MyCity » Ambulanta -> Arhiva Ambulante » Spyware Doctor detektovao a ne znam kako da izbrišem ...

Spyware Doctor detektovao a ne znam kako da izbrišem ...

Napisano na dan: 2.11.2009

Spyware Doctor detektovao a ne znam kako da izbrišem ...

Sledeća strana

Pagination

Odgovori

nadalina75 Poslao: 02 Nov 2009 12:38 Idi na vrh
offline nadalina75 Građanin Pridružio: 30 Okt 2009 Poruke: 59 Gde živiš: Sombor	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo mog problema,ne znam kako da uklonim ove silne viruse i ostalo.Nod 32 ih nije detektovao pri skeniranju,ali spyware doctor jeste

Profil

diarno Poslao: 02 Nov 2009 12:53 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jel ti ja dadoh upute u onoj temi? http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Profil

nadalina75 Poslao: 02 Nov 2009 18:03 Idi na vrh
offline nadalina75 Građanin Pridružio: 30 Okt 2009 Poruke: 59 Gde živiš: Sombor	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 02 Nov 2009 13:00 Izvinjavam se ,odradiću sve po propisu malo kasnije ,sada nemam vremena. Hvala Dopuna: 02 Nov 2009 18:03 Danas sam instalirala Spyware Doctor i nakon skeniranja otkrio je veliki broj virusa i ostalih infekcija na računaru.Antivirus program koji koristim je NOD 32 i on nije registrovao ni jednu od ovih pretnji. Ovako izgleda prozor sa infekcijama Pokušala sam da otvorim Fix Checked polje,ali dobijem ovu ponudu da kupim registraciju i ne mogu da izbrišem sve ove pretnje. Zbog toga vas molim za pomoć jer ne znam kako da ih izbrišem. Imam 32 bitni windows,wireless konekciju brzine 256Kb/s ,paket flat@home. DDS DDS (Ver_09-10-26.01) - NTFSx86 Run by sara david at 16:33:15.81 on 02/11/2009 Internet Explorer: 6.0.2900.3300 BrowserJavaVersion: 1.6.0_16 Microsoft Windows XP Professional 5.1.2600.3.1256.44.1033.18.1022.426 [GMT 2:00] AV: ESET NOD32 Antivirus 3.0 On-access scanning enabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch C:\WINDOWS\system32\svchost -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\Explorer.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\IncrediMail\bin\IMApp.exe C:\WINDOWS\system32\svchost.exe -k LocalService C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdmserv.exe C:\WINDOWS\system32\lxdmcoms.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\Documents and Settings\sara david\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\sara david\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\sara david\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\sara david\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\WINDOWS\system32\SearchFilterHost.exe C:\Documents and Settings\sara david\My Documents\Downloads\dds.scr C:\WINDOWS\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = about:blank uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie uDefault_Search_URL = hxxp://www.google.com/ie mDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s mSearchAssistant = hxxp://www.google.com/ie uURLSearchHooks: TorrentReactor.Net Toolbar: {b23920f4-4c2f-412b-9450-1d7028d5454e} - c:\program files\torrentreactor.net\tbTor1.dll mWinlogon: Shell=Explorer.exe c:\windows\config\csrss.exe mWinlogon: SfcDisable=-99 (0xffffff9d) BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~1\office12\GRA8E1~1.DLL BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\swg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll TB: TorrentReactor.Net Toolbar: {b23920f4-4c2f-412b-9450-1d7028d5454e} - c:\program files\torrentreactor.net\tbTor1.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - c:\program files\lexmark toolbar\toolband.dll uRun: [IncrediMail] c:\program files\incredimail\bin\IncMail.exe /c uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Google Update] "c:\documents and settings\sara david\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe" uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N StartupFolder: c:\docume~1\sarada~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Customize Translation Options - c:\program files\promt98\promtie4\options.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000 IE: Search the Web - c:\program files\promt98\promtie4\search.htm IE: Translate - c:\program files\promt98\promtie4\translat.htm IE: Translate in R-Express - c:\program files\promt98\promtie4\wts.htm IE: Translate in WebView - c:\program files\promt98\promtie4\webview.htm IE: Translate page - c:\program files\promt98\promtie4\page.htm IE: {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - c:\program files\promt98\promtie4\promtie5.htm IE: {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - c:\program files\promt98\promtie4\options.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~1\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab TCP: {B9B1E1B8-78AD-41EF-B7F1-4D5F72054E5E} = 10.238.120.254 89.216.43.2 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~1\office12\GR99D3~1.DLL Notify: Antiwpa - antiwpa.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~1\office12\GRA8E1~1.DLL SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\sarada~1\applic~1\mozilla\firefox\profiles\8zgharg4.default\ FF - prefs.js: browser.search.selectedEngine - MyStart Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.hu/firefox?client=firefox-a&rls=org.mozilla:en-US:official FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar&search= FF - plugin: c:\documents and settings\sara david\local settings\application data\google\update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\microsoft\office live\npOLW.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} ============= SERVICES / DRIVERS =============== R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-11-2 207280] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-7-1 34312] R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/06/24 23:14:41];c:\program files\cyberlink\powerdvd9\000.fcl [2009-5-7 87536] R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\spyware doctor\bdt\BDTUpdateService.exe [2009-11-2 112592] R2 ekrn;Eset Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2008-7-1 468224] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-5-17 55152] R2 lxdm_device;lxdm_device;c:\windows\system32\lxdmcoms.exe -service --> c:\windows\system32\lxdmcoms.exe -service [?] R2 lxdmCATSCustConnectService;lxdmCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdmserv.exe [2009-10-29 99248] R2 NetService;NetServices;c:\program files\common files\services\netservices.exe [2008-10-6 36864] R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2009-11-2 358600] R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-1-14 226656] S2 FlexService;Remote Connections Service;"c:\program files\rapidbit\cisvc.exe" --> c:\program files\rapidbit\cisvc.exe [?] S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2001-8-23 3584] S3 fsssvc;Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2009-2-6 533360] =============== Created Last 30 ================ 2009-11-02 09:08:37 882 ----a-w- c:\windows\RegSDImport.xml 2009-11-02 09:08:37 880 ----a-w- c:\windows\RegISSImport.xml 2009-11-02 09:08:37 767952 ----a-w- c:\windows\BDTSupport.dll 2009-11-02 09:08:37 149456 ----a-w- c:\windows\SGDetectionTool.dll 2009-11-02 09:08:37 131 ----a-w- c:\windows\IDB.zip 2009-11-02 09:08:36 165840 ----a-w- c:\windows\PCTBDRes.dll 2009-11-02 09:08:36 1636304 ----a-w- c:\windows\PCTBDCore.dll 2009-11-02 09:08:36 1152470 ----a-w- c:\windows\UDB.zip 2009-11-02 08:38:08 7387 ----a-w- c:\windows\system32\drivers\pctgntdi.cat 2009-11-02 08:38:08 229304 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2009-11-02 08:38:02 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2009-11-02 08:38:02 7412 ----a-w- c:\windows\system32\drivers\PCTAppEvent.cat 2009-11-02 08:38:02 7383 ----a-w- c:\windows\system32\drivers\pctcore.cat 2009-11-02 08:38:02 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2009-11-02 08:37:53 7383 ----a-w- c:\windows\system32\drivers\pctplsg.cat 2009-11-02 08:37:53 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2009-11-02 08:37:35 0 d-----w- c:\program files\Spyware Doctor 2009-11-02 08:37:35 0 d-----w- c:\program files\common files\PC Tools 2009-11-02 08:37:35 0 d-----w- c:\docume~1\sarada~1\applic~1\PC Tools 2009-11-02 08:37:35 0 d-----w- c:\docume~1\alluse~1\applic~1\PC Tools 2009-10-31 19:20:20 0 d-----w- c:\program files\SystemRequirementsLab 2009-10-31 11:49:34 5953546 ----a-w- C:\AutoRuns1.arn 2009-10-31 11:48:08 237442 ----a-w- C:\AutoRuns.zip 2009-10-31 11:35:50 5953546 ----a-w- C:\AutoRuns.arn 2009-10-31 11:30:39 669032 ----a-w- C:\autoruns.exe 2009-10-31 11:30:39 559976 ----a-w- C:\autorunsc.exe 2009-10-31 11:30:39 48904 ----a-w- C:\autoruns.chm 2009-10-29 19:11:13 518 ----a-w- c:\windows\system32\wul.cfg 2009-10-29 13:07:07 40960 ----a-w- c:\windows\system32\lxdmvs.dll 2009-10-29 13:06:58 348160 ----a-w- c:\windows\system32\lxdmcoin.dll 2009-10-29 13:06:11 65536 ----a-w- c:\windows\system32\lxdmcaps.dll 2009-10-29 13:06:10 692224 ----a-w- c:\windows\system32\lxdmdrs.dll 2009-10-29 13:06:09 69632 ----a-w- c:\windows\system32\lxdmcnv4.dll 2009-10-29 13:05:44 45056 ----a-w- c:\windows\system32\LXDMPMON.DLL 2009-10-29 13:05:44 32768 ----a-w- c:\windows\system32\LXDMFXPU.DLL 2009-10-29 13:05:24 69632 ----a-w- c:\windows\system32\lxdmoem.dll 2009-10-29 13:05:23 0 d-----w- c:\docume~1\alluse~1\applic~1\5000 Series 2009-10-29 13:04:21 0 d-----w- c:\program files\Abbyy FineReader 6.0 Sprint 2009-10-29 13:03:52 740 ----a-w- C:\Lexmark Productivity Studio - 5000 Series.LNK 2009-10-29 13:00:17 1645320 ----a-w- c:\windows\system32\gdiplus.dll 2009-10-29 12:59:04 0 d-----w- c:\program files\Lexmark 5000 Series 2009-10-29 12:42:59 0 d-----w- c:\program files\Lexmark Toolbar 2009-10-29 12:36:52 0 d-----w- c:\docume~1\sarada~1\applic~1\Lexmark Productivity Studio 2009-10-29 12:35:40 0 d-----w- c:\documents and settings\all users\Lx_cats 2009-10-29 12:35:22 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys 2009-10-29 12:35:10 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2009-10-27 16:58:02 0 d-----w- c:\docume~1\sarada~1\applic~1\5000 Series 2009-10-27 16:00:10 0 d-----w- C:\logs 2009-10-27 15:59:26 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys 2009-10-27 15:59:16 87040 ----a-w- c:\windows\system32\wiafbdrv.dll 2009-10-27 15:58:20 98345 ----a-w- c:\windows\system32\IMHOST32.DLL 2009-10-27 15:58:20 98304 ----a-w- c:\windows\system32\IM31XPNG.DEL 2009-10-27 15:58:20 69632 ----a-w- c:\windows\system32\IM31XTIF.DEL 2009-10-27 15:58:20 49152 ----a-w- c:\windows\system32\IM31IMG.DIL 2009-10-27 15:58:20 339968 ----a-w- c:\windows\system32\IMGMAN32.DLL 2009-10-26 10:55:33 568 ---ha-w- c:\windows\nod32fixtemdono.reg 2009-10-26 08:30:55 0 d-sh--w- c:\documents and settings\sara david\PrivacIE 2009-10-26 08:19:45 0 d-sh--w- c:\documents and settings\sara david\IETldCache 2009-10-26 08:13:38 12800 ------w- c:\windows\system32\dllcache\xpshims.dll 2009-10-26 08:13:37 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll 2009-10-26 08:13:37 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll 2009-10-26 08:13:36 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll 2009-10-26 08:13:36 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll 2009-10-26 08:13:34 11069440 ------w- c:\windows\system32\dllcache\ieframe.dll 2009-10-26 08:13:30 0 d-----w- c:\windows\ie8updates 2009-10-26 08:13:26 100352 ------w- c:\windows\system32\dllcache\iecompat.dll 2009-10-26 08:12:47 81920 ----a-w- c:\windows\system32\ieencode.dll 2009-10-25 21:08:50 0 d-----w- c:\docume~1\sarada~1\applic~1\ESET 2009-10-24 19:25:32 156672 ----a-w- c:\windows\system32\rmc_fixasf.exe 2009-10-24 19:25:30 237568 ----a-w- c:\windows\system32\rmc_rtspdl.dll 2009-10-24 19:23:55 0 d-----w- c:\windows\Replay Media Catcher 2009-10-24 19:23:55 0 d-----w- c:\program files\Replay Media Catcher 2009-10-03 18:43:18 31732 ----a-w- c:\windows\system32\SEBRS___.TTF 2009-10-03 18:43:18 109472 ----a-w- c:\windows\system32\Sebran3_.ttf 2009-10-03 18:43:18 0 d-----w- c:\program files\Sebran ==================== Find3M ==================== 2017-01-02 10:43:38 77176 ----a-w- c:\windows\fonts\SC_OUHOD.ttf 2016-12-30 15:05:20 66792 ----a-w- c:\windows\fonts\SC_SHARJAH.ttf 2016-12-30 15:02:04 75820 ----a-w- c:\windows\fonts\SC_DUBAI.ttf 2016-12-30 11:32:46 90072 ----a-w- c:\windows\fonts\SC_REHAN.ttf 2016-12-30 11:01:32 70368 ----a-w- c:\windows\fonts\SC_AMEEN.ttf 2016-12-30 05:04:06 66852 ----a-w- c:\windows\fonts\SC_LUJAYN.ttf 2016-12-30 05:03:40 64908 ----a-w- c:\windows\fonts\SC_KHALID.ttf 2016-12-30 05:03:02 63168 ----a-w- c:\windows\fonts\SC_HANI.ttf 2016-12-30 05:02:28 81648 ----a-w- c:\windows\fonts\SC_GULF.ttf 2016-12-30 05:00:56 86304 ----a-w- c:\windows\fonts\SC_ALYERMOOK.ttf 2009-09-27 20:20:13 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-09-11 14:18:39 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-11 14:18:39 136192 ------w- c:\windows\system32\dllcache\msv1_0.dll 2009-09-04 21:03:36 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-09-04 21:03:36 58880 ------w- c:\windows\system32\dllcache\msasn1.dll 2009-08-26 08:00:21 247326 ----a-w- c:\windows\system32\strmdll.dll 2009-08-26 08:00:21 247326 ------w- c:\windows\system32\dllcache\strmdll.dll 2009-08-13 15:16:05 512000 ----a-w- c:\windows\system32\dllcache\jscript.dll 2009-08-05 09:01:48 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-08-05 09:01:48 204800 ------w- c:\windows\system32\dllcache\mswebdvd.dll 2009-08-04 18:44:46 2189184 ----a-w- c:\windows\system32\ntoskrnl.exe 2009-08-04 18:44:46 2189184 ------w- c:\windows\system32\dllcache\ntoskrnl.exe 2009-08-04 15:13:08 2145280 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe ============= FINISH: 16:34:14.68 =============== mycity.rs/must-login.png GMER1 mycity.rs/must-login.png GMER2 mycity.rs/must-login.png GMER3 mycity.rs/must-login.png Nadam se da sam sve dobro odradila. Hvala unapred.

Profil

diarno Poslao: 02 Nov 2009 18:45 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

nadalina75 Poslao: 02 Nov 2009 19:53 Idi na vrh
offline nadalina75 Građanin Pridružio: 30 Okt 2009 Poruke: 59 Gde živiš: Sombor	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-11-01.04 - sara david 02/11/2009 19:31.2.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1256.44.1033.18.1022.435 [GMT 2:00] Running from: c:\documents and settings\sara david\My Documents\Downloads\ComboFix.exe AV: ESET NOD32 Antivirus 3.0 On-access scanning disabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_NETSERVICE -------\Service_NetService ((((((((((((((((((((((((( Files Created from 2009-10-02 to 2009-11-02 ))))))))))))))))))))))))))))))) . 2009-11-02 17:41 . 2009-11-02 17:41 -------- d-----w- c:\windows\system32\xircom 2009-11-02 17:41 . 2009-11-02 17:41 -------- d-----w- c:\windows\system32\wbem\snmp 2009-11-02 17:41 . 2009-11-02 17:41 -------- d-----w- c:\windows\srchasst 2009-11-02 17:41 . 2009-11-02 17:41 -------- d-----w- c:\program files\microsoft frontpage 2009-11-02 09:08 . 2009-10-08 09:31 149456 ----a-w- c:\windows\SGDetectionTool.dll 2009-11-02 09:08 . 2009-10-08 09:31 767952 ----a-w- c:\windows\BDTSupport.dll 2009-11-02 09:08 . 2008-11-26 10:08 131 ----a-w- c:\windows\IDB.zip 2009-11-02 09:08 . 2009-10-08 09:31 165840 ----a-w- c:\windows\PCTBDRes.dll 2009-11-02 09:08 . 2009-10-08 09:31 1636304 ----a-w- c:\windows\PCTBDCore.dll 2009-11-02 09:08 . 2009-10-02 12:19 1152470 ----a-w- c:\windows\UDB.zip 2009-11-02 08:38 . 2009-09-24 06:55 229304 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2009-11-02 08:38 . 2009-10-06 14:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2009-11-02 08:38 . 2009-09-23 14:10 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2009-11-02 08:37 . 2009-09-03 07:45 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2009-11-02 08:37 . 2009-11-02 17:40 -------- d-----w- c:\program files\Spyware Doctor 2009-11-02 08:37 . 2009-11-02 09:08 -------- d-----w- c:\program files\Common Files\PC Tools 2009-11-02 08:37 . 2009-11-02 08:37 -------- d-----w- c:\documents and settings\sara david\Application Data\PC Tools 2009-11-02 08:37 . 2009-11-02 08:37 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools 2009-10-31 19:20 . 2009-10-31 19:21 -------- d-----w- c:\program files\SystemRequirementsLab 2009-10-31 19:20 . 2009-10-31 19:20 -------- d-----w- c:\documents and settings\sara david\Application Data\SystemRequirementsLab 2009-10-31 11:48 . 2009-10-31 11:48 237442 ----a-w- C:\AutoRuns.zip 2009-10-31 11:30 . 2009-10-13 08:20 669032 ----a-w- C:\autoruns.exe 2009-10-31 11:30 . 2009-10-13 08:20 559976 ----a-w- C:\autorunsc.exe 2009-10-29 19:09 . 2009-10-29 19:09 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA 2009-10-29 13:07 . 2006-08-01 05:53 40960 ----a-w- c:\windows\system32\lxdmvs.dll 2009-10-29 13:06 . 2007-05-03 19:50 348160 ----a-w- c:\windows\system32\lxdmcoin.dll 2009-10-29 13:06 . 2007-05-22 14:10 65536 ----a-w- c:\windows\system32\lxdmcaps.dll 2009-10-29 13:06 . 2007-05-22 22:59 692224 ----a-w- c:\windows\system32\lxdmdrs.dll 2009-10-29 13:06 . 2007-04-17 14:17 69632 ----a-w- c:\windows\system32\lxdmcnv4.dll 2009-10-29 13:05 . 2007-06-07 05:38 45056 ----a-w- c:\windows\system32\LXDMPMON.DLL 2009-10-29 13:05 . 2007-06-07 05:37 32768 ----a-w- c:\windows\system32\LXDMFXPU.DLL 2009-10-29 13:05 . 2007-04-09 14:59 69632 ----a-w- c:\windows\system32\lxdmoem.dll 2009-10-29 13:05 . 2009-10-29 13:05 -------- d-----w- c:\documents and settings\All Users\Application Data\5000 Series 2009-10-29 13:04 . 2009-10-29 13:04 -------- d-----w- c:\program files\Abbyy FineReader 6.0 Sprint 2009-10-29 13:00 . 2006-11-09 07:11 1645320 ----a-w- c:\windows\system32\gdiplus.dll 2009-10-29 12:42 . 2009-10-30 19:39 -------- d-----w- c:\program files\Lexmark Toolbar 2009-10-29 12:36 . 2009-10-29 13:12 -------- d-----w- c:\documents and settings\sara david\Application Data\Lexmark Productivity Studio 2009-10-29 12:35 . 2009-11-01 17:46 -------- d-----w- c:\documents and settings\All Users\Lx_cats 2009-10-29 12:35 . 2008-01-25 21:35 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys 2009-10-29 12:35 . 2008-01-25 21:35 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2009-10-27 16:58 . 2009-10-27 16:58 -------- d-----w- c:\documents and settings\sara david\Application Data\5000 Series 2009-10-27 16:00 . 2009-10-27 16:00 -------- d-----w- C:\logs 2009-10-27 15:59 . 2008-01-25 21:33 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys 2009-10-27 15:59 . 2001-08-17 20:36 87040 ----a-w- c:\windows\system32\wiafbdrv.dll 2009-10-27 15:58 . 2006-06-02 21:12 98345 ----a-w- c:\windows\system32\IMHOST32.DLL 2009-10-27 15:58 . 2006-06-02 21:12 339968 ----a-w- c:\windows\system32\IMGMAN32.DLL 2009-10-26 10:55 . 2008-03-03 16:21 568 ---ha-w- c:\windows\nod32fixtemdono.reg 2009-10-26 08:30 . 2009-10-26 08:30 -------- d-sh--w- c:\documents and settings\sara david\PrivacIE 2009-10-26 08:20 . 2009-10-26 08:20 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2009-10-26 08:19 . 2009-10-26 08:19 -------- d-sh--w- c:\documents and settings\sara david\IETldCache 2009-10-26 08:13 . 2009-08-29 08:08 12800 ------w- c:\windows\system32\dllcache\xpshims.dll 2009-10-26 08:13 . 2009-08-29 08:08 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll 2009-10-26 08:13 . 2009-08-29 08:08 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll 2009-10-26 08:13 . 2009-08-29 08:08 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll 2009-10-26 08:13 . 2009-08-29 08:08 246272 ------w- c:\windows\system32\dllcache\ieproxy.dll 2009-10-26 08:13 . 2009-08-29 08:08 11069440 ------w- c:\windows\system32\dllcache\ieframe.dll 2009-10-26 08:13 . 2009-10-28 09:16 -------- d-----w- c:\windows\ie8updates 2009-10-26 08:13 . 2009-08-07 08:48 100352 ------w- c:\windows\system32\dllcache\iecompat.dll 2009-10-26 08:12 . 2008-01-26 03:57 81920 ----a-w- c:\windows\system32\ieencode.dll 2009-10-25 21:08 . 2009-10-25 21:08 -------- d-----w- c:\documents and settings\sara david\Application Data\ESET 2009-10-24 19:25 . 2009-10-24 19:25 156672 ----a-w- c:\windows\system32\rmc_fixasf.exe 2009-10-24 19:25 . 2009-10-24 19:25 237568 ----a-w- c:\windows\system32\rmc_rtspdl.dll 2009-10-24 19:25 . 2009-10-24 19:25 -------- d-----w- c:\documents and settings\sara david\Local Settings\Application Data\mdnslib 2009-10-24 19:24 . 2009-10-31 16:03 -------- d-----w- c:\documents and settings\sara david\Local Settings\Application Data\FLVService 2009-10-24 19:23 . 2009-10-24 19:59 -------- d-----w- c:\program files\Replay Media Catcher 2009-10-24 19:23 . 2009-10-24 19:23 -------- d-----w- c:\windows\Replay Media Catcher 2009-10-03 18:43 . 2009-10-03 18:43 -------- d-----w- c:\program files\Sebran . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-02 17:41 . 2009-05-17 10:18 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-11-01 15:40 . 2009-07-12 11:02 -------- d-----w- c:\documents and settings\sara david\Application Data\vlc 2009-10-29 21:00 . 2009-06-22 20:02 -------- d-----w- c:\program files\Common Files\ACD Systems 2009-10-29 21:00 . 2009-06-22 20:02 -------- d-----w- c:\program files\ACD Systems 2009-10-29 21:00 . 2009-06-22 20:02 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems 2009-10-29 18:45 . 2009-05-16 17:43 76464 ----a-w- c:\documents and settings\sara david\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-10-29 18:38 . 2009-07-12 10:25 -------- d-----w- c:\program files\DivX 2009-10-29 13:06 . 2009-10-29 12:59 -------- d-----w- c:\program files\Lexmark 5000 Series 2009-10-29 12:50 . 2009-05-17 12:00 -------- d-----w- c:\program files\Winamp 2009-10-29 12:50 . 2009-07-10 13:52 -------- d-----w- c:\program files\QuickTime 2009-10-29 12:50 . 2009-05-16 18:38 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2009-10-29 12:50 . 2009-05-17 12:33 -------- d-----w- c:\program files\FinePixViewer 2009-10-29 10:30 . 2009-07-16 09:59 -------- d-----w- c:\documents and settings\sara david\Application Data\AmuletAdventure 2009-10-29 10:30 . 2009-05-18 12:00 43 ----a-w- c:\windows\popcinfo.dat 2009-10-28 18:46 . 2009-05-16 21:16 -------- d-----w- c:\documents and settings\sara david\Application Data\uTorrent 2009-10-26 08:28 . 2009-07-15 19:44 -------- d-----w- c:\program files\Games 2009-10-25 21:26 . 2009-05-18 19:03 -------- d-----w- c:\program files\ESET 2009-10-25 21:07 . 2009-05-16 19:17 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET 2009-10-20 11:21 . 2009-08-14 10:35 -------- d-----w- c:\program files\Realore 2009-10-17 09:09 . 2009-05-18 08:15 820 ----a-w- c:\windows\system32\InTLub1.sys 2009-10-14 15:07 . 2009-05-21 08:08 -------- d-----w- c:\program files\Common Files\Adobe 2009-09-29 10:47 . 2009-06-23 20:15 -------- d-----w- c:\documents and settings\sara david\Application Data\Any Video Converter 2009-09-27 20:20 . 2009-09-27 20:20 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-09-27 20:20 . 2009-09-27 20:20 -------- d-----w- c:\program files\Java 2009-09-21 09:25 . 2009-05-17 10:18 -------- d-----w- c:\documents and settings\sara david\Application Data\dvdcss 2009-09-16 01:20 . 2009-11-02 08:38 7383 ----a-w- c:\windows\system32\drivers\pctcore.cat 2009-09-15 04:20 . 2009-11-02 08:37 7383 ----a-w- c:\windows\system32\drivers\pctplsg.cat 2009-09-15 00:12 . 2009-11-02 08:38 7412 ----a-w- c:\windows\system32\drivers\PCTAppEvent.cat 2009-09-14 23:01 . 2009-11-02 08:38 7387 ----a-w- c:\windows\system32\drivers\pctgntdi.cat 2009-09-12 10:07 . 2009-05-16 18:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-09-11 14:18 . 2008-01-26 03:57 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-04 21:03 . 2008-01-26 03:57 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-08-26 08:00 . 2008-01-26 03:57 247326 ----a-w- c:\windows\system32\strmdll.dll 2009-08-06 17:24 . 2009-05-16 16:46 327896 ----a-w- c:\windows\system32\wucltui.dll 2009-08-06 17:24 . 2009-05-16 16:46 209632 ----a-w- c:\windows\system32\wuweb.dll 2009-08-06 17:24 . 2009-05-16 16:46 35552 ----a-w- c:\windows\system32\wups.dll 2009-08-06 17:24 . 2008-10-16 12:09 44768 ----a-w- c:\windows\system32\wups2.dll 2009-08-06 17:24 . 2009-05-16 16:46 53472 ----a-w- c:\windows\system32\wuauclt.exe 2009-08-06 17:24 . 2008-01-26 03:57 96480 ----a-w- c:\windows\system32\cdm.dll 2009-08-06 17:23 . 2009-05-16 16:46 575704 ----a-w- c:\windows\system32\wuapi.dll 2009-08-06 17:23 . 2009-05-16 16:46 1929952 ----a-w- c:\windows\system32\wuaueng.dll 2009-08-05 09:01 . 2008-01-26 03:57 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-08-04 18:44 . 2008-02-12 14:10 2189184 ----a-w- c:\windows\system32\ntoskrnl.exe . ------- Sigcheck ------- [-] 2008-02-03 . F0D1A9D147E3722C4636FBB74A76723E . 1840128 . . [6.00.2900.2894] . . c:\windows\explorer.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{b23920f4-4c2f-412b-9450-1d7028d5454e}"= "c:\program files\TorrentReactor.Net\tbTor1.dll" [2009-08-12 2215960] [HKEY_CLASSES_ROOT\clsid\{b23920f4-4c2f-412b-9450-1d7028d5454e}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{b23920f4-4c2f-412b-9450-1d7028d5454e}"= "c:\program files\TorrentReactor.Net\tbTor1.dll" [2009-08-12 2215960] "{472734EA-242A-422B-ADF8-83D1E48CC825}"= "c:\program files\Spyware Doctor\BDT\PCTBrowserDefender.dll" [2009-10-08 395216] [HKEY_CLASSES_ROOT\clsid\{b23920f4-4c2f-412b-9450-1d7028d5454e}] [HKEY_CLASSES_ROOT\clsid\{472734ea-242a-422b-adf8-83d1e48cc825}] [HKEY_CLASSES_ROOT\BrowserDefender.BDToolbar.1] [HKEY_CLASSES_ROOT\TypeLib\{175B7885-28AB-4D18-8773-7A13A99980A4}] [HKEY_CLASSES_ROOT\BrowserDefender.BDToolbar] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{B23920F4-4C2F-412B-9450-1D7028D5454E}"= "c:\program files\TorrentReactor.Net\tbTor1.dll" [2009-08-12 2215960] [HKEY_CLASSES_ROOT\clsid\{b23920f4-4c2f-412b-9450-1d7028d5454e}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2009-04-16 251264] "Google Update"="c:\documents and settings\sara david\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-05-17 133104] "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-28 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-07-01 1447168] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-31 7634944] "ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2009-09-22 1243088] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-01-26 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2008-01-26 99840] c:\documents and settings\sara david\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMConfigurePrograms"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\IncrediMail\\bin\\ImApp.exe"= "c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Realore\\Tiny Cars 2\\TinyCars2.exe"= "c:\\WINDOWS\\system32\\lxdmcoms.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdmpswx.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdmtime.exe"= "c:\\Program Files\\Lexmark 5000 Series\\lxdmmon.exe"= "c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdmjswx.exe"= R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [02/11/2009 10:38 207280] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [01/07/2008 09:04 34312] R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/06/24 23:14];c:\program files\CyberLink\PowerDVD9\000.fcl [07/05/2009 21:05 87536] R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [02/11/2009 11:08 112592] R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [01/07/2008 09:02 468224] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [17/05/2009 19:43 55152] R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [02/11/2009 10:37 358600] S2 FlexService;Remote Connections Service;"c:\program files\RapidBIT\cisvc.exe" --> c:\program files\RapidBIT\cisvc.exe [?] S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [23/08/2001 15:00 3584] S3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 533360] --- Other Services/Drivers In Memory --- NewlyCreated - MBR Deregistered - mbr Deregistered - PCTSDInjDriver32 . Contents of the 'Scheduled Tasks' folder 2009-11-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-879983540-1417001333-1003Core.job - c:\documents and settings\sara david\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-17 18:45] 2009-11-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-879983540-1417001333-1003UA.job - c:\documents and settings\sara david\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-17 18:45] . . ------- Supplementary Scan ------- . uStart Page = about:blank uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = .local uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Customize Translation Options - c:\program files\PROMT98\promtie4\options.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000 IE: Search the Web - c:\program files\PROMT98\promtie4\search.htm IE: Translate - c:\program files\PROMT98\promtie4\translat.htm IE: Translate in R-Express - c:\program files\PROMT98\promtie4\wts.htm IE: Translate in WebView - c:\program files\PROMT98\promtie4\webview.htm IE: Translate page - c:\program files\PROMT98\promtie4\page.htm IE: {{7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - c:\program files\PROMT98\promtie4\promtie5.htm IE: {{7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - c:\program files\PROMT98\promtie4\options.htm FF - ProfilePath - c:\documents and settings\sara david\Application Data\Mozilla\Firefox\Profiles\8zgharg4.default\ FF - prefs.js: browser.search.selectedEngine - MyStart Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.hu/firefox?client=firefox-a&rls=org.mozilla:en-US:official FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar&search= FF - plugin: c:\documents and settings\sara david\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll . - - - - ORPHANS REMOVED - - - - AddRemove-RocketDock 1.3.5 - c:\program files\Company\RocketDock\Uninstall.exe *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-11-02 19:41 Windows 5.1.2600 Service Pack 3, v.5857 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(3044) c:\program files\Spyware Doctor\pctgmhk.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\System32\spool\DRIVERS\W32X86\3\lxdmserv.exe c:\program files\IncrediMail\bin\IMApp.exe c:\windows\system32\lxdmcoms.exe c:\windows\system32\nvsvc32.exe c:\program files\CyberLink\Shared files\RichVideo.exe c:\program files\Spyware Doctor\pctsSvc.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\system32\SearchIndexer.exe c:\windows\system32\wscntfy.exe . ************************************************************************ . Completion time: 2009-11-02 19:46 - machine was rebooted ComboFix-quarantined-files.txt 2009-11-02 17:46 Pre-Run: 9,050,869,760 bytes free Post-Run: 9,937,842,176 bytes free - - End Of File - - 832A241DBBD88F933E36D0A28B010489 IZVEŠTAJ COMBO FIX-A

Profil

diarno Poslao: 02 Nov 2009 20:02 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pusti sad Spyware Doctor-a i vidi dal nesto nalazi Inace posto je tebi trenutno spyware doctor neupotrebljiv jer nisi registrovana na njihovom sajtu ukoliko zelis da zaobidjes tu proceduru i jednostavan Antispyware program mozes instalirati jedan od sledeceih : http://www.superantispyware.com/ http://www.malwarebytes.org/mbam.php http://www.lavasoft.com/products/ad_aware_free.php Ne kazem da je SD los nego jednostavno trenutno je nefunkcionalan i ako nemas vremena da ga registrujes i bakces se sa tim stvarima mozes koristiti neki od ovih...

Profil

nadalina75 Poslao: 02 Nov 2009 21:13 Idi na vrh
offline nadalina75 Građanin Pridružio: 30 Okt 2009 Poruke: 59 Gde živiš: Sombor	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 02 Nov 2009 20:14 Ne mogu da verujem,upravo sam skenirala sa SD i vidi: Instaliraću jedan od ovih koje si predložio Dopuna: 02 Nov 2009 21:13 Čini mi se da je ipak bilo najjednostavnije predložiti jedan od ova tri efikasnija spywera,koji brišu infekcije,nego sve ovo što sam odradila

Profil

diarno Poslao: 02 Nov 2009 21:51 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Dobro ovo sto je detektovao nije strasno... to gotovo svaki user pokupi koristeci net..u pitanju su tracking cookies..koji nisu maliciozni..takodje je detektovao delove combofixa...Znaci deinstaliraj ga pre nego sto instaliras jedan od ova tri... Uradi jos ovo : Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. To bi bilo to..POzzz

Profil

nadalina75 Poslao: 02 Nov 2009 22:37 Idi na vrh
offline nadalina75 Građanin Pridružio: 30 Okt 2009 Poruke: 59 Gde živiš: Sombor	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sklonila sam combo fix i instalirala superantispyware.Skenirao je i očistio je sve,za sada. Sutra ću skenirati ponovo da vidim da li funkcioniše. Hvala

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Spyware Doctor detektovao a ne znam kako da izbrišem ...

Ko je trenutno na forumu

Ukupno su 817 korisnika na forumu :: 10 registrovanih, 1 sakriven i 806 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: _Rade, avijacija, DonRumataEstorski, hyla, styg, VJ, wolverined4, YugoRanger, zlaya011, Čivi

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by