MyCity » Ambulanta -> Arhiva Ambulante » Provera USB-a i kompa!

Provera USB-a i kompa!

Napisano na dan: 9.3.2009

Strana:
1
2

Provera USB-a i kompa!

Sledeća strana

Pagination

Odgovori

Strana:
1
2

only me Poslao: 09 Mar 2009 16:32 Idi na vrh
offline only me Građanin Pridružio: 17 Jan 2009 Poruke: 49	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:58:46, on 9.3.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18241) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files\AskBarDis\bar\bin\AskService.exe C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\lxddcoms.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\ClearApps\PC Inventory Advisor\piaservice.exe C:\WINDOWS\system32\slserv.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\WINDOWS\VM_STI.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Lexmark 2500 Series\lxddamon.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\PROGRA~1\FREEDO~1\fdm.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Nesa Savkovic\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Program Files\Mozilla Firefox 3.1 Beta 2\firefox.exe C:\WINDOWS\system32\ntvdm.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\MODEM Mobile Connection\MODEM Mobile Connection.exe C:\Program Files\MODEM Mobile Connection\ejectdisk.exe C:\Documents and Settings\Nesa Savkovic\Desktop\GijackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks= R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com, R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL O2 - BHO: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Lexmark Toolbar - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NodLogin] C:\Program Files\ESET\ESET Smart Security\nodlogin.exe O4 - HKLM\..\Run: [TrialReset] C:\WINDOWS\fix.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [Launch Ai Booster] "C:\Program Files\ASUS\AI Booster\OverClk.exe" O4 - HKLM\..\Run: [lxddmon.exe] "C:\Program Files\Lexmark 2500 Series\lxddmon.exe" O4 - HKLM\..\Run: [lxddamon] "C:\Program Files\Lexmark 2500 Series\lxddamon.exe" O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart O4 - HKLM\..\Run: [SoundMax] "C:\Program Files\Analog Devices\SoundMAX\SMax4.exe" /tray O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [Free Download Manager] C:\PROGRA~1\FREEDO~1\fdm.exe -autorun O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Nesa Savkovic\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme O4 - HKCU\..\Run: [PerpetuumMobile] "C:\Program Files\Desktop Perpetuum Mobile\dpm.exe" /startup O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - Startup: Adobe Media Player.lnk = C:\Program Files\Adobe Media Player\Adobe Media Player.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: PalTalk.lnk = C:\Program Files\Paltalk Messenger\paltalk.exe O4 - Global Startup: TrayMin210.exe.lnk = ? O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.2.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{A25DE9A4-087E-453D-8B82-845A99DB4C94}: NameServer = 195.178.38.3 195.178.38.8 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe O23 - Service: Ehnarp - ESET - (no file) O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Google Update Service (gupdate1c987e3e6873e5e) (gupdate1c987e3e6873e5e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: lxddCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxddserv.exe O23 - Service: lxdd_device - - C:\WINDOWS\system32\lxddcoms.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Inventory Advisor Service by ClearApps Software (piaservice) - Unknown owner - C:\Program Files\ClearApps\PC Inventory Advisor\piaservice.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe -- End of file - 12045 bytes Dopuna: 09 Mar 2009 16:32 evo i usbnorisk loga: USBNoRisk by bobby Started at 9.3.2009 16:27:31 Scanning for connected USB Mass storage... ---------------------------------------- H: {1d2c058a-df68-11dd-9819-0018f3c235b9} I: {d5b62ee2-04c4-11de-9869-0018f3c235b9} ======================================== Scanning for other storage... ---------------------------------------- D: {d6c33998-d5c5-11dd-980b-806d6172696f} C: {debcf990-d597-11dd-a831-806d6172696f} ======================================== Scanning removable storage for autorun.inf and desktop.ini files... ---------------------------------------- Autorun.inf on H: - None ---------------------------------------- Sanitizing Shell Menu... ---------------------------------------- No key found for 1d2c058a-df68-11dd-9819-0018f3c235b9 ======================================== Autorun.inf on I: - None ---------------------------------------- Sanitizing Shell Menu... ---------------------------------------- No key found for d5b62ee2-04c4-11de-9869-0018f3c235b9 ======================================== ======================================== Desktop.ini on H: - None ---------------------------------------- desktop.ini found on I: ---------------------------------------- Content of I:\Vlasnik\GAMES\CS 1.6\CS 1.6\desktop.ini ---------------------------------------- [.ShellClassInfo] HTMLInfoTipFile=file://Comment.htt ConfirmFileOp = 0 ---------------------------------------- Files referenced from I:\Vlasnik\GAMES\CS 1.6\CS 1.6\desktop.ini ---------------------------------------- None ---------------------------------------- Content of I:\Vlasnik\GAMES\CS 1.6\desktop.ini ---------------------------------------- [.ShellClassInfo] HTMLInfoTipFile=file://Comment.htt ConfirmFileOp = 0 ---------------------------------------- Files referenced from I:\Vlasnik\GAMES\CS 1.6\desktop.ini ---------------------------------------- None ---------------------------------------- Content of I:\desktop.ini ---------------------------------------- [.ShellClassInfo] HTMLInfoTipFile=file://Comment.htt ConfirmFileOp = 0 ---------------------------------------- Files referenced from I:\desktop.ini ---------------------------------------- None ---------------------------------------- ======================================== Scanning fixed storage for autorun.inf files... ---------------------------------------- Autorun.inf on C: - None ---------------------------------------- Sanitizing Shell Menu... ---------------------------------------- No key found for C: No key found for debcf990-d597-11dd-a831-806d6172696f ======================================== Autorun.inf on D: - None ---------------------------------------- Sanitizing Shell Menu... ---------------------------------------- No key found for D: No key found for d6c33998-d5c5-11dd-980b-806d6172696f ======================================== ========================================

Profil

dr_Bora Poslao: 09 Mar 2009 17:21 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Pokreni ESET Smart Security/ESET NOD32 na sledeci nacin : Start>All Programs>ESET>ESET Smart Security ili pak ESET NOD32 Antivirus(ukoliko koristis samo Antivirus resenje). * Kada ti se otvori glavni prozor programa, klikni na Setup opciju sa leve strane prozora; * Izaberi Antivirus and antispyware opciju i klikni na Temporarily disable Antivirus and antispyware protection. * Na sledece pitanje klikni Yes. Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

only me Poslao: 09 Mar 2009 17:41 Idi na vrh
offline only me Građanin Pridružio: 17 Jan 2009 Poruke: 49	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! dok sam to radio pocele su da mi iskacu neke gluposti gde pise da kliknem don't send ili send! ComboFix 09-01-17.02 - Nesa Savkovic 2009-03-09 17:30:25.4 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1251.381.1033.18.1023.399 [GMT 1:00] Running from: c:\documents and settings\Nesa Savkovic\Desktop\ComboFix.exe AV: ESET Smart Security 3.0 On-access scanning disabled (Updated) FW: ESET Personal firewall enabled WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . - REDUCED FUNCTIONALITY MODE - . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\MyWebSearch c:\program files\MyWebSearch\bar\Settings\s_pid.dat c:\program files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL . ((((((((((((((((((((((((( Files Created from 2009-02-09 to 2009-03-09 ))))))))))))))))))))))))))))))) . 2009-05-16 17:44 . 2008-07-10 16:28 50,200 --a------ c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll 2009-05-16 17:14 . 2009-05-16 17:14 <DIR> d-------- c:\program files\Conduit 2009-05-16 17:06 . 2009-05-16 17:06 <DIR> d-------- c:\documents and settings\Nesa Savkovic\iq 2009-05-16 16:48 . 2009-05-16 16:48 <DIR> d-------- c:\program files\Astonsoft 2009-03-09 13:04 . 2009-03-09 13:04 <DIR> d-------- c:\windows\LastGood 2009-03-09 13:04 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll 2009-03-09 13:04 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll 2009-03-09 13:04 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui 2009-03-08 12:16 . 2009-03-09 12:52 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Tracing 2009-03-08 11:59 . 2009-03-08 11:59 <DIR> d-------- c:\program files\Windows Live SkyDrive 2009-03-08 11:59 . 2009-03-08 11:59 <DIR> d-------- c:\program files\Windows Live 2009-03-08 11:59 . 2009-03-08 11:59 <DIR> d-------- c:\program files\Microsoft 2009-03-08 11:52 . 2009-03-08 11:52 <DIR> d-------- c:\program files\Common Files\Windows Live 2009-03-01 17:19 . 2009-03-08 11:23 <DIR> d-------- c:\documents and settings\LocalService\Application Data\GameTracker 2009-03-01 16:57 . 2009-03-08 12:47 <DIR> d-------- c:\program files\Valve 2009-03-01 16:42 . 2009-03-01 16:56 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\Mount&Blade 2009-03-01 16:41 . 2009-03-01 16:41 <DIR> d-------- c:\windows\Logs 2009-03-01 16:40 . 2009-03-01 16:45 <DIR> d-------- c:\program files\Mount&Blade 2009-02-25 16:46 . 2007-02-25 15:36 383,238 --a------ c:\windows\system32\libmp3lame-0.dll 2009-02-24 22:19 . 2009-02-24 22:19 <DIR> d-------- c:\windows\Replay Converter 3 2009-02-24 22:19 . 2009-02-24 22:20 <DIR> d-------- c:\program files\Replay Converter 3 2009-02-24 21:56 . 2009-02-24 21:56 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 2009-02-24 19:54 . 2009-02-24 19:54 <DIR> d-------- C:\RAM Cheat 2009-02-19 21:55 . 2009-02-19 21:55 <DIR> d-------- c:\program files\Common Files\EasyInfo 2009-02-17 20:46 . 2005-01-31 15:05 17,920 --a------ c:\windows\system32\wnaspi32.dll 2009-02-17 19:38 . 2009-02-17 19:38 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\Kingston 2009-02-17 19:23 . 2009-02-26 22:12 <DIR> d-------- c:\program files\ISOpen 2009-02-17 19:13 . 2009-02-17 19:13 <DIR> d-------- c:\documents and settings\Nesa Savkovic\Application Data\Canneverbe_Limited 2009-02-17 18:50 . 2009-02-17 18:50 <DIR> d-------- c:\program files\Alcohol Soft 2009-02-14 15:21 . 2009-02-14 15:21 <DIR> dr------- c:\program files\Skype 2009-02-14 15:21 . 2009-02-14 15:21 <DIR> d-------- c:\program files\Common Files\Skype 2009-02-14 15:06 . 2009-02-14 15:06 <DIR> d-------- c:\program files\Common Files\Adobe AIR 2009-02-14 15:06 . 2009-02-14 15:06 <DIR> d-------- c:\program files\Adobe Media Player 2009-02-13 02:45 . 2009-02-13 02:45 1,060,864 --a------ c:\windows\system32\MFC71.dll 2009-02-13 02:45 . 2009-02-13 02:45 1,047,552 --a------ c:\windows\system32\MFC71u.dll 2009-02-12 22:01 . 2009-02-12 22:01 <DIR> d-------- c:\program files\Testovi Srpski 2009-02-09 19:16 . 2009-02-09 19:16 <DIR> d-------- c:\program files\Opera 2009-02-09 15:23 . 2009-02-09 15:23 <DIR> d-------- c:\program files\VaultMate . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-16 13:28 --------- d-----w c:\program files\Mozilla Thunderbird 2009-05-16 11:42 --------- d-----w c:\program files\Google 2009-03-09 16:29 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\Free Download Manager 2009-03-09 14:37 43,920 ----a-w c:\windows\AVI32HLM.DLL 2009-03-09 14:02 --------- d-----w c:\program files\Mozilla Firefox 3.1 Beta 2 2009-03-09 11:57 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\Skype 2009-03-08 19:06 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\skypePM 2009-03-01 19:09 --------- d-----w c:\program files\MODEM Mobile Connection 2009-03-01 15:57 --------- d--h--w c:\program files\InstallShield Installation Information 2009-03-01 12:19 --------- d-----w c:\program files\Winamp 2009-02-21 21:55 --------- d-----w c:\program files\Uniblue 2009-02-21 21:55 --------- d-----w c:\documents and settings\All Users\Application Data\DriverScanner 2009-02-19 08:46 --------- d-----w c:\program files\Flock 2009-02-19 08:46 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\Flock 2009-02-17 19:29 --------- d-----w c:\program files\THQ 2009-02-17 18:27 --------- d-----w c:\program files\Digsby 2009-02-15 18:46 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\Uniblue 2009-02-14 14:21 --------- d-----w c:\documents and settings\All Users\Application Data\Skype 2009-02-14 11:53 --------- d-----w c:\program files\Common Files\Wise Installation Wizard 2009-02-12 18:29 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-02-12 18:24 --------- d-----w c:\program files\Microsoft.NET 2009-02-12 18:24 --------- d-----w c:\program files\Microsoft SQL Server 2009-02-12 18:15 --------- d-----w c:\program files\Microsoft Visual Studio 9.0 2009-02-12 18:11 --------- d-----w c:\program files\CyberTime 2009-02-08 21:22 --------- d-----w c:\program files\ASUS 2009-02-07 20:59 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\Download Manager 2009-02-07 18:57 --------- d-----w c:\program files\Microsoft Synchronization Services 2009-02-07 18:56 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition 2009-02-07 18:52 --------- d-----w c:\program files\Microsoft SDKs 2009-02-07 17:20 --------- d-----w c:\program files\Common Files\Adobe 2009-02-07 11:48 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft 2009-02-06 23:35 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\Azureus 2009-02-06 23:10 --------- d-----w c:\program files\AskBarDis 2009-02-06 23:10 --------- d-----w c:\documents and settings\All Users\Application Data\Azureus 2009-02-06 19:47 --------- d-----w c:\program files\Apple Software Update 2009-02-06 19:47 --------- d-----w c:\documents and settings\All Users\Application Data\Apple 2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll 2009-02-05 23:42 --------- d-----w c:\program files\MSXML 4.0 2009-02-05 11:04 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\Media Player Classic 2009-02-04 19:54 --------- d-----w c:\program files\Samsung 2009-02-03 09:38 --------- d-----w c:\program files\Throttle 2009-02-01 17:14 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\DeepBurner 2009-02-01 10:04 --------- d-----w c:\program files\Microsoft Windows Vista Upgrade Advisor 2009-02-01 10:04 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Corporation 2009-02-01 09:36 --------- d-----w c:\program files\Microsoft Silverlight 2009-01-31 22:04 --------- d-----w c:\documents and settings\All Users\Application Data\SRS Labs 2009-01-31 22:03 --------- d-----w c:\program files\Common Files\Ahead 2009-01-31 22:03 --------- d-----w c:\program files\Ahead 2009-01-31 21:56 --------- d-----w c:\program files\Nero 2009-01-31 21:50 --------- d-----w c:\program files\Aheada 2009-01-31 21:34 --------- d-----w c:\program files\Swatians Team 2009-01-31 21:30 --------- d-----w c:\program files\Common Files\Nero 2009-01-31 21:29 --------- d-----w c:\documents and settings\All Users\Application Data\Nero 2009-01-31 16:53 19,039 ----a-w c:\windows\system32\drivers\GVTDrv.sys 2009-01-30 21:46 --------- d-----w c:\program files\GetRight 2009-01-25 00:07 --------- d-----w c:\program files\AC3Filter 2009-01-24 23:45 --------- d-----w c:\program files\Safari 2009-01-24 23:45 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\Apple Computer 2009-01-24 23:23 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-01-24 16:16 --------- d-----w c:\program files\Common Files\SWF Studio 2009-01-23 21:33 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\dvdcss 2009-01-22 18:41 --------- d-----w c:\program files\Common Files\DirectX 2009-01-19 22:17 --------- d-----w c:\program files\ClearApps 2009-01-19 22:15 --------- d-----w c:\program files\SpeedFan 2009-01-18 22:23 86,016 ----a-w c:\windows\system32\OpenAL32.dll 2009-01-18 22:23 262,144 ----a-w c:\windows\system32\wrap_oal.dll 2009-01-18 22:21 --------- d-----w c:\program files\Futuremark 2009-01-17 21:24 32,223,214 ------w c:\windows\wmp12.exe 2009-01-17 18:24 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\Malwarebytes 2009-01-17 18:24 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes 2009-01-17 16:44 65,536 ----a-w c:\windows\IFinst27.exe 2009-01-17 15:30 --------- d-----w c:\program files\MSBuild 2009-01-17 15:25 --------- d-----w c:\program files\MSXML 6.0 2009-01-17 13:09 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\Nero 2009-01-17 11:05 --------- d-----w c:\program files\vghd 2009-01-16 22:26 --------- d-----w c:\program files\K-Lite Codec Pack 2009-01-16 18:35 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\FaxCtr 2009-01-16 16:45 --------- d-----w c:\program files\Common Files\Adobe Systems Shared 2009-01-16 16:45 --------- d-----w c:\documents and settings\All Users\Application Data\Macrovision 2009-01-16 14:01 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\vghd 2009-01-16 13:54 152,904 ----a-w c:\windows\system32\vghd.scr 2009-01-15 14:23 --------- d-----w c:\program files\Steam 2009-01-15 00:07 98,304 ----a-w c:\windows\system32\CmdLineExt.dll 2009-01-14 23:38 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\MAGIX 2009-01-14 23:38 --------- d-----w c:\documents and settings\All Users\Application Data\MAGIX 2009-01-14 23:37 --------- d-----w c:\program files\MAGIX 2009-01-14 23:37 --------- d-----w c:\program files\Common Files\MAGIX Shared 2009-01-14 20:24 --------- d-----w c:\program files\Paltalk Messenger 2009-01-14 20:24 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\Paltalk 2009-01-14 14:27 --------- d-----w c:\documents and settings\All Users\Application Data\Acronis 2009-01-14 00:16 --------- d-----w c:\program files\DAP 2009-01-13 22:02 --------- d-----w c:\program files\Readon Technology 2009-01-13 21:07 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\VoipDiscount 2009-01-13 18:07 --------- d-----w c:\program files\Skyler Lyon 2009-01-13 17:41 --------- d-----w c:\program files\Innovative Solutions 2009-01-13 17:34 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\Anonymizer 2009-01-13 17:33 --------- d-----w c:\documents and settings\All Users\Application Data\Anonymizer 2009-01-13 14:25 --------- d-----w c:\program files\Reference Assemblies 2009-01-13 14:14 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\DAEMON Tools Lite 2009-01-13 14:13 --------- d-----w c:\documents and settings\Nesa Savkovic\Application Data\DAEMON Tools Pro . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2008-12-09 18:40 333192 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-12-09 333192] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Free Download Manager"="c:\progra~1\FREEDO~1\fdm.exe" [2009-01-02 3399727] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "Google Update"="c:\documents and settings\Nesa Savkovic\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-02-09 133104] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-01-29 23975720] "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-11-23 203720] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NodLogin"="c:\program files\ESET\ESET Smart Security\nodlogin.exe" [2008-06-19 358632] "TrialReset"="c:\windows\fix.exe" [2008-04-28 208353] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-15 13680640] "TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2007-10-30 2595616] "AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2007-10-30 909208] "Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2007-10-30 140568] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-08 136600] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-06-10 1447168] "BigDogPath"="c:\windows\VM_STI.EXE" [2004-06-09 40960] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-18 925696] "Launch Ai Booster"="c:\program files\ASUS\AI Booster\OverClk.exe" [2006-07-24 3712512] "lxddmon.exe"="c:\program files\Lexmark 2500 Series\lxddmon.exe" [2007-06-11 291760] "lxddamon"="c:\program files\Lexmark 2500 Series\lxddamon.exe" [2007-04-30 20480] "FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2007-06-11 312240] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-01-12 185872] "googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2008-05-09 155648] "NeroCheck"="c:\windows\system32\NeroCheck.exe" [2008-05-09 155648] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 c:\windows\system32\HdAShCut.exe] "nwiz"="nwiz.exe" [2009-01-15 c:\windows\system32\nwiz.exe] "NvMediaCenter"="NvMCTray.dll" [2009-01-15 c:\windows\system32\nvmctray.dll] c:\documents and settings\Nesa Savkovic\Start Menu\Programs\Startup\ Adobe Media Player.lnk - c:\program files\Adobe Media Player\Adobe Media Player.exe [2009-02-14 261120] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegedit"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.divxa32"= msaud32_divx.acm "msacm.ac3filter"= ac3filter.acm [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] --a------ 2009-01-15 08:19 13680640 c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "c:\\WINDOWS\\system32\\lxddcoms.exe"= "c:\\Program Files\\Lexmark 2500 Series\\lxddamon.exe"= "c:\\Program Files\\Lexmark 2500 Series\\App4R.exe"= "c:\\Documents and Settings\\Nesa Savkovic\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"= "c:\\Documents and Settings\\Nesa Savkovic\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxddjswx.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Lexmark 2500 Series\\lxddmon.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "2815:TCP"= 2815:TCP::Disabled:SolidNetworkManager "2815:UDP"= 2815:UDP::Disabled:SolidNetworkManager [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) R4 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [2009-02-07 464264] R4 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [2009-02-07 234888] R4 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2008-06-10 468224] R4 lxdd_device;lxdd_device;c:\windows\system32\lxddcoms.exe -service --> c:\windows\system32\lxddcoms.exe -service [?] R4 piaservice;PC Inventory Advisor Service by ClearApps Software;c:\program files\ClearApps\PC Inventory Advisor\piaservice.exe [2008-12-15 446464] S3 cpuz130;cpuz130;\??\c:\docume~1\NESASA~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\NESASA~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?] S3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [2009-01-15 544768] S4 gupdate1c987e3e6873e5e;Google Update Service (gupdate1c987e3e6873e5e);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-05 133104] S4 lxddCATSCustConnectService;lxddCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxddserv.exe [2009-01-10 99248] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] \Shell\AutoRun\command - e:\autorun\mikro.exe index.html . Contents of the 'Scheduled Tasks' folder 2009-03-05 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2009-03-09 c:\windows\Tasks\GoogleUpdateTaskMachine.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-05 23:48] 2009-03-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-1425521274-839522115-1003.job - c:\documents and settings\Nesa Savkovic\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-09 17:36] 2009-05-16 c:\windows\Tasks\User_Feed_Synchronization-{EFE6DB31-551B-458A-B3E5-2F7509E8D4CD}.job - c:\windows\system32\msfeedssync.exe [2008-08-22 03:05] . - - - - ORPHANS REMOVED - - - - HKCU-Run-SRS Audio Sandbox - c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe HKCU-Run-PerpetuumMobile - c:\program files\Desktop Perpetuum Mobile\dpm.exe HKCU-Run-Uniblue RegistryBooster 2009 - c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe . ------- Supplementary Scan ------- . uInternet Settings,ProxyServer = socks= uInternet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com, IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Download all with Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm IE: Download selected with Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm IE: Download video with Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm IE: Download with Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 c:\windows\Downloaded Program Files\Manager.exe - c:\windows\Downloaded Program Files\DownloadManagerV2.ocx O16 -: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.2.cab c:\windows\Downloaded Program Files\DownloadManagerV2.inf FF - ProfilePath - c:\documents and settings\Nesa Savkovic\Application Data\Mozilla\Firefox\Profiles\ef28r5vq.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php?ref=logo#/home.php?ref=logo\|http://www.google.rs/ FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - component: c:\documents and settings\Nesa Savkovic\Application Data\Mozilla\Firefox\Profiles\ef28r5vq.default\extensions\piclens@cooliris.com\components\coolirisstub.dll FF - component: c:\program files\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - plugin: c:\documents and settings\Nesa Savkovic\Application Data\Mozilla\Firefox\Profiles\ef28r5vq.default\extensions\SolidStateION@solidstatenetworks.com\plugins\npssn.dll FF - plugin: c:\documents and settings\Nesa Savkovic\Application Data\Mozilla\plugins\npgoogletalk.dll FF - plugin: c:\documents and settings\Nesa Savkovic\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll FF - plugin: c:\program files\Mozilla Firefox 3.1 Beta 2\plugins\npOGAPlugin.dll FF - plugin: c:\program files\Mozilla Firefox 3.1 Beta 2\plugins\npvlc.dll ---- FIREFOX POLICIES ---- user_pref('capability.policy.policynames', 'localfilelinks');user_pref('capability.policy.localfilelinks.sites', 'hxxp://www.webmynd.com google.com');user_pref('capability.policy.localfilelinks.checkloaduri.enabled', 'allAccess');. ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-03-09 17:31:59 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... c:\docume~1\NESASA~1\LOCALS~1\Temp\101F9FE.dmp 33379 bytes c:\docume~1\NESASA~1\LOCALS~1\Temp\f1e1_appcompat.txt 5120 bytes scan completed successfully hidden files: 2 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'lsass.exe'(1268-) c:\windows\system32\relog_ap.dll . Completion time: 2009-03-09 17:33:28 ComboFix-quarantined-files.txt 2009-03-09 16:33:14 Pre-Run: 11.840.045.056 bytes free Post-Run: 14,816,952,320 bytes free 316 --- E O F --- 2009-02-25 19:57:16

Profil

dr_Bora Poslao: 09 Mar 2009 18:18 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pisalo je da skineš program sa nekog od datih linkova, a ne da koristiš verziju staru gotovo dva meseca. Zar ne? Anyway, ovde nema malware-a. Klikni Start, Run pa copy/paste sledeće: combofix /u

Profil

only me Poslao: 09 Mar 2009 18:25 Idi na vrh
offline only me Građanin Pridružio: 17 Jan 2009 Poruke: 49	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ma,znam da nema zaraze na kompu...mislio sam na zarazu na flashu! eovo usbnorisk loga: USBNoRisk by bobby Started at 9.3.2009 18:20:53 Scanning for connected USB Mass storage... ---------------------------------------- H: {1d2c058a-df68-11dd-9819-0018f3c235b9} I: {d5b62ee2-04c4-11de-9869-0018f3c235b9} ======================================== Scanning for other storage... ---------------------------------------- D: {d6c33998-d5c5-11dd-980b-806d6172696f} C: {debcf990-d597-11dd-a831-806d6172696f} ======================================== Scanning removable storage for autorun.inf and desktop.ini files... ---------------------------------------- Autorun.inf on H: - None ---------------------------------------- Sanitizing Shell Menu... ---------------------------------------- No key found for 1d2c058a-df68-11dd-9819-0018f3c235b9 ======================================== Autorun.inf on I: - None ---------------------------------------- Sanitizing Shell Menu... ---------------------------------------- No key found for d5b62ee2-04c4-11de-9869-0018f3c235b9 ======================================== ======================================== Desktop.ini on H: - None ---------------------------------------- desktop.ini found on I: ---------------------------------------- Content of I:\Vlasnik\GAMES\CS 1.6\CS 1.6\desktop.ini ---------------------------------------- [.ShellClassInfo] HTMLInfoTipFile=file://Comment.htt ConfirmFileOp = 0 ---------------------------------------- Files referenced from I:\Vlasnik\GAMES\CS 1.6\CS 1.6\desktop.ini ---------------------------------------- None ---------------------------------------- Content of I:\Vlasnik\GAMES\CS 1.6\desktop.ini ---------------------------------------- [.ShellClassInfo] HTMLInfoTipFile=file://Comment.htt ConfirmFileOp = 0 ---------------------------------------- Files referenced from I:\Vlasnik\GAMES\CS 1.6\desktop.ini ---------------------------------------- None ---------------------------------------- Content of I:\desktop.ini ---------------------------------------- [.ShellClassInfo] HTMLInfoTipFile=file://Comment.htt ConfirmFileOp = 0 ---------------------------------------- Files referenced from I:\desktop.ini ---------------------------------------- None ---------------------------------------- ======================================== Scanning fixed storage for autorun.inf files... ---------------------------------------- Autorun.inf on C: - None ---------------------------------------- Sanitizing Shell Menu... ---------------------------------------- No key found for C: No key found for debcf990-d597-11dd-a831-806d6172696f ======================================== Autorun.inf on D: - None ---------------------------------------- Sanitizing Shell Menu... ---------------------------------------- No key found for D: No key found for d6c33998-d5c5-11dd-980b-806d6172696f ======================================== ========================================

Profil

dr_Bora Poslao: 09 Mar 2009 18:48 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zbog čega misliš da nešto postoji na flash-u? Hajde da proverimo nešto. Prikaži skrivene file-ove: http://www.mycity.rs/Uputstva/Kako-videti-skrivene-fajlove.html Na tom flashu na kome ti se nalaze igre (GAMES\CS 1.6) potraži file: Comment.htt Nalazi se na root-u (odmah čim otvoriš flash).

Profil

only me Poslao: 09 Mar 2009 19:00 Idi na vrh
offline only me Građanin Pridružio: 17 Jan 2009 Poruke: 49	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! nema........... Dopuna: 09 Mar 2009 18:59 meni je neko od moderatora na forumu rekao da na hlashu imam Rays crva i da mi je verovatno ceo hard disk zarazen! Dopuna: 09 Mar 2009 19:00 *flashu!!!!!!

Profil

dr_Bora Poslao: 09 Mar 2009 19:11 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jasno mi je o čemu se radi i zašto ti je to rečeno (ima veze sa file-om comment.htt). Ali ja ovde ne vidim malware. Možeš još jedino obrisati file desktop.ini koji se nalazi na flashu.

Profil

only me Poslao: 09 Mar 2009 19:18 Idi na vrh
offline only me Građanin Pridružio: 17 Jan 2009 Poruke: 49	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! obrisao sam...a jel je ozbiljno nesto? jel mi je zarazen hard disk?

Profil

dr_Bora Poslao: 09 Mar 2009 19:28 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Smatram da nije. Kao što rekoh, ovde ne vidim tragove malware-a.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Provera USB-a i kompa!

Ko je trenutno na forumu

Ukupno su 1113 korisnika na forumu :: 53 registrovanih, 10 sakrivenih i 1050 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, babaroga, bestguarder, BraneS, bufanje, Centauro, cikadeda, dankisha, DejanSt, dekan.m, Denaya, djboj, djordje92sm, doloress, Dorcolac, Džordžino, goranperović66, goxin, HogarStrashni, JOntra, jukeboxer, Karla, Komentator, Koridor, Leonov, maiden6657, mean_machine, mercedesamg, Mi lao shu, mile23, milenko crazy north, mkukoleca, moldway, nebojsag, Nemanja.M, Panter, raptorsi, sabros, sasa87, Shinobi, solic, StefanNBG90, Stoilkovic, Tvrtko I, UAV operator, vathra, Viktor Petrenko, virked, vukovi, wizzardone, wolverined4, Žrnov, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by