-07 04:36 . 2007-12-10 09:00 61,440 --a------ c:\windows\system32\ZIMF.DLL
2009-03-07 04:36 . 2007-12-10 09:00 53,248 --a------ c:\windows\system32\ZTAG.DLL
2009-03-07 04:36 . 2007-12-10 09:00 10,632 --a------ c:\windows\system32\ZSHP1018.CHM
2009-03-07 03:54 . 2009-03-08 17:00 69 --a------ c:\windows\NeroDigital.ini

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2009-03-09 21:06 --------- d-----w c:\documents and settings\Administrator\Application Data\Skype
2009-03-09 19:51 --------- d-----w c:\documents and settings\Administrator\Application Data\skypePM
2009-03-08 18:30 --------- d-----w c:\program files\Windows Live
2009-03-07 14:32 --------- d-----w c:\documents and settings\Administrator\Application Data\Sony
2009-03-07 14:31 --------- d-----w c:\program files\Sony
2009-03-07 14:22 --------- d-----w c:\program files\MSBuild
2009-03-07 00:51 --------- d-----w c:\documents and settings\Administrator\Application Data\uTorrent
2009-03-06 23:53 --------- d-----w c:\program files\uTorrent
2009-03-06 23:27 --------- d-----w c:\program files\Sony Setup
2009-03-06 21:21 --------- d-----w c:\documents and settings\Administrator\Application Data\Publish Providers
2009-03-06 21:13 --------- d-----w c:\program files\Vstplugins
2009-03-06 21:09 --------- d-----w c:\documents and settings\Administrator\Application Data\Desktopicon
2009-03-06 21:08 --------- d-----w c:\program files\FormatFactory
2009-03-06 21:06 --------- d-----w c:\program files\Skype
2009-03-06 21:06 --------- d-----w c:\program files\Common Files\Skype
2009-03-06 21:06 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2009-03-06 21:03 --------- d-----w c:\documents and settings\Administrator\Application Data\Sony Setup
2009-03-06 21:01 --------- d-----w c:\program files\Fanfiction Downloader
2009-03-06 21:00 --------- d-----w c:\program files\GIMP-2.0
2009-03-06 20:49 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-03-06 20:45 --------- d-----w c:\program files\Microsoft.NET
2009-03-06 20:45 --------- d-----w c:\program files\Microsoft Works
2009-03-06 20:42 --------- d-----w c:\program files\Microsoft Visual Studio 8
2009-03-06 20:26 --------- d-----w c:\program files\Stardock
2009-03-06 20:24 --------- d-----w c:\program files\Winamp
2009-03-06 19:48 --------- d-----w c:\documents and settings\Administrator\Application Data\GRETECH
2009-03-06 19:47 --------- d-----w c:\program files\GRETECH
2009-03-06 19:04 --------- d-----w c:\documents and settings\Administrator\Application Data\PC Suite
2009-03-06 19:04 --------- d-----w c:\documents and settings\Administrator\Application Data\Nokia
2009-03-06 19:03 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-03-06 19:03 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-03-06 19:02 --------- d-----w c:\documents and settings\All Users\Application Data\PC Suite
2009-03-06 19:01 --------- d-----w c:\program files\PC Connectivity Solution
2009-03-06 19:01 --------- d-----w c:\program files\Nokia
2009-03-06 19:01 --------- d-----w c:\program files\DIFX
2009-03-06 19:01 --------- d-----w c:\program files\Common Files\PCSuite
2009-03-06 19:01 --------- d-----w c:\program files\Common Files\Nokia
2009-03-06 19:00 --------- d-----w c:\documents and settings\All Users\Application Data\Installations
2009-03-06 05:01 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-03-06 05:01 --------- d-----w c:\program files\AGEIA Technologies
2009-03-06 05:00 --------- d-----w c:\program files\My Company Name
2009-03-06 04:58 --------- d-----w c:\program files\Common Files\InstallShield
2009-03-06 04:54 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-06 04:52 --------- d-----w c:\program files\Intel
2009-03-06 04:51 --------- d-----w c:\program files\Realtek
2009-03-06 04:32 --------- d-----w c:\program files\OO Software
2009-03-06 04:32 --------- d-----w c:\program files\MagicISO
2009-03-06 04:32 --------- d-----w c:\program files\CyberLink
2009-03-06 04:32 --------- d-----w c:\program files\Common Files\Ahead
2009-03-06 04:32 --------- d-----w c:\program files\Ahead
2009-03-06 04:31 --------- d-----w c:\program files\Real Alternative
2009-03-06 04:31 --------- d-----w c:\program files\QuickTime Alternative
2009-03-06 04:31 --------- d-----w c:\program files\Media Player Classic
2009-03-06 04:31 --------- d-----w c:\program files\K-Lite Codec Pack
2009-03-06 04:31 --------- d-----w c:\program files\Google
2009-03-06 04:31 --------- d-----w c:\program files\Common Files\Adobe
2009-03-06 04:31 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2009-03-06 04:30 155,995 ----a-w c:\windows\java\Packages\37LZNN79.ZIP
2009-03-06 04:30 --------- d-----w c:\program files\Java
2009-03-06 04:30 --------- d-----w c:\program files\Common Files\Java
2009-03-06 04:19 --------- d-----w c:\program files\Unlocker
2009-03-06 04:19 --------- d-----w c:\program files\LClock
2006-06-25 14:48 32,768 ----a-r c:\windows\inf\UpdateUSB.exe
2002-12-31 12:00 156,520 --sha-r c:\windows\system32\bwzokb.dll

------- Sigcheck -------

2002-12-31 13:00 360448 0601f83f6784c220ee302f03f702316e c:\windows\system32\drivers\tcpip.sys
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2002-12-31 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

"LClock"="c:\program files\LClock\LClock.exe" [2004-09-19 65536]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-03-08 1171712]
"RTHDCPL"="RTHDCPL.EXE" [2008-11-17 c:\windows\RTHDCPL.EXE]
"nwiz"="nwiz.exe" [2008-10-07 c:\windows\system32\nwiz.exe]

c:\documents and settings\Administrator\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2009-03-06 21:29 210168 c:\program files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.3iv2"= 3ivxVfWCodec.dll
"VIDC.VP31"= vp31vfw.dll
"msacm.l3fhg"= mp3fhg.acm
"msacm.divxa32"= msaud32_divx.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS


[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"EnableFirewall"= 0 (0x0)

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Documents and Settings\\Administrator\\Desktop\\windowslivemessenger2009(14.0.8064).exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"3711:TCP"= 3711:TCP:vbznas

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-03-08 12424]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-03-08 96520]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-03-08 282904]
R2 avgfws8;AVG8 Firewall;c:\progra~1\AVG\AVG8\avgfws8.exe [2009-03-08 930584]
R2 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-03-08 74376]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2009-03-08 22528]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1e51x86.sys [2009-03-06 38400]
S2 jjzyay;Universal Manager;c:\windows\system32\svchost.exe -k netsvcs [2002-12-31 14336]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2009-03-08 22528]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
------- Supplementary Scan -------
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
DPF: Microsoft XML Parser for Java - [Link mogu videti samo ulogovani korisnici]\windows\Java\classes\
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\pxdgk9ry.default\
FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]
FF - prefs.js: keyword.URL - about:neterror?e=query&u=
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPOJI610.dll


catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2009-03-09 22:34:57
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0


--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(988-)
c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll
Completion time: 2009-03-09 22:35:40
ComboFix-quarantined-files.txt 2009-03-09 21:35:38

Pre-Run: 95,407,235,072 bytes free
Post-Run: 95,424,212,992 bytes free

[boot loader]
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /noexecute=alwaysoff


  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Iskljuci ponovo Antivirus.

Otvoriti Notepad i iskopirati sledeci tekst:





Snimiti na Desktop fajl iz Notepada kao "CFScript"

Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

  • Pridružio: 07 Sep 2008
  • Poruke: 49

ComboFix 09-03-06.02 - Administrator 2009-03-09 22:59:02.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.3327.2726 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt
AV: AVG Internet Security *On-access scanning enabled* (Outdated)
FW: AVG Firewall *disabled*
* Created a new restore point


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


((((((((((((((((((((((((( Files Created from 2009-02-09 to 2009-03-09 )))))))))))))))))))))))))))))))

2009-03-09 20:10 . 2009-03-09 20:10 268 --ah----- C:\sqmdata02.sqm
2009-03-09 20:10 . 2009-03-09 20:10 244 --ah----- C:\sqmnoopt02.sqm
2009-03-09 00:46 . 2009-03-09 00:46 268 --ah----- C:\sqmdata01.sqm
2009-03-09 00:46 . 2009-03-09 00:46 244 --ah----- C:\sqmnoopt01.sqm
2009-03-08 20:07 . 2009-03-08 20:07 <DIR> d-------- c:\windows\system32\drivers\Avg
2009-03-08 20:07 . 2009-03-08 20:07 96,520 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-03-08 20:07 . 2009-03-08 20:07 74,376 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-03-08 20:07 . 2009-03-08 20:07 12,424 --a------ c:\windows\system32\drivers\avgrkx86.sys
2009-03-08 20:07 . 2009-03-08 20:07 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-03-08 20:03 . 2009-03-08 20:03 <DIR> d-------- c:\program files\AVG
2009-03-08 20:03 . 2009-03-08 20:03 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-03-08 20:03 . 2009-03-08 20:03 45,568 --a------ c:\windows\system32\avgfwdx.dll
2009-03-08 20:03 . 2009-03-08 20:03 22,528 --a------ c:\windows\system32\drivers\avgfwdx.sys
2009-03-07 15:32 . 2009-03-07 15:32 <DIR> d-------- c:\documents and settings\All Users\Application Data\TEMP
2009-03-07 15:31 . 2009-03-07 15:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\Sony
2009-03-07 15:20 . 2009-03-07 15:20 <DIR> d-------- c:\windows\system32\XPSViewer
2009-03-07 15:20 . 2009-03-07 15:20 <DIR> d-------- c:\program files\Reference Assemblies
2009-03-07 15:19 . 2006-06-29 14:07 14,048 --------- c:\windows\system32\spmsg2.dll
2009-03-07 04:36 . 2009-03-07 04:36 <DIR> d-------- c:\program files\Hewlett-Packard
2009-03-07 04:36 . 2007-12-10 09:00 430,080 --a------ c:\windows\system32\ZSHP1018.EXE
2009-03-07 04:36 . 2007-12-10 09:00 128,380 --a------ c:\windows\system32\hp1018.img
2009-03-07 04:36 . 2007-12-10 09:00 106,496 --a------ c:\windows\system32\ZSPOOL.DLL
2009-03-07 04:36 . 2007-12-10 09:00 102,400 --a------ c:\windows\system32\ZLhp1018.DLL
2009-03-07 04:36 . 2007-12-10 09:00 61,440 --a------ c:\windows\system32\ZIMF.DLL
2009-03-07 04:36 . 2007-12-10 09:00 53,248 --a------ c:\windows\system32\ZTAG.DLL
2009-03-07 04:36 . 2007-12-10 09:00 10,632 --a------ c:\windows\system32\ZSHP1018.CHM
2009-03-07 03:54 . 2009-03-08 17:00 69 --a------ c:\windows\NeroDigital.ini

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2009-03-09 21:06 --------- d-----w c:\documents and settings\Administrator\Application Data\Skype
2009-03-09 19:51 --------- d-----w c:\documents and settings\Administrator\Application Data\skypePM
2009-03-08 18:30 --------- d-----w c:\program files\Windows Live
2009-03-07 14:32 --------- d-----w c:\documents and settings\Administrator\Application Data\Sony
2009-03-07 14:31 --------- d-----w c:\program files\Sony
2009-03-07 14:22 --------- d-----w c:\program files\MSBuild
2009-03-07 00:51 --------- d-----w c:\documents and settings\Administrator\Application Data\uTorrent
2009-03-06 23:53 --------- d-----w c:\program files\uTorrent
2009-03-06 23:27 --------- d-----w c:\program files\Sony Setup
2009-03-06 21:21 --------- d-----w c:\documents and settings\Administrator\Application Data\Publish Providers
2009-03-06 21:13 --------- d-----w c:\program files\Vstplugins
2009-03-06 21:09 --------- d-----w c:\documents and settings\Administrator\Application Data\Desktopicon
2009-03-06 21:08 --------- d-----w c:\program files\FormatFactory
2009-03-06 21:06 --------- d-----w c:\program files\Skype
2009-03-06 21:06 --------- d-----w c:\program files\Common Files\Skype
2009-03-06 21:06 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2009-03-06 21:03 --------- d-----w c:\documents and settings\Administrator\Application Data\Sony Setup
2009-03-06 21:01 --------- d-----w c:\program files\Fanfiction Downloader
2009-03-06 21:00 --------- d-----w c:\program files\GIMP-2.0
2009-03-06 20:49 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-03-06 20:45 --------- d-----w c:\program files\Microsoft.NET
2009-03-06 20:45 --------- d-----w c:\program files\Microsoft Works
2009-03-06 20:42 --------- d-----w c:\program files\Microsoft Visual Studio 8
2009-03-06 20:26 --------- d-----w c:\program files\Stardock
2009-03-06 20:24 --------- d-----w c:\program files\Winamp
2009-03-06 19:48 --------- d-----w c:\documents and settings\Administrator\Application Data\GRETECH
2009-03-06 19:47 --------- d-----w c:\program files\GRETECH
2009-03-06 19:04 --------- d-----w c:\documents and settings\Administrator\Application Data\PC Suite
2009-03-06 19:04 --------- d-----w c:\documents and settings\Administrator\Application Data\Nokia
2009-03-06 19:03 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-03-06 19:03 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-03-06 19:02 --------- d-----w c:\documents and settings\All Users\Application Data\PC Suite
2009-03-06 19:01 --------- d-----w c:\program files\PC Connectivity Solution
2009-03-06 19:01 --------- d-----w c:\program files\Nokia
2009-03-06 19:01 --------- d-----w c:\program files\DIFX
2009-03-06 19:01 --------- d-----w c:\program files\Common Files\PCSuite
2009-03-06 19:01 --------- d-----w c:\program files\Common Files\Nokia
2009-03-06 19:00 --------- d-----w c:\documents and settings\All Users\Application Data\Installations
2009-03-06 05:01 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-03-06 05:01 --------- d-----w c:\program files\AGEIA Technologies
2009-03-06 05:00 --------- d-----w c:\program files\My Company Name
2009-03-06 04:58 --------- d-----w c:\program files\Common Files\InstallShield
2009-03-06 04:54 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-06 04:52 --------- d-----w c:\program files\Intel
2009-03-06 04:51 --------- d-----w c:\program files\Realtek
2009-03-06 04:32 --------- d-----w c:\program files\OO Software
2009-03-06 04:32 --------- d-----w c:\program files\MagicISO
2009-03-06 04:32 --------- d-----w c:\program files\CyberLink
2009-03-06 04:32 --------- d-----w c:\program files\Common Files\Ahead
2009-03-06 04:32 --------- d-----w c:\program files\Ahead
2009-03-06 04:31 --------- d-----w c:\program files\Real Alternative
2009-03-06 04:31 --------- d-----w c:\program files\QuickTime Alternative
2009-03-06 04:31 --------- d-----w c:\program files\Media Player Classic
2009-03-06 04:31 --------- d-----w c:\program files\K-Lite Codec Pack
2009-03-06 04:31 --------- d-----w c:\program files\Google
2009-03-06 04:31 --------- d-----w c:\program files\Common Files\Adobe
2009-03-06 04:31 --------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2009-03-06 04:30 155,995 ----a-w c:\windows\java\Packages\37LZNN79.ZIP
2009-03-06 04:30 --------- d-----w c:\program files\Java
2009-03-06 04:30 --------- d-----w c:\program files\Common Files\Java
2009-03-06 04:19 --------- d-----w c:\program files\Unlocker
2009-03-06 04:19 --------- d-----w c:\program files\LClock
2006-06-25 14:48 32,768 ----a-r c:\windows\inf\UpdateUSB.exe

------- Sigcheck -------

2002-12-31 13:00 360448 0601f83f6784c220ee302f03f702316e c:\windows\system32\drivers\tcpip.sys
((((((((((((((((((((((((((((( [Link mogu videti samo ulogovani korisnici] )))))))))))))))))))))))))))))))))))))))))
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2002-12-31 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

"LClock"="c:\program files\LClock\LClock.exe" [2004-09-19 65536]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-03-08 1171712]
"RTHDCPL"="RTHDCPL.EXE" [2008-11-17 c:\windows\RTHDCPL.EXE]
"nwiz"="nwiz.exe" [2008-10-07 c:\windows\system32\nwiz.exe]

c:\documents and settings\Administrator\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2009-03-06 21:29 210168 c:\program files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.3iv2"= 3ivxVfWCodec.dll
"VIDC.VP31"= vp31vfw.dll
"msacm.l3fhg"= mp3fhg.acm
"msacm.divxa32"= msaud32_divx.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS


[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"EnableFirewall"= 0 (0x0)

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Documents and Settings\\Administrator\\Desktop\\windowslivemessenger2009(14.0.8064).exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-03-08 12424]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-03-08 96520]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-03-08 282904]
R2 avgfws8;AVG8 Firewall;c:\progra~1\AVG\AVG8\avgfws8.exe [2009-03-08 930584]
R2 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-03-08 74376]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2009-03-08 22528]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1e51x86.sys [2009-03-06 38400]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2009-03-08 22528]
------- Supplementary Scan -------
IE: &Google Search - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html
IE: &Translate English Word - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html
IE: Backward Links - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html
IE: Cached Snapshot of Page - c:\program files\Google\GoogleToolbar1.dll/cmcache.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Similar Pages - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html
IE: Translate Page into English - c:\program files\Google\GoogleToolbar1.dll/cmtrans.html
DPF: Microsoft XML Parser for Java - [Link mogu videti samo ulogovani korisnici]\windows\Java\classes\
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\pxdgk9ry.default\
FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]
FF - prefs.js: keyword.URL - about:neterror?e=query&u=
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll
FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPOJI610.dll


catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2009-03-09 23:01:16
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(992)
c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll
------------------------ Other Running Processes ------------------------
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\AVG\AVG8\avgrsx.exe
Completion time: 2009-03-09 23:02:20 - machine was rebooted
ComboFix-quarantined-files.txt 2009-03-09 22:02:18
ComboFix2.txt 2009-03-09 21:35:41

Pre-Run: 95,470,678,016 bytes free
Post-Run: 95,394,627,584 bytes free


  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Probaj sad, jel otvara?

  • Pridružio: 07 Sep 2008
  • Poruke: 49

AAaaa!!!! Sve se konektuje kako treba, msn mi prelazi na novu verziju, avg update-ovan...

HVALA TI PUNO!!!!!!!!!!! Smile))))))))))))

Dopuna: 09 Mar 2009 23:11

Otvara! Very Happy

Ne znam kako bih da se oduzim, rekla bih ako nesto treba da se obratite, al sta vama da treba od mene... Razz

  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8620
  • Gde živiš: Novi Beograd

Nema na cemu, drago mi je da sam pomogao.

Ako nema drugih problema, uradi jos ovo:

Klikni START a zatim RUN
U liniju za unos teksta ukucaj Combofix /u i klikni OK

Sačekaj da se proces deinstalacije završi

Gornja procedura će:
Obrisati sledeće:
ComboFix i njegove file-ove i foldere
VundoFix Backups folder, ako postoji
C:\Deckard folder, ako postoji
C:\OtMoveIt folder, ako postoji

Resetovati podešavanja sata na kompjuteru
Sakriti ekstenzije file-ova, ako je potrebno
Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno
Resetovati System Restore


  • Pridružio: 07 Sep 2008
  • Poruke: 49


Hvala jos jednom Very Happy

Ko je trenutno na forumu

Ukupno su 1169 korisnika na forumu :: 121 registrovanih, 13 sakrivenih i 1035 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: ALEXV, amstel2, Arahne, arsa, Automaticar, avijacija, Belac91, bestguarder, Bivan, bobomicek, Bojan198527, bojan313, bojanM84, bojanstros9, brkan1, brundo65, Chainsaw, Dannyboy, Darko8, darkojovxp, DavidA, Deki Duga Devetka, DJ Brain(w)rack, Djokislav, dmrdc, Draganeli, Drakce65, drpera, Dzigy, Electron, EXIT78, Flanker-G, flash12, gagara, Georgius, gomago, goxin, Grabovnica, gregorxix, grunff2, iceburn, IQ116, Istman, ivan_8282, ivanR164, Japidson, jodzula, Jozo74, Kalem, Kandahar, Kenanjoz, knutveliki, Koridor, Koridor 11, Korle, Kubovac, ljubicad7, luka35, markomacii9, Metanoja, mexo, Mi lao shu, Mig 29, Miki01, Mikisha, mikrimaus, Milometer, Milos ZA, Mitrast, mix1, Mskok, mustangkg, nebkv, nisamBot, obsc, ostoja, Panter, pceklic, pein, peradetlić, PitterBg, pobeda, Povratak1912, Prečanin30, PrincipL, procesor, R_038, radoznao, rikirubio, Romuluss, samo opusteno, sap, sasa87, Sass Drake, Shajlok, shlauf, Solunac na steroidima, Spartak001, sreckop, stalja, stegonosa, suponik, Tafocus, tanakadzo, Tumansky, vargas, Vatreni Zmaj, VJ, Vl veliki, vladaa012, vladas87, Vrač, vuksa72, Wrangler, zajcev1, zlaya011, Zoran1959, zoranjev, Zorge, zrno, 3987