MyCity » Ambulanta -> Arhiva Ambulante » Poludeo nasminkani XP

Poludeo nasminkani XP

Napisano na dan: 13.9.2008

Poludeo nasminkani XP

Sledeća strana

Pagination

Odgovori

][v][ A T R I X™ Poslao: 13 Sep 2008 20:09 Idi na vrh
offline ][v][ A T R I X™ Legendarni građanin Pridružio: 28 Apr 2005 Poruke: 3686 Gde živiš: The Circle	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:50:27, on 13/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\Explorer.EXE D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe D:\Program Files\WinFlip\WinFlip.exe D:\Program Files\Unlocker\UnlockerAssistant.exe D:\Program Files\LClock\LClock.exe D:\WINDOWS\tsnpstd3.exe D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe D:\WINDOWS\system32\CTHELPER.EXE D:\Program Files\EPoX\USDM\USDM.EXE D:\WINDOWS\vsnpstd3.exe D:\Program Files\HotKey\hotkey.exe D:\WINDOWS\system32\ctfmon.exe D:\Program Files\ViStart\ViStart.exe D:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe D:\Program Files\Windows Sidebar\sidebar.exe D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe D:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe D:\Program Files\Messenger\msmsgs.exe D:\Program Files\HooTech\NetMeter\HooNetMeter.exe D:\Documents and Settings\AMDx64\Local Settings\Application Data\Google\Update\GoogleUpdate.exe D:\Program Files\Adobe\Photoshop Elements 6ins\PhotoshopElementsFileAgent.exe D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe D:\Program Files\Bonjour\mDNSResponder.exe D:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe D:\WINDOWS\system32\svchost.exe D:\Program Files\WallCooler\WallCoolerService.exe D:\PROGRA~1\HotKey\OSD.exe D:\Program Files\Windows Sidebar\sidebar.exe D:\Program Files\Windows Sidebar\sidebar.exe D:\Program Files\Windows Live\Messenger\usnsvc.exe D:\Program Files\Mozilla Firefox\firefox.exe D:\WINDOWS\explorer.exe J:\BEA\kolegicamasposlas.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\PROGRA~1\FlashFXP\IEFlash.dll O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - D:\Program Files\Styler\TB\StylerTB.dll O4 - HKLM\..\Run: [WINFLIP] D:\Program Files\WinFlip\WinFlip.exe O4 - HKLM\..\Run: [UnlockerAssistant] D:\Program Files\Unlocker\UnlockerAssistant.exe -H O4 - HKLM\..\Run: [DriveSpace] D:\Program Files\Drive Space Indicator\DrvSpace.exe O4 - HKLM\..\Run: [LClock] D:\Program Files\LClock\LClock.exe O4 - HKLM\..\Run: [tsnpstd3] D:\WINDOWS\tsnpstd3.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [Jet Detection] "D:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" O4 - HKLM\..\Run: [EPoXUSDM] "D:\Program Files\EPoX\USDM\USDM.EXE" "5000" O4 - HKLM\..\Run: [WallCooler] D:\Program Files\WallCooler\WallCoolerConsole.exe LOGIN O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Program Files\Adobe\Photoshop Elements 6ins\apdproxy.exe" O4 - HKLM\..\Run: [snpstd3] D:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [HotKey] D:\Program Files\HotKey\hotkey.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ViStart] D:\Program Files\ViStart\ViStart O4 - HKCU\..\Run: [VisualTaskTips] D:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [VoipBuster] "D:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [NetMeter] D:\Program Files\HooTech\NetMeter\HooNetMeter.exe O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\AMDx64\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [ViStart] D:\Program Files\ViStart\ViStart (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [VisualTaskTips] D:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Startup: BORGChat.lnk = D:\Program Files\BORGChat\BORGChat.exe O4 - Startup: OpenOffice.org 2.4.lnk = D:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O4 - Startup: Psi.lnk = D:\Program Files\Psi\psi.exe O4 - Startup: Styler.lnk = ? O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - O17 - HKLM\System\CCS\Services\Tcpip\..\{F321A863-657D-4907-8CD6-237599F3DB1C}: NameServer = 192.168.254.254 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - D:\Program Files\Adobe\Photoshop Elements 6ins\PhotoshopElementsFileAgent.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Imapi Helper - Alex Feinman - D:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe O23 - Service: lmab_device - Unknown owner - D:\WINDOWS\system32\LMabcoms.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - D:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - D:\Program Files\WinPcap\rpcapd.exe O23 - Service: WallCoolerService - Vedivi Ltd. - D:\Program Files\WallCooler\WallCoolerService.exe O23 - Service: Windows Driver Foundation - User-mode Driver Framework (WudfSvc) - Unknown owner - hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00, 65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00, 6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00 (file missing) -- End of file - 11342 bytes

Profil

dr_Bora Poslao: 13 Sep 2008 21:53 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Poz... Tačno u čemu je problem?

Profil

][v][ A T R I X™ Poslao: 14 Sep 2008 00:18 Idi na vrh
offline ][v][ A T R I X™ Legendarni građanin Pridružio: 28 Apr 2005 Poruke: 3686 Gde živiš: The Circle	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Mnogo toga.... npr. iskljucuje se Quick launch toolbar, klik na bilo sta sa start menija ili q. launcha ne reaguje... IE se podize, ali ne otvara ni jedan sajt... i to samo hoce na start - run - iexplore... dok npr. MSN mesindzer nece ni tako... IE nece da se zatvori, mora da se ubija proces.... Opce rasulo.... zaglavi na minut-dva kada izadje poruka da je onaj nesretni Windows Sidebar\sidebar.exe puko' a to odmah prijavi po startu sistema... Uradio sam i ComboFix, dugo je drndao i kao da sada normalnije radi sistem, ali nista nije obrisao pod 'other deletions' ... Da kacim log?

Profil

dr_Bora Poslao: 14 Sep 2008 10:21 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Postavi log.

Profil

][v][ A T R I X™ Poslao: 14 Sep 2008 18:46 Idi na vrh
offline ][v][ A T R I X™ Legendarni građanin Pridružio: 28 Apr 2005 Poruke: 3686 Gde živiš: The Circle	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-09-13.02 - AMDx64 2008-09-13 20:11:48.5 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.874.1.1033.18.583 [GMT 2:00] Running from: D:\Documents and Settings\AMDx64\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-08-13 to 2008-09-13 ))))))))))))))))))))))))))))))) . 2008-09-05 20:24 . 2008-09-05 20:24 <DIR> d-------- D:\Program Files\Bonjour 2008-09-03 03:32 . 2008-09-03 03:32 <DIR> d-------- D:\Program Files\HooTech 2008-09-03 03:32 . 2008-09-03 03:32 <DIR> d-------- D:\Documents and Settings\AMDx64\Application Data\HTNetMeter 2008-09-02 15:27 . 2008-09-02 15:27 <DIR> d-------- D:\Documents and Settings\All Users\Application Data\espionServerData 2008-08-31 00:22 . 2008-08-31 00:22 55,904 --a------ D:\WINDOWS\FontData.fdb 2008-08-31 00:19 . 2008-08-31 00:21 3,140 --ahs---- D:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys 2008-08-31 00:19 . 2008-08-31 00:19 8 -r-hs---- D:\Documents and Settings\All Users\Application Data\A9B75ECCB9.sys 2008-08-31 00:18 . 2008-08-31 00:19 <DIR> d-------- D:\Documents and Settings\AMDx64\Application Data\Corel 2008-08-31 00:15 . 2008-08-31 00:15 <DIR> d-------- D:\Program Files\Common Files\Protexis 2008-08-31 00:15 . 2008-08-31 00:15 <DIR> d-------- D:\Documents and Settings\All Users\Application Data\Corel 2008-08-31 00:13 . 2008-08-31 00:13 <DIR> d-------- D:\Program Files\Common Files\Corel 2008-08-28 14:53 . 2008-09-10 07:45 <DIR> d-------- D:\Documents and Settings\AMDx64\Application Data\gtk-2.0 2008-08-28 14:53 . 2008-08-28 14:53 <DIR> d-------- D:\Documents and Settings\AMDx64\.thumbnails 2008-08-28 14:48 . 2008-09-10 08:49 <DIR> d-------- D:\Documents and Settings\AMDx64\.gimp-2.4 2008-08-28 14:47 . 2008-08-28 14:48 <DIR> d-------- D:\Program Files\GIMP-2.0 2008-08-26 22:49 . 2008-09-11 03:07 <DIR> d-a------ D:\Documents and Settings\All Users\Application Data\TEMP 2008-08-26 12:06 . 2008-08-26 12:06 <DIR> d-------- D:\Documents and Settings\AMDx64\Application Data\VoipBuster 2008-08-26 12:05 . 2008-08-26 12:05 <DIR> d-------- D:\Program Files\VoipBuster.com 2008-08-24 23:20 . 2008-06-24 18:43 74,240 --------- D:\WINDOWS\system32\dllcache\mscms.dll 2008-08-24 23:19 . 2008-07-07 22:26 253,952 --------- D:\WINDOWS\system32\dllcache\es.dll 2008-08-24 23:16 . 2008-05-01 16:33 331,776 --------- D:\WINDOWS\system32\dllcache\msadce.dll 2008-08-24 23:15 . 2008-04-11 21:04 691,712 --------- D:\WINDOWS\system32\dllcache\inetcomm.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-13 17:12 --------- d-----w D:\Program Files\WinFlip 2008-09-13 17:12 --------- d-----w D:\Program Files\ViStart 2008-09-13 17:12 --------- d-----w D:\Program Files\Drive Space Indicator 2008-09-12 17:20 --------- d-----w D:\Program Files\WallCooler 2008-09-11 18:29 --------- d-----w D:\Program Files\Ahead 2008-09-11 17:38 --------- d-----w D:\Documents and Settings\AMDx64\Application Data\OpenOffice.org2 2008-09-10 03:48 --------- d-----w D:\Documents and Settings\AMDx64\Application Data\Skype 2008-09-10 03:36 --------- d-----w D:\Documents and Settings\AMDx64\Application Data\skypePM 2008-09-10 01:05 --------- d-----w D:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-09-07 15:02 --------- d-----w D:\Program Files\Java 2008-09-05 18:24 --------- d-----w D:\Program Files\Common Files\Adobe 2008-09-04 02:00 --------- d-----w D:\Program Files\Spybot - Search & Destroy 2008-09-03 15:52 --------- d-----w D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-08-24 21:57 --------- d-----w D:\Program Files\Microsoft Silverlight 2008-08-10 03:43 --------- d-----w D:\Program Files\Webserver Stress Tool 7 2008-08-06 22:08 --------- d-----w D:\Program Files\Lexmark_HostCD 2008-08-06 22:08 --------- d-----w D:\Program Files\Lexmark 2008-07-29 05:01 --------- d--h--w D:\Program Files\InstallShield Installation Information 2008-07-29 05:01 --------- d-----w D:\Program Files\hotkey 2008-07-29 05:01 --------- d-----w D:\Program Files\Common Files\InstallShield 2008-07-27 01:15 --------- d-----w D:\Documents and Settings\AMDx64\Application Data\.purple 2008-07-26 02:17 --------- d-----w D:\Program Files\Mozilla Thunderbird 2008-07-26 01:48 --------- d-----w D:\Documents and Settings\All Users\Application Data\pdf995 2008-07-18 20:10 94,920 ----a-w D:\WINDOWS\system32\dllcache\cdm.dll 2008-07-18 20:10 94,920 ----a-w D:\WINDOWS\system32\cdm.dll 2008-07-18 20:10 53,448 ----a-w D:\WINDOWS\system32\wuauclt.exe 2008-07-18 20:10 53,448 ----a-w D:\WINDOWS\system32\dllcache\wuauclt.exe 2008-07-18 20:10 45,768 ----a-w D:\WINDOWS\system32\wups2.dll 2008-07-18 20:10 36,552 ----a-w D:\WINDOWS\system32\wups.dll 2008-07-18 20:10 36,552 ----a-w D:\WINDOWS\system32\dllcache\wups.dll 2008-07-18 20:09 563,912 ----a-w D:\WINDOWS\system32\wuapi.dll 2008-07-18 20:09 563,912 ----a-w D:\WINDOWS\system32\dllcache\wuapi.dll 2008-07-18 20:09 325,832 ----a-w D:\WINDOWS\system32\wucltui.dll 2008-07-18 20:09 325,832 ----a-w D:\WINDOWS\system32\dllcache\wucltui.dll 2008-07-18 20:09 205,000 ----a-w D:\WINDOWS\system32\wuweb.dll 2008-07-18 20:09 205,000 ----a-w D:\WINDOWS\system32\dllcache\wuweb.dll 2008-07-18 20:09 1,811,656 ----a-w D:\WINDOWS\system32\wuaueng.dll 2008-07-18 20:09 1,811,656 ----a-w D:\WINDOWS\system32\dllcache\wuaueng.dll 2008-07-18 20:07 270,880 ----a-w D:\WINDOWS\system32\mucltui.dll 2008-07-18 20:07 210,976 ----a-w D:\WINDOWS\system32\muweb.dll 2008-07-17 02:02 --------- d-----w D:\Documents and Settings\AMDx64\Application Data\TeamViewer 2008-07-16 19:46 --------- d-----w D:\Program Files\Pidgin 2008-07-16 04:57 9,464 ------w D:\WINDOWS\system32\drivers\cdralw2k.sys 2008-07-16 04:57 9,336 ------w D:\WINDOWS\system32\drivers\cdr4_xp.sys 2008-07-16 04:57 43,528 ------w D:\WINDOWS\system32\drivers\PxHelp20.sys 2008-07-16 04:57 129,784 ------w D:\WINDOWS\system32\pxafs.dll 2008-07-16 04:57 118,520 ------w D:\WINDOWS\system32\pxinsi64.exe 2008-07-16 04:57 116,472 ------w D:\WINDOWS\system32\pxcpyi64.exe 2008-07-15 21:37 --------- d-----w D:\Documents and Settings\All Users\Application Data\FLEXnet 2008-07-15 21:11 --------- d-----w D:\Program Files\MUP RS 2008-07-15 02:46 --------- d-----w D:\Program Files\Common Files\Macrovision Shared 2008-07-07 20:26 253,952 ----a-w D:\WINDOWS\system32\es.dll 2008-06-24 16:43 74,240 ----a-w D:\WINDOWS\system32\mscms.dll 2008-06-24 16:12 295,936 ----a-w D:\WINDOWS\system32\wmpeffects.dll 2008-06-24 08:57 3,592,192 ------w D:\WINDOWS\system32\dllcache\mshtml.dll 2008-06-23 09:20 70,656 ------w D:\WINDOWS\system32\dllcache\ie4uinit.exe 2008-06-23 09:20 625,664 ------w D:\WINDOWS\system32\dllcache\iexplore.exe 2008-06-23 09:20 13,824 ------w D:\WINDOWS\system32\dllcache\ieudinit.exe 2008-06-21 05:23 161,792 ------w D:\WINDOWS\system32\dllcache\ieakui.dll 2008-06-20 17:46 245,248 ----a-w D:\WINDOWS\system32\mswsock.dll 2008-06-20 17:46 245,248 ------w D:\WINDOWS\system32\dllcache\mswsock.dll 2008-06-20 17:46 147,968 ------w D:\WINDOWS\system32\dllcache\dnsapi.dll 2008-06-20 11:51 361,600 ------w D:\WINDOWS\system32\dllcache\tcpip.sys 2008-06-20 11:40 138,496 ------w D:\WINDOWS\system32\dllcache\afd.sys 2008-06-20 11:08 225,856 ------w D:\WINDOWS\system32\dllcache\tcpip6.sys 2008-06-13 11:05 272,128 ------w D:\WINDOWS\system32\dllcache\bthport.sys 2008-02-27 10:42 32 ----a-w D:\Documents and Settings\All Users\Application Data\ezsid.dat 2008-05-24 02:15 32,768 --sha-w D:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008052420080525\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ViStart"="D:\Program Files\ViStart\ViStart" [X] "CTFMON.EXE"="D:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360] "VisualTaskTips"="D:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe" [2007-08-15 36352] "MsnMsgr"="D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "Sidebar"="D:\Program Files\Windows Sidebar\sidebar.exe" [2007-08-29 1232384] "SpybotSD TeaTimer"="D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-08-18 1832272] "VoipBuster"="D:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" [2008-01-17 8811824] "MSMSGS"="D:\Program Files\Messenger\msmsgs.exe" [2008-04-14 1695232] "NetMeter"="D:\Program Files\HooTech\NetMeter\HooNetMeter.exe" [2008-06-17 569344] "Google Update"="D:\Documents and Settings\AMDx64\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-03 133104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WINFLIP"="D:\Program Files\WinFlip\WinFlip.exe" [2007-11-02 462848] "UnlockerAssistant"="D:\Program Files\Unlocker\UnlockerAssistant.exe" [2006-09-07 15872] "DriveSpace"="D:\Program Files\Drive Space Indicator\DrvSpace.exe" [2007-11-10 247949] "LClock"="D:\Program Files\LClock\LClock.exe" [2004-09-19 65536] "tsnpstd3"="D:\WINDOWS\tsnpstd3.exe" [2007-03-30 262144] "Adobe Reader Speed Launcher"="D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "GrooveMonitor"="D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648] "avgnt"="D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-17 266497] "SunJavaUpdateSched"="D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "UpdReg"="D:\WINDOWS\UpdReg.EXE" [2000-05-11 90112] "Jet Detection"="D:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" [2001-11-29 28672] "EPoXUSDM"="D:\Program Files\EPoX\USDM\USDM.EXE" [2004-01-05 1016320] "WallCooler"="D:\Program Files\WallCooler\WallCoolerConsole.exe" [2008-06-20 328192] "Adobe Photo Downloader"="D:\Program Files\Adobe\Photoshop Elements 6ins\apdproxy.exe" [2007-09-11 67488] "snpstd3"="D:\WINDOWS\vsnpstd3.exe" [2006-09-18 843776] "HotKey"="D:\Program Files\HotKey\hotkey.exe" [2006-11-03 81920] "WINDVDPatch"="CTHELPER.EXE" [2002-07-02 D:\WINDOWS\system32\CTHELPER.EXE] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "ViStart"="D:\Program Files\ViStart\ViStart" [X] "CTFMON.EXE"="D:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360] "Sidebar"="D:\Program Files\Windows Sidebar\sidebar.exe" [2007-08-29 1232384] "VisualTaskTips"="D:\Program Files\Utilities\VisualTaskTips\VisualTaskTips.exe" [2007-08-15 36352] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_3"="advpack.dll" [2008-06-23 D:\WINDOWS\system32\advpack.dll] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "SynchronousMachineGroupPolicy"= 0 (0x0) "SynchronousUserGroupPolicy"= 0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMConfigurePrograms"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMConfigurePrograms"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "D:\\Program Files\\Psi\\psi.exe"= "D:\\Program Files\\BORGChat\\BORGChat.exe"= "D:\\Program Files\\FlashFXP\\FlashFXP.exe"= "D:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "D:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "D:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "D:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "D:\\Program Files\\Mozilla Firefox\\firefox.exe"= "D:\\Program Files\\map&guide\\map&guide base\\bin\\MGBase.exe"= "D:\\Program Files\\WallCooler\\WallCoolerService.exe"= "D:\\Program Files\\WallCooler\\WallCoolerConsole.exe"= "D:\\Documents and Settings\\AMDx64\\temp\\TeamViewer3\\TeamViewer.exe"= "J:\\BEA\\jrockit_150_11\\bin\\javaw.exe"= "J:\\BEA\\jdk150_11\\jre\\bin\\javaw.exe"= "J:\\BEA\\jrockit_150_11\\bin\\java.exe"= "D:\\WINDOWS\\system32\\LMabcoms.exe"= "J:\\server\\xampplite\\apache\\bin\\apache.exe"= "J:\\server\\xampplite\\mysql\\bin\\mysqld.exe"= "D:\\Documents and Settings\\AMDx64\\Desktop\\UsbWebserver_en\\UsbWebserver\\Apache\\bin\\httpd_usb.exe"= "D:\\Documents and Settings\\AMDx64\\Desktop\\UsbWebserver_en\\UsbWebserver\\Mysql\\bin\\mysqld-nt_usb.exe"= "D:\\Program Files\\VoipBuster.com\\VoipBuster\\VoipBuster.exe"= "D:\\Documents and Settings\\AMDx64\\Desktop\\Thunder\\FlashFXP.v3.6.0.1240.(zabranjeno)ed-NoPE\\FlashFXP.v3.6.0.1240.(zabranjeno)ed-NoPE\\NoPE\\FlashFXP.exe"= "D:\\Program Files\\Bonjour\\mDNSResponder.exe"= "D:\\WINDOWS\\system32\\ftp.exe"= "D:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP::Disabled:@xpsp2res.dll,-22009 R0 nvcchflt;NVIDIA Disk Cache Filter Driver;D:\WINDOWS\system32\DRIVERS\nvcchflt.sys [2006-02-26 16640] R1 VBoxDrv;VirtualBox Service;D:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2008-04-30 55424] R1 VBoxUSBMon;VirtualBox USB Monitor Driver;D:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2008-04-30 42048] R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;D:\Program Files\Adobe\Photoshop Elements 6ins\PhotoshopElementsFileAgent.exe [2007-09-11 124832] R2 PSI_SVC_2;Protexis Licensing V2;D:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632] R2 WallCoolerService;WallCoolerService;D:\Program Files\WallCooler\WallCoolerService.exe [2008-06-20 187904] R3 NPF;NetGroup Packet Filter Driver;D:\WINDOWS\system32\drivers\npf.sys [2007-06-29 42512] S2 aswFsBlk;aswFsBlk;D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [ ] S3 2WIREPCP;2Wire USB;D:\WINDOWS\system32\DRIVERS\2WirePCP.sys [2002-09-23 68672] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WudfServiceGroup REG_SZ hex(7):57,00,55,00,44,00,46,00,53,00,76,00,63,00,00,00,00,00 [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}] RUNDLL32 advpack.dll,LaunchINFSection Sidebar.inf,Register . Contents of the 'Scheduled Tasks' folder . - - - - ORPHANS REMOVED - - - - Notify-WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll . ------- Supplementary Scan ------- . FireFox -: Profile - D:\Documents and Settings\AMDx64\Application Data\Mozilla\Firefox\Profiles\ok6pvv0v.default\ FF -: plugin - D:\Documents and Settings\AMDx64\Local Settings\Application Data\Google\Update\1.2.131.11\npGoogleOneClick5.dll . *********************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-09-13 20:14:35 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfPf] "ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,57,00,75,00,64,00,66,00,50,00,66,00,2e,00,73,00,79,00,73,00,00,00" [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfRd] "ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,77,00,75,00,64,00,66,00,72,00,64,00,2e,00,73,00,79,00,73,00,00,00" [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfSvc] "ImagePath"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00" "ServiceDll"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,57,00,55,00,44,00,46,00,53,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00" [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfPf] "ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,57,00,75,00,64,00,66,00,50,00,66,00,2e,00,73,00,79,00,73,00,00,00" [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfRd] "ImagePath"="hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,00,49,00,56,00,45,00,52,00,53,00,5c,00,77,00,75,00,64,00,66,00,72,00,64,00,2e,00,73,00,79,00,73,00,00,00" [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfSvc] "ImagePath"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00" [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\WudfSvc] "ImagePath"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,6b,00,20,00,57,00,75,00,64,00,66,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,47,00,72,00,6f,00,75,00,70,00,00,00" "ServiceDll"="hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,57,00,55,00,44,00,46,00,53,00,76,00,63,00,2e,00,64,00,6c,00,6c,00,00,00" . Completion time: 2008-09-13 20:15:32 ComboFix-quarantined-files.txt 2008-09-13 18:15:25 ComboFix2.txt 2008-06-30 23:47:31 Pre-Run: 372,666,368 bytes free Post-Run: 655,183,872 bytes free 238 --- E O F --- 2008-09-12 01:01:10

Profil

dr_Bora Poslao: 14 Sep 2008 20:14 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ništa problematično ovde nema, tj. ništa maliciozno. Problematično možda i ima - čini se kao da neki sistemski file-ovi ne postoje (obrisani su ili oštećeni). Probaj da pokreneš System File Checker (Start> Run> sfc /scannow) ili odradi Repair Windowsa (ne mogu garantovati da će to da reši bilo koji od pomenutih problema).

Profil

][v][ A T R I X™ Poslao: 15 Sep 2008 18:01 Idi na vrh
offline ][v][ A T R I X™ Legendarni građanin Pridružio: 28 Apr 2005 Poruke: 3686 Gde živiš: The Circle	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala Boro na odgovorima. Sistem je svakako zreo za ubijanje, pa ce to da mu izleci sve muke Ali posto je pocelo pucanje odjednom, kao kula od karata poceli da se baguju prozori, procesi... pomislio sam na nesto maliciozno. Hvala jos jednom, Pozdrav. ][V][

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Poludeo nasminkani XP

Ko je trenutno na forumu

Ukupno su 1150 korisnika na forumu :: 39 registrovanih, 9 sakrivenih i 1102 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, ArchaBasha, babaroga, bbogdan, bobomicek, Bobrock1, branko7, cavatina, darcaud, DENIRO, dragoljub11987, Excalibur13, h8propaganda, HrcAk47, ILGromovnik, Još malo pa deda, Koridor, Kubovac, mackenzie, mercedesamg, micoboj, Milija.00, mnn2, MrNo, nemkea71, nikoladim, PetarNbgd, pirke96, predragc, procesor, sabros, sokojet, uruk, Valter071, Viktor Petrenko, Vlada78, vladaa012, zdrebac, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by