MyCity » Ambulanta -> Arhiva Ambulante » help

help

Napisano na dan: 12.5.2009

help

Sledeća strana

Pagination

Odgovori

zelezeka Poslao: 12 Maj 2009 04:26 Idi na vrh
offline zelezeka Novi MyCity građanin Pridružio: 12 Maj 2009 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 05:38:22 ã, on 12/05/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Safe mode Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\savedump.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system\svchost.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Administrator\Desktop\ambulanta\TR3.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = google.co.uk/ie R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = google.co.uk/ie R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - Default URLSearchHook is missing F2 - REG:system.ini: UserInit=userinit.exe,C:\WINDOWS\system\svchost.exe O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing) O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\VistaPack\Styler\TB\StylerTB.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing) O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe O4 - HKLM\..\Run: [KelsPakSoft] C:\WINDOWS\system32\mmm.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - Startup: windows.pif = ? O4 - Global Startup: Empty.pif = ? O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe -- End of file - 3420 bytes moj problem je sto od pre par dana ne mogu da startujem racunar normalno, samo na safe mode, a posto nemam internet konekciju, ovaj log sam okacio sa komsijinog kompa. prebacivao sam neku muziku sa flasha za koji se ispostavilo da je pun virusa, pa sam verovatno nesto pokupio, a sad na safe ne mogu da instaliram antivirus.

Profil

diarno Poslao: 12 Maj 2009 14:54 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi instalaciju za program Malwarebytes Anti-Malware sa sledećeg linka: http://www.besttechie.net/tools/mbam-setup.exe Dvoklikom pokreni instalaciju - na samom kraju procesa, proveri da su obeležene opcije: Update Malwarebytes' Anti-Malware; Launch Malwarebytes Anti-Malware; a zatim klikni Finish. Nakon završenog ažuriranja program će se pokrenuti. Izaberi opciju Perform Quick Scan i klikni Scan. Po završetku procesa klikni OK, Show Results: u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected. Po završetku procesa, logfile će se otvoriti u Notepad-u; iskopiraj ga u temu na forumu. Ukoliko program zatraži restart kako bi se završio proces čišćenja, obavezno ga dozvoliti. Napomena: ako dođe do restarta na kraju procesa čišćenja, logfile će biti dostupan na Logs kartici (obeleži ga i klikni Open). Takođe, nakon svega, potrebno je postaviti i svež HijackThis logfile.

Profil

zelezeka Poslao: 14 Maj 2009 07:26 Idi na vrh
offline zelezeka Novi MyCity građanin Pridružio: 12 Maj 2009 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 14 Maj 2009 7:26 Malwarebytes' Anti-Malware 1.36 Database version: 1945 Windows 5.1.2600 Service Pack 2 14/05/2009 03:27:02 ã mbam-log-2009-05-14 (15-27-02).txt Scan type: Quick Scan Objects scanned: 63968 Time elapsed: 5 minute(s), 19 second(s) Memory Processes Infected: 1 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 4 Folders Infected: 0 Files Infected: 22 Memory Processes Infected: C:\WINDOWS\system\svchost.exe (Backdoor.Bot) -> Unloaded process successfully. Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Backdoor.Bot) -> Data: c:\windows\system\svchost.exe -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: C:\Documents and Settings\Administrator\Local Settings\Temp\IXP010.TMP\network.exe (Trojan.Spambot) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\IXP011.TMP\network.exe (Trojan.Spambot) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\IXP012.TMP\network.exe (Trojan.Spambot) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\IXP013.TMP\network.exe (Trojan.Spambot) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\IXP014.TMP\network.exe (Trojan.Spambot) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\IXP015.TMP\network.exe (Trojan.Spambot) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\IXP016.TMP\network.exe (Trojan.Spambot) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\IXP017.TMP\network.exe (Trojan.Spambot) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\IXP018.TMP\network.exe (Trojan.Spambot) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\IXP019.TMP\network.exe (Trojan.Spambot) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\IXP020.TMP\network.exe (Trojan.Spambot) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\IXP021.TMP\network.exe (Trojan.Spambot) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\IXP022.TMP\network.exe (Trojan.Spambot) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\IXP023.TMP\network.exe (Trojan.Spambot) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\IXP024.TMP\network.exe (Trojan.Spambot) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Temp\IXP025.TMP\network.exe (Trojan.Spambot) -> Quarantined and deleted successfully. C:\WINDOWS\system\svchost.exe (Backdoor.Bot) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Empty.pif (Worm.Brontok) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Local Settings\Application Data\lsass.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully. C:\Documents and Settings\Sasa\Local Settings\Application Data\lsass.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\Application Data\explorer.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully. C:\Documents and Settings\Sasa\Application Data\explorer.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully. Dopuna: 14 Maj 2009 7:26 A evo i novog HijackThis loga Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 03:39:26 ã, on 14/05/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Safe mode Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\savedump.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Administrator\Desktop\ambulanta\TR3.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = google.co.uk/ie R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = google.co.uk/ie R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - Default URLSearchHook is missing O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing) O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\VistaPack\Styler\TB\StylerTB.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing) O4 - HKLM\..\Run: [VistaDrive] C:\WINDOWS\VistaDrive\VistaDrive.exe O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe O4 - HKLM\..\Run: [KelsPakSoft] C:\WINDOWS\system32\mmm.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - Startup: windows.pif = ? O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe -- End of file - 3537 bytes

Profil

diarno Poslao: 14 Maj 2009 11:28 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Aj sad probaj da udjes u Normal Mode

Profil

zelezeka Poslao: 14 Maj 2009 14:12 Idi na vrh
offline zelezeka Novi MyCity građanin Pridružio: 12 Maj 2009 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Opet nece, pokrene se i kad stigne do loading your personal settings, restartuje se

Profil

diarno Poslao: 14 Maj 2009 16:31 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skini program RSIT na Desktop: http://images.malwareremoval.com/random/RSIT.exe Pokreni ga dvoklikom a zatim klikni Continue. Na kraju procesa će se otvoriti dva loga: prvi, log.txt će biti maksimizovan i njega je potrebno iskopirati u temu na forumu, te drugi, info.txt koji će biti minimizovan (koji nam za sada ne treba). Postavi sadržaj file-a log.txt u iduću poruku (taj file će biti sačuvan kao C:\rsit\log.txt).

Profil

zelezeka Poslao: 16 Maj 2009 03:30 Idi na vrh
offline zelezeka Novi MyCity građanin Pridružio: 12 Maj 2009 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of random's system information tool 1.06 (written by random/random) Run by Administrator at 2009-05-16 15:51:22 Microsoft Windows XP Professional Service Pack 2 System drive C: has 26 GB (67%) free of 38 GB Total RAM: 255 MB (63% free) HijackThis download failed ======Scheduled tasks folder====== C:\WINDOWS\tasks\1-Click Maintenance.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}] IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2007-02-19 79544] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}] AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - StylerToolBar - C:\Program Files\VistaPack\Styler\TB\StylerTB.dll [2006-05-02 102400] {A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "VistaDrive"=C:\WINDOWS\VistaDrive\VistaDrive.exe [2006-10-05 280779] "LClock"=C:\Program Files\LClock\LClock.exe [2004-09-19 65536] "KelsPakSoft"=C:\WINDOWS\system32\mmm.exe [2005-07-05 828416] "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-08-05 57344] "RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-12-07 30208] "LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-04-13 49152] "DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2004-08-22 81920] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-04-01 5562368] "nwiz"=nwiz.exe /install [] "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2005-04-01 86016] "KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-04-06 401040] "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-04-06 1277584] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"=C:\WINDOWS\system32\CTFMON.EXE [2007-05-05 15360] C:\Documents and Settings\Administrator\Start Menu\Programs\Startup windows.pif [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2007-05-05 236928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2007-05-05 133632] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoResolveTrack"=1 "NoResolveSearch"=1 "NoSMBalloonTip"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D] shell\AutoRun\command - D:\Digital.exe ======File associations====== .bat - edit - C:\WINDOWS\system32\NOTEPAD2.EXE %1 .cmd - edit - C:\WINDOWS\system32\NOTEPAD2.EXE %1 .inf - open - C:\WINDOWS\system32\NOTEPAD2.EXE %1 .ini - open - C:\WINDOWS\system32\NOTEPAD2.EXE %1 .js - edit - C:\WINDOWS\system32\Notepad2.exe %1 .reg - edit - C:\WINDOWS\system32\NOTEPAD2.EXE %1 .txt - open - C:\WINDOWS\system32\NOTEPAD2.EXE %1 .vbs - edit - C:\WINDOWS\system32\Notepad2.exe %1 ======List of files/folders created in the last 1 months====== 2009-05-16 15:51:22 ----D---- C:\rsit 2009-05-16 15:51:22 ----D---- C:\Program Files\trend micro 2009-05-14 15:27:51 ----D---- C:\Avenger 2009-05-14 15:27:51 ----A---- C:\avenger.txt 2009-05-14 15:19:02 ----D---- C:\Documents and Settings\Administrator\Application Data\Malwarebytes 2009-05-14 15:18:55 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-05-14 15:18:54 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-04-29 00:29:49 ----D---- C:\Documents and Settings\Administrator\Application Data\AVGTOOLBAR 2009-04-21 11:49:54 ----ASH---- C:\Documents and Settings\Administrator\Application Data\desktop.ini 2009-04-21 11:49:50 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft 2009-04-21 11:49:50 ----D---- C:\Documents and Settings\Administrator\Application Data\TuneUp Software 2009-04-21 11:49:50 ----D---- C:\Documents and Settings\Administrator\Application Data\Real 2009-04-21 11:49:15 ----A---- C:\WINDOWS\ntbtlog.txt 2009-04-19 21:46:28 ----D---- C:\WINDOWS\Minidump ======List of files/folders modified in the last 1 months====== 2009-05-16 15:51:22 ----RD---- C:\Program Files 2009-05-16 15:49:45 ----D---- C:\WINDOWS 2009-05-14 15:39:20 ----SHD---- C:\RECYCLER 2009-05-14 15:27:51 ----D---- C:\WINDOWS\system32\drivers 2009-05-14 15:27:51 ----D---- C:\WINDOWS\system32 2009-05-12 17:38:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-05-12 17:35:01 ----D---- C:\WINDOWS\system32\CatRoot2 2009-05-09 15:43:44 ----HD---- C:\WINDOWS\inf 2009-04-29 00:19:22 ----D---- C:\WINDOWS\system 2009-04-22 21:28:33 ----A---- C:\WINDOWS\DUMP394f.tmp 2009-04-21 11:49:48 ----D---- C:\Documents and Settings 2009-04-21 11:42:21 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-04-17 21:48:27 ----D---- C:\WINDOWS\Prefetch ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2007-05-05 59392] R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2007-05-05 17152] R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496] S1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2007-04-09 31548] S2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2007-05-05 62336] S3 3dfxvs;3dfxvs; C:\WINDOWS\system32\DRIVERS\3dfxvsm.sys [2001-08-17 148352] S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-08-07 404608] S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-08-05 460864] S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944] S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-04-01 3454656] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2007-05-02 83592] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-05-05 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-05-05 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-04-01 127043] S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2005-08-08 167936] S2 UxTuneUp;TuneUp Design Expansion; C:\WINDOWS\System32\svchost.exe [2007-05-05 14336] S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2007-05-05 14336] -----------------EOF-----------------

Profil

MyCity » Ambulanta -> Arhiva Ambulante » help

Ko je trenutno na forumu

Ukupno su 790 korisnika na forumu :: 35 registrovanih, 5 sakrivenih i 750 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 8u47, bankulen, bojank, BraneS, cenejac111, cifra, Dannyboy, DejanSt, Djokislav, djordje92sm, flash12, gomago, ILGromovnik, Istman, Ivan Campo, Joja, kinez88, Kriglord, Kubovac, kunktator, Maschinekalibar, MiG-29M2, mikki jons, milenko crazy north, Nemanja.M, ostoja, Panonsky, Shinobi, slonic_tonic, vaso1, Vlad000, wolf431, Wrangler, YugoSlav, ZetaMan

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by