MyCity » Ambulanta -> Arhiva Ambulante » Problem sa nepoznatim mailovima

Problem sa nepoznatim mailovima

Napisano na dan: 5.5.2007

Strana:
1
2
3
4

Problem sa nepoznatim mailovima

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3
4

vl Poslao: 08 Maj 2007 11:33 Idi na vrh
offline vl Novi MyCity građanin Pridružio: 05 Maj 2007 Poruke: 18	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovaj scan mi bas dugo traje. Jeli to tako treba? Da ga ne diram? Dopuna: 08 Maj 2007 11:13 Ovaj scan mi bas dugo traje. To tako treba? Da ga ne prekidam? Dopuna: 08 Maj 2007 11:33 Zavsio je. Evo liste: catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, gmer.net Rootkit scan 2007-05-08 09:07:31 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... C:\Documents and Settings\vlado\Local Settings\Application Data\Microsoft\Messenger\vladoleovac@hotmail.com\SharingMetadata\dorotea9@hotmail.co.uk\DFSR\Staging\CS{167361D6-9FE6-609D-72FA-F7E05E5605D6}\01\10-{167361D6-9FE6-609D-72FA-F7E05E5605D6}-v1-{22EA2ACA-E2FB-463D-952D-87020C0C66CF}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API C:\Documents and Settings\vlado\Local Settings\Application Data\Microsoft\Messenger\vladoleovac@hotmail.com\SharingMetadata\dorotea9@hotmail.co.uk\DFSR\Staging\CS{167361D6-9FE6-609D-72FA-F7E05E5605D6}\01\10-{167361D6-9FE6-609D-72FA-F7E05E5605D6}-v1-{22EA2ACA-E2FB-463D-952D-87020C0C66CF}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API C:\Documents and Settings\vlado\Local Settings\Application Data\Microsoft\Messenger\vladoleovac@hotmail.com\SharingMetadata\dorotea9@hotmail.co.uk\DFSR\Staging\CS{167361D6-9FE6-609D-72FA-F7E05E5605D6}\01\10-{167361D6-9FE6-609D-72FA-F7E05E5605D6}-v1-{22EA2ACA-E2FB-463D-952D-87020C0C66CF}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API C:\Documents and Settings\vlado\Local Settings\Application Data\Microsoft\Messenger\vladoleovac@hotmail.com\SharingMetadata\dorotea9@hotmail.co.uk\DFSR\Staging\CS{167361D6-9FE6-609D-72FA-F7E05E5605D6}\01\10-{167361D6-9FE6-609D-72FA-F7E05E5605D6}-v1-{22EA2ACA-E2FB-463D-952D-87020C0C66CF}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API C:\Documents and Settings\vlado\Local Settings\Application Data\Microsoft\Messenger\vladoleovac@hotmail.com\SharingMetadata\dorotea9@hotmail.co.uk\DFSR\Staging\CS{167361D6-9FE6-609D-72FA-F7E05E5605D6}\01\10-{167361D6-9FE6-609D-72FA-F7E05E5605D6}-v1-{22EA2ACA-E2FB-463D-952D-87020C0C66CF}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API C:\Documents and Settings\vlado\Local Settings\Application Data\Microsoft\Messenger\vladoleovac@hotmail.com\SharingMetadata\dorotea9@hotmail.co.uk\DFSR\Staging\CS{167361D6-9FE6-609D-72FA-F7E05E5605D6}\01\10-{167361D6-9FE6-609D-72FA-F7E05E5605D6}-v1-{22EA2ACA-E2FB-463D-952D-87020C0C66CF}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS 8 bytes hidden from API C:\Documents and Settings\vlado\Local Settings\Temp\TFR61.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR62.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR66.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR6A.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR6E.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR72.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR75.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR79.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR61.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR62.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR66.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR6A.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR6E.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR72.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR75.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR79.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR61.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR62.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR66.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR6A.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR6E.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR72.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR75.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR79.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR61.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR62.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR66.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR6A.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR6E.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR72.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR75.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR79.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR61.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR62.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR66.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR6A.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR6E.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR72.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR75.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR79.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR61.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR62.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR66.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR6A.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR6E.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR72.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR75.tmp C:\Documents and Settings\vlado\Local Settings\Temp\TFR79.tmp scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 55 scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 55 file zipped: C:\Documents and Settings\vlado\Local Settings\Application Data\Microsoft\Messenger\vladoleovac@hotmail.com\SharingMetadata\dorotea9@hotmail.co.uk\DFSR\Staging\CS{167361D6-9FE6-609D-72FA-F7E05E5605D6}\01\10-{167361D6-9FE6-609D-72FA-F7E05E5605D6}-v1-{22EA2ACA-E2FB-463D-952D-87020C0C66CF}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS ( 8 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Application Data\Microsoft\Messenger\vladoleovac@hotmail.com\SharingMetadata\dorotea9@hotmail.co.uk\DFSR\Staging\CS{167361D6-9FE6-609D-72FA-F7E05E5605D6}\01\10-{167361D6-9FE6-609D-72FA-F7E05E5605D6}-v1-{22EA2ACA-E2FB-463D-952D-87020C0C66CF}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.1 ( 8 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Application Data\Microsoft\Messenger\vladoleovac@hotmail.com\SharingMetadata\dorotea9@hotmail.co.uk\DFSR\Staging\CS{167361D6-9FE6-609D-72FA-F7E05E5605D6}\01\10-{167361D6-9FE6-609D-72FA-F7E05E5605D6}-v1-{22EA2ACA-E2FB-463D-952D-87020C0C66CF}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.2 ( 8 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Application Data\Microsoft\Messenger\vladoleovac@hotmail.com\SharingMetadata\dorotea9@hotmail.co.uk\DFSR\Staging\CS{167361D6-9FE6-609D-72FA-F7E05E5605D6}\01\10-{167361D6-9FE6-609D-72FA-F7E05E5605D6}-v1-{22EA2ACA-E2FB-463D-952D-87020C0C66CF}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.3 ( 8 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Application Data\Microsoft\Messenger\vladoleovac@hotmail.com\SharingMetadata\dorotea9@hotmail.co.uk\DFSR\Staging\CS{167361D6-9FE6-609D-72FA-F7E05E5605D6}\01\10-{167361D6-9FE6-609D-72FA-F7E05E5605D6}-v1-{22EA2ACA-E2FB-463D-952D-87020C0C66CF}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.4 ( 8 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Application Data\Microsoft\Messenger\vladoleovac@hotmail.com\SharingMetadata\dorotea9@hotmail.co.uk\DFSR\Staging\CS{167361D6-9FE6-609D-72FA-F7E05E5605D6}\01\10-{167361D6-9FE6-609D-72FA-F7E05E5605D6}-v1-{22EA2ACA-E2FB-463D-952D-87020C0C66CF}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS -> catchme.zip -> {59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS.5 ( 8 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR61.tmp -> catchme.zip -> TFR61.tmp ( 46021 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR62.tmp -> catchme.zip -> TFR62.tmp ( 46660 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR66.tmp -> catchme.zip -> TFR66.tmp ( 59218 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR6A.tmp -> catchme.zip -> TFR6A.tmp ( 67560 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR6E.tmp -> catchme.zip -> TFR6E.tmp ( 27777 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR72.tmp -> catchme.zip -> TFR72.tmp ( 21122 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR75.tmp -> catchme.zip -> TFR75.tmp ( 23427 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR79.tmp -> catchme.zip -> TFR79.tmp ( 26241 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR61.tmp -> catchme.zip -> TFR61.tmp.1 ( 46021 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR62.tmp -> catchme.zip -> TFR62.tmp.1 ( 46660 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR66.tmp -> catchme.zip -> TFR66.tmp.1 ( 59218 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR6A.tmp -> catchme.zip -> TFR6A.tmp.1 ( 67560 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR6E.tmp -> catchme.zip -> TFR6E.tmp.1 ( 27777 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR72.tmp -> catchme.zip -> TFR72.tmp.1 ( 21122 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR75.tmp -> catchme.zip -> TFR75.tmp.1 ( 23427 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR79.tmp -> catchme.zip -> TFR79.tmp.1 ( 26241 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR61.tmp -> catchme.zip -> TFR61.tmp.2 ( 46021 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR62.tmp -> catchme.zip -> TFR62.tmp.2 ( 46660 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR66.tmp -> catchme.zip -> TFR66.tmp.2 ( 59218 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR6A.tmp -> catchme.zip -> TFR6A.tmp.2 ( 67560 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR6E.tmp -> catchme.zip -> TFR6E.tmp.2 ( 27777 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR72.tmp -> catchme.zip -> TFR72.tmp.2 ( 21122 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR75.tmp -> catchme.zip -> TFR75.tmp.2 ( 23427 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR79.tmp -> catchme.zip -> TFR79.tmp.2 ( 26241 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR61.tmp -> catchme.zip -> TFR61.tmp.3 ( 46021 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR62.tmp -> catchme.zip -> TFR62.tmp.3 ( 46660 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR66.tmp -> catchme.zip -> TFR66.tmp.3 ( 59218 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR6A.tmp -> catchme.zip -> TFR6A.tmp.3 ( 67560 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR6E.tmp -> catchme.zip -> TFR6E.tmp.3 ( 27777 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR72.tmp -> catchme.zip -> TFR72.tmp.3 ( 21122 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR75.tmp -> catchme.zip -> TFR75.tmp.3 ( 23427 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR79.tmp -> catchme.zip -> TFR79.tmp.3 ( 26241 bytes ) scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 55 file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR61.tmp -> catchme.zip -> TFR61.tmp.4 ( 46021 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR62.tmp -> catchme.zip -> TFR62.tmp.4 ( 46660 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR66.tmp -> catchme.zip -> TFR66.tmp.4 ( 59218 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR6A.tmp -> catchme.zip -> TFR6A.tmp.4 ( 67560 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR6E.tmp -> catchme.zip -> TFR6E.tmp.4 ( 27777 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR72.tmp -> catchme.zip -> TFR72.tmp.4 ( 21122 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR75.tmp -> catchme.zip -> TFR75.tmp.4 ( 23427 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR79.tmp -> catchme.zip -> TFR79.tmp.4 ( 26241 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR61.tmp -> catchme.zip -> TFR61.tmp.5 ( 46021 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR62.tmp -> catchme.zip -> TFR62.tmp.5 ( 46660 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR66.tmp -> catchme.zip -> TFR66.tmp.5 ( 59218 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR6A.tmp -> catchme.zip -> TFR6A.tmp.5 ( 67560 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR6E.tmp -> catchme.zip -> TFR6E.tmp.5 ( 27777 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR72.tmp -> catchme.zip -> TFR72.tmp.5 ( 21122 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR75.tmp -> catchme.zip -> TFR75.tmp.5 ( 23427 bytes ) file zipped: C:\Documents and Settings\vlado\Local Settings\Temp\TFR79.tmp -> catchme.zip -> TFR79.tmp.5 ( 26241 bytes ) scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 55 scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 55 scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 55 a poslacu i zip

Profil

DEMIAN Poslao: 08 Maj 2007 18:02 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzeo sam ono što si upload-ovao. Proveriću ga u toku dana, oko 5 PM sam ovde, pa nastavljamo. Izvini za juče, nisam mogao da izbegnem obaveze. Dopuna: 08 Maj 2007 18:02 Ovi fajlovi koji su nam stigli nisu maliciozni. Ostaje nam samo problem sa skrivenim xkwagrvl.sys, koga ne možeš da pronađeš na disku. Ni ovaj alat sa kojim smo sada probali da ga pronađemo i uklonimo nije dao rezultat. Ne ostaje mi ništa drugo sem da te uputim na RootKit UnHooker (135 kb) i da te zamolim da obaviš skeniranje njime. Kada instaliraš program, klikni na zadnji tab na kome piše Report, klikneš Scan, pojaviće se prozorče sa označenim opcijama za skeniranje (ako nisu označi ih), izaberi particije za skeniranje i kad završi iskopiraj nam log ovde..

Profil

vl Poslao: 08 Maj 2007 18:47 Idi na vrh
offline vl Novi MyCity građanin Pridružio: 05 Maj 2007 Poruke: 18	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo scan-a: >SSDT State NtCreateProcess Actual Address 0xF752667C Hooked by: C:\WINDOWS\System32\drivers\fsndis5.sys NtCreateProcessEx Actual Address 0xF7526710 Hooked by: C:\WINDOWS\System32\drivers\fsndis5.sys NtCreateSection Actual Address 0xF75260C0 Hooked by: C:\WINDOWS\System32\drivers\fsndis5.sys NtCreateThread Actual Address 0xF7525F76 Hooked by: C:\WINDOWS\System32\drivers\fsndis5.sys NtOpenProcess Actual Address 0xF3FB08AC Hooked by: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys NtTerminateProcess Actual Address 0xF3FB0812 Hooked by: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys NtWriteVirtualMemory Actual Address 0xF7525FF6 Hooked by: C:\WINDOWS\System32\drivers\fsndis5.sys >Processes >Drivers >Files Suspect File: C:\Documents and Settings\vlado\Local Settings\Temporary Internet Files\Content.IE5\1KXA8CGB\privmsg[4].htm Status: Hidden Suspect File: C:\Documents and Settings\vlado\Local Settings\Temporary Internet Files\Content.IE5\7ND1KE2H\privmsg[3].php Status: Hidden Suspect File: C:\Documents and Settings\vlado\Local Settings\Temporary Internet Files\Content.IE5\7ND1KE2H\privmsg[4].htm Status: Hidden Suspect File: C:\Documents and Settings\vlado\Local Settings\Temporary Internet Files\Content.IE5\G3ILSH8D\privmsg[3].htm Status: Hidden >Hooks ndis.sys-->NdisCloseAdapter, Type: Inline - RelativeJump at address 0xF723561E hook handler located in [fsndis5.sys] ndis.sys-->NdisDeregisterProtocol, Type: Inline - RelativeJump at address 0xF72357FD hook handler located in [fsndis5.sys] ndis.sys-->NdisOpenAdapter, Type: Inline - RelativeJump at address 0xF722B397 hook handler located in [fsndis5.sys] ndis.sys-->NdisRegisterProtocol, Type: Inline - RelativeJump at address 0xF722B17D hook handler located in [fsndis5.sys] ndis.sys-->NdisRequest, Type: Inline - RelativeJump at address 0xF723896B hook handler located in [fsndis5.sys] ndis.sys-->NdisReturnPackets, Type: Inline - RelativeJump at address 0xF7238800 hook handler located in [fsndis5.sys] ndis.sys-->NdisSend, Type: Inline - RelativeJump at address 0xF723B977 hook handler located in [fsndis5.sys] ndis.sys-->NdisSend, Type: Inline - RelativeJump at address 0xF723B994 hook handler located in [fsndis5.sys] ndis.sys-->NdisSendPackets, Type: Inline - RelativeJump at address 0xF723B9AF hook handler located in [fsndis5.sys] ntkrnlpa.exe-->IoCreateDevice, Type: Inline - RelativeJump at address 0x80574702 hook handler located in [fsndis5.sys] [3948]msnmsgr.exe-->kernel32.dll-->SetUnhandledExceptionFilter, Type: Inline - RelativeJump at address 0x7C810386 hook handler located in [msnmsgr.exe] !!POSSIBLE ROOTKIT ACTIVITY DETECTED!! =)

Profil

DEMIAN Poslao: 08 Maj 2007 19:30 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! I ovde ništa.. Proveri računar online preko ovog linka. Skeniranje je moguće jedino sa Internet Explorer browserom i uključenim ActiveX kontrolama. Zapiši i postuj nam ovde ako detektuje neki malware.

Profil

bobby Poslao: 08 Maj 2007 21:49 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da bi AVG AS (Ewido) brisao kada nesto nadje, idi na ikonicu Scanner > kartica Settings. Tu imas opciju How to act? koju treba podesiti na Quarantine.

Profil

vl Poslao: 08 Maj 2007 22:45 Idi na vrh
offline vl Novi MyCity građanin Pridružio: 05 Maj 2007 Poruke: 18	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zavrsio sam skeniranje i nisam nista nasao sa ovim bitdefenderom Dopuna: 08 Maj 2007 22:45 Podesio sam na Quarantine

Profil

bobby Poslao: 08 Maj 2007 22:50 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Proskeniraj ponovo Ewidom (AVG AS) i postavi log. Postavi i novi HJT log.

Profil

vl Poslao: 09 Maj 2007 11:31 Idi na vrh
offline vl Novi MyCity građanin Pridružio: 05 Maj 2007 Poruke: 18	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo reporta scan-a: --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 9:48:36 9.5.2007 + Scan result: C:\Program Files\Screensavers.com\SSSInst\bin\SSSInst.dll -> Adware.Comet : Cleaned. C:\Program Files\Starware316\bin\Starware316.dll -> Adware.Comet : Cleaned. C:\Documents and Settings\vlado\Desktop\backups\backup-20070507-090556-406.dll -> Adware.Softomate : Cleaned. C:\System Volume Information\_restore{912E11A5-5A9F-4512-9386-C9016C68EC2F}\RP4\A0009641.dll -> Adware.Softomate : Cleaned. C:\Documents and Settings\vlado\Desktop\backups\backup-20070507-090556-528.dll -> Adware.Yatool : Cleaned. C:\System Volume Information\_restore{912E11A5-5A9F-4512-9386-C9016C68EC2F}\RP4\A0010698.dll -> Backdoor.Sdbot : Cleaned. C:\WINDOWS\system32\sbdbaaaa.exe -> Backdoor.Sdbot : Cleaned. C:\WINDOWS\system32\ws_imod.dll -> Logger.Nukulus.a : Cleaned. C:\WINDOWS\system32\wsock.dll -> Logger.Nukulus.a : Cleaned. C:\Program Files\RAdmin\R_server.exe -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.20 : Cleaned. C:\Program Files\RAdmin\raddrv.dll -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.20 : Cleaned. C:\WINDOWS\system32\raddrv.dll -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.20 : Cleaned. C:\Documents and Settings\vlado\Cookies\vlado@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Cleaned. C:\System Volume Information\_restore{912E11A5-5A9F-4512-9386-C9016C68EC2F}\RP4\A0010720.exe -> Trojan.Zapchast.ca : Cleaned. C:\System Volume Information\_restore{912E11A5-5A9F-4512-9386-C9016C68EC2F}\RP4\A0010773.exe -> Trojan.Zapchast.ca : Cleaned. ::Report end evo i log-a: Logfile of HijackThis v1.99.1 Scan saved at 9:52:55, on 9.5.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\AtmeyeServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure\Anti-Virus\fssm32.exe C:\Program Files\F-Secure\Common\FSMA32.EXE C:\Program Files\InterBase Corp\InterBase\bin\ibguard.exe C:\Program Files\F-Secure\Common\FSMB32.EXE C:\PROGRA~1\MICROS~4\MSSQL\binn\sqlservr.exe C:\Program Files\F-Secure\Common\FCH32.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\r_server.exe C:\Program Files\F-Secure\Common\FAMEH32.EXE C:\Program Files\F-Secure\Anti-Virus\fsqh.exe C:\Program Files\F-Secure\Anti-Virus\fsrw.exe C:\Program Files\F-Secure\Anti-Virus\fsav32.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\F-Secure\Common\FNRB32.EXE C:\Program Files\F-Secure\Common\FSM32.EXE C:\Program Files\LClock\LClock.exe C:\Program Files\VisualTooltip\VisualToolTip.exe C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe C:\Program Files\F-Secure\Common\FIH32.EXE C:\Program Files\InterBase Corp\InterBase\bin\ibserver.exe C:\Program Files\Styler\Styler.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\DOCUME~1\vlado\LOCALS~1\Temp\{63DEF128-8EF6-4B2A-B051-AA3DF9F2A101}\Blaero Start Orb.exe C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\F-Secure\FSGUI\fsguidll.exe C:\DOCUME~1\vlado\LOCALS~1\Temp\{164E179F-00AC-47AD-A422-7DAE7A44616D}\sidebar.exe C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Banka\VerPex.exe C:\BANKA\AVISTA.EXE C:\Program Files\RAdmin\Radmin.exe C:\WINDOWS\system32\mmc.exe C:\Program Files\Microsoft SQL Server\80\Tools\Binn\isqlw.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\vlado\Desktop\New Folder (2)\vvv.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = kingkongsearch.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = windowsxlive.net R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = go.microsoft.com/fwlink/?LinkId=488 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5488E24F-B8E4-43B7-8726-F314FF7FEE98} - c:\windows\system32\dmhadmh.dll (file missing) O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe O4 - HKLM\..\Run: [Vista Sidebar] C:\Program Files\Vista Sidebar\sidebar.exe O4 - HKLM\..\Run: [VisualTooltip] C:\Program Files\VisualTooltip\VisualToolTip.exe O4 - HKLM\..\Run: [Blaero Start Orb] C:\Program Files\Blaero Start Orb\Blaero Start Orb.exe O4 - HKLM\..\Run: [Styler] C:\Program Files\Styler\Styler.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - download.bitdefender.com/resources/scan8/oscan8.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = nikbanka.cg.rs O17 - HKLM\System\CCS\Services\Tcpip\..\{4F5325BC-2881-4CE2-9419-BF5F4C41D508}: NameServer = 172.16.1.5,172.16.1.15 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = nikbanka.cg.rs O17 - HKLM\System\CS1\Services\Tcpip\..\{4F5325BC-2881-4CE2-9419-BF5F4C41D508}: NameServer = 172.16.1.5,172.16.1.15 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: poibqqbc - dmhadmh.dll (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AtmEyeServ - BS/2 - C:\WINDOWS\system32\AtmeyeServ.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: InterBase Guardian (InterBaseGuardian) - InterBase Software Corp. - C:\Program Files\InterBase Corp\InterBase\bin\ibguard.exe O23 - Service: InterBase Server (InterBaseServer) - InterBase Software Corp. - C:\Program Files\InterBase Corp\InterBase\bin\ibserver.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe" /service (file missing) Dopuna: 09 Maj 2007 11:31 Evo i poruka koje mi je javio f-secure: Malicious code found in file C:\SYSTEM VOLUME INFORMATION\_RESTORE{912E11A5-5A9F-4512-9386-C9016C68EC2F}\RP4\A0008645.DLL. Infection: Packed.Win32.Morphine.a Malicious code found in file C:\SYSTEM VOLUME INFORMATION\_RESTORE{912E11A5-5A9F-4512-9386-C9016C68EC2F}\RP4\A0008645.DLL. Infection: Packed.Win32.Morphine.a Infection: Trojan-Downloader.Win32.Small.ehe Action: The file was deleted. Malicious code found in file C:\SYSTEM VOLUME INFORMATION\_RESTORE{912E11A5-5A9F-4512-9386-C9016C68EC2F}\RP5\A0010882.DLL. Infection: Trojan-Downloader.Win32.Small.ehe Malicious code found in file C:\SYSTEM VOLUME INFORMATION\_RESTORE{912E11A5-5A9F-4512-9386-C9016C68EC2F}\RP5\A0010883.DLL. Infection: Trojan.Win32.Pakes Malicious code found in file C:\SYSTEM VOLUME INFORMATION\_RESTORE{912E11A5-5A9F-4512-9386-C9016C68EC2F}\RP5\A0010884.DLL. Infection: Trojan.Win32.Agent.aet Malicious code found in file C:\SYSTEM VOLUME INFORMATION\_RESTORE{912E11A5-5A9F-4512-9386-C9016C68EC2F}\RP5\A0010885.DLL. Infection: Trojan-Downloader.Win32.Small.ehe Malicious code found in file C:\SYSTEM VOLUME INFORMATION\_RESTORE{912E11A5-5A9F-4512-9386-C9016C68EC2F}\RP5\A0010886.DLL. Infection: Trojan-Downloader.Win32.Small.ehe Malicious code found in file C:\WINDOWS\SYSTEM32\DSXZPSJC.DLL. Infection: Packed.Win32.Morphine.a Action: failed. Malicious code found in file C:\WINDOWS\SYSTEM32\DSXZPSJC.DLL. Infection: Packed.Win32.Morphine.a Action: failed.

Profil

DEMIAN Poslao: 09 Maj 2007 15:35 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! C:\WINDOWS\system32\AtmeyeServ.exe O23 - Service: AtmEyeServ - BS/2 - C:\WINDOWS\system32\AtmeyeServ.exe Jel' ti je poznat ovaj proces i njegov servis ? Ovo je novo, a nema informacija o tome šta bi to moglo biti. Jesi li ti to instalirao ? Ako nisi šalji nam na upload. O2 - BHO: (no name) - {5488E24F-B8E4-43B7-8726-F314FF7FEE98} - c:\windows\system32\dmhadmh.dll (file missing) O20 - Winlogon Notify: poibqqbc - dmhadmh.dll (file missing) To treba da se čekira u HJT i obriše ali mi ne ide u glavu kako neće da nestane. C:\Banka\VerPex.exe C:\BANKA\AVISTA.EXE Pretpostavljam da si ti instalirao ovo. Jel' možeš da mi potvrdiš da je to legitimno, pošto takođe nemam informacija o tim procesima. C:\DOCUME~1\vlado\LOCALS~1\Temp\{164E179F-00AC-47AD-A422-7DAE7A44616D}\sidebar.e xe Ovo bi trebalo da bude na putanji :"C:\Program Files\Windows Sidebar\" a kod tebe se startuje uporno iz temp foldera i ima čudnu extenziju. Zamolio bih te da privremeno bar ukloniš taj program sa računara (dok traje čišćenje) jer mi je sumnjiv. Obriši i taj temp fajl. ------------------------------------- U vezi ovoga : Citat:Malicious code found in file C:\WINDOWS\SYSTEM32\DSXZPSJC.DLL. Infection: Packed.Win32.Morphine.a Action: failed. Takođe nemam informacija o ovoj detekciji. Uploaduj mi i taj fajl.

Profil

vl Poslao: 09 Maj 2007 16:42 Idi na vrh
offline vl Novi MyCity građanin Pridružio: 05 Maj 2007 Poruke: 18	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! C:\WINDOWS\system32\AtmeyeServ.exe O23 - Service: AtmEyeServ - BS/2 - C:\WINDOWS\system32\AtmeyeServ.exe C:\Banka\VerPex.exe C:\BANKA\AVISTA.EXE Ovo gore su stvari koje sam ja instalirao i koje mi trebaju. ovaj sidebar.exe je nesto bezveze. kao neki dodatak skinu za vistu. to sam skinuo sa provjerenog sajta. ne vjerujem da je problematicno. dok je bio upaljen nije mi dao da ga obrisem a kad sam ga izgasio sad ga vise nema na putanji C:\DOCUME~1\vlado\LOCALS~1\Temp\{164E179F-00AC-47AD-A422-7DAE7A44616D}\sidebar.e xe a ni na putanji C:\Program Files\Windows Sidebar\ Dopuna: 09 Maj 2007 16:32 C:\WINDOWS\SYSTEM32\DSXZPSJC.DLL ovaj mi ne da da ga kopiram. ja ga nadjem i kad ocu da ga paste-jem onda mi izadje ona poruka koju sam vec poslao da je to virus i ta brisanje nije uspjelo. On mi pravi problem. To je definitivno. Samo ne znam kako da ga maknemo Dopuna: 09 Maj 2007 16:35 Cekirao sam ovoga sto nece da nestane. Treba li da posaljem log? Dopuna: 09 Maj 2007 16:42 Kad pokusam uplaodujem ovaj C:\WINDOWS\SYSTEM32\DSXZPSJC.DLL. kaze mi da je prevelik iako ima 100 i nesto KB. dok god radim sa njim javlja mi one greske. ne znam sta da mu radim

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Problem sa nepoznatim mailovima

Ko je trenutno na forumu

Ukupno su 837 korisnika na forumu :: 5 registrovanih, 1 sakriven i 831 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Koridor, naki011, Srle993, voja64, zziko

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by