MyCity » Ambulanta -> Arhiva Ambulante » Pomozite molim vas... Virtumonde..

Pomozite molim vas... Virtumonde..

Napisano na dan: 27.7.2008

Strana:
1
2

Pomozite molim vas... Virtumonde..

Pagination

Prethodna strana

Odgovori

Strana:
1
2

Djavolchich Poslao: 27 Jul 2008 16:22 Idi na vrh
offline Djavolchich Novi MyCity građanin Pridružio: 07 Jul 2008 Poruke: 22	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-07-26.1 - Nikola 2008-07-27 16:18:56.4 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1482 [GMT 2:00] Running from: C:\Documents and Settings\Nikola\Desktop\Ciscenje\ComboFix.exe Command switches used :: C:\Documents and Settings\Nikola\Desktop\Ciscenje\CFScript.txt * Created a new restore point * Resident AV is active WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-06-27 to 2008-07-27 ))))))))))))))))))))))))))))))) . 2008-07-27 15:01 . 2008-07-27 15:01 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware 2008-07-27 15:01 . 2008-07-27 15:01 <DIR> d-------- C:\Documents and Settings\Nikola\Application Data\Malwarebytes 2008-07-27 15:01 . 2008-07-27 15:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-07-27 15:01 . 2008-07-23 20:09 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-07-27 15:01 . 2008-07-23 20:09 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys 2008-07-18 09:49 . 2008-07-18 09:59 987 --a------ C:\WINDOWS\eReg.dat 2008-07-17 16:29 . 2008-07-17 16:41 162 --a------ C:\WINDOWS\CDPLAYER.INI 2008-07-17 16:28 . 2008-07-17 16:28 <DIR> d-------- C:\WINDOWS\Easy CD-DA Extractor 2008-07-17 16:28 . 2008-07-17 16:29 <DIR> d-------- C:\Program Files\Easy CD-DA Extractor 9 2008-07-12 17:21 . 2008-07-12 17:21 <DIR> d-------- C:\WINDOWS\Sun 2008-07-09 15:30 . 2008-07-26 02:07 <DIR> d-------- C:\Documents and Settings\Nikola\Application Data\iMesh 2008-07-09 15:30 . 2007-11-22 16:00 483,328 --a------ C:\WINDOWS\system32\actskn45.ocx 2008-07-09 15:29 . 2008-07-09 15:29 <DIR> d-------- C:\Program Files\iMesh Applications 2008-07-09 15:20 . 2008-07-09 15:20 <DIR> d-------- C:\Program Files\Sun 2008-07-09 15:20 . 2008-07-18 16:28 <DIR> d-------- C:\Documents and Settings\Nikola\Application Data\LimeWire 2008-07-09 15:20 . 2008-06-10 02:32 73,728 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-07-08 14:46 . 2008-07-08 14:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus! 2008-07-08 14:39 . 2008-07-08 14:40 <DIR> d-------- C:\Program Files\Messenger Plus! Live 2008-07-07 20:04 . 2008-07-18 09:38 <DIR> d-------- C:\Program Files\BSPlayer 2008-07-07 20:03 . 2008-07-07 20:03 <DIR> d-------- C:\Program Files\RadLight 2008-07-07 13:59 . 2008-07-07 14:04 <DIR> d-------- C:\WINDOWS\system32\Adobe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-07-26 18:16 --------- d-----w C:\Program Files\AdVantage 2008-07-18 07:59 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-07-18 07:37 --------- d-----w C:\Program Files\Pinnacle 2008-07-18 07:28 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2008-07-09 13:20 --------- d-----w C:\Program Files\Java 2008-07-08 12:46 --------- d-----w C:\Program Files\SweetIM 2008-07-06 12:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\TrackMania 2008-07-01 10:56 --------- d-----w C:\Program Files\ApexDC++ 2008-06-20 15:39 720,896 ----a-w C:\WINDOWS\iun6002ev.exe 2008-06-19 20:05 --------- d-----w C:\Program Files\Planplus 2008-06-19 20:03 21,840 ----a-w C:\WINDOWS\system32\SIntfNT.dll 2008-06-19 20:03 17,212 ----a-w C:\WINDOWS\system32\SIntf32.dll 2008-06-19 20:03 12,067 ----a-w C:\WINDOWS\system32\SIntf16.dll 2008-06-13 00:02 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-06-13 00:02 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe 2008-06-10 15:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-06-02 20:03 --------- d-----w C:\Documents and Settings\Nikola\Application Data\Mikrotik 2008-05-21 09:36 501,760 ----a-w C:\WINDOWS\system32\Deutz Engine.scr 2008-05-21 09:36 501,760 ----a-w C:\WINDOWS\system32\Deutz Engine.exe 2008-05-02 08:59 1,419,232 ----a-w C:\WINDOWS\system32\wdfcoinstaller01005.dll 2008-05-02 08:58 733,696 ----a-w C:\WINDOWS\system32\nmwcdcocls.dll 2008-05-02 08:58 148,992 ----a-w C:\WINDOWS\system32\nsesetup.dll 2008-03-09 02:24 56 --sh--r C:\WINDOWS\system32\9DF31C3337.sys 2008-03-09 02:24 1,682 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of C:\MSOCache ---- 2008-03-11 00:00 99606559 --a------ C:\MSOCache\All Users\{90120000-0018-0000-0000-0000000FF1CE}-C\PptWW.cab 2008-03-11 00:00 847872 --a------ C:\MSOCache\All Users\{90120000-0018-0000-0000-0000000FF1CE}-C\Office64WW.msi 2008-03-11 00:00 8057 --a------ C:\MSOCache\All Users\{90120000-0018-0000-0000-0000000FF1CE}-C\PowerPointWW.xml 2008-03-11 00:00 6536992 --a------ C:\MSOCache\All Users\{90120000-0018-0000-0000-0000000FF1CE}-C\osetup.dll 2008-03-11 00:00 6272512 --a------ C:\MSOCache\All Users\{90120000-0018-0000-0000-0000000FF1CE}-C\PowerPointWW.msi 2008-03-11 00:00 463152 --a------ C:\MSOCache\All Users\{90120000-0018-0000-0000-0000000FF1CE}-C\setup.exe 2008-03-11 00:00 4151139 --a------ C:\MSOCache\All Users\{90120000-0018-0000-0000-0000000FF1CE}-C\OWOW64WW.cab 2008-03-11 00:00 2310 --a------ C:\MSOCache\All Users\{90120000-0018-0000-0000-0000000FF1CE}-C\Office64WW.xml 2008-03-11 00:00 2004 --a------ C:\MSOCache\All Users\{90120000-0018-0409-0000-0000000FF1CE}-C\Setup.xml 2008-03-11 00:00 1758 --a------ C:\MSOCache\All Users\{90120000-0018-0000-0000-0000000FF1CE}-C\ID_00018.DPC 2008-03-11 00:00 1642496 --a------ C:\MSOCache\All Users\{90120000-0018-0409-0000-0000000FF1CE}-C\PowerPointMUI.msi 2008-03-11 00:00 145184 --a------ C:\MSOCache\All Users\{90120000-0018-0000-0000-0000000FF1CE}-C\ose.exe 2008-03-11 00:00 13422356 --a------ C:\MSOCache\All Users\{90120000-0018-0409-0000-0000000FF1CE}-C\PptLR.cab 2008-03-11 00:00 12719 --a------ C:\MSOCache\All Users\{90120000-0018-0000-0000-0000000FF1CE}-C\Setup.xml 2008-03-10 23:59 1553 --a------ C:\MSOCache\All Users\{90120000-0018-0409-0000-0000000FF1CE}-C\PowerPointMUI.xml 2008-03-10 23:57 8879 --a------ C:\MSOCache\All Users\{90120000-001B-0000-0000-0000000FF1CE}-C\WordWW.xml 2008-03-10 23:57 847872 --a------ C:\MSOCache\All Users\{90120000-001B-0000-0000-0000000FF1CE}-C\Office64WW.msi 2008-03-10 23:57 6536992 --a------ C:\MSOCache\All Users\{90120000-001B-0000-0000-0000000FF1CE}-C\osetup.dll 2008-03-10 23:57 6367744 --a------ C:\MSOCache\All Users\{90120000-001B-0000-0000-0000000FF1CE}-C\WordWW.msi 2008-03-10 23:57 463152 --a------ C:\MSOCache\All Users\{90120000-001B-0000-0000-0000000FF1CE}-C\setup.exe 2008-03-10 23:57 4151139 --a------ C:\MSOCache\All Users\{90120000-001B-0000-0000-0000000FF1CE}-C\OWOW64WW.cab 2008-03-10 23:57 2678 --a------ C:\MSOCache\All Users\{90120000-001B-0409-0000-0000000FF1CE}-C\Setup.xml 2008-03-10 23:57 2310 --a------ C:\MSOCache\All Users\{90120000-001B-0000-0000-0000000FF1CE}-C\Office64WW.xml 2008-03-10 23:57 1798 --a------ C:\MSOCache\All Users\{90120000-001B-0409-0000-0000000FF1CE}-C\WordMUI.xml 2008-03-10 23:57 1758 --a------ C:\MSOCache\All Users\{90120000-001B-0000-0000-0000000FF1CE}-C\ID_0001b.DPC 2008-03-10 23:57 1654272 --a------ C:\MSOCache\All Users\{90120000-001B-0409-0000-0000000FF1CE}-C\WordMUI.msi 2008-03-10 23:57 15368480 --a------ C:\MSOCache\All Users\{90120000-001B-0409-0000-0000000FF1CE}-C\WordLR.cab 2008-03-10 23:57 15065 --a------ C:\MSOCache\All Users\{90120000-001B-0000-0000-0000000FF1CE}-C\Setup.xml 2008-03-10 23:57 145184 --a------ C:\MSOCache\All Users\{90120000-001B-0000-0000-0000000FF1CE}-C\ose.exe 2008-03-10 23:57 106207975 --a------ C:\MSOCache\All Users\{90120000-001B-0000-0000-0000000FF1CE}-C\WordWW.cab 2008-03-10 23:51 9952 --a------ C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\Setup.xml 2008-03-10 23:51 96725111 --a------ C:\MSOCache\All Users\{90120000-0016-0000-0000-0000000FF1CE}-C\ExcelWW.cab 2008-03-10 23:51 847872 --a------ C:\MSOCache\All Users\{90120000-0016-0000-0000-0000000FF1CE}-C\Office64WW.msi 2008-03-10 23:51 8134 --a------ C:\MSOCache\All Users\{90120000-0016-0000-0000-0000000FF1CE}-C\ExcelWW.xml 2008-03-10 23:51 813384 --a------ C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\DW20.EXE 2008-03-10 23:51 813 --a------ C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proofing.xml 2008-03-10 23:51 811 --a------ C:\MSOCache\All Users\{90120000-0010-0409-0000-0000000FF1CE}-C\RosebudMUI.xml 2008-03-10 23:51 7101440 --a------ C:\MSOCache\All Users\{90120000-0016-0000-0000-0000000FF1CE}-C\ExcelWW.msi 2008-03-10 23:51 6536992 --a------ C:\MSOCache\All Users\{90120000-0016-0000-0000-0000000FF1CE}-C\osetup.dll 2008-03-10 23:51 626688 --a------ C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\msvcr80.dll 2008-03-10 23:51 61952 --a------ C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\ShellUI.MST 2008-03-10 23:51 5884 --a------ C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Setup.xml 2008-03-10 23:51 52984 --a------ C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\setup.chm 2008-03-10 23:51 522 --a------ C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\Microsoft.VC80.CRT.manifest 2008-03-10 23:51 518144 --a------ C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.fr\Proof.msi 2008-03-10 23:51 514048 --a------ C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.es\Proof.msi 2008-03-10 23:51 509007 --a------ C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\branding.xml 2008-03-10 23:51 507904 --a------ C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.en\Proof.msi 2008-03-10 23:51 502272 --a------ C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proofing.msi 2008-03-10 23:51 49152 --a------ C:\MSOCache\All Users\{90120000-0010-0409-0000-0000000FF1CE}-C\RosebudMUI.msi 2008-03-10 23:51 463152 --a------ C:\MSOCache\All Users\{90120000-0016-0000-0000-0000000FF1CE}-C\setup.exe 2008-03-10 23:51 439568 --a------ C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\dwdcw20.dll 2008-03-10 23:51 434528 --a------ C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\dwtrig20.exe 2008-03-10 23:51 4151139 --a------ C:\MSOCache\All Users\{90120000-0016-0000-0000-0000000FF1CE}-C\OWOW64WW.cab 2008-03-10 23:51 27084 --a------ C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\pss10r.chm 2008-03-10 23:51 26692203 --a------ C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\OfficeLR.cab 2008-03-10 23:51 2527 --a------ C:\MSOCache\All Users\{90120000-0016-0409-0000-0000000FF1CE}-C\Setup.xml 2008-03-10 23:51 2310 --a------ C:\MSOCache\All Users\{90120000-0016-0000-0000-0000000FF1CE}-C\Office64WW.xml 2008-03-10 23:51 22404970 --a------ C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.en\Proof.cab 2008-03-10 23:51 184632 --a------ C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\osetupui.dll 2008-03-10 23:51 1801 --a------ C:\MSOCache\All Users\{90120000-0016-0409-0000-0000000FF1CE}-C\ExcelMUI.xml 2008-03-10 23:51 1714176 --a------ C:\MSOCache\All Users\{90120000-0016-0409-0000-0000000FF1CE}-C\ExcelMUI.msi 2008-03-10 23:51 1702 --a------ C:\MSOCache\All Users\{90120000-0016-0000-0000-0000000FF1CE}-C\ID_00016.DPC 2008-03-10 23:51 16456790 --a------ C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.es\Proof.cab 2008-03-10 23:51 1581636 --a------ C:\MSOCache\All Users\{90120000-0010-0409-0000-0000000FF1CE}-C\RbudLR.cab 2008-03-10 23:51 1460 --a------ C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.es\Proof.xml 2008-03-10 23:51 1459 --a------ C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.fr\Proof.xml 2008-03-10 23:51 145184 --a------ C:\MSOCache\All Users\{90120000-0016-0000-0000-0000000FF1CE}-C\ose.exe 2008-03-10 23:51 13951171 --a------ C:\MSOCache\All Users\{90120000-0016-0409-0000-0000000FF1CE}-C\ExcelLR.cab 2008-03-10 23:51 1350 --a------ C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.en\Proof.xml 2008-03-10 23:51 12992 --a------ C:\MSOCache\All Users\{90120000-0016-0000-0000-0000000FF1CE}-C\Setup.xml 2008-03-10 23:51 1251 --a------ C:\MSOCache\All Users\{90120000-0010-0409-0000-0000000FF1CE}-C\Setup.xml 2008-03-10 23:51 11479987 --a------ C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.fr\Proof.cab 2008-03-10 23:51 108872 --a------ C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\1033\dwintl20.dll 2008-03-10 23:50 821 --a------ C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\OfficeMUISet.xml 2008-03-10 23:50 6003 --a------ C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\OfficeMUI.xml 2008-03-10 23:50 502272 --a------ C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\OfficeMUISet.msi 2008-03-10 23:50 2398720 --a------ C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\OfficeMUI.msi ---- Directory of C:\MSOCache\90000804-6000-11D3-8CFE-0150048383C0 ---- C:\MSOCache\90000804-6000-11D3-8CFE-0150048383C0\ ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{EEE6C35D-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2008-03-27 14:12 173368] [HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] 2008-03-27 14:12 1164600 --a------ C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-03-27 14:12 1164600] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-03-27 14:12 1164600] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184] "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [2008-03-08 22:56 16384] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-11-24 16:38 94208] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-08 22:04 68856] "PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-03-28 11:20 1079296] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 18:41 1232896] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360] "AdVantage"="C:\Program Files\AdVantage\AdVantage.exe" [2007-11-05 11:12 884176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-03-08 21:29 917504] "LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 23:45 279912] "VX1000"="C:\WINDOWS\vVX1000.exe" [2007-04-10 23:46 709992] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-05-11 00:03 8429568] "RealTray"="C:\Program Files\K-Lite Codec Pack\Real\mpclauncher.exe" [2005-08-17 03:00 658432] "LogitechGalleryRepair"="C:\Program Files\Logitech\ImageStudio\ISStart.exe" [2002-12-10 19:32 155648] "LogitechImageStudioTray"="C:\Program Files\Logitech\ImageStudio\LogiTray.exe" [2002-12-10 19:31 61440] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648] "googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-01 23:22 3739648] "SweetIM"="C:\Program Files\SweetIM\Messenger\SweetIM.exe" [2008-06-15 13:40 111928] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784] "RTHDCPL"="RTHDCPL.EXE" [2007-09-19 12:14 16844800 C:\WINDOWS\RTHDCPL.exe] "nwiz"="nwiz.exe" [2007-05-11 00:03 1626112 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2008-03-26 18:41 1232896] C:\Documents and Settings\Nikola\Start Menu\Programs\Startup\ Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 20:16:50 113664] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-03-08 22:56:22 169472] Reality Fusion GameCam SE.lnk - C:\Program Files\Reality Fusion\Reality Fusion GameCam SE\Program\RFTRay.exe [2000-07-10 21:58:12 323584] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.3iv2"= C:\PROGRA~1\K-LITE~1\codecs\3IVXVF~1.DLL "VIDC.VP60"= C:\PROGRA~1\K-LITE~1\codecs\vp6vfw.dll "VIDC.VP61"= C:\PROGRA~1\K-LITE~1\codecs\vp6vfw.dll "VIDC.VP62"= C:\PROGRA~1\K-LITE~1\codecs\vp6vfw.dll "VIDC.VP70"= C:\PROGRA~1\K-LITE~1\codecs\vp7vfw.dll "VIDC.VP31"= C:\PROGRA~1\K-LITE~1\codecs\vp31vfw.dll "VIDC.FFDS"= C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax "msacm.ac3acm"= C:\PROGRA~1\K-LITE~1\codecs\ac3acm.acm "msacm.l3fhg"= C:\PROGRA~1\K-LITE~1\codecs\l3codecp.acm "VIDC.ACDV"= ACDV.dll "vidc.DIV3"= DivXc32.dll "vidc.DIV4"= DivXc32f.dll "msacm.divxa32"= DivXa32.acm "VIDC.HFYU"= huffyuv.dll "vidc.dvsd"= dvc.dll "msvideo"= o100vc.dll "msvideo1"= o100vc.dll "msvideo2"= o100vc.dll "msvideo3"= o100vc.dll "vidc.asv2"= asusasv2.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winlk38.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Winxd67.sys] @="Driver" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] --a------ 2007-05-11 00:03 8429568 C:\WINDOWS\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] --a------ 2007-05-11 00:03 81920 C:\WINDOWS\system32\nvmctray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] --------- 2004-11-02 21:24 32768 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager] --a------ 2005-12-08 14:55 3096576 C:\Program Files\Yahoo!\Messenger\YPager.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] -r------- 2005-05-03 12:43 69632 C:\WINDOWS\Alcmtr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] --a------ 2007-05-11 00:03 1626112 C:\WINDOWS\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"= "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"= "C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"= "C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\concept design\\onlineTV 4\\onlineTV.exe"= "C:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= R2 MSCamSvc;MSCamSvc;C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 23:45] R3 VX1000;VX-1000;C:\WINDOWS\system32\DRIVERS\VX1000.sys [2007-04-10 23:46] . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-07-27 16:19:39 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-07-27 16:20:09 ComboFix-quarantined-files.txt 2008-07-27 14:19:58 ComboFix2.txt 2008-07-27 13:55:00 ComboFix3.txt 2008-07-27 13:25:37 ComboFix4.txt 2008-07-27 12:46:46 Pre-Run: 7,173,038,080 bytes free Post-Run: 7,161,393,152 bytes free 276

Profil

bobby Poslao: 27 Jul 2008 16:34 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U redu je, mozda ga je tvoj antivirus vec pocistio. Ajmo sada na USB stickove: - skini sledeci program - http://amf.mycity.rs/personal/bobby/USB_blocker/usb_blocker_beta.exe - startuj ga i odaberi opciju Auto block - ubaci USB stick u komp i sacekaj koji sekund (recimo 5-10 sekundi) - program je sada uradio analizu sticka (vidi se u donjem delu programa, u logu) - gore levo klikni duplo na slovo koje oznacava particiju, tj. tvoj USB stick - dole kraj sata ce se pojaviti poruka da smes da izvadis USB stick iz kompa - ne gasi program, vec ubaci sledeci USB stick i za njega isto sacekaj par sekundi, i tako redom za sve stickove, MP3 plejere, mobilni - zapamti kojim redom su ubacivani stickovi Kada sve to zavrsis, log u donjem delu programa ce sadrzati sve podatke koji su meni potrebni da bih video koji stick je zarazen. Klikni desnim dugmetom misa na log/izvestaj i odaberi Save log. Automatski ce se otvoriti Notepad i u njemu izvestaj. Iskopiraj mi taj izvestaj ovde na forum.

Profil

Djavolchich Poslao: 27 Jul 2008 16:41 Idi na vrh
offline Djavolchich Novi MyCity građanin Pridružio: 07 Jul 2008 Poruke: 22	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo izvestaja USB_blocker by bobby Started at 7/27/2008 4:34:52 PM Scanning for connected USB Mass storage... ======================================== ======================================== Scanning for other storage... ======================================== C: ae2a34b0-ed7d-11dc-8690-806d6172696f D: ae2a34b1-ed7d-11dc-8690-806d6172696f E: ae2a34b2-ed7d-11dc-8690-806d6172696f ======================================== New device connected at 7/27/2008 4:35:15 PM Scanning for connected USB Mass storage... ======================================== J: 9794e399-ede2-11dc-ae01-001d7daaf541 ======================================== Scanning USB mass storage for autorun.inf and desktop.ini files... ======================================== Sanitizing Shell Menu... No key for GUID: 9794e399-ede2-11dc-ae01-001d7daaf541 ======================================== New device connected at 7/27/2008 4:37:06 PM Scanning for connected USB Mass storage... ======================================== J: 1978aee6-ed4e-11dc-adf8-001d7daaf541 ======================================== Scanning USB mass storage for autorun.inf and desktop.ini files... ======================================== Sanitizing Shell Menu... No key for GUID: 1978aee6-ed4e-11dc-adf8-001d7daaf541 ======================================== To su 2 USBa, telefon nje tu...

Profil

bobby Poslao: 27 Jul 2008 16:49 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Stickovi su cisti. Uradi ovo isto i za telefon kada bude tu i postavi nam log ovde. Nadam se da se sada komp daleko bolje ponasa nego ranije Nemoj jos brisati programe koje smo skidali da bi smo cistili komp, posto postoje procedure za deinstalaciju, a njih cu ti ja napisati kada budemo imali log i sa mobilnog. Sto se tvog kompa tice (onog drugog), za njega otvori posebnu temu, i u njoj mi postavi logove napravljene pomocu programa HijackThis i programa ComboFix.

Profil

Djavolchich Poslao: 27 Jul 2008 17:27 Idi na vrh
offline Djavolchich Novi MyCity građanin Pridružio: 07 Jul 2008 Poruke: 22	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Meni izgleda da se komp sada ponasa super... Kao da se nista nije desilo... Niste svesni koliko ste mi pomogli ovim... Zaista sam vam zahvalna... Dopuna: 27 Jul 2008 17:27 Upravo sam pokusala da skeniram telefon, ali USB blocker ga ne vidi...

Profil

bobby Poslao: 27 Jul 2008 19:28 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl:

Profil

Djavolchich Poslao: 27 Jul 2008 19:33 Idi na vrh
offline Djavolchich Novi MyCity građanin Pridružio: 07 Jul 2008 Poruke: 22	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradila sam sve to... Komp je super... I jos jednom, hvala vam najlepse!!!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Pomozite molim vas... Virtumonde..

Ko je trenutno na forumu

Ukupno su 783 korisnika na forumu :: 5 registrovanih, 2 sakrivenih i 776 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: goxin, mgolub, MilosKop, S-lash, zziko

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by