Možda tražite i:
kako da smuvam decka kojeg nepoznajem sms ili ;)helpppp
Helpppp :///

MyCity » Ambulanta -> Arhiva Ambulante » Helpppp !

Helpppp !

Napisano na dan: 17.11.2008

Helpppp !

Sledeća strana

Pagination

Odgovori

Enfo[R]cer Poslao: 17 Nov 2008 11:50 Idi na vrh
offline Enfo[R]cer Novi MyCity građanin Pridružio: 17 Jul 2008 Poruke: 7	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:24:53 AM, on 11/17/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\nvraidservice.exe C:\Program Files\Conexant\Adsl\dslstat.exe C:\Program Files\Symantec AntiVirus\SavRoam.exe C:\Program Files\Conexant\Adsl\dslagent.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Documents and Settings\speedy\Desktop\HijackThis\HiJackThis.exe R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll (file missing) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\twext.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: WinIss - {17D562A6-DA3D-4F87-B659-86CD06473AB5} - C:\WINDOWS\system32\psguax.dll O2 - BHO: (no name) - {251D50FC-3F03-4CEF-A130-8285EF432D0A} - C:\WINDOWS\system32\1636925052.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\Conexant\Adsl\dslstat.exe icon O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\Conexant\Adsl\dslagent.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.google.com O17 - HKLM\System\CCS\Services\Tcpip\..\{7C47D6F6-A4CD-4E3B-A65C-DD0F2EF93B69}: NameServer = 77.105.0.19 77.105.0.18 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Plug and Play PlugPlayLmHosts (PlugPlayLmHosts) - Unknown owner - C:\WINDOWS\system32\wpv8480.cpx.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Remote Access Connection Manager RasManNetDDEdsdm (RasManNetDDEdsdm) - Unknown owner - C:\WINDOWS\system32\3com_dmim.exe (file missing) O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- End of file - 6371 bytes Skidao sam neke programe jedno vece takodje i program DAP i nesto se desilo i stalno kad otvorim stranicu prebacuje me na neke strancie da skinem bit defender laznjak to sam pre video lazni sajt i tako to a to je sve meni zakaceno u kompu negde takodje kad otvaram mycomputer i foldere na particijama izlazi prozor error da skinem kao ostecen mi kompjuter itd ... E pa kad kliknem yes krene da skida prog i otvara stranice a kad no otvara mnogo IE-a [Link mogu videti samo ulogovani korisnici]

Profil

Piksi Poslao: 17 Nov 2008 13:07 Idi na vrh
offline Piksi Elitni građanin Pridružio: 13 Nov 2003 Poruke: 2435	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Klikni desnim tasterom na Symantec EndPoint Protection ikonicu u donjem, desnom uglu ekrana i izaberi Disable Symantec EndPoint Protection. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. Svrha prethodnog koraka je da se isključi zaštita dok CF skenira. Ukoliko kod tebe nije onako kako je opisano, pokušaj sam da je isključiš. Skini ComboFix sa jedne od sledecih adresa na Desktop: [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

Enfo[R]cer Poslao: 17 Nov 2008 20:29 Idi na vrh
offline Enfo[R]cer Novi MyCity građanin Pridružio: 17 Jul 2008 Poruke: 7	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovaj program mi je sve sredio evo vam log vidim nesto je bilo failed to delete ali nema vise error-a onih kao sa slika koje sam uploadovao danas )). Ako Piksi dodjes u Bbrenovac nekad imas pice od mene :DDD )). Mnogo si mi pomogao ja cu posecivati temu dok ne odgovoris ako treba jos nesto da se sredi mzoda ili za ovaj sto nije mogao da izbrise ... zz ComboFix 08-11-16.05 - speedy 2008-11-17 20:08:15.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.559 [GMT 1:00] Running from: c:\documents and settings\speedy\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat c:\documents and settings\LocalService\Application Data\twain_32 c:\documents and settings\LocalService\Application Data\twain_32\user.ds c:\windows\IE4 Error Log.txt c:\windows\k.txt c:\windows\nel2.ini c:\windows\system32\drivers\npf.sys c:\windows\system32\drivers\RQRUSUQM.sys c:\windows\system32\nel32.dll c:\windows\system32\Packet.dll c:\windows\system32\pthreadVC.dll c:\windows\system32\shell31.dll c:\windows\system32\stsb.exe c:\windows\system32\twain_32 c:\windows\system32\twain_32\local.ds c:\windows\system32\twain_32\user.ds c:\windows\system32\twext.exe c:\windows\system32\wpcap.dll c:\windows\system32\wpv7990.cpx c:\windows\system32\wpv8480.cpx c:\windows\system32\1636925052.dll . . . . failed to delete ----- BITS: Possible infected sites ----- [Link mogu videti samo ulogovani korisnici] . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_NPF -------\Legacy_OREANS32 -------\Legacy_PLUGPLAYLMHOSTS -------\Legacy_RASMANNETDDEDSDM -------\Legacy_RQRUSUQM -------\Service_NPF -------\Service_oreans32 -------\Service_PlugPlayLmHosts -------\Service_RasManNetDDEdsdm -------\Service_RQRUSUQM ((((((((((((((((((((((((( Files Created from 2008-10-17 to 2008-11-17 ))))))))))))))))))))))))))))))) . 2008-11-17 17:24 . 2008-11-17 17:24 <DIR> d-------- c:\program files\Windows Defender 2008-11-17 00:57 . 2008-11-17 00:57 <DIR> d-------- c:\program files\Lavasoft 2008-11-17 00:57 . 2008-11-17 00:57 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard 2008-11-17 00:57 . 2008-11-17 00:58 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft 2008-11-16 22:34 . 2008-11-16 22:35 <DIR> d-------- c:\windows\system32\NtmsData 2008-11-16 01:20 . 2008-11-16 01:20 <DIR> d-------- c:\documents and settings\Administrator 2008-11-15 22:57 . 2008-11-15 22:57 61,440 --a------ c:\windows\system32\psguax.dll 2008-11-15 22:49 . 2008-11-15 22:49 479,298 --a------ c:\windows\system32\wbocx.ocx 2008-11-15 22:49 . 2008-11-15 22:49 172,032 --a------ c:\windows\system32\AniGIF.ocx 2008-11-15 22:49 . 2008-11-15 22:49 50,688 --a------ c:\windows\system32\wbhelp2.dll 2008-11-14 20:01 . 2008-11-16 21:06 <DIR> d-------- c:\program files\World of Warcraft 2008-11-14 20:01 . 2008-11-14 20:45 <DIR> d-------- c:\program files\Common Files\Blizzard Entertainment 2008-11-13 18:01 . 2008-11-13 18:23 <DIR> d-------- c:\program files\StyleZone 2008-11-12 14:38 . 2008-11-12 14:38 <DIR> d-------- c:\program files\MSN Messenger 2008-11-12 14:31 . 2008-11-12 14:36 <DIR> d-------- c:\program files\Windows Live 2008-11-11 14:18 . 2008-11-12 20:08 116,480 --a------ c:\windows\system32\1636925052.dll 2008-11-11 14:18 . 2008-11-11 14:18 16,384 --ahs---- c:\windows\system32\12520437g.dll 2008-11-11 14:17 . 2008-11-11 14:17 180,224 --a------ c:\windows\MOTUAAAH.exe 2008-11-10 16:09 . 2008-11-10 16:51 <DIR> d-------- c:\program files\Logo Design Studio 2008-11-08 22:23 . 2008-11-11 15:22 32 --a-s---- c:\windows\system32\2429302452.dat 2008-11-08 22:23 . 2008-11-08 22:23 29 --a------ c:\windows\system32\sfqawiaq.tmp 2008-11-08 22:22 . 2008-11-11 14:18 338 --a-s---- c:\windows\system32\389194856.dat 2008-11-04 20:59 . 2008-11-04 20:59 335 --a------ c:\windows\mozregistry.dat 2008-11-04 14:04 . 2008-11-04 14:04 <DIR> d-------- c:\documents and settings\speedy\Application Data\Talkback 2008-11-04 14:02 . 2008-11-04 14:02 <DIR> d-------- c:\documents and settings\speedy\Application Data\Thunderbird 2008-10-31 17:12 . 2008-11-14 19:56 174 --a------ c:\windows\game.ini 2008-10-25 21:05 . 2008-10-25 21:05 0 --a------ c:\windows\vpc32.INI 2008-10-24 23:42 . 2006-09-18 16:55 109,744 --a------ c:\windows\system32\drivers\SYMEVENT.SYS 2008-10-24 23:42 . 2006-09-18 16:55 48,816 --a------ c:\windows\system32\S32EVNT1.DLL 2008-10-24 23:41 . 2008-11-17 20:13 <DIR> d-------- c:\program files\Symantec AntiVirus 2008-10-24 23:41 . 2008-10-24 23:42 <DIR> d-------- c:\program files\Symantec 2008-10-24 23:41 . 2008-10-24 23:42 <DIR> d-------- c:\program files\Common Files\Symantec Shared 2008-10-24 23:41 . 2008-10-24 23:41 <DIR> d-------- c:\documents and settings\All Users\Application Data\Symantec 2008-10-20 14:02 . 2008-10-20 14:02 <DIR> d-------- c:\program files\ReflexiveArcade 2008-10-20 14:02 . 2008-11-10 15:45 <DIR> d-------- c:\program files\Break Ball 2 Gold 2008-10-19 20:00 . 2008-11-01 23:40 <DIR> d-------- c:\documents and settings\All Users\Application Data\TrackMania 2008-10-18 21:24 . 2008-10-18 21:25 <DIR> d-------- c:\program files\Microsoft Expression . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-16 22:55 --------- d-----w c:\program files\Steam 2008-11-16 20:49 2,560 ----a-w c:\windows\_MSRSTRT.EXE 2008-11-16 20:49 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2008-11-16 01:20 --------- d-s---w c:\program files\HLSW 2008-11-16 01:20 --------- d-----w c:\documents and settings\speedy\Application Data\HLSW 2008-11-15 21:49 --------- d-----w c:\documents and settings\All Users\Application Data\SpeedBit 2008-11-15 17:30 --------- d-----w c:\program files\Valve 2008-11-15 15:23 --------- d-----w c:\documents and settings\speedy\Application Data\FileZilla 2008-11-14 18:58 --------- d--h--w c:\program files\InstallShield Installation Information 2008-11-10 14:58 --------- d-----w c:\program files\Rainlendar2 2008-11-07 22:18 218,624 ----a-w c:\windows\system32\uxtheme.dll 2008-10-31 16:14 163,644 ----a-w c:\windows\system32\drivers\secdrv.sys 2008-10-18 20:26 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2008-10-16 14:17 --------- d-----w c:\program files\Winamp 2008-10-16 14:17 --------- d-----w c:\program files\SHOUTcast 2008-10-10 18:13 --------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet 2008-10-08 18:44 --------- d-----w c:\program files\vanBasco's Karaoke Player 2008-10-03 15:02 --------- d-----w c:\documents and settings\speedy\Application Data\Winamp 2008-10-03 12:05 --------- d-----w c:\program files\Common Files\DirectX 2008-09-27 23:00 --------- d-----w c:\documents and settings\All Users\Application Data\ESET 2008-09-26 15:26 0 ----a-w c:\documents and settings\speedy\jagex_runescape_preferences.dat 2008-09-25 14:04 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab 2008-09-24 18:26 --------- d-----w c:\program files\Animated GIF producer 4.0 TRIAL 2008-09-22 18:47 --------- d-----w c:\documents and settings\speedy\Application Data\teamspeak2 2008-09-18 14:45 --------- d-----w c:\program files\Opera . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{251D50FC-3F03-4CEF-A130-8285EF432D0A}] 2008-11-12 20:08 116480 --a------ c:\windows\system32\1636925052.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2001-08-23 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NVRaidService"="c:\windows\system32\nvraidservice.exe" [2004-06-11 83968] "DSLSTATEXE"="c:\program files\Conexant\Adsl\dslstat.exe" [2005-08-25 344064] "DSLAGENTEXE"="c:\program files\Conexant\Adsl\dslagent.exe" [2005-08-25 65536] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-05 81920] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-07-19 52896] "BluetoothAuthenticationAgent"="bthprops.cpl" [2001-08-23 c:\windows\system32\bthprops.cpl] "nwiz"="nwiz.exe" [2007-12-05 c:\windows\system32\nwiz.exe] [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "DisallowRun"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.ACDV"= ACDV.dll "msacm.l3codec"= l3codecp.acm [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVP HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Architect HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smart FTP Client HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] --a------ 2005-09-08 10:06 94208 c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] --a------ 2006-10-26 23:47 31016 c:\program files\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMJPMIG8.1] --a------ 2001-08-23 10:00 208952 c:\windows\ime\IMJP8_1\imjpmig.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint] --a------ 2007-02-06 00:52 849280 c:\program files\Microsoft IntelliPoint\ipoint.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2001-07-09 10:50 155648 c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] --a------ 2007-12-05 00:41 8523776 c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] --a------ 2007-12-05 00:41 81920 c:\windows\system32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002A] --a------ 2001-08-23 10:00 455168 c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PHIME2002ASync] --a------ 2001-08-23 10:00 455168 c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] --a------ 2008-10-08 18:46 1410296 c:\program files\Steam\Steam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2005-11-10 12:03 36975 c:\program files\Java\jre1.5.0_06\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] --a------ 2007-12-05 00:41 1626112 c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] --a------ 2004-12-22 10:09 77824 c:\windows\SOUNDMAN.EXE [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "Regrun2"=c:\progra~1\Greatis\REGRUN~1\WatchDog.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) R0 qtnhpinj;qtnhpinj;c:\windows\system32\drivers\qtnhpinj.sys [2001-08-23 23424] S0 Partizan;Partizan;c:\windows\system32\drivers\Partizan.sys [] S4 gupdate1c9044ac95b4464;Google Update Service (gupdate1c9044ac95b4464);"c:\program files\Google\Update\GoogleUpdate.exe" /svc [] . Contents of the 'Scheduled Tasks' folder 2008-11-17 c:\windows\Tasks\MP Scheduled Scan.job - c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 19:20] 2008-07-05 c:\windows\Tasks\shutdown.job - c:\windows\system32\shutdown.exe [2001-08-23 10:00] . - - - - ORPHANS REMOVED - - - - URLSearchHooks-{F4F10C1D-87C7-404A-B4B3-000000000000} - c:\progra~1\DAP\SBSearch.dll HKCU-Run-Rainlendar2 - c:\program files\Rainlendar2\Rainlendar2.exe SafeBoot-ati6jpxx.sys MSConfigStartUp-RegRun WinBait - c:\windows\winbait.exe MSConfigStartUp-Regrun2 - c:\progra~1\Greatis\REGRUN~1\WatchDog.exe . ------- Supplementary Scan ------- . FireFox -: Profile - c:\documents and settings\speedy\Application Data\Mozilla\Firefox\Profiles\eaggb0xk.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - [Link mogu videti samo ulogovani korisnici] FF -: plugin - c:\documents and settings\speedy\Local Settings\Application Data\Google\Update\1.2.131.11\npGoogleOneClick5.dll FF -: plugin - c:\program files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll FF -: plugin - c:\program files\Google\Lively\nplively.dll FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPJava11.dll FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPJava12.dll FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPJava13.dll FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPJava14.dll FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPJava32.dll FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll FF -: plugin - c:\program files\Java\jre1.5.0_06\bin\NPOJI610.dll . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2008-11-17 20:14:29 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . ------------------------ Other Running Processes ------------------------ . c:\program files\Windows Defender\MsMpEng.exe c:\program files\Common Files\Symantec Shared\ccSetMgr.exe c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe c:\program files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe c:\program files\Lavasoft\Ad-Aware\aawservice.exe c:\program files\Symantec AntiVirus\DefWatch.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\HPZipm12.exe c:\program files\Symantec AntiVirus\SavRoam.exe c:\program files\Symantec AntiVirus\Rtvscan.exe c:\windows\system32\rundll32.exe c:\windows\system32\rundll32.exe c:\windows\system32\wbem\unsecapp.exe . ************************************************************************ . Completion time: 2008-11-17 20:21:20 - machine was rebooted ComboFix-quarantined-files.txt 2008-11-17 19:21:10 Pre-Run: 26,213,908,480 bytes free Post-Run: 26,120,597,504 bytes free 242

Profil

Piksi Poslao: 18 Nov 2008 17:23 Idi na vrh
offline Piksi Elitni građanin Pridružio: 13 Nov 2003 Poruke: 2435	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uploaduj mi sledeći fajl na proveru: c:\windows\system32\shutdown.exe Upload ćeš izvršiti preko sledeće forme: [Link mogu videti samo ulogovani korisnici] Javi kada izvršiš upload. Otvoriti Notepad i iskopirati sledeci tekst: File:: C:\WINDOWS\system32\psguax.dll C:\WINDOWS\system32\1636925052.dll c:\windows\system32\12520437g.dll c:\windows\MOTUAAAH.exe c:\windows\system32\2429302452.dat c:\windows\system32\sfqawiaq.tmp c:\windows\system32\389194856.dat c:\windows\system32\drivers\qtnhpinj.sys Driver:: qtnhpinj Registry:: [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17D562A6-DA3D-4F87-B659-86CD06473AB5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{251D50FC-3F03-4CEF-A130-8285EF432D0A}] Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Helpppp !

Ko je trenutno na forumu

Ukupno su 956 korisnika na forumu :: 37 registrovanih, 3 sakrivenih i 916 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 13297 - dana 20 Jan 2026 17:42

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: abramac, Aleksej, boranin45, Bosnjo, BUDDAR70, cole77, dejno, Dorcolac, dushan, Feller, igorkozar83, Ir, Jablan, ladro, Lance Guest, Lazarus, ljuba.b, markolopin, Milos82, Mis uz pusku, mist-mist, mnn2, Mrav Obrad, pceklic, ruma, saputnik plavetnila, SlaKoj, strn, tomigun, Troja, Trpe Grozni, Vanderx, VanZan, vuksa72, zeo, Zukov, zvomar

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by