MyCity » Ambulanta -> Arhiva Ambulante » Šta dalje??

Šta dalje??

Napisano na dan: 12.3.2007

Strana:
1
2
3
4
5
6
7

Šta dalje??

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3
4
5
6
7

maha Poslao: 14 Mar 2007 16:16 Idi na vrh
offline maha Super građanin Pridružio: 06 Dec 2006 Poruke: 1152	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ne koristim IE već Mozill-u Firefox.

Profil

bobby Poslao: 14 Mar 2007 16:27 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ponovi postupak sa KillBox-om, ali pre klika na dugme za brisanje odaberi dole u opcijama "Delete on Reboot". Fajl ce biti obrisan pri sledecem podizanju Windowsa. Notepad nije opcija vec program koji ide uz svaki Windows. Nakon sto budes restartovao racunar da bi onaj fajl bio obrisan, napravi ponovo GMER log.

Profil

maha Poslao: 14 Mar 2007 18:24 Idi na vrh
offline maha Super građanin Pridružio: 06 Dec 2006 Poruke: 1152	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradio sam KillBox GMER 1.0.12.12086 - Rootkit scan 2007-03-14 18:26:49 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.12 ---- SSDT a347bus.sys SSDT a347bus.sys SSDT a347bus.sys SSDT a347bus.sys SSDT a347bus.sys SSDT a347bus.sys SSDT a347bus.sys SSDT a347bus.sys SSDT a347bus.sys SSDT a347bus.sys SSDT \??\C:\PROGRA~1\Agnitum\OUTPOS~1\kernel\FILTNT.SYS ---- User code sections - GMER 1.0.12 ---- .text C:\WINDOWS\explorer.exe[1484] kernel32.dll!CreateProcessW .text C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe[2340] ---- Devices - GMER 1.0.12 ---- Device \FileSystem\Ntfs \Ntfs IRP_MJ_READ Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_NAMED_PIPE Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLOSE Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_READ Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_WRITE Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_INFORMATION Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_INFORMATION Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_EA Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_EA Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FLUSH_BUFFERS Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_VOLUME_INFORMATION Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_VOLUME_INFORMATION Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DIRECTORY_CONTROL Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_FILE_SYSTEM_CONTROL Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CONTROL Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_INTERNAL_DEVICE_CONTROL Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SHUTDOWN Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_LOCK_CONTROL Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CLEANUP Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_CREATE_MAILSLOT Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_SECURITY Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_SECURITY Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_POWER Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SYSTEM_CONTROL Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_DEVICE_CHANGE Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_QUERY_QUOTA Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_SET_QUOTA Device \Driver\Cdrom \Device\CdRom0 IRP_MJ_PNP Device \FileSystem\Rdbss \Device\FsWrap IRP_MJ_READ Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_NAMED_PIPE Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLOSE Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_READ Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_WRITE Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_INFORMATION Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_INFORMATION Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_EA Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_EA Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FLUSH_BUFFERS Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_VOLUME_INFORMATION Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_VOLUME_INFORMATION Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DIRECTORY_CONTROL Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_FILE_SYSTEM_CONTROL Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CONTROL Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_INTERNAL_DEVICE_CONTROL Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SHUTDOWN Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_LOCK_CONTROL Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CLEANUP Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_CREATE_MAILSLOT Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_SECURITY Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_SECURITY Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_POWER Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SYSTEM_CONTROL Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_DEVICE_CHANGE Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_QUERY_QUOTA Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_SET_QUOTA Device \Driver\Cdrom \Device\CdRom1 IRP_MJ_PNP Device \Driver\nvata \Device\00000076 IRP_MJ_CREATE Device \Driver\nvata \Device\00000076 IRP_MJ_CREATE_NAMED_PIPE Device \Driver\nvata \Device\00000076 IRP_MJ_CLOSE Device \Driver\nvata \Device\00000076 IRP_MJ_READ Device \Driver\nvata \Device\00000076 IRP_MJ_WRITE Device \Driver\nvata \Device\00000076 IRP_MJ_QUERY_INFORMATION Device \Driver\nvata \Device\00000076 IRP_MJ_SET_INFORMATION Device \Driver\nvata \Device\00000076 IRP_MJ_QUERY_EA Device \Driver\nvata \Device\00000076 IRP_MJ_SET_EA Device \Driver\nvata \Device\00000076 IRP_MJ_FLUSH_BUFFERS Device \Driver\nvata \Device\00000076 IRP_MJ_QUERY_VOLUME_INFORMATION Device \Driver\nvata \Device\00000076 IRP_MJ_SET_VOLUME_INFORMATION Device \Driver\nvata \Device\00000076 IRP_MJ_DIRECTORY_CONTROL Device \Driver\nvata \Device\00000076 IRP_MJ_FILE_SYSTEM_CONTROL Device \Driver\nvata \Device\00000076 IRP_MJ_DEVICE_CONTROL Device \Driver\nvata \Device\00000076 IRP_MJ_INTERNAL_DEVICE_CONTROL Device \Driver\nvata \Device\00000076 IRP_MJ_SHUTDOWN Device \Driver\nvata \Device\00000076 IRP_MJ_LOCK_CONTROL Device \Driver\nvata \Device\00000076 IRP_MJ_CLEANUP Device \Driver\nvata \Device\00000076 IRP_MJ_CREATE_MAILSLOT Device \Driver\nvata \Device\00000076 IRP_MJ_QUERY_SECURITY Device \Driver\nvata \Device\00000076 IRP_MJ_SET_SECURITY Device \Driver\nvata \Device\00000076 IRP_MJ_POWER Device \Driver\nvata \Device\00000076 IRP_MJ_SYSTEM_CONTROL Device \Driver\nvata \Device\00000076 IRP_MJ_DEVICE_CHANGE Device \Driver\nvata \Device\00000076 IRP_MJ_QUERY_QUOTA Device \Driver\nvata \Device\00000076 IRP_MJ_SET_QUOTA Device \Driver\nvata \Device\00000076 IRP_MJ_PNP Device \Driver\nvata \Device\00000078 IRP_MJ_CREATE Device \Driver\nvata \Device\00000078 IRP_MJ_CREATE_NAMED_PIPE Device \Driver\nvata \Device\00000078 IRP_MJ_CLOSE Device \Driver\nvata \Device\00000078 IRP_MJ_READ Device \Driver\nvata \Device\00000078 IRP_MJ_WRITE Device \Driver\nvata \Device\00000078 IRP_MJ_QUERY_INFORMATION Device \Driver\nvata \Device\00000078 IRP_MJ_SET_INFORMATION Device \Driver\nvata \Device\00000078 IRP_MJ_QUERY_EA Device \Driver\nvata \Device\00000078 IRP_MJ_SET_EA Device \Driver\nvata \Device\00000078 IRP_MJ_FLUSH_BUFFERS Device \Driver\nvata \Device\00000078 IRP_MJ_QUERY_VOLUME_INFORMATION Device \Driver\nvata \Device\00000078 IRP_MJ_SET_VOLUME_INFORMATION Device \Driver\nvata \Device\00000078 IRP_MJ_DIRECTORY_CONTROL Device \Driver\nvata \Device\00000078 IRP_MJ_FILE_SYSTEM_CONTROL Device \Driver\nvata \Device\00000078 IRP_MJ_DEVICE_CONTROL Device \Driver\nvata \Device\00000078 IRP_MJ_INTERNAL_DEVICE_CONTROL Device \Driver\nvata \Device\00000078 IRP_MJ_SHUTDOWN Device \Driver\nvata \Device\00000078 IRP_MJ_LOCK_CONTROL Device \Driver\nvata \Device\00000078 IRP_MJ_CLEANUP Device \Driver\nvata \Device\00000078 IRP_MJ_CREATE_MAILSLOT Device \Driver\nvata \Device\00000078 IRP_MJ_QUERY_SECURITY Device \Driver\nvata \Device\00000078 IRP_MJ_SET_SECURITY Device \Driver\nvata \Device\00000078 IRP_MJ_POWER Device \Driver\nvata \Device\00000078 IRP_MJ_SYSTEM_CONTROL Device \Driver\nvata \Device\00000078 IRP_MJ_DEVICE_CHANGE Device \Driver\nvata \Device\00000078 IRP_MJ_QUERY_QUOTA Device \Driver\nvata \Device\00000078 IRP_MJ_SET_QUOTA Device \Driver\nvata \Device\00000078 IRP_MJ_PNP Device \FileSystem\Srv \Device\LanmanServer IRP_MJ_READ Device \Driver\nvata \Device\NvAta0 IRP_MJ_CREATE Device \Driver\nvata \Device\NvAta0 IRP_MJ_CREATE_NAMED_PIPE Device \Driver\nvata \Device\NvAta0 IRP_MJ_CLOSE Device \Driver\nvata \Device\NvAta0 IRP_MJ_READ Device \Driver\nvata \Device\NvAta0 IRP_MJ_WRITE Device \Driver\nvata \Device\NvAta0 IRP_MJ_QUERY_INFORMATION Device \Driver\nvata \Device\NvAta0 IRP_MJ_SET_INFORMATION Device \Driver\nvata \Device\NvAta0 IRP_MJ_QUERY_EA Device \Driver\nvata \Device\NvAta0 IRP_MJ_SET_EA Device \Driver\nvata \Device\NvAta0 IRP_MJ_FLUSH_BUFFERS Device \Driver\nvata \Device\NvAta0 IRP_MJ_QUERY_VOLUME_INFORMATION Device \Driver\nvata \Device\NvAta0 IRP_MJ_SET_VOLUME_INFORMATION Device \Driver\nvata \Device\NvAta0 IRP_MJ_DIRECTORY_CONTROL Device \Driver\nvata \Device\NvAta0 IRP_MJ_FILE_SYSTEM_CONTROL Device \Driver\nvata \Device\NvAta0 IRP_MJ_DEVICE_CONTROL Device \Driver\nvata \Device\NvAta0 IRP_MJ_INTERNAL_DEVICE_CONTROL Device \Driver\nvata \Device\NvAta0 IRP_MJ_SHUTDOWN Device \Driver\nvata \Device\NvAta0 IRP_MJ_LOCK_CONTROL Device \Driver\nvata \Device\NvAta0 IRP_MJ_CLEANUP Device \Driver\nvata \Device\NvAta0 IRP_MJ_CREATE_MAILSLOT Device \Driver\nvata \Device\NvAta0 IRP_MJ_QUERY_SECURITY Device \Driver\nvata \Device\NvAta0 IRP_MJ_SET_SECURITY Device \Driver\nvata \Device\NvAta0 IRP_MJ_POWER Device \Driver\nvata \Device\NvAta0 IRP_MJ_SYSTEM_CONTROL Device \Driver\nvata \Device\NvAta0 IRP_MJ_DEVICE_CHANGE Device \Driver\nvata \Device\NvAta0 IRP_MJ_QUERY_QUOTA Device \Driver\nvata \Device\NvAta0 IRP_MJ_SET_QUOTA Device \Driver\nvata \Device\NvAta0 IRP_MJ_PNP Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver IRP_MJ_READ Device \Driver\nvata \Device\NvAta1 IRP_MJ_CREATE Device \Driver\nvata \Device\NvAta1 IRP_MJ_CREATE_NAMED_PIPE Device \Driver\nvata \Device\NvAta1 IRP_MJ_CLOSE Device \Driver\nvata \Device\NvAta1 IRP_MJ_READ Device \Driver\nvata \Device\NvAta1 IRP_MJ_WRITE Device \Driver\nvata \Device\NvAta1 IRP_MJ_QUERY_INFORMATION Device \Driver\nvata \Device\NvAta1 IRP_MJ_SET_INFORMATION Device \Driver\nvata \Device\NvAta1 IRP_MJ_QUERY_EA Device \Driver\nvata \Device\NvAta1 IRP_MJ_SET_EA Device \Driver\nvata \Device\NvAta1 IRP_MJ_FLUSH_BUFFERS Device \Driver\nvata \Device\NvAta1 IRP_MJ_QUERY_VOLUME_INFORMATION Device \Driver\nvata \Device\NvAta1 IRP_MJ_SET_VOLUME_INFORMATION Device \Driver\nvata \Device\NvAta1 IRP_MJ_DIRECTORY_CONTROL Device \Driver\nvata \Device\NvAta1 IRP_MJ_FILE_SYSTEM_CONTROL Device \Driver\nvata \Device\NvAta1 IRP_MJ_DEVICE_CONTROL Device \Driver\nvata \Device\NvAta1 IRP_MJ_INTERNAL_DEVICE_CONTROL Device \Driver\nvata \Device\NvAta1 IRP_MJ_SHUTDOWN Device \Driver\nvata \Device\NvAta1 IRP_MJ_LOCK_CONTROL Device \Driver\nvata \Device\NvAta1 IRP_MJ_CLEANUP Device \Driver\nvata \Device\NvAta1 IRP_MJ_CREATE_MAILSLOT Device \Driver\nvata \Device\NvAta1 IRP_MJ_QUERY_SECURITY Device \Driver\nvata \Device\NvAta1 IRP_MJ_SET_SECURITY Device \Driver\nvata \Device\NvAta1 IRP_MJ_POWER Device \Driver\nvata \Device\NvAta1 IRP_MJ_SYSTEM_CONTROL Device \Driver\nvata \Device\NvAta1 IRP_MJ_DEVICE_CHANGE Device \Driver\nvata \Device\NvAta1 IRP_MJ_QUERY_QUOTA Device \Driver\nvata \Device\NvAta1 IRP_MJ_SET_QUOTA Device \Driver\nvata \Device\NvAta1 IRP_MJ_PNP Device \FileSystem\MRxSmb \Device\LanmanRedirector IRP_MJ_READ Device \FileSystem\Npfs \Device\NamedPipe IRP_MJ_READ Device \FileSystem\Msfs \Device\Mailslot IRP_MJ_READ Device \FileSystem\cdudf_xp \Device\CdUdf_XP IRP_MJ_READ Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1Port1Path0Target0Lun0 Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CREATE Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CREATE_NAMED_PIPE Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CLOSE Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_READ Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_WRITE Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_INFORMATION Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_INFORMATION Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_EA Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_EA Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_FLUSH_BUFFERS Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUER Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_ Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_DIRECTORY_CONTROL Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_FILE Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_DEVICE_CONTROL Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_INTE Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SHUTDOWN Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_LOCK_CONTROL Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CLEANUP Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_CREATE_MAILSLOT Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_SECURITY Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_SECURITY Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_POWER Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SYSTEM_CONTROL Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_DEVICE_CHANGE Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_QUERY_QUOTA Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_SET_QUOTA Device \Driver\a347scsi \Device\Scsi\a347scsi1 IRP_MJ_PNP Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer IRP_MJ_READ Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer IRP_MJ_READ Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer IRP_MJ_READ Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer IRP_MJ_READ Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer IRP_MJ_READ Device \FileSystem\Cdfs \Cdfs IRP_MJ_READ ---- Registry - GMER 1.0.12 ---- Reg \Registry\USER\S-1-5-21-1454471165-1303643608-68200 ---- Files - GMER 1.0.12 ---- ADS C:\Documents and Settings\-\My Documents\My ADS C:\Documents and Settings\-\My Documents\My ADS C:\Documents and Settings\-\My Documents\My ADS C:\Documents and Settings\-\My Documents\My ADS C:\Documents and Settings\-\My Documents\My ADS C:\Documents and Settings\-\My Documents\My ADS C:\Documents and Settings\-\My Documents\My ADS C:\Documents and Settings\-\My Documents\My ADS C:\Documents and Settings\-\My Documents\My ADS D:\Programs\Tutoriali\Mre:Roxio EMC Stream ADS D:\Programs\Tutoriali\Za:Roxio EMC Stream ---- EOF - GMER 1.0.12 ---- a evo i GMER log-a. target="_blank">http://www.gmer.net ZwClose ZwCreateKey ZwCreatePagingFile ZwEnumerateKey ZwEnumerateValueKey ZwOpenFile ZwOpenKey ZwQueryKey ZwQueryValueKey ZwSetSystemPowerState ZwWriteVirtualMemory 7C802332 5 Bytes JMP 51981D1D C:\PROGRA~1\DVDIDL~1\DVDShell.dll KERNEL32.dll!CreateProcessW 7C802332 5 Bytes JMP 51981D1D C:\PROGRA~1\DVDIDL~1\DVDShell.dll 8256A810 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 81FC6E98 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 824FACD0 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82214F10 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 81FF2570 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 82163F00 81FF2570 820125E0 8202B3F8 8201C860 IRP_MJ_CREATE 820517F0 IRP_MJ_CREATE_NAMED_PIPE 820517F0 IRP_MJ_CLOSE 820517F0 IRP_MJ_READ 820517F0 IRP_MJ_WRITE 820517F0 IRP_MJ_QUERY_INFORMATION 820517F0 IRP_MJ_SET_INFORMATION 820517F0 IRP_MJ_QUERY_EA 820517F0 IRP_MJ_SET_EA 820517F0 IRP_MJ_FLUSH_BUFFERS 820517F0 IRP_MJ_QUERY_VOLUME_INFORMATION 820517F0 IRP_MJ_SET_VOLUME_INFORMATION 820517F0 IRP_MJ_DIRECTORY_CONTROL 820517F0 IRP_MJ_FILE_SYSTEM_CONTROL 820517F0 IRP_MJ_DEVICE_CONTROL 820517F0 IRP_MJ_INTERNAL_DEVICE_CONTROL 820517F0 IRP_MJ_SHUTDOWN 820517F0 IRP_MJ_LOCK_CONTROL 820517F0 IRP_MJ_CLEANUP 820517F0 IRP_MJ_CREATE_MAILSLOT 820517F0 IRP_MJ_QUERY_SECURITY 820517F0 IRP_MJ_SET_SECURITY 820517F0 IRP_MJ_POWER 820517F0 IRP_MJ_SYSTEM_CONTROL 820517F0 IRP_MJ_DEVICE_CHANGE 820517F0 IRP_MJ_QUERY_QUOTA 820517F0 IRP_MJ_SET_QUOTA 820517F0 IRP_MJ_PNP 820517F0 820517F0 820517F0 820517F0 820517F0 820517F0 820517F0 820517F0 820517F0 820517F0 820517F0 Y_VOLUME_INFORMATION 820517F0 VOLUME_INFORMATION 820517F0 820517F0 _SYSTEM_CONTROL 820517F0 820517F0 RNAL_DEVICE_CONTROL 820517F0 820517F0 820517F0 820517F0 820517F0 820517F0 820517F0 820517F0 820517F0 820517F0 820517F0 820517F0 820517F0 823FB860 823FB860 823FB860 823FB860 823FB860 825690E8 3330-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BBFD6703-43D3-A048-240B-D282EBDC7469}@fahbeidhekmg 0x66 0x61 0x62 0x6A ... eBooks\Korisni sajtovi za u:Roxio EMC Stream eBooks\Korisni sajtovi za u:Roxio EMC Stream eBooks\Korisni sajtovi za u:Roxio EMC Stream eBooks\Korisni sajtovi za u:Roxio EMC Stream eBooks\:Roxio EMC Stream eBooks\:Roxio EMC Stream eBooks\:Roxio EMC Stream eBooks\:Roxio EMC Stream eBooks\:Roxio EMC Stream

Profil

bobby Poslao: 14 Mar 2007 18:47 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovo izgleda vec mnogo bolje. Daj novi HJT log, pa da popravimo i DNS server, da te vise ne preusmerava. Izgleda da smo se otarasili rootkita koji nam je branio da popravimo DNS.

Profil

maha Poslao: 14 Mar 2007 20:26 Idi na vrh
offline maha Super građanin Pridružio: 06 Dec 2006 Poruke: 1152	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Malo kasnim ali imam problema sa konekcijom. Dešava se ponekad. Evo novog HJT-a. Logfile of HijackThis v1.99.1 Scan saved at 20:28:00, on 14.3.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\CDBurnerXP\NMSAccess.exe C:\Program Files\Eset\nod32krn.exe C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe C:\WINDOWS\system32\UAService7.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\LClock\LClock.exe C:\Program Files\VisualTooltip\VisualToolTip.exe C:\Program Files\Styler\Styler.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\system32\ctfmon.exe D:\Super Utilities\SuperUtil.exe D:\Super Utilities\SuperUtil.exe C:\Program Files\Ectosoft\Smart Wallpaper Lite\smartwallpaper.exe C:\Program Files\Free Download Manager\fdm.exe C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe C:\DOCUME~1\-\LOCALS~1\Temp\{5F167E6F-1BA5-488A-B7F6-789D67D67770}\Blaero Start Orb.exe C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe C:\Program Files\Mozilla Firefox\firefox.exe D:\Programs from MyCity for Viruses\Hijack This\airmj.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe O4 - HKLM\..\Run: [Vista Sidebar] C:\Program Files\Vista Sidebar\sidebar.exe O4 - HKLM\..\Run: [VisualTooltip] C:\Program Files\VisualTooltip\VisualToolTip.exe O4 - HKLM\..\Run: [Blaero Start Orb] C:\Program Files\Blaero Start Orb\Blaero Start Orb.exe O4 - HKLM\..\Run: [Styler] C:\Program Files\Styler\Styler.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [xdbtyawi] c:\windows\system32\xdbtyawi.exe xdbtyawi O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Super Utilities] D:\Super Utilities\SuperUtil.exe /min O4 - HKCU\..\Run: [smartwallpaper] C:\Program Files\Ectosoft\Smart Wallpaper Lite\smartwallpaper.exe O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{77930581-C0D7-454A-8055-4FBF5FB69BB1}: NameServer = 194.106.162.3 O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccess.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

Profil

bobby Poslao: 14 Mar 2007 20:49 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Podesavanja DNS servera su se sredila sama od sebe. Skeniraj HJT-om i stikliraj polje ispred sledece linije: O4 - HKLM\..\Run: [xdbtyawi] c:\windows\system32\xdbtyawi.exe xdbtyawi Klikni na Fix Checked. Zamolio bih te da sutra, ili za koji dan postavis jos jedan svez HJT log, da proverimo da se infekcija nije vratila kojim slucajem. Eventualno, ukoliko se "curice" vrate, postavi log bez cekanja. Sve mi nesto smrdi da neki program koji imas instaliran ubacuje ovu infekciju. Moguce je da se infekcija ponovi nakon ponovnog startovanja tog programa. Moj savet je da izbegavas nadalje skidanje svega sto ima veze sa wallpaperima i screensaverima, osim ukoliko ne dobijes bas jaku preporuku nekog prijatelja da je sajt sa koga skidas siguran (cist).

Profil

maha Poslao: 15 Mar 2007 09:27 Idi na vrh
offline maha Super građanin Pridružio: 06 Dec 2006 Poruke: 1152	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Goooooood Morning Virusokiller-i. Prijatno iznenadjenje posle startovanja komp-a. Vidljivo je brži.Postaviću sada novi HJT log a još neki posle izvesnog vremena (korišćenja kompa).Nego jedno pitanje. Da li postoje neki tutorijali (postavljene sam sve skinuo i mogu reći da su prava stvar) ili uputstva za čitanje skenova iz programa koje sam skidao po vašim instrukcijama (sve ih čuvam) ? Jednostavno rečeno kako da naučim da u sken-u pronadjem gde je zaraženi fajl ? Evo i svežeg HJT-a. Logfile of HijackThis v1.99.1 Scan saved at 9:30:21, on 15.3.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\CDBurnerXP\NMSAccess.exe C:\Program Files\Eset\nod32krn.exe C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe C:\WINDOWS\system32\UAService7.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\LClock\LClock.exe C:\Program Files\VisualTooltip\VisualToolTip.exe C:\Program Files\Styler\Styler.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\system32\ctfmon.exe D:\Super Utilities\SuperUtil.exe D:\Super Utilities\SuperUtil.exe C:\Program Files\Ectosoft\Smart Wallpaper Lite\smartwallpaper.exe C:\Program Files\Free Download Manager\fdm.exe C:\DOCUME~1\-\LOCALS~1\Temp\{B1A2530F-32D8-4F36-8123-52D947C6E47E}\Blaero Start Orb.exe C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe C:\Program Files\Mozilla Firefox\firefox.exe D:\Programs from MyCity for Viruses\Hijack This\airmj.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe O4 - HKLM\..\Run: [Vista Sidebar] C:\Program Files\Vista Sidebar\sidebar.exe O4 - HKLM\..\Run: [VisualTooltip] C:\Program Files\VisualTooltip\VisualToolTip.exe O4 - HKLM\..\Run: [Blaero Start Orb] C:\Program Files\Blaero Start Orb\Blaero Start Orb.exe O4 - HKLM\..\Run: [Styler] C:\Program Files\Styler\Styler.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Super Utilities] D:\Super Utilities\SuperUtil.exe /min O4 - HKCU\..\Run: [smartwallpaper] C:\Program Files\Ectosoft\Smart Wallpaper Lite\smartwallpaper.exe O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{77930581-C0D7-454A-8055-4FBF5FB69BB1}: NameServer = 82.208.208.10 213.246.55.5 O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccess.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

Profil

bobby Poslao: 15 Mar 2007 12:35 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav Vidim da imas dva Internet naloga. Kada se prikljucis preko onog kojeg si juce koristio onda je DNS u redu. Kada se prikljucis preko ovog sa kojim si napravio zadnji log, tu ima problema. Skeniraj ponovo HJT-om i stikliraj polje ispred sledece linije: O17 - HKLM\System\CCS\Services\Tcpip\..\{77930581-C0D7-454A-8055-4FBF5FB69BB1}: NameServer = 82.208.208.10 213.246.55.5 Klikni Fix Checked Nakon restarta napravi novi log. Ukoliko se opet pojavi brojka 213.246.55.5 onda imamo problem.

Profil

maha Poslao: 15 Mar 2007 14:28 Idi na vrh
offline maha Super građanin Pridružio: 06 Dec 2006 Poruke: 1152	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Juče sam koristio mrežu balkan(ci) a danas ITS koji obično i koristim (ponekad panline). Skenirao sam HJT-om i opet se pojavio isti problem. Evo log-a. Logfile of HijackThis v1.99.1 Scan saved at 14:27:41, on 15.3.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\CDBurnerXP\NMSAccess.exe C:\Program Files\Eset\nod32krn.exe C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe C:\WINDOWS\system32\UAService7.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\LClock\LClock.exe C:\Program Files\VisualTooltip\VisualToolTip.exe C:\Program Files\Styler\Styler.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\system32\ctfmon.exe D:\Super Utilities\SuperUtil.exe D:\Super Utilities\SuperUtil.exe C:\Program Files\Ectosoft\Smart Wallpaper Lite\smartwallpaper.exe C:\Program Files\Free Download Manager\fdm.exe C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe C:\DOCUME~1\-\LOCALS~1\Temp\{30A4B4A2-4EF4-4C21-97F5-5D84261DFB58}\Blaero Start Orb.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe D:\Programs from MyCity for Viruses\Hijack This\airmj.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe O4 - HKLM\..\Run: [Vista Sidebar] C:\Program Files\Vista Sidebar\sidebar.exe O4 - HKLM\..\Run: [VisualTooltip] C:\Program Files\VisualTooltip\VisualToolTip.exe O4 - HKLM\..\Run: [Blaero Start Orb] C:\Program Files\Blaero Start Orb\Blaero Start Orb.exe O4 - HKLM\..\Run: [Styler] C:\Program Files\Styler\Styler.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Super Utilities] D:\Super Utilities\SuperUtil.exe /min O4 - HKCU\..\Run: [smartwallpaper] C:\Program Files\Ectosoft\Smart Wallpaper Lite\smartwallpaper.exe O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{77930581-C0D7-454A-8055-4FBF5FB69BB1}: NameServer = 82.208.208.10 213.246.55.5 O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccess.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\outpost.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

Profil

bobby Poslao: 15 Mar 2007 15:19 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pusti ponovo FixWareout da odradi svoje. On je namenjen ovakvim stvarima. Pogledaj da li ce on uspeti da sredi ovo.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Šta dalje??

Ko je trenutno na forumu

Ukupno su 748 korisnika na forumu :: 10 registrovanih, 3 sakrivenih i 735 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Bojan5150, brundo65, dragoljub11987, ILGromovnik, Krvava Devetka, Kubovac, radionica1, saputnik plavetnila, Stoilkovic, wizzardone

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by