Možda tražite i:
MySQL Joins (nocna mora)
Vista ce biti nocna mora za proizvodjace AV programa
morganella morganii

MyCity » Ambulanta -> Arhiva Ambulante » Worm - nocna mora

Worm - nocna mora

Napisano na dan: 28.10.2008

Worm - nocna mora

Sledeća strana

Pagination

Odgovori

bl00dz3r0 Poslao: 28 Okt 2008 01:06 Idi na vrh
offline bl00dz3r0 Elitni građanin Pridružio: 05 Jun 2003 Poruke: 2075 Gde živiš: MaYur CitY	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Najgore se desilo Neki fujack-K worm mi je zarzio sve html fajlove Sto je najgore bavims e web devom i sad nemam pojma sta da uradim sa istim. Ne smem da brisem fajlove jel su mi to sve radovi a avast nije u stanju da reparira dokumente. Sta raditi

Profil

MoscowBeast Poslao: 28 Okt 2008 09:31 Idi na vrh
offline MoscowBeast Nepopravljivi optimista Civil Works Team Leader @ IKEA Centres Russia Pridružio: 22 Jun 2005 Poruke: 7912 Gde živiš: Moskva, Rusija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Aj' lepo iz pocetka, po uputstvu odavde: http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Profil

bl00dz3r0 Poslao: 28 Okt 2008 12:19 Idi na vrh
offline bl00dz3r0 Elitni građanin Pridružio: 05 Jun 2003 Poruke: 2075 Gde živiš: MaYur CitY	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:17:50 PM, on 10/28/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SkyTel.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Google\Google Talk\googletalk.exe C:\Program Files\iTunes\iTunesHelper.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\xampp\apache\bin\apache.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\xampp\mysql\bin\mysqld-nt.exe C:\WINDOWS\system32\nvsvc32.exe C:\xampp\apache\bin\apache.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Opera\opera.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\msiexec.exe C:\Documents and Settings\Srdjan\Desktop\blejd\tre.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Antispyware] C:\Program Files\Antispyware\Antispyware.exe -boot O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Apache2.2 - Apache Software Foundation - C:\xampp\apache\bin\apache.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld-nt.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 6453 bytes

Profil

dr_Bora Poslao: 28 Okt 2008 18:29 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Poz... Prvo da vidimo ima li ovde nešto aktivno... Klikni desnim tasterom miša na avast! ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Program settings.... U prozoru koji se otvori, pod Troubleshooting, čekiraj opciju Disable avast! self-defence i klikni OK. Takođe, klikni desnim tasterom miša na avast! ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Stop OnAccess Protection. Napomena: Ne zaboravi da uključiš ove opcije po završetku čišćenja. Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati. ------------------------------------------------------------------------------------- Nakon toga, možeš odraditi online scan: http://housecall.trendmicro.com/ ili http://www.bitdefender.com/scan8/ie.html Mislim da oba mogu da očiste file-ove ( u osnovi, samo jedna linija koda je u pitanju - za manji broj file-ova to sve možeš i ''ručno'' da očistiš, no ako ih imaš baš mnogo...)

Profil

bl00dz3r0 Poslao: 28 Okt 2008 20:07 Idi na vrh
offline bl00dz3r0 Elitni građanin Pridružio: 05 Jun 2003 Poruke: 2075 Gde živiš: MaYur CitY	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Probacu to sto si mi rekao Ja sam hteo rucno da obrisem ali u pitanju je stotine i stotine html fajlova tnx Dopuna: 28 Okt 2008 20:07 ComboFix 08-10-28.01 - Srdjan 2008-10-28 19:37:25.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.536 [GMT 1:00] Running from: C:\Documents and Settings\Srdjan\Local Settings\Application Data\Opera\Opera\profile\cache4\temporary_download\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . D:\RECYCLER\Desktop_.ini F:\Autorun.inf F:\RECYCLER\Desktop_.ini . ((((((((((((((((((((((((( Files Created from 2008-09-28 to 2008-10-28 ))))))))))))))))))))))))))))))) . 2008-10-28 17:45 . 2002-12-31 12:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-10-28 15:40 . 2008-10-28 15:44 <DIR> d-------- C:\Program Files\Winamp 2008-10-28 15:40 . 2008-10-28 15:44 <DIR> d-------- C:\Documents and Settings\Srdjan\Application Data\Winamp 2008-10-28 14:02 . 2008-10-28 14:02 <DIR> d-------- C:\Documents and Settings\Srdjan\Application Data\vlc 2008-10-28 13:29 . 2008-10-28 13:29 <DIR> d-------- C:\WINDOWS\Sun 2008-10-28 13:28 . 2008-10-28 13:28 <DIR> d-------- C:\Program Files\Java 2008-10-28 13:28 . 2008-10-28 13:28 410,976 --a------ C:\WINDOWS\system32\deploytk.dll 2008-10-28 13:28 . 2008-10-28 13:28 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-10-28 01:17 . 2008-10-28 01:18 <DIR> d-------- C:\Documents and Settings\Srdjan\Application Data\Antispyware 2008-10-28 01:09 . 2008-10-28 01:11 <DIR> d-------- C:\Program Files\XoftSpySE 2008-10-28 01:03 . 2008-10-28 01:03 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-10-28 01:03 . 2008-10-28 01:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-10-28 00:36 . 2008-10-28 00:36 <DIR> d-------- C:\Program Files\GlobalSCAPE 2008-10-28 00:36 . 2008-10-28 00:36 <DIR> d-------- C:\Documents and Settings\Srdjan\Application Data\GlobalSCAPE 2008-10-28 00:36 . 2008-10-28 00:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\GlobalSCAPE 2008-10-27 23:54 . 2008-10-27 23:54 <DIR> d---s---- C:\Documents and Settings\Srdjan\UserData 2008-10-27 23:02 . 2008-10-27 23:02 <DIR> d-------- C:\Program Files\Alwil Software 2008-10-27 23:02 . 2003-03-18 21:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2008-10-27 23:02 . 2003-03-18 20:14 499,712 --a------ C:\WINDOWS\system32\MSVCP71.dll 2008-10-27 21:50 . 2008-10-27 23:31 <DIR> d-------- C:\Documents and Settings\Srdjan\Contacts 2008-10-27 21:49 . 2008-10-27 21:49 <DIR> d-------- C:\Program Files\MSN Messenger 2008-10-27 21:47 . 2008-10-27 21:48 <DIR> d-------- C:\xampp 2008-10-27 21:46 . 2008-10-27 21:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet 2008-10-27 21:00 . 2008-10-27 21:00 <DIR> d-------- C:\Program Files\Aspyr 2008-10-27 21:00 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll 2008-10-27 21:00 . 2007-04-04 18:53 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll 2008-10-27 20:54 . 2008-10-27 20:54 <DIR> d-------- C:\WINDOWS\system32\Lang 2008-10-27 20:54 . 2008-10-27 20:54 940,794 --a------ C:\WINDOWS\system32\LoopyMusic.wav 2008-10-27 20:54 . 2008-10-27 20:54 146,650 --a------ C:\WINDOWS\system32\BuzzingBee.wav 2008-10-27 20:33 . 2008-10-27 20:33 <DIR> d-------- C:\Program Files\Adobe Media Player 2008-10-27 20:30 . 2008-10-27 20:30 <DIR> d-------- C:\Program Files\Common Files\Adobe AIR 2008-10-27 20:20 . 2008-10-27 20:20 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-10-28 12:59 --------- d-----w C:\Documents and Settings\Srdjan\Application Data\Apple Computer 2008-10-27 23:36 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-10-27 20:44 --------- d-----w C:\Program Files\Common Files\Adobe 2008-10-27 20:43 --------- d-----w C:\Program Files\Opera 2008-10-27 17:48 --------- d-----w C:\Program Files\iTunes 2008-10-27 17:48 --------- d-----w C:\Program Files\iPod 2008-10-27 17:48 --------- d-----w C:\Program Files\Bonjour 2008-10-27 17:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-10-27 17:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2008-10-27 17:47 --------- d-----w C:\Program Files\QuickTime 2008-10-27 17:47 --------- d-----w C:\Program Files\mIRC 2008-10-27 17:47 --------- d-----w C:\Program Files\Apple Software Update 2008-10-27 17:47 --------- d-----w C:\Documents and Settings\Srdjan\Application Data\mIRC 2008-10-27 17:46 --------- d-----w C:\Program Files\VideoLAN 2008-10-27 17:46 --------- d-----w C:\Program Files\Common Files\Apple 2008-10-27 17:45 --------- d-----w C:\Program Files\Safari 2008-10-27 17:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple 2008-10-27 17:39 --------- d-----w C:\Program Files\Google 2008-10-27 17:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-10-27 17:35 --------- d-----w C:\Program Files\Microsoft Works 2008-10-27 17:22 --------- d-----w C:\Program Files\Webteh 2008-10-27 17:22 --------- d-----w C:\Documents and Settings\Srdjan\Application Data\BSplayer PRO 2008-10-27 17:21 --------- d-----w C:\Program Files\K-Lite Codec Pack 2008-10-27 17:18 --------- d-----w C:\Program Files\TC PowerPack 2008-10-27 17:13 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-10-27 17:10 --------- d-----w C:\Program Files\Realtek 2008-10-27 17:04 --------- d-----w C:\Program Files\Intel 2008-10-27 16:53 --------- d-----w C:\Program Files\microsoft frontpage 2008-10-02 09:07 453,152 ----a-w C:\WINDOWS\system32\NVUNINST.EXE 2008-08-29 09:18 87,336 ----a-w C:\WINDOWS\system32\dns-sd.exe 2008-08-29 08:53 61,440 ----a-w C:\WINDOWS\system32\dnssd.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2002-12-31 15360] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X Configure"="C:\WINDOWS\system32\JMRaidTool.exe" [2006-04-25 385024] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-10-07 13574144] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-10-07 86016] "googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-09-06 413696] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-10-01 289576] "AdobeCS4ServiceManager"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 79224] "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2008-10-28 136600] "SkyTel"="SkyTel.EXE" [2006-04-24 C:\WINDOWS\SkyTel.exe] "RTHDCPL"="RTHDCPL.EXE" [2006-05-04 C:\WINDOWS\RTHDCPL.exe] "nwiz"="nwiz.exe" [2008-10-07 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2002-12-31 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_3"="advpack.dll" [2002-12-31 C:\WINDOWS\system32\advpack.dll] C:\Documents and Settings\Srdjan\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "C:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "C:\\Program Files\\Bonjour\\mDNSResponder.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 R2 adfs;adfs;C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720] R2 Apache2.2;Apache2.2;C:\xampp\apache\bin\apache.exe [2007-09-20 17408] R2 JavaQuickStarterService;Java Quick Starter;C:\Program Files\Java\jre6\bin\jqs.exe [2008-10-28 152984] R3 TNET1130;D-Link AirPlus G+ Wireless Adapter;C:\WINDOWS\system32\DRIVERS\GPlus.sys [2004-05-21 283392] Newly Created Service - PROCEXP90 Newly Created Service - UMWDF . Contents of the 'Scheduled Tasks' folder 2008-10-28 C:\WINDOWS\Tasks\Antispyware Scheduled Scan.job - C:\Program Files\Antispyware\Antispyware.exe [] 2008-10-28 C:\WINDOWS\Tasks\Antispyware Scheduled Scan.job - C:\Program Files\Antispyware [] 2008-10-27 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2008-10-28 C:\WINDOWS\Tasks\XoftSpySE.job - C:\Program Files\XoftSpySE\XoftSpy.exe [2006-03-10 21:24] . - - - - ORPHANS REMOVED - - - - HKCU-Run-Antispyware - C:\Program Files\Antispyware\Antispyware.exe HKLM-Run-WinampAgent - C:\Program Files\Winamp\winampa.exe . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\Srdjan\Application Data\Mozilla\Firefox\Profiles\9uioxzgf.default\ FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll FF -: plugin - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll FF -: plugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll FF -: plugin - C:\Program Files\Opera\program\plugins\NPOFF12.DLL . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-10-28 19:41:07 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-10-28 19:41:43 ComboFix-quarantined-files.txt 2008-10-28 18:41:40 Pre-Run: 89,152,294,912 bytes free Post-Run: 89,322,291,200 bytes free 178

Profil

dr_Bora Poslao: 28 Okt 2008 20:38 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ništa konkretno ovde - par nekih sitnica... Obriši file: C:\WINDOWS\Tasks\Antispyware Scheduled Scan.job i, ako postoji, folder: C:\Program Files\Antispyware Javi kako je prošlo skeniranje...

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Worm - nocna mora

Ko je trenutno na forumu

Ukupno su 777 korisnika na forumu :: 11 registrovanih, 0 sakrivenih i 766 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 4channer, bato, bigfoot, darios, kybonacci, Libertas, Lord Nem, nemkea71, slonic_tonic, stalja, wizzardone

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by