MyCity » Ambulanta -> Arhiva Ambulante » Pomoc!

Pomoc!

Napisano na dan: 27.9.2007

Strana:
1
2
3

Pomoc!

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

sajmon Poslao: 29 Sep 2007 14:27 Idi na vrh
offline sajmon Građanin Pridružio: 05 Maj 2006 Poruke: 86	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! uradio sam to u gmer-u sto si mi napisao i iskopirao izvestaje i tamo pise da su mi se iskopirali u clipboard ja neznam gde je to a i uvopste mi se nisu pojavljivali izvestaji u notepad-u da mogu normalno da ih iskopiram?sta treba da uradim

Profil

dr_Bora Poslao: 29 Sep 2007 14:34 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kada završiš skeniranje, klikneš na Copy i onda otvoriš Notepad - tamo desni klik pa Paste i onda sačuvaš taj file. To ponoviš za oba skeniranja a zatim ta dva file-a iskopiraš ovde.

Profil

sajmon Poslao: 30 Sep 2007 18:26 Idi na vrh
offline sajmon Građanin Pridružio: 05 Maj 2006 Poruke: 86	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ovako...uradio sam HJT log i izbrisao one filove...uradio sam ono skeniranje u gmer-u i dobio ovo:

Profil

sajmon Poslao: 30 Sep 2007 18:30 Idi na vrh
offline sajmon Građanin Pridružio: 05 Maj 2006 Poruke: 86	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! file1.txt. GMER 1.0.13.12551 - gmer.net Rootkit scan 2007-09-30 17:54:16 Windows 5.1.2600 Service Pack 2 .... .... ....

Profil

sajmon Poslao: 30 Sep 2007 18:46 Idi na vrh
offline sajmon Građanin Pridružio: 05 Maj 2006 Poruke: 86	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! file2.txt. GMER 1.0.13.12551 - gmer.net Autostart scan 2007-09-30 16:25:02 Windows 5.1.2600 Service Pack 2 HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe, HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ >>> AtiExtEvent@DLLName = Ati2evxx.dll klogon@DLLName = C:\WINDOWS\system32\klogon.dll WgaLogon@DLLName = WgaLogon.dll HKLM\SYSTEM\CurrentControlSet\Services\ >>> Ati HotKey Poller@ = %SystemRoot%\system32\Ati2evxx.exe ATI Smart /ATI Smart/@ = C:\WINDOWS\system32\ati2sgag.exe AVP /Kaspersky Anti-Virus 7.0/@ = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r BOCore /BOCore/@ = C:\Program Files\Comodo\CBOClean\BOCORE.exe ehRecvr /Media Center Receiver Service/@ = C:\WINDOWS\eHome\ehRecvr.exe ehSched /Media Center Scheduler Service/@ = C:\WINDOWS\eHome\ehSched.exe Fax /Fax/@ = %systemroot%\system32\fxssvc.exe IISADMIN /IIS Admin/@ = C:\WINDOWS\system32\inetsrv\inetinfo.exe McAfee HackerWatch Service /McAfee HackerWatch Service/@ = "C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe" McProxy /McAfee Proxy Service/@ = c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe McrdSvc /Media Center Extender Service/@ = C:\WINDOWS\ehome\mcrdsvc.exe McRedirector /McAfee Redirector Service/@ = c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe MSFtpsvc /FTP Publishing/@ = %SystemRoot%\system32\inetsrv\inetinfo.exe MSMQ /Message Queuing/@ = C:\WINDOWS\system32\mqsvc.exe MSMQTriggers /Message Queuing Triggers/@ = C:\WINDOWS\system32\mqtgsvc.exe MSSQL$MSSMLBIZ /SQL Server (MSSMLBIZ)/@ = "c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ MSSQL$SONY_MEDIAMGR /MSSQL$SONY_MEDIAMGR/@ = C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -sSONY_MEDIAMGR /file not found/ pr2akdnc /You Are Empty Drivers Auto Removal (pr2akdnc)/@ = %SystemRoot%\system32\pr2akdnc.exe svc SMTPSVC /Simple Mail Transport Protocol (SMTP)/@ = C:\WINDOWS\system32\inetsrv\inetinfo.exe SNMP /SNMP Service/@ = %SystemRoot%\System32\snmp.exe Spooler /Print Spooler/@ = %SystemRoot%\system32\spoolsv.exe SQLBrowser /SQL Server Browser/@ = "c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe" SQLWriter /SQL Server VSS Writer/@ = "c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" SurferService /AutomatedSurfer/@ = C:\WINDOWS\system32\srvany.exe W3SVC /World Wide Web Publishing/@ = %SystemRoot%\system32\inetsrv\inetinfo.exe WMPNetworkSvc /Windows Media Player Network Sharing Service/@ = C:\Program Files\Windows Media Player\WMPNetwk.exe x10nets /X10 Device Network Service/@ = C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>> @ehTrayC:\WINDOWS\ehome\ehtray.exe = C:\WINDOWS\ehome\ehtray.exe @HDAudDeckC:\Program Files\VIAudioi\HDADeck\HDeck.exe 1 /file not found/ = C:\Program Files\VIAudioi\HDADeck\HDeck.exe 1 /file not found/ @AntivirusRegistrationC:\Program Files\CA\Etrust Antivirus\Register.exe = C:\Program Files\CA\Etrust Antivirus\Register.exe @CHotkeymHotkey.exe = mHotkey.exe @ledpointerCNYHKey.exe = CNYHKey.exe @NeroFilterCheckC:\WINDOWS\system32\NeroCheck.exe = C:\WINDOWS\system32\NeroCheck.exe @Windows Media Connect 2"C:\Program Files\Windows Media Connect 2\wmccfg.exe" /StartQuiet = "C:\Program Files\Windows Media Connect 2\wmccfg.exe" /StartQuiet @DAEMON Tools"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 = "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 @USBToolTip"C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" = "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" @iTunesHelper"C:\Program Files\iTunes\iTunesHelper.exe" = "C:\Program Files\iTunes\iTunesHelper.exe" @QuickTime Task"C:\Program Files\QuickTime\qttask.exe" -atboottime = "C:\Program Files\QuickTime\qttask.exe" -atboottime @AVP"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" = "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" @TkBellExe"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot @BOC-425C:\PROGRA~1\Comodo\CBOClean\BOC425.exe = C:\PROGRA~1\Comodo\CBOClean\BOC425.exe HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>> @vEmotionC:\Program Files\freebird\vEmotion\vEmotion.exe /autorun /file not found/ = C:\Program Files\freebird\vEmotion\vEmotion.exe /autorun /file not found/ @ctfmon.exeC:\WINDOWS\system32\ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe @SweetIMC:\Program Files\Macrogaming\SweetIM\SweetIM.exe = C:\Program Files\Macrogaming\SweetIM\SweetIM.exe @MSMSGS"C:\Program Files\Messenger\msmsgs.exe" /background = "C:\Program Files\Messenger\msmsgs.exe" /background @WMPNSCFGC:\Program Files\Windows Media Player\WMPNSCFG.exe = C:\Program Files\Windows Media Player\WMPNSCFG.exe HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad@WPDShServiceObj = C:\WINDOWS\system32\WPDShServiceObj.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler@{01b55afa-f451-474b-9e91-c35b24d02641} = C:\WINDOWS\system32\qrzsyr.dll /file not found/ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>> @{42071714-76d4-11d1-8b24-00a0c9068ff3} /Display Panning CPL Extension/(null) = @{596AB062-B4D2-4215-9F74-E9109B0A8153} /Previous Versions Property Page/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll @{9DB7A13C-F208-4981-8353-73CC61AE2783} /Previous Versions/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll @{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /Autoplay for SlideShow/(null) = @{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /Extensions Manager Folder/%SystemRoot%\system32\extmgr.dll = %SystemRoot%\system32\extmgr.dll @{e82a2d71-5b2f-43a0-97b8-81be15854de8} /ShellLink for Application References/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll @{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /Shell Icon Handler for Application References/C:\WINDOWS\system32\dfshim.dll = C:\WINDOWS\system32\dfshim.dll @{5a61f7a0-cde1-11cf-9113-00aa00425c62} /IIS Shell Extension/C:\WINDOWS\system32\inetsrv\w3ext.dll = C:\WINDOWS\system32\inetsrv\w3ext.dll @{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D} /Messenger Sharing Folders/C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll = C:\Program Files\MSN Messenger\fsshext.8.1.0178.00.dll @{B41DB860-8EE4-11D2-9906-E49FADC173CA} /WinRAR shell extension/C:\Program Files\WinRAR\rarext.dll = C:\Program Files\WinRAR\rarext.dll @{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} /Shell Extensions for RealOne Player/C:\Program Files\Real\RealPlayer\rpshell.dll = C:\Program Files\Real\RealPlayer\rpshell.dll @{32020A01-506E-484D-A2A8-BE3CF17601C3} /AlcoholShellEx/(null) = @{35786D3C-B075-49b9-88DD-029876E11C01} /Portable Devices/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll @{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} /Portable Devices Menu/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll @{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} /iTunes/C:\Program Files\iTunes\iTunesMiniPlayer.dll = C:\Program Files\iTunes\iTunesMiniPlayer.dll @{85E0B171-04FA-11D1-B7DA-00A0C90348D6} /Web Anti-Virus statistics/C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll HKLM\Software\Classes\\shellex\ContextMenuHandlers\ >>> Kaspersky Anti-Virus@{dd230880-495a-11d1-b064-008048ec2fc5} = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\ShellEx.dll WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>> Kaspersky Anti-Virus@{dd230880-495a-11d1-b064-008048ec2fc5} = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\ShellEx.dll WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>> @{02478D38-C3F9-4EFB-9B51-7695ECA05670}C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll = C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll @{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll @{1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A}C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll = C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll @{3049C3E9-B461-4BC5-8870-4C09146192CA}C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll = C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll @{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll = C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll @{9030D464-4C02-4ABF-8ECC-5164760863C6}C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll @{AA58ED58-01DD-4d91-8333-CF10577473F7}c:\program files\google\googletoolbar1.dll = c:\program files\google\googletoolbar1.dll @{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}C:\Program Files\Windows Live Toolbar\msntb.dll = C:\Program Files\Windows Live Toolbar\msntb.dll HKLM\Software\Microsoft\Internet Explorer\Main >>> @Default_Page_URLhttp://www.yahoo.com = yahoo.com @Start Pagehttp://www.yahoo.com = yahoo.com @Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm HKCU\Software\Microsoft\Internet Explorer\Main >>> @Start Pagehttp://www.yahoo.com = yahoo.com @Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm HKLM\Software\Classes\PROTOCOLS\Handler\ >>> dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll its@CLSID = C:\WINDOWS\system32\itss.dll livecall@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll ms-its@CLSID = C:\WINDOWS\system32\itss.dll msnim@CLSID = C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL mso-offdap11@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL tv@CLSID = C:\WINDOWS\system32\msvidctl.dll HKLM\Software\Classes\PROTOCOLS\Handler\wia@CLSID = C:\WINDOWS\system32\wiascr.dll C:\Documents and Settings\Veljko\Start Menu\Programs\Startup >>> Adobe Gamma.lnk = Adobe Gamma.lnk Yahoo! Widget Engine.lnk = Yahoo! Widget Engine.lnk C:\Documents and Settings\All Users\Start Menu\Programs\Startup = Hurtigstart for Adobe Reader.lnk ---- EOF - GMER 1.0.13 ---- Dopuna: 30 Sep 2007 18:46 evo ga i log iz HTJ: Logfile of HijackThis v1.99.1 Scan saved at 18:42:57, on 30.09.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Program Files\Comodo\CBOClean\BOCORE.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe C:\WINDOWS\System32\snmp.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\srvany.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\system32\fxssvc.exe C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\Program Files\VIAudioi\HDADeck\HDeck.exe C:\WINDOWS\mHotkey.exe C:\WINDOWS\CNYHKey.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\PROGRA~1\Comodo\CBOClean\BOC425.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\utorrent\utorrent.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Veljko\My Documents\Svastara\zastita\tr3.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = us.rd.yahoo.com/customize/ycomp/defaults/sb/http://www.yahoo.com/search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = us.rd.yahoo.com/customize/ycomp/defaults/sp/http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = us.rd.yahoo.com/customize/ycomp/defaults/su/http://www.yahoo.com R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: ImageShack Toolbar - {6932D140-ABC4-4073-A44C-D4A541665E35} - C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIAudioi\HDADeck\HDeck.exe 1 O4 - HKLM\..\Run: [AntivirusRegistration] C:\Program Files\CA\Etrust Antivirus\Register.exe O4 - HKLM\..\Run: [CHotkey] mHotkey.exe O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Windows Media Connect 2] "C:\Program Files\Windows Media Connect 2\wmccfg.exe" /StartQuiet O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [BOC-425] C:\PROGRA~1\Comodo\CBOClean\BOC425.exe O4 - HKCU\..\Run: [vEmotion] C:\Program Files\freebird\vEmotion\vEmotion.exe /autorun O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Post Image to Blog - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5003 O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage O8 - Extra context menu item: Tag This Image - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5002 O8 - Extra context menu item: Upload All Images to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5000 O8 - Extra context menu item: Upload Image to ImageShack - res://C:\WINDOWS\ImageShackToolbar\ImageShackToolbar.dll/5001 O8 - Extra context menu item: Åpne i ny bakgrunnsflik - res://C:\Program Files\Windows Live Toolbar\Components\nb-no\msntabres.dll.mui/229?9268bbeef1b24d1a93f4b6036ccb0e11 O8 - Extra context menu item: Åpne i ny forgrunnsflik - res://C:\Program Files\Windows Live Toolbar\Components\nb-no\msntabres.dll.mui/230?9268bbeef1b24d1a93f4b6036ccb0e11 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.coop.no O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} (ImageShack Toolbar) - toolbar.imageshack.us/toolbar/ImageShackToolbar.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing) O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe O23 - Service: SQL Server (MSSMLBIZ) (MSSQL$MSSMLBIZ) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ (file missing) O23 - Service: You Are Empty Drivers Auto Removal (pr2akdnc) (pr2akdnc) - Cenega Publishing - C:\WINDOWS\system32\pr2akdnc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: AutomatedSurfer (SurferService) - Unknown owner - C:\WINDOWS\system32\srvany.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe a evo i rapport.txt. : SmitFraudFix v2.232 Scan done at 19:37:38,26, 28.09.2007 Run from C:\Documents and Settings\Veljko\Desktop\SmitfraudFix OS: Microsoft Windows XP [Versjon 5.1.2600] - Windows_NT The filesystem type is NTFS Fix run in normal mode »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{01b55afa-f451-474b-9e91-c35b24d02641}"="boob" [HKEY_CLASSES_ROOT\CLSID\{01b55afa-f451-474b-9e91-c35b24d02641}\InProcServer32] @="C:\WINDOWS\system32\qrzsyr.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{01b55afa-f451-474b-9e91-c35b24d02641}\InProcServer32] @="C:\WINDOWS\system32\qrzsyr.dll" »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: VIA Rhine II Fast Ethernet Adapter #2 - Kaspersky Anti-Virus NDIS Miniport DNS Server Search Order: 195.134.40.18 DNS Server Search Order: 195.134.40.14 Description: RCA USB Cable Modem - Kaspersky Anti-Virus NDIS Miniport DNS Server Search Order: 193.213.112.4 DNS Server Search Order: 130.67.15.198 DNS Server Search Order: 130.67.60.68 Description: VIA Rhine II Fast Ethernet Adapter #2 - Kaspersky Anti-Virus NDIS Miniport DNS Server Search Order: 193.213.112.4 DNS Server Search Order: 192.168.0.1 Description: RCA USB Cable Modem - Kaspersky Anti-Virus NDIS Miniport DNS Server Search Order: 195.134.40.18 DNS Server Search Order: 195.134.40.14 HKLM\SYSTEM\CCS\Services\Tcpip\..\{21B48BF8-9C87-48E2-A255-D87EC536144E}: DhcpNameServer=193.213.112.4 192.168.0.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{265A2082-B337-469C-8805-D38368B42B7F}: DhcpNameServer=195.134.40.18 195.134.40.14 HKLM\SYSTEM\CCS\Services\Tcpip\..\{5E25966C-9ABD-49CB-95F3-9386EA6FEFBA}: DhcpNameServer=193.213.112.4 130.67.15.198 130.67.60.68 HKLM\SYSTEM\CCS\Services\Tcpip\..\{63CE27CF-33EF-44B3-8150-D51F7924D150}: DhcpNameServer=195.134.40.18 195.134.40.14 HKLM\SYSTEM\CS1\Services\Tcpip\..\{21B48BF8-9C87-48E2-A255-D87EC536144E}: DhcpNameServer=193.213.112.4 192.168.0.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{265A2082-B337-469C-8805-D38368B42B7F}: DhcpNameServer=195.134.40.18 195.134.40.14 HKLM\SYSTEM\CS1\Services\Tcpip\..\{5E25966C-9ABD-49CB-95F3-9386EA6FEFBA}: DhcpNameServer=193.213.112.4 130.67.15.198 130.67.60.68 HKLM\SYSTEM\CS1\Services\Tcpip\..\{63CE27CF-33EF-44B3-8150-D51F7924D150}: DhcpNameServer=195.134.40.18 195.134.40.14 HKLM\SYSTEM\CS3\Services\Tcpip\..\{21B48BF8-9C87-48E2-A255-D87EC536144E}: DhcpNameServer=193.213.112.4 192.168.0.1 HKLM\SYSTEM\CS3\Services\Tcpip\..\{265A2082-B337-469C-8805-D38368B42B7F}: DhcpNameServer=195.134.40.18 195.134.40.14 HKLM\SYSTEM\CS3\Services\Tcpip\..\{5E25966C-9ABD-49CB-95F3-9386EA6FEFBA}: DhcpNameServer=193.213.112.4 130.67.15.198 130.67.60.68 HKLM\SYSTEM\CS3\Services\Tcpip\..\{63CE27CF-33EF-44B3-8150-D51F7924D150}: DhcpNameServer=195.134.40.18 195.134.40.14 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=193.213.112.4 130.67.15.198 130.67.60.68 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=193.213.112.4 130.67.15.198 130.67.60.68 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=193.213.112.4 192.168.0.1 »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning imam i jedno pitanje...cesto mi se komp sam iskljuci sta bit o moglo prouzrokovati? da li je to zbog ovih virusa i gresaka ili???hvala jos jednom na svemu...

Profil

dr_Bora Poslao: 30 Sep 2007 18:53 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Molim te da proveriš da li si iskopirao kompletan file1.txt. Čini mi se da nije kompletan.

Profil

sajmon Poslao: 30 Sep 2007 19:09 Idi na vrh
offline sajmon Građanin Pridružio: 05 Maj 2006 Poruke: 86	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! fail zauzima mnogo pa ce morati da se salje iz sigurno 10 delova....sta da radim...da ga saljem tako ili???

Profil

dr_Bora Poslao: 30 Sep 2007 19:15 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Koristi opciju ''Prikači fajl'' da bi priložio file1.txt uz poruku.

Profil

sajmon Poslao: 30 Sep 2007 19:28 Idi na vrh
offline sajmon Građanin Pridružio: 05 Maj 2006 Poruke: 86	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: ahaaaa vidi stvarooo sad sam video.. ponovo sam ga morao deliti u dva dela jer je bilo preveliko.... prvi deo mycity.rs/must-login.png drugi deo mycity.rs/must-login.png

Profil

dr_Bora Poslao: 30 Sep 2007 20:41 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pokreni HT, skeniraj i čekiraj sledeću liniju: O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage Zatvori IE a zatim klikni na Fix Checked. ------------------------------- Obriši sledeće (file i folder): C:\WINDOWS\system32\SurferClient.exe C:\Program Files\Instant Messenger Names\ ------------------------------ Isprati sledeća uputstva: Iskljucivanje System Restore-a Na Desktopu, desni klik na My Computer. Odaberite Properties. Odaberite System Restore tab. Stiklirajte Turn off System Restore. Kliknite na dugme Apply. Kliknite na dugme OK. Restartuj kompjuter. Ukljucivanje System Restore-a Na Desktopu, desni klik na My Computer. Odaberite Properties. Odaberite System Restore tab. Destiklirajte Turn off System Restore. Kliknite na dugme Apply. Kliknite na dugme OK. -------------------------------------------- I ovime smo gotovi. Malware-a na tvome kompjuteru više nema. Problemi koje pominješ su možda bili prouzrokovani malware-om, i ako je tako, onda se više neće ponavljati. No, ukoliko se budu ponavljali, preporučujem da potražiš pomoć na forumima Hardver ili Windows.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Pomoc!

Ko je trenutno na forumu

Ukupno su 1204 korisnika na forumu :: 37 registrovanih, 5 sakrivenih i 1162 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: anta, Brana01, CikaKURE, Dannyboy, deimos25, Dimitrise93, djboj, DragoslavS, dushan, Excalibur13, HogarStrashni, ikan, ivan1973, Karla, Krvava Devetka, kubura91, laurusri, Lazarus, madza, MB120mm, Mi lao shu, muaddib, nebkv, nemkea71, Oscar2, Panter, pein, Pikac-47, procesor, sovanova95, Srle993, stalja, suton, Tvrtko I, vladulns, |_MeD_|, žeks62

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by