MyCity » Ambulanta -> Arhiva Ambulante » Nije mi jasno

Nije mi jasno

Napisano na dan: 13.2.2008

Strana:
1
2

Nije mi jasno

Pagination

Prethodna strana

Odgovori

Strana:
1
2

pepsaja Poslao: 15 Feb 2008 01:10 Idi na vrh
offline pepsaja Novi MyCity građanin Pridružio: 16 Nov 2007 Poruke: 16	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-02-13.2 - pepsaja 2008-02-15 0:58:47.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.110 [GMT 1:00] Running from: C:\Documents and Settings\pepsaja\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\pepsaja\Desktop\CFScript.txt WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE C:\WINDOWS\system32\Win32.exe . ((((((((((((((((((((((((( Files Created from 2008-01-15 to 2008-02-15 ))))))))))))))))))))))))))))))) . 2008-02-13 22:35 . 2008-02-13 22:35 <DIR> d-------- C:\WINDOWS\system32\xircom 2008-02-13 22:35 . 2008-02-13 22:35 <DIR> d-------- C:\WINDOWS\system32\restore 2008-02-13 22:35 . 2008-02-13 22:37 <DIR> d--hs---- C:\WINDOWS\system32\dllcache 2008-02-13 22:35 . 2008-02-13 22:35 <DIR> d-------- C:\WINDOWS\srchasst 2008-02-13 22:35 . 2008-02-13 22:35 <DIR> d-------- C:\Program Files\microsoft frontpage 2008-02-13 17:42 . 2008-02-13 17:42 1,894 --a------ C:\WINDOWS\system32\tmp.reg 2008-02-13 17:34 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2008-02-13 17:34 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2008-02-13 17:34 . 2008-02-08 23:55 85,504 --a------ C:\WINDOWS\system32\VACFix.exe 2008-02-13 17:34 . 2008-02-08 10:37 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe 2008-02-13 17:34 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe 2008-02-13 17:34 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2008-02-13 17:34 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2008-02-06 20:42 . 2005-11-06 00:03 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll 2008-02-06 20:42 . 2005-11-06 00:03 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2008-02-06 20:42 . 2005-11-06 00:03 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll 2008-02-05 20:19 . 2008-02-05 20:19 0 --a------ C:\LOG2AC.tmp 2008-02-05 20:18 . 2008-02-05 20:20 <DIR> d-------- C:\Documents and Settings\pepsaja\Application Data\U3 2008-01-25 20:42 . 2008-01-25 20:42 <DIR> d-------- C:\wally 2008-01-25 12:57 . 2008-01-25 13:08 0 --a------ C:\WINDOWS\system32\BWFAX 2008-01-25 12:54 . 2008-01-25 12:52 27,648 --a------ C:\WINDOWS\system32\bwprnmon.dll 2008-01-25 12:54 . 2008-01-25 12:54 3,347 --a------ C:\WINDOWS\BWRESTOR.REG 2008-01-25 12:54 . 2008-01-25 12:54 3,045 --a------ C:\WINDOWS\BWCHANGE.REG 2008-01-25 12:54 . 2008-01-25 12:54 0 --a------ C:\WINDOWS\system32\bwprnmon.bak 2008-01-25 12:52 . 2008-01-25 12:52 197,024 --a------ C:\WINDOWS\system\UNIDRV.DLL 2008-01-25 12:52 . 2008-01-25 12:52 37,408 --a------ C:\WINDOWS\system\BITWARED.DRV 2008-01-17 13:22 . 2005-11-06 00:03 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2008-01-15 11:47 . 2008-01-15 11:47 <DIR> d-------- C:\Program Files\Microsoft . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-14 21:58 --------- d-----w C:\Program Files\sXe Injected 2008-01-12 19:36 --------- d-----w C:\Program Files\LRC Editor 4 2008-01-06 18:38 --------- d-----w C:\Program Files\Common Files\ACD Systems 2007-12-29 14:35 --------- d-----w C:\Documents and Settings\pepsaja\Application Data\uTorrent 2007-11-28 19:58 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-11-15 00:53 16,768 ----a-w C:\WINDOWS\system32\tcpip_patcher.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-11-11 12:47 7311360] "nwiz"="nwiz.exe" [2005-11-11 12:47 1519616 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-11-11 12:47 86016] "C-Media Mixer"="C:\Program Files\PCI Audio Applications\Mixer.exe" [2000-09-13 11:03 1085440] "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-11-14 15:05 1410304] "bwprnmon.exe"="C:\BITWARE\NT\bwprnmon.exe" [2008-01-25 12:52 54272] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nlsf"="cmd.exe" [2004-08-03 23:56 388608 C:\WINDOWS\system32\cmd.exe] "nlhr"="C:\WINDOWS\System32\AdvPack.Dll" [2004-08-03 23:56 99840] "tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-03 21:59 44544] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2007-11-11 19:32:41 847872] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "NoInstrumentation"= 1 (0x1) "NoResolveTrack"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "NoInstrumentation"= 1 (0x1) "NoResolveTrack"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) R0 ALiAGP;ALi AGP Bus Filter Driver;C:\WINDOWS\system32\DRIVERS\ALiAGP.sys [2000-08-09 13:08] R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-11-14 15:06] R3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2006-05-04 18:50] S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\system32\Drivers\e4ldr.sys [2006-03-02 19:25] . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-02-15 01:01:33 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ntvdm.exe . ************************************************************************ . Completion time: 2008-02-15 1:02:41 - machine was rebooted ComboFix-quarantined-files.txt 2008-02-15 00:02:30 ComboFix2.txt 2008-02-13 21:37:15 Ja ne znam sta radimo i dokle smo stigli, ali hvala ti u svakom slucaju! Vise nemam onih aktivacija prozora!

Profil

helen1 Poslao: 15 Feb 2008 18:10 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Spybot S&D's Teatimer Pokrenite Spybot S&D Kliknite Mode stavku u meniju Odaberite Advance Mode Na traci levo kliknite na Tools Kliknite na Resident Destiklirajte Resident Tea-Timer Zatvorite Spybot S&D Restartujte kompjuter. Nemojte zaboraviti da ponovo ukljucite ove opcije kada zavrsimo ciscenje. Otvoriti Notepad i iskopirati sledeci tekst: `Registry:: [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}]` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja. Kada zavrsis sa skeniranjem i ciscenjem i ukljucis Spybot S&D's Teatimer dozvoli mu da izvrsi promene u Registry.

Profil

pepsaja Poslao: 15 Feb 2008 18:56 Idi na vrh
offline pepsaja Novi MyCity građanin Pridružio: 16 Nov 2007 Poruke: 16	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-02-13.2 - pepsaja 2008-02-15 18:43:12.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.80 [GMT 1:00] Running from: C:\Documents and Settings\pepsaja\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\pepsaja\Desktop\CFScript.txt WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-01-15 to 2008-02-15 ))))))))))))))))))))))))))))))) . 2008-02-13 22:35 . 2008-02-13 22:35 <DIR> d-------- C:\WINDOWS\system32\xircom 2008-02-13 22:35 . 2008-02-13 22:35 <DIR> d-------- C:\WINDOWS\system32\restore 2008-02-13 22:35 . 2008-02-13 22:37 <DIR> d--hs---- C:\WINDOWS\system32\dllcache 2008-02-13 22:35 . 2008-02-13 22:35 <DIR> d-------- C:\WINDOWS\srchasst 2008-02-13 22:35 . 2008-02-13 22:35 <DIR> d-------- C:\Program Files\microsoft frontpage 2008-02-13 17:42 . 2008-02-13 17:42 1,894 --a------ C:\WINDOWS\system32\tmp.reg 2008-02-13 17:34 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2008-02-13 17:34 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2008-02-13 17:34 . 2008-02-08 23:55 85,504 --a------ C:\WINDOWS\system32\VACFix.exe 2008-02-13 17:34 . 2008-02-08 10:37 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe 2008-02-13 17:34 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe 2008-02-13 17:34 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2008-02-13 17:34 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2008-02-06 20:42 . 2005-11-06 00:03 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll 2008-02-06 20:42 . 2005-11-06 00:03 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2008-02-06 20:42 . 2005-11-06 00:03 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll 2008-02-05 20:19 . 2008-02-05 20:19 0 --a------ C:\LOG2AC.tmp 2008-02-05 20:18 . 2008-02-05 20:20 <DIR> d-------- C:\Documents and Settings\pepsaja\Application Data\U3 2008-01-25 20:42 . 2008-01-25 20:42 <DIR> d-------- C:\wally 2008-01-25 12:57 . 2008-01-25 13:08 0 --a------ C:\WINDOWS\system32\BWFAX 2008-01-25 12:54 . 2008-01-25 12:52 27,648 --a------ C:\WINDOWS\system32\bwprnmon.dll 2008-01-25 12:54 . 2008-01-25 12:54 3,347 --a------ C:\WINDOWS\BWRESTOR.REG 2008-01-25 12:54 . 2008-01-25 12:54 3,045 --a------ C:\WINDOWS\BWCHANGE.REG 2008-01-25 12:54 . 2008-01-25 12:54 0 --a------ C:\WINDOWS\system32\bwprnmon.bak 2008-01-25 12:52 . 2008-01-25 12:52 197,024 --a------ C:\WINDOWS\system\UNIDRV.DLL 2008-01-25 12:52 . 2008-01-25 12:52 37,408 --a------ C:\WINDOWS\system\BITWARED.DRV 2008-01-17 13:22 . 2005-11-06 00:03 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2008-01-15 11:47 . 2008-01-15 11:47 <DIR> d-------- C:\Program Files\Microsoft . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-15 15:57 --------- d-----w C:\Program Files\sXe Injected 2008-01-12 19:36 --------- d-----w C:\Program Files\LRC Editor 4 2008-01-06 18:38 --------- d-----w C:\Program Files\Common Files\ACD Systems 2007-12-29 14:35 --------- d-----w C:\Documents and Settings\pepsaja\Application Data\uTorrent 2007-11-28 19:58 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-11-15 00:53 16,768 ----a-w C:\WINDOWS\system32\tcpip_patcher.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-11-11 12:47 7311360] "nwiz"="nwiz.exe" [2005-11-11 12:47 1519616 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-11-11 12:47 86016] "C-Media Mixer"="C:\Program Files\PCI Audio Applications\Mixer.exe" [2000-09-13 11:03 1085440] "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-11-14 15:05 1410304] "bwprnmon.exe"="C:\BITWARE\NT\bwprnmon.exe" [2008-01-25 12:52 54272] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nlsf"="cmd.exe" [2004-08-03 23:56 388608 C:\WINDOWS\system32\cmd.exe] "nlhr"="C:\WINDOWS\System32\AdvPack.Dll" [2004-08-03 23:56 99840] "tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-03 21:59 44544] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2007-11-11 19:32:41 847872] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "NoInstrumentation"= 1 (0x1) "NoResolveTrack"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "NoInstrumentation"= 1 (0x1) "NoResolveTrack"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) R0 ALiAGP;ALi AGP Bus Filter Driver;C:\WINDOWS\system32\DRIVERS\ALiAGP.sys [2000-08-09 13:08] R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-11-14 15:06] R3 e4usbaw;USB ADSL2 WAN Adapter;C:\WINDOWS\system32\DRIVERS\e4usbaw.sys [2006-05-04 18:50] S2 IKANLOADER2;General Purpose USB Driver (e4ldr.sys);C:\WINDOWS\system32\Drivers\e4ldr.sys [2006-03-02 19:25] . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-02-15 18:44:24 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-02-15 18:45:00 ComboFix-quarantined-files.txt 2008-02-15 17:44:50 ComboFix2.txt 2008-02-15 00:02:41 ComboFix3.txt 2008-02-13 21:37:15

Profil

helen1 Poslao: 15 Feb 2008 19:40 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl:

Profil

pepsaja Poslao: 15 Feb 2008 21:09 Idi na vrh
offline pepsaja Novi MyCity građanin Pridružio: 16 Nov 2007 Poruke: 16	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradjeno! Hvala vam puno!!!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Nije mi jasno

Ko je trenutno na forumu

Ukupno su 1168 korisnika na forumu :: 32 registrovanih, 9 sakrivenih i 1127 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 8u47, A.R.Chafee.Jr., AK - 230, Apok, babaroga, bojanM84, darkojbn, Denaya, djboj, doktor123, ikan, Istman, Karla, Krvava Devetka, ksyyaj, kunktator, kybonacci, Luka Blažević, Marko Marković, mercedesamg, Mercury, milenko crazy north, mnn2, nenad81, procesor, raptorsi, solic, Srle993, Tvrtko I, virked, VladaKG1980, yrraf

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by