MyCity » Ambulanta -> Arhiva Ambulante » Konstantni problemi sa IE

Konstantni problemi sa IE

Napisano na dan: 22.4.2009

Strana:
1
2
3

Konstantni problemi sa IE

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

MonteCarlo Poslao: 22 Apr 2009 23:39 Idi na vrh
offline MonteCarlo Građanin Pridružio: 18 Jan 2009 Poruke: 205	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:38:04, on 22.4.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Live\Toolbar\wltuser.exe D:\filmovi\USD\USD\USDownloader.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\1\Desktop\New Folder\TR3.exe..exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: PopupManager Class - {08E74C67-99A6-45C7-94DA-A397A8FD8082} - C:\Program Files\Popup Manager\PopupMgr_1.0.2.1P.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Objavi ovo u blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Objavi ovo u blogu u okviru usluge Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe -- End of file - 7374 bytes

Profil

helen1 Poslao: 23 Apr 2009 00:10 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Postavi mi novi ComboFix log, da vidim da li je uredu.

Profil

MonteCarlo Poslao: 23 Apr 2009 00:20 Idi na vrh
offline MonteCarlo Građanin Pridružio: 18 Jan 2009 Poruke: 205	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo ga : ComboFix 09-04-23.02 - 1 23.04.2009 0:12.9 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1279.877 [GMT 2:00] Running from: c:\documents and settings\1\Desktop\ComboFix.exe AV: Eset NOD32 antivirus system 2.50 On-access scanning disabled (Outdated) . ((((((((((((((((((((((((( Files Created from 2009-03-23 to 2009-04-23 ))))))))))))))))))))))))))))))) . 2009-04-22 10:31 . 2009-04-22 10:31 54156 ---ha-w c:\windows\QTFont.qfn 2009-04-22 10:31 . 2009-04-22 10:31 1409 ----a-w c:\windows\QTFont.for 2009-03-30 14:35 . 2009-03-30 14:35 56 ---ha-w c:\windows\system32\ezsidmv.dat 2009-03-30 14:35 . 2009-03-30 14:35 -------- d-----w c:\documents and settings\1\Application Data\skypePM 2009-03-30 14:33 . 2009-04-22 14:17 -------- d-----w c:\documents and settings\All Users\Application Data\Skype 2009-03-25 12:12 . 2009-03-25 12:12 1986469 ----a-w C:\PacManicworld.exe 2009-03-25 10:55 . 2009-03-25 10:55 1244246 ----a-w C:\teenage_mutant_ninja_turtles_the_hyperstone_heist.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-22 15:41 . 2007-04-11 15:23 -------- d-----w c:\documents and settings\All Users\Application Data\yahoo! 2009-04-22 15:40 . 2008-06-14 12:56 -------- d-----w c:\program files\Burger Shop 2009-04-22 15:40 . 2008-07-03 17:28 -------- d-----w c:\program files\Supercow 2009-04-22 14:09 . 2009-03-12 13:30 -------- d-----w c:\documents and settings\1\Application Data\Windows Live Writer 2009-04-22 14:09 . 2009-04-22 14:09 -------- d-----w c:\program files\Windows Live SkyDrive 2009-04-22 14:09 . 2006-07-21 17:06 -------- d--h--w c:\program files\InstallShield Installation Information 2009-04-22 14:07 . 2009-02-28 18:03 -------- d-----w c:\program files\Sega 2009-04-22 14:07 . 2009-03-08 18:00 -------- d-----w c:\program files\Windows Live 2009-04-22 14:07 . 2006-07-24 02:06 -------- d-----w c:\program files\MSN Messenger 2009-04-22 14:07 . 2007-07-11 21:11 -------- d-----w c:\program files\Belltech Business Card Designer Pro 2009-04-22 14:07 . 2006-07-21 17:24 -------- d-----w c:\program files\Mv2Player 2009-04-22 14:07 . 2009-03-14 09:50 -------- d-----w c:\documents and settings\All Users\Application Data\NFS Underground 2009-04-22 14:06 . 2009-03-25 10:56 -------- d-----w c:\program files\Teenage Mutant Ninja Turtles - The Hyperstone Heist 2009-04-22 14:05 . 2007-04-11 20:55 -------- d--h--r c:\documents and settings\1\Application Data\yahoo! 2009-04-18 12:07 . 2008-07-20 21:16 -------- d-----w c:\program files\Warcraft III 2009-04-15 15:07 . 2008-03-16 20:11 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-04-15 13:29 . 2007-05-24 22:32 -------- d-----w c:\program files\ChickenInvadersROTYXmas 2009-04-11 08:25 . 2009-01-07 19:10 -------- d-----w c:\program files\Teddy Factory 2009-04-07 15:25 . 2007-06-17 09:39 3364 ----a-w c:\windows\system32\d3d9caps.dat 2009-04-07 14:45 . 2006-07-25 17:21 -------- d-----w c:\program files\Call of Duty 2009-04-06 15:15 . 2006-11-16 16:31 45056 ----a-w c:\windows\NCUNINST.EXE 2009-03-31 13:16 . 2009-03-31 13:16 -------- d-----w c:\program files\KONAMI 2009-03-20 15:20 . 2007-02-24 19:54 -------- d-----w c:\program files\QuickTime 2009-03-20 15:20 . 2009-02-27 21:47 -------- d-----w c:\program files\Cooking Academy 2 World Cuisine 2009-03-14 09:34 . 2009-03-14 09:34 -------- d-----w c:\program files\EA GAMES 2009-03-13 17:59 . 2007-05-06 12:59 -------- d-----w c:\documents and settings\1\Application Data\MegauploadToolbar 2009-03-12 13:29 . 2009-03-12 13:29 1002752 ----a-w C:\JournalViewer1.5_KB886179_ENU.exe 2009-03-11 17:55 . 2009-01-15 10:01 230424 ----a-w C:\img1-001.raw 2009-03-08 18:10 . 2006-07-28 06:28 89360 ----a-w c:\documents and settings\1\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-03-08 18:06 . 2009-03-08 18:06 -------- d-----w c:\program files\Microsoft Sync Framework 2009-03-08 18:05 . 2009-03-08 18:05 -------- d-----w c:\program files\Microsoft SQL Server Compact Edition 2009-03-08 18:00 . 2009-03-08 18:00 -------- d-----w c:\program files\Microsoft 2009-03-08 17:40 . 2009-03-08 17:40 -------- d-----w c:\program files\Common Files\Windows Live 2009-03-08 17:38 . 2009-03-08 17:37 1150824 ----a-w c:\program files\wlsetup-custom.exe 2009-03-02 14:20 . 2008-12-18 22:39 -------- d-----w c:\program files\Airport Mania - First Flight 2009-02-27 21:48 . 2008-07-20 22:28 -------- d-----w c:\documents and settings\All Users\Application Data\Fugazo 2009-02-27 09:43 . 2007-04-14 01:36 -------- d-----w c:\documents and settings\1\Application Data\uTorrent 2009-02-26 08:38 . 2008-10-27 08:06 -------- d-----w c:\program files\MP4Tool 2009-02-06 18:20 . 2009-02-06 18:20 308088 ----a-w c:\windows\WLXPGSS.SCR 2009-02-06 17:52 . 2009-02-06 17:52 49504 ----a-w c:\windows\system32\sirenacm.dll 2008-12-03 22:27 . 2006-10-25 10:12 88776 ----a-w c:\documents and settings\1\Application Data\GDIPFONTCACHEV1.DAT 2008-11-09 16:01 . 2008-11-09 15:24 602 ----a-w c:\documents and settings\1\Application Data\filterclsid.dat 2008-11-02 16:08 . 2008-05-12 15:45 7 ----a-w c:\program files\UsrPrefs.xml 2008-11-02 16:08 . 2008-05-31 11:56 96 ----a-w c:\program files\GAMEOPT.INI 2005-01-28 23:20 . 2008-05-12 15:44 3194880 ----a-w c:\program files\playboy_-_the_mansion.exe 2005-01-28 06:12 . 2008-05-12 15:44 374 ----a-w c:\program files\setup.bat 2005-01-27 13:33 . 2008-05-12 15:44 348160 ----a-w c:\program files\msvcr71.dll 2005-01-27 13:15 . 2008-05-12 15:44 499712 ----a-w c:\program files\msvcp71.dll 2005-01-11 11:33 . 2008-05-12 15:46 14032 ----a-w c:\program files\readme.txt 2004-11-08 07:03 . 2008-05-12 15:50 151 ----a-w c:\program files\CtlPrefs.xml 2006-10-11 08:2008-05-03 20:27 04:58 . c:\program files\mozilla firefox\components\jar50.dll 2006-10-11 08:2008-05-03 20:27 04:59 . c:\program files\mozilla firefox\components\jsd3250.dll 2006-10-11 08:2008-05-03 20:27 05:03 . c:\program files\mozilla firefox\components\myspell.dll 2006-10-11 08:2008-05-03 20:27 05:03 . c:\program files\mozilla firefox\components\spellchk.dll 2006-10-11 08:2008-05-03 20:27 04:58 . c:\program files\mozilla firefox\components\xpinstal.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-02-28 315392] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-04-12 917504] "snpstd"="c:\windows\vsnpstd.exe" [2004-06-10 286720] "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-07-30 185896] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32 "MIDI1"= SYNCOR11.DLL "wave1"= serwvdrv.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "d:\\Install\\utorrent.exe"= "c:\\WINDOWS\\system32\\winver.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= R3 fsssvc;Windows Live Porodicna bezbednost;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] R3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\DRIVERS\k510bus.sys [2007-12-26 58288] R3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\DRIVERS\k510mdfl.sys [2007-12-26 8336] R3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\DRIVERS\k510mdm.sys [2007-12-26 94064] R3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\k510mgmt.sys [2007-12-26 85408] R3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\k510obex.sys [2007-12-26 83344] S1 RapNet;RapNet;c:\windows\system32\drivers\RapNet.sys [2002-07-11 26428] S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152] S2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] S3 iadusb;MT882;c:\windows\system32\DRIVERS\glauiad.sys [2006-03-20 30336] . . ------- Supplementary Scan ------- . uStart Page = about:blank mStart Page = hxxp://www.yahoo.com uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 LSP: imon.dll Trusted Zone: bancaintesabeograd.com\online Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-23 00:15 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-448539723-1767777339-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'lsass.exe'(740) c:\windows\system32\imon.dll - - - - - - - > 'explorer.exe'(3260) c:\windows\system32\msi.dll . Completion time: 2009-04-22 0:17 ComboFix-quarantined-files.txt 2009-04-22 22:17 ComboFix2.txt 2009-04-22 20:03 ComboFix3.txt 2009-01-31 20:02 Pre-Run: 7.104.188.416 bytes free Post-Run: 7.095.037.952 bytes free 155

Profil

helen1 Poslao: 23 Apr 2009 00:24 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sad stanje, rekao bih da je OK?

Profil

MonteCarlo Poslao: 23 Apr 2009 00:29 Idi na vrh
offline MonteCarlo Građanin Pridružio: 18 Jan 2009 Poruke: 205	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! I meni se cini da je super.Videcu do sutra kako se ponasa pa javljam. Hvala puno.

Profil

helen1 Poslao: 23 Apr 2009 00:30 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pogledao bih jos nesto: Preuzmi program RootRepeal na Desktop. Raspakuj RootRepeal.zip u neki folder. Dvoklikom pokreni RootRepeal.exe. Pređi na Report karticu (klikom na Report taster, dole, desno). Klikni Scan taster. U prozoru koji se otvori (Select Scan), obeleži kućice ispred svih stavki i klikni OK. U narednom prozoru (Select Drives) obeleži kućicu ispred sistemskog diska (obično C:\) i klikni OK. Po završetku procesa, klikni Save Report i sačuvaj izveštaj o skeniranju. Iskopiraj sadržaj tog izveštaja u iduću poruku.

Profil

MonteCarlo Poslao: 23 Apr 2009 00:46 Idi na vrh
offline MonteCarlo Građanin Pridružio: 18 Jan 2009 Poruke: 205	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-04-23.02 - 1 23.04.2009 0:12.9 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1279.877 [GMT 2:00] Running from: c:\documents and settings\1\Desktop\ComboFix.exe AV: Eset NOD32 antivirus system 2.50 On-access scanning disabled (Outdated) . ((((((((((((((((((((((((( Files Created from 2009-03-23 to 2009-04-23 ))))))))))))))))))))))))))))))) . 2009-04-22 10:31 . 2009-04-22 10:31 54156 ---ha-w c:\windows\QTFont.qfn 2009-04-22 10:31 . 2009-04-22 10:31 1409 ----a-w c:\windows\QTFont.for 2009-03-30 14:35 . 2009-03-30 14:35 56 ---ha-w c:\windows\system32\ezsidmv.dat 2009-03-30 14:35 . 2009-03-30 14:35 -------- d-----w c:\documents and settings\1\Application Data\skypePM 2009-03-30 14:33 . 2009-04-22 14:17 -------- d-----w c:\documents and settings\All Users\Application Data\Skype 2009-03-25 12:12 . 2009-03-25 12:12 1986469 ----a-w C:\PacManicworld.exe 2009-03-25 10:55 . 2009-03-25 10:55 1244246 ----a-w C:\teenage_mutant_ninja_turtles_the_hyperstone_heist.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-22 15:41 . 2007-04-11 15:23 -------- d-----w c:\documents and settings\All Users\Application Data\yahoo! 2009-04-22 15:40 . 2008-06-14 12:56 -------- d-----w c:\program files\Burger Shop 2009-04-22 15:40 . 2008-07-03 17:28 -------- d-----w c:\program files\Supercow 2009-04-22 14:09 . 2009-03-12 13:30 -------- d-----w c:\documents and settings\1\Application Data\Windows Live Writer 2009-04-22 14:09 . 2009-04-22 14:09 -------- d-----w c:\program files\Windows Live SkyDrive 2009-04-22 14:09 . 2006-07-21 17:06 -------- d--h--w c:\program files\InstallShield Installation Information 2009-04-22 14:07 . 2009-02-28 18:03 -------- d-----w c:\program files\Sega 2009-04-22 14:07 . 2009-03-08 18:00 -------- d-----w c:\program files\Windows Live 2009-04-22 14:07 . 2006-07-24 02:06 -------- d-----w c:\program files\MSN Messenger 2009-04-22 14:07 . 2007-07-11 21:11 -------- d-----w c:\program files\Belltech Business Card Designer Pro 2009-04-22 14:07 . 2006-07-21 17:24 -------- d-----w c:\program files\Mv2Player 2009-04-22 14:07 . 2009-03-14 09:50 -------- d-----w c:\documents and settings\All Users\Application Data\NFS Underground 2009-04-22 14:06 . 2009-03-25 10:56 -------- d-----w c:\program files\Teenage Mutant Ninja Turtles - The Hyperstone Heist 2009-04-22 14:05 . 2007-04-11 20:55 -------- d--h--r c:\documents and settings\1\Application Data\yahoo! 2009-04-18 12:07 . 2008-07-20 21:16 -------- d-----w c:\program files\Warcraft III 2009-04-15 15:07 . 2008-03-16 20:11 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-04-15 13:29 . 2007-05-24 22:32 -------- d-----w c:\program files\ChickenInvadersROTYXmas 2009-04-11 08:25 . 2009-01-07 19:10 -------- d-----w c:\program files\Teddy Factory 2009-04-07 15:25 . 2007-06-17 09:39 3364 ----a-w c:\windows\system32\d3d9caps.dat 2009-04-07 14:45 . 2006-07-25 17:21 -------- d-----w c:\program files\Call of Duty 2009-04-06 15:15 . 2006-11-16 16:31 45056 ----a-w c:\windows\NCUNINST.EXE 2009-03-31 13:16 . 2009-03-31 13:16 -------- d-----w c:\program files\KONAMI 2009-03-20 15:20 . 2007-02-24 19:54 -------- d-----w c:\program files\QuickTime 2009-03-20 15:20 . 2009-02-27 21:47 -------- d-----w c:\program files\Cooking Academy 2 World Cuisine 2009-03-14 09:34 . 2009-03-14 09:34 -------- d-----w c:\program files\EA GAMES 2009-03-13 17:59 . 2007-05-06 12:59 -------- d-----w c:\documents and settings\1\Application Data\MegauploadToolbar 2009-03-12 13:29 . 2009-03-12 13:29 1002752 ----a-w C:\JournalViewer1.5_KB886179_ENU.exe 2009-03-11 17:55 . 2009-01-15 10:01 230424 ----a-w C:\img1-001.raw 2009-03-08 18:10 . 2006-07-28 06:28 89360 ----a-w c:\documents and settings\1\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-03-08 18:06 . 2009-03-08 18:06 -------- d-----w c:\program files\Microsoft Sync Framework 2009-03-08 18:05 . 2009-03-08 18:05 -------- d-----w c:\program files\Microsoft SQL Server Compact Edition 2009-03-08 18:00 . 2009-03-08 18:00 -------- d-----w c:\program files\Microsoft 2009-03-08 17:40 . 2009-03-08 17:40 -------- d-----w c:\program files\Common Files\Windows Live 2009-03-08 17:38 . 2009-03-08 17:37 1150824 ----a-w c:\program files\wlsetup-custom.exe 2009-03-02 14:20 . 2008-12-18 22:39 -------- d-----w c:\program files\Airport Mania - First Flight 2009-02-27 21:48 . 2008-07-20 22:28 -------- d-----w c:\documents and settings\All Users\Application Data\Fugazo 2009-02-27 09:43 . 2007-04-14 01:36 -------- d-----w c:\documents and settings\1\Application Data\uTorrent 2009-02-26 08:38 . 2008-10-27 08:06 -------- d-----w c:\program files\MP4Tool 2009-02-06 18:20 . 2009-02-06 18:20 308088 ----a-w c:\windows\WLXPGSS.SCR 2009-02-06 17:52 . 2009-02-06 17:52 49504 ----a-w c:\windows\system32\sirenacm.dll 2008-12-03 22:27 . 2006-10-25 10:12 88776 ----a-w c:\documents and settings\1\Application Data\GDIPFONTCACHEV1.DAT 2008-11-09 16:01 . 2008-11-09 15:24 602 ----a-w c:\documents and settings\1\Application Data\filterclsid.dat 2008-11-02 16:08 . 2008-05-12 15:45 7 ----a-w c:\program files\UsrPrefs.xml 2008-11-02 16:08 . 2008-05-31 11:56 96 ----a-w c:\program files\GAMEOPT.INI 2005-01-28 23:20 . 2008-05-12 15:44 3194880 ----a-w c:\program files\playboy_-_the_mansion.exe 2005-01-28 06:12 . 2008-05-12 15:44 374 ----a-w c:\program files\setup.bat 2005-01-27 13:33 . 2008-05-12 15:44 348160 ----a-w c:\program files\msvcr71.dll 2005-01-27 13:15 . 2008-05-12 15:44 499712 ----a-w c:\program files\msvcp71.dll 2005-01-11 11:33 . 2008-05-12 15:46 14032 ----a-w c:\program files\readme.txt 2004-11-08 07:03 . 2008-05-12 15:50 151 ----a-w c:\program files\CtlPrefs.xml 2006-10-11 08:2008-05-03 20:27 04:58 . c:\program files\mozilla firefox\components\jar50.dll 2006-10-11 08:2008-05-03 20:27 04:59 . c:\program files\mozilla firefox\components\jsd3250.dll 2006-10-11 08:2008-05-03 20:27 05:03 . c:\program files\mozilla firefox\components\myspell.dll 2006-10-11 08:2008-05-03 20:27 05:03 . c:\program files\mozilla firefox\components\spellchk.dll 2006-10-11 08:2008-05-03 20:27 04:58 . c:\program files\mozilla firefox\components\xpinstal.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-02-28 315392] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-04-12 917504] "snpstd"="c:\windows\vsnpstd.exe" [2004-06-10 286720] "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744] "Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-07-30 185896] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32 "MIDI1"= SYNCOR11.DLL "wave1"= serwvdrv.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "d:\\Install\\utorrent.exe"= "c:\\WINDOWS\\system32\\winver.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= R3 fsssvc;Windows Live Porodicna bezbednost;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360] R3 k510bus;Sony Ericsson K510 Driver driver (WDM);c:\windows\system32\DRIVERS\k510bus.sys [2007-12-26 58288] R3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;c:\windows\system32\DRIVERS\k510mdfl.sys [2007-12-26 8336] R3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;c:\windows\system32\DRIVERS\k510mdm.sys [2007-12-26 94064] R3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\k510mgmt.sys [2007-12-26 85408] R3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\k510obex.sys [2007-12-26 83344] S1 RapNet;RapNet;c:\windows\system32\drivers\RapNet.sys [2002-07-11 26428] S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152] S2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656] S3 iadusb;MT882;c:\windows\system32\DRIVERS\glauiad.sys [2006-03-20 30336] . . ------- Supplementary Scan ------- . uStart Page = about:blank mStart Page = hxxp://www.yahoo.com uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 LSP: imon.dll Trusted Zone: bancaintesabeograd.com\online Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-04-23 00:15 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-448539723-1767777339-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'lsass.exe'(740) c:\windows\system32\imon.dll - - - - - - - > 'explorer.exe'(3260) c:\windows\system32\msi.dll . Completion time: 2009-04-22 0:17 ComboFix-quarantined-files.txt 2009-04-22 22:17 ComboFix2.txt 2009-04-22 20:03 ComboFix3.txt 2009-01-31 20:02 Pre-Run: 7.104.188.416 bytes free Post-Run: 7.095.037.952 bytes free 155

Profil

helen1 Poslao: 23 Apr 2009 06:13 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pogresan log, trebalo je da postavis log od programa: RootRepeal.

Profil

MonteCarlo Poslao: 23 Apr 2009 11:13 Idi na vrh
offline MonteCarlo Građanin Pridružio: 18 Jan 2009 Poruke: 205	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ROOTREPEAL (c) AD, 2007-2008 ================================================== Scan Time: 2009/04/23 00:36 Program Version: Version 1.2.3.0 Windows Version: Windows XP SP2 ================================================== Drivers ------------------- Name: Image Path: Address: 0xF7473000 Size: 98304 File Visible: No Status: - Name: Image Path: Address: 0x00000000 Size: 0 File Visible: No Status: - Name: catchme.sys Image Path: C:\DOCUME~1\1\LOCALS~1\Temp\catchme.sys Address: 0xF77E7000 Size: 31744 File Visible: No Status: - Name: Combo-Fix.sys Image Path: Combo-Fix.sys Address: 0xF7657000 Size: 60416 File Visible: No Status: - Name: dump_atapi.sys Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys Address: 0xAF465000 Size: 98304 File Visible: No Status: - Name: dump_WMILIB.SYS Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS Address: 0xBAC3D000 Size: 8192 File Visible: No Status: - Name: PROCEXP90.SYS Image Path: C:\WINDOWS\system32\Drivers\PROCEXP90.SYS Address: 0xF79D9000 Size: 6464 File Visible: No Status: - Name: rootrepeal.sys Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys Address: 0xAE670000 Size: 45056 File Visible: No Status: - Hidden/Locked Files ------------------- Path: C:\sccfg.sys Status: Invisible to the Windows API! Path: C:\hiberfil.sys Status: Locked to the Windows API! SSDT ------------------- #: 025 Function Name: NtClose Status: Hooked by "vax347b.sys" at address 0xf75bcbb8 #: 037 Function Name: NtCreateFile Status: Hooked by "C:\WINDOWS\system32\windrvNT.sys" at address 0xf777336a #: 041 Function Name: NtCreateKey Status: Hooked by "vax347b.sys" at address 0xf75bcb70 #: 045 Function Name: NtCreatePagingFile Status: Hooked by "vax347b.sys" at address 0xf75b0c70 #: 071 Function Name: NtEnumerateKey Status: Hooked by "vax347b.sys" at address 0xf75b14fe #: 073 Function Name: NtEnumerateValueKey Status: Hooked by "vax347b.sys" at address 0xf75bccb0 #: 116 Function Name: NtOpenFile Status: Hooked by "C:\WINDOWS\system32\windrvNT.sys" at address 0xf7773cd8 #: 119 Function Name: NtOpenKey Status: Hooked by "vax347b.sys" at address 0xf75bcb34 #: 145 Function Name: NtQueryDirectoryFile Status: Hooked by "C:\WINDOWS\system32\windrvNT.sys" at address 0xf7773842 #: 154 Function Name: NtQueryInformationProcess Status: Hooked by "C:\WINDOWS\system32\windrvNT.sys" at address 0xf77701e0 #: 160 Function Name: NtQueryKey Status: Hooked by "vax347b.sys" at address 0xf75b151e #: 177 Function Name: NtQueryValueKey Status: Hooked by "vax347b.sys" at address 0xf75bcc06 #: 224 Function Name: NtSetInformationFile Status: Hooked by "C:\WINDOWS\system32\windrvNT.sys" at address 0xf7774142 #: 241 Function Name: NtSetSystemPowerState Status: Hooked by "vax347b.sys" at address 0xf75bc450 Stealth Objects ------------------- Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ] Process: System Address: 0x89788370 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_CREATE] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_CREATE_NAMED_PIPE] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_CLOSE] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_READ] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_WRITE] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_SET_INFORMATION] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_EA] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_SET_EA] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_SET_VOLUME_INFORMATION] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_SHUTDOWN] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_CLEANUP] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_CREATE_MAILSLOT] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_SECURITY] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_SET_SECURITY] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_POWER] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_DEVICE_CHANGE] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_QUERY_QUOTA] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_SET_QUOTA] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: atapi, IRP_MJ_PNP] Process: System Address: 0x89309140 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE_NAMED_PIPE] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLOSE] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_READ] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_WRITE] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_INFORMATION] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_EA] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_EA] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_VOLUME_INFORMATION] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_SHUTDOWN] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLEANUP] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE_MAILSLOT] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_SECURITY] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_SECURITY] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_POWER] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CHANGE] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_QUERY_QUOTA] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_SET_QUOTA] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: Cdrom, IRP_MJ_PNP] Process: System Address: 0x892f67e0 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_CREATE] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_CREATE_NAMED_PIPE] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_CLOSE] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_READ] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_WRITE] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_QUERY_INFORMATION] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_SET_INFORMATION] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_QUERY_EA] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_SET_EA] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_FLUSH_BUFFERS] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_QUERY_VOLUME_INFORMATION] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_SET_VOLUME_INFORMATION] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_DIRECTORY_CONTROL] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_FILE_SYSTEM_CONTROL] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_DEVICE_CONTROL] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_INTERNAL_DEVICE_CONTROL] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_SHUTDOWN] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_LOCK_CONTROL] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_CLEANUP] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_CREATE_MAILSLOT] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_QUERY_SECURITY] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_SET_SECURITY] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_POWER] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_SYSTEM_CONTROL] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_DEVICE_CHANGE] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_QUERY_QUOTA] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_SET_QUOTA] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: vax347s, IRP_MJ_PNP] Process: System Address: 0x892b8928 Size: - Object: Hidden Code [Driver: Rdbss, IRP_MJ_READ] Process: System Address: 0x8923c458 Size: - Object: Hidden Code [Driver: Srv, IRP_MJ_READ] Process: System Address: 0x89367030 Size: - Object: Hidden Code [Driver: MRxSmb, IRP_MJ_READ] Process: System Address: 0x89265430 Size: - Object: Hidden Code [Driver: NpfsЅఅ坓慤͈⃳�ᇐឹꀀ⋉阱, IRP_MJ_READ] Process: System Address: 0x89259cf0 Size: - Object: Hidden Code [Driver: Msfsȅ䵃慄쪈Ȃం扏楄䒸嶠褢, IRP_MJ_READ] Process: System Address: 0x8923d468 Size: - Object: Hidden Code [Driver: Fs_Rec, IRP_MJ_READ] Process: System Address: 0x892752d8 Size: - Object: Hidden Code [Driver: Cdfsȅ卆浩ȁం䵃䥖�Ũ叁Ȃ఍敋ꁹ, IRP_MJ_READ] Process: System Address: 0x8933a758 Size: -

Profil

helen1 Poslao: 23 Apr 2009 18:38 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jel ima nekih problema?

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Konstantni problemi sa IE

Ko je trenutno na forumu

Ukupno su 864 korisnika na forumu :: 6 registrovanih, 0 sakrivenih i 858 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: babaroga, Milos ZA, Neutral-M, Panter, pein, VJ

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by