Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.

Problem oko otvaranja usb-a

[es] :: Zaštita :: Problem oko otvaranja usb-a

[ Pregleda: 2773 | Odgovora: 14 ] > FB > Twit

Postavi temu Odgovori

Autor

Pretraga teme: Traži
Markiranje Štampanje RSS

kuljaking
xxxx xxxx
bjeljina

Član broj: 108007
Poruke: 51
*.telrad.net.



Profil

icon Problem oko otvaranja usb-a11.04.2009. u 22:52 - pre 152 meseci
U poslednje vrijeme imam dosta problema sa virusima koji se prenose putem usb-a to sam resavao uglavnom tako što isključim auto play na sve uredjaje pa skeniram svaki usb i to je funkcionisalo.Prije neki dan sam sa interneta downlodovao sumnjiv program koji je prilikom instalacije pokušao da uspostavi konekciju sa nekim sumnjivim sajtom pa je citavu instalaciju obustavio avast.Ali posle toga imam problem sa prepoznavanjem usb-a kada ubacim usb cuje se zvuk kao da je pc prepoznao ali njega u my computer nema!!!. Pokušao sam da reinstaliram i instaliram ponovo sve drajvere za usb ali ni to nije pomoglo u registrima sam provjerio dali je opcija za usb ukljucena mada nije ni do toga.Usb portovi rade jer na istom racunaru imam i vistu instaliranu a pod njom sve normalno radi. Ima li ko neku ideju kako to da poprvaim. Sistem je win-xp sp2.
 
Odgovor na temu

Nemanja Živanović

Član broj: 212716
Poruke: 459



+4 Profil

icon Re: Problem oko otvaranja usb-a12.04.2009. u 12:13 - pre 152 meseci
Za pocetak skini program HijackThis.

Kada ga preuzmes preimenuj fajl u bilo sta npr. blabla.exe. Pokreni ga i klikni na "Do a system scan and save a logfile". Taj log fajl iskopiraj ovde da vidimo.

Napomena:Ako ti upustvo nije najjasnije pogledaj ovaj link.
 
Odgovor na temu

kuljaking
xxxx xxxx
bjeljina

Član broj: 108007
Poruke: 51
77.239.70.*



Profil

icon Re: Problem oko otvaranja usb-a12.04.2009. u 20:00 - pre 152 meseci
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:59:55 PM, on 4/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Opera\opera.exe
F:\hbcd\wintools\autorun.exe
F:\hbcd\wintools\HijackThis.exe

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" update "Software\CyberLink\PowerProducer\4.0"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 5576 bytes
 
Odgovor na temu

kuljaking
xxxx xxxx
bjeljina

Član broj: 108007
Poruke: 51
77.239.70.*



Profil

icon Re: Problem oko otvaranja usb-a12.04.2009. u 20:03 - pre 152 meseci
Evo hijack log fajl. Svuda sam nailazio na problem da je usb isključen u registrima ali u mom slučaju nije znači probao sam ponovo da instaliram drajvere ali ponovo ništa.
 
Odgovor na temu

Nemanja Živanović

Član broj: 212716
Poruke: 459



+4 Profil

icon Re: Problem oko otvaranja usb-a12.04.2009. u 20:06 - pre 152 meseci
Klikni desnim klikom miša na avast! ikonicu u donjem, desnom uglu ekrana i izaberi Stop OnAccess Protection.

Skini ComboFix na Desktop. Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva koja ti program zadaje. Kada se zavrsi proces skeniranja pojavice se izvestaj koji ces ovde iskopirati. Ako slucajno ugasis izvestaj on se nalazi na C:\ComboFix.txt.
 
Odgovor na temu

kuljaking
xxxx xxxx
bjeljina

Član broj: 108007
Poruke: 51
77.239.70.*



Profil

icon Re: Problem oko otvaranja usb-a12.04.2009. u 20:38 - pre 152 meseci
ComboFix 09-04-13.03 - kuljaking 2009-04-12 21:26.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1714 [GMT 2:00]
Running from: c:\documents and settings\kuljaking\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\ovfsthewmcfuxngfvqniriyldkiwaixjsfmlew.sys
c:\windows\system32\mfc45.dll
c:\windows\system32\ovfsthcpnyuhmxbepxuwydexuutdfbdvtsmjoq.dll
c:\windows\system32\ovfsthlydedcsknvmrgsvigvvabrquxdbshowm.dll
c:\windows\system32\ovfsthwijxtgliqbpxbahxosbgeovxwdvrwsql.dat
c:\windows\system32\ovfsthxdxyekoqquavhukeparscmaoqxotprjo.dll
c:\windows\system32\ovfsthxeqdlfvrqyrkhkgjbyqtxtgcfjpoqeac.dat

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_ovfsthovmyxwmkdmtbqlrrmltqlthnbrfulksd
-------\Legacy_NPF


((((((((((((((((((((((((( Files Created from 2009-03-13 to 2009-04-13 )))))))))))))))))))))))))))))))
.

2009-04-11 22:14 . 2009-04-11 22:20 -------- d-----w c:\documents and settings\kuljaking\Application Data\Web Page Maker
2009-04-09 23:15 . 2009-04-09 23:15 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-09 17:22 . 2006-03-28 07:55 155648 ----a-w c:\windows\system32\ssleay32.dll
2009-04-09 17:22 . 2006-03-28 07:54 696320 ----a-w c:\windows\system32\libeay32.dll
2009-04-09 17:22 . 2009-04-09 17:22 -------- d-----w c:\documents and settings\kuljaking\Application Data\iolo
2009-04-09 17:22 . 2009-04-09 17:22 -------- d-----w c:\documents and settings\All Users\Application Data\iolo
2009-04-02 15:59 . 2009-04-02 15:59 -------- d--h--w c:\windows\system32\GroupPolicy
2009-04-02 15:42 . 2009-04-02 15:45 516 ----a-w C:\BOOT.BXP
2009-04-02 15:42 . 2004-08-04 01:07 2148352 ----a-w c:\windows\system32\LOGOOS.EXE
2009-04-02 15:31 . 2009-04-02 15:31 91 ----a-w c:\windows\OB1.INI
2009-03-26 21:28 . 2008-03-05 14:56 1420824 ----a-w c:\windows\system32\D3DCompiler_37.dll
2009-03-26 21:28 . 2008-02-05 22:07 462864 ----a-w c:\windows\system32\d3dx10_37.dll
2009-03-26 21:28 . 2008-03-05 14:56 3786760 ----a-w c:\windows\system32\D3DX9_37.dll
2009-03-26 21:28 . 2009-03-26 21:28 -------- d-----w c:\windows\Logs
2009-03-26 21:27 . 2009-03-26 21:27 -------- d-----w c:\windows\system32\XPSViewer
2009-03-26 21:26 . 2008-07-06 12:06 89088 -c----w c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-03-26 21:26 . 2008-07-06 12:06 575488 -c----w c:\windows\system32\dllcache\xpsshhdr.dll
2009-03-26 21:26 . 2008-07-06 12:06 575488 ------w c:\windows\system32\xpsshhdr.dll
2009-03-26 21:26 . 2008-07-06 12:06 1676288 -c----w c:\windows\system32\dllcache\xpssvcs.dll
2009-03-26 21:26 . 2008-07-06 12:06 1676288 ------w c:\windows\system32\xpssvcs.dll
2009-03-26 21:26 . 2008-07-06 12:06 117760 ------w c:\windows\system32\prntvpt.dll
2009-03-26 21:26 . 2008-07-06 10:50 597504 -c----w c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-03-26 00:10 . 2009-03-26 00:10 -------- d-----w c:\documents and settings\kuljaking\Application Data\JLC's Software
2009-03-23 10:30 . 2009-03-23 10:30 268 ---ha-w C:\sqmdata01.sqm
2009-03-23 10:30 . 2009-03-23 10:30 244 ---ha-w C:\sqmnoopt01.sqm
2009-03-20 22:25 . 2009-03-20 22:25 41808 ----a-w c:\windows\system32\xfcodec.dll
2009-03-17 20:37 . 2009-03-17 20:41 -------- d-----w C:\MoTemp
2009-03-17 20:33 . 2009-03-17 20:33 -------- d-----w c:\documents and settings\kuljaking\Library
2009-03-17 20:33 . 2009-03-17 20:33 -------- d-----w c:\documents and settings\kuljaking\Application Data\com.adobe.ExMan
2009-03-17 18:16 . 2009-03-17 18:16 166 ----a-w c:\windows\MyDrivers.ini
2009-03-17 17:39 . 2009-04-02 16:40 -------- d-----w c:\documents and settings\kuljaking\Application Data\Kingston

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-11 23:41 . 2009-04-11 22:14 -------- d-----w c:\program files\Web Page Maker
2009-04-11 22:46 . 2009-02-17 17:07 -------- d-----w c:\documents and settings\kuljaking\Application Data\uTorrent
2009-04-11 22:12 . 2009-04-11 22:09 -------- d-----w c:\program files\ProgDVB
2009-04-10 22:21 . 2009-02-06 01:52 189072 ----a-w c:\windows\system32\PnkBstrB.exe
2009-04-10 19:57 . 2009-02-06 01:53 138920 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-04-02 15:42 . 2009-04-02 15:42 -------- d-----w c:\program files\BootXP2
2009-03-28 23:25 . 2009-02-24 20:39 -------- d-----w c:\program files\AutoCAD Architecture 2008
2009-03-26 21:39 . 2009-02-24 18:38 -------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet
2009-03-26 21:33 . 2009-03-26 21:29 -------- d-----w c:\program files\AutoCAD 2010
2009-03-26 21:33 . 2009-02-24 20:38 -------- d-----w c:\program files\Common Files\Autodesk Shared
2009-03-26 21:29 . 2009-02-24 20:39 -------- d-----w c:\documents and settings\kuljaking\Application Data\Autodesk
2009-03-26 21:29 . 2009-02-24 20:39 -------- d-----w c:\documents and settings\All Users\Application Data\Autodesk
2009-03-26 21:27 . 2009-03-26 21:27 -------- d-----w c:\program files\MSBuild
2009-03-26 21:27 . 2009-03-26 21:27 -------- d-----w c:\program files\Reference Assemblies
2009-03-26 21:24 . 2009-03-26 21:24 -------- d-----w c:\program files\MSXML 6.0
2009-03-25 13:15 . 2009-02-09 15:00 -------- d-----w c:\documents and settings\kuljaking\Application Data\Xfire
2009-03-22 14:55 . 2009-03-06 21:47 -------- d-----w c:\documents and settings\kuljaking\Application Data\TeamViewer
2009-03-17 18:04 . 2009-03-17 18:04 -------- d-----w c:\program files\My Drivers
2009-03-15 10:35 . 2009-03-15 10:21 -------- d-----w c:\program files\AutoCAD 2005
2009-03-08 09:31 . 2009-03-08 08:57 -------- d-----w c:\documents and settings\kuljaking\Application Data\Poser 7
2009-03-08 08:42 . 2009-03-08 08:42 -------- d-----w c:\program files\e frontier
2009-03-08 08:38 . 2009-03-08 08:37 -------- d-----w c:\program files\TC UP
2009-03-08 08:37 . 2009-03-08 08:37 -------- d-----w c:\documents and settings\kuljaking\Application Data\HEXelon
2009-03-06 21:47 . 2009-03-06 21:47 -------- d-----w c:\program files\TeamViewer3
2009-03-06 20:34 . 2009-03-06 20:25 -------- d-----w c:\program files\Poser 2
2009-03-06 20:03 . 2009-03-06 20:03 -------- d-----w c:\program files\Curious Labs
2009-03-04 17:52 . 2009-03-04 17:52 -------- d-----w c:\documents and settings\All Users\Application Data\LightScribe
2009-03-02 19:11 . 2009-03-02 19:11 -------- d-----w c:\documents and settings\kuljaking\Application Data\Media Player Classic
2009-03-02 19:10 . 2009-03-02 19:10 -------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2009-03-02 19:10 . 2009-03-02 19:10 -------- d-----w c:\program files\K-Lite Codec Pack
2009-02-28 02:42 . 2009-02-06 01:52 75064 ----a-w c:\windows\system32\PnkBstrA.exe
2009-02-27 04:25 . 2009-02-12 04:10 8192 --s-a-r C:\BOOTSECT.BAK
2009-02-26 20:07 . 2009-02-11 07:17 171136 --sha-r C:\grldr
2009-02-24 20:38 . 2009-02-24 20:38 -------- d-----w c:\program files\Autodesk
2009-02-24 20:25 . 2009-02-24 20:25 -------- d-----w c:\program files\MagicISO
2009-02-24 19:25 . 2009-02-05 21:15 -------- d-----w c:\program files\Common Files\Adobe
2009-02-24 17:54 . 2009-02-24 17:54 -------- d-----w c:\documents and settings\All Users\Application Data\ALM
2009-02-24 17:33 . 2009-02-24 17:33 -------- d-----w c:\program files\Adobe Media Player
2009-02-24 17:32 . 2009-02-24 17:32 -------- d-----w c:\program files\Common Files\Adobe AIR
2009-02-24 17:26 . 2009-02-24 17:26 -------- d-----w c:\program files\Common Files\Macrovision Shared
2009-02-23 01:00 . 2009-02-23 00:58 -------- d-----w c:\documents and settings\kuljaking\Application Data\BSplayer Pro
2009-02-23 00:58 . 2009-02-23 00:58 -------- d-----w c:\program files\Webteh
2009-02-18 00:55 . 2009-02-18 00:55 -------- d-----w c:\program files\GameSpy
2009-02-18 00:53 . 2009-02-06 01:53 22328 ----a-w c:\documents and settings\kuljaking\Application Data\PnkBstrK.sys
2009-02-18 00:53 . 2009-02-18 00:53 669184 ----a-w c:\windows\system32\pbsvc.exe
2009-02-18 00:45 . 2009-02-18 00:45 -------- d-----w c:\program files\Electronic Arts
2009-02-17 20:18 . 2009-02-17 20:18 -------- d-----w c:\program files\Crystal Player
2009-02-17 17:07 . 2009-02-17 17:07 -------- d-----w c:\program files\uTorrent
2009-02-15 14:31 . 2009-02-15 14:30 -------- d-----w c:\program files\AMD
2009-02-15 14:30 . 2009-02-15 14:30 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-02-15 14:29 . 2009-02-15 14:27 -------- d-----w c:\program files\ATI
2009-02-15 14:27 . 2009-02-15 14:27 -------- d-----w c:\documents and settings\All Users\Application Data\ATI
2009-02-15 14:26 . 2009-02-10 19:36 -------- d-----w c:\program files\ATI Technologies
2009-02-13 22:17 . 2009-02-13 20:02 -------- d-----w c:\documents and settings\kuljaking\Application Data\CyberLink
2009-02-13 20:02 . 2009-02-13 20:02 -------- d-----w c:\documents and settings\All Users\Application Data\CyberLink
2009-02-13 20:00 . 2009-02-13 20:00 -------- d-----w c:\program files\Common Files\LightScribe
2009-02-13 19:59 . 2009-02-05 20:30 -------- d--h--w c:\program files\InstallShield Installation Information
2009-02-13 19:59 . 2009-02-13 19:56 -------- d-----w c:\program files\CyberLink
2009-02-13 19:53 . 2009-02-13 19:53 -------- d-----w c:\program files\Alcohol Soft
2009-02-09 00:14 . 2009-02-09 00:14 14488 ----a-w c:\windows\system32\AcSignExtRes.dll
2009-02-09 00:13 . 2009-02-09 00:13 43160 ----a-w c:\windows\system32\AcSignIcon.dll
2009-02-09 00:13 . 2009-02-09 00:13 429720 ----a-w c:\windows\system32\AcSignOpt.exe
2009-02-09 00:13 . 2009-02-09 00:13 29848 ----a-w c:\windows\system32\AcSignExt.dll
2009-02-08 07:58 . 2009-02-05 06:03 86327 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-02-06 02:03 . 2009-02-06 01:54 65536 ----a-w C:\asusdisp.log
2009-02-05 20:55 . 2009-02-05 20:55 268 ---ha-w C:\sqmdata00.sqm
2009-02-05 20:55 . 2009-02-05 20:55 244 ---ha-w C:\sqmnoopt00.sqm
2009-02-05 20:50 . 2009-02-05 20:50 4608 ----a-w c:\windows\system32\w95inf32.dll
2009-02-05 20:50 . 2009-02-05 20:50 2272 ----a-w c:\windows\system32\w95inf16.dll
2009-02-05 06:01 . 2009-02-05 06:01 21640 ----a-w c:\windows\system32\emptyregdb.dat
2009-01-14 05:46 . 2009-02-10 19:35 11591680 ----a-w c:\windows\system32\atioglxx.dll
2009-01-14 04:53 . 2009-02-10 19:35 286720 ----a-w c:\windows\system32\atiok3x2.dll
2009-01-14 04:49 . 2009-02-10 19:35 425984 ----a-w c:\windows\system32\ATIDEMGX.dll
2009-01-14 04:47 . 2007-10-16 14:04 323584 ----a-w c:\windows\system32\ati2dvag.dll
2009-01-14 04:36 . 2009-02-10 19:35 196608 ----a-w c:\windows\system32\atipdlxx.dll
2009-01-14 04:36 . 2009-02-10 19:35 151552 ----a-w c:\windows\system32\Oemdspif.dll
2009-01-14 04:36 . 2009-02-10 19:35 26112 ----a-w c:\windows\system32\Ati2mdxx.exe
2009-01-14 04:35 . 2009-02-10 19:35 43520 ----a-w c:\windows\system32\ati2edxx.dll
2009-01-14 04:35 . 2009-02-10 19:35 155648 ----a-w c:\windows\system32\ati2evxx.dll
2009-01-14 04:34 . 2009-02-10 19:35 598016 ----a-w c:\windows\system32\ati2evxx.exe
2009-01-14 04:32 . 2009-02-10 19:35 53248 ----a-w c:\windows\system32\ATIDDC.DLL
2009-01-14 04:22 . 2007-10-16 13:44 4009152 ----a-w c:\windows\system32\ati3duag.dll
2009-01-14 04:05 . 2007-10-16 13:33 2500224 ----a-w c:\windows\system32\ativvaxx.dll
2009-01-14 03:50 . 2009-02-10 19:35 48640 ----a-w c:\windows\system32\amdpcom32.dll
2009-01-14 03:45 . 2009-02-10 19:35 401408 ----a-w c:\windows\system32\atikvmag.dll
2009-01-14 03:44 . 2009-02-10 19:35 110592 ----a-w c:\windows\system32\atiadlxx.dll
2009-01-14 03:44 . 2009-02-10 19:35 17408 ----a-w c:\windows\system32\atitvo32.dll
2009-01-14 03:37 . 2009-02-10 19:35 307200 ----a-w c:\windows\system32\atiiiexx.dll
2009-01-14 03:37 . 2007-10-16 13:11 577536 ----a-w c:\windows\system32\ati2cqag.dll
2009-01-14 02:36 . 2009-01-14 02:36 45056 ----a-w c:\windows\system32\amdcalrt.dll
2009-01-14 02:36 . 2009-01-14 02:36 45056 ----a-w c:\windows\system32\amdcalcl.dll
2009-01-14 02:34 . 2009-01-14 02:34 3227648 ----a-w c:\windows\system32\Amdcaldd.dll
2009-01-13 20:05 . 2009-02-10 19:48 593920 ------w c:\windows\system32\ati2sgag.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-01 7618560]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-06-01 86016]
"UpdatePPShortCut"="c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"nwiz"="nwiz.exe" [2006-06-01 c:\windows\system32\nwiz.exe]
"C-Media Mixer"="Mixer.exe" [2002-07-12 c:\windows\mixer.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll
"msacm.clmp3enc"= c:\progra~1\CYBERL~1\Power2Go\CLMP3Enc.ACM

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
--a------ 2008-06-11 23:43 640376 c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
--a------ 2008-06-12 03:25 37232 c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
--a------ 2008-08-14 08:58 611712 c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO]
--a------ 2008-08-15 06:46 378224 c:\progra~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt]
--a------ 2008-07-22 14:53 77824 c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS SmartDoctor]
--a------ 2008-10-16 18:50 1171456 c:\program files\ASUS\SmartDoctor\SmartDoctor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
--a------ 2008-06-26 12:51 380928 c:\program files\ASUS\GamerOSD\GamerOSD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2005-12-16 13:57 94208 c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-04 03:07 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
--a------ 2008-02-22 12:19 62760 c:\program files\CyberLink\PowerDVD\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
--a------ 2008-03-17 18:59 2289664 c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-08-04 02:06 1667584 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress]
--------- 2008-03-18 11:15 2508072 c:\program files\CyberLink\Power2Go\Power2GoExpress.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--------- 2008-04-02 20:09 87336 c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
--a------ 2008-08-29 18:11 61440 c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Cain\\Cain.exe"=
"d:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\CyberLink\\PowerDirector\\PDR.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=
"c:\\Program Files\\e frontier\\Poser 7\\Poser.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server
"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server
"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server

R3 cpuz;cpuz; [x]
R3 SliceDisk5;SliceDisk5; [x]
R4 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S1 VD_FileDisk;VD_FileDisk; [x]
S3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2008-07-02 89600]
S3 XG1;ASUS Generic USB Driver;c:\windows\system32\Drivers\OC_Gear1.sys [2006-11-17 34304]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ff2e0dcd-fa07-11dd-8069-001d60224118}]
\Shell\AutoRun\command - g:\autorun\AutoRun.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-avast! - c:\progra~1\ALWILS~1\Avast4\ashDisp.exe


.
------- Supplementary Scan -------
.
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-13 21:32
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(788)
c:\windows\system32\Ati2evxx.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'explorer.exe'(3144)
c:\windows\system32\msi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\windows\ATKKBService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-04-13 21:36 - machine was rebooted
ComboFix-quarantined-files.txt 2009-04-13 19:36

Pre-Run: 5,966,782,464 bytes free
Post-Run: 5,989,056,512 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
;Warning: Boot.ini is used on Windows XP and earlier operating systems.
;Warning: Use BCDEDIT.exe to modify Windows Vista boot options.
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /NOEXECUTE=OPTIN /FASTDETECT /USEPMTIMER /KERNEL=LOGOOS.EXE
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="(Backup Line) Microsoft Windows XP Professional" /NOEXECUTE=OPTIN /FASTDETECT /USEPMTIMER

286
 
Odgovor na temu

kuljaking
xxxx xxxx
bjeljina

Član broj: 108007
Poruke: 51
77.239.70.*



Profil

icon Re: Problem oko otvaranja usb-a12.04.2009. u 20:40 - pre 152 meseci
Vrlo iscrpno citavih 20min combofix je radio,cak sam moro i reinstalirati avast posto nije hteo nikako da pocne da skenira dok ga nisam ukino potpuno.Ali usb sada radi. Hvala
Samo kako da iskljucim sada prije nego sto se podigne win izbacuje mi opciju recovery win.
 
Odgovor na temu

Nemanja Živanović

Član broj: 212716
Poruke: 459



+4 Profil

icon Re: Problem oko otvaranja usb-a12.04.2009. u 21:47 - pre 152 meseci
Cekaj, nismo jos zavrsili Drago mi je da je proradio USB. Samo jos malo, da ispregledam log, pa cemo da zavrsavamo.
 
Odgovor na temu

Nemanja Živanović

Član broj: 212716
Poruke: 459



+4 Profil

icon Re: Problem oko otvaranja usb-a12.04.2009. u 21:57 - pre 152 meseci
Opet iskljuci Avast, onako kako sam ti napisao. Otvori Notepad i iskopiraj sledeci tekst:

Citat:

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ff2e0dcd-fa07-11dd-8069-001d60224118}]


Snimiti taj fajl na Desktop pod imenom CFScript



Prevuci snimljeni tekst na ComboFix ikonicu kao na slici. Postavi u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.
 
Odgovor na temu

kuljaking
xxxx xxxx
bjeljina

Član broj: 108007
Poruke: 51
*.telrad.net.



Profil

icon Re: Problem oko otvaranja usb-a12.04.2009. u 23:20 - pre 152 meseci
Nemanja nisam stigao da ovo odradim sad sam trenutno na poslu ali ujutru svakako ocu.Svaka ti cast ti si TITO za racunare!:)
 
Odgovor na temu

Nemanja Živanović

Član broj: 212716
Poruke: 459



+4 Profil

icon Re: Problem oko otvaranja usb-a12.04.2009. u 23:27 - pre 152 meseci
Nemoj molim te politiku da spominjes :)

Kada ovo uradis, potrebno je jos par stvari da odradimo i to je to.

Javi se kad zavrsis.

Pozdrav
 
Odgovor na temu

kuljaking
xxxx xxxx
bjeljina

Član broj: 108007
Poruke: 51
77.239.70.*



Profil

icon Re: Problem oko otvaranja usb-a13.04.2009. u 09:22 - pre 152 meseci
URADIO SAM ONO STO SI REKAO I EVO GA NOVI LOG.

ComboFix 09-04-13.A0 - kuljaking 2009-04-14 10:16.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1597 [GMT 2:00]
Running from: c:\documents and settings\kuljaking\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\kuljaking\Desktop\CFScript.txt
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2009-03-14 to 2009-04-14 )))))))))))))))))))))))))))))))
.

2009-04-11 22:14 . 2009-04-11 22:20 -------- d-----w c:\documents and settings\kuljaking\Application Data\Web Page Maker
2009-04-09 23:15 . 2009-04-09 23:15 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-04-09 17:22 . 2009-04-09 17:22 24576 ----a-w c:\documents and settings\kuljaking\Local Settings\Application Data\cp_setup_assist.exe
2009-04-09 17:22 . 2006-03-28 07:55 155648 ----a-w c:\windows\system32\ssleay32.dll
2009-04-09 17:22 . 2006-03-28 07:54 696320 ----a-w c:\windows\system32\libeay32.dll
2009-04-09 17:22 . 2009-04-09 17:22 -------- d-----w c:\documents and settings\kuljaking\Application Data\iolo
2009-04-09 17:22 . 2009-04-09 17:22 -------- d-----w c:\documents and settings\All Users\Application Data\iolo
2009-04-02 15:59 . 2009-04-02 15:59 -------- d--h--w c:\windows\system32\GroupPolicy
2009-04-02 15:42 . 2009-04-02 15:45 516 ----a-w C:\BOOT.BXP
2009-04-02 15:42 . 2004-08-04 01:07 2148352 ----a-w c:\windows\system32\LOGOOS.EXE
2009-04-02 15:31 . 2009-04-02 15:31 91 ----a-w c:\windows\OB1.INI
2009-03-26 21:28 . 2008-03-05 14:56 1420824 ----a-w c:\windows\system32\D3DCompiler_37.dll
2009-03-26 21:28 . 2008-02-05 22:07 462864 ----a-w c:\windows\system32\d3dx10_37.dll
2009-03-26 21:28 . 2008-03-05 14:56 3786760 ----a-w c:\windows\system32\D3DX9_37.dll
2009-03-26 21:28 . 2009-03-26 21:28 -------- d-----w c:\windows\Logs
2009-03-26 21:27 . 2009-03-28 23:56 615728 ----a-w c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-03-26 21:27 . 2009-03-26 21:27 -------- d-----w c:\windows\system32\XPSViewer
2009-03-26 21:26 . 2008-07-06 12:06 89088 -c----w c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-03-26 21:26 . 2008-07-06 12:06 575488 -c----w c:\windows\system32\dllcache\xpsshhdr.dll
2009-03-26 21:26 . 2008-07-06 12:06 575488 ------w c:\windows\system32\xpsshhdr.dll
2009-03-26 21:26 . 2008-07-06 12:06 1676288 -c----w c:\windows\system32\dllcache\xpssvcs.dll
2009-03-26 21:26 . 2008-07-06 12:06 1676288 ------w c:\windows\system32\xpssvcs.dll
2009-03-26 21:26 . 2008-07-06 12:06 117760 ------w c:\windows\system32\prntvpt.dll
2009-03-26 21:26 . 2008-07-06 10:50 597504 -c----w c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-03-26 00:10 . 2009-03-26 00:10 -------- d-----w c:\documents and settings\kuljaking\Application Data\JLC's Software
2009-03-23 10:30 . 2009-03-23 10:30 268 ---ha-w C:\sqmdata01.sqm
2009-03-23 10:30 . 2009-03-23 10:30 244 ---ha-w C:\sqmnoopt01.sqm
2009-03-20 22:25 . 2009-03-20 22:25 41808 ----a-w c:\windows\system32\xfcodec.dll
2009-03-17 20:37 . 2009-03-17 20:41 -------- d-----w C:\MoTemp
2009-03-17 20:33 . 2009-03-17 20:33 -------- d-----w c:\documents and settings\kuljaking\Library
2009-03-17 20:33 . 2009-03-17 20:33 -------- d-----w c:\documents and settings\kuljaking\Application Data\com.adobe.ExMan
2009-03-17 18:16 . 2009-03-17 18:16 166 ----a-w c:\windows\MyDrivers.ini
2009-03-17 17:39 . 2009-04-02 16:40 -------- d-----w c:\documents and settings\kuljaking\Application Data\Kingston
2009-03-15 10:26 . 2009-03-15 10:26 -------- d-----w c:\documents and settings\kuljaking\Local Settings\Application Data\Help

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-13 22:57 . 2009-02-06 01:52 189072 ----a-w c:\windows\system32\PnkBstrB.exe
2009-04-13 21:08 . 2009-02-06 01:53 138920 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-04-11 23:41 . 2009-04-11 22:14 -------- d-----w c:\program files\Web Page Maker
2009-04-11 22:46 . 2009-02-17 17:07 -------- d-----w c:\documents and settings\kuljaking\Application Data\uTorrent
2009-04-11 22:12 . 2009-04-11 22:09 -------- d-----w c:\program files\ProgDVB
2009-04-02 15:42 . 2009-04-02 15:42 -------- d-----w c:\program files\BootXP2
2009-03-28 23:25 . 2009-02-24 20:39 -------- d-----w c:\program files\AutoCAD Architecture 2008
2009-03-26 21:39 . 2009-02-24 18:38 -------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet
2009-03-26 21:36 . 2009-02-08 10:39 78192 ----a-w c:\documents and settings\kuljaking\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-03-26 21:33 . 2009-03-26 21:29 -------- d-----w c:\program files\AutoCAD 2010
2009-03-26 21:33 . 2009-02-24 20:38 -------- d-----w c:\program files\Common Files\Autodesk Shared
2009-03-26 21:29 . 2009-02-24 20:39 -------- d-----w c:\documents and settings\kuljaking\Application Data\Autodesk
2009-03-26 21:29 . 2009-02-24 20:39 -------- d-----w c:\documents and settings\All Users\Application Data\Autodesk
2009-03-26 21:27 . 2009-03-26 21:27 -------- d-----w c:\program files\MSBuild
2009-03-26 21:27 . 2009-03-26 21:27 -------- d-----w c:\program files\Reference Assemblies
2009-03-26 21:24 . 2009-03-26 21:24 -------- d-----w c:\program files\MSXML 6.0
2009-03-25 13:15 . 2009-02-09 15:00 -------- d-----w c:\documents and settings\kuljaking\Application Data\Xfire
2009-03-22 14:55 . 2009-03-06 21:47 -------- d-----w c:\documents and settings\kuljaking\Application Data\TeamViewer
2009-03-17 18:04 . 2009-03-17 18:04 -------- d-----w c:\program files\My Drivers
2009-03-15 10:35 . 2009-03-15 10:21 -------- d-----w c:\program files\AutoCAD 2005
2009-03-08 09:31 . 2009-03-08 08:57 -------- d-----w c:\documents and settings\kuljaking\Application Data\Poser 7
2009-03-08 08:42 . 2009-03-08 08:42 -------- d-----w c:\program files\e frontier
2009-03-08 08:38 . 2009-03-08 08:37 -------- d-----w c:\program files\TC UP
2009-03-08 08:37 . 2009-03-08 08:37 -------- d-----w c:\documents and settings\kuljaking\Application Data\HEXelon
2009-03-06 21:47 . 2009-03-06 21:47 -------- d-----w c:\program files\TeamViewer3
2009-03-06 20:34 . 2009-03-06 20:25 -------- d-----w c:\program files\Poser 2
2009-03-06 20:03 . 2009-03-06 20:03 -------- d-----w c:\program files\Curious Labs
2009-03-04 17:52 . 2009-03-04 17:52 -------- d-----w c:\documents and settings\All Users\Application Data\LightScribe
2009-03-02 19:11 . 2009-03-02 19:11 -------- d-----w c:\documents and settings\kuljaking\Application Data\Media Player Classic
2009-03-02 19:10 . 2009-03-02 19:10 -------- d-----w c:\documents and settings\All Users\Application Data\Apple Computer
2009-03-02 19:10 . 2009-03-02 19:10 -------- d-----w c:\program files\K-Lite Codec Pack
2009-02-28 02:42 . 2009-02-06 01:52 75064 ----a-w c:\windows\system32\PnkBstrA.exe
2009-02-27 04:25 . 2009-02-12 04:10 8192 --s-a-r C:\BOOTSECT.BAK
2009-02-26 20:07 . 2009-02-11 07:17 171136 --sha-r C:\grldr
2009-02-24 20:38 . 2009-02-24 20:38 -------- d-----w c:\program files\Autodesk
2009-02-24 20:25 . 2009-02-24 20:25 -------- d-----w c:\program files\MagicISO
2009-02-24 19:25 . 2009-02-05 21:15 -------- d-----w c:\program files\Common Files\Adobe
2009-02-24 17:54 . 2009-02-24 17:54 -------- d-----w c:\documents and settings\All Users\Application Data\ALM
2009-02-24 17:33 . 2009-02-24 17:33 -------- d-----w c:\program files\Adobe Media Player
2009-02-24 17:32 . 2009-02-24 17:32 -------- d-----w c:\program files\Common Files\Adobe AIR
2009-02-24 17:26 . 2009-02-24 17:26 -------- d-----w c:\program files\Common Files\Macrovision Shared
2009-02-23 01:00 . 2009-02-23 00:58 -------- d-----w c:\documents and settings\kuljaking\Application Data\BSplayer Pro
2009-02-23 00:58 . 2009-02-23 00:58 -------- d-----w c:\program files\Webteh
2009-02-18 09:46 . 2009-02-18 09:46 132 ----a-w c:\documents and settings\kuljaking\Local Settings\Application Data\fusioncache.dat
2009-02-18 00:55 . 2009-02-18 00:55 -------- d-----w c:\program files\GameSpy
2009-02-18 00:53 . 2009-02-06 01:53 22328 ----a-w c:\documents and settings\kuljaking\Application Data\PnkBstrK.sys
2009-02-18 00:53 . 2009-02-18 00:53 669184 ----a-w c:\windows\system32\pbsvc.exe
2009-02-18 00:45 . 2009-02-18 00:45 -------- d-----w c:\program files\Electronic Arts
2009-02-17 20:18 . 2009-02-17 20:18 -------- d-----w c:\program files\Crystal Player
2009-02-17 17:07 . 2009-02-17 17:07 -------- d-----w c:\program files\uTorrent
2009-02-15 14:31 . 2009-02-15 14:30 -------- d-----w c:\program files\AMD
2009-02-15 14:30 . 2009-02-15 14:30 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-02-15 14:29 . 2009-02-15 14:27 -------- d-----w c:\program files\ATI
2009-02-15 14:27 . 2009-02-15 14:27 -------- d-----w c:\documents and settings\All Users\Application Data\ATI
2009-02-15 14:26 . 2009-02-10 19:36 -------- d-----w c:\program files\ATI Technologies
2009-02-13 22:17 . 2009-02-13 20:02 -------- d-----w c:\documents and settings\kuljaking\Application Data\CyberLink
2009-02-13 20:02 . 2009-02-13 20:02 -------- d-----w c:\documents and settings\All Users\Application Data\CyberLink
2009-02-13 20:00 . 2009-02-13 20:00 -------- d-----w c:\program files\Common Files\LightScribe
2009-02-13 19:59 . 2009-02-05 20:30 -------- d--h--w c:\program files\InstallShield Installation Information
2009-02-13 19:59 . 2009-02-13 19:56 -------- d-----w c:\program files\CyberLink
2009-02-13 19:53 . 2009-02-13 19:53 -------- d-----w c:\program files\Alcohol Soft
2009-02-09 00:14 . 2009-02-09 00:14 14488 ----a-w c:\windows\system32\AcSignExtRes.dll
2009-02-09 00:13 . 2009-02-09 00:13 43160 ----a-w c:\windows\system32\AcSignIcon.dll
2009-02-09 00:13 . 2009-02-09 00:13 429720 ----a-w c:\windows\system32\AcSignOpt.exe
2009-02-09 00:13 . 2009-02-09 00:13 29848 ----a-w c:\windows\system32\AcSignExt.dll
2009-02-08 07:58 . 2009-02-05 06:03 86327 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-02-06 02:03 . 2009-02-06 01:54 65536 ----a-w C:\asusdisp.log
2009-02-05 20:55 . 2009-02-05 20:55 268 ---ha-w C:\sqmdata00.sqm
2009-02-05 20:55 . 2009-02-05 20:55 244 ---ha-w C:\sqmnoopt00.sqm
2009-02-05 20:50 . 2009-02-05 20:50 4608 ----a-w c:\windows\system32\w95inf32.dll
2009-02-05 20:50 . 2009-02-05 20:50 2272 ----a-w c:\windows\system32\w95inf16.dll
2009-02-05 06:01 . 2009-02-05 06:01 21640 ----a-w c:\windows\system32\emptyregdb.dat
.

((((((((((((((((((((((((((((( [email protected]_21.35.55.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-04-14 08:11 . 2000-08-31 06:00 29696 c:\windows\NIRCMD.exe
- 2009-04-12 19:21 . 2000-08-31 06:00 29696 c:\windows\NIRCMD.exe
+ 2009-02-06 01:52 . 2009-04-13 22:57 189072 c:\windows\system32\PnkBstrB.exe
- 2009-02-06 01:52 . 2009-04-10 22:21 189072 c:\windows\system32\PnkBstrB.exe
+ 2009-02-06 01:53 . 2009-04-13 21:08 138920 c:\windows\system32\drivers\PnkBstrK.sys
- 2009-02-06 01:53 . 2009-04-10 19:57 138920 c:\windows\system32\drivers\PnkBstrK.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-01 7618560]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-06-01 86016]
"UpdatePPShortCut"="c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"nwiz"="nwiz.exe" [2006-06-01 c:\windows\system32\nwiz.exe]
"C-Media Mixer"="Mixer.exe" [2002-07-12 c:\windows\mixer.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll
"msacm.clmp3enc"= c:\progra~1\CYBERL~1\Power2Go\CLMP3Enc.ACM

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
--a------ 2008-06-11 23:43 640376 c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
--a------ 2008-06-12 03:25 37232 c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
--a------ 2008-08-14 08:58 611712 c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO]
--a------ 2008-08-15 06:46 378224 c:\progra~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amd_dc_opt]
--a------ 2008-07-22 14:53 77824 c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS SmartDoctor]
--a------ 2008-10-16 18:50 1171456 c:\program files\ASUS\SmartDoctor\SmartDoctor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
--a------ 2008-06-26 12:51 380928 c:\program files\ASUS\GamerOSD\GamerOSD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2005-12-16 13:57 94208 c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-04 03:07 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
--a------ 2008-02-22 12:19 62760 c:\program files\CyberLink\PowerDVD\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
--a------ 2008-03-17 18:59 2289664 c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-08-04 02:06 1667584 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress]
--------- 2008-03-18 11:15 2508072 c:\program files\CyberLink\Power2Go\Power2GoExpress.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--------- 2008-04-02 20:09 87336 c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
--a------ 2008-08-29 18:11 61440 c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Cain\\Cain.exe"=
"d:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\CyberLink\\PowerDirector\\PDR.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=
"c:\\Program Files\\e frontier\\Poser 7\\Poser.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"3703:TCP"= 3703:TCP:Adobe Version Cue CS4 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS4 Server
"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server
"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server

R3 cpuz;cpuz; [x]
R3 SliceDisk5;SliceDisk5; [x]
R4 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S1 VD_FileDisk;VD_FileDisk; [x]
S3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2008-07-02 89600]
S3 XG1;ASUS Generic USB Driver;c:\windows\system32\Drivers\OC_Gear1.sys [2006-11-17 34304]


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
.
------- Supplementary Scan -------
.
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-14 10:17
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(784)
c:\windows\system32\Ati2evxx.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'explorer.exe'(3392)
c:\windows\system32\msi.dll
.
Completion time: 2009-04-14 10:18
ComboFix-quarantined-files.txt 2009-04-14 08:18
ComboFix2.txt 2009-04-13 19:36

Pre-Run: 5,824,548,864 bytes free
Post-Run: 5,812,654,080 bytes free

238
 
Odgovor na temu

Nemanja Živanović

Član broj: 212716
Poruke: 459



+4 Profil

icon Re: Problem oko otvaranja usb-a13.04.2009. u 11:26 - pre 152 meseci
Kakvo je sada stanje?
 
Odgovor na temu

kuljaking
xxxx xxxx
bjeljina

Član broj: 108007
Poruke: 51
94.250.90.*



Profil

icon Re: Problem oko otvaranja usb-a13.04.2009. u 11:39 - pre 152 meseci
Stanje je ok cita sad usb normalno.Samo prije pokretanja win-a stoji tri opcije umjeto dvije kao i ranjie za xp i vistu sad ima dodatna win recovery.Sad sam uradio i ono sto si ti u jednom postu napisao da iskljucim autorun.inf u registrima
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"

 
Odgovor na temu

Nemanja Živanović

Član broj: 212716
Poruke: 459



+4 Profil

icon Re: Problem oko otvaranja usb-a13.04.2009. u 12:01 - pre 152 meseci
Hajde da uninstaliramo ComboFix, da vidimo da li ce nestati to, ako ne rucno cemo da izbrisemo.

Idi na Start — Run — ukucaj combofix /u i sacekaj da se proces instalacije zavrsi. Restartuj racunar i javi kakvo je stanje.
 
Odgovor na temu

[es] :: Zaštita :: Problem oko otvaranja usb-a

[ Pregleda: 2773 | Odgovora: 14 ] > FB > Twit

Postavi temu Odgovori

Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.