MyCity » Ambulanta -> Arhiva Ambulante » Ako moze provera

Ako moze provera

Napisano na dan: 5.12.2008

Ako moze provera

Sledeća strana

Pagination

Odgovori

zeljko f Poslao: 05 Dec 2008 05:20 Idi na vrh
offline zeljko f Legendarni građanin Pridružio: 20 Jul 2008 Poruke: 4682	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Negde sam navukao nekih gluposti,zadnja dva dana mi se za nijansu sporije palio komp,i nisam mogao iz prvog puta da abdejtujem malwarebytes i a-squared free, nego sam ponavljao po nekoliko puta cekiranje. Medjutim nesto sam pobrisao sa raznim programima,pa me interesuje imali jos sta,evo i sta je obrisano. Malwarebytes Malwarebytes' Anti-Malware 1.31 Verzija baze podataka: 1460 Windows 5.1.2600 Service Pack 3 5.12.2008 2:17:13 mbam-log-2008-12-05 (02-17-13).txt Tip skeniranja: Kompletno Skeniranje (C:\\|D:\ Skeniranih objekata: 84755 Proteklo vreme: 14 minute(s), 27 second(s) Inficirani procesi u memoriji: 0 Inficirani moduli u memoriji: 0 Inficirani kljuèevi u registru: 0 Inficirane vrednosti u registru: 0 Inficirani podaci u registru: 0 Inficirane fascikle: 0 Inficirane datoteke: 2 Inficirani procesi u memoriji: (Maliciozne stavke nisu detektovane) Inficirani moduli u memoriji: (Maliciozne stavke nisu detektovane) Inficirani kljuèevi u registru: (Maliciozne stavke nisu detektovane) Inficirane vrednosti u registru: (Maliciozne stavke nisu detektovane) Inficirani podaci u registru: (Maliciozne stavke nisu detektovane) Inficirane fascikle: (Maliciozne stavke nisu detektovane) Inficirane datoteke: C:\Documents and Settings\Administrator\Application Data\Desktopicon\eBayShortcuts.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{EE547D8D-DE88-4466-B703-4986CBAEECD5}\RP44\A0011404.EXE (Trojan.Agent) -> Quarantined and deleted successfully. Norman antimalware Norman Malware Cleaner Copyright © 1990 - 2008, Norman ASA. Built 2008/12/03 00:08:32 Norman Scanner Engine Version: 5.93.01 Nvcbin.def Version: 5.93.00, Date: 2008/12/03 00:08:32, Variants: 2261035 Running pre-scan cleanup routine: Operating System: Microsoft Windows XP Professional 5.1.2600 Service Pack 3 Logged on user: USPON-FF51FA5A3\Administrator Removed registry value: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -> DisableRegistryTools = 0x00000000 Removed registry value: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer -> NoDrives = 0x00000000 Scan started: 05/12/2008 04:16:03 Scanning running processes and process memory... Number of processes/threads found: 1370 Number of processes/threads scanned: 1370 Number of processes/threads not scanned: 0 Number of infected processes/threads terminated: 0 Total scanning time: 32s Scanning file system... Scanning: C:\. C:\Documents and Settings\Administrator\Favorites\Automobili\AUTOBAT Polovna vozila Nova vozila Auto Foto Oglasi Auto placevi Polovni automobili Testovi Poredenja Dokumenta.url (Error opening file: Not found) C:\Documents and Settings\Administrator\Favorites\Automobili\Nacionalna Klasa - Najcitaniji srpski elektronski auto i moto casopis.url (Error opening file: Not found) C:\Documents and Settings\Administrator\Favorites\Automobili\www.AutoMotoTrke.net Formula 1 MotoGP WRC DTM Domaci AutoMoto sport A1GP GP2 WSR Dakar rally ChampCar IRL.url (Error opening file: Not found) C:\System Volume Information\_restore{EE547D8D-DE88-4466-B703-4986CBAEECD5}\RP44\A0010365.exe (Infected with Malware.EFWV) Deleted file C:\System Volume Information\_restore{EE547D8D-DE88-4466-B703-4986CBAEECD5}\RP44\A0010378.exe (Infected with Malware.DOVN) Deleted file C:\System Volume Information\_restore{EE547D8D-DE88-4466-B703-4986CBAEECD5}\RP44\A0010405.exe (Infected with Malware.EKQO) Deleted file C:\System Volume Information\_restore{EE547D8D-DE88-4466-B703-4986CBAEECD5}\RP44\A0010427.exe (Infected with Malware.EMWG) Deleted file C:\System Volume Information\_restore{EE547D8D-DE88-4466-B703-4986CBAEECD5}\RP44\A0010428.exe (Infected with Malware.EKQO) Deleted file C:\System Volume Information\_restore{EE547D8D-DE88-4466-B703-4986CBAEECD5}\RP44\A0010436.exe (Infected with Malware.EMWG) Deleted file Scanning: D:\. Scanning: c:\System Volume Information\. Running post-scan cleanup routine: Number of files found: 73036 Number of archives unpacked: 348 Number of files scanned: 72975 Number of files not scanned: 61 Number of files skipped due to exclude list: 0 Number of infected files found: 6 Number of infected files repaired/deleted: 6 Number of infections removed: 6 Total scanning time: 21m 50s Posto spyware doctor ne dozvoljava kopiranje loga,morao sam ovako A evo i Hijackthis loga Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 5:14:47, on 5.12.2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18241) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Spyware Doctor\pctsAuxs.exe C:\Program Files\Spyware Doctor\pctsSvc.exe C:\Program Files\Spyware Doctor\pctsTray.exe C:\Documents and Settings\Administrator\Desktop\z-f\TR3.exe..exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: IE7Pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe" O4 - HKCU\..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\Microsoft Office\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe -- End of file - 6718 bytes Cekam dalja uputstva,hvala unapred.

Profil

dr_Bora Poslao: 05 Dec 2008 17:45 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Log izgleda ok, no proverićemo još nešto. Preuzmi gmer.zip sa ovog linka i sačuvaj na Desktopu. Raspakuj ga u neki folder. Dupli klik na gmer.exe za početak: Izaberi Rootkit/Malware Tab na vrhu. Klikni na Scan. Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati rezultate skeniranja u Clipboard. Iskoristi opciju Paste u Notepad-u da bi to prebacio u tekst. Snimi taj tekst iz Notepada kao file1.txt. Ponovi ovo isto sa Autostart Tab-om. Snimi taj tekst iz Notepada kao file2.txt. Iskoristi opciju Prikači fajl ispod polja za pisanje poruke na forumu, i prikači nam ovde ta dva fajla koja smo malopre snimili.

Profil

zeljko f Poslao: 05 Dec 2008 19:11 Idi na vrh
offline zeljko f Legendarni građanin Pridružio: 20 Jul 2008 Poruke: 4682	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Evo logova,valjda sam dobro odradio. [Link mogu videti samo ulogovani korisnici] Dopuna: 05 Dec 2008 19:10 Ne radi mi opcijaprikaci fajl,da bi okacio drugi fajl Dopuna: 05 Dec 2008 19:11 [Link mogu videti samo ulogovani korisnici] Dopuna: 05 Dec 2008 19:11 Evo proradi,greska je bila do mene,izvinjavam se

Profil

dr_Bora Poslao: 05 Dec 2008 20:39 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovde nema malware-a...

Profil

zeljko f Poslao: 05 Dec 2008 20:49 Idi na vrh
offline zeljko f Legendarni građanin Pridružio: 20 Jul 2008 Poruke: 4682	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Drago mi je da to cujem,hvala puno,pozzz.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Ako moze provera

Ko je trenutno na forumu

Ukupno su 919 korisnika na forumu :: 142 registrovanih, 10 sakrivenih i 767 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 015, 357magnum, 8u47, Alexandar-1973, Andrija357, Apis Dr, aramis s, Arsenije, asdfjklc, Aska, Asparagus, Avalon015, babaroga, Bahuss, Barista, Batko.VD.65, belov, blackjack, bobor, Bobrock1, bog sunca, bojan_t, bojank, Borkanović, BORUTUS, borya90, Bruno Šprljan, calvi, cifra, cyprus, DeerHunter, Dekanovic, DezurniOperativni, djukapfc, DJUNTA, draganl, drimer, dukajov, Dukelander, dule10savic, ElGenius, Ezbuck, g_g, Georgius, Great White, grunff2, GveX, herrDule, IpMan, istokzapad, Jan, Jeremiah, Johny Sack, Joint Chief, Joja, K-1A, Kajzer Soze, Kazablankasrb, Khalid ibn al-Walid, KizJ, kori, Koser, Kule15, kybonacci, Lošmi, Lucije Kvint, Luka Todorovic, Luke Pathfinder, Mackomen, Malahit, Mamadu, mango, MarijaC84, mat, Mcdado, mercedesamg, milanpb, milenko crazy north, Milos ZA, Mirage 2000N, Miškić, MK10, mnn2, mocnijogurt, Mrav Obrad, Ne doznajem se u oružje, nekdo, neko_drugi, nemkea71, nenad81, nick79, nikoladim, Ognjen D., OgnjenMitric, Oscar, Otto Grunf, peradetlić, Pero Petković, Petar888, Petarvu, Pilence, pisac12, PO1974, Pohovani_00, Prečanin30, Primus17, read-only, RED4G-304, royst33, S2M, Sami_1ali, Sharpshooter, ShtagodShtagod, Sky diver 29, Slingshot, Srpska zauvjek, sspp, Stefan M, Stoorb, Szigetwar, tamno.nebo, Tasman0081, tm, Toper, TRAVUNIJA, Tribal, Tumansky, tvlada, Vaske8990, vathra, VBoss, vensla, Vlada78, voja64, vuksa72, W123, zil10, zlatkoa987, zokilivac, zubri, Žoržo, 787

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by