MyCity » Ambulanta -> Arhiva Ambulante » Ne otara sajtove sa AV programima

Ne otara sajtove sa AV programima

Napisano na dan: 27.12.2009

Strana:
1
2

Ne otara sajtove sa AV programima

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Vremenska prognoza Poslao: 27 Dec 2009 13:51 Idi na vrh
offline Vremenska prognoza Građanin Pridružio: 04 Okt 2005 Poruke: 47	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Ne mogu da udjem ni na jedan sajt tipa kaspersky, nod32, avast..... Probala sam iz vise browsera, ali nece. Kada udjem na net, stalno imam neki protok, stalno nesto prima i salje bez obzira sto su mi svi browseri iskljuceni. Pri tome nemam ukljucen ni jedan automatski update, bar ga ja ne vidim. DDS (Ver_09-12-01.01) - NTFSx86 Run by Dragana at 13:13:59.84 on Sun 12/27/2009 Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_17 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1220 [GMT 1:00] AV: BitDefender Antivirus On-access scanning enabled (Outdated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe -kbdx C:\WINDOWS\system32\winsys2.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\LifeView TVR\RecSche.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\CTFMON.EXE C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\OpenOffice.org 3\program\soffice.exe C:\Program Files\OpenOffice.org 3\program\soffice.bin C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\LifeView TVR\remote.exe C:\Documents and Settings\Skundric Dragana\My Documents\Downloads\dds.scr ============== Pseudo HJT Report =============== uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.4.4525.1752\swg.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2009\IEToolbar.dll TB: Foxit Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe" uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [SW20] c:\windows\system32\sw20.exe mRun: [SW24] c:\windows\system32\sw24.exe mRun: [WinSys2] c:\windows\system32\winsys2.exe mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [Remote] "c:\program files\lifeview tvr\remote.exe" mRun: [RecSche] "c:\program files\lifeview tvr\RecSche.exe" mRun: [WinDVRCtrl] c:\windows\WDVRCtrl.exe mRun: [ScanRegistry] C:\W mRun: [RTHDCPL] RTHDCPL.EXE mRun: [SkyTel] SkyTel.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe" mRun: [DAEMON Tools-1033] "c:\program files\d-tools\daemon.exe" -lang 1033 mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2009\bdagent.exe" mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2009\IEShow.exe" mRun: [CnxDslTaskBar] "c:\program files\conexant\accessrunner adsl\CnxDslTb.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\skundr~1\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab TCP: {4B324742-EF4B-42AF-ABCF-EF3C77FC313A} = 194.106.162.10 194.106.162.3 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\skundr~1\applic~1\mozilla\firefox\profiles\gwfyzs3u.default\ FF - component: c:\program files\mozilla firefox\components\FFComm.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} ============= SERVICES / DRIVERS =============== R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2009-11-28 155136] R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2009-11-28 5248] R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [2008-8-12 108864] R3 CnxEtP;Conexant AccessRunner USB ADSL WAN Adapter Filter Driver;c:\windows\system32\drivers\CnxEtP.sys [2009-12-1 60288] R3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;c:\windows\system32\drivers\CnxEtU.sys [2009-12-1 646784] R3 CnxTgN;Conexant AccessRunner USB ADSL WAN Adapter Driver;c:\windows\system32\drivers\CnxTgN.sys [2009-12-1 108675] R3 LVHybrid;LVHybrid service;c:\windows\system32\drivers\LVHybrid.sys [2009-11-28 892032] S2 fcrgl;Installer Center;c:\windows\system32\svchost.exe -k netsvcs [2004-8-3 14336] S3 Arrakis3;BitDefender Arrakis Server;c:\program files\common files\bitdefender\bitdefender arrakis server\bin\Arrakis3.exe [2008-7-17 118784] S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\c:\everestultimate530\kerneld.wnt --> c:\everestultimate530\kerneld.wnt [?] =============== Created Last 30 ================ 2009-12-25 11:32:29 0 d-----w- c:\docume~1\skundr~1\applic~1\RapidTyping 2009-12-25 11:32:24 0 d-----w- c:\docume~1\alluse~1\applic~1\RapidTyping 2009-12-24 12:22:18 0 d-----w- c:\program files\IrfanView 2009-12-24 12:18:17 69 ----a-w- c:\windows\NeroDigital.ini 2009-12-24 12:09:31 0 d-----w- c:\program files\AskBarDis 2009-12-24 12:09:05 0 d-----w- c:\docume~1\skundr~1\applic~1\Foxit 2009-12-24 12:09:04 0 d-----w- c:\program files\Foxit Software 2009-12-24 11:28:08 0 d-----w- c:\docume~1\skundr~1\applic~1\OpenOffice.org 2009-12-24 11:26:32 0 d-----w- c:\program files\JRE 2009-12-24 11:26:27 0 d-----w- c:\program files\OpenOffice.org 3 2009-12-22 21:38:22 73728 ----a-w- c:\windows\system32\javacpl.cpl 2009-12-22 21:38:22 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-12-21 12:34:56 176 ----a-w- c:\windows\wordtran.ini 2009-12-21 12:19:22 545 ----a-w- c:\windows\UC.PIF 2009-12-21 12:19:22 545 ----a-w- c:\windows\RAR.PIF 2009-12-21 12:19:22 545 ----a-w- c:\windows\PKZIP.PIF 2009-12-21 12:19:22 545 ----a-w- c:\windows\PKUNZIP.PIF 2009-12-21 12:19:22 545 ----a-w- c:\windows\NOCLOSE.PIF 2009-12-21 12:19:22 545 ----a-w- c:\windows\LHA.PIF 2009-12-21 12:19:22 545 ----a-w- c:\windows\ARJ.PIF 2009-12-21 12:19:22 0 d-----w- c:\program files\totalcmd 2009-12-14 19:15:14 2146304 ----a-w- c:\windows\system32\GPhotos.scr 2009-12-10 17:05:19 0 d-----w- c:\docume~1\skundr~1\applic~1\Malwarebytes 2009-12-10 17:05:15 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-10 17:05:14 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-10 17:05:14 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-10 17:05:14 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-12-10 17:00:49 4844296 ----a-w- c:\program files\mbam-setup.exe 2009-12-06 00:20:08 0 d-----w- c:\program files\everestultimate530 2009-12-03 09:23:54 0 d-s---w- c:\documents and settings\skundric dragana\UserData 2009-12-02 18:40:26 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys 2009-12-02 18:40:26 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2009-12-02 18:19:19 9728 ----a-w- c:\windows\system32\MICM___U.DLL 2009-12-02 18:19:19 90112 ----a-w- c:\windows\system32\MLMON__U.DLL 2009-12-02 18:19:19 61 ----a-w- c:\windows\system32\MSEP01_U.SEP 2009-12-02 18:19:19 51200 ----a-w- c:\windows\system32\MSPOOL_U.DLL 2009-12-02 18:19:19 49152 ----a-w- c:\windows\system32\MINFIN_U.EXE 2009-12-02 18:19:19 45056 ----a-w- c:\windows\system32\MSHRES_U.DLL 2009-12-02 18:19:19 376832 ----a-w- c:\windows\system32\MSMCML_U.DLL 2009-12-02 18:19:19 23552 ----a-w- c:\windows\system32\MGDI32_U.DLL 2009-12-02 18:19:19 20436 ----a-w- c:\windows\MSUMLT_U.INI 2009-12-02 18:19:19 19456 ----a-w- c:\windows\system32\MTAG32_U.DLL 2009-12-02 18:19:19 13312 ----a-w- c:\windows\system32\MIMF32_U.DLL 2009-12-02 18:19:18 36864 ----a-w- c:\windows\system32\MCMM___U.DLL 2009-12-02 18:19:14 0 d-----w- c:\program files\KONICA MINOLTA 2009-12-02 09:46:43 0 d-----w- c:\windows\system32\NtmsData 2009-12-01 22:04:03 60288 ----a-r- c:\windows\system32\drivers\CnxEtP.sys 2009-12-01 22:04:03 163840 ----a-r- c:\windows\system32\CnxHwIo.dll 2009-12-01 22:04:03 108675 ----a-r- c:\windows\system32\drivers\CnxTgN.sys 2009-12-01 22:04:03 0 d-----w- c:\program files\Conexant 2009-12-01 22:03:48 118784 ----a-r- c:\windows\system32\CnxMfdCo.dll 2009-12-01 22:03:48 118784 ----a-r- c:\windows\system32\CnxClsCo.dll 2009-12-01 22:03:47 646784 ----a-r- c:\windows\system32\drivers\CnxEtU.sys 2009-11-30 19:03:08 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys 2009-11-30 17:31:13 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys 2009-11-30 17:31:13 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys 2009-11-30 17:31:00 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2009-11-30 17:31:00 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2009-11-30 17:27:05 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll 2009-11-30 17:27:05 21504 ----a-w- c:\windows\system32\hidserv.dll 2009-11-30 17:26:54 6912 ----a-w- c:\windows\system32\drivers\vulfnth.sys 2009-11-30 17:26:54 45056 ----a-w- c:\windows\system32\vusetup.dll 2009-11-30 17:26:54 10496 ----a-w- c:\windows\system32\drivers\vulfntr.sys 2009-11-30 17:26:53 0 d-----w- c:\program files\VIA Technologies, Inc 2009-11-30 17:26:41 306688 ----a-w- c:\windows\IsUninst.exe 2009-11-30 17:25:28 9600 -c--a-w- c:\windows\system32\dllcache\hidusb.sys 2009-11-30 17:25:28 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys 2009-11-30 17:25:24 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys 2009-11-30 17:25:24 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2009-11-30 17:25:01 57600 -c--a-w- c:\windows\system32\dllcache\usbhub.sys 2009-11-30 17:25:01 57600 ----a-w- c:\windows\system32\drivers\usbhub.sys 2009-11-30 11:02:07 1383 ----a-w- c:\windows\WINCMD.INI 2009-11-30 08:18:33 0 d-----w- c:\windows\pss 2009-11-28 14:49:40 850 ----a-w- c:\windows\system32\ProductTweaks.xml 2009-11-28 14:46:55 385 ----a-w- c:\windows\system32\user_gensett.xml 2009-11-28 14:42:29 0 d-----w- c:\docume~1\skundr~1\applic~1\BitDefender 2009-11-28 14:42:12 0 d-----w- c:\program files\BitDefender 2009-11-28 14:42:12 0 d-----w- c:\docume~1\alluse~1\applic~1\BitDefender 2009-11-28 14:41:52 0 d-----w- c:\program files\common files\BitDefender 2009-11-28 14:19:56 0 d-----w- c:\program files\common files\Adobe Systems Shared 2009-11-28 14:12:47 0 d-----w- c:\docume~1\skundr~1\applic~1\ACD Systems 2009-11-28 14:12:30 0 d-----w- c:\docume~1\alluse~1\applic~1\ACD Systems 2009-11-28 14:12:29 0 d-----w- c:\program files\common files\ACD Systems 2009-11-28 14:12:29 0 d-----w- c:\program files\ACD Systems 2009-11-28 14:11:49 0 d-----w- c:\program files\PhotoFiltre 2009-11-28 14:10:39 940794 ----a-w- c:\windows\system32\LoopyMusic.wav 2009-11-28 14:10:39 146650 ----a-w- c:\windows\system32\BuzzingBee.wav 2009-11-28 14:10:39 0 d-----w- c:\windows\system32\Lang 2009-11-28 13:22:23 0 d-----w- c:\program files\GameHouse 2009-11-28 13:20:31 0 d-----w- c:\program files\YouTube Downloader 2009-11-28 13:19:05 0 d-----w- c:\program files\Skype 2009-11-28 13:10:57 0 d-----w- c:\program files\Nero 2009-11-28 13:07:12 0 d-----w- c:\program files\D-Tools 2009-11-28 13:06:19 0 d-----w- c:\program files\common files\ODBC 2009-11-28 13:06:17 0 d-----w- c:\program files\common files\SpeechEngines 2009-11-28 13:05:57 0 d-----r- c:\documents and settings\all users\Documents 2009-11-28 13:02:22 0 d-----w- c:\program files\Microsoft ActiveSync 2009-11-28 12:56:31 0 d-----w- c:\program files\ffdshow 2009-11-28 12:56:20 0 d-----w- c:\program files\AC3Filter 2009-11-28 12:55:47 0 d-----w- c:\program files\K-Lite Codec Pack 2009-11-28 12:49:46 0 d-----w- c:\program files\Teletext 2009-11-28 12:49:06 0 d-----w- c:\program files\LifeView TVR 2009-11-28 12:37:48 0 d-----w- c:\program files\Realtek 2009-11-28 12:15:18 0 d-sh--w- c:\documents and settings\all users\DRM 2009-11-28 12:15:04 0 d--h--w- c:\program files\WindowsUpdate 2009-11-28 12:14:20 0 d-----w- c:\program files\common files\MSSoap 2009-11-28 12:13:19 0 d-----w- c:\program files\Online Services 2009-11-28 12:13:15 0 d-----w- c:\program files\Messenger 2009-11-28 12:13:12 0 d-----w- c:\program files\MSN Gaming Zone 2009-11-28 12:12:41 0 d-----w- c:\program files\Windows NT ==================== Find3M ==================== 2009-11-28 12:46:56 892032 ----a-w- c:\windows\system32\drivers\LVHybrid.sys 2009-11-28 12:46:56 3072 ----a-w- c:\windows\system32\34CoInstaller.dll 2009-11-28 12:37:37 315392 ----a-w- c:\windows\HideWin.exe 2009-11-28 12:13:34 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2009-11-13 22:57:16 922112 ------w- c:\windows\system32\imapi2fs.dll 2009-11-13 22:57:16 62592 ----a-w- c:\windows\system32\drivers\cdrom.sys 2009-11-13 22:57:16 426496 ------w- c:\windows\system32\imapi2.dll 2009-11-13 22:57:16 23856 ----a-w- c:\windows\system32\spupdsvc.exe 2004-08-03 22:56:44 166555 --sha-r- c:\windows\system32\jmuemps.dll ============= FINISH: 13:14:21.04 =============== mycity.rs/must-login.png #3 mycity.rs/must-login.png

Profil

helen1 Poslao: 27 Dec 2009 13:53 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	1Ovo se svidja korisniku: mcrule Registruj se da bi pohvalio/la poruku! Zdravo, Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

Vremenska prognoza Poslao: 27 Dec 2009 14:28 Idi na vrh
offline Vremenska prognoza Građanin Pridružio: 04 Okt 2005 Poruke: 47	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-12-26.04 - Dragana 12/27/2009 14:10:02.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1755 [GMT 1:00] Running from: c:\documents and settings\ Dragana\Desktop\ComboFix.exe AV: BitDefender Antivirus On-access scanning disabled (Outdated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\34CoInstaller.dll . ((((((((((((((((((((((((( Files Created from 2009-11-27 to 2009-12-27 ))))))))))))))))))))))))))))))) . 2009-12-26 23:10 . 2009-12-26 23:10 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles 2009-12-25 11:32 . 2009-12-25 11:32 -------- d-----w- c:\documents and settings\ Dragana\Application Data\RapidTyping 2009-12-25 11:32 . 2009-12-25 11:32 -------- d-----w- c:\documents and settings\All Users\Application Data\RapidTyping 2009-12-24 12:22 . 2009-12-24 12:22 -------- d-----w- c:\program files\IrfanView 2009-12-24 12:13 . 2009-12-24 12:22 -------- d-----w- c:\program files\Google 2009-12-24 12:09 . 2009-12-24 12:09 -------- d-----w- c:\program files\AskBarDis 2009-12-24 12:09 . 2009-12-24 12:09 -------- d-----w- c:\documents and settings\ Dragana\Application Data\Foxit 2009-12-24 12:09 . 2009-12-24 12:09 -------- d-----w- c:\program files\Foxit Software 2009-12-24 11:29 . 2009-12-24 11:29 1 ----a-w- c:\documents and settings\ Dragana\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2009-12-24 11:28 . 2009-12-24 11:28 -------- d-----w- c:\documents and settings\ Dragana\Application Data\OpenOffice.org 2009-12-24 11:26 . 2009-12-24 11:26 -------- d-----w- c:\program files\JRE 2009-12-24 11:26 . 2009-12-24 11:26 -------- d-----w- c:\program files\OpenOffice.org 3 2009-12-22 21:38 . 2009-12-22 21:38 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-12-22 21:38 . 2009-12-24 11:26 -------- d-----w- c:\program files\Java 2009-12-22 21:37 . 2009-12-22 21:37 152576 ----a-w- c:\documents and settings\ Dragana\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2009-12-22 21:34 . 2009-12-22 21:34 79488 ----a-w- c:\documents and settings\ Dragana\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2009-12-21 12:22 . 2009-12-21 12:22 -------- d-----w- c:\documents and settings\ Dragana\Local Settings\Application Data\Downloaded Installations 2009-12-21 12:19 . 2009-12-21 12:19 -------- d-----w- c:\program files\totalcmd 2009-12-21 12:19 . 2007-09-14 06:02 545 ----a-w- c:\windows\UC.PIF 2009-12-21 12:19 . 2007-09-14 06:02 545 ----a-w- c:\windows\RAR.PIF 2009-12-21 12:19 . 2007-09-14 06:02 545 ----a-w- c:\windows\PKZIP.PIF 2009-12-21 12:19 . 2007-09-14 06:02 545 ----a-w- c:\windows\PKUNZIP.PIF 2009-12-21 12:19 . 2007-09-14 06:02 545 ----a-w- c:\windows\NOCLOSE.PIF 2009-12-21 12:19 . 2007-09-14 06:02 545 ----a-w- c:\windows\LHA.PIF 2009-12-21 12:19 . 2007-09-14 06:02 545 ----a-w- c:\windows\ARJ.PIF 2009-12-14 19:15 . 2009-12-14 19:15 2146304 ----a-w- c:\windows\system32\GPhotos.scr 2009-12-10 17:05 . 2009-12-10 17:05 -------- d-----w- c:\documents and settings\ Dragana\Application Data\Malwarebytes 2009-12-10 17:05 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-10 17:05 . 2009-12-10 17:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-10 17:05 . 2009-12-10 17:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-12-10 17:05 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-10 17:00 . 2009-12-10 17:02 4844296 ----a-w- c:\program files\mbam-setup.exe 2009-12-06 00:20 . 2009-12-07 09:20 -------- d-----w- c:\program files\everestultimate530 2009-12-03 09:31 . 2009-12-24 12:14 -------- d-----w- c:\documents and settings\ Dragana\Local Settings\Application Data\Google 2009-12-03 09:31 . 2009-08-13 14:40 43008 ----a-w- c:\documents and settings\ Dragana\Application Data\Mozilla\Firefox\Profiles\gwfyzs3u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll 2009-12-03 09:31 . 2009-08-13 14:39 340480 ----a-w- c:\documents and settings\ Dragana\Application Data\Mozilla\Firefox\Profiles\gwfyzs3u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll 2009-12-03 09:31 . 2009-08-13 14:39 346112 ----a-w- c:\documents and settings\ Dragana\Application Data\Mozilla\Firefox\Profiles\gwfyzs3u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll 2009-12-03 09:23 . 2009-12-03 09:23 -------- d-s---w- c:\documents and settings\ Dragana\UserData 2009-12-02 18:40 . 2004-08-03 22:01 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys 2009-12-02 18:40 . 2004-08-03 22:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2009-12-02 18:19 . 2005-05-24 12:02 45056 ----a-w- c:\windows\system32\MSHRES_U.DLL 2009-12-02 18:19 . 2005-05-24 11:47 90112 ----a-w- c:\windows\system32\MLMON__U.DLL 2009-12-02 18:19 . 2005-03-15 10:13 49152 ----a-w- c:\windows\system32\MINFIN_U.EXE 2009-12-02 18:19 . 2005-03-15 10:12 9728 ----a-w- c:\windows\system32\MICM___U.DLL 2009-12-02 18:19 . 2005-03-15 10:10 13312 ----a-w- c:\windows\system32\MIMF32_U.DLL 2009-12-02 18:19 . 2005-03-15 10:10 10752 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\MIMFPR_U.DLL 2009-12-02 18:19 . 2005-03-15 10:09 23552 ----a-w- c:\windows\system32\MGDI32_U.DLL 2009-12-02 18:19 . 2004-07-08 15:10 51200 ----a-w- c:\windows\system32\MSPOOL_U.DLL 2009-12-02 18:19 . 2004-07-08 15:09 19456 ----a-w- c:\windows\system32\MTAG32_U.DLL 2009-12-02 18:19 . 2004-05-14 14:23 376832 ----a-w- c:\windows\system32\MSMCML_U.DLL 2009-12-02 18:19 . 2005-03-15 10:12 36864 ----a-w- c:\windows\system32\MCMM___U.DLL 2009-12-02 18:19 . 2009-12-02 18:19 -------- d-----w- c:\program files\KONICA MINOLTA 2009-12-02 09:46 . 2009-12-02 09:47 -------- d-----w- c:\windows\system32\NtmsData 2009-12-01 22:04 . 2009-12-01 22:04 -------- d-----w- c:\program files\Conexant 2009-12-01 22:04 . 2003-10-29 07:07 163840 ----a-r- c:\windows\system32\CnxHwIo.dll 2009-12-01 22:04 . 2003-10-29 07:02 108675 ----a-r- c:\windows\system32\drivers\CnxTgN.sys 2009-12-01 22:04 . 2003-09-12 02:26 60288 ----a-r- c:\windows\system32\drivers\CnxEtP.sys 2009-12-01 22:03 . 2002-08-06 06:59 118784 ----a-r- c:\windows\system32\CnxMfdCo.dll 2009-12-01 22:03 . 2001-10-03 06:08 118784 ----a-r- c:\windows\system32\CnxClsCo.dll 2009-12-01 22:03 . 2003-09-12 02:26 646784 ----a-r- c:\windows\system32\drivers\CnxEtU.sys 2009-11-30 19:03 . 2004-08-03 22:08 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys 2009-11-30 17:31 . 2001-08-17 12:48 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys 2009-11-30 17:31 . 2001-08-17 12:48 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys 2009-11-30 17:31 . 2004-08-03 21:58 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2009-11-30 17:31 . 2004-08-03 21:58 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2009-11-30 17:27 . 2004-08-03 23:56 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll 2009-11-30 17:27 . 2004-08-03 23:56 21504 ----a-w- c:\windows\system32\hidserv.dll 2009-11-30 17:26 . 2003-02-06 10:07 45056 ----a-w- c:\windows\system32\vusetup.dll 2009-11-30 17:26 . 2002-11-13 09:34 10496 ----a-w- c:\windows\system32\drivers\vulfntr.sys 2009-11-30 17:26 . 2002-10-24 08:07 6912 ----a-w- c:\windows\system32\drivers\vulfnth.sys 2009-11-30 17:26 . 2009-11-30 17:26 -------- d-----w- c:\program files\VIA Technologies, Inc 2009-11-30 17:26 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe 2009-11-30 17:25 . 2001-08-17 13:02 9600 -c--a-w- c:\windows\system32\dllcache\hidusb.sys 2009-11-30 17:25 . 2001-08-17 13:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys 2009-11-30 17:25 . 2004-08-03 22:08 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys 2009-11-30 17:25 . 2004-08-03 22:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2009-11-30 17:25 . 2004-08-03 22:08 57600 -c--a-w- c:\windows\system32\dllcache\usbhub.sys 2009-11-30 17:25 . 2004-08-03 22:08 57600 ----a-w- c:\windows\system32\drivers\usbhub.sys 2009-11-30 13:45 . 2009-12-02 18:42 -------- d-----w- c:\documents and settings\ Dragana\Local Settings\Application Data\Help 2009-11-30 10:54 . 2009-11-30 10:54 -------- d-----w- c:\documents and settings\ Dragana\Local Settings\Application Data\Opera 2009-11-28 15:11 . 2009-11-28 15:11 -------- d-----w- c:\documents and settings\ Dragana\Application Data\CyberLink 2009-11-28 15:11 . 2009-11-28 15:11 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink 2009-11-28 14:42 . 2009-11-28 14:42 -------- d-----w- c:\documents and settings\ Dragana\Application Data\BitDefender 2009-11-28 14:42 . 2009-11-28 14:46 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender 2009-11-28 14:42 . 2009-11-28 14:42 -------- d-----w- c:\program files\BitDefender 2009-11-28 14:41 . 2009-11-28 14:42 -------- d-----w- c:\program files\Common Files\BitDefender 2009-11-28 14:19 . 2009-11-28 14:19 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared 2009-11-28 14:12 . 2009-11-28 14:12 -------- d-----w- c:\documents and settings\ Dragana\Local Settings\Application Data\ACDSee 2009-11-28 14:12 . 2009-11-28 14:17 -------- d-----w- c:\documents and settings\ Dragana\Application Data\ACD Systems 2009-11-28 14:12 . 2009-11-28 14:12 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems 2009-11-28 14:12 . 2009-11-28 14:12 -------- d-----w- c:\program files\Common Files\ACD Systems 2009-11-28 14:12 . 2009-11-28 14:12 -------- d-----w- c:\program files\ACD Systems 2009-11-28 14:11 . 2009-12-07 09:19 -------- d-----w- c:\program files\PhotoFiltre 2009-11-28 14:10 . 2009-11-28 14:10 -------- d-----w- c:\windows\system32\Lang . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-24 14:07 . 2009-11-28 12:20 22032 ----a-w- c:\documents and settings\ Dragana\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-12-16 16:59 . 2009-11-28 13:05 -------- d-----w- c:\program files\Common Files\Adobe 2009-12-01 23:11 . 2009-11-28 13:20 -------- d-----w- c:\documents and settings\ Dragana\Application Data\Skype 2009-11-30 17:17 . 2009-11-28 12:15 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-11-28 13:23 . 2009-11-28 13:22 -------- d-----w- c:\program files\GameHouse 2009-11-28 13:20 . 2009-11-28 13:20 -------- d-----w- c:\program files\YouTube Downloader 2009-11-28 13:19 . 2009-11-28 13:19 -------- d-----w- c:\program files\Skype 2009-11-28 13:19 . 2009-11-28 13:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2009-11-28 13:19 . 2009-11-28 13:19 -------- d-----w- c:\program files\Common Files\Skype 2009-11-28 13:18 . 2009-11-28 13:18 0 ----a-w- c:\windows\nsreg.dat 2009-11-28 13:17 . 2009-11-28 13:17 -------- d-----w- c:\program files\Opera 2009-11-28 13:16 . 2009-11-28 13:13 -------- d-----w- c:\documents and settings\ Dragana\Application Data\Winamp 2009-11-28 13:16 . 2009-11-28 13:13 -------- d-----w- c:\program files\Winamp 2009-11-28 13:12 . 2009-11-28 13:10 -------- d-----w- c:\program files\Common Files\Ahead 2009-11-28 13:11 . 2009-11-28 13:11 -------- d-----w- c:\documents and settings\ Dragana\Application Data\Ahead 2009-11-28 13:10 . 2009-11-28 13:10 -------- d-----w- c:\program files\Nero 2009-11-28 13:07 . 2009-11-28 13:07 -------- d-----w- c:\program files\D-Tools 2009-11-28 13:02 . 2009-11-28 13:02 -------- d-----w- c:\program files\Microsoft ActiveSync 2009-11-28 13:02 . 2009-11-28 13:02 -------- d-----w- c:\program files\Microsoft.NET 2009-11-28 13:01 . 2009-11-28 13:01 -------- d-----w- c:\program files\CyberLink 2009-11-28 13:01 . 2009-11-28 12:37 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-11-28 13:01 . 2009-11-28 12:37 -------- d-----w- c:\program files\Common Files\InstallShield 2009-11-28 12:56 . 2009-11-28 12:56 -------- d-----w- c:\program files\ffdshow 2009-11-28 12:56 . 2009-11-28 12:56 -------- d-----w- c:\program files\AC3Filter 2009-11-28 12:55 . 2009-11-28 12:55 -------- d-----w- c:\documents and settings\All Users\Application Data\QuickTime 2009-11-28 12:55 . 2009-11-28 12:55 -------- d-----w- c:\program files\K-Lite Codec Pack 2009-11-28 12:55 . 2009-11-28 12:55 -------- d-----w- c:\program files\7-Zip 2009-11-28 12:49 . 2009-11-28 12:49 -------- d-----w- c:\program files\Teletext 2009-11-28 12:49 . 2009-11-28 12:49 -------- d-----w- c:\program files\LifeView TVR 2009-11-28 12:47 . 2009-11-28 12:47 -------- d-----w- c:\program files\DIFX 2009-11-28 12:46 . 2009-11-28 12:47 892032 ----a-w- c:\windows\system32\drivers\LVHybrid.sys 2009-11-28 12:37 . 2009-11-28 12:37 -------- d-----w- c:\program files\Realtek 2009-11-28 12:37 . 2009-11-28 12:37 315392 ----a-w- c:\windows\HideWin.exe 2009-11-28 12:31 . 2009-11-28 12:31 -------- d-----w- c:\program files\Intel 2009-11-28 12:16 . 2009-11-28 12:16 -------- d-----w- c:\program files\microsoft frontpage 2009-11-28 12:13 . 2009-11-28 12:13 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2009-11-13 22:57 . 2009-11-28 12:38 23856 ----a-w- c:\windows\system32\spupdsvc.exe 2009-11-13 22:57 . 2009-11-13 22:57 922112 ------w- c:\windows\system32\imapi2fs.dll 2009-11-13 22:57 . 2009-11-13 22:57 426496 ------w- c:\windows\system32\imapi2.dll 2009-11-13 22:57 . 2004-08-03 20:59 62592 ----a-w- c:\windows\system32\drivers\cdrom.sys 2008-08-13 18:02 . 2008-08-13 18:02 35840 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll 2004-08-03 22:56 . 2004-08-03 22:56 166555 --sha-r- c:\windows\system32\jmuemps.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2008-11-18 11:58 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-04-21 94208] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-24 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-12 8429568] "nwiz"="nwiz.exe" [2007-04-12 1626112] "SW20"="c:\windows\system32\sw20.exe" [2006-12-15 208896] "SW24"="c:\windows\system32\sw24.exe" [2006-12-15 69632] "WinSys2"="c:\windows\system32\winsys2.exe" [2006-12-15 217088] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-04-12 81920] "Remote"="c:\program files\LifeView TVR\remote.exe" [2007-02-15 212992] "RecSche"="c:\program files\LifeView TVR\RecSche.exe" [2007-02-15 458752] "RTHDCPL"="RTHDCPL.EXE" [2007-01-30 16116224] "SkyTel"="SkyTel.EXE" [2006-05-16 2879488] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "BDAgent"="c:\program files\BitDefender\BitDefender 2009\bdagent.exe" [2008-08-14 716800] "BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2009\IEShow.exe" [2008-08-10 69632] "CnxDslTaskBar"="c:\program files\Conexant\AccessRunner ADSL\CnxDslTb.exe" [2003-10-29 462848] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-22 149280] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] c:\documents and settings\ Dragana\Start Menu\Programs\Startup\ OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5894:TCP"= 5894:TCP:hijqx R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [11/28/2009 2:07 PM 155136] R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [11/28/2009 2:07 PM 5248] R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [8/12/2008 6:40 PM 108864] R3 CnxEtP;Conexant AccessRunner USB ADSL WAN Adapter Filter Driver;c:\windows\system32\drivers\CnxEtP.sys [12/1/2009 11:04 PM 60288] R3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;c:\windows\system32\drivers\CnxEtU.sys [12/1/2009 11:03 PM 646784] R3 CnxTgN;Conexant AccessRunner USB ADSL WAN Adapter Driver;c:\windows\system32\drivers\CnxTgN.sys [12/1/2009 11:04 PM 108675] R3 LVHybrid;LVHybrid service;c:\windows\system32\drivers\LVHybrid.sys [11/28/2009 1:47 PM 892032] S2 fcrgl;Installer Center;c:\windows\system32\svchost.exe -k netsvcs [8/3/2004 11:56 PM 14336] S3 Arrakis3;BitDefender Arrakis Server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [7/17/2008 1:06 PM 118784] S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\c:\everestultimate530\kerneld.wnt --> c:\everestultimate530\kerneld.wnt [?] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bdx REG_MULTI_SZ scan HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs fcrgl . ------- Supplementary Scan ------- . uDefault_Search_URL = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\ Dragana\Application Data\Mozilla\Firefox\Profiles\gwfyzs3u.default\ FF - component: c:\program files\Mozilla Firefox\components\FFComm.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll . - - - - ORPHANS REMOVED - - - - HKLM-Run-WinDVRCtrl - c:\windows\WDVRCtrl.exe HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-12-27 14:14 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, gmer.net device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x895CC308]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xf763bfc3 \Driver\ACPI -> ACPI.sys @ 0xf7588cb8 \Driver\atapi -> 0x895cc308 IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x8059ece9 ParseProcedure -> ntoskrnl.exe @ 0x8057e98a \Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x8059ece9 ParseProcedure -> ntoskrnl.exe @ 0x8057e98a NDIS: -> SendCompleteHandler -> 0x0 PacketIndicateHandler -> 0x0 SendHandler -> 0x0 Warning: possible MBR rootkit infection ! user & kernel MBR OK ********************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver] "ImagePath"="\??\c:\everestultimate530\kerneld.wnt" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\OMSCAN] "ImagePath"="\Sys" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\fcrgl] "ServiceDll"="c:\windows\system32\jmuemps.dll" . ------------------------ Other Running Processes ------------------------ . c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\wscntfy.exe c:\windows\system32\RUNDLL32.EXE c:\windows\RTHDCPL.EXE c:\program files\OpenOffice.org 3\program\soffice.exe c:\program files\OpenOffice.org 3\program\soffice.bin c:\program files\BitDefender\BitDefender 2009\seccenter.exe . ************************************************************************ . Completion time: 2009-12-27 14:15:43 - machine was rebooted ComboFix-quarantined-files.txt 2009-12-27 13:15 Pre-Run: 5,181,698,048 bytes free Post-Run: 5,731,766,272 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - C3C92C06D2FEA1BE53B5B4149CA44BC5

Profil

helen1 Poslao: 27 Dec 2009 14:45 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	1Ovo se svidja korisniku: mcrule Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `Registry:: [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5894:TCP"=- [-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\fcrgl] Driver:: fcrgl NetSvc:: fcrgl File:: c:\windows\system32\jmuemps.dll` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

Vremenska prognoza Poslao: 27 Dec 2009 15:10 Idi na vrh
offline Vremenska prognoza Građanin Pridružio: 04 Okt 2005 Poruke: 47	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-12-26.04 - Dragana 12/27/2009 14:53:47.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1442 [GMT 1:00] Running from: c:\documents and settings\ Dragana\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\ Dragana\Desktop\CFScript.txt AV: BitDefender Antivirus On-access scanning disabled (Outdated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB} FILE :: "c:\windows\system32\jmuemps.dll" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\jmuemps.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_FCRGL -------\Service_fcrgl ((((((((((((((((((((((((( Files Created from 2009-11-27 to 2009-12-27 ))))))))))))))))))))))))))))))) . 2009-12-26 23:10 . 2009-12-26 23:10 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles 2009-12-25 11:32 . 2009-12-25 11:32 -------- d-----w- c:\documents and settings\ Dragana\Application Data\RapidTyping 2009-12-25 11:32 . 2009-12-25 11:32 -------- d-----w- c:\documents and settings\All Users\Application Data\RapidTyping 2009-12-24 12:22 . 2009-12-24 12:22 -------- d-----w- c:\program files\IrfanView 2009-12-24 12:13 . 2009-12-24 12:22 -------- d-----w- c:\program files\Google 2009-12-24 12:09 . 2009-12-24 12:09 -------- d-----w- c:\program files\AskBarDis 2009-12-24 12:09 . 2009-12-24 12:09 -------- d-----w- c:\documents and settings\ Dragana\Application Data\Foxit 2009-12-24 12:09 . 2009-12-24 12:09 -------- d-----w- c:\program files\Foxit Software 2009-12-24 11:29 . 2009-12-24 11:29 1 ----a-w- c:\documents and settings\ Dragana\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys 2009-12-24 11:28 . 2009-12-24 11:28 -------- d-----w- c:\documents and settings\ Dragana\Application Data\OpenOffice.org 2009-12-24 11:26 . 2009-12-24 11:26 -------- d-----w- c:\program files\JRE 2009-12-24 11:26 . 2009-12-24 11:26 -------- d-----w- c:\program files\OpenOffice.org 3 2009-12-22 21:38 . 2009-12-22 21:38 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-12-22 21:38 . 2009-12-24 11:26 -------- d-----w- c:\program files\Java 2009-12-22 21:37 . 2009-12-22 21:37 152576 ----a-w- c:\documents and settings\ Dragana\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2009-12-22 21:34 . 2009-12-22 21:34 79488 ----a-w- c:\documents and settings\ Dragana\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2009-12-21 12:22 . 2009-12-21 12:22 -------- d-----w- c:\documents and settings\ Dragana\Local Settings\Application Data\Downloaded Installations 2009-12-21 12:19 . 2009-12-21 12:19 -------- d-----w- c:\program files\totalcmd 2009-12-21 12:19 . 2007-09-14 06:02 545 ----a-w- c:\windows\UC.PIF 2009-12-21 12:19 . 2007-09-14 06:02 545 ----a-w- c:\windows\RAR.PIF 2009-12-21 12:19 . 2007-09-14 06:02 545 ----a-w- c:\windows\PKZIP.PIF 2009-12-21 12:19 . 2007-09-14 06:02 545 ----a-w- c:\windows\PKUNZIP.PIF 2009-12-21 12:19 . 2007-09-14 06:02 545 ----a-w- c:\windows\NOCLOSE.PIF 2009-12-21 12:19 . 2007-09-14 06:02 545 ----a-w- c:\windows\LHA.PIF 2009-12-21 12:19 . 2007-09-14 06:02 545 ----a-w- c:\windows\ARJ.PIF 2009-12-14 19:15 . 2009-12-14 19:15 2146304 ----a-w- c:\windows\system32\GPhotos.scr 2009-12-10 17:05 . 2009-12-10 17:05 -------- d-----w- c:\documents and settings\ Dragana\Application Data\Malwarebytes 2009-12-10 17:05 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-10 17:05 . 2009-12-10 17:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-10 17:05 . 2009-12-10 17:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-12-10 17:05 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-10 17:00 . 2009-12-10 17:02 4844296 ----a-w- c:\program files\mbam-setup.exe 2009-12-06 00:20 . 2009-12-07 09:20 -------- d-----w- c:\program files\everestultimate530 2009-12-03 09:31 . 2009-12-24 12:14 -------- d-----w- c:\documents and settings\ Dragana\Local Settings\Application Data\Google 2009-12-03 09:31 . 2009-08-13 14:40 43008 ----a-w- c:\documents and settings\ Dragana\Application Data\Mozilla\Firefox\Profiles\gwfyzs3u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll 2009-12-03 09:31 . 2009-08-13 14:39 340480 ----a-w- c:\documents and settings\ Dragana\Application Data\Mozilla\Firefox\Profiles\gwfyzs3u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll 2009-12-03 09:31 . 2009-08-13 14:39 346112 ----a-w- c:\documents and settings\ Dragana\Application Data\Mozilla\Firefox\Profiles\gwfyzs3u.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll 2009-12-03 09:23 . 2009-12-03 09:23 -------- d-s---w- c:\documents and settings\ Dragana\UserData 2009-12-02 18:40 . 2004-08-03 22:01 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys 2009-12-02 18:40 . 2004-08-03 22:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2009-12-02 18:19 . 2005-05-24 12:02 45056 ----a-w- c:\windows\system32\MSHRES_U.DLL 2009-12-02 18:19 . 2005-05-24 11:47 90112 ----a-w- c:\windows\system32\MLMON__U.DLL 2009-12-02 18:19 . 2005-03-15 10:13 49152 ----a-w- c:\windows\system32\MINFIN_U.EXE 2009-12-02 18:19 . 2005-03-15 10:12 9728 ----a-w- c:\windows\system32\MICM___U.DLL 2009-12-02 18:19 . 2005-03-15 10:10 13312 ----a-w- c:\windows\system32\MIMF32_U.DLL 2009-12-02 18:19 . 2005-03-15 10:10 10752 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\MIMFPR_U.DLL 2009-12-02 18:19 . 2005-03-15 10:09 23552 ----a-w- c:\windows\system32\MGDI32_U.DLL 2009-12-02 18:19 . 2004-07-08 15:10 51200 ----a-w- c:\windows\system32\MSPOOL_U.DLL 2009-12-02 18:19 . 2004-07-08 15:09 19456 ----a-w- c:\windows\system32\MTAG32_U.DLL 2009-12-02 18:19 . 2004-05-14 14:23 376832 ----a-w- c:\windows\system32\MSMCML_U.DLL 2009-12-02 18:19 . 2005-03-15 10:12 36864 ----a-w- c:\windows\system32\MCMM___U.DLL 2009-12-02 18:19 . 2009-12-02 18:19 -------- d-----w- c:\program files\KONICA MINOLTA 2009-12-02 09:46 . 2009-12-02 09:47 -------- d-----w- c:\windows\system32\NtmsData 2009-12-01 22:04 . 2009-12-01 22:04 -------- d-----w- c:\program files\Conexant 2009-12-01 22:04 . 2003-10-29 07:07 163840 ----a-r- c:\windows\system32\CnxHwIo.dll 2009-12-01 22:04 . 2003-10-29 07:02 108675 ----a-r- c:\windows\system32\drivers\CnxTgN.sys 2009-12-01 22:04 . 2003-09-12 02:26 60288 ----a-r- c:\windows\system32\drivers\CnxEtP.sys 2009-12-01 22:03 . 2002-08-06 06:59 118784 ----a-r- c:\windows\system32\CnxMfdCo.dll 2009-12-01 22:03 . 2001-10-03 06:08 118784 ----a-r- c:\windows\system32\CnxClsCo.dll 2009-12-01 22:03 . 2003-09-12 02:26 646784 ----a-r- c:\windows\system32\drivers\CnxEtU.sys 2009-11-30 19:03 . 2004-08-03 22:08 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys 2009-11-30 17:31 . 2001-08-17 12:48 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys 2009-11-30 17:31 . 2001-08-17 12:48 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys 2009-11-30 17:31 . 2004-08-03 21:58 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2009-11-30 17:31 . 2004-08-03 21:58 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2009-11-30 17:27 . 2004-08-03 23:56 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll 2009-11-30 17:27 . 2004-08-03 23:56 21504 ----a-w- c:\windows\system32\hidserv.dll 2009-11-30 17:26 . 2003-02-06 10:07 45056 ----a-w- c:\windows\system32\vusetup.dll 2009-11-30 17:26 . 2002-11-13 09:34 10496 ----a-w- c:\windows\system32\drivers\vulfntr.sys 2009-11-30 17:26 . 2002-10-24 08:07 6912 ----a-w- c:\windows\system32\drivers\vulfnth.sys 2009-11-30 17:26 . 2009-11-30 17:26 -------- d-----w- c:\program files\VIA Technologies, Inc 2009-11-30 17:26 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe 2009-11-30 17:25 . 2001-08-17 13:02 9600 -c--a-w- c:\windows\system32\dllcache\hidusb.sys 2009-11-30 17:25 . 2001-08-17 13:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys 2009-11-30 17:25 . 2004-08-03 22:08 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys 2009-11-30 17:25 . 2004-08-03 22:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2009-11-30 17:25 . 2004-08-03 22:08 57600 -c--a-w- c:\windows\system32\dllcache\usbhub.sys 2009-11-30 17:25 . 2004-08-03 22:08 57600 ----a-w- c:\windows\system32\drivers\usbhub.sys 2009-11-30 13:45 . 2009-12-02 18:42 -------- d-----w- c:\documents and settings\ Dragana\Local Settings\Application Data\Help 2009-11-30 10:54 . 2009-11-30 10:54 -------- d-----w- c:\documents and settings\ Dragana\Local Settings\Application Data\Opera 2009-11-28 15:11 . 2009-11-28 15:11 -------- d-----w- c:\documents and settings\ Dragana\Application Data\CyberLink 2009-11-28 15:11 . 2009-11-28 15:11 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink 2009-11-28 14:42 . 2009-11-28 14:42 -------- d-----w- c:\documents and settings\ Dragana\Application Data\BitDefender 2009-11-28 14:42 . 2009-11-28 14:46 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender 2009-11-28 14:42 . 2009-11-28 14:42 -------- d-----w- c:\program files\BitDefender 2009-11-28 14:41 . 2009-11-28 14:42 -------- d-----w- c:\program files\Common Files\BitDefender 2009-11-28 14:19 . 2009-11-28 14:19 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared 2009-11-28 14:12 . 2009-11-28 14:12 -------- d-----w- c:\documents and settings\ Dragana\Local Settings\Application Data\ACDSee 2009-11-28 14:12 . 2009-11-28 14:17 -------- d-----w- c:\documents and settings\ Dragana\Application Data\ACD Systems 2009-11-28 14:12 . 2009-11-28 14:12 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems 2009-11-28 14:12 . 2009-11-28 14:12 -------- d-----w- c:\program files\Common Files\ACD Systems 2009-11-28 14:12 . 2009-11-28 14:12 -------- d-----w- c:\program files\ACD Systems 2009-11-28 14:11 . 2009-12-07 09:19 -------- d-----w- c:\program files\PhotoFiltre 2009-11-28 14:10 . 2009-11-28 14:10 -------- d-----w- c:\windows\system32\Lang . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-24 14:07 . 2009-11-28 12:20 22032 ----a-w- c:\documents and settings\ Dragana\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-12-16 16:59 . 2009-11-28 13:05 -------- d-----w- c:\program files\Common Files\Adobe 2009-12-01 23:11 . 2009-11-28 13:20 -------- d-----w- c:\documents and settings\ Dragana\Application Data\Skype 2009-11-30 17:17 . 2009-11-28 12:15 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-11-28 13:23 . 2009-11-28 13:22 -------- d-----w- c:\program files\GameHouse 2009-11-28 13:20 . 2009-11-28 13:20 -------- d-----w- c:\program files\YouTube Downloader 2009-11-28 13:19 . 2009-11-28 13:19 -------- d-----w- c:\program files\Skype 2009-11-28 13:19 . 2009-11-28 13:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2009-11-28 13:19 . 2009-11-28 13:19 -------- d-----w- c:\program files\Common Files\Skype 2009-11-28 13:18 . 2009-11-28 13:18 0 ----a-w- c:\windows\nsreg.dat 2009-11-28 13:17 . 2009-11-28 13:17 -------- d-----w- c:\program files\Opera 2009-11-28 13:16 . 2009-11-28 13:13 -------- d-----w- c:\documents and settings\ Dragana\Application Data\Winamp 2009-11-28 13:16 . 2009-11-28 13:13 -------- d-----w- c:\program files\Winamp 2009-11-28 13:12 . 2009-11-28 13:10 -------- d-----w- c:\program files\Common Files\Ahead 2009-11-28 13:11 . 2009-11-28 13:11 -------- d-----w- c:\documents and settings\ Dragana\Application Data\Ahead 2009-11-28 13:10 . 2009-11-28 13:10 -------- d-----w- c:\program files\Nero 2009-11-28 13:07 . 2009-11-28 13:07 -------- d-----w- c:\program files\D-Tools 2009-11-28 13:02 . 2009-11-28 13:02 -------- d-----w- c:\program files\Microsoft ActiveSync 2009-11-28 13:02 . 2009-11-28 13:02 -------- d-----w- c:\program files\Microsoft.NET 2009-11-28 13:01 . 2009-11-28 13:01 -------- d-----w- c:\program files\CyberLink 2009-11-28 13:01 . 2009-11-28 12:37 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-11-28 13:01 . 2009-11-28 12:37 -------- d-----w- c:\program files\Common Files\InstallShield 2009-11-28 12:56 . 2009-11-28 12:56 -------- d-----w- c:\program files\ffdshow 2009-11-28 12:56 . 2009-11-28 12:56 -------- d-----w- c:\program files\AC3Filter 2009-11-28 12:55 . 2009-11-28 12:55 -------- d-----w- c:\documents and settings\All Users\Application Data\QuickTime 2009-11-28 12:55 . 2009-11-28 12:55 -------- d-----w- c:\program files\K-Lite Codec Pack 2009-11-28 12:55 . 2009-11-28 12:55 -------- d-----w- c:\program files\7-Zip 2009-11-28 12:49 . 2009-11-28 12:49 -------- d-----w- c:\program files\Teletext 2009-11-28 12:49 . 2009-11-28 12:49 -------- d-----w- c:\program files\LifeView TVR 2009-11-28 12:47 . 2009-11-28 12:47 -------- d-----w- c:\program files\DIFX 2009-11-28 12:46 . 2009-11-28 12:47 892032 ----a-w- c:\windows\system32\drivers\LVHybrid.sys 2009-11-28 12:37 . 2009-11-28 12:37 -------- d-----w- c:\program files\Realtek 2009-11-28 12:37 . 2009-11-28 12:37 315392 ----a-w- c:\windows\HideWin.exe 2009-11-28 12:31 . 2009-11-28 12:31 -------- d-----w- c:\program files\Intel 2009-11-28 12:16 . 2009-11-28 12:16 -------- d-----w- c:\program files\microsoft frontpage 2009-11-28 12:13 . 2009-11-28 12:13 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2009-11-13 22:57 . 2009-11-28 12:38 23856 ----a-w- c:\windows\system32\spupdsvc.exe 2009-11-13 22:57 . 2009-11-13 22:57 922112 ------w- c:\windows\system32\imapi2fs.dll 2009-11-13 22:57 . 2009-11-13 22:57 426496 ------w- c:\windows\system32\imapi2.dll 2009-11-13 22:57 . 2004-08-03 20:59 62592 ----a-w- c:\windows\system32\drivers\cdrom.sys 2008-08-13 18:02 . 2008-08-13 18:02 35840 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll . ((((((((((((((((((((((((((((( SnapShot@2009-12-27_13.14.09 ))))))))))))))))))))))))))))))))))))))))) . + 2009-12-27 13:58 . 2009-12-27 13:58 16384 c:\windows\Temp\Perflib_Perfdata_534.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2008-11-18 11:58 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-04-21 94208] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-24 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-12 8429568] "nwiz"="nwiz.exe" [2007-04-12 1626112] "SW20"="c:\windows\system32\sw20.exe" [2006-12-15 208896] "SW24"="c:\windows\system32\sw24.exe" [2006-12-15 69632] "WinSys2"="c:\windows\system32\winsys2.exe" [2006-12-15 217088] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-04-12 81920] "Remote"="c:\program files\LifeView TVR\remote.exe" [2007-02-15 212992] "RecSche"="c:\program files\LifeView TVR\RecSche.exe" [2007-02-15 458752] "RTHDCPL"="RTHDCPL.EXE" [2007-01-30 16116224] "SkyTel"="SkyTel.EXE" [2006-05-16 2879488] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "BDAgent"="c:\program files\BitDefender\BitDefender 2009\bdagent.exe" [2008-08-14 716800] "BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2009\IEShow.exe" [2008-08-10 69632] "CnxDslTaskBar"="c:\program files\Conexant\AccessRunner ADSL\CnxDslTb.exe" [2003-10-29 462848] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-22 149280] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] c:\documents and settings\ Dragana\Start Menu\Programs\Startup\ OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [11/28/2009 2:07 PM 155136] R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [11/28/2009 2:07 PM 5248] R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [8/12/2008 6:40 PM 108864] R3 CnxEtP;Conexant AccessRunner USB ADSL WAN Adapter Filter Driver;c:\windows\system32\drivers\CnxEtP.sys [12/1/2009 11:04 PM 60288] R3 CnxEtU;Conexant AccessRunner USB ADSL Interface Device Driver;c:\windows\system32\drivers\CnxEtU.sys [12/1/2009 11:03 PM 646784] R3 CnxTgN;Conexant AccessRunner USB ADSL WAN Adapter Driver;c:\windows\system32\drivers\CnxTgN.sys [12/1/2009 11:04 PM 108675] R3 LVHybrid;LVHybrid service;c:\windows\system32\drivers\LVHybrid.sys [11/28/2009 1:47 PM 892032] S2 OMSCAN;OMSCAN;\SysT --> \SysT [?] S3 Arrakis3;BitDefender Arrakis Server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [7/17/2008 1:06 PM 118784] S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\c:\everestultimate530\kerneld.wnt --> c:\everestultimate530\kerneld.wnt [?] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bdx REG_MULTI_SZ scan . ------- Supplementary Scan ------- . uDefault_Search_URL = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: {4B324742-EF4B-42AF-ABCF-EF3C77FC313A} = 194.106.162.10 194.106.162.3 FF - ProfilePath - c:\documents and settings\Skundric Dragana\Application Data\Mozilla\Firefox\Profiles\gwfyzs3u.default\ FF - component: c:\program files\Mozilla Firefox\components\FFComm.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-12-27 14:58 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, gmer.net device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x89502F00]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xf763bfc3 \Driver\ACPI -> ACPI.sys @ 0xf7588cb8 \Driver\atapi -> 0x89502f00 IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x8059ece9 ParseProcedure -> ntoskrnl.exe @ 0x8057e98a \Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x8059ece9 ParseProcedure -> ntoskrnl.exe @ 0x8057e98a NDIS: -> SendCompleteHandler -> 0x0 PacketIndicateHandler -> 0x0 SendHandler -> 0x0 Warning: possible MBR rootkit infection ! user & kernel MBR OK ********************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver] "ImagePath"="\??\c:\everestultimate530\kerneld.wnt" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\OMSCAN] "ImagePath"="\Sys" . ------------------------ Other Running Processes ------------------------ . c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\wscntfy.exe c:\windows\system32\RUNDLL32.EXE c:\windows\RTHDCPL.EXE c:\program files\OpenOffice.org 3\program\soffice.exe c:\program files\OpenOffice.org 3\program\soffice.bin c:\program files\BitDefender\BitDefender 2009\seccenter.exe . ************************************************************************ . Completion time: 2009-12-27 15:00:13 - machine was rebooted ComboFix-quarantined-files.txt 2009-12-27 14:00 ComboFix2.txt 2009-12-27 13:15 Pre-Run: 5,735,895,040 bytes free Post-Run: 5,643,927,552 bytes free - - End Of File - - 4D2D3E59BFB00E7FF7D2E886E83C937D

Profil

helen1 Poslao: 27 Dec 2009 15:29 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	1Ovo se svidja korisniku: mcrule Registruj se da bi pohvalio/la poruku! Zasto mi nisi postavio Gmer logove? Ima li kakvog poboljsanja?

Profil

Vremenska prognoza Poslao: 27 Dec 2009 16:16 Idi na vrh
offline Vremenska prognoza Građanin Pridružio: 04 Okt 2005 Poruke: 47	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Poboljsanja ima, sada mogu da udjem na sajtove, protok je normalan. Sto se tice Gmer-a, njega ne mogu da startujem, evo ga RootRepeal log: mycity.rs/must-login.png Nadam se da je sada sve O.K. Hvala ti puno na pomoci, car si!

Profil

helen1 Poslao: 27 Dec 2009 22:22 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	1Ovo se svidja korisniku: mcrule Registruj se da bi pohvalio/la poruku! Preuzmi DeFogger sa ovog linka na Desktop . Dvoklikom pokreni DeFogger; Pojaviće se MsgBox na kome ćeš kliknuti na taster Disable; Ponovo će se pojaviti MsgBox na kome ćeš kliknuti na Yes; Sačekaj da se procesuiranje programa DeFogger izvrši pa nastavi prema sledećem uputstvu. Napomena:Na kraju postupka ce biti potrebno ponovno pokretanje Windows-a. Ovim postupkom će biti deaktivirani CD/DVD emulatori i omogućen neometan rad programa koje koristimo. ------ Kad to uradis, onda probaj Gmer.

Profil

Vremenska prognoza Poslao: 28 Dec 2009 12:03 Idi na vrh
offline Vremenska prognoza Građanin Pridružio: 04 Okt 2005 Poruke: 47	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Posle startovanja DeFogger-a javlja mi poruku Daemon Tools Invalid Device. Pokusala da startujem Gmer, ali kao i u prethodnim pokusajima on krene uvodno skeniranje i nestane ceo njegov ekran, posle cega se komp zaglavi i moram da ga restartujem.

Profil

helen1 Poslao: 28 Dec 2009 14:40 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	1Ovo se svidja korisniku: mcrule Registruj se da bi pohvalio/la poruku! A, posle tog resetovanja, jel proradi onda Gmer?

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Ne otara sajtove sa AV programima

Ko je trenutno na forumu

Ukupno su 1172 korisnika na forumu :: 53 registrovanih, 11 sakrivenih i 1108 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, Acivi, armor, avijacija, babaroga, Belac91, bigfoot, bokisha253, brundo65, darcaud, DeerHunter, djboj, Djokkinen, Dorcolac, Georgius, GORDI, goxin, ivica976, jukeboxer, Kibice, kikisp, kokodakalo, kolle.the.kid, Krusarac, kybonacci, Litostroton, Marko Marković, mercedesamg, milimoj, milos.cbr, MiroslavD, MrNo, nenooo, Niko Bitan, pein, Povratak1912, raptorsi, Regrut Boskica, Romibrat, ruma, ruseskij, sasakrajina, shone34, Srki94, Stoilkovic, suponik, Tragač, trajkoni018, vladaa012, voja64, Zanim98, zlaya011, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by