MyCity » Ambulanta -> Arhiva Ambulante » problem sa malawareom

problem sa malawareom

Napisano na dan: 17.7.2008

Strana:
1
2

problem sa malawareom

Sledeća strana

Pagination

Odgovori

Strana:
1
2

corto_ Poslao: 17 Jul 2008 10:37 Idi na vrh
offline corto_ Novi MyCity građanin Pridružio: 06 Feb 2008 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! mislim da imam problema sa radom racunara pa sam skenirao ovo po uputstvu valjda je dobro... Logfile of HijackThis v1.99.1 Scan saved at 10:32, on 2008-07-17 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Messenger\MSMSGS.EXE C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Documents and Settings\xx\Desktop\novi folder\TR3.exe.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.ba/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - messenger.msn.com/download/MsnMessengerSetupDownloader.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{FD377C75-BFC8-4E74-95E5-747BDC9738C7}: NameServer = 212.39.98.162,212.39.98.161 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

Profil

helen1 Poslao: 17 Jul 2008 11:07 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! A, koji su to problemi?

Profil

corto_ Poslao: 17 Jul 2008 12:14 Idi na vrh
offline corto_ Novi MyCity građanin Pridružio: 06 Feb 2008 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! iskacu mi neke gluposti....a anti virus mi nista ne pokaziva.....

Profil

helen1 Poslao: 17 Jul 2008 12:18 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Koji antivirus uopste koristis? McAfee?

Profil

corto_ Poslao: 17 Jul 2008 12:32 Idi na vrh
offline corto_ Novi MyCity građanin Pridružio: 06 Feb 2008 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! njega koristim, a juce ili prekljuce sam uradio update za windows i izgleda da mi je kroz to uslo nesto...ne znam kako ali evo maloprije mi je mcafee izbacio da je izbrisao neki virus...nesto generic downloader file...nesto takvo i to 2 puta u pola sata nesto slicno brise....

Profil

helen1 Poslao: 17 Jul 2008 13:04 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Mozes li da mi napises sta ti tacno pise, koju poruku izbacuje? * Klikni desnim tasterom na McAfee Antivirus ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Exit. * Kada se pojavi upit o isključivanju, klikni Yes. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. -------------------- Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

corto_ Poslao: 17 Jul 2008 16:53 Idi na vrh
offline corto_ Novi MyCity građanin Pridružio: 06 Feb 2008 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! sto se tice izbrisanih ti virusa pise da brise "generic downloader.az"....evo skenirao sam ovo ali sad nakon skeniranja izgubio sam sve bookmarkse iz firefoxa..... ComboFix 08-07-15.4 - xx 2008-07-17 15:47:50.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1250.1.1033.18.188 [GMT 2:00] Running from: C:\Documents and Settings\xx\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-06-17 to 2008-07-17 ))))))))))))))))))))))))))))))) . 2008-07-17 15:44 . 2008-07-15 09:10 0 --a------ C:\WINDOWS\system32\Fpd0b2Pb.exe.a_a 2008-07-16 10:11 . 2008-07-16 10:11 20,480 --a------ C:\WINDOWS\system32\FoH7v2e7.dll 2008-07-15 17:14 . 2008-06-13 13:05 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-07-15 17:11 . 2008-05-08 16:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys 2008-07-15 09:10 . 2008-07-15 09:10 29,760 --a------ C:\WINDOWS\system32\Fpd0b2Pb.exe 2008-07-12 17:26 . 2008-07-12 17:26 <DIR> d-------- C:\Program Files\SceneCaster 2008-07-09 14:51 . 2008-07-09 14:51 <DIR> d-------- C:\WINDOWS\system32\scripting 2008-07-09 14:51 . 2008-04-14 05:42 1,306,624 -----c--- C:\WINDOWS\system32\dllcache\msxml6.dll 2008-07-09 14:51 . 2008-04-14 05:40 102,912 -----c--- C:\WINDOWS\system32\dllcache\dpcdll.dll 2008-07-09 14:51 . 2008-04-13 22:57 79,872 -----c--- C:\WINDOWS\system32\dllcache\msxml6r.dll 2008-07-09 14:45 . 2008-04-13 22:06 144,384 --------- C:\WINDOWS\system32\drivers\hdaudbus.sys 2008-07-09 14:43 . 2006-12-29 00:31 19,569 --a------ C:\WINDOWS\000002_.tmp 2008-07-07 16:31 . 2008-07-07 16:32 <DIR> d--h----- C:\Program Files\Zero G Registry 2008-07-07 16:31 . 2008-07-07 16:31 <DIR> d--h----- C:\Documents and Settings\xx\InstallAnywhere . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-07-17 13:44 --------- d-----w C:\Documents and Settings\xx\Application Data\SiteAdvisor 2008-07-16 17:40 --------- d-----w C:\Program Files\settingsRX 2008-06-13 11:05 272,128 ------w C:\WINDOWS\system32\drivers\bthport.sys 2008-06-11 11:02 --------- d-----w C:\Program Files\Motorola 2008-06-11 11:02 --------- d-----w C:\Program Files\Common Files\Motorola Shared 2008-06-03 13:32 --------- d-----w C:\Documents and Settings\xx\Application Data\Skype 2008-05-09 10:53 90,112 ----a-w C:\WINDOWS\system32\wshext.dll 2008-05-09 10:53 430,080 ----a-w C:\WINDOWS\system32\vbscript.dll 2008-05-09 10:53 180,224 ----a-w C:\WINDOWS\system32\scrobj.dll 2008-05-09 10:53 172,032 ----a-w C:\WINDOWS\system32\scrrun.dll 2008-05-08 11:24 155,648 ----a-w C:\WINDOWS\system32\wscript.exe 2008-05-07 09:07 135,168 ----a-w C:\WINDOWS\system32\cscript.exe 2008-05-07 05:12 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll 2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2005-07-12 18:16 284 ----a-w C:\Documents and Settings\xx\Application Data\ViewerApp.dat 2004-11-01 17:41 0 -c--a-w C:\Documents and Settings\Guest\4.dat 2004-11-01 17:41 0 -c--a-w C:\Documents and Settings\Guest\3.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-01-04 15:17 1937408] "MSMSGS"="C:\Program Files\Messenger\MSMSGS.EXE" [2008-04-14 05:42 1695232] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2006-05-19 19:11 18577448] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 05:42 15360] "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-07-02 12:27 219520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ShStatEXE"="C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" [2003-03-06 08:00 90182] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 05:42 15360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{650CA63D-4A01-4BF8-A608-9B1EBB36292E}"= "C:\WINDOWS\system32\FoH7v2e7.dll" [2008-07-16 10:11 20480] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.AP41"= APmpg4v1.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Acrobat Assistant.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Acrobat Assistant.lnk backup=C:\WINDOWS\pss\Acrobat Assistant.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^GetRight - Tray Icon.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\GetRight - Tray Icon.lnk backup=C:\WINDOWS\pss\GetRight - Tray Icon.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^ImageFox.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\ImageFox.lnk backup=C:\WINDOWS\pss\ImageFox.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Picture Package Menu.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Picture Package Menu.lnk backup=C:\WINDOWS\pss\Picture Package Menu.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Picture Package VCD Maker.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Picture Package VCD Maker.lnk backup=C:\WINDOWS\pss\Picture Package VCD Maker.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^WinZip Quick Pick.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\WinZip Quick Pick.lnk backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^xx^Start Menu^Programs^Startup^Yahoo! Widget Engine.lnk] path=C:\Documents and Settings\xx\Start Menu\Programs\Startup\Yahoo! Widget Engine.lnk backup=C:\WINDOWS\pss\Yahoo! Widget Engine.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkypeMate] NULL [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti-Blaxx Manager] --a------ 2005-05-18 16:08 208896 C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] --a------ 2005-01-19 22:40 339968 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtcMaestro] -----c--- 2002-11-27 14:47 159744 C:\Program Files\KMaestro\Kmaestro.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeviceDiscovery] --a------ 2003-05-21 19:37 229437 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] --a------ 2003-10-23 20:51 233472 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] --a--c--- 2003-06-25 12:24 49152 C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility] --a------ 2003-07-28 15:43 188416 C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McAfeeUpdaterUI] --a------ 2003-02-25 13:00 139347 C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --a------ 2008-04-14 05:42 1695232 C:\Program Files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray] --a------ 2007-06-27 14:54 1051464 C:\Program Files\Spyware Doctor\SDTrayApp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon] --a------ 2002-04-17 11:42 69632 C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] --a------ 2006-05-19 19:11 18577448 C:\Program Files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2005-04-13 04:48 36975 C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] --a------ 2004-12-20 20:41 33792 C:\Program Files\Winamp\winampa.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\Program Files\\LimeWire\\LimeWire.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\BitComet\\BitComet.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= S3 k510bus;Sony Ericsson K510 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\k510bus.sys [2006-08-06 20:22] S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k510mdfl.sys [2006-08-06 20:22] S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\k510mdm.sys [2006-08-06 20:22] S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\k510mgmt.sys [2006-08-06 20:22] S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\k510obex.sys [2006-08-06 20:22] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 12:31] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{08e4b6af-960e-11dc-ae6b-806d6172696f}] \Shell\AutoRun\command - F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b165717-8c8c-11dc-8bc1-000ea6c3dede}] \Shell\AutoRun\command - F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20ef782d-9a0a-11dc-98da-806d6172696f}] \Shell\AutoRun\command - D:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f095e02e-9506-11dc-9ce6-806d6172696f}] \Shell\AutoRun\command - G:\AutoRun.exe Newly Created Service - CATCHME . Contents of the 'Scheduled Tasks' folder "2008-07-15 07:10:36 C:\WINDOWS\Tasks\At1.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-17 07:00:02 C:\WINDOWS\Tasks\At10.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-17 08:00:02 C:\WINDOWS\Tasks\At11.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-15 09:00:01 C:\WINDOWS\Tasks\At12.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-17 10:00:02 C:\WINDOWS\Tasks\At13.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-16 11:00:05 C:\WINDOWS\Tasks\At14.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-17 12:00:02 C:\WINDOWS\Tasks\At15.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-17 13:00:02 C:\WINDOWS\Tasks\At16.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-16 14:00:02 C:\WINDOWS\Tasks\At17.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-15 15:00:01 C:\WINDOWS\Tasks\At18.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-15 16:00:04 C:\WINDOWS\Tasks\At19.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-15 07:10:36 C:\WINDOWS\Tasks\At2.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-16 17:00:04 C:\WINDOWS\Tasks\At20.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-15 07:10:36 C:\WINDOWS\Tasks\At21.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-15 19:00:03 C:\WINDOWS\Tasks\At22.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-15 20:00:02 C:\WINDOWS\Tasks\At23.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-15 07:10:36 C:\WINDOWS\Tasks\At24.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-15 07:10:36 C:\WINDOWS\Tasks\At3.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-15 07:10:36 C:\WINDOWS\Tasks\At4.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-15 07:10:36 C:\WINDOWS\Tasks\At5.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-15 07:10:36 C:\WINDOWS\Tasks\At6.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-15 07:10:36 C:\WINDOWS\Tasks\At7.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-15 07:10:36 C:\WINDOWS\Tasks\At8.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2008-07-17 06:00:04 C:\WINDOWS\Tasks\At9.job" - C:\WINDOWS\system32\Fpd0b2Pb.exe "2007-12-18 12:00:33 C:\WINDOWS\Tasks\UPS System Shutdown Program.job" "2006-07-10 08:18:37 C:\WINDOWS\Tasks\UPS-program za isključivanje računala.job" . - - - - ORPHANS REMOVED - - - - HKCU-Run-updateMgr - C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe SharedTaskScheduler-coursings - (no file) MSConfigStartUp-16keep - C:\DOCUME~1\xx\APPLIC~1\CREATI~1\City Plan.exe MSConfigStartUp-DAEMON Tools-1033 - C:\Program Files\D-Tools\daemon.exe MSConfigStartUp-iTunesHelper - C:\Program Files\iTunes\iTunesHelper.exe MSConfigStartUp-MsnMsgr - C:\Program Files\MSN Messenger\msnmsgr.exe MSConfigStartUp-QuickTime Task - C:\Program Files\QuickTime\qttask.exe MSConfigStartUp-SpySweeper - C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-07-17 15:52:21 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ************************************************************************ . Completion time: 2008-07-17 15:56:20 ComboFix-quarantined-files.txt 2008-07-17 13:55:14 Pre-Run: 2,315,370,496 bytes free Post-Run: 2,507,776,000 bytes free 219 --- E O F --- 2008-07-15 16:05:57 Dopuna: 17 Jul 2008 16:53 samo da kazem da sam ove bookkmarkse rijesio i da nije vjerovatno bilo do ovog skeniranja

Profil

helen1 Poslao: 17 Jul 2008 21:37 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Opet iskljuci McAfee, kao malopre i uradi sledece: Otvoriti Notepad i iskopirati sledeci tekst: File:: C:\WINDOWS\system32\FoH7v2e7.dll C:\WINDOWS\system32\Fpd0b2Pb.exe C:\WINDOWS\Tasks\At1.job C:\WINDOWS\Tasks\At10.job C:\WINDOWS\Tasks\At11.job C:\WINDOWS\Tasks\At12.job C:\WINDOWS\Tasks\At13.job C:\WINDOWS\Tasks\At14.job C:\WINDOWS\Tasks\At15.job C:\WINDOWS\Tasks\At16.job C:\WINDOWS\Tasks\At17.job C:\WINDOWS\Tasks\At18.job C:\WINDOWS\Tasks\At19.job C:\WINDOWS\Tasks\At2.job C:\WINDOWS\Tasks\At20.job C:\WINDOWS\Tasks\At21.job C:\WINDOWS\Tasks\At22.job C:\WINDOWS\Tasks\At23.job C:\WINDOWS\Tasks\At24.job C:\WINDOWS\Tasks\At3.job C:\WINDOWS\Tasks\At4.job C:\WINDOWS\Tasks\At5.job C:\WINDOWS\Tasks\At6.job C:\WINDOWS\Tasks\At7.job C:\WINDOWS\Tasks\At8.job C:\WINDOWS\Tasks\At9.job Registry:: [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{650CA63D-4A01-4BF8-A608-9B1EBB36292E}"=- Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

corto_ Poslao: 18 Jul 2008 09:32 Idi na vrh
offline corto_ Novi MyCity građanin Pridružio: 06 Feb 2008 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-07-15.4 - xx 2008-07-18 9:13:47.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1250.1.1033.18.117 [GMT 2:00] Running from: C:\Documents and Settings\xx\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\xx\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: C:\WINDOWS\system32\FoH7v2e7.dll C:\WINDOWS\system32\Fpd0b2Pb.exe C:\WINDOWS\Tasks\At1.job C:\WINDOWS\Tasks\At10.job C:\WINDOWS\Tasks\At11.job C:\WINDOWS\Tasks\At12.job C:\WINDOWS\Tasks\At13.job C:\WINDOWS\Tasks\At14.job C:\WINDOWS\Tasks\At15.job C:\WINDOWS\Tasks\At16.job C:\WINDOWS\Tasks\At17.job C:\WINDOWS\Tasks\At18.job C:\WINDOWS\Tasks\At19.job C:\WINDOWS\Tasks\At2.job C:\WINDOWS\Tasks\At20.job C:\WINDOWS\Tasks\At21.job C:\WINDOWS\Tasks\At22.job C:\WINDOWS\Tasks\At23.job C:\WINDOWS\Tasks\At24.job C:\WINDOWS\Tasks\At3.job C:\WINDOWS\Tasks\At4.job C:\WINDOWS\Tasks\At5.job C:\WINDOWS\Tasks\At6.job C:\WINDOWS\Tasks\At7.job C:\WINDOWS\Tasks\At8.job C:\WINDOWS\Tasks\At9.job . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\FoH7v2e7.dll C:\WINDOWS\system32\Fpd0b2Pb.exe C:\WINDOWS\Tasks\At1.job C:\WINDOWS\Tasks\At10.job C:\WINDOWS\Tasks\At11.job C:\WINDOWS\Tasks\At12.job C:\WINDOWS\Tasks\At13.job C:\WINDOWS\Tasks\At14.job C:\WINDOWS\Tasks\At15.job C:\WINDOWS\Tasks\At16.job C:\WINDOWS\Tasks\At17.job C:\WINDOWS\Tasks\At18.job C:\WINDOWS\Tasks\At19.job C:\WINDOWS\Tasks\At2.job C:\WINDOWS\Tasks\At20.job C:\WINDOWS\Tasks\At21.job C:\WINDOWS\Tasks\At22.job C:\WINDOWS\Tasks\At23.job C:\WINDOWS\Tasks\At24.job C:\WINDOWS\Tasks\At3.job C:\WINDOWS\Tasks\At4.job C:\WINDOWS\Tasks\At5.job C:\WINDOWS\Tasks\At6.job C:\WINDOWS\Tasks\At7.job C:\WINDOWS\Tasks\At8.job C:\WINDOWS\Tasks\At9.job . ((((((((((((((((((((((((( Files Created from 2008-06-18 to 2008-07-18 ))))))))))))))))))))))))))))))) . 2008-07-18 09:12 . 2008-07-15 09:10 0 --a------ C:\WINDOWS\system32\Fpd0b2Pb.exe.a_a 2008-07-15 17:14 . 2008-06-13 13:05 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-07-15 17:11 . 2008-05-08 16:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys 2008-07-12 17:26 . 2008-07-12 17:26 <DIR> d-------- C:\Program Files\SceneCaster 2008-07-09 14:51 . 2008-07-09 14:51 <DIR> d-------- C:\WINDOWS\system32\scripting 2008-07-09 14:51 . 2008-04-14 05:42 1,306,624 -----c--- C:\WINDOWS\system32\dllcache\msxml6.dll 2008-07-09 14:51 . 2008-04-14 05:40 102,912 -----c--- C:\WINDOWS\system32\dllcache\dpcdll.dll 2008-07-09 14:51 . 2008-04-13 22:57 79,872 -----c--- C:\WINDOWS\system32\dllcache\msxml6r.dll 2008-07-09 14:45 . 2008-04-13 22:06 144,384 --------- C:\WINDOWS\system32\drivers\hdaudbus.sys 2008-07-09 14:43 . 2006-12-29 00:31 19,569 --a------ C:\WINDOWS\000002_.tmp 2008-07-07 16:31 . 2008-07-07 16:32 <DIR> d--h----- C:\Program Files\Zero G Registry 2008-07-07 16:31 . 2008-07-07 16:31 <DIR> d--h----- C:\Documents and Settings\xx\InstallAnywhere . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-07-18 07:10 --------- d-----w C:\Documents and Settings\xx\Application Data\SiteAdvisor 2008-07-16 17:40 --------- d-----w C:\Program Files\settingsRX 2008-06-13 11:05 272,128 ------w C:\WINDOWS\system32\drivers\bthport.sys 2008-06-11 11:02 --------- d-----w C:\Program Files\Motorola 2008-06-11 11:02 --------- d-----w C:\Program Files\Common Files\Motorola Shared 2008-06-03 13:32 --------- d-----w C:\Documents and Settings\xx\Application Data\Skype 2008-05-09 10:53 90,112 ----a-w C:\WINDOWS\system32\wshext.dll 2008-05-09 10:53 430,080 ----a-w C:\WINDOWS\system32\vbscript.dll 2008-05-09 10:53 180,224 ----a-w C:\WINDOWS\system32\scrobj.dll 2008-05-09 10:53 172,032 ----a-w C:\WINDOWS\system32\scrrun.dll 2008-05-08 11:24 155,648 ----a-w C:\WINDOWS\system32\wscript.exe 2008-05-07 09:07 135,168 ----a-w C:\WINDOWS\system32\cscript.exe 2008-05-07 05:12 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll 2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2005-07-12 18:16 284 ----a-w C:\Documents and Settings\xx\Application Data\ViewerApp.dat 2004-11-01 17:41 0 -c--a-w C:\Documents and Settings\Guest\4.dat 2004-11-01 17:41 0 -c--a-w C:\Documents and Settings\Guest\3.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-01-04 15:17 1937408] "MSMSGS"="C:\Program Files\Messenger\MSMSGS.EXE" [2008-04-14 05:42 1695232] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2006-05-19 19:11 18577448] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 05:42 15360] "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-07-02 12:27 219520] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ShStatEXE"="C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" [2003-03-06 08:00 90182] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 05:42 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.AP41"= APmpg4v1.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Acrobat Assistant.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Acrobat Assistant.lnk backup=C:\WINDOWS\pss\Acrobat Assistant.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^GetRight - Tray Icon.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\GetRight - Tray Icon.lnk backup=C:\WINDOWS\pss\GetRight - Tray Icon.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^ImageFox.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\ImageFox.lnk backup=C:\WINDOWS\pss\ImageFox.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Picture Package Menu.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Picture Package Menu.lnk backup=C:\WINDOWS\pss\Picture Package Menu.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^Picture Package VCD Maker.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\Picture Package VCD Maker.lnk backup=C:\WINDOWS\pss\Picture Package VCD Maker.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^WinZip Quick Pick.lnk] path=C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\WinZip Quick Pick.lnk backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^xx^Start Menu^Programs^Startup^Yahoo! Widget Engine.lnk] path=C:\Documents and Settings\xx\Start Menu\Programs\Startup\Yahoo! Widget Engine.lnk backup=C:\WINDOWS\pss\Yahoo! Widget Engine.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkypeMate] NULL [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Anti-Blaxx Manager] --a------ 2005-05-18 16:08 208896 C:\Program Files\Anti-Blaxx\Anti-Blaxx.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] --a------ 2005-01-19 22:40 339968 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BtcMaestro] -----c--- 2002-11-27 14:47 159744 C:\Program Files\KMaestro\Kmaestro.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeviceDiscovery] --a------ 2003-05-21 19:37 229437 C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] --a------ 2003-10-23 20:51 233472 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] --a--c--- 2003-06-25 12:24 49152 C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility] --a------ 2003-07-28 15:43 188416 C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McAfeeUpdaterUI] --a------ 2003-02-25 13:00 139347 C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --a------ 2008-04-14 05:42 1695232 C:\Program Files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray] --a------ 2007-06-27 14:54 1051464 C:\Program Files\Spyware Doctor\SDTrayApp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon] --a------ 2002-04-17 11:42 69632 C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] --a------ 2006-05-19 19:11 18577448 C:\Program Files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2005-04-13 04:48 36975 C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] --a------ 2004-12-20 20:41 33792 C:\Program Files\Winamp\winampa.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\Program Files\\LimeWire\\LimeWire.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\BitComet\\BitComet.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= S3 k510bus;Sony Ericsson K510 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\k510bus.sys [2006-08-06 20:22] S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k510mdfl.sys [2006-08-06 20:22] S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\k510mdm.sys [2006-08-06 20:22] S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\k510mgmt.sys [2006-08-06 20:22] S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\k510obex.sys [2006-08-06 20:22] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 12:31] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{08e4b6af-960e-11dc-ae6b-806d6172696f}] \Shell\AutoRun\command - F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b165717-8c8c-11dc-8bc1-000ea6c3dede}] \Shell\AutoRun\command - F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{20ef782d-9a0a-11dc-98da-806d6172696f}] \Shell\AutoRun\command - D:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f095e02e-9506-11dc-9ce6-806d6172696f}] \Shell\AutoRun\command - G:\AutoRun.exe . Contents of the 'Scheduled Tasks' folder "2007-12-18 12:00:33 C:\WINDOWS\Tasks\UPS System Shutdown Program.job" "2006-07-10 08:18:37 C:\WINDOWS\Tasks\UPS-program za isključivanje računala.job" . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-07-18 09:18:00 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ************************************************************************ . Completion time: 2008-07-18 9:23:24 ComboFix-quarantined-files.txt 2008-07-18 07:22:20 ComboFix2.txt 2008-07-17 13:56:21 Pre-Run: 2,501,177,344 bytes free Post-Run: 2,480,717,824 bytes free 215 --- E O F --- 2008-07-15 16:05:57

Profil

helen1 Poslao: 18 Jul 2008 11:18 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sad stanje?

Profil

MyCity » Ambulanta -> Arhiva Ambulante » problem sa malawareom

Ko je trenutno na forumu

Ukupno su 1004 korisnika na forumu :: 27 registrovanih, 3 sakrivenih i 974 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Ben Roj, bigfoot, bojank, Dimitrije Paunovic, drimer, dule10savic, Frunze, HogarStrashni, Istman, Kriglord, m0nstrum_, mercedesamg, milenko crazy north, milos.cbr, MilosKop, nemkea71, novator, ozzy, Povratak1912, procesor, sap, savaskytec, SR-3m, stegonosa, Toper, WerWolf14, Wrangler

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by