MyCity » Ambulanta -> Arhiva Ambulante » pogledajte moj log!

pogledajte moj log!

Napisano na dan: 20.7.2009

pogledajte moj log!

Sledeća strana

Pagination

Odgovori

yuowl Poslao: 20 Jul 2009 22:17 Idi na vrh
offline yuowl Građanin Pridružio: 04 Mar 2008 Poruke: 38 Gde živiš: SER	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! imam problema sa 2 iexplore.exe uradio sam hijack... molim vas pogledajte log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:09:32, on 20.7.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\DU Meter\DUMeterSvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\WinFast\WFDTV\DTVSchdl.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" O4 - HKLM\..\Run: [rundll32] E:\VB\Moji Programi\KODOVI\Pedrams Elite Keylogger (Source Code)\bin\msobe.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll O23 - Service: Kaspersky Anti-Virus (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files\DU Meter\DUMeterSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 4691 bytes

Profil

dr_Bora Poslao: 20 Jul 2009 22:48 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html Precizno isprati to uputstvo (s razlogom je napisano). Citat:imam problema sa 2 iexplore.exe Pojasni. I šta ti je ovo: O4 - HKLM\..\Run: [rundll32] E:\VB\Moji Programi\KODOVI\Pedrams Elite Keylogger (Source Code)\bin\msobe.exe Pokušavaš da programiraš malware?

Profil

yuowl Poslao: 21 Jul 2009 00:05 Idi na vrh
offline yuowl Građanin Pridružio: 04 Mar 2008 Poruke: 38 Gde živiš: SER	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Izvini ako nisam nesto lepo napisao... Meni se u task manager-u javljaju 2 iexplore.exe a meni je ukljucen samo 1.... A kada iskljucim onda se idalje javlja 1. Ja koristim internet explorer 8. Ponekad mi i sporije radi net kao npr Youtube ne dll kako treba. A ovo se moj klinac igra sa Visual Basicom... Obrisacu ga ja. Recite mi molim vas ako nesto nije uredu. Pozdrav, unapred hvala

Profil

dr_Bora Poslao: 21 Jul 2009 17:39 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: zatvori pokrenute programe; deaktiviraj zaštitni softver (uputstvo); dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

yuowl Poslao: 22 Jul 2009 17:04 Idi na vrh
offline yuowl Građanin Pridružio: 04 Mar 2008 Poruke: 38 Gde živiš: SER	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala brate.... +++

Profil

dr_Bora Poslao: 22 Jul 2009 17:07 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Log?

Profil

yuowl Poslao: 23 Jul 2009 12:02 Idi na vrh
offline yuowl Građanin Pridružio: 04 Mar 2008 Poruke: 38 Gde živiš: SER	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-07-21.05 - Stefan 22.07.2009 16:39.1.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2635 [GMT 2:00] Running from: c:\documents and settings\Stefan\Desktop\ComboFix.exe AV: Kaspersky Anti-Virus On-access scanning disabled (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\Dvbpws.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_OREANS32 -------\Service_oreans32 ((((((((((((((((((((((((( Files Created from 2009-06-22 to 2009-07-22 ))))))))))))))))))))))))))))))) . 2009-07-21 09:50 . 2009-07-21 09:50 206088 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\update\rollback\AutoPatches\kav8exec\8.0.0.506\avp.exe 2009-07-20 20:09 . 2009-07-20 20:09 -------- d-----w- c:\program files\Trend Micro 2009-07-20 20:03 . 2009-07-20 20:03 -------- d-sh--w- c:\documents and settings\Stefan\IECompatCache 2009-07-20 20:03 . 2009-07-20 20:03 -------- d-sh--w- c:\documents and settings\Stefan\PrivacIE 2009-07-20 20:02 . 2009-07-20 20:02 -------- d-sh--w- c:\documents and settings\Stefan\IETldCache 2009-07-20 19:59 . 2009-07-20 20:00 -------- dc-h--w- c:\windows\ie8 2009-07-16 09:50 . 2009-07-16 09:50 20480 ----a-w- c:\windows\system32\H@tKeysH@@k.DLL 2009-07-16 09:33 . 2009-07-16 09:38 -------- d-----w- c:\program files\MSECache 2009-07-16 00:34 . 1994-09-20 22:00 92208 ----a-r- c:\windows\system32\WING.DLL 2009-07-16 00:31 . 2004-07-09 02:26 354816 -c--a-w- c:\windows\system32\dllcache\psisdecd.dll 2009-07-16 00:31 . 2004-07-09 02:26 354816 ----a-w- c:\windows\system32\psisdecd.dll 2009-07-16 00:31 . 2004-07-09 02:26 52096 -c--a-w- c:\windows\system32\dllcache\msdv.sys 2009-07-16 00:31 . 2004-07-09 02:26 52096 ----a-w- c:\windows\system32\drivers\msdv.sys 2009-07-16 00:31 . 2004-07-09 02:26 15104 -c--a-w- c:\windows\system32\dllcache\mpe.sys 2009-07-16 00:31 . 2004-07-09 02:26 15104 ----a-w- c:\windows\system32\drivers\mpe.sys 2009-07-16 00:31 . 2004-07-09 02:26 11392 -c--a-w- c:\windows\system32\dllcache\bdasup.sys 2009-07-16 00:31 . 2004-07-09 02:26 11392 ----a-w- c:\windows\system32\drivers\bdasup.sys 2009-07-16 00:31 . 2002-12-11 22:14 46592 ----a-w- c:\windows\system32\dxdllreg.exe 2009-07-16 00:31 . 2002-08-29 01:41 31744 -c--a-w- c:\windows\system32\dllcache\pid.dll 2009-07-13 09:13 . 2009-07-13 21:57 -------- d-----w- c:\documents and settings\Stefan\Local Settings\Application Data\RapidShare 2009-07-09 08:04 . 2009-07-09 08:04 -------- d-----w- c:\documents and settings\Stefan\Local Settings\Application Data\CAPCOM 2009-07-09 07:09 . 2009-03-16 12:18 69448 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2009-07-09 07:09 . 2009-03-16 12:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll 2009-07-09 07:09 . 2009-03-09 13:27 453456 ----a-w- c:\windows\system32\d3dx10_41.dll 2009-07-09 07:09 . 2009-03-09 13:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll 2009-07-09 07:09 . 2009-03-09 13:27 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll 2009-07-09 07:09 . 2009-03-16 12:18 235352 ----a-w- c:\windows\system32\xactengine3_4.dll 2009-07-09 07:09 . 2009-07-09 07:09 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE 2009-07-09 07:09 . 2009-07-09 07:09 -------- d-----w- c:\windows\system32\xlive 2009-07-08 17:50 . 2009-07-13 09:12 -------- d-----w- c:\documents and settings\Stefan\Local Settings\Application Data\Deployment 2009-07-01 16:50 . 2009-07-01 16:50 -------- d-----w- c:\windows\system32\wbem\Repository 2009-07-01 16:49 . 2009-07-01 16:49 -------- d-----w- c:\program files\TryMedia 2009-07-01 16:28 . 2009-07-01 16:28 -------- d-----w- c:\documents and settings\Stefan\Application Data\Uniblue 2009-06-28 22:29 . 2009-06-28 22:29 -------- d-----w- c:\documents and settings\Stefan\Local Settings\Application Data\PCHealth 2009-06-28 22:28 . 2008-07-11 00:28 50200 ----a-w- c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll 2009-06-28 22:24 . 2009-06-28 22:24 112640 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\VCExpress\9.0\1033\ResourceCache.dll 2009-06-28 22:24 . 2009-06-28 22:24 416 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\MSDN\9.0\1033\ResourceCache.dll 2009-06-28 22:24 . 2009-06-28 22:24 -------- d-----w- c:\documents and settings\Stefan\Local Settings\Application Data\Microsoft Help 2009-06-28 22:22 . 2009-06-29 07:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2009-06-28 22:21 . 2009-06-28 22:21 114856 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-06-28 22:21 . 2009-06-28 22:21 -------- d-----w- c:\windows\system32\XPSViewer 2009-06-28 22:21 . 2009-06-28 22:21 -------- d-----w- c:\program files\MSBuild 2009-06-28 22:20 . 2009-06-28 22:20 -------- d-----w- c:\program files\Reference Assemblies 2009-06-28 22:20 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-06-28 22:20 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2009-06-28 22:20 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-06-28 22:20 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2009-06-28 22:20 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2009-06-28 22:20 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2009-06-28 22:20 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2009-06-28 21:39 . 2009-06-28 21:39 -------- d-----w- c:\documents and settings\All Users\Application Data\MySQL 2009-06-28 09:48 . 2009-06-28 09:48 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Hagel Technologies 2009-06-28 09:48 . 2009-06-28 09:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Hagel Technologies 2009-06-28 09:48 . 2009-06-28 15:42 -------- d-----w- c:\program files\DU Meter 2009-06-26 17:03 . 2009-01-07 16:21 26144 ----a-w- c:\windows\system32\spupdsvc.exe 2009-06-26 17:02 . 2009-06-26 17:02 -------- d--h--w- c:\windows\$hf_mig$ 2009-06-26 09:13 . 2009-06-26 09:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-22 14:53 . 2009-04-03 19:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-07-22 14:43 . 2009-04-03 19:46 647200 --sha-w- c:\windows\system32\drivers\fidbox2.dat 2009-07-22 14:43 . 2009-04-03 19:46 5388 --sha-w- c:\windows\system32\drivers\fidbox2.idx 2009-07-22 14:43 . 2009-04-03 19:46 3017760 --sha-w- c:\windows\system32\drivers\fidbox.dat 2009-07-22 14:43 . 2009-04-03 19:46 26752 --sha-w- c:\windows\system32\drivers\fidbox.idx 2009-07-22 14:36 . 2009-06-13 12:06 -------- d-----w- c:\documents and settings\Stefan\Application Data\uTorrent 2009-07-21 19:39 . 2009-06-19 15:02 -------- d-----w- c:\program files\Garena 2009-07-21 09:50 . 2009-06-13 11:22 208616 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\avp.exe 2009-07-16 20:56 . 2009-03-14 12:07 47776 ----a-w- c:\documents and settings\Stefan\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-07-16 00:22 . 2009-03-14 12:08 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-07-01 16:35 . 2009-07-01 16:35 361344 ----a-w- c:\windows\system32\drivers\TCPIP.SYS.ORIGINAL 2009-06-29 07:14 . 2009-03-14 12:41 -------- d-----w- c:\program files\Microsoft.NET 2009-06-21 17:30 . 2009-06-21 17:30 33824 ----a-w- c:\windows\system32\drivers\oreans32.sys 2009-06-19 15:04 . 2009-06-19 15:03 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-06-18 12:05 . 2009-06-18 12:05 -------- d-----w- c:\documents and settings\Stefan\Application Data\TeamViewer 2009-06-16 16:25 . 2009-03-27 19:10 61975 ----a-w- c:\windows\War3Unin.dat 2009-06-13 12:06 . 2009-06-13 12:06 -------- d-----w- c:\program files\uTorrent 2009-06-13 11:22 . 2008-01-29 15:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys 2009-06-13 11:22 . 2009-04-03 19:47 94643 ----a-w- c:\windows\system32\drivers\klick.dat 2009-06-13 11:22 . 2009-04-03 19:47 105395 ----a-w- c:\windows\system32\drivers\klin.dat 2009-06-13 11:22 . 2009-06-13 11:22 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\klbg.sys 2009-06-13 11:22 . 2009-06-13 11:22 226832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.506\XP\klif.sys 2009-05-03 16:02 . 2009-04-04 08:43 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll 2009-04-27 16:49 . 2009-04-26 22:40 7780 ----a-w- c:\documents and settings\Stefan\FMCodec.dat 2008-08-03 15:36 . 2008-08-03 15:36 137003 ----a-w- c:\program files\bhop2.png . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-10-28 94208] "DU Meter"="c:\program files\DU Meter\DUMeter.exe" [2007-10-17 979968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-19 13500416] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-02-19 86016] "WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2007-11-16 90112] "WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2007-11-15 2850816] "DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" [2009-07-21 208616] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-09-03 16841216] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-02-19 1626112] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 2009\\avp.exe"= "c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"= "c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"= "e:\\Warcraft III\\Warcraft III.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Garena\\Garena.exe"= "e:\\Cs 1.6\\hl.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"= "e:\\SF4\\StreetFighterIV.exe"= "e:\\Cs 1.6\\hlds.exe"= "e:\\Command&Conquer\\Command & Conquer Red Alert(tm) II\\RA2\\game.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [1/29/2008 5:29 PM 33808] R2 DUMeterSvc;DU Meter Service;c:\program files\DU Meter\DUMeterSvc.exe [6/28/2009 11:48 AM 1386008] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [4/30/2008 5:06 PM 24592] R3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFDTV\WFIOCTL.sys [3/14/2009 2:33 PM 9446] S3 vhack;vhack;\??\c:\docume~1\Stefan\LOCALS~1\Temp\Rar$EX00.016\vhack.sys --> c:\docume~1\Stefan\LOCALS~1\Temp\Rar$EX00.016\vhack.sys [?] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uInternet Connection Wizard,ShellNext = iexplore IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-07-22 16:53 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DUMeterSvc] "ImagePath"="c:\program files\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(2844) c:\windows\system32\msi.dll c:\windows\system32\ieframe.dll c:\windows\system32\OneX.DLL c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvsvc32.exe c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\windows\system32\rundll32.exe c:\progra~1\DUMETE~1\DUMeter.exe c:\windows\system32\wscntfy.exe . ************************************************************************ . Completion time: 2009-07-22 16:54 - machine was rebooted ComboFix-quarantined-files.txt 2009-07-22 14:54 Pre-Run: 46.444.662.784 bytes free Post-Run: 52.149.444.608 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(3)\WINDOWS [operating systems] d:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(3)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 200

Profil

dr_Bora Poslao: 23 Jul 2009 18:33 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Upakuj u zip/rar kompletan folder: C:\Qoobox\Quarantine i upload-uj preko: http://www.mycity.rs/ambulanta-upload.php

Profil

MyCity » Ambulanta -> Arhiva Ambulante » pogledajte moj log!

Ko je trenutno na forumu

Ukupno su 1231 korisnika na forumu :: 29 registrovanih, 5 sakrivenih i 1197 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Bane san, Ben Roj, Brana01, Denaya, doloress, draganl, galijot, ikan, kunktator, kybonacci, Lieutenant, ljiljak, mercedesamg, Mercury, Metanoja, Mi lao shu, Mihajlo, Milos ZA, pape, pein, procesor, Shinobi, Sirius, Steeeefan, virked, vladaa012, VladaKG1980, wolverined4, Žoržo

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by