MyCity » Ambulanta -> Arhiva Ambulante » Prelged log fajla

Prelged log fajla

Napisano na dan: 21.2.2009

Strana:
1
2

Prelged log fajla

Sledeća strana

Pagination

Odgovori

Strana:
1
2

bokac Poslao: 21 Feb 2009 10:38 Idi na vrh
offline bokac Građanin Pridružio: 21 Feb 2009 Poruke: 97 Gde živiš: Istocno Sarajevo	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sumnjam na zaraze tipa autoran.inf i slicne ako moze da pogledate. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:34:23, on 21.2.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Adobe\Adobe Photoshop CS3\Photoshop.exe C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\Program Files\Google\Google Talk\googletalk.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Admin\Desktop\skeniranje\skeniraj.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Link mogu videti samo ulogovani korisnici] R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [Link mogu videti samo ulogovani korisnici] R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [Link mogu videti samo ulogovani korisnici] R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 .local O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Microsoft Web Test Recorder 9.0 Helper - {E31CE47F-C268-41ba-897B-B415E613947D} - c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO90.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe O4 - HKLM\..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\aro.exe -rem O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\VISUAL~1\NTXcontext.htm O8 - Extra context menu item: + Offline &Explorer: Download the link - [Link mogu videti samo ulogovani korisnici]\offline explorer\Portable Offline Browser\Add_UrlO.htm O8 - Extra context menu item: + Offline E&xplorer: Download the current page - [Link mogu videti samo ulogovani korisnici]\offline explorer\Portable Offline Browser\Add_AllO.htm O8 - Extra context menu item: Download video with Free Download Manager - [Link mogu videti samo ulogovani korisnici]\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Preuzmi odabrano Free Download Manager-om - [Link mogu videti samo ulogovani korisnici]\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Preuzmi sa Free Download Managerom - [Link mogu videti samo ulogovani korisnici]\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Preuzmi sve sa Free Download Manager-om - [Link mogu videti samo ulogovani korisnici]\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Zend Studio - Debug current page - [Link mogu videti samo ulogovani korisnici]\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugCurrent.html O8 - Extra context menu item: Zend Studio - Debug next page - [Link mogu videti samo ulogovani korisnici]\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugNext.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Zend Studio Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL O9 - Extra 'Tools' menuitem: Zend Studio - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\VISUAL~1\NTXtoolbar.htm (HKCU) O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DLM Control) - [Link mogu videti samo ulogovani korisnici]* O17 - HKLM\System\CCS\Services\Tcpip\..\{0C7693F0-CD5E-498D-AEA1-89EF43612BFC}: NameServer = 81.93.89.195,81.93.89.194 O17 - HKLM\System\CS1\Services\Tcpip\..\{0C7693F0-CD5E-498D-AEA1-89EF43612BFC}: NameServer = 81.93.89.195,81.93.89.194 O17 - HKLM\System\CS2\Services\Tcpip\..\{0C7693F0-CD5E-498D-AEA1-89EF43612BFC}: NameServer = 81.93.89.195,81.93.89.194 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O20 - Winlogon Notify: nnnkKEus - nnnkKEus.dll (file missing) O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: wampapache - Apache Software Foundation - c:\www\bin\apache\apache2.2.6\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\www\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe -- End of file - 9860 bytes

Profil

helen1 Poslao: 21 Feb 2009 11:01 Idi na vrh
online helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, * Klikni desnim tasterom miša na AVG ikonicu ( ) u donjem, desnom uglu ekrana. * Kada se pokrene AVG Control Center, dvoklikni na AVG Resident Shield komponentu. * U prozoru koji se otvori, deštikliraj opciju Turn on AVG Resident Shield i klikni OK. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. ---------------------------------- Skini ComboFix sa jedne od sledecih adresa na Desktop: [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

bokac Poslao: 21 Feb 2009 11:26 Idi na vrh
offline bokac Građanin Pridružio: 21 Feb 2009 Poruke: 97 Gde živiš: Istocno Sarajevo	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo i sledeci log fajl: ComboFix 09-02-19.01 - Admin 2009-02-21 11:07:16.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.759.327 [GMT 1:00] Running from: c:\documents and settings\Admin\Desktop\ComboFix.exe AV: AVG Anti-Virus Free On-access scanning disabled (Updated) * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Admin\ravmonlog c:\program files\Internet Explorer\ws2help.dll c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013 c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini c:\windows\system32\Cache c:\windows\system32\mdm.exe . ((((((((((((((((((((((((( Files Created from 2009-01-21 to 2009-02-21 ))))))))))))))))))))))))))))))) . 2009-02-18 14:32 . 2009-02-18 14:32 <DIR> d-------- c:\program files\Time Calculator v1.1 2009-02-15 17:37 . 2009-02-15 17:38 <DIR> d-------- c:\program files\SystemRequirementsLab 2009-02-15 17:37 . 2009-02-15 17:38 <DIR> d-------- c:\documents and settings\Admin\Application Data\SystemRequirementsLab 2009-02-13 13:11 . 2009-02-13 13:21 <DIR> d-------- c:\documents and settings\Admin\Application Data\SSH 2009-02-13 12:24 . 2009-02-13 12:24 <DIR> d-------- c:\program files\SSH Communications Security 2009-02-13 10:13 . 2009-02-18 18:00 <DIR> d-------- c:\program files\Norton Security Scan 2009-02-13 10:13 . 2009-02-15 18:15 <DIR> d-------- c:\program files\Common Files\Symantec Shared 2009-02-12 18:27 . 2009-02-12 18:27 <DIR> d-------- c:\windows\SQLTools9_KB960089_ENU 2009-02-12 18:24 . 2009-02-12 18:24 <DIR> d-------- c:\windows\SQL9_KB960089_ENU 2009-02-12 18:09 . 2009-02-12 18:11 <DIR> d-------- c:\windows\system32\Adobe 2009-02-12 18:09 . 2009-01-16 18:34 499,712 --a------ c:\windows\system32\msvcp71.dll 2009-02-11 15:53 . 2009-02-11 15:54 <DIR> d-------- c:\program files\SpeedSim 2009-02-11 15:53 . 2009-02-11 15:54 <DIR> d-------- c:\documents and settings\Admin\Application Data\SpeedSim 2009-02-10 16:33 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll 2009-02-10 16:33 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll 2009-02-10 16:33 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui 2009-02-09 09:59 . 2009-02-21 09:15 <DIR> d-------- c:\documents and settings\Admin\Tracing 2009-02-09 09:56 . 2009-02-09 09:56 <DIR> d-------- c:\program files\Microsoft 2009-02-09 09:55 . 2009-02-09 09:55 <DIR> d-------- c:\program files\Windows Live SkyDrive 2009-02-09 09:43 . 2009-02-09 09:43 <DIR> d-------- c:\program files\Windows Live 2009-02-09 09:39 . 2009-02-09 09:39 <DIR> d-------- c:\program files\Common Files\Windows Live 2009-02-06 18:52 . 2009-02-06 18:52 49,504 --a------ c:\windows\system32\sirenacm.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-20 16:18 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater 2009-02-20 13:24 --------- d-----w c:\documents and settings\Admin\Application Data\Free Download Manager 2009-02-19 17:45 --------- d-----w c:\documents and settings\Admin\Application Data\uTorrent 2009-02-17 08:28 --------- d-----w c:\program files\Google 2009-02-16 19:54 --------- d-----w c:\documents and settings\Admin\Application Data\Skype 2009-02-16 16:45 --------- d-----w c:\documents and settings\Admin\Application Data\skypePM 2009-02-15 21:06 --------- d-----w c:\program files\Microsoft Works 2009-02-15 09:08 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-02-13 11:24 --------- d--h--w c:\program files\InstallShield Installation Information 2009-02-12 17:28 --------- d-----w c:\program files\Microsoft SQL Server 2009-02-10 15:29 --------- d-----w c:\program files\Microsoft Silverlight 2009-02-09 08:24 --------- d-----w c:\documents and settings\All Users\Application Data\avg8 2009-02-09 08:23 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys 2009-02-09 08:23 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys 2009-02-09 08:23 10,520 ----a-w c:\windows\system32\avgrsstx.dll 2009-01-16 20:35 3,594,752 ------w c:\windows\system32\dllcache\mshtml.dll 2008-12-27 10:47 --------- d-----w c:\program files\Sparx Systems 2008-12-27 10:46 --------- d-----w c:\program files\Common Files\Wise Installation Wizard 2008-12-24 10:24 --------- d-----w c:\program files\AVG 2008-12-24 09:49 --------- d-----w c:\program files\AskBarDis 2008-12-24 09:49 --------- d-----w c:\program files\Advanced Registry Optimizer 2008-12-24 09:49 --------- d-----w c:\documents and settings\Admin\Application Data\Sammsoft 2008-12-24 08:51 --------- d-----w c:\documents and settings\Admin\Application Data\FileZilla 2008-12-23 07:55 --------- d-----w c:\program files\Macromedia 2008-12-19 09:10 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe 2008-12-19 09:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe 2008-12-19 05:25 634,024 ------w c:\windows\system32\dllcache\iexplore.exe 2008-12-19 05:23 161,792 ------w c:\windows\system32\dllcache\ieakui.dll 2008-12-11 10:57 333,952 ------w c:\windows\system32\dllcache\srv.sys 1999-04-23 22:22 12 -csha-w c:\windows\system\WININETICMP32.drv . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2008-08-06 15:20 279944 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2006-03-01 90112] "AROReminder"="c:\program files\Advanced Registry Optimizer\aro.exe" [2008-08-22 2084480] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "srmclean"="c:\cpqs\Scom\srmclean.exe" [2001-07-24 36864] "SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-06 524800] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-12-11 286720] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-09 1601304] "googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-02-09 09:23 10520 c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\xampp\\apache\\bin\\apache.exe"= "c:\\xampp\\mysql\\bin\\mysqld.exe"= "c:\\Program Files\\Zend\\ZendStudio-5.5.0\\jre\\bin\\javaw.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "12231:TCP"= 12231:TCP:NortonAV R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-12-24 325128] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-12-24 107272] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-12-24 903960] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-24 298264] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-06-29 42512] S3 VSPerfDrv90;Performance Tools Driver 9.0;c:\program files\Microsoft Visual Studio 9.0\Team Tools\Performance Tools\VSPerfDrv90.sys [2007-09-04 55664] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{048475ab-8c5f-11dc-a885-000ffe1a00f0}] \Shell\AutoOpen\command - .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{12458ff8-a493-11dc-a8b1-000ffe1a00f0}] \Shell\AutoRun\command - F:\cunuqem1.com \Shell\explore\Command - F:\cunuqem1.com \Shell\open\Command - F:\cunuqem1.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f326a34-b571-11dd-a998-000ffe1a00f0}] \Shell\AutoRun\command - G:\6ej0cbn.bat \Shell\explore\Command - G:\6ej0cbn.bat \Shell\open\Command - G:\6ej0cbn.bat [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2ac35dd2-da1d-11dc-a8e6-000ffe1a00f0}] \Shell\AutoOpen\command - .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{583bfb4a-ff4c-11dd-af4d-000ffe1a00f0}] \Shell\AutoRun\command - F:\un9.cmd \Shell\explore\Command - F:\un9.cmd \Shell\open\Command - F:\un9.cmd [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{864049ae-f9ae-11dd-af4a-000ffe1a00f0}] \Shell\AutoRun\command - F:\bd3q0qix.exe \Shell\open\Command - F:\bd3q0qix.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cd7795ae-f715-11dc-a90f-000ffe1a00f0}] \Shell\AutoOpen\command - .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d2de01b8-9824-11dc-a89a-000ffe1a00f0}] \Shell\AutoRun\command - F:\opgde.exe \Shell\open\Command - F:\opgde.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d9b378cb-8d0d-11dc-a88b-000ffe1a00f0}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL setup.hta [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e9f262a6-0d11-11dd-a929-000ffe1a00f0}] \Shell\AutoOpen\command - f:\.\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9264d25-9f13-11dc-a8a6-000ffe1a00f0}] \Shell\AutoRun\command - F:\autorun.exe . Contents of the 'Scheduled Tasks' folder 2009-02-18 c:\windows\Tasks\Norton Security Scan for Admin.job - c:\program files\Norton Security Scan\Nss.exe [2008-09-19 04:18] . - - - - ORPHANS REMOVED - - - - Notify-nnnkKEus - nnnkKEus.dll . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] mSearch Bar = [Link mogu videti samo ulogovani korisnici] uInternet Settings,ProxyOverride = 127.0.0.1 IE: &NeoTrace It! - c:\progra~1\VISUAL~1\NTXcontext.htm IE: + Offline &Explorer: Download the link - [Link mogu videti samo ulogovani korisnici]\offline explorer\Portable Offline Browser\Add_UrlO.htm IE: + Offline E&xplorer: Download the current page - [Link mogu videti samo ulogovani korisnici]\offline explorer\Portable Offline Browser\Add_AllO.htm IE: Download video with Free Download Manager - [Link mogu videti samo ulogovani korisnici]\program files\Free Download Manager\dlfvideo.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Preuzmi odabrano Free Download Manager-om - [Link mogu videti samo ulogovani korisnici]\program files\Free Download Manager\dlselected.htm IE: Preuzmi sa Free Download Managerom - [Link mogu videti samo ulogovani korisnici]\program files\Free Download Manager\dllink.htm IE: Preuzmi sve sa Free Download Manager-om - [Link mogu videti samo ulogovani korisnici]\program files\Free Download Manager\dlall.htm IE: Zend Studio - Debug current page - c:\program files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugCurrent.html IE: Zend Studio - Debug next page - c:\program files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugNext.html TCP: {0C7693F0-CD5E-498D-AEA1-89EF43612BFC} = 81.93.89.195,81.93.89.194 DPF: Microsoft XML Parser for Java - [Link mogu videti samo ulogovani korisnici] FF - ProfilePath - c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\p1b45o4o.default\ FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici] FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1399.3742\npCIDetect13.dll FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2009-02-21 11:18:39 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2009-02-21 11:21:54 ComboFix-quarantined-files.txt 2009-02-21 10:21:35 Pre-Run: 507.297.792 bytes free Post-Run: 3,167,576,064 bytes free 210 --- E O F --- 2009-02-15 21:09:24

Profil

helen1 Poslao: 21 Feb 2009 12:07 Idi na vrh
online helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ponovo iskljuci antivirus. Otvoriti Notepad i iskopirati sledeci tekst: Registry:: [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{048475ab-8c5f-11dc-a885-000ffe1a00f0}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{12458ff8-a493-11dc-a8b1-000ffe1a00f0}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1f326a34-b571-11dd-a998-000ffe1a00f0}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2ac35dd2-da1d-11dc-a8e6-000ffe1a00f0}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{583bfb4a-ff4c-11dd-af4d-000ffe1a00f0}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{864049ae-f9ae-11dd-af4a-000ffe1a00f0}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cd7795ae-f715-11dc-a90f-000ffe1a00f0}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d2de01b8-9824-11dc-a89a-000ffe1a00f0}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d9b378cb-8d0d-11dc-a88b-000ffe1a00f0}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e9f262a6-0d11-11dd-a929-000ffe1a00f0}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9264d25-9f13-11dc-a8a6-000ffe1a00f0}] Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

bokac Poslao: 21 Feb 2009 12:24 Idi na vrh
offline bokac Građanin Pridružio: 21 Feb 2009 Poruke: 97 Gde živiš: Istocno Sarajevo	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo ga ComboFix 09-02-19.01 - Admin 2009-02-21 12:10:03.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.759.309 [GMT 1:00] Running from: c:\documents and settings\Admin\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Admin\Desktop\CFScript.txt AV: AVG Anti-Virus Free On-access scanning disabled (Updated) * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2009-01-21 to 2009-02-21 ))))))))))))))))))))))))))))))) . 2009-02-18 14:32 . 2009-02-18 14:32 <DIR> d-------- c:\program files\Time Calculator v1.1 2009-02-15 17:37 . 2009-02-15 17:38 <DIR> d-------- c:\program files\SystemRequirementsLab 2009-02-15 17:37 . 2009-02-15 17:38 <DIR> d-------- c:\documents and settings\Admin\Application Data\SystemRequirementsLab 2009-02-13 13:11 . 2009-02-13 13:21 <DIR> d-------- c:\documents and settings\Admin\Application Data\SSH 2009-02-13 12:24 . 2009-02-13 12:24 <DIR> d-------- c:\program files\SSH Communications Security 2009-02-13 10:13 . 2009-02-18 18:00 <DIR> d-------- c:\program files\Norton Security Scan 2009-02-13 10:13 . 2009-02-15 18:15 <DIR> d-------- c:\program files\Common Files\Symantec Shared 2009-02-12 18:27 . 2009-02-12 18:27 <DIR> d-------- c:\windows\SQLTools9_KB960089_ENU 2009-02-12 18:24 . 2009-02-12 18:24 <DIR> d-------- c:\windows\SQL9_KB960089_ENU 2009-02-12 18:09 . 2009-02-12 18:11 <DIR> d-------- c:\windows\system32\Adobe 2009-02-12 18:09 . 2009-01-16 18:34 499,712 --a------ c:\windows\system32\msvcp71.dll 2009-02-11 15:53 . 2009-02-11 15:54 <DIR> d-------- c:\program files\SpeedSim 2009-02-11 15:53 . 2009-02-11 15:54 <DIR> d-------- c:\documents and settings\Admin\Application Data\SpeedSim 2009-02-10 16:33 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll 2009-02-10 16:33 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll 2009-02-10 16:33 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui 2009-02-09 09:59 . 2009-02-21 11:24 <DIR> d-------- c:\documents and settings\Admin\Tracing 2009-02-09 09:56 . 2009-02-09 09:56 <DIR> d-------- c:\program files\Microsoft 2009-02-09 09:55 . 2009-02-09 09:55 <DIR> d-------- c:\program files\Windows Live SkyDrive 2009-02-09 09:43 . 2009-02-09 09:43 <DIR> d-------- c:\program files\Windows Live 2009-02-09 09:39 . 2009-02-09 09:39 <DIR> d-------- c:\program files\Common Files\Windows Live 2009-02-06 18:52 . 2009-02-06 18:52 49,504 --a------ c:\windows\system32\sirenacm.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-20 16:18 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater 2009-02-20 13:24 --------- d-----w c:\documents and settings\Admin\Application Data\Free Download Manager 2009-02-19 17:45 --------- d-----w c:\documents and settings\Admin\Application Data\uTorrent 2009-02-17 08:28 --------- d-----w c:\program files\Google 2009-02-16 19:54 --------- d-----w c:\documents and settings\Admin\Application Data\Skype 2009-02-16 16:45 --------- d-----w c:\documents and settings\Admin\Application Data\skypePM 2009-02-15 21:06 --------- d-----w c:\program files\Microsoft Works 2009-02-15 09:08 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-02-13 11:24 --------- d--h--w c:\program files\InstallShield Installation Information 2009-02-12 17:28 --------- d-----w c:\program files\Microsoft SQL Server 2009-02-10 15:29 --------- d-----w c:\program files\Microsoft Silverlight 2009-02-09 08:24 --------- d-----w c:\documents and settings\All Users\Application Data\avg8 2009-02-09 08:23 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys 2009-02-09 08:23 107,272 ----a-w c:\windows\system32\drivers\avgtdix.sys 2009-02-09 08:23 10,520 ----a-w c:\windows\system32\avgrsstx.dll 2009-01-16 20:35 3,594,752 ------w c:\windows\system32\dllcache\mshtml.dll 2008-12-27 10:47 --------- d-----w c:\program files\Sparx Systems 2008-12-27 10:46 --------- d-----w c:\program files\Common Files\Wise Installation Wizard 2008-12-24 10:24 --------- d-----w c:\program files\AVG 2008-12-24 09:49 --------- d-----w c:\program files\AskBarDis 2008-12-24 09:49 --------- d-----w c:\program files\Advanced Registry Optimizer 2008-12-24 09:49 --------- d-----w c:\documents and settings\Admin\Application Data\Sammsoft 2008-12-24 08:51 --------- d-----w c:\documents and settings\Admin\Application Data\FileZilla 2008-12-23 07:55 --------- d-----w c:\program files\Macromedia 2008-12-19 09:10 70,656 ------w c:\windows\system32\dllcache\ie4uinit.exe 2008-12-19 09:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe 2008-12-19 05:25 634,024 ------w c:\windows\system32\dllcache\iexplore.exe 2008-12-19 05:23 161,792 ------w c:\windows\system32\dllcache\ieakui.dll 2008-12-11 10:57 333,952 ------w c:\windows\system32\dllcache\srv.sys 1999-04-23 22:22 12 -csha-w c:\windows\system\WININETICMP32.drv . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2008-08-06 15:20 279944 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2006-03-01 90112] "AROReminder"="c:\program files\Advanced Registry Optimizer\aro.exe" [2008-08-22 2084480] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "srmclean"="c:\cpqs\Scom\srmclean.exe" [2001-07-24 36864] "SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-06 524800] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-12-11 286720] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-09 1601304] "googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-02-09 09:23 10520 c:\windows\system32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\xampp\\apache\\bin\\apache.exe"= "c:\\xampp\\mysql\\bin\\mysqld.exe"= "c:\\Program Files\\Zend\\ZendStudio-5.5.0\\jre\\bin\\javaw.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009 "12231:TCP"= 12231:TCP:NortonAV R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-12-24 325128] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-12-24 107272] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-12-24 903960] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-24 298264] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-06-29 42512] S3 VSPerfDrv90;Performance Tools Driver 9.0;c:\program files\Microsoft Visual Studio 9.0\Team Tools\Performance Tools\VSPerfDrv90.sys [2007-09-04 55664] . Contents of the 'Scheduled Tasks' folder 2009-02-18 c:\windows\Tasks\Norton Security Scan for Admin.job - c:\program files\Norton Security Scan\Nss.exe [2008-09-19 04:18] . . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] mSearch Bar = [Link mogu videti samo ulogovani korisnici] uInternet Settings,ProxyOverride = 127.0.0.1 IE: &NeoTrace It! - c:\progra~1\VISUAL~1\NTXcontext.htm IE: + Offline &Explorer: Download the link - [Link mogu videti samo ulogovani korisnici]\offline explorer\Portable Offline Browser\Add_UrlO.htm IE: + Offline E&xplorer: Download the current page - [Link mogu videti samo ulogovani korisnici]\offline explorer\Portable Offline Browser\Add_AllO.htm IE: Download video with Free Download Manager - [Link mogu videti samo ulogovani korisnici]\program files\Free Download Manager\dlfvideo.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Preuzmi odabrano Free Download Manager-om - [Link mogu videti samo ulogovani korisnici]\program files\Free Download Manager\dlselected.htm IE: Preuzmi sa Free Download Managerom - [Link mogu videti samo ulogovani korisnici]\program files\Free Download Manager\dllink.htm IE: Preuzmi sve sa Free Download Manager-om - [Link mogu videti samo ulogovani korisnici]\program files\Free Download Manager\dlall.htm IE: Zend Studio - Debug current page - c:\program files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugCurrent.html IE: Zend Studio - Debug next page - c:\program files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugNext.html TCP: {0C7693F0-CD5E-498D-AEA1-89EF43612BFC} = 81.93.89.195,81.93.89.194 DPF: Microsoft XML Parser for Java - [Link mogu videti samo ulogovani korisnici] FF - ProfilePath - c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\p1b45o4o.default\ FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici] FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1399.3742\npCIDetect13.dll FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2009-02-21 12:15:57 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2009-02-21 12:19:51 ComboFix-quarantined-files.txt 2009-02-21 11:19:13 ComboFix2.txt 2009-02-21 10:21:55 Pre-Run: 3.400.802.304 bytes free Post-Run: 3,386,077,184 bytes free 167 --- E O F --- 2009-02-15 21:09:24

Profil

helen1 Poslao: 21 Feb 2009 12:30 Idi na vrh
online helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! - Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa. - Sacekaj koji sekund dok program izvrsi inicijalno skeniranje. - Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi. - Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak - Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum. Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd.

Profil

bokac Poslao: 21 Feb 2009 12:34 Idi na vrh
offline bokac Građanin Pridružio: 21 Feb 2009 Poruke: 97 Gde živiš: Istocno Sarajevo	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! USBNoRisk by bobby Started at 21.2.2009 12:29:16 Scanning for connected USB Mass storage... ---------------------------------------- A: {7fdb65a0-8ca9-11dc-a884-806d6172696f} ======================================== Scanning for other storage... ---------------------------------------- C: {7fdb659e-8ca9-11dc-a884-806d6172696f} ======================================== Scanning removable storage for autorun.inf and desktop.ini files... ---------------------------------------- Autorun.inf on A: - None ---------------------------------------- Sanitizing Shell Menu... ---------------------------------------- No key found for 7fdb65a0-8ca9-11dc-a884-806d6172696f ======================================== ======================================== Desktop.ini on A: - None ---------------------------------------- ======================================== Scanning fixed storage for autorun.inf files... ---------------------------------------- Autorun.inf on C: - None ---------------------------------------- Sanitizing Shell Menu... ---------------------------------------- No key found for C: No key found for 7fdb659e-8ca9-11dc-a884-806d6172696f ======================================== ======================================== New device connected at 21.2.2009 12:29:37 Scanning for connected USB mass storage... ---------------------------------------- F: {5de592ee-fc04-11dd-af4b-000ffe1a00f0} Added F: ======================================== Scanning USB mass storage for files... ---------------------------------------- Autorun.inf on F: - None ---------------------------------------- Sanitizing Shell Menu... ---------------------------------------- No key found for 5de592ee-fc04-11dd-af4b-000ffe1a00f0 ======================================== ---------------------------------------- Desktop.ini on F: - None ---------------------------------------- ======================================== ======================================== Removed F: ======================================== New device connected at 21.2.2009 12:30:22 Scanning for connected USB mass storage... ---------------------------------------- F: {864049ae-f9ae-11dd-af4a-000ffe1a00f0} Added F: ======================================== Scanning USB mass storage for files... ---------------------------------------- autorun.inf found on F: ---------------------------------------- File F:\autorun.inf renamed successfully Content of F:\autorun.inf.blocked ---------------------------------------- [AutoRun] ;JsdkJaOdrjkAaaSIs2Z32i3iqr open=ur0.com ;2a01 shell\open\Command=ur0.com ---------------------------------------- Files referenced from F:\autorun.inf.blocked ---------------------------------------- F:\ur0.com -r-hs 108565 ---------------------------------------- Sanitizing Shell Menu... ---------------------------------------- No key found for 864049ae-f9ae-11dd-af4a-000ffe1a00f0 ======================================== ---------------------------------------- Desktop.ini on F: - None ---------------------------------------- ======================================== ======================================== Removed F: ========================================

Profil

helen1 Poslao: 21 Feb 2009 15:29 Idi na vrh
online helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvori USBNoRisk, prebaci se na tab Script i tu upisi sledece: `{864049ae-f9ae-11dd-af4a-000ffe1a00f0} delete: %DRIVE%ur0.com delete_blocked:` sad prikaci poslednji Flash koji si malo pre ubacio za skeniranje i sacekaj da USBNoRisk obavi svoje. Nakon toga se prebaci na tab Monitor, idi na desni click, pa na Save log, i iskopiraj mi taj log ovde.

Profil

bokac Poslao: 22 Feb 2009 09:09 Idi na vrh
offline bokac Građanin Pridružio: 21 Feb 2009 Poruke: 97 Gde živiš: Istocno Sarajevo	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo ga, nisam juce vise bio pri kompu. USBNoRisk by bobby Started at 22.2.2009 9:05:02 Scanning for connected USB Mass storage... ---------------------------------------- A: {7fdb65a0-8ca9-11dc-a884-806d6172696f} ======================================== Scanning for other storage... ---------------------------------------- C: {7fdb659e-8ca9-11dc-a884-806d6172696f} ======================================== Scanning removable storage for autorun.inf and desktop.ini files... ---------------------------------------- Autorun.inf on A: - None ---------------------------------------- Sanitizing Shell Menu... ---------------------------------------- No key found for 7fdb65a0-8ca9-11dc-a884-806d6172696f ======================================== ======================================== Desktop.ini on A: - None ---------------------------------------- ======================================== Scanning fixed storage for autorun.inf files... ---------------------------------------- Autorun.inf on C: - None ---------------------------------------- Sanitizing Shell Menu... ---------------------------------------- No key found for C: No key found for 7fdb659e-8ca9-11dc-a884-806d6172696f ======================================== ======================================== New device connected at 22.2.2009 9:05:17 Scanning for connected USB mass storage... ---------------------------------------- F: {864049ae-f9ae-11dd-af4a-000ffe1a00f0} Added F: ======================================== Scanning USB mass storage for files... ---------------------------------------- Autorun.inf on F: - None ---------------------------------------- Sanitizing Shell Menu... ---------------------------------------- No key found for 864049ae-f9ae-11dd-af4a-000ffe1a00f0 ======================================== ---------------------------------------- Desktop.ini on F: - None ---------------------------------------- ======================================== Processing script ---------------------------------------- `{864049ae-f9ae-11dd-af4a-000ffe1a00f0} delete: %DRIVE%ur0.com delete_blocked:` ---------------------------------------- Drive letter for GUID: A:\ No script to process for A:\ ---------------------------------------- Drive letter for GUID: F:\ 864049ae-f9ae-11dd-af4a-000ffe1a00f0 SectionStart = 0 SectionEnd = 2 Delete: F:\ur0.com > Error! ---------------------------------------- Deleting blocked files: ---------------------------------------- Delete: F:\autorun.inf.blocked > Done! ---------------------------------------- ========================================

Profil

bobby Poslao: 22 Feb 2009 09:53 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Bokac, izvinjavam se, ali cu da upadnem u temu na momenat. Ja sam autor USBNoRiska, i zelim ovom prilikom da poradim na novim mogucnostima USBNoRiska. Malopre sam uploadovao novu verziju USBNoRiska dopunjenog mocnijim opcijama. Skini znaci ponovo USBNoRisk sa sledece adrese: [Link mogu videti samo ulogovani korisnici] Pokreni, prebaci se na karticu Script i tamo unesi sledeci tekst: `{864049ae-f9ae-11dd-af4a-000ffe1a00f0} delete: %DRIVE%ur0.com f_delete: %DRIVE%ur0.com delete_blocked:` Sada ubodi problematicni USB stick u komp i dopusti da USBNoRisk obavi svoje (ovaj put ce to da potraje malo duze).

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Prelged log fajla

Ko je trenutno na forumu

Ukupno su 1293 korisnika na forumu :: 107 registrovanih, 5 sakrivenih i 1181 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 33 bren, A.R.Chafee.Jr., A3C, Bbbggg1979, berste23, BokiBg, bolenbgd, branko87, brundo65, Bubimir, bunker, cane2010, cekic, Cirkon, Cvexi, dano, darcaud, Dare, darkkran, Darko Jovanovic, debeli, Despot1, Dimitrise93, DonRumataEstorski, doom83, Dorcolac, dzoni19, ElvisP, Flanker-G, Goran_, helen1, igorpet, Igritelj, Istman, Ivan Germanovic, Jager715510, Jaxupa, Jaz, JK, Jomini, komenski, Kototamopeva, Kurgan, kybonacci, Lance Guest, loon123, Lotus, luja, Mastrum Ridkali, Miki 84, milbos, milenko crazy north, mileta4, milimoj, Mićko, Mrav Obrad, N.e.m.a.nj.a., Naj-Turs, nelezele, nemkea71, omen, Orlova, ozzy, paja69, pceklic, pedja.st, Pegggio, pein, pera bager, Permaldar, Pero, PlayerOne, Polifon, Povratak1912, probisic, proka89, Raso75, RJ, Sass Drake, sevenino, Sharpshooter, sickmouse, Smiljke, Stanislav1970, Stefan M, stegonosa, Tafocus, tuf, tvlada, USSVoyager, Vaske8990, Viktor Petrenko, virked, VJ, Vlada1389, Vlado82, vojnik švejk, VX1, xAlex2, zivojin32, zlaya011, zombicar153, Zoran1959, Zrcalo, Zuna77, Čika Gliša, 2001

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by