• Naslovna
• FAQ
• Pravilnik
• O ES-u
• Tim
• Korisnici
• Statistike

 

• elitesecurity ::
• elitemadzone ::
• EMAIL ::
• RSS ::
• ES Mobile

  Niste ulogovani?  Username :   Password:   

• Registracija
• Zaboravili ste password?
• Flashback ▲▼
• Login problem?

 

Pretraga:

 

Srodne teme 14.04.2024. Re: Gde je Kejt? (samo pogrešni odgovori) 22.12.2005. virtual drive 13.06.2004. Virtual Drive - direktni pristup 27.08.2004. Fromatiranje system drive-a u Win Xp Pro 11.01.2005. Zamjena drive-a u linijskom dvd playeru? 25.01.2005. Delphi6-Pokusaj pravljenja...........Pomoc 04.04.2006. Virtual drive – deinstalacija 11.02.2007. konverzija mysql baze u karakterset koji podrzava.. 05.03.2007. ssh networj drive 10.06.2007. Više od dva HDD u kompu Navigacija Brisanje liste Aktuelne teme u ovom forumu: Problem sa Brave pretraživačem Kako sačuvati Windows (particiju)? Hp desktop prazna baterija na ploči? .. Virtuelna mašina ili dve particije Windows 7 za Microsoft 2010 Gigabyte matična ploča, 4 x DDR2 RAM.. Moram da restartujem kompjuter posle p.. Mobilni Tel. na PC, WIN Poruka: “Thi.. Posle zabagovanja, reseta i isključen.. Ne mogu da kliknem da ikone sa desktop.. Racunar ne prepoznaje zvucnu karticu u.. Greška prilikom paljenja računara Problem sa podizanjem sistema Kako napraviti mrezu sa 2 rutera i sta.. Cirilicni fontovi za Win sa pravilnim .. Izaberite forum: Linux Linux aplikacije Linux desktop okruženja Linux hardware Windows desktop Windows aplikacije Zaštita Office Windows drajveri Office :: Word Office :: Excel Macintosh Mac hardware Mac software Iphone Enterprise Networking SOHO Networking Wireless Windows mreže Linux mreže Wireless :: WiMax Wireless :: Mikrotik Wireless :: Wireless oprema Linux/UNIX serveri i servisi Unix BSD Skript jezici Security Virtualizacija Cloud Computing Services Security :: Kriptografija i enkripcija .NET 3D programiranje Art of Programming Asembler C/C++ programiranje Kernel i OS programiranje Pascal / Delphi / Kylix Java Embedded sistemi Perl PHP Python Visual Basic 6 Veštačka inteligencija Security Coding XML GameDev - Razvoj Igara Ostali programski jezici PHP :: PHP za početnike PHP :: Smarty template engine .NET :: .NET Desktop razvoj .NET :: ASP.NET .NET :: WPF Programiranje C/C++ programiranje :: C/C++ za početnike Baze podataka MySQL Oracle Access MS SQL Firebird/Interbase PostgreSQL Fiksna telefonija VoIP Udruženje korisnika teleko.. GSM - telefoni GSM - upotreba GSM - servisiranje Mreže i novosti Smartphone Mreže i novosti :: Mobilni internet Mreže i novosti :: Telenor - korisnički servis Mreže i novosti :: VIP - korisnički servis Mreže i novosti :: MTS - korisnički servis Smartphone :: Symbian OS Smartphone :: Windows Mobile Smartphone :: Android GSM - telefoni :: Nokia PDA Uređaji GPS Portable Players Anonimnost i privatnost ISP Browseri E-mail Instant Messaging FTP Google Hosting ISP :: Wireless mreže i ISP ISP :: ADSL E-mail :: Anti-spam Instant Messaging :: IRC Hosting :: Domeni Google :: Gmail E-Marketing Web aplikacije Web dizajn i CSS Web dizajn softver Web razvoj Pretraživači i SEO Flash Javascript i AJAX Web dizajn i CSS :: Kritike Grafički dizajn Izdavaštvo 3D modelovanje Rasterska grafika Vektorska grafika 3D modelovanje :: CAD/CAM Matične ploče, procesori .. Video karte i monitori Storage Ostali hardver Overclocking & Modding PC Konfiguracije Laptopovi Vodič za kupovinu - PC har.. Tablet PC Muzička produkcija Audio kompresija Audio softver Video produkcija Video kompresija Video softver Multimedijalni uređaji Digitalni fotoaparati Digitalne kamere Home Theater Digitalni fotoaparati :: Fotografija Digitalni fotoaparati :: Vodič za kupovinu - Digita.. Elektronika Elektrotehnika Elektronika :: TV uređaji Elektronika :: Radio elektronika i tehnika Elektronika :: Mikrokontroleri Elektronika :: Audio-elektronika Auto-elektronika :: Tuning Vodič za učenje Vodič za posao Vodič za emigraciju Fizika Matematika Nauka Sertifikati Informatika Vodič za učenje :: Seminarski radovi Vodič za učenje :: Obrazovne institucije Vodič za emigraciju :: Život u USA Vodič za emigraciju :: Život u Norveškoj Vodič za emigraciju :: Život u Nemačkoj E-Poslovanje E-Kupovina IT pravo i politika razvoja IT događaji IT berza poslova IS i ERP Ekonomija Berza Cryptocoins IT berza poslova :: Arhiva IT berze poslova IT pravo i politika razvoja :: Registar Nacionalnog ID E-Poslovanje :: E-Transakcije E-Poslovanje :: Forex E-Kupovina :: Platne kartice Digitalna Televizija Advocacy Ankete Predlozi i pitanja Vesti Čekaonica Vesti :: ES leto manifestacija MadZone TechZone Poljoprivreda AutoZone MotoZone Svakodnevnica Video igre MadZone :: Zanimljivi linkovi MadZone :: Kultura TechZone :: Ergonomija TechZone :: Grejanje TechZone :: Klimatizacija TechZone :: Bela tehnika AutoZone :: Fiat Panda club Lista poslednjih: 16, 32, 64, 128 poruka.

godunski Beograd Član broj: 43618 Poruke: 77 *.dynamic.sbb.rs. +1 Profil Prikazuje drive koji ne postoji (Z) 03.04.2008. u 13:05 - pre 195 meseci Umrežavao sam laptop sa desktopom, pa onda MAP NETWORK DRIVE, to je radilo neko vreme, onda sam zbog nekih drugih stvari povezao sve sve iz početka, ali mi u total commanderu prikazuje drive Z i da je u disk manageru to slovo zauzeto, a ne mogu tom driveu da pristupim, a da ne govorim da ga windows kroz explorer uopšte ne vidi. Ne bih da pribegavam soluciji "format C" ako postoji drugo rešenje da se otarasim ovog problema. Ponovo reinstalirao windows, tcmd, ali uzalud... Zna li neko o čemu se radi? Odgovor na temu

Binary Mind 11040 Član broj: 28245 Poruke: 13289 *.adsl-a-1.sezampro.yu. +3779 Profil Re: Prikazuje drive koji ne postoji (Z) 03.04.2008. u 16:54 - pre 195 meseci Ako Z: taj mapiran network drive mozda nesto od ovoga pomogne: http://support.microsoft.com/kb/308582 Odgovor na temu

godunski Beograd Član broj: 43618 Poruke: 77 *.dynamic.sbb.rs. +1 Profil Re: Prikazuje drive koji ne postoji (Z) 03.04.2008. u 18:52 - pre 195 meseci Poslušao Microsoft, ali poruka koju dobijem u cmd je "A device attached to the system is not functioning"... Odgovor na temu

Binary Mind 11040 Član broj: 28245 Poruke: 13289 *.adsl-4.sezampro.yu. +3779 Profil Re: Prikazuje drive koji ne postoji (Z) 03.04.2008. u 20:10 - pre 195 meseci Da li si probao sa komandom "net use" u command promptu? To je najsigurnija opcija... Odgovor na temu

godunski Beograd Član broj: 43618 Poruke: 77 *.dynamic.sbb.rs. +1 Profil Re: Prikazuje drive koji ne postoji (Z) 04.04.2008. u 07:46 - pre 195 meseci Ne vrijedi... Imam "printscreen" ali ne znam kako da ga uploadujem ovde... Prikačeni fajlovi NET USE.jpg - 246.86k Odgovor na temu

Miroslav Jeftić Istraživanje ruda [ES] Moderator Član broj: 37513 Poruke: 6833 Sajt: about:blank +2200 Profil Re: Prikazuje drive koji ne postoji (Z) 04.04.2008. u 08:07 - pre 195 meseci Imaš u tvojoj poruci dugme "upload uz poruku", pa zakači fajl. Nije mi baš jasno u čemu je problem, ne možeš da pristupiš drajvu? Jesi li probao da ga mapiraš ponovo, upotrebi neko drugo slovo, ne mora Z. Odgovor na temu

godunski Beograd Član broj: 43618 Poruke: 77 *.dynamic.sbb.rs. +1 Profil Re: Prikazuje drive koji ne postoji (Z) 04.04.2008. u 08:16 - pre 195 meseci Problem je što mi je u total comanderu ostao drive Z, a koji pak ne pokazuje internet explorer. Jedina opcija koja mi stoji na raspolaganju je format, ali ne bih to radio, jer ne znam šta bih u tom slučaju formatirao. Kada odem u disk manager ne vidi mi drive Z, ali jada hoću da mapiram neki drive, u tom slučaju mi pokazuje da je letter Z zauzeto... Odgovor na temu

Miroslav Jeftić Istraživanje ruda [ES] Moderator Član broj: 37513 Poruke: 6833 Sajt: about:blank +2200 Profil Re: Prikazuje drive koji ne postoji (Z) 04.04.2008. u 08:24 - pre 195 meseci Pa promeni slovo, zašto mora da bude Z? Sigurno da nisu sva ostala slova zauzeta. Odgovor na temu

godunski Beograd Član broj: 43618 Poruke: 77 *.dynamic.sbb.rs. +1 Profil Re: Prikazuje drive koji ne postoji (Z) 04.04.2008. u 08:33 - pre 195 meseci Ma nije problem da ja promenim slovo, već da očistim/oslobodim Z koji i ne postoji a prikazuje ga... Pokušaću da mapiram drive nekim drugim slovom, pa možda i ovo Z nestane, ako se tu nešto osveži, promeni... jbm li ga... Odgovor na temu

Miroslav Jeftić Istraživanje ruda [ES] Moderator Član broj: 37513 Poruke: 6833 Sajt: about:blank +2200 Profil Re: Prikazuje drive koji ne postoji (Z) 04.04.2008. u 08:37 - pre 195 meseci Potpuno je nebitno da li ti je jedno slovo zauzeto, ako sve ostalo radi kako treba, ja uopšte ne bih gubio vreme na to. Odgovor na temu

godunski Beograd Član broj: 43618 Poruke: 77 *.dynamic.sbb.rs. +1 Profil Re: Prikazuje drive koji ne postoji (Z) 04.04.2008. u 08:48 - pre 195 meseci Eh... kad sam smarač... Odgovor na temu

calexx SuperModerator Član broj: 71794 Poruke: 20046 +1651 Profil Re: Prikazuje drive koji ne postoji (Z) 04.04.2008. u 08:56 - pre 195 meseci Mapiran drajv u TC? Zar ne možeš samo da ga diskonektuješ u Total Commanderu, kako došlo, tako će i da ode? Odgovor na temu

mLAN Novi Sad Član broj: 85738 Poruke: 404 Profil Re: Prikazuje drive koji ne postoji (Z) 04.04.2008. u 09:01 - pre 195 meseci Imaš li ovu opciju? Prikačeni fajlovi disconnect.JPG - 13.21k Odgovor na temu

godunski Beograd Član broj: 43618 Poruke: 77 *.dynamic.sbb.rs. +1 Profil Re: Prikazuje drive koji ne postoji (Z) 04.04.2008. u 09:14 - pre 195 meseci He, kakav sam ja slepac... Zbunilo me slovo Z koje obično upućuje na network drive, ali u mom slučaju (da sam malo bolje pogledao ikonicu) upućuje na LOCAL DRIVE!!! X i Y sam malopre mapirao i radi normalno, ali ostaje LOCAL DRIVE Z!!! A on isto tako ne postoji... mislim, nije mi poznato. [Ovu poruku je menjao godunski dana 04.04.2008. u 10:40 GMT+1] Prikačeni fajlovi Local disk Z.jpg - 307.54k Odgovor na temu

Binary Mind 11040 Član broj: 28245 Poruke: 13289 *.adsl-4.sezampro.yu. +3779 Profil Re: Prikazuje drive koji ne postoji (Z) 04.04.2008. u 14:29 - pre 195 meseci Fantomski drive. Da nemas nakacen neki USB flash ili eksterni hard koji je uzeo slovo Z? Odgovor na temu

godunski Beograd Član broj: 43618 Poruke: 77 *.dynamic.sbb.rs. +1 Profil Re: Prikazuje drive koji ne postoji (Z) 04.04.2008. u 15:43 - pre 195 meseci Hmm, mota mi se nešteo drugo po glavi, pošto mi se čini da sam negde proteklih dana naleteo na informaciju da je drive Z veličine kao moj ceo HDD, 120 GB, a nudi mi jedino opciju format Z kada kliknem na ikonicu drive-a u exploreru. Proteklih 15 dana, ako ne i više, borim se sa jednom drugom boljkom - na internetu sam našao da se to zove "fake about:blank". Dosadni pop-up window koji se nekada pojavljuje priliko podizanja sistema i kaže "unable to connect to view pages (tako nešto), would you like to work offline"? I šta god da pritisnem, on mi prebaci windows explorer u "offline mode". Spyboot Search & Destroy je našao ovo što se vidi na slici koju prilažem, ali ne uspevam da ga se otarasim iako on kaže da je "problem fixed". Sve dok je Spyboot na računaru, to se ne prikazuje, jer ga verovatno on blokira. Ali posle je opet tu. Sada mi pada na pamet da možda taj worm, trojan ili šta god da je, ubacuje opciju format Z, pa da ja lepo nasednem i formatiram ceo komp, a tu masa podataka... Ne znam koliko ti je ovo bliska tema, znam da su ljudi kačili log fajl programa Hijack This, pa da i to pokušam ako može da ti pomogne da mi pomogneš... Prikačeni fajlovi format Z.jpg - 145.44k smitfraud.jpg - 118.17k Odgovor na temu

Binary Mind 11040 Član broj: 28245 Poruke: 13289 *.adsl-1.sezampro.yu. +3779 Profil Re: Prikazuje drive koji ne postoji (Z) 04.04.2008. u 19:15 - pre 195 meseci Zakacio si SmitFraud :) Skini SmitFraudFix i skeniraj na nacin koji sam opisao u ovoj temi (obavezno okachi log): http://www.elitesecurity.org/t283973-0#1707677 Posle toga skini i Combofix (ima link na prilozenoj temi) i uradi sken i naravno okachi log. edit: Pre nego sto bilo sta preduzmes po ovom pitanju iskljuci System Restore. [Ovu poruku je menjao Binary Mind dana 04.04.2008. u 20:40 GMT+1] Odgovor na temu

godunski Beograd Član broj: 43618 Poruke: 77 *.dynamic.sbb.rs. +1 Profil Re: Prikazuje drive koji ne postoji (Z) 04.04.2008. u 21:18 - pre 195 meseci Logovi: SmitFraudFix v2.309 Scan done at 21:56:35,03, pet 04.04.2008 Run from C:\Documents and Settings\Svetionik\Desktop\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT The filesystem type is NTFS Fix run in safe mode »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Svetionik »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Svetionik\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Start Menu »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\SVETIO~1\FAVORI~1 »»»»»»»»»»»»»»»»»»»»»»»» Desktop »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="My Current Home Page" »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, following keys are not inevitably infected!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, following keys are not inevitably infected!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CS2\Services\Tcpip\..\{CBC229D5-2E7C-4DA5-9D2A-57C2045781A9}: DhcpNameServer=192.168.0.1 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.0.1 »»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection »»»»»»»»»»»»»»»»»»»»»»»» End Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:00:39, on 4.4.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Safe mode Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MI69DF~1\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office 2007\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe O4 - HKLM\..\Run: [Aqua Dock] C:\Program Files\Aqua Dock\Aqua Dock.exe O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ? O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI69DF~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI69DF~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI69DF~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MI69DF~1\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 10498 bytes ComboFix 08-04-03.5 - Svetionik 2008-04-04 22:02:30.1 - NTFSx86 MINIMAL Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1745 [GMT 2:00] Running from: C:\Documents and Settings\Svetionik\Desktop\ComboFix.exe [color=red]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/color] . TimedOut: progfile.dat ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\temp\tn3 C:\WINDOWS\system32\drivers\core.cache.dsk C:\WINDOWS\system32\drivers\ndistapii.sys . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_NDISTAPII -------\Service_ndistapii ((((((((((((((((((((((((( Files Created from 2008-03-04 to 2008-04-04 ))))))))))))))))))))))))))))))) . 2008-04-04 21:59 . 2008-04-04 21:59 664 --a------ C:\WINDOWS\system32\d3d9caps.dat 2008-04-04 21:56 . 2008-04-04 21:56 5,748 --a------ C:\WINDOWS\system32\tmp.reg 2008-04-03 15:56 . 2008-04-03 15:56 <DIR> d--h----- C:\WINDOWS\PIF 2008-04-03 12:47 . 2007-11-06 09:06 131,672 --a------ C:\WINDOWS\system32\drivers\Uim_IM.sys 2008-04-03 12:47 . 2007-11-06 09:06 32,080 --a------ C:\WINDOWS\system32\drivers\UimBus.sys 2008-04-03 12:47 . 2007-11-06 09:06 11,568 --a------ C:\WINDOWS\system32\drivers\UimFIO.sys 2008-04-03 12:46 . 2008-04-03 12:47 <DIR> d-------- C:\Program Files\Paragon Software 2008-04-03 12:46 . 2008-01-21 17:43 4,244,744 --a------ C:\WINDOWS\system32\qtp-mt334.dll 2008-04-03 12:46 . 2008-01-21 17:43 247,560 --a------ C:\WINDOWS\system32\prgiso.dll 2008-04-03 12:46 . 2007-11-06 09:06 39,472 --a------ C:\WINDOWS\system32\drivers\hotcore3.sys 2008-04-03 12:46 . 2008-01-21 17:43 13,576 --a------ C:\WINDOWS\system32\wnaspi32.dll 2008-04-01 13:50 . 2008-04-03 07:50 2,672 --ahs---- C:\Documents and Settings\All Users\Application Data\KGyGaAvL.sys 2008-04-01 13:50 . 2008-04-03 07:50 88 -r-hs---- C:\Documents and Settings\All Users\Application Data\6E84F1F761.sys 2008-03-31 16:29 . 2007-09-18 12:46 172,032 --a------ C:\WINDOWS\system32\igfxres.dll 2008-03-31 16:21 . 2001-08-23 12:00 1,875,968 --a--c--- C:\WINDOWS\system32\dllcache\msir3jp.lex 2008-03-31 16:20 . 2001-08-23 12:00 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll 2008-03-31 16:19 . 2004-08-04 00:56 2,134,528 --a--c--- C:\WINDOWS\system32\dllcache\smtpsnap.dll 2008-03-31 16:17 . 2008-03-31 16:17 749 -rah----- C:\WINDOWS\WindowsShell.Manifest 2008-03-31 16:17 . 2008-03-31 16:17 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest 2008-03-31 16:17 . 2008-03-31 16:17 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest 2008-03-31 16:17 . 2008-03-31 16:17 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest 2008-03-31 16:17 . 2008-03-31 16:17 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest 2008-03-31 16:17 . 2008-03-31 16:17 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest 2008-03-31 15:57 . 2001-08-23 12:00 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll 2008-03-31 15:57 . 2001-08-23 12:00 24,661 --a--c--- C:\WINDOWS\system32\dllcache\spxcoins.dll 2008-03-31 15:57 . 2001-08-23 12:00 13,312 --a------ C:\WINDOWS\system32\irclass.dll 2008-03-31 15:57 . 2001-08-23 12:00 13,312 --a--c--- C:\WINDOWS\system32\dllcache\irclass.dll 2008-03-31 13:34 . 2008-04-01 14:03 <DIR> d-------- C:\WINDOWS\system32\NtmsData 2008-03-29 09:36 . 2008-04-02 09:07 357 --a------ C:\WINDOWS\wininit.ini 2008-03-29 08:57 . 2008-03-29 08:52 691,545 --a------ C:\WINDOWS\unins000.exe 2008-03-29 08:57 . 2008-03-29 08:57 2,549 --a------ C:\WINDOWS\unins000.dat 2008-03-29 08:43 . 2008-04-02 11:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-03-23 15:30 . 2008-03-23 15:30 <DIR> d-------- C:\Program Files\Trend Micro 2008-03-23 14:47 . 2008-03-23 14:47 <DIR> d---s---- C:\Documents and Settings\Svetionik\UserData 2008-03-23 02:00 . 2008-03-23 02:00 7,680 --ahs---- C:\WINDOWS\Thumbs.db 2008-03-22 15:25 . 2008-03-22 15:25 <DIR> d-------- C:\Documents and Settings\Svetionik\Application Data\LGSync 2008-03-22 15:20 . 2008-03-22 15:20 <DIR> d-------- C:\Program Files\LG Electronics 2008-03-22 15:20 . 2005-06-24 19:36 39,036 --a------ C:\WINDOWS\system32\drivers\lgusbmodem.sys 2008-03-22 15:20 . 2005-05-26 12:01 21,344 --a------ C:\WINDOWS\system32\drivers\lgusbbus.sys 2008-03-22 15:19 . 2005-09-26 23:55 419,240 --a------ C:\WINDOWS\system32\Vsflex7L.ocx 2008-03-22 15:19 . 2000-05-22 01:00 244,416 --a------ C:\WINDOWS\system32\Msflxgrd.ocx 2008-03-22 15:19 . 2005-10-04 11:39 44,544 --a------ C:\WINDOWS\system32\msxml4a.dll 2008-03-22 15:19 . 2005-06-28 23:12 36,864 --a------ C:\WINDOWS\system32\CSDLGE1LIB.dll 2008-03-22 15:18 . 2008-03-22 15:19 <DIR> d-------- C:\Program Files\LGE GSM PC Sync 2008-03-17 16:13 . 2008-03-17 16:13 <DIR> d-------- C:\Program Files\PopCap Games 2008-03-17 16:13 . 2008-03-31 17:51 10 --a------ C:\WINDOWS\popcinfo.dat 2008-03-16 08:38 . 2008-03-16 08:38 <DIR> d-------- C:\Documents and Settings\Svetionik\Application Data\Nokia Multimedia Player 2008-03-14 11:56 . 2008-03-14 11:56 1,646 --a------ C:\WINDOWS\wcx_ftp.ini 2008-03-14 08:01 . 2008-03-31 14:53 247 --a------ C:\WINDOWS\WINCMD.INI . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-04 19:53 --------- d-----w C:\Documents and Settings\Svetionik\Application Data\Skype 2008-04-04 19:31 --------- d-----w C:\Program Files\Mozilla Thunderbird 2008-04-03 11:26 --------- d-----w C:\Program Files\FlashGet 2008-04-03 10:47 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-04-02 09:40 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-04-01 12:52 --------- d-----w C:\Documents and Settings\Svetionik\Application Data\Corel 2008-04-01 12:03 --------- d-----w C:\Program Files\TC PowerPack 2008-04-01 11:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Corel 2008-04-01 11:43 --------- d-----w C:\Program Files\Corel 2008-03-31 08:01 3,001 --sha-w C:\Documents and Settings\Svetionik\ppUser.dat 2008-03-22 21:20 --------- d-----w C:\Program Files\LIVEUPDATE 2008-03-13 07:04 --------- d-----w C:\Program Files\SWiSHmax 2008-03-08 19:40 --------- d-----w C:\Program Files\Common Files\Adobe 2008-03-07 10:33 --------- d-----w C:\Documents and Settings\Svetionik\Application Data\Nokia 2008-03-06 18:21 --------- d-----w C:\Documents and Settings\Svetionik\Application Data\BSplayer PRO 2008-03-03 12:52 --------- d-----w C:\Program Files\WhereIsIt 2008-03-02 16:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-03-02 16:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations 2008-02-29 20:31 --------- d-----w C:\Program Files\Winamp 2008-02-28 17:35 --------- d-----w C:\Program Files\INTEX Video Power 2008-02-28 11:46 --------- d-----w C:\Program Files\Skype 2008-02-27 16:46 --------- d-----w C:\Documents and Settings\Svetionik\Application Data\SampleView 2008-02-27 06:18 --------- d-----w C:\Program Files\SP36691 2008-02-26 05:16 --------- d-----w C:\Program Files\Vimicro 2008-02-21 07:40 --------- d-----w C:\Program Files\Java 2008-02-21 07:34 --------- d-----w C:\Program Files\Common Files\Java 2008-02-20 18:35 --------- d-----w C:\Documents and Settings\Svetionik\Application Data\Bitstream 2008-02-19 20:21 --------- d-----w C:\Documents and Settings\Svetionik\Application Data\PC Suite 2008-02-19 20:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite 2008-02-18 07:16 --------- d-----w C:\Program Files\ABBYY FineReader 8.0 Professional Edition 2008-02-17 21:52 --------- d-----w C:\Documents and Settings\Svetionik\Application Data\ABBYY 2008-02-17 21:40 --------- d-----w C:\Documents and Settings\Svetionik\Application Data\Nero 2008-02-17 21:38 --------- d-----w C:\Program Files\Common Files\Nero 2008-02-17 21:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nero 2008-02-17 21:34 --------- d-----w C:\Program Files\Nero 2008-02-17 20:47 --------- d-----w C:\Program Files\Your Uninstaller 2008 2008-02-17 20:44 --------- d-----w C:\Documents and Settings\Svetionik\Application Data\URSoft 2008-02-17 19:58 --------- d-----w C:\Documents and Settings\Svetionik\Application Data\ESET 2008-02-17 19:57 --------- d-----w C:\Program Files\ESET 2008-02-17 19:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET 2008-02-17 16:55 --------- d-----w C:\Program Files\System Cleaner 2008-02-17 16:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet 2008-02-17 16:39 --------- d-----w C:\Documents and Settings\Svetionik\Application Data\EPSON 2008-02-17 16:30 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-02-17 16:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\UDL 2008-02-17 16:28 --------- d-----w C:\Program Files\epson 2008-02-17 16:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\EPSON 2008-02-17 16:15 --------- d-----w C:\Documents and Settings\Svetionik\Application Data\Contrast 2008-02-17 16:06 --------- d-----w C:\Program Files\Contrast 2008-02-17 16:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Contrast 2008-02-17 15:43 --------- d-----w C:\Documents and Settings\Svetionik\Application Data\Talkback 2008-02-17 15:42 --------- d-----w C:\Program Files\DIFX 2008-02-17 15:41 --------- d-----w C:\Program Files\PC Connectivity Solution 2008-02-17 15:41 --------- d-----w C:\Program Files\Nokia 2008-02-17 15:41 --------- d-----w C:\Program Files\Common Files\PCSuite 2008-02-17 15:41 --------- d-----w C:\Program Files\Common Files\Nokia 2008-02-17 15:32 --------- d-----w C:\Program Files\Innovative Solutions 2008-02-17 15:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Innovative Solutions 2008-02-17 14:33 --------- d-----w C:\Program Files\Macrogaming 2008-02-17 14:32 --------- d-----w C:\Program Files\MSN Messenger 2008-02-17 14:30 --------- d-----w C:\Documents and Settings\Svetionik\Application Data\Thunderbird 2008-02-17 14:25 --------- d-----w C:\Program Files\Common Files\Skype 2008-02-17 14:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype 2008-02-17 14:22 --------- d-----w C:\Program Files\VideoLAN 2008-02-17 14:22 --------- d-----w C:\Documents and Settings\Svetionik\Application Data\vlc 2008-02-17 14:20 --------- d-----w C:\Program Files\Webteh 2008-02-17 14:11 --------- d-----w C:\Program Files\Windows Media Connect 2 2008-02-17 14:06 --------- d-----w C:\Program Files\ACD Systems 2008-02-17 14:05 --------- d-----w C:\Program Files\PhotoBrush 2008-02-17 14:02 --------- d-----w C:\Program Files\ImTOO 2008-02-17 14:00 --------- d-----w C:\Program Files\Google 2008-02-17 13:57 286,720 ----a-w C:\WINDOWS\iun506.exe 2008-02-17 13:57 --------- d-----w C:\Program Files\GIF Movie Gear 2008-02-17 13:55 --------- d-----w C:\Program Files\FastStone Image Viewer 2008-02-17 13:55 --------- d-----w C:\Documents and Settings\Svetionik\Application Data\FastStone 2008-02-17 13:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink 2008-02-17 13:49 --------- d-----w C:\Program Files\CyberLink 2008-02-17 13:48 --------- d-----w C:\Program Files\DVD Shrink 2008-02-17 13:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink 2008-02-17 13:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield 2008-02-17 13:40 --------- d-----w C:\Program Files\Common Files\Protexis 2008-02-17 13:40 --------- d-----w C:\Program Files\Common Files\Corel 2008-02-17 13:33 --------- d-----w C:\Program Files\TigerColor 2008-02-17 13:32 --------- d-----w C:\Program Files\DAMN NFO Viewer 2008-02-17 13:29 --------- d-----w C:\Program Files\Aqua Dock 2008-02-17 13:27 10,368 ----a-w C:\WINDOWS\system32\drivers\pfc.sys 2008-02-17 13:27 --------- d-----w C:\Program Files\Common Files\ACD Systems 2008-02-17 13:27 --------- d-----w C:\Documents and Settings\Svetionik\Application Data\ACD Systems 2008-02-17 13:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\ACD Systems 2008-02-17 13:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\WinZip 2008-02-17 12:06 --------- d-----w C:\Program Files\Microsoft Works 2008-02-17 12:05 --------- d-----w C:\Program Files\MSBuild 2008-02-17 12:05 --------- d-----w C:\Program Files\Microsoft Office 2007 2008-02-17 12:04 --------- d-----w C:\Program Files\Microsoft Office 2003 2008-02-17 11:47 --------- d-----w C:\Program Files\Microsoft.NET 2008-02-17 11:47 --------- d-----w C:\Program Files\Microsoft ActiveSync 2008-02-17 11:47 --------- d-----w C:\Program Files\Common Files\L&H 2008-02-17 11:26 --------- d-----w C:\Program Files\Common Files\Control Panels 2008-02-17 11:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\ALM 2008-02-17 11:18 --------- d-----w C:\Program Files\QuickTime . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2007-08-12 12:02 103712] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-03 13:51 202024] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 02:06 1667584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2006-07-13 09:12 729088] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-06-07 18:47 827392] "IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-10-08 15:18 995328] "IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-10-08 15:13 1101824] "QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-11-06 17:34 177456] "Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-23 00:24 620152] "Adobe_ID0EYTHM"="C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 17:40 1884160] "GrooveMonitor"="C:\Program Files\Microsoft Office 2007\Office12\GrooveMonitor.exe" [2006-10-27 01:47 31016] "Openwares LiveUpdate"="C:\Program Files\LiveUpdate\LiveUpdate.exe" [2003-12-13 19:17 61440] "Aqua Dock"="C:\Program Files\Aqua Dock\Aqua Dock.exe" [2003-11-01 14:58 386560] "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 17:15 221184] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 17:15 81920] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 21:24 32768] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2007-08-12 12:02 103712] "egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2007-12-21 09:21 1443072] "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 16:57 153136] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 10:25 1828136] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496] "BigDog303"="C:\WINDOWS\VM303_STI.exe" [2005-06-23 12:13 61440] "Recguard"="C:\WINDOWS\Sminst\Recguard.exe" [2005-12-20 17:51 1187840] "Reminder"="C:\WINDOWS\Creator\Remind_XP.exe" [2006-03-09 18:38 806912] "Scheduler"="C:\WINDOWS\SMINST\Scheduler.exe" [2006-10-09 12:23 697976] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2007-09-24 13:27 141848] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-09-24 13:27 166424] "Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-09-24 13:27 137752] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 18:36 872448] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:56 15360] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 18:35 1294336] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.ACDV"= ACDV.dll "MSVideo8"= VfWWDM32.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Bonjour\\mDNSResponder.exe"= "C:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"= "C:\\Program Files\\Microsoft Office 2007\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\Microsoft Office 2007\\Office12\\GROOVE.EXE"= "C:\\Program Files\\Microsoft Office 2007\\Office12\\ONENOTE.EXE"= "C:\\Program Files\\FlashGet\\flashget.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\WINDOWS\\SMINST\\Scheduler.exe"= "C:\\Program Files\\TC PowerPack\\TOTALCMD.EXE"= "C:\\Program Files\\Mozilla Firefox\\firefox.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server "3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server "50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server "50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server R0 hotcore3;hotcore3;C:\WINDOWS\system32\drivers\hotcore3.sys [2007-11-06 09:06] R2 PSI_SVC_2;Protexis Licensing V2;"c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe" [2007-07-24 11:15] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;"C:\Program Files\MSN Messenger\usnsvc.exe" [2007-01-19 13:54] . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-04 22:09:01 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\WINDOWS\explorer.exe -> C:\WINDOWS\system32\msdmo.dll . ------------------------ Other Running Processes ------------------------ . C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\Common Files\Protexis\License Service\PSIService.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrobat_sl.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe . ************************************************************************** . Completion time: 2008-04-04 22:11:11 - machine was rebooted ComboFix-quarantined-files.txt 2008-04-04 20:11:06 Pre-Run: 16,505,311,232 bytes free Post-Run: 14,304,485,376 bytes free Odgovor na temu

godunski Beograd Član broj: 43618 Poruke: 77 *.dynamic.sbb.rs. +1 Profil Re: Prikazuje drive koji ne postoji (Z) 04.04.2008. u 21:23 - pre 195 meseci Jedno vreme se drive Z (Local disk) video i iz explorera, sada opet jedino iz commandera... A SmitFraud sam verovatno skinuo sa AIM playerom kog mi je druga preporučio, a ni sam e znam zašto sam pristao kad je winamp sasvim dovoljan... Ali, curiosity killed the cat! Odgovor na temu

Binary Mind 11040 Član broj: 28245 Poruke: 13289 *.adsl-3.sezampro.yu. +3779 Profil Re: Prikazuje drive koji ne postoji (Z) 05.04.2008. u 13:58 - pre 195 meseci SmitFraud je otstranio Combofix, a to sa fantomskim diskom mi jos nije jasno, mada ako sve radi normalno nemoj se ni obazirati na njega. Deinstaliraj Combofix tako sto ces u Run upisati "combofix /u" bez navodnika. Odgovor na temu