Član
- Učlanjen(a)
- 19.04.2009
- Poruka
- 513
{Arhiv} stari postovi - rešeni problemi
- Začetnik teme superlik
- Datum pokretanja
- Status
Član
- Učlanjen(a)
- 19.04.2009
- Poruka
- 513
Moras skinuti net framework sa microsoft-ovog sajta
Izaberi koji ti odgovara
Microsoft Download Center: Search Results
Izaberi koji ti odgovara
Microsoft Download Center: Search Results
Jel se desio nekom slican problem i da li postoji resenje osim obaranja sistema???? Ne mogu da pokrenem taskmenager, izbacuje sledece (task manager has been disabled by your administrator)....Sto je najgore ne mogu ni jedan antivirus da instaliram jer cim se pokrene instalacija, odmah nestane, sve se gasi vec na prvom koraku...Bilo koji link na netu otvaram bez problema (Koristim IE 8) osim link nekog antivirusa (bilo kog)...Tu stranu ucitava citavu vecnost i nista...Pokusao sam iz Safe moda da instaliram antivirus, medjutim ne mogu ni u safe mod da udjem.. Da li neko ima neko resenje za ovakav nimalo jednostavan problem????
Član
- Učlanjen(a)
- 18.06.2009
- Poruka
- 790
Desava mi se u poslednjih nekoliko dana da kad koristim Mozzilu i na primer udjem na ovu stranicu i pokusam da udarim reload ili da udjem u neki podforum...totalno nebitno...nece da mi ucita...nijednu stranicu...znaci KAO da krene da ucitava na sekundu i nista...kao da nisam konektovan samo sto ne izbacuje don't send,nego cisto bela stranica.Reinstalirao sam Mozzilu i opet mi se isto desava.Zna li neko mozda u cemu je problem i kako da ga resim?:/
probaj ovako
Klikni Start > Run pa iskopiraj ovo i lupi enter
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /fI
poslije toga skeniraj kpmp sa MalwareBytes anti-malware jer si vjerovatno nakupio malwarea
Klikni Start > Run pa iskopiraj ovo i lupi enter
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /fI
poslije toga skeniraj kpmp sa MalwareBytes anti-malware jer si vjerovatno nakupio malwarea
Eco Rime
ComboFix 09-08-10.06 - Bojan 12.08.2009 23:31.1.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.511.334 [GMT 2:00]
Running from: c:\documents and settings\Bojan\Desktop\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Installer\2786a.msi
D:\resycled
d:\resycled\boot.com
.
((((((((((((((((((((((((( Files Created from 2009-07-12 to 2009-08-12 )))))))))))))))))))))))))))))))
.
2009-08-12 21:16 . 2009-08-12 21:25 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-12 21:16 . 2009-08-12 21:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-08-12 20:55 . 2009-08-12 21:11 -------- d-----w- c:\program files\WinSpeedUp
2009-08-12 20:55 . 2007-03-21 16:58 122496 ----a-w- c:\windows\system32\msstdfmt.dll
2009-08-12 20:29 . 2009-08-12 20:29 -------- d-----w- c:\windows\system32\wbem\Repository
2009-08-11 23:09 . 2009-08-11 23:09 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2009-08-11 22:46 . 2009-08-11 22:46 -------- d-sh--w- C:\INCINERATE
2009-08-11 22:44 . 2009-08-11 22:44 -------- d-----w- c:\documents and settings\Bojan\Local Settings\Application Data\Help
2009-08-11 22:40 . 2009-08-11 23:09 -------- d-----w- c:\program files\Common Files\Kaspersky Lab
2009-08-11 22:40 . 2009-08-11 23:09 -------- d-----w- c:\program files\Kaspersky Lab
2009-08-11 22:39 . 2004-09-20 09:17 567808 ----a-w- c:\windows\system32\Incinerator.dll
2009-08-11 22:39 . 2004-08-28 13:18 25264 ----a-w- c:\windows\system32\smrgdf.exe
2009-08-11 22:39 . 2009-08-11 23:09 -------- d-----w- c:\program files\iolo
2009-08-11 22:39 . 2004-09-16 15:07 31454 ----a-w- c:\windows\system32\iolobtdfg.exe
2009-08-11 22:28 . 2009-08-11 22:28 -------- d-----w- c:\program files\Lavasoft
2009-08-11 22:09 . 2009-08-11 22:09 -------- d-----w- c:\documents and settings\Bojan\Application Data\Malwarebytes
2009-08-11 22:09 . 2009-08-11 22:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-08-11 20:36 . 2009-08-11 20:36 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-08-09 16:37 . 2009-08-09 16:38 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-08-09 16:37 . 2009-08-09 16:37 -------- d-----w- C:\Fraps
2009-08-06 17:41 . 2009-08-06 17:41 -------- d-----w- c:\documents and settings\Bojan\LocalLow
2009-08-06 17:41 . 2009-08-06 17:41 -------- d-----w- c:\documents and settings\Bojan\Local Settings\Application Data\TVU Networks
2009-08-06 17:41 . 2009-08-06 17:41 -------- d-----w- c:\documents and settings\All Users\Application Data\TVU Networks
2009-08-06 17:23 . 2009-08-06 21:05 -------- d-----w- c:\documents and settings\Bojan\Application Data\TeamViewer
2009-08-06 17:23 . 2009-08-06 17:23 -------- d-----w- c:\program files\TeamViewer
2009-08-06 17:23 . 2009-08-06 17:23 -------- d-----w- c:\documents and settings\Bojan\temp
2009-08-06 00:35 . 2009-08-06 00:36 -------- d-----w- c:\documents and settings\Bojan\Application Data\GetRightToGo
2009-07-29 07:35 . 2009-07-03 17:09 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-07-29 07:35 . 2009-07-03 17:09 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-07-22 21:24 . 2004-05-14 14:53 401408 ----a-w- c:\windows\system32\lfcmp13n.dll
2009-07-22 21:24 . 2004-01-12 00:09 206336 ----a-w- c:\windows\system32\ltefx13n.dll
2009-07-22 21:24 . 2003-11-04 13:10 69632 ----a-w- c:\windows\system32\lfgif13n.dll
2009-07-22 21:24 . 2004-05-14 14:53 462848 ----a-w- c:\windows\system32\ltkrn13n.dll
2009-07-22 21:24 . 2004-05-14 14:53 450560 ----a-w- c:\windows\system32\ltimg13n.dll
2009-07-22 21:24 . 2004-05-14 14:53 299008 ----a-w- c:\windows\system32\ltdis13n.dll
2009-07-22 21:24 . 2004-05-14 14:53 163840 ----a-w- c:\windows\system32\ltfil13n.dll
2009-07-22 21:24 . 2004-05-14 14:53 57344 ----a-w- c:\windows\system32\lfbmp13n.dll
2009-07-22 16:58 . 2009-07-22 16:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-07-22 14:55 . 2009-07-22 14:55 -------- d-----w- c:\program files\Messenger Plus! Live
2009-07-21 08:34 . 2009-07-21 08:34 -------- d-----w- c:\program files\ACSPMonitor
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-12 21:25 . 2009-06-17 13:11 -------- d-----w- c:\program files\DNA
2009-08-12 21:25 . 2009-06-17 13:11 -------- d-----w- c:\documents and settings\Bojan\Application Data\DNA
2009-08-12 20:15 . 2009-06-18 20:42 10 ----a-w- c:\windows\popcinfo.dat
2009-08-11 22:51 . 2009-06-19 14:51 -------- d-----w- c:\documents and settings\Bojan\Application Data\BitTorrent
2009-08-11 22:40 . 2009-06-17 11:49 -------- d-----w- c:\program files\Common Files\InstallShield
2009-08-01 07:33 . 2009-06-17 12:22 -------- d-----w- c:\program files\Microsoft Silverlight
2009-07-22 14:55 . 2009-06-17 12:15 13688 ----a-w- c:\documents and settings\Bojan\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-15 05:20 . 2009-07-03 19:16 -------- d-----w- c:\program files\Valve
2009-07-07 12:10 . 2009-06-17 11:41 86327 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-07-05 11:07 . 2009-07-02 14:45 -------- d-----w- c:\program files\Engleski
2009-07-03 17:09 . 2002-08-29 01:41 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-02 18:42 . 2009-07-02 18:13 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-07-02 18:42 . 2009-07-02 18:13 -------- d-----w- c:\program files\NOS
2009-07-02 18:19 . 2009-07-02 18:19 -------- d-----w- c:\program files\Common Files\Adobe
2009-07-02 18:16 . 2009-07-02 18:16 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-07-02 18:13 . 2009-07-02 18:13 155648 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
2009-07-02 13:35 . 2009-06-27 11:49 -------- d-----w- c:\program files\Common Files\Real
2009-07-02 13:35 . 2009-07-02 13:35 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-07-02 13:35 . 2009-07-02 13:35 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-07-02 13:35 . 2009-07-02 13:35 -------- d-----w- c:\program files\Real
2009-06-27 11:49 . 2009-06-27 11:49 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-21 06:46 . 2009-06-21 06:46 2678 ----a-w- c:\windows\java\Packages\Data\S7JPFF1N.DAT
2009-06-21 06:46 . 2009-06-21 06:46 2678 ----a-w- c:\windows\java\Packages\Data\ZR7DBFPF.DAT
2009-06-21 06:46 . 2009-06-21 06:46 2678 ----a-w- c:\windows\java\Packages\Data\U7DJB5B7.DAT
2009-06-21 06:46 . 2009-06-21 06:46 2678 ----a-w- c:\windows\java\Packages\Data\QXZ7XBRV.DAT
2009-06-21 06:46 . 2009-06-21 06:46 2678 ----a-w- c:\windows\java\Packages\Data\EXJZDBR7.DAT
2009-06-19 14:03 . 2009-06-19 13:53 -------- d-----w- c:\documents and settings\Bojan\Application Data\BSplayer
2009-06-19 13:53 . 2009-06-19 13:53 -------- d-----w- c:\program files\Webteh
2009-06-19 13:53 . 2009-06-19 13:53 -------- d-----w- c:\documents and settings\Bojan\Application Data\BSplayer Pro
2009-06-19 13:47 . 2009-06-19 13:46 -------- d-----w- c:\documents and settings\Bojan\Application Data\Media Player Classic
2009-06-19 13:45 . 2009-06-19 13:45 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-06-18 12:50 . 2009-06-18 12:50 -------- d-----w- c:\program files\VDOWNLOADER
2009-06-18 11:58 . 2009-06-18 11:58 -------- d-----w- c:\program files\BurnAware Free
2009-06-17 20:00 . 2009-06-17 20:00 -------- d-----w- c:\documents and settings\Bojan\Application Data\teamspeak2
2009-06-17 20:00 . 2009-06-17 17:34 -------- d-----w- c:\program files\Teamspeak2_RC2
2009-06-17 16:59 . 2009-06-17 16:59 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-17 13:11 . 2009-06-17 13:11 -------- d-----w- c:\program files\BitTorrent
2009-06-17 12:38 . 2009-06-17 12:38 -------- d-----w- c:\program files\Microsoft
2009-06-17 12:38 . 2009-06-17 12:38 -------- d-----w- c:\program files\Windows Live
2009-06-17 12:38 . 2009-06-17 12:38 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-06-17 12:30 . 2009-06-17 12:30 -------- d-----w- c:\program files\Common Files\Windows Live
2009-06-17 11:57 . 2009-06-17 11:57 -------- d-----w- c:\program files\CANYON CN-WCAM23 PC-Camera
2009-06-17 11:42 . 2009-06-17 11:42 -------- d-----w- c:\program files\microsoft frontpage
2009-06-17 11:42 . 2009-06-17 11:42 558142 ----a-w- c:\windows\java\Packages\Z9BTZR5Z.ZIP
2009-06-17 11:42 . 2009-06-17 11:42 155995 ----a-w- c:\windows\java\Packages\SY5FHR1V.ZIP
2009-06-17 11:39 . 2009-06-17 11:39 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-06-16 14:55 . 2001-08-23 11:00 82432 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:55 . 2001-08-23 11:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-03 19:27 . 2002-08-29 01:41 1290752 ----a-w- c:\windows\system32\quartz.dll
2009-06-02 16:11 . 2009-06-19 13:45 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-05-29 21:37 . 2009-06-19 13:45 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2009-05-29 21:31 . 2009-06-19 13:45 881664 ----a-w- c:\windows\system32\xvidcore.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\System32\NVMCTRAY.DLL" [2003-09-05 49152]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-06-17 318272]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-03 1806848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-09-05 4841472]
"BigDogPath"="c:\windows\VM_STI.EXE" [2004-08-20 114688]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 117616]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UacDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\ACSPMonitor\\ASMonitor.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\WINDOWS\\system32\\nwiz.exe"=
"c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\AGRSMMSG.exe"=
"c:\\WINDOWS\\VM_STI.EXE"=
R3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\jghsqj.sys --> c:\windows\system32\drivers\jghsqj.sys [?]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-08-12 c:\windows\Tasks\User_Feed_Synchronization-{DDE86278-21B5-428E-8994-8D157CFE59AC}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-Ins3DT - e:\install4\INS3DT.EXE
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyServer = 127.0.0.1:8081
uInternet Settings,ProxyOverride = local
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-08-12 23:35
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-08-12 23:37
ComboFix-quarantined-files.txt 2009-08-12 21:37
Pre-Run: 11.187.322.880 bytes free
Post-Run: 11.312.594.944 bytes free
191 --- E O F --- 2009-07-31 20:04
ComboFix 09-08-10.06 - Bojan 12.08.2009 23:31.1.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.511.334 [GMT 2:00]
Running from: c:\documents and settings\Bojan\Desktop\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\Installer\2786a.msi
D:\resycled
d:\resycled\boot.com
.
((((((((((((((((((((((((( Files Created from 2009-07-12 to 2009-08-12 )))))))))))))))))))))))))))))))
.
2009-08-12 21:16 . 2009-08-12 21:25 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-12 21:16 . 2009-08-12 21:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-08-12 20:55 . 2009-08-12 21:11 -------- d-----w- c:\program files\WinSpeedUp
2009-08-12 20:55 . 2007-03-21 16:58 122496 ----a-w- c:\windows\system32\msstdfmt.dll
2009-08-12 20:29 . 2009-08-12 20:29 -------- d-----w- c:\windows\system32\wbem\Repository
2009-08-11 23:09 . 2009-08-11 23:09 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2009-08-11 22:46 . 2009-08-11 22:46 -------- d-sh--w- C:\INCINERATE
2009-08-11 22:44 . 2009-08-11 22:44 -------- d-----w- c:\documents and settings\Bojan\Local Settings\Application Data\Help
2009-08-11 22:40 . 2009-08-11 23:09 -------- d-----w- c:\program files\Common Files\Kaspersky Lab
2009-08-11 22:40 . 2009-08-11 23:09 -------- d-----w- c:\program files\Kaspersky Lab
2009-08-11 22:39 . 2004-09-20 09:17 567808 ----a-w- c:\windows\system32\Incinerator.dll
2009-08-11 22:39 . 2004-08-28 13:18 25264 ----a-w- c:\windows\system32\smrgdf.exe
2009-08-11 22:39 . 2009-08-11 23:09 -------- d-----w- c:\program files\iolo
2009-08-11 22:39 . 2004-09-16 15:07 31454 ----a-w- c:\windows\system32\iolobtdfg.exe
2009-08-11 22:28 . 2009-08-11 22:28 -------- d-----w- c:\program files\Lavasoft
2009-08-11 22:09 . 2009-08-11 22:09 -------- d-----w- c:\documents and settings\Bojan\Application Data\Malwarebytes
2009-08-11 22:09 . 2009-08-11 22:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-08-11 20:36 . 2009-08-11 20:36 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-08-09 16:37 . 2009-08-09 16:38 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-08-09 16:37 . 2009-08-09 16:37 -------- d-----w- C:\Fraps
2009-08-06 17:41 . 2009-08-06 17:41 -------- d-----w- c:\documents and settings\Bojan\LocalLow
2009-08-06 17:41 . 2009-08-06 17:41 -------- d-----w- c:\documents and settings\Bojan\Local Settings\Application Data\TVU Networks
2009-08-06 17:41 . 2009-08-06 17:41 -------- d-----w- c:\documents and settings\All Users\Application Data\TVU Networks
2009-08-06 17:23 . 2009-08-06 21:05 -------- d-----w- c:\documents and settings\Bojan\Application Data\TeamViewer
2009-08-06 17:23 . 2009-08-06 17:23 -------- d-----w- c:\program files\TeamViewer
2009-08-06 17:23 . 2009-08-06 17:23 -------- d-----w- c:\documents and settings\Bojan\temp
2009-08-06 00:35 . 2009-08-06 00:36 -------- d-----w- c:\documents and settings\Bojan\Application Data\GetRightToGo
2009-07-29 07:35 . 2009-07-03 17:09 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-07-29 07:35 . 2009-07-03 17:09 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-07-22 21:24 . 2004-05-14 14:53 401408 ----a-w- c:\windows\system32\lfcmp13n.dll
2009-07-22 21:24 . 2004-01-12 00:09 206336 ----a-w- c:\windows\system32\ltefx13n.dll
2009-07-22 21:24 . 2003-11-04 13:10 69632 ----a-w- c:\windows\system32\lfgif13n.dll
2009-07-22 21:24 . 2004-05-14 14:53 462848 ----a-w- c:\windows\system32\ltkrn13n.dll
2009-07-22 21:24 . 2004-05-14 14:53 450560 ----a-w- c:\windows\system32\ltimg13n.dll
2009-07-22 21:24 . 2004-05-14 14:53 299008 ----a-w- c:\windows\system32\ltdis13n.dll
2009-07-22 21:24 . 2004-05-14 14:53 163840 ----a-w- c:\windows\system32\ltfil13n.dll
2009-07-22 21:24 . 2004-05-14 14:53 57344 ----a-w- c:\windows\system32\lfbmp13n.dll
2009-07-22 16:58 . 2009-07-22 16:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
2009-07-22 14:55 . 2009-07-22 14:55 -------- d-----w- c:\program files\Messenger Plus! Live
2009-07-21 08:34 . 2009-07-21 08:34 -------- d-----w- c:\program files\ACSPMonitor
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-12 21:25 . 2009-06-17 13:11 -------- d-----w- c:\program files\DNA
2009-08-12 21:25 . 2009-06-17 13:11 -------- d-----w- c:\documents and settings\Bojan\Application Data\DNA
2009-08-12 20:15 . 2009-06-18 20:42 10 ----a-w- c:\windows\popcinfo.dat
2009-08-11 22:51 . 2009-06-19 14:51 -------- d-----w- c:\documents and settings\Bojan\Application Data\BitTorrent
2009-08-11 22:40 . 2009-06-17 11:49 -------- d-----w- c:\program files\Common Files\InstallShield
2009-08-01 07:33 . 2009-06-17 12:22 -------- d-----w- c:\program files\Microsoft Silverlight
2009-07-22 14:55 . 2009-06-17 12:15 13688 ----a-w- c:\documents and settings\Bojan\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-15 05:20 . 2009-07-03 19:16 -------- d-----w- c:\program files\Valve
2009-07-07 12:10 . 2009-06-17 11:41 86327 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-07-05 11:07 . 2009-07-02 14:45 -------- d-----w- c:\program files\Engleski
2009-07-03 17:09 . 2002-08-29 01:41 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-02 18:42 . 2009-07-02 18:13 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-07-02 18:42 . 2009-07-02 18:13 -------- d-----w- c:\program files\NOS
2009-07-02 18:19 . 2009-07-02 18:19 -------- d-----w- c:\program files\Common Files\Adobe
2009-07-02 18:16 . 2009-07-02 18:16 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-07-02 18:13 . 2009-07-02 18:13 155648 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
2009-07-02 13:35 . 2009-06-27 11:49 -------- d-----w- c:\program files\Common Files\Real
2009-07-02 13:35 . 2009-07-02 13:35 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-07-02 13:35 . 2009-07-02 13:35 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-07-02 13:35 . 2009-07-02 13:35 -------- d-----w- c:\program files\Real
2009-06-27 11:49 . 2009-06-27 11:49 -------- d-----w- c:\program files\Common Files\xing shared
2009-06-21 06:46 . 2009-06-21 06:46 2678 ----a-w- c:\windows\java\Packages\Data\S7JPFF1N.DAT
2009-06-21 06:46 . 2009-06-21 06:46 2678 ----a-w- c:\windows\java\Packages\Data\ZR7DBFPF.DAT
2009-06-21 06:46 . 2009-06-21 06:46 2678 ----a-w- c:\windows\java\Packages\Data\U7DJB5B7.DAT
2009-06-21 06:46 . 2009-06-21 06:46 2678 ----a-w- c:\windows\java\Packages\Data\QXZ7XBRV.DAT
2009-06-21 06:46 . 2009-06-21 06:46 2678 ----a-w- c:\windows\java\Packages\Data\EXJZDBR7.DAT
2009-06-19 14:03 . 2009-06-19 13:53 -------- d-----w- c:\documents and settings\Bojan\Application Data\BSplayer
2009-06-19 13:53 . 2009-06-19 13:53 -------- d-----w- c:\program files\Webteh
2009-06-19 13:53 . 2009-06-19 13:53 -------- d-----w- c:\documents and settings\Bojan\Application Data\BSplayer Pro
2009-06-19 13:47 . 2009-06-19 13:46 -------- d-----w- c:\documents and settings\Bojan\Application Data\Media Player Classic
2009-06-19 13:45 . 2009-06-19 13:45 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-06-18 12:50 . 2009-06-18 12:50 -------- d-----w- c:\program files\VDOWNLOADER
2009-06-18 11:58 . 2009-06-18 11:58 -------- d-----w- c:\program files\BurnAware Free
2009-06-17 20:00 . 2009-06-17 20:00 -------- d-----w- c:\documents and settings\Bojan\Application Data\teamspeak2
2009-06-17 20:00 . 2009-06-17 17:34 -------- d-----w- c:\program files\Teamspeak2_RC2
2009-06-17 16:59 . 2009-06-17 16:59 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-17 13:11 . 2009-06-17 13:11 -------- d-----w- c:\program files\BitTorrent
2009-06-17 12:38 . 2009-06-17 12:38 -------- d-----w- c:\program files\Microsoft
2009-06-17 12:38 . 2009-06-17 12:38 -------- d-----w- c:\program files\Windows Live
2009-06-17 12:38 . 2009-06-17 12:38 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-06-17 12:30 . 2009-06-17 12:30 -------- d-----w- c:\program files\Common Files\Windows Live
2009-06-17 11:57 . 2009-06-17 11:57 -------- d-----w- c:\program files\CANYON CN-WCAM23 PC-Camera
2009-06-17 11:42 . 2009-06-17 11:42 -------- d-----w- c:\program files\microsoft frontpage
2009-06-17 11:42 . 2009-06-17 11:42 558142 ----a-w- c:\windows\java\Packages\Z9BTZR5Z.ZIP
2009-06-17 11:42 . 2009-06-17 11:42 155995 ----a-w- c:\windows\java\Packages\SY5FHR1V.ZIP
2009-06-17 11:39 . 2009-06-17 11:39 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-06-16 14:55 . 2001-08-23 11:00 82432 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:55 . 2001-08-23 11:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-03 19:27 . 2002-08-29 01:41 1290752 ----a-w- c:\windows\system32\quartz.dll
2009-06-02 16:11 . 2009-06-19 13:45 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-05-29 21:37 . 2009-06-19 13:45 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2009-05-29 21:31 . 2009-06-19 13:45 881664 ----a-w- c:\windows\system32\xvidcore.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\System32\NVMCTRAY.DLL" [2003-09-05 49152]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-06-17 318272]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-03 1806848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-09-05 4841472]
"BigDogPath"="c:\windows\VM_STI.EXE" [2004-08-20 114688]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 117616]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"= 1 (0x1)
"DisableRegistryTools"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"UacDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\ACSPMonitor\\ASMonitor.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\WINDOWS\\system32\\nwiz.exe"=
"c:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\AGRSMMSG.exe"=
"c:\\WINDOWS\\VM_STI.EXE"=
R3 abp470n5;abp470n5;\??\c:\windows\system32\drivers\jghsqj.sys --> c:\windows\system32\drivers\jghsqj.sys [?]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-08-12 c:\windows\Tasks\User_Feed_Synchronization-{DDE86278-21B5-428E-8994-8D157CFE59AC}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
- - - - ORPHANS REMOVED - - - -
HKLM-Run-Ins3DT - e:\install4\INS3DT.EXE
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyServer = 127.0.0.1:8081
uInternet Settings,ProxyOverride = local
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-08-12 23:35
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-08-12 23:37
ComboFix-quarantined-files.txt 2009-08-12 21:37
Pre-Run: 11.187.322.880 bytes free
Post-Run: 11.312.594.944 bytes free
191 --- E O F --- 2009-07-31 20:04
- Status