MyCity » Ambulanta -> Arhiva Ambulante » Opasna infekcija

Opasna infekcija

Napisano na dan: 26.8.2010

Strana:
1
2

Opasna infekcija

Pagination

Prethodna strana

Odgovori

Strana:
1
2

paskale Poslao: 27 Avg 2010 18:12 Idi na vrh
offline paskale Građanin Pridružio: 25 Nov 2007 Poruke: 296	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 10-08-26.04 - User 27.08.2010 18:03:35.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.547 [GMT 2:00] Running from: d:\documents and settings\User\My Documents\Downloads\ComboFix.exe Command switches used :: c:\documents and settings\User\Desktop\CFScript.txt.txt AV: avast! antivirus 4.8.1368 [VPS 100827-0] On-access scanning enabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} FILE :: "c:\windows\system32\cfgnm.dll" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_EGRLKRHA -------\Service_egrlkrha ((((((((((((((((((((((((( Files Created from 2010-07-27 to 2010-08-27 ))))))))))))))))))))))))))))))) . 2010-08-27 08:35 . 2010-08-27 08:35 -------- d-----w- c:\windows\system32\wbem\snmp 2010-08-27 08:35 . 2010-08-27 08:35 -------- d-----w- c:\windows\system32\xircom 2010-08-27 08:35 . 2010-08-27 08:35 -------- d-----w- c:\program files\microsoft frontpage 2010-08-27 08:33 . 2009-11-24 22:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-08-27 08:33 . 2009-11-24 22:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-08-27 08:24 . 2010-08-27 08:24 -------- d-----w- c:\program files\CCleaner 2010-08-27 06:42 . 2010-08-27 06:42 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\Ahead . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . . ------- Sigcheck ------- [-] 2007-10-27 . A11391BE25035570AE4B8970920F2C74 . 360704 . . [5.1.2600.3002] . . c:\windows\system32\drivers\tcpip.sys [-] 2007-10-27 . 24FCD8FB0C6BD0E5F3B1203769948336 . 2346752 . . [5.1.2600.3181] . . c:\windows\system32\ntoskrnl.exe [-] 2007-10-27 . 95E8B55443BD91DAB5632924D2616A1E . 2223616 . . [5.1.2600.3181] . . c:\windows\system32\ntkrnlpa.exe . ((((((((((((((((((((((((((((( [Link mogu videti samo ulogovani korisnici] ))))))))))))))))))))))))))))))))))))))))) . + 2010-08-27 08:35 . 2010-08-27 08:35 16384 c:\windows\Temp\Perflib_Perfdata_7d8.dat + 2010-08-27 16:09 . 2010-08-27 16:09 16384 c:\windows\Temp\Perflib_Perfdata_7b0.dat + 2004-08-03 21:00 . 2010-08-27 08:37 40196 c:\windows\system32\perfc009.dat - 2004-08-03 21:00 . 2010-08-27 05:49 40196 c:\windows\system32\perfc009.dat + 2010-01-26 20:51 . 2009-11-24 22:49 48560 c:\windows\system32\drivers\aswTdi.sys + 2010-01-26 20:51 . 2009-11-24 22:48 23120 c:\windows\system32\drivers\aswRdr.sys + 2010-01-26 20:51 . 2009-11-24 22:50 94160 c:\windows\system32\drivers\aswmon2.sys + 2010-01-26 20:51 . 2009-11-24 22:51 93424 c:\windows\system32\drivers\aswmon.sys + 2010-01-26 20:51 . 2009-11-24 22:47 27408 c:\windows\system32\drivers\aavmker4.sys + 2010-01-26 20:51 . 2009-11-24 22:47 97480 c:\windows\system32\AvastSS.scr + 2004-08-03 21:00 . 2010-08-27 08:37 311934 c:\windows\system32\perfh009.dat - 2004-08-03 21:00 . 2010-08-27 05:49 311934 c:\windows\system32\perfh009.dat + 2010-01-26 20:50 . 2009-11-24 22:54 1280480 c:\windows\system32\aswBoot.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2007-09-26 1232384] "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-17 3872080] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 202024] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-13 8466432] "nwiz"="nwiz.exe" [2007-07-13 1626112] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-13 81920] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-04-01 1368064] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2007-09-26 1232384] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_3"="advpack.dll" [2007-10-27 124928] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv] 2005-12-21 06:57 176128 ----a-w- c:\progra~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [27.8.2010 10:33 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [27.8.2010 10:33 20560] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}] 2007-10-27 07:26 124928 ----a-w- c:\windows\system32\advpack.dll . . ------- Supplementary Scan ------- . FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\ha1ryb16.default\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2010-08-27 18:09 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(820) c:\progra~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll - - - - - - - > 'explorer.exe'(3124) c:\windows\system32\SHDOCVW.dll c:\program files\Windows Media Player\wmpband.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\windows\system32\RUNDLL32.EXE c:\windows\system32\nvsvc32.exe c:\program files\Analog Devices\SoundMAX\SMAgent.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe c:\windows\system32\wscntfy.exe c:\program files\Common Files\Nero\Lib\NMIndexingService.exe c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe . ************************************************************************ . Completion time: 2010-08-27 18:11:54 - machine was rebooted ComboFix-quarantined-files.txt 2010-08-27 16:11 ComboFix2.txt 2010-08-27 06:20 Pre-Run: 149.318.332.416 bytes free Post-Run: 149.261.434.880 bytes free - - End Of File - - 15A779956FF3CEED73093B8D1BCEFDA7

Profil

helen1 Poslao: 27 Avg 2010 18:35 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\windows\system32\cfgnm.dll` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

paskale Poslao: 27 Avg 2010 19:15 Idi na vrh
offline paskale Građanin Pridružio: 25 Nov 2007 Poruke: 296	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 10-08-26.04 - User 27.08.2010 19:06:44.3.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.704 [GMT 2:00] Running from: d:\documents and settings\User\My Documents\Downloads\ComboFix.exe Command switches used :: c:\documents and settings\User\Desktop\CFScript.txt AV: avast! antivirus 4.8.1368 [VPS 100827-0] On-access scanning disabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} FILE :: "c:\windows\system32\cfgnm.dll" . ((((((((((((((((((((((((( Files Created from 2010-07-27 to 2010-08-27 ))))))))))))))))))))))))))))))) . 2010-08-27 08:35 . 2010-08-27 08:35 -------- d-----w- c:\windows\system32\wbem\snmp 2010-08-27 08:35 . 2010-08-27 08:35 -------- d-----w- c:\windows\system32\xircom 2010-08-27 08:35 . 2010-08-27 08:35 -------- d-----w- c:\program files\microsoft frontpage 2010-08-27 08:33 . 2009-11-24 22:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-08-27 08:33 . 2009-11-24 22:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-08-27 08:24 . 2010-08-27 08:24 -------- d-----w- c:\program files\CCleaner 2010-08-27 06:42 . 2010-08-27 06:42 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\Ahead . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . . ------- Sigcheck ------- [-] 2007-10-27 . A11391BE25035570AE4B8970920F2C74 . 360704 . . [5.1.2600.3002] . . c:\windows\system32\drivers\tcpip.sys [-] 2007-10-27 . 24FCD8FB0C6BD0E5F3B1203769948336 . 2346752 . . [5.1.2600.3181] . . c:\windows\system32\ntoskrnl.exe [-] 2007-10-27 . 95E8B55443BD91DAB5632924D2616A1E . 2223616 . . [5.1.2600.3181] . . c:\windows\system32\ntkrnlpa.exe . ((((((((((((((((((((((((((((( [Link mogu videti samo ulogovani korisnici] ))))))))))))))))))))))))))))))))))))))))) . + 2010-08-27 16:43 . 2010-08-27 16:43 16384 c:\windows\Temp\Perflib_Perfdata_7ac.dat + 2004-08-03 21:00 . 2010-08-27 08:37 40196 c:\windows\system32\perfc009.dat - 2004-08-03 21:00 . 2010-08-27 05:49 40196 c:\windows\system32\perfc009.dat + 2010-01-26 20:51 . 2009-11-24 22:49 48560 c:\windows\system32\drivers\aswTdi.sys + 2010-01-26 20:51 . 2009-11-24 22:48 23120 c:\windows\system32\drivers\aswRdr.sys + 2010-01-26 20:51 . 2009-11-24 22:50 94160 c:\windows\system32\drivers\aswmon2.sys + 2010-01-26 20:51 . 2009-11-24 22:51 93424 c:\windows\system32\drivers\aswmon.sys + 2010-01-26 20:51 . 2009-11-24 22:47 27408 c:\windows\system32\drivers\aavmker4.sys + 2010-01-26 20:51 . 2009-11-24 22:47 97480 c:\windows\system32\AvastSS.scr + 2004-08-03 21:00 . 2010-08-27 08:37 311934 c:\windows\system32\perfh009.dat - 2004-08-03 21:00 . 2010-08-27 05:49 311934 c:\windows\system32\perfh009.dat + 2010-01-26 20:50 . 2009-11-24 22:54 1280480 c:\windows\system32\aswBoot.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2007-09-26 1232384] "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-17 3872080] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 202024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-13 8466432] "nwiz"="nwiz.exe" [2007-07-13 1626112] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-13 81920] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-04-01 1368064] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2007-09-26 1232384] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_3"="advpack.dll" [2007-10-27 124928] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv] 2005-12-21 06:57 176128 ----a-w- c:\progra~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [27.8.2010 10:33 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [27.8.2010 10:33 20560] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}] 2007-10-27 07:26 124928 ----a-w- c:\windows\system32\advpack.dll . . ------- Supplementary Scan ------- . FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\ha1ryb16.default\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45); c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2010-08-27 19:10 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(820) c:\progra~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll - - - - - - - > 'explorer.exe'(800) c:\windows\system32\SHDOCVW.dll c:\program files\Windows Media Player\wmpband.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . Completion time: 2010-08-27 19:11:53 ComboFix-quarantined-files.txt 2010-08-27 17:11 ComboFix2.txt 2010-08-27 16:11 ComboFix3.txt 2010-08-27 06:20 Pre-Run: 149.254.963.200 bytes free Post-Run: 149.248.188.416 bytes free - - End Of File - - 2C539B020E6A5CC358BA16BAF544488D

Profil

helen1 Poslao: 27 Avg 2010 20:38 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Gotovo. Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. Pozz

Profil

paskale Poslao: 27 Avg 2010 20:59 Idi na vrh
offline paskale Građanin Pridružio: 25 Nov 2007 Poruke: 296	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Vala sam ispostavljao ovi logova dosta. Vrijedilo je, hvala ti mnogo.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Opasna infekcija

Ko je trenutno na forumu

Ukupno su 1308 korisnika na forumu :: 179 registrovanih, 10 sakrivenih i 1119 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, acov34, airliners, ajo baba, ALEKSICMILE, aleph_one, Alojzije, alternator, ambra, amstel, anbeast, AndrejPetar, Andrija357, Antoni S, Aristotle2002, Asparagus, babaroga, Betta, black_arrow, Bobrock1, boj.an, bojcistv, Bojke549, Bolencebl, boromir, BORUTUS, boxbole, Brabant, BraneS, celt, cojapop, Crazzer, cuvarkuca, cvrle312, cyprus, Dare, darth bane, DENIRO, desmeki, djonsule, Djordje29, DJUNTA, Dolinc, DonRumataEstorski, Dovla 1980, dule10savic, duro1990duro, dushan, Džekson, Foxdie, GeoM, Gitzherai, goran.vvv, goxin, Great White, grenadir, GveX, Hans Gajger, Heavy Jerk, Hemi, HrcAk47, ILGromovnik, Ivan Campo, ivan1973, ivicasimo, Jager715510, jodzula, Johny Sack, kalens021, Kamov, kib, king111, kljajajunior, koliko, krasta, kreker, kuntakinte, Lazarus, Lazur_01, Lep1na, LostInSpaceandTime, Lucije Kvint, MaCS, Malahit, markolopin, marsi, medaTT, mercedesamg, mgolub, MiGac, mikidragi, mile.ilic75, milenko crazy north, MiljanXD, milos.cbr, milos1231, mir juzni, miroslav tamnavski, Misirac, mm1811, mnn2, monomah, MR Z, MrG, mrm, Muki 123, Natuzzi, Nemanja.M, nenad81, nikolapetkovic, Nmr, Novakomp, obsidian, oddsock, Ognjen D., Oklopnjak, Orlova, pds, Perudin_92, perunnurep, picknick, Polemarchoi, precan, Prečanin30, Primus17, proka89, pvjantar, pzoca, Radula, radza1, RajkoB, raptorsi, RJ, romark, samocitam, sap, Shinobi, sina_1, Sky diver 29, sluga, Smiljkovich, Smor, sova72, Srpska zauvjek, Str2022, taomaster, theBorer, Topaz9, trajkoni018, travisrise, troki1971, Valter071, vathra, Vatreni Zmaj, vdeki, Velizar Laro, vensla, Vica1958, VJ, Vlad000, Vlada78, Vladko, Vojkan Petrovic, vojnik švejk, vukovi, vzd1389, x011, Zastava, zdrebac, zmajbre, zokizemun, Zoran1959, zoran77, Zoran_Partizan, zule2, zzeljko, zziko, |_MeD_|, 787

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by