MyCity » Ambulanta -> Arhiva Ambulante » Usporen PC

Usporen PC

Napisano na dan: 12.10.2009

Strana:
1
2

Usporen PC

Sledeća strana

Pagination

Odgovori

Strana:
1
2

vladimirNS Poslao: 12 Okt 2009 21:00 Idi na vrh
offline vladimirNS Građanin Pridružio: 11 Maj 2004 Poruke: 145 Gde živiš: Novi Sad	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 12 Okt 2009 20:35 DDS (Ver_09-10-12.01) - NTFSx86 Run by Mira at 19:50:23.10 on Mon 10/12/2009 Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_15 Microsoft Windows XP Home Edition 5.1.2600.2.1250.381.1033.18.895.456 [GMT 2:00] AV: AVG Anti-Virus Free On-access scanning enabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\system32\svchost.exe -k netsvcs svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\System Control Manager\edd.exe C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\system32\o2flash.exe C:\Program Files\RALINK\Common\RaUI.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe svchost.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\FreeCommander\FreeCommander.exe C:\Documents and Settings\Mira\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = about:blank uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll uURLSearchHooks: H - No File mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime -Delay mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ralink~1.lnk - c:\program files\ralink\common\RaUI.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Notify: AtiExtEvent - Ati2evxx.dll Notify: avgrsstarter - avgrsstx.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\mira\applic~1\mozilla\firefox\profiles\cvbjr1nv.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/?o=13760&l=dis FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p= FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} ============= SERVICES / DRIVERS =============== R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2006-2-27 34880] R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2006-2-20 29056] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-5-24 335240] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-5-24 108552] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-6-25 908056] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-6-25 297752] R2 NishService;Evil Driver Daemon;c:\program files\system control manager\edd.exe [2002-1-1 40960] R3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [2002-1-1 20128] S2 fjofyfihn;vtzkcxezo;c:\windows\system32\svchost.exe -k netsvcs [2006-4-27 14336] S2 qpyakmt;Shell Monitor;c:\windows\system32\svchost.exe -k netsvcs [2006-4-27 14336] S2 tqiwzgtfb;Installer Image;c:\windows\system32\svchost.exe -k netsvcs [2006-4-27 14336] S2 tveomrnc;Update Microsoft;c:\windows\system32\svchost.exe -k netsvcs [2006-4-27 14336] S2 vluqnri;Microsoft Driver;c:\windows\system32\svchost.exe -k netsvcs [2006-4-27 14336] S4 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-7-19 234888] =============== Created Last 30 ================ 2009-10-11 20:11 <DIR> --d----- c:\program files\a-squared Free 2009-10-10 09:13 221,184 a------- c:\windows\system32\wmpns.dll 2009-10-10 09:12 <DIR> --d----- c:\windows\ServicePackFiles 2009-10-04 19:32 7,168 a------- c:\windows\system32\drivers\StarOpen.sys ==================== Find3M ==================== 2009-08-17 16:56 335,240 a------- c:\windows\system32\drivers\avgldx86.sys 2009-08-17 16:56 11,952 a------- c:\windows\system32\avgrsstx.dll 2009-08-05 11:11 204,800 a------- c:\windows\system32\mswebdvd.dll 2009-07-29 06:53 119,808 a------- c:\windows\system32\t2embed.dll 2009-07-29 06:53 82,432 a------- c:\windows\system32\fontsub.dll 2009-07-25 05:23 411,368 a------- c:\windows\system32\deploytk.dll 2009-07-17 20:55 58,880 a------- c:\windows\system32\atl.dll ============= FINISH: 19:50:40.06 =============== mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png Dopuna: 12 Okt 2009 21:00 Zaboravih da napisem koji je problem. Jako je usporeno otvaranje programa i dolazi do kratkotrajnih " kocenja " rada. Nista mi ne signalizira antivirus. Imam kablovski internet (sbb).

Profil

diarno Poslao: 12 Okt 2009 21:06 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

vladimirNS Poslao: 12 Okt 2009 21:53 Idi na vrh
offline vladimirNS Građanin Pridružio: 11 Maj 2004 Poruke: 145 Gde živiš: Novi Sad	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-10-11.03 - Mira 10/12/2009 21:40.1.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1250.381.1033.18.895.503 [GMT 2:00] Running from: c:\documents and settings\Mira\Desktop\ComboFix.exe AV: AVG Anti-Virus Free On-access scanning disabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\AskSearch\bin\DefaultSearch.dll c:\recycler\S-1-5-21-329068152-1284227242-682003330-1003 . ((((((((((((((((((((((((( Files Created from 2009-09-12 to 2009-10-12 ))))))))))))))))))))))))))))))) . 2009-10-11 18:11 . 2009-10-12 17:25 -------- d-----w- c:\program files\a-squared Free 2009-10-10 07:13 . 2004-08-04 12:00 221184 ----a-w- c:\windows\system32\wmpns.dll 2009-10-10 07:12 . 2009-10-10 07:12 -------- d-----w- c:\windows\ServicePackFiles 2009-10-04 17:32 . 2009-09-28 19:57 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys 2009-10-04 17:32 . 2009-10-04 17:32 -------- d-----w- c:\program files\CDBurnerXP 2009-09-27 17:13 . 2009-10-11 16:44 -------- d-----w- c:\documents and settings\Mira\Application Data\vlc . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-12 17:12 . 2009-05-26 16:04 -------- d-----w- c:\program files\Mozilla Thunderbird 2009-09-27 17:20 . 2009-08-19 15:05 -------- d-----w- c:\program files\SRWare Iron 2009-09-27 17:17 . 2009-06-13 06:02 -------- d-----w- c:\program files\Wise Registry Cleaner 2009-08-30 15:50 . 2009-05-30 13:37 -------- d-----w- c:\program files\Java 2009-08-30 15:49 . 2009-08-30 15:49 152576 ----a-w- c:\documents and settings\Mira\Application Data\Sun\Java\jre1.6.0_15\lzma.dll 2009-08-17 14:56 . 2009-05-24 20:57 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-08-17 14:56 . 2009-05-24 20:57 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-08-17 14:56 . 2009-05-24 20:57 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-08-17 14:53 . 2009-05-24 20:57 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8 2009-08-15 12:37 . 2009-08-15 12:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Canneverbe Limited 2009-08-05 09:11 . 2006-04-27 15:14 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-07-29 04:53 . 2006-04-27 15:14 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-07-29 04:53 . 2006-04-27 15:14 82432 ----a-w- c:\windows\system32\fontsub.dll 2009-07-25 03:23 . 2009-05-30 13:37 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-07-17 18:55 . 2006-04-27 15:14 58880 ----a-w- c:\windows\system32\atl.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200] [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-09-02 09:58 1107200 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 45056] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-10-04 2023704] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2002-1-2 589824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-08-17 14:56 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BlueSoleil.lnk] backup=c:\windows\pss\BlueSoleil.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "d:\\Install\\Foxit PDF Editor\\Foxit PDF Editor 2.0 Build 1011\\PDFEdit.exe"= "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2/27/2006 9:00 AM 34880] R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2/20/2006 10:01 AM 29056] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [5/24/2009 10:57 PM 335240] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [5/24/2009 10:57 PM 108552] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [6/25/2009 6:19 PM 908056] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [6/25/2009 6:19 PM 297752] R3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [1/1/2002 4:23 PM 20128] S2 fjofyfihn;vtzkcxezo;c:\windows\system32\svchost.exe -k netsvcs [4/27/2006 5:14 PM 14336] S2 NishService;Evil Driver Daemon;c:\program files\System Control Manager\edd.exe [1/1/2002 4:23 PM 40960] S2 qpyakmt;Shell Monitor;c:\windows\system32\svchost.exe -k netsvcs [4/27/2006 5:14 PM 14336] S2 tqiwzgtfb;Installer Image;c:\windows\system32\svchost.exe -k netsvcs [4/27/2006 5:14 PM 14336] S2 tveomrnc;Update Microsoft;c:\windows\system32\svchost.exe -k netsvcs [4/27/2006 5:14 PM 14336] S2 vluqnri;Microsoft Driver;c:\windows\system32\svchost.exe -k netsvcs [4/27/2006 5:14 PM 14336] S4 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [7/19/2009 10:57 AM 234888] --- Other Services/Drivers In Memory --- NewlyCreated - AGAIRFOG Deregistered - agairfog HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs qpyakmt tqiwzgtfb fjofyfihn tveomrnc vluqnri . Contents of the 'Scheduled Tasks' folder 2009-05-24 c:\windows\Tasks\Wise Registry Cleaner 4.job - c:\program files\Wise Registry Cleaner\WiseRegistryCleaner.exe [2009-06-13 11:40] . . ------- Supplementary Scan ------- . uStart Page = about:blank FF - ProfilePath - c:\documents and settings\Mira\Application Data\Mozilla\Firefox\Profiles\cvbjr1nv.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/?o=13760&l=dis FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p= FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-10-12 21:42 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\fjofyfihn] "ServiceDll"="c:\windows\system32\dlkjtn.dll" -- [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\qpyakmt] "ServiceDll"="c:\windows\system32\dlkjtn.dll" -- [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\tqiwzgtfb] "ServiceDll"="c:\windows\system32\dlkjtn.dll" -- [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\tveomrnc] "ServiceDll"="c:\windows\system32\dlkjtn.dll" -- [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vluqnri] "ServiceDll"="c:\windows\system32\dlkjtn.dll" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(768-) c:\windows\system32\Ati2evxx.dll . Completion time: 2009-10-12 21:44 ComboFix-quarantined-files.txt 2009-10-12 19:44 Pre-Run: 33,029,320,704 bytes free Post-Run: 33,000,906,752 bytes free 151 --- E O F --- 2009-10-10 07:16

Profil

diarno Poslao: 12 Okt 2009 22:40 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\windows\system32\dlkjtn.dll Driver:: fjofyfihn qpyakmt tqiwzgtfb tveomrnc vluqnri Netsvc:: fjofyfihn qpyakmt tqiwzgtfb tveomrnc vluqnri` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja. Jel ti poznat ovaj program c:\program files\System Control Manager

Profil

vladimirNS Poslao: 12 Okt 2009 23:28 Idi na vrh
offline vladimirNS Građanin Pridružio: 11 Maj 2004 Poruke: 145 Gde živiš: Novi Sad	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-10-11.03 - Mira 10/12/2009 23:10.2.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1250.381.1033.18.895.434 [GMT 2:00] Running from: c:\documents and settings\Mira\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Mira\Desktop\CFScript.txt AV: AVG Anti-Virus Free On-access scanning disabled (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: "c:\windows\system32\dlkjtn.dll" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_FJOFYFIHN -------\Legacy_QPYAKMT -------\Legacy_TQIWZGTFB -------\Legacy_TVEOMRNC -------\Legacy_VLUQNRI -------\Service_fjofyfihn -------\Service_qpyakmt -------\Service_tqiwzgtfb -------\Service_tveomrnc -------\Service_vluqnri ((((((((((((((((((((((((( Files Created from 2009-09-12 to 2009-10-12 ))))))))))))))))))))))))))))))) . 2009-10-12 20:37 . 2009-10-12 20:37 -------- d-sh--w- c:\documents and settings\Mira\PrivacIE 2009-10-12 20:29 . 2009-10-12 20:29 -------- d-sh--w- c:\documents and settings\Mira\IETldCache 2009-10-12 20:26 . 2009-10-12 20:27 -------- dc-h--w- c:\windows\ie8 2009-10-11 18:11 . 2009-10-12 17:25 -------- d-----w- c:\program files\a-squared Free 2009-10-10 07:13 . 2004-08-04 12:00 221184 ----a-w- c:\windows\system32\wmpns.dll 2009-10-10 07:12 . 2009-10-10 07:12 -------- d-----w- c:\windows\ServicePackFiles 2009-10-04 17:32 . 2009-09-28 19:57 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys 2009-10-04 17:32 . 2009-10-04 17:32 -------- d-----w- c:\program files\CDBurnerXP 2009-09-27 17:13 . 2009-10-11 16:44 -------- d-----w- c:\documents and settings\Mira\Application Data\vlc . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-12 20:31 . 2009-06-25 16:20 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar 2009-10-12 17:12 . 2009-05-26 16:04 -------- d-----w- c:\program files\Mozilla Thunderbird 2009-09-27 17:20 . 2009-08-19 15:05 -------- d-----w- c:\program files\SRWare Iron 2009-09-27 17:17 . 2009-06-13 06:02 -------- d-----w- c:\program files\Wise Registry Cleaner 2009-08-30 15:50 . 2009-05-30 13:37 -------- d-----w- c:\program files\Java 2009-08-30 15:49 . 2009-08-30 15:49 152576 ----a-w- c:\documents and settings\Mira\Application Data\Sun\Java\jre1.6.0_15\lzma.dll 2009-08-17 14:56 . 2009-05-24 20:57 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-08-17 14:56 . 2009-05-24 20:57 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-08-17 14:56 . 2009-05-24 20:57 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-08-17 14:53 . 2009-05-24 20:57 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8 2009-08-15 12:37 . 2009-08-15 12:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Canneverbe Limited 2009-08-05 09:11 . 2006-04-27 15:14 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-07-29 04:53 . 2006-04-27 15:14 119808 ----a-w- c:\windows\system32\t2embed.dll 2009-07-29 04:53 . 2006-04-27 15:14 82432 ----a-w- c:\windows\system32\fontsub.dll 2009-07-25 03:23 . 2009-05-30 13:37 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-07-17 18:55 . 2006-04-27 15:14 58880 ----a-w- c:\windows\system32\atl.dll . ((((((((((((((((((((((((((((( SnapShot@2009-10-12_19.43.01 ))))))))))))))))))))))))))))))))))))))))) . + 2009-10-12 21:14 . 2009-10-12 21:14 16384 c:\windows\temp\Perflib_Perfdata_21c.dat + 2006-04-27 15:53 . 2009-01-07 16:21 26144 c:\windows\system32\spupdsvc.exe + 2009-05-25 00:32 . 2009-01-07 16:20 16928 c:\windows\system32\spmsg.dll + 2006-04-27 15:14 . 2009-03-08 02:31 46592 c:\windows\system32\pngfilt.dll + 2009-01-07 16:20 . 2009-01-07 16:20 23552 c:\windows\system32\normaliz.dll + 2009-01-07 16:20 . 2009-01-07 16:20 24576 c:\windows\system32\nlsdl.dll + 2006-04-27 15:14 . 2009-03-08 02:31 48128 c:\windows\system32\mshtmler.dll + 2006-04-27 15:14 . 2009-03-08 02:31 66560 c:\windows\system32\mshtmled.dll + 2006-04-27 15:14 . 2009-03-08 02:31 45568 c:\windows\system32\mshta.exe + 2009-03-08 02:31 . 2009-03-08 02:31 13312 c:\windows\system32\msfeedssync.exe + 2009-03-08 02:31 . 2009-03-08 02:31 55296 c:\windows\system32\msfeedsbs.dll + 2006-04-27 15:14 . 2009-03-08 02:34 43008 c:\windows\system32\licmgr10.dll + 2006-04-27 15:14 . 2009-03-08 02:33 25600 c:\windows\system32\jsproxy.dll + 2006-04-27 15:14 . 2009-03-08 02:32 94720 c:\windows\system32\inseng.dll + 2006-04-27 15:14 . 2009-03-08 02:31 34816 c:\windows\system32\imgutil.dll + 2009-03-08 02:32 . 2009-03-08 02:32 36864 c:\windows\system32\ieudinit.exe + 2006-04-27 15:14 . 2009-03-08 02:32 71680 c:\windows\system32\iesetup.dll + 2006-04-27 15:14 . 2009-03-08 02:32 55808 c:\windows\system32\iernonce.dll + 2009-01-07 16:20 . 2009-01-07 16:20 26112 c:\windows\system32\idndl.dll + 2009-03-08 02:31 . 2009-03-08 02:31 59904 c:\windows\system32\icardie.dll + 2006-04-27 15:14 . 2009-03-08 02:31 46592 c:\windows\system32\dllcache\pngfilt.dll + 2006-04-27 15:14 . 2009-03-08 02:31 48128 c:\windows\system32\dllcache\mshtmler.dll + 2006-04-27 15:14 . 2009-03-08 02:31 66560 c:\windows\system32\dllcache\mshtmled.dll + 2006-04-27 15:14 . 2009-03-08 02:31 45568 c:\windows\system32\dllcache\mshta.exe + 2006-04-27 15:14 . 2009-03-08 02:34 43008 c:\windows\system32\dllcache\licmgr10.dll + 2006-04-27 15:14 . 2009-03-08 02:33 25600 c:\windows\system32\dllcache\jsproxy.dll + 2006-04-27 15:14 . 2009-03-08 02:32 94720 c:\windows\system32\dllcache\inseng.dll + 2006-04-27 15:14 . 2009-03-08 02:31 34816 c:\windows\system32\dllcache\imgutil.dll + 2006-04-27 15:14 . 2009-03-08 02:32 71680 c:\windows\system32\dllcache\iesetup.dll + 2006-04-27 15:14 . 2009-03-08 02:32 55808 c:\windows\system32\dllcache\iernonce.dll + 2006-04-27 15:25 . 2009-03-08 02:24 68608 c:\windows\system32\dllcache\hmmapi.dll + 2006-04-27 15:14 . 2009-03-08 02:33 18944 c:\windows\system32\dllcache\corpol.dll + 2006-04-27 15:14 . 2009-03-08 02:32 72704 c:\windows\system32\dllcache\admparse.dll + 2006-04-27 15:14 . 2009-03-08 02:33 18944 c:\windows\system32\corpol.dll + 2006-04-27 15:14 . 2009-03-08 02:32 72704 c:\windows\system32\admparse.dll + 2009-10-12 20:26 . 2004-08-04 12:00 37888 c:\windows\ie8\url.dll + 2009-10-12 20:27 . 2009-03-08 12:23 58464 c:\windows\ie8\spuninst\iecustom.dll + 2009-10-12 20:26 . 2009-06-26 16:18 39424 c:\windows\ie8\pngfilt.dll + 2009-10-12 20:26 . 2004-08-04 12:00 96256 c:\windows\ie8\occache.dll + 2009-10-12 20:26 . 2004-08-04 12:00 56832 c:\windows\ie8\mshtmler.dll + 2009-10-12 20:26 . 2004-08-04 12:00 29184 c:\windows\ie8\mshta.exe + 2009-10-12 20:26 . 2004-08-04 12:00 22016 c:\windows\ie8\licmgr10.dll + 2009-10-12 20:26 . 2009-06-26 16:18 16384 c:\windows\ie8\jsproxy.dll + 2009-10-12 20:26 . 2009-06-26 16:18 96256 c:\windows\ie8\inseng.dll + 2009-10-12 20:26 . 2004-08-04 12:00 35840 c:\windows\ie8\imgutil.dll + 2009-10-12 20:26 . 2004-08-04 12:00 93184 c:\windows\ie8\iexplore.exe + 2009-10-12 20:26 . 2004-08-04 12:00 62976 c:\windows\ie8\iesetup.dll + 2009-10-12 20:26 . 2004-08-04 12:00 48640 c:\windows\ie8\iernonce.dll + 2009-10-12 20:26 . 2009-06-26 16:18 81920 c:\windows\ie8\ieencode.dll + 2009-10-12 20:26 . 2004-08-04 12:00 34304 c:\windows\ie8\ie4uinit.exe + 2009-10-12 20:26 . 2004-08-04 12:00 38912 c:\windows\ie8\hmmapi.dll + 2009-10-12 20:26 . 2004-08-04 12:00 35328 c:\windows\ie8\corpol.dll + 2009-10-12 20:26 . 2004-08-04 12:00 99840 c:\windows\ie8\advpack.dll + 2009-10-12 20:26 . 2004-08-04 12:00 61440 c:\windows\ie8\admparse.dll + 2009-01-07 16:21 . 2009-01-07 16:21 121856 c:\windows\system32\xmllite.dll + 2006-04-27 15:14 . 2009-03-08 02:34 914944 c:\windows\system32\wininet.dll + 2009-03-08 02:34 . 2009-03-08 02:34 208384 c:\windows\system32\WinFXDocObj.exe + 2006-04-27 15:14 . 2009-03-08 02:34 236544 c:\windows\system32\webcheck.dll + 2006-04-27 15:14 . 2009-03-08 02:33 420352 c:\windows\system32\vbscript.dll + 2006-04-27 15:14 . 2009-03-08 02:34 105984 c:\windows\system32\url.dll + 2006-04-27 15:14 . 2009-03-08 02:34 109568 c:\windows\system32\occache.dll + 2006-04-27 15:14 . 2009-03-08 02:32 611840 c:\windows\system32\mstime.dll + 2006-04-27 15:14 . 2009-03-08 02:34 193536 c:\windows\system32\msrating.dll + 2006-04-27 15:14 . 2009-03-08 02:22 156160 c:\windows\system32\msls31.dll + 2009-03-08 02:32 . 2009-03-08 02:32 594432 c:\windows\system32\msfeeds.dll + 2009-01-07 16:20 . 2009-01-07 16:20 265720 c:\windows\system32\msdbg2.dll + 2006-04-27 15:14 . 2009-03-08 02:33 726528 c:\windows\system32\jscript.dll + 2009-03-08 02:22 . 2009-03-08 02:22 164352 c:\windows\system32\ieui.dll + 2006-04-27 15:14 . 2009-03-08 02:31 183808 c:\windows\system32\iepeers.dll + 2006-04-27 15:14 . 2009-03-08 12:09 391536 c:\windows\system32\iedkcs32.dll + 2009-03-08 02:11 . 2009-03-08 02:11 445952 c:\windows\system32\ieapfltr.dll + 2006-04-27 15:14 . 2009-03-08 02:32 163840 c:\windows\system32\ieakui.dll + 2006-04-27 15:14 . 2009-03-08 02:33 229376 c:\windows\system32\ieaksie.dll + 2006-04-27 15:14 . 2009-03-08 02:33 125952 c:\windows\system32\ieakeng.dll + 2006-04-27 15:14 . 2009-03-08 02:32 173056 c:\windows\system32\ie4uinit.exe + 2006-04-27 15:14 . 2009-03-08 02:31 216064 c:\windows\system32\dxtrans.dll + 2006-04-27 15:14 . 2009-03-08 02:31 348160 c:\windows\system32\dxtmsft.dll + 2006-04-27 15:14 . 2009-03-08 02:34 914944 c:\windows\system32\dllcache\wininet.dll + 2006-04-27 15:14 . 2009-03-08 02:34 236544 c:\windows\system32\dllcache\webcheck.dll + 2006-04-27 15:26 . 2009-03-08 02:33 759296 c:\windows\system32\dllcache\VGX.dll + 2006-04-27 15:14 . 2009-03-08 02:33 420352 c:\windows\system32\dllcache\vbscript.dll + 2006-04-27 15:14 . 2009-03-08 02:34 105984 c:\windows\system32\dllcache\url.dll + 2009-01-07 16:20 . 2009-01-07 16:20 134144 c:\windows\system32\dllcache\sqmapi.dll + 2006-04-27 15:14 . 2009-03-08 02:34 109568 c:\windows\system32\dllcache\occache.dll + 2006-04-27 15:14 . 2009-03-08 02:32 611840 c:\windows\system32\dllcache\mstime.dll + 2006-04-27 15:14 . 2009-03-08 02:34 193536 c:\windows\system32\dllcache\msrating.dll + 2006-04-27 15:14 . 2009-03-08 02:22 156160 c:\windows\system32\dllcache\msls31.dll + 2006-04-27 15:14 . 2009-03-08 02:33 726528 c:\windows\system32\dllcache\jscript.dll + 2006-04-27 15:25 . 2009-03-08 12:09 638816 c:\windows\system32\dllcache\iexplore.exe + 2006-04-27 15:14 . 2009-03-08 02:31 183808 c:\windows\system32\dllcache\iepeers.dll + 2006-04-27 15:14 . 2009-03-08 12:09 391536 c:\windows\system32\dllcache\iedkcs32.dll + 2006-04-27 15:14 . 2009-03-08 02:32 163840 c:\windows\system32\dllcache\ieakui.dll + 2006-04-27 15:14 . 2009-03-08 02:33 229376 c:\windows\system32\dllcache\ieaksie.dll + 2006-04-27 15:14 . 2009-03-08 02:33 125952 c:\windows\system32\dllcache\ieakeng.dll + 2006-04-27 15:14 . 2009-03-08 02:32 173056 c:\windows\system32\dllcache\ie4uinit.exe + 2006-04-27 15:14 . 2009-03-08 02:31 216064 c:\windows\system32\dllcache\dxtrans.dll + 2006-04-27 15:14 . 2009-03-08 02:31 348160 c:\windows\system32\dllcache\dxtmsft.dll + 2006-04-27 15:14 . 2009-03-08 02:32 128512 c:\windows\system32\dllcache\advpack.dll + 2006-04-27 15:14 . 2009-03-08 02:32 128512 c:\windows\system32\advpack.dll + 2009-10-12 20:26 . 2009-06-26 16:18 659456 c:\windows\ie8\wininet.dll + 2009-10-12 20:26 . 2004-08-04 12:00 276480 c:\windows\ie8\webcheck.dll + 2009-10-12 20:26 . 2004-08-04 12:00 848384 c:\windows\ie8\vgx.dll + 2009-10-12 20:26 . 2007-12-18 14:40 417792 c:\windows\ie8\vbscript.dll + 2009-10-12 20:26 . 2009-06-26 16:18 616448 c:\windows\ie8\urlmon.dll + 2009-10-12 20:27 . 2009-01-07 16:21 382496 c:\windows\ie8\spuninst\updspapi.dll + 2009-10-12 20:27 . 2009-01-07 16:20 231456 c:\windows\ie8\spuninst\spuninst.exe + 2009-10-12 20:26 . 2009-06-26 16:18 532480 c:\windows\ie8\mstime.dll + 2009-10-12 20:26 . 2009-06-26 16:18 146432 c:\windows\ie8\msrating.dll + 2009-10-12 20:26 . 2004-08-04 12:00 146432 c:\windows\ie8\msls31.dll + 2009-10-12 20:26 . 2009-06-26 16:18 449024 c:\windows\ie8\mshtmled.dll + 2009-10-12 20:26 . 2009-08-21 09:46 450560 c:\windows\ie8\jscript.dll + 2009-10-12 20:26 . 2009-06-26 16:18 251392 c:\windows\ie8\iepeers.dll + 2009-10-12 20:26 . 2004-08-04 12:00 323584 c:\windows\ie8\iedkcs32.dll + 2009-10-12 20:26 . 2004-08-04 12:00 221184 c:\windows\ie8\ieakui.dll + 2009-10-12 20:26 . 2004-08-04 12:00 216576 c:\windows\ie8\ieaksie.dll + 2009-10-12 20:26 . 2004-08-04 12:00 139264 c:\windows\ie8\ieakeng.dll + 2009-10-12 20:26 . 2009-06-26 16:18 205312 c:\windows\ie8\dxtrans.dll + 2009-10-12 20:26 . 2009-06-26 16:18 357888 c:\windows\ie8\dxtmsft.dll + 2006-04-27 15:14 . 2009-03-08 02:34 1206784 c:\windows\system32\urlmon.dll + 2006-04-27 15:14 . 2009-03-08 02:41 5937152 c:\windows\system32\mshtml.dll + 2009-03-08 02:32 . 2009-03-08 02:32 1985024 c:\windows\system32\iertutil.dll + 2009-02-06 19:07 . 2009-02-06 19:07 3698584 c:\windows\system32\ieapfltr.dat + 2006-04-27 15:14 . 2009-03-08 02:34 1206784 c:\windows\system32\dllcache\urlmon.dll + 2006-04-27 15:14 . 2009-03-08 02:41 5937152 c:\windows\system32\dllcache\mshtml.dll + 2009-10-12 20:26 . 2009-07-18 16:20 3062272 c:\windows\ie8\mshtml.dll + 2009-03-08 02:39 . 2009-03-08 02:39 11063808 c:\windows\system32\ieframe.dll . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200] [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-09-02 09:58 1107200 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-09-02 1107200] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 45056] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-10-04 2023704] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Ralink Wireless Utility.lnk - c:\program files\RALINK\Common\RaUI.exe [2002-1-2 589824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-08-17 14:56 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BlueSoleil.lnk] backup=c:\windows\pss\BlueSoleil.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "d:\\Install\\Foxit PDF Editor\\Foxit PDF Editor 2.0 Build 1011\\PDFEdit.exe"= "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2/27/2006 9:00 AM 34880] R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2/20/2006 10:01 AM 29056] R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [5/24/2009 10:57 PM 335240] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [5/24/2009 10:57 PM 108552] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [6/25/2009 6:19 PM 908056] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [6/25/2009 6:19 PM 297752] S2 NishService;Evil Driver Daemon;c:\program files\System Control Manager\edd.exe [1/1/2002 4:23 PM 40960] S3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [1/1/2002 4:23 PM 20128] S4 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [7/19/2009 10:57 AM 234888] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contents of the 'Scheduled Tasks' folder 2009-05-24 c:\windows\Tasks\Wise Registry Cleaner 4.job - c:\program files\Wise Registry Cleaner\WiseRegistryCleaner.exe [2009-06-13 11:40] . . ------- Supplementary Scan ------- . uStart Page = about:blank FF - ProfilePath - c:\documents and settings\Mira\Application Data\Mozilla\Firefox\Profiles\cvbjr1nv.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com/?o=13760&l=dis FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p= FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-10-12 23:14 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(776) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(3604) c:\windows\system32\msi.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\ati2evxx.exe c:\program files\a-squared Free\a2service.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\CDBurnerXP\NMSAccessU.exe c:\program files\AVG\AVG8\avgrsx.exe c:\progra~1\AVG\AVG8\avgnsx.exe c:\program files\AVG\AVG8\avgcsrvx.exe c:\windows\system32\wbem\wmiapsrv.exe . ************************************************************************ . Completion time: 2009-10-12 23:17 - machine was rebooted ComboFix-quarantined-files.txt 2009-10-12 21:17 ComboFix2.txt 2009-10-12 19:44 Pre-Run: 32,940,761,088 bytes free Post-Run: 32,875,114,496 bytes free 293 --- E O F --- 2009-10-10 07:16 Sto se tice programa c:\program files\System Control Manager, nisam nikada obracao paznju na njega, niti ga koristio. Izgleda da je to neki MSI program za laptop. Rado cu ga izbrisati ukoliko nije bitan?!

Profil

diarno Poslao: 13 Okt 2009 11:08 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ne..ne..nemoj ga brisati..bilo mi je bitno dal je legalan da ti ne trazim na upload za dzabe... Dalje.. uploaduj mi sledeci fajl C:\Qoobox\Quarantine\C\WINDOWS\system32\dlkjtn.dll.vir preko sledece forme : http://www.mycity.rs/ambulanta-upload.php

Profil

vladimirNS Poslao: 15 Okt 2009 17:29 Idi na vrh
offline vladimirNS Građanin Pridružio: 11 Maj 2004 Poruke: 145 Gde živiš: Novi Sad	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 13 Okt 2009 16:48 Trazeni fajl ne mogu da nadjem, dovde C:\Qoobox\Quarantine\C\ je u redu ali posle toga nema WINDOWS\system32.....imam PROGRAM FILES\ASKSEARCH\BIN\.. Dopuna: 15 Okt 2009 17:29 Samo da podsetim na temu.

Profil

diarno Poslao: 15 Okt 2009 17:36 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sada stanje?

Profil

vladimirNS Poslao: 15 Okt 2009 18:30 Idi na vrh
offline vladimirNS Građanin Pridružio: 11 Maj 2004 Poruke: 145 Gde živiš: Novi Sad	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Deluje dobro. Sta sa onim fajlom?

Profil

diarno Poslao: 16 Okt 2009 13:42 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! NiMa nebitno..samo sam hteo da ga uzmem na analizu Uradi sledece : Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: combofix /u Primeti da postoji razmak između "ComboFix" i "/u". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Usporen PC

Ko je trenutno na forumu

Ukupno su 1143 korisnika na forumu :: 19 registrovanih, 2 sakrivenih i 1122 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Andrija357, babaroga, drimer, GandorCC, indja, JohnnyBoii, Koca Popovic, Lazarus, Milos ZA, mnn2, nikoladim, novator, operniki, puki123, raso76, Trpe Grozni, Vlada1389, vladulns, zlatkoa987

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by