MyCity » Ambulanta -> Arhiva Ambulante » Dali sam konacno "cist"

Dali sam konacno "cist"

Napisano na dan: 15.2.2008

Dali sam konacno "cist"

Sledeća strana

Pagination

Zaključano

koda5 Poslao: 15 Feb 2008 12:14 Idi na vrh
offline koda5 Novi MyCity građanin Pridružio: 09 Sep 2006 Poruke: 16 Gde živiš: Veles Makedonija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Bio sam pun najrazlicitijih virusa, spyware, mailware i ne znam sta jos ne. Skenirao sa vise antivirus programa, adaware,spybot, ... i u safemod i svakako. Sada je mnogo mnogo bolje ali me ipak jos nesto muci?!? Kada sam na internetu pojavi se svchost(network service) na 90% i tako drzi neko vreme a za tim oslobodi CPU. I povremeno se IE sam ukljuci (inace koristim mozillu). Moj hijackthis.log izgleda ovako. Jel ovaj routing.exe konacno "mrtav" Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:04:43, on 15.02.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe c:\xampp\apache\bin\apache.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\xampp\mysql\bin\mysqld-nt.exe C:\WINDOWS\system32\nisvcloc.exe C:\Program Files\Eset\nod32krn.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\xampp\apache\bin\apache.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user') O17 - HKLM\System\CCS\Services\Tcpip\..\{B8D12E6C-C98C-4903-9FC6-02D90B45A693}: NameServer = 62.162.32.5 62.162.32.6 O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Apache2.2 - Apache Software Foundation - c:\xampp\apache\bin\apache.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld-nt.exe O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Routing Service (Routing) - Unknown owner - C:\WINDOWS\system32\routing.exe (file missing) -- End of file - 2660 bytes

Profil

helen1 Poslao: 15 Feb 2008 12:20 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nisi ispostovao pravilo prilikom postavljanja loga. Bilo je potrebno da promenis Hijack This.exe u neko drugo ime. Npr.koda5.exe Uradi to pa postavi novi log.

Profil

koda5 Poslao: 15 Feb 2008 13:09 Idi na vrh
offline koda5 Novi MyCity građanin Pridružio: 09 Sep 2006 Poruke: 16 Gde živiš: Veles Makedonija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Se izvinuvam - nisam znao. Evo uradio sam i ovo je novi log Logfile of HijackThis v1.99.1 Scan saved at 13:04:22, on 15.02.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe c:\xampp\apache\bin\apache.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\xampp\mysql\bin\mysqld-nt.exe C:\WINDOWS\system32\nisvcloc.exe C:\Program Files\Eset\nod32krn.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\xampp\apache\bin\apache.exe C:\WINDOWS\system32\taskmgr.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\koda5\Desktop\koda5\koda5.exe O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{B8D12E6C-C98C-4903-9FC6-02D90B45A693}: NameServer = 62.162.32.5 62.162.32.6 O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Apache2.2 - Unknown owner - c:\xampp\apache\bin\apache.exe" -k runservice (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld-nt.exe O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Routing Service (Routing) - Unknown owner - C:\WINDOWS\system32\routing.exe (file missing)

Profil

helen1 Poslao: 15 Feb 2008 15:34 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pokreni HJT, skeniraj i čekiraj/označi sledecu liniju: O23 - Service: Routing Service (Routing) - Unknown owner - C:\WINDOWS\system32\routing.exe (file missing) a zatim klikni Fix Checked. Resetuj racunar. Podigni sistem i postavi nam novi HijackThis log.

Profil

koda5 Poslao: 15 Feb 2008 21:27 Idi na vrh
offline koda5 Novi MyCity građanin Pridružio: 09 Sep 2006 Poruke: 16 Gde živiš: Veles Makedonija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! To sam vec uradio ali evo jos jednom. Logfile of HijackThis v1.99.1 Scan saved at 21:20:59, on 15.02.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe c:\xampp\apache\bin\apache.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\xampp\mysql\bin\mysqld-nt.exe C:\WINDOWS\system32\nisvcloc.exe C:\Program Files\Eset\nod32krn.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\xampp\apache\bin\apache.exe C:\Documents and Settings\koda5\Desktop\koda5\koda5.exe O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Apache2.2 - Unknown owner - c:\xampp\apache\bin\apache.exe" -k runservice (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSQLEXPRESS (file missing) O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld-nt.exe O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Routing Service (Routing) - Unknown owner - C:\WINDOWS\system32\routing.exe (file missing)

Profil

DEMIAN Poslao: 16 Feb 2008 16:55 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! helen1 nije tu pa ću ja nastaviti umesto njega.. Uradi sledeće. Skini ComboFix sa jedne od sledecih adresa na Desktop: http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

koda5 Poslao: 17 Feb 2008 09:58 Idi na vrh
offline koda5 Novi MyCity građanin Pridružio: 09 Sep 2006 Poruke: 16 Gde živiš: Veles Makedonija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo log ComboFix 08-02-17.2 - koda5 2008-02-17 9:38:34.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1251.1.1033.18.610 [GMT 1:00] Running from: C:\Documents and Settings\koda5\Desktop\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\temp\tn3 . ---- Previous Run ------- . C:\WINDOWS\system32\drivers\core.cache.dsk C:\WINDOWS\system32\drivers\usbsermptxpp.sys C:\Program Files\internet explorer\keygen.exe C:\temp\tn3 C:\WINDOWS\system32\Cache C:\WINDOWS\system32\drivers\core.cache.dsk C:\WINDOWS\system32\drivers\usbsermptxpp.sys . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_USBSERMPTXPP -------\usbsermptxpp ((((((((((((((((((((((((( Files Created from 2008-01-17 to 2008-02-17 ))))))))))))))))))))))))))))))) . 2008-02-16 22:43 . 2008-02-16 22:44 <DIR> d-------- C:\Program Files\BrowsingTool 2008-02-16 14:38 . 2008-02-16 14:41 46,792,704 --a------ C:\WINDOWS\system32\BJYHEWOLQCK 2008-02-15 12:17 . 2008-02-16 13:28 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-02-15 12:17 . 2008-02-15 12:17 1,409 --a------ C:\WINDOWS\QTFont.for 2008-02-15 07:04 . 2008-02-15 07:04 <DIR> d-------- C:\Documents and Settings\koda5\Application Data\HateML 2008-02-14 11:01 . 2008-02-14 11:01 <DIR> d-------- C:\Documents and Settings\koda5\Application Data\HEXelon 2008-02-14 11:00 . 2008-02-14 11:12 <DIR> d-------- C:\Program Files\TC UP 2008-02-12 23:51 . 2008-02-12 23:51 <DIR> d-------- C:\Program Files\Trend Micro 2008-02-12 23:18 . 2008-02-12 23:18 27,069 --a------ C:\WINDOWS\system32\tmp5_60263244086.bk 2008-02-12 22:36 . 2008-02-12 22:36 <DIR> d-------- C:\Program Files\Avanquest update 2008-02-12 22:36 . 2008-02-12 22:36 <DIR> d-------- C:\Documents and Settings\Damjan\Application Data\InstallShield 2008-02-12 22:34 . 2008-02-12 22:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avanquest Software 2008-02-12 21:13 . 2008-02-12 21:20 <DIR> d-------- C:\Program Files\Bee Icons 2008-02-11 19:54 . 2008-02-11 19:54 140,828 --a------ C:\WINDOWS\system32\tmp5_271708813970.bk 2008-02-11 19:52 . 2008-02-11 19:52 158,108 --a------ C:\WINDOWS\system32\tmp5_33788564461.bk 2008-02-11 19:51 . 2008-02-11 19:51 140,828 --a------ C:\WINDOWS\system32\tmp4_53356377188.bk 2008-02-11 19:48 . 2008-02-11 19:48 133,628 --a------ C:\WINDOWS\system32\tmp0_357945316023.bk 2008-02-11 18:17 . 2008-02-11 18:17 <DIR> d-------- C:\Program Files\Lavasoft 2008-02-11 18:16 . 2008-02-11 18:16 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-02-11 14:38 . 2008-02-11 14:38 552 --a------ C:\WINDOWS\system32\d3d8caps.dat 2008-02-11 14:09 . 2008-02-11 14:08 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys 2008-02-11 14:09 . 2008-02-11 14:08 298,104 --a------ C:\WINDOWS\system32\imon.dll 2008-02-11 14:09 . 2008-02-11 14:08 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys 2008-02-11 14:03 . 2008-02-11 14:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg7 2008-02-11 13:58 . 2008-02-11 13:58 <DIR> d-------- C:\Documents and Settings\koda5\Application Data\Uniblue 2008-02-10 19:56 . 2008-02-16 18:11 <DIR> d-------- C:\Program Files\sXe Injected 2008-02-09 15:20 . 2008-02-09 15:20 <DIR> d-------- C:\Program Files\Google 2008-02-09 10:34 . 2008-02-10 23:58 <DIR> d-------- C:\Documents and Settings\koda5\Application Data\MySQL 2008-02-09 10:33 . 2008-02-09 10:33 <DIR> d-------- C:\Program Files\MySQL 2008-02-09 09:57 . 2008-02-09 10:02 <DIR> d-------- C:\xampp 2008-02-08 12:52 . 2008-02-08 12:52 <DIR> d-------- C:\Documents and Settings\koda5\Application Data\FileFactory Turbo 2008-02-06 20:09 . 2008-02-06 20:09 <DIR> d-------- C:\Program Files\RFA Platinum 2008-02-06 20:09 . 2008-02-11 18:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\RFA_Backups 2008-02-06 16:12 . 2008-02-06 16:12 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Apple Computer 2008-02-06 11:15 . 2008-02-06 11:15 40 --a------ C:\WINDOWS\system32\drmgs.sys 2008-02-06 11:11 . 2008-02-06 11:11 101 --a------ C:\WINDOWS\wininit.ini 2008-02-06 10:10 . 2008-02-06 10:10 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-02-06 10:10 . 2008-02-06 11:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-02-06 01:18 . 2006-03-28 08:54 696,320 --a------ C:\WINDOWS\system32\libeay32.dll 2008-02-06 01:18 . 2006-03-28 08:55 155,648 --a------ C:\WINDOWS\system32\ssleay32.dll 2008-02-03 21:05 . 2008-02-03 21:05 <DIR> d-------- C:\Documents and Settings\Guest\Application Data\GSC 2008-02-03 19:59 . 2008-02-03 20:00 <DIR> d-------- C:\Program Files\KONAMI 2008-02-03 12:22 . 2008-02-03 12:22 <DIR> d-------- C:\Program Files\AviSynth 2.5 2008-02-03 12:21 . 2008-02-03 13:21 <DIR> d-------- C:\Program Files\Avi2Dvd 2008-02-03 10:51 . 2008-02-03 10:51 <DIR> d-------- C:\Program Files\Kaspersky Lab 2008-02-03 10:50 . 2008-02-03 10:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2008-02-02 19:57 . 2008-02-02 19:57 <DIR> d-------- C:\Program Files\Common Files\Softwin 2008-02-02 19:57 . 2008-02-03 10:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender 2008-02-02 12:06 . 2008-02-02 12:28 <DIR> d-------- C:\DVDVolume 2008-02-02 11:59 . 2008-02-17 09:38 <DIR> d-------- C:\Temp 2008-02-02 11:29 . 2008-02-02 11:29 <DIR> d-------- C:\Program Files\URUSoft 2008-02-02 09:53 . 2008-02-05 00:19 <DIR> d-------- C:\Program Files\EWB512 2008-02-02 09:53 . 2008-02-02 09:53 216,064 --a------ C:\WINDOWS\iun3405.exe 2008-02-01 17:58 . 2008-02-03 18:54 <DIR> d-------- C:\Documents and Settings\Damjan\Application Data\GSC 2008-02-01 14:51 . 2008-02-01 14:51 <DIR> d-------- C:\Program Files\Business Objects 2008-02-01 14:40 . 2008-02-01 14:50 <DIR> d-------- C:\Program Files\Microsoft SQL Server 2008-02-01 14:40 . 2008-02-01 14:40 <DIR> d-------- C:\Program Files\Microsoft Device Emulator 2008-02-01 14:38 . 2008-02-01 14:39 <DIR> d-------- C:\Program Files\Windows Mobile 5.0 SDK R2 2008-02-01 14:37 . 2008-02-01 14:37 <DIR> d-------- C:\Program Files\Microsoft Synchronization Services 2008-02-01 14:37 . 2008-02-01 14:37 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition 2008-02-01 14:14 . 2008-02-01 14:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PreEmptive Solutions 2008-02-01 14:12 . 2008-02-01 14:12 <DIR> d-------- C:\Program Files\vso 2008-02-01 14:04 . 2008-02-01 14:04 <DIR> d-------- C:\WINDOWS\symbols 2008-02-01 14:00 . 2008-02-01 14:51 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 9.0 2008-02-01 14:00 . 2008-02-01 14:00 <DIR> d-------- C:\Program Files\Microsoft SDKs 2008-02-01 14:00 . 2008-02-01 14:06 <DIR> d-------- C:\Program Files\HTML Help Workshop 2008-02-01 14:00 . 2008-02-01 14:15 <DIR> d-------- C:\Program Files\Common Files\Merge Modules 2008-02-01 14:00 . 2008-02-01 14:00 <DIR> d-------- C:\Program Files\CE Remote Tools 2008-02-01 13:55 . 2008-02-01 13:55 <DIR> d-------- C:\Program Files\Microsoft Web Designer Tools 2008-02-01 13:55 . 2008-02-01 13:55 <DIR> dr-h----- C:\MSOCache 2008-02-01 13:47 . 2008-02-01 13:47 <DIR> d-------- C:\WINDOWS\system32\XPSViewer 2008-02-01 13:47 . 2008-02-01 13:47 <DIR> d-------- C:\Program Files\Reference Assemblies 2008-02-01 13:47 . 2008-02-01 14:05 <DIR> d-------- C:\Program Files\MSBuild 2008-02-01 13:46 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll 2008-02-01 13:40 . 2008-02-01 13:40 <DIR> d-------- C:\Program Files\MSXML 6.0 2008-01-31 23:13 . 2008-01-31 23:13 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx 2008-01-31 23:13 . 2008-01-31 23:13 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts 2008-01-31 18:51 . 2008-01-31 18:51 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Ahead 2008-01-30 21:10 . 2008-02-06 16:12 1,324 --a------ C:\WINDOWS\system32\d3d9caps.dat 2008-01-29 19:31 . 2008-01-29 19:31 <DIR> d-------- C:\Documents and Settings\Damjan\Application Data\Apple Computer 2008-01-29 18:01 . 2008-01-29 18:01 <DIR> d-------- C:\Documents and Settings\Guest\Application Data\Apple Computer 2008-01-28 21:37 . 2008-02-06 10:02 <DIR> d-------- C:\Documents and Settings\Damjan\Application Data\UseNeXT 2008-01-28 21:08 . 2008-01-28 21:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SpinTopV1005 2008-01-28 19:06 . 2008-01-28 19:06 <DIR> d-------- C:\Program Files\TryMedia 2008-01-27 20:14 . 2008-01-27 20:14 <DIR> d-------- C:\Documents and Settings\koda5\.borland 2008-01-27 20:06 . 2008-01-27 20:07 <DIR> d-------- C:\Program Files\Delphi7SE 2008-01-27 19:54 . 2008-01-27 19:54 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Ahead 2008-01-27 07:18 . 2008-01-27 07:18 125 --a------ C:\ioSpecial.ini 2008-01-26 01:39 . 2008-01-26 01:39 <DIR> d-------- C:\Program Files\UseNeXT 2008-01-26 01:39 . 2008-02-06 10:02 <DIR> d-------- C:\Documents and Settings\koda5\Application Data\UseNeXT 2008-01-26 01:37 . 2008-01-26 01:38 <DIR> d-------- C:\WINDOWS\system32\URTTemp 2008-01-25 19:09 . 2008-01-25 19:09 <DIR> d-------- C:\Program Files\Common Files\Bcgsoft 2008-01-25 19:03 . 2008-01-25 19:03 <DIR> d-------- C:\WINDOWS\system32\cvirte 2008-01-25 19:03 . 2008-01-25 19:03 <DIR> d-------- C:\Program Files\National Instruments 2008-01-25 18:59 . 2008-01-25 18:59 <DIR> d-------- C:\Program Files\Electronics Workbench 2008-01-24 19:50 . 2008-01-27 07:21 <DIR> d-------- C:\Program Files\WarChess 2008-01-23 20:55 . 2008-01-23 20:55 <DIR> d-------- C:\Documents and Settings\Damjan\Application Data\SpinTop 2008-01-23 11:57 . 2008-02-02 18:13 <DIR> d-------- C:\Program Files\IconSaver 2008-01-22 21:44 . 2008-01-22 21:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Trymedia 2008-01-22 21:00 . 2008-01-27 07:17 <DIR> d-------- C:\Program Files\Comlander Siege 2 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-17 08:37 --------- d-----w C:\Program Files\Mozilla Thunderbird 2008-02-16 23:06 --------- d-----w C:\Documents and Settings\Damjan\Application Data\skypePM 2008-02-16 21:36 --------- d-----w C:\Program Files\Valve 2008-02-16 18:50 --------- d-----w C:\Documents and Settings\Damjan\Application Data\LimeWire 2008-02-15 09:54 --------- d-----w C:\Documents and Settings\koda5\Application Data\uTorrent 2008-02-13 17:49 --------- d-----w C:\Program Files\QuickTime 2008-02-13 17:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-02-12 22:14 --------- d-----w C:\Documents and Settings\Damjan\Application Data\uTorrent 2008-02-12 21:36 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-12 21:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\BVRP Software 2008-02-11 23:03 --------- d-----w C:\Program Files\MSECache 2008-02-11 13:24 --------- d-----w C:\Program Files\ESET 2008-02-09 19:20 --------- d-----w C:\Program Files\Common Files\Adobe 2008-02-07 17:15 --------- d-----w C:\Documents and Settings\koda5\Application Data\LimeWire 2008-02-06 21:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet 2008-02-06 15:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\iolo 2008-02-03 09:31 81,984 ----a-w C:\WINDOWS\system32\bdod.bin 2008-02-01 13:48 --------- d-----w C:\Program Files\Microsoft.NET 2008-02-01 13:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-01-27 06:22 --------- d-----w C:\Program Files\Yahoo! 2008-01-27 06:18 --------- d-----w C:\Program Files\DivX 2008-01-25 12:58 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations 2008-01-22 18:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype 2008-01-18 16:09 --------- d-----w C:\Program Files\LimeWire 2008-01-16 19:56 --------- d-----w C:\Program Files\WIBUKEY 2008-01-16 19:56 --------- d-----w C:\Program Files\WIBU-SYSTEMS 2008-01-16 19:55 --------- d-----w C:\Program Files\Motorola 2008-01-16 19:51 --------- d-----w C:\Documents and Settings\koda5\Application Data\Skype 2008-01-16 17:57 --------- d-----w C:\Documents and Settings\Damjan\Application Data\Shareaza 2008-01-16 15:02 --------- d-----w C:\Documents and Settings\koda5\Application Data\skypePM 2008-01-15 16:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\TechSmith 2008-01-15 16:01 --------- d-----w C:\Program Files\TechSmith 2008-01-14 17:51 --------- d-----w C:\Program Files\K-Lite Codec Pack 2008-01-14 17:25 --------- d-----w C:\Documents and Settings\koda5\Application Data\Nokia Multimedia Player 2008-01-14 16:28 --------- d-----w C:\Program Files\Motorola Phone Tools 2008-01-14 16:27 24,192 ----a-w C:\WINDOWS\system32\drivers\usbsermptxp.sys 2008-01-14 16:27 24,192 ----a-w C:\Documents and Settings\koda5\usbsermptxp.sys 2008-01-14 16:27 22,768 ----a-w C:\Documents and Settings\koda5\usbsermpt.sys 2008-01-12 21:38 --------- d-----w C:\Documents and Settings\Guest\Application Data\Locktime 2008-01-12 16:57 --------- d-----w C:\Documents and Settings\Damjan\Application Data\Locktime 2008-01-12 11:41 --------- d-----w C:\Documents and Settings\koda5\Application Data\Locktime 2008-01-12 11:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Locktime 2008-01-08 20:53 --------- d-----w C:\Documents and Settings\koda5\Application Data\BSplayer Pro 2008-01-07 17:25 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat 2008-01-07 09:11 --------- d-----w C:\Documents and Settings\koda5\Application Data\Nokia 2008-01-02 22:00 --------- d-----w C:\Program Files\DVDlabPro2 2008-01-01 11:37 --------- d-----w C:\Program Files\LearnKey 2007-12-30 12:33 --------- d-----w C:\Program Files\AppDev 2007-12-30 12:13 --------- d-----w C:\Program Files\Tomb Raider - Legend 2007-12-29 14:08 --------- d-----w C:\Documents and Settings\Guest\Application Data\PC Suite 2007-12-28 21:08 --------- d-----w C:\Documents and Settings\Damjan\Application Data\BSplayer Pro 2007-12-27 18:29 --------- d-----w C:\Documents and Settings\Damjan\Application Data\PC Suite 2007-12-27 17:17 --------- d-----w C:\Documents and Settings\koda5\Application Data\PC Suite 2007-12-27 14:25 --------- d-----w C:\Program Files\DIFX 2007-12-27 14:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite 2007-12-27 14:24 --------- d-----w C:\Program Files\Nokia 2007-12-27 14:24 --------- d-----w C:\Program Files\Common Files\PCSuite 2007-12-27 14:24 --------- d-----w C:\Program Files\Common Files\Nokia 2007-12-27 14:23 --------- d-----w C:\Program Files\PC Connectivity Solution 2007-12-24 12:49 7,680 ----a-w C:\WINDOWS\system32\ff_vfw.dll 2007-12-23 11:56 --------- d-----w C:\Program Files\VideoLAN 2007-12-04 01:33 682,496 ----a-w C:\WINDOWS\system32\divx.dll 2007-11-25 15:52 88,576 ---ha-w C:\Documents and Settings\Guest\Application Data\rbap550.dll 2007-11-25 12:18 231,875 ----a-w C:\WINDOWS\EasyGifAnimator_Toolbar_Uninstaller_484.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D0661233-42D4-F7F1-80E1-8A9E0E99E71D}] 2007-12-30 21:48 1019904 --a------ C:\Program Files\BrowsingTool\BrowsingTool-1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 22:48 479232] "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-02-11 14:08 949376] "MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-03 23:56 158208] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BlueSoleil.lnk] backup=C:\WINDOWS\pss\BlueSoleil.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk] backup=C:\WINDOWS\pss\WinZip Quick Pick.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AAWTray] --a------ 2007-08-08 15:53 88024 C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools] --a------ 2007-04-03 23:29 165784 C:\Program Files\DAEMON Tools\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --------- 2004-10-13 17:24 1694208 C:\Program Files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2006-01-12 15:40 155648 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] --a------ 2007-12-10 10:12 695808 C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-01-31 23:13 385024 C:\Program Files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\rfagent] --a------ 2007-03-28 19:52 617576 C:\Program Files\RFA Platinum\rfagent.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSystemAnalyzer] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] -ra------ 2004-12-22 10:09 77824 C:\WINDOWS\SOUNDMAN.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSearch] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WhenUSearchWHSE] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "lkTimeSync"=2 (0x2) "lkClassAds"=2 (0x2) "LkCitadelServer"=2 (0x2) "ioloSystemService"=2 (0x2) "ioloFileInfoList"=2 (0x2) "aawservice"=2 (0x2) R1 VD_FileDisk;VD_FileDisk;C:\WINDOWS\system32\drivers\VD_FileDisk.sys [2006-01-13 14:00] R2 Apache2.2;Apache2.2;"c:\xampp\apache\bin\apache.exe" [2007-03-05 11:23] R2 cvintdrv;cvintdrv;C:\WINDOWS\system32\drivers\cvintdrv.sys [2005-06-10 10:01] R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP);C:\WINDOWS\system32\inetsrv\inetinfo.exe [2004-08-03 23:56] R2 SQLWriter;SQL Server VSS Writer;"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2007-02-10 05:29] S2 Routing;Routing Service;C:\WINDOWS\system32\routing.exe [] S3 BTNetFilter;Bluetooth Network Filter;C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys [2006-11-21 22:41] S3 CAS;CAS;C:\DOCUME~1\koda5\LOCALS~1\Temp\CAS.exe [] S3 ddsxeiservice;ddsxeiservice2;C:\Program Files\sXe Injected\ddsxei.sys [2008-02-09 03:02] S3 QBWTTVCEA;QBWTTVCEA;C:\DOCUME~1\koda5\LOCALS~1\Temp\QBWTTVCEA.exe [] S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-10-24 14:10] S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-10-24 14:11] S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-10-24 14:11] S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-10-24 14:12] S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-10-24 14:12] S4 msvsmon90;Visual Studio 2008 Remote Debugger;"C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe" [2007-11-07 08:58] . Contents of the 'Scheduled Tasks' folder "2008-02-13 14:38:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2008-02-03 08:00:00 C:\WINDOWS\Tasks\rpc.job" - C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean.exe . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-02-17 09:42:57 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-02-17 9:43:35 ComboFix-quarantined-files.txt 2008-02-17 08:43:27

Profil

DEMIAN Poslao: 17 Feb 2008 17:28 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! koda5 ::---- Previous Run ------- . C:\WINDOWS\system32\drivers\core.cache.dsk C:\WINDOWS\system32\drivers\usbsermptxpp.sys C:\Program Files\internet explorer\keygen.exe C:\temp\tn3 C:\WINDOWS\system32\Cache C:\WINDOWS\system32\drivers\core.cache.dsk C:\WINDOWS\system32\drivers\usbsermptxpp.sys . ((((((((((((((((((((((((((((((((((((((( Kada si otvorio temu u Ambulanti i pročitao uputstvo o postavljanju loga na forum saglasio si se i sa ovim ispisanim na dnu sledeće strane; http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.htm Citat:Šta je još bitno? ~~~~~~~ 6. Svako onaj koji se zarazio svojom krivicom (posete sajtovima sa za-odrasle-ografijom, (zabranjeno)om, (zabranjeno)ovima, koriscenje P2P programa...) nek prvo pomogne sam sebi da se oslobodi losih navika. Zasto bi smo trosili svoje vreme na nekoga ko ce za kratko vreme ponovo da se zarazi? Toliko od mene. /LOCK

Profil

17 Feb 2008 17:30

DEMIAN

Zaključavanje topica

Razlog: Topic nije u skladu sa pravilima i funkcionisanjem foruma Ambulanta

MyCity » Ambulanta -> Arhiva Ambulante » Dali sam konacno "cist"

Ko je trenutno na forumu

Ukupno su 772 korisnika na forumu :: 26 registrovanih, 4 sakrivenih i 742 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: anbeast, bankulen, bojank, bojcistv, BSD, Bubimir, Dimitrije Paunovic, DPera, gmlale, ILGromovnik, Karla, Kriglord, kripo, kybonacci, Majka, mikki jons, milenko crazy north, Mixelotti, novator, r77adder, slonic_tonic, SR-3m, tubular, vaso1, Vlad000, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by