MyCity » Ambulanta -> Arhiva Ambulante » Poludeo skroz

Poludeo skroz

Napisano na dan: 1.4.2010

Strana:
1
2

Poludeo skroz

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Boske_KG Poslao: 01 Apr 2010 19:15 Idi na vrh
offline Boske_KG Ugledni građanin Tomica Komitet za bezbednost saobraćaja Pridružio: 22 Jun 2006 Poruke: 430 Gde živiš: Kragujevac	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 01 Apr 2010 19:09 Nzn sta mu je cudno se ponasa.. avira samo pisti... https://www.mycity.rs/must-login.png Skino sam gamer, ali cim ga pokrenem i stisnem da skenira na racunaru izbacuje plavu pozadinu i system pada...to sma 3 puta pokusao i 3 puta isto se desava.. Dopuna: 01 Apr 2010 19:15 *gmer (izvinjavam se)

Profil

helen1 Poslao: 01 Apr 2010 21:04 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, log je necitljiv. Lepo ga nalepi kako se kaze u uputstvu.

Profil

Boske_KG Poslao: 02 Apr 2010 00:19 Idi na vrh
offline Boske_KG Ugledni građanin Tomica Komitet za bezbednost saobraćaja Pridružio: 22 Jun 2006 Poruke: 430 Gde živiš: Kragujevac	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: https://www.mycity.rs/must-login.png DDS (Ver_10-03-17.01) - NTFSx86 Run by Petrovic at 0:19:53,07 on pet 02.04.2010 Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_19 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1279.674 [GMT 2:00] AV: AntiVir Desktop On-access scanning disabled (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\sched.exe svchost.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Acunetix\Web Vulnerability Scanner 4\WVSScheduler.exe C:\Program Files\USB Disk Security\USBGuard.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\Opofia.exe C:\Program Files\xampp\apache\bin\httpd.exe C:\Documents and Settings\Petrovic\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe C:\Program Files\X-Micro\Bluetooth Software\BTTray.exe svchost.exe C:\Program Files\X-Micro\Bluetooth Software\bin\btwdins.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\xampp\mysql\bin\mysqld.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\xampp\apache\bin\httpd.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Petrovic\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Petrovic\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Petrovic\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Petrovic\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Petrovic\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Petrovic\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Petrovic\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Petrovic\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Petrovic\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\DOCUME~1\Petrovic\LOCALS~1\Temp\Owr.exe C:\Documents and Settings\Petrovic\Desktop\dds.pif ============== Pseudo HJT Report =============== uStart Page = hxxp://www.microsoft.com udefault_page_url = hxxp://www.microsoft.com uWindow Title = Microsoft Internet Explorer mDefault_Page_URL = hxxp://www.microsoft.com mStart Page = hxxp://www.microsoft.com mWindow Title = Microsoft Internet Explorer mSearchAssistant = hxxp://search.live.com/sphome.aspx BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [Google Update] "c:\documents and settings\petrovic\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [YVIBBBHA8C] c:\docume~1\petrovic\locals~1\temp\Owr.exe uRun: [WEK9EMDHI9] c:\windows\Opofia.exe mRun: [Ins3DT] f:\install4\INS3DT.EXE mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [USB Antivirus] c:\program files\usb disk security\USBGuard.exe mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe mRun: [HP Software Update] "c:\program files\hewlett-packard\hp software update\HPWuSchd.exe" mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe" mRun: [DeviceDiscovery] c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [run32] c:\win\lsass.exe mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\x-micro\bluetooth software\BTTray.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: Send To &Bluetooth - c:\program files\x-micro\bluetooth software\btsendto_ie_ctx.htm IE: Sothink SWF Catcher - c:\program files\common files\sourcetec\swf catcher\InternetExplorer.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\x-micro\bluetooth software\btsendto_ie.htm IE: {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - c:\program files\common files\sourcetec\swf catcher\InternetExplorer.htm IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\petrovic\applic~1\mozilla\firefox\profiles\lqbm26f8.default\ FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50-ff-shoutcast-chromesbox-en-us&query= FF - prefs.js: browser.search.selectedEngine - Winamp Search FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157 FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50-ff-shoutcast-ab-en-us&query= FF - plugin: c:\documents and settings\petrovic\application data\facebook\npfbplugin_1_0_1.dll FF - plugin: c:\documents and settings\petrovic\application data\facebook\npfbplugin_1_0_3.dll FF - plugin: c:\documents and settings\petrovic\local settings\application data\google\update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.2.183.17\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); ============= SERVICES / DRIVERS =============== R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-9-20 11608] R2 AcuWVSScheduler;Acunetix WVS Scheduler;c:\program files\acunetix\web vulnerability scanner 4\WVSScheduler.exe [2007-5-28 571904] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-9-20 108289] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-9-20 185089] R2 Apache2.2;Apache2.2;c:\program files\xampp\apache\bin\httpd.exe [2008-12-10 24636] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-9-20 56816] R2 SSHNAS;SSHNAS;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-11-6 135664] ============== File Associations =============== .scr=AutoCADScriptFile =============== Created Last 30 ================ 2010-03-27 18:10:01 166912 ----a-w- c:\windows\Opofia.exe 2010-03-27 18:09:41 196096 ----a-w- c:\windows\system32\sshnas21.dll 2010-03-27 18:01:42 0 d-sh--w- c:\docume~1\alluse~1\applic~1\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} 2010-03-24 13:11:38 0 d--h--w- c:\windows\PIF 2010-03-12 19:16:30 0 d-----w- C:\flash 2010-03-04 21:08:34 0 d-----w- c:\documents and settings\petrovic\dwhelper 2010-03-03 17:51:25 5632 ----a-w- c:\windows\system32\ptpusb.dll 2010-03-03 17:51:23 159232 ----a-w- c:\windows\system32\ptpusd.dll 2010-03-03 17:51:22 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys 2010-03-03 17:51:22 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys ==================== Find3M ==================== 2010-03-09 02:28:20 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-01-06 17:50:47 20898 ----a-w- c:\windows\system32\SpoonUninstall-dBpowerAMP Music Converter.dat 2010-01-06 17:50:47 164352 ----a-w- c:\windows\system32\SpoonUninstall.exe ============= FINISH: 0:20:39,54 ===============

Profil

helen1 Poslao: 02 Apr 2010 11:08 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

Boske_KG Poslao: 02 Apr 2010 13:58 Idi na vrh
offline Boske_KG Ugledni građanin Tomica Komitet za bezbednost saobraćaja Pridružio: 22 Jun 2006 Poruke: 430 Gde živiš: Kragujevac	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Cudno se nesto desilo... Pratio sma upustva iskljucio Aviru, i pokrenuo combofix i restartovo se racunar.. zatim podigo system i poceo je da skenira combofix ... Avira se upalila i pokazuje mi neke viruse da brisem iz windows fajla neki .. zavrsilo se skeniranje combofix-a i komp se restartovo. evo fajla iz direktorijuma : C:\ComboFix\ComboFix.txt https://www.mycity.rs/must-login.png

Profil

helen1 Poslao: 02 Apr 2010 15:25 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ja opet ne vidim log, kako ga to saljes, lepo ga iskopiraj u poruku.

Profil

Boske_KG Poslao: 02 Apr 2010 15:52 Idi na vrh
offline Boske_KG Ugledni građanin Tomica Komitet za bezbednost saobraćaja Pridružio: 22 Jun 2006 Poruke: 430 Gde živiš: Kragujevac	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! @prvi put mi nije bio ceo log. evo sad sam opet ponovio postupak ceo. ComboFix 10-04-01.02 - Petrovic 02.04.2010 15:41:08.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1279.887 [GMT 2:00] Running from: c:\documents and settings\Petrovic\Desktop\ComboFix.exe AV: AntiVir Desktop On-access scanning disabled (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk c:\documents and settings\Petrovic\Application Data\Desktopicon\eBayShortcuts.exe c:\windows\regsvr32.exe c:\windows\system32\sshnas21.dll c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job c:\windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_SSHNAS -------\Service_SSHNAS ((((((((((((((((((((((((( Files Created from 2010-03-02 to 2010-04-02 ))))))))))))))))))))))))))))))) . 2010-04-01 06:45 . 2010-04-01 06:45 -------- d-----w- c:\program files\Common Files\Java 2010-04-01 06:43 . 2010-04-01 06:43 503808 ----a-w- c:\documents and settings\Petrovic\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1bf95ad8-n\msvcp71.dll 2010-04-01 06:43 . 2010-04-01 06:43 499712 ----a-w- c:\documents and settings\Petrovic\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1bf95ad8-n\jmc.dll 2010-04-01 06:43 . 2010-04-01 06:43 348160 ----a-w- c:\documents and settings\Petrovic\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1bf95ad8-n\msvcr71.dll 2010-04-01 06:42 . 2010-04-01 06:42 61440 ----a-w- c:\documents and settings\Petrovic\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-311f9e81-n\decora-sse.dll 2010-04-01 06:42 . 2010-04-01 06:42 12800 ----a-w- c:\documents and settings\Petrovic\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-311f9e81-n\decora-d3d.dll 2010-03-29 09:58 . 2010-03-29 09:58 -------- d-----w- c:\documents and settings\Petrovic\Application Data\Hewlett-Packard 2010-03-27 18:01 . 2010-03-27 18:01 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} 2010-03-24 13:11 . 2010-03-24 13:11 -------- d--h--w- c:\windows\PIF 2010-03-12 19:16 . 2010-03-12 19:16 -------- d-----w- C:\flash 2010-03-04 21:08 . 2010-03-04 21:08 -------- d-----w- c:\documents and settings\Petrovic\dwhelper 2010-03-03 17:51 . 2001-08-17 21:36 5632 ----a-w- c:\windows\system32\ptpusb.dll 2010-03-03 17:51 . 2004-08-03 23:56 159232 ----a-w- c:\windows\system32\ptpusd.dll 2010-03-03 17:51 . 2004-08-03 21:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys 2010-03-03 17:51 . 2004-08-03 21:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys 2010-03-03 16:03 . 2010-03-03 16:03 45056 ----a-r- c:\documents and settings\Petrovic\Application Data\Microsoft\Installer\{5E8A1B08-0FBD-4543-9646-F2C2D0D05750}\ARPPRODUCTICON.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-04-01 06:41 . 2009-12-31 14:11 -------- d-----w- c:\program files\Java 2010-03-30 10:05 . 2009-09-20 09:52 90288 ----a-w- c:\documents and settings\Petrovic\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-03-29 22:32 . 2009-10-28 17:49 -------- d-----w- c:\documents and settings\Petrovic\Application Data\Skype 2010-03-29 22:01 . 2009-10-28 17:50 -------- d-----w- c:\documents and settings\Petrovic\Application Data\skypePM 2010-03-29 10:09 . 2009-09-29 11:32 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2010-03-18 13:03 . 2010-01-28 23:18 -------- d-----w- c:\documents and settings\Petrovic\Application Data\FileZilla 2010-03-09 02:28 . 2009-12-31 14:11 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-03-02 21:25 . 2010-01-31 01:35 50354 ----a-w- c:\documents and settings\Petrovic\Application Data\Facebook\uninstall.exe 2010-03-02 21:25 . 2010-01-31 01:35 -------- d-----w- c:\documents and settings\Petrovic\Application Data\Facebook 2010-02-28 18:32 . 2010-02-28 18:32 -------- d-----w- c:\documents and settings\All Users\Application Data\TechSmith 2010-02-28 18:32 . 2010-02-28 18:32 -------- d-----w- c:\program files\Common Files\TechSmith Shared 2010-02-28 18:32 . 2010-02-28 18:32 -------- d-----w- c:\program files\TechSmith 2010-02-28 15:34 . 2010-02-28 15:34 -------- d-----w- c:\program files\Longtion 2010-02-26 06:41 . 2010-02-26 06:41 847040 ----a-w- c:\documents and settings\Petrovic\Application Data\Facebook\axfbootloader.dll 2010-02-26 06:41 . 2010-02-26 06:41 5582848 ----a-w- c:\documents and settings\Petrovic\Application Data\Facebook\npfbplugin_1_0_3.dll 2010-02-21 15:04 . 2010-02-21 14:45 -------- d-----w- c:\program files\123 Flash Menu 2010-02-14 19:01 . 2009-09-29 11:44 -------- d-----w- c:\program files\The KMPlayer 2010-02-13 11:44 . 2010-02-12 20:05 -------- d-----w- c:\documents and settings\Petrovic\Application Data\Smart PDF Converter Pro 2010-02-10 00:48 . 2009-11-06 21:37 -------- d-----w- c:\program files\Google 2010-02-06 15:54 . 2009-09-29 19:19 -------- d-----w- c:\program files\xampp 2010-02-06 12:11 . 2010-02-06 12:11 -------- d-----w- c:\program files\Common Files\SourceTec 2010-02-06 12:11 . 2010-02-06 12:11 -------- d-----w- c:\program files\SourceTec 2010-01-27 03:20 . 2010-01-27 03:20 5578752 ----a-w- c:\documents and settings\Petrovic\Application Data\Facebook\npfbplugin_1_0_1.dll 2010-01-06 17:50 . 2010-01-06 17:50 20898 ----a-w- c:\windows\system32\SpoonUninstall-dBpowerAMP Music Converter.dat 2010-01-06 17:50 . 2009-11-28 20:45 164352 ----a-w- c:\windows\system32\SpoonUninstall.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-10-29 3883856] "Google Update"="c:\documents and settings\Petrovic\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-09-20 133104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-09-05 4841472] "nwiz"="nwiz.exe" [2003-09-05 323584] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "USB Antivirus"="c:\program files\USB Disk Security\USBGuard.exe" [2008-09-23 798720] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-09-01 176128] "HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152] "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 233472] "DeviceDiscovery"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2003-05-21 229437] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 110592] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoCAD Startup Accelerator.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk backup=c:\windows\pss\AutoCAD Startup Accelerator.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2006-11-16 18:04 139264 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] 2009-10-29 11:20 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2006-01-12 14:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2009-10-09 12:11 25623336 ----a-r- c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] 2008-02-27 16:33 15872 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] 2008-08-03 23:02 36352 ----a-w- c:\program files\Winamp\winampa.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\xampp\\apache\\bin\\httpd.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Total Commander\\TOTALCMD.EXE"= "c:\\games\\CS 1.6 v42 FULL\\hl.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R2 AcuWVSScheduler;Acunetix WVS Scheduler;c:\program files\Acunetix\Web Vulnerability Scanner 4\WVSScheduler.exe [28.5.2007 12:13 571904] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [20.9.2009 12:13 108289] R2 Apache2.2;Apache2.2;c:\program files\xampp\apache\bin\httpd.exe [10.12.2008 1:10 24636] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [25.10.2009 18:03 721904] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [6.11.2009 23:37 135664] . Contents of the 'Scheduled Tasks' folder 2010-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-11-06 21:37] 2010-04-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-11-06 21:37] 2010-04-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-220523388-682003330-1003Core.job - c:\documents and settings\Petrovic\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-09-20 10:15] 2010-04-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-220523388-682003330-1003UA.job - c:\documents and settings\Petrovic\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-09-20 10:15] 2010-04-02 c:\windows\Tasks\PandaUSBVaccine.job - c:\program files\Panda USB Vaccine\RunInteractiveWin.exe [2009-11-11 15:45] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.microsoft.com mStart Page = hxxp://www.microsoft.com mWindow Title = Microsoft Internet Explorer IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Send To &Bluetooth - c:\program files\X-Micro\Bluetooth Software\btsendto_ie_ctx.htm IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm FF - ProfilePath - c:\documents and settings\Petrovic\Application Data\Mozilla\Firefox\Profiles\lqbm26f8.default\ FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50-ff-shoutcast-chromesbox-en-us&query= FF - prefs.js: browser.search.selectedEngine - Winamp Search FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157 FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50-ff-shoutcast-ab-en-us&query= FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - plugin: c:\documents and settings\Petrovic\Application Data\Facebook\npfbplugin_1_0_1.dll FF - plugin: c:\documents and settings\Petrovic\Application Data\Facebook\npfbplugin_1_0_3.dll FF - plugin: c:\documents and settings\Petrovic\Local Settings\Application Data\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll . . ------- File Associations ------- . .scr=AutoCADScriptFile . - - - - ORPHANS REMOVED - - - - HKCU-Run-WEK9EMDHI9 - c:\windows\Opofia.exe HKLM-Run-Ins3DT - f:\install4\INS3DT.EXE HKLM-Run-run32 - c:\win\lsass.exe MSConfigStartUp-61208320 - c:\docume~1\ALLUSE~1\APPLIC~1\61208320\61208320.exe AddRemove-SmartPhotoRefresh - c:\program files\BearPaw 1200CU Plus\UNWISE.EXE AddRemove-Sound'Em - c:\program files\BearPaw 1200CU Plus\UNWISE.EXE ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-04-02 15:49 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2010-04-02 15:52:18 ComboFix-quarantined-files.txt 2010-04-02 13:52 Pre-Run: 5.000.814.592 bytes free Post-Run: 4.970.881.024 bytes free - - End Of File - - 3ECECEE9065CEA2F671E94EEFF453C0B

Profil

helen1 Poslao: 02 Apr 2010 18:34 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sad stanje?

Profil

Boske_KG Poslao: 02 Apr 2010 19:34 Idi na vrh
offline Boske_KG Ugledni građanin Tomica Komitet za bezbednost saobraćaja Pridružio: 22 Jun 2006 Poruke: 430 Gde živiš: Kragujevac	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Avira mi se sad ne aktivira... Hvala Bogu... Za sad je dobar.. nego nzn zasto cim pokrenem msn izbacuje mi plavu pozadinu i restartuje komp... jel ima nesto veze sa tim...? Da nije msn pod nekim virusom.

Profil

helen1 Poslao: 02 Apr 2010 19:51 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Probaj da reinstaliras MSN. Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Poludeo skroz

Ko je trenutno na forumu

Ukupno su 847 korisnika na forumu :: 5 registrovanih, 1 sakriven i 841 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: ALBION101, Boris90, Marko Marković, Maschinekalibar, suton

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by