MyCity » Ambulanta -> Arhiva Ambulante » StrasnoUsporenWin...

StrasnoUsporenWin...

Napisano na dan: 3.6.2007

Strana:
1
2
3

StrasnoUsporenWin...

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

MarioBB Poslao: 04 Jun 2007 22:40 Idi na vrh
offline MarioBB Građanin Pridružio: 27 Nov 2006 Poruke: 129 Gde živiš: Zrenjanin	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! no lop log: NoLop! Log by Skate_Punk_21 Fix running from: C:\Documents and Settings\-Mario-\Desktop [4.6.2007] [22:36:41] ---Infection Files Found/Removed--- C:\WINDOWS\tasks\AD90E59692D39D6A.job Beginning Removal... Rebooting... Removing Lop's Leftover Files/Folders... Editing Registry... Fix Complete! ---Listing AppData sub directories--- C:\Documents and Settings\-mario-\Application Data\Acd Systems C:\Documents and Settings\-mario-\Application Data\Acid 64 Live C:\Documents and Settings\-mario-\Application Data\Adobe C:\Documents and Settings\-mario-\Application Data\Adobeum -- EMPTY Directory C:\Documents and Settings\-mario-\Application Data\Ahead C:\Documents and Settings\-mario-\Application Data\Apple Computer C:\Documents and Settings\-mario-\Application Data\Autopoweron C:\Documents and Settings\-mario-\Application Data\Farstone C:\Documents and Settings\-mario-\Application Data\Google C:\Documents and Settings\-mario-\Application Data\Identities C:\Documents and Settings\-mario-\Application Data\Imvu C:\Documents and Settings\-mario-\Application Data\Lavasoft C:\Documents and Settings\-mario-\Application Data\Limewire C:\Documents and Settings\-mario-\Application Data\Locktime C:\Documents and Settings\-mario-\Application Data\Macromedia C:\Documents and Settings\-mario-\Application Data\Mailfrontier C:\Documents and Settings\-mario-\Application Data\Metacafe C:\Documents and Settings\-mario-\Application Data\Microsoft C:\Documents and Settings\-mario-\Application Data\Mozilla C:\Documents and Settings\-mario-\Application Data\Opera C:\Documents and Settings\-mario-\Application Data\Orbit C:\Documents and Settings\-mario-\Application Data\Pop Peeper C:\Documents and Settings\-mario-\Application Data\Publish Providers -- EMPTY Directory C:\Documents and Settings\-mario-\Application Data\Real C:\Documents and Settings\-mario-\Application Data\Skype C:\Documents and Settings\-mario-\Application Data\Sony C:\Documents and Settings\-mario-\Application Data\Trojanhunter C:\Documents and Settings\-mario-\Application Data\Tuneup Software C:\Documents and Settings\All Users\Application Data\Acd Systems C:\Documents and Settings\All Users\Application Data\Adobe C:\Documents and Settings\All Users\Application Data\Apple Computer C:\Documents and Settings\All Users\Application Data\Funk Bat Data Nurb C:\Documents and Settings\All Users\Application Data\Google C:\Documents and Settings\All Users\Application Data\Locktime C:\Documents and Settings\All Users\Application Data\Macrovision C:\Documents and Settings\All Users\Application Data\Messenger Plus! -- EMPTY Directory C:\Documents and Settings\All Users\Application Data\Metacafe C:\Documents and Settings\All Users\Application Data\Microsoft C:\Documents and Settings\All Users\Application Data\Nview_profiles -- EMPTY Directory C:\Documents and Settings\All Users\Application Data\Skype C:\Documents and Settings\All Users\Application Data\Temp -- EMPTY Directory C:\Documents and Settings\All Users\Application Data\Tuneup Software C:\Documents and Settings\Default User\Application Data\Microsoft C:\Documents and Settings\Localservice\Application Data\Microsoft C:\Documents and Settings\Maki\Application Data\Opera C:\Documents and Settings\Networkservice\Application Data\Microsoft C:\Documents and Settings\Nevenka\Application Data\Acd Systems C:\Documents and Settings\Nevenka\Application Data\Adobe C:\Documents and Settings\Nevenka\Application Data\Divx C:\Documents and Settings\Nevenka\Application Data\Google C:\Documents and Settings\Nevenka\Application Data\Identities C:\Documents and Settings\Nevenka\Application Data\Locktime C:\Documents and Settings\Nevenka\Application Data\Mailfrontier C:\Documents and Settings\Nevenka\Application Data\Microsoft C:\Documents and Settings\Nevenka\Application Data\Mozilla C:\Documents and Settings\Nevenka\Application Data\Opera C:\Documents and Settings\Nevenka\Application Data\Publish Providers -- EMPTY Directory C:\Documents and Settings\Nevenka\Application Data\Real C:\Documents and Settings\Nevenka\Application Data\Skype -- EMPTY Directory C:\Documents and Settings\Nevenka\Application Data\Sony C:\Documents and Settings\Nevenka\Application Data\Sun novi hijack log: Logfile of HijackThis v1.99.1 Scan saved at 22:43:53, on 4.6.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\NetLimiter 2 Monitor\NLClient.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\DAEMON Tools\daemon.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\CursorXP\CursorXP.exe C:\PROGRA~1\Ashampoo\ASHAMP~1\UnInstaller Suite\UIWatcher.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\MSI\Common\RaUI.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Opera\Opera.exe C:\Documents and Settings\-Mario-\Desktop\t3.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file) O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP.exe" -s O4 - HKCU\..\Run: [UIWatcher] C:\PROGRA~1\Ashampoo\ASHAMP~1\UnInstaller Suite\UIWatcher.exe O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - Global Startup: MSI Wireless Utility.lnk = C:\Program Files\MSI\Common\RaUI.exe O4 - Global Startup: NoLop.exe O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: Download using LeechGet - file://C:\Program Files\LeechGet 2006\\AddUrl.html O8 - Extra context menu item: Download using LeechGet Wizard - file://C:\Program Files\LeechGet 2006\\Wizard.html O8 - Extra context menu item: Iz&vezi u Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Parse with LeechGet - file://C:\Program Files\LeechGet 2006\\Parser.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Istraživanje - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\-Mario-\Start Menu\Programs\IMVU\Run IMVU.lnk O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{5C82CBA0-3E06-41CC-96FF-5EA9E2B1A78F}: NameServer = 195.252.109.4 194.106.163.3 O17 - HKLM\System\CS1\Services\Tcpip\..\{5C82CBA0-3E06-41CC-96FF-5EA9E2B1A78F}: NameServer = 195.252.109.4 194.106.163.3 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Profil

DEMIAN Poslao: 04 Jun 2007 23:42 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Sacuvaj [url=https://www.mycity.rs/must-login.png fajl[/url] na desktop-u i pokreni ga. Iskopiraces mi sadrzaj fajla po imenu folder_list.txt u sledeci post. Zatim pokreni HijackThis pronadji ovu liniju ispod i kada je budes stiklirao klikni na "Fix checked". O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file) Restartuj racunar. Postavi mi ono prvo sto sam trazio od tebe i svez HijackThis log.

Profil

MarioBB Poslao: 05 Jun 2007 00:04 Idi na vrh
offline MarioBB Građanin Pridružio: 27 Nov 2006 Poruke: 129 Gde živiš: Zrenjanin	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jos jedna stvar na c particiji mi je ostalo nolopbackups i u njemu je fajl pod exstenzijom "infected file",da li da obrisem to...?? folder list: Volume in drive C has no label. Volume Serial Number is 48CF-A55B Directory of C:\Documents and Settings\All Users\Application Data\Funk Bat Data Nurb 03.06.2007 13:10 <DIR> . 03.06.2007 13:10 <DIR> .. 03.06.2007 13:10 554.496 GreyLies.exe 1 File(s) 554.496 bytes 2 Dir(s) 1.316.614.144 bytes free novi log: Logfile of HijackThis v1.99.1 Scan saved at 0:03:45, on 5.6.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\DAEMON Tools\daemon.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\CursorXP\CursorXP.exe C:\PROGRA~1\Ashampoo\ASHAMP~1\UnInstaller Suite\UIWatcher.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\MSI\Common\RaUI.exe C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\NetLimiter 2 Monitor\NLClient.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\-Mario-\Desktop\t3.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP.exe" -s O4 - HKCU\..\Run: [UIWatcher] C:\PROGRA~1\Ashampoo\ASHAMP~1\UnInstaller Suite\UIWatcher.exe O4 - Global Startup: MSI Wireless Utility.lnk = C:\Program Files\MSI\Common\RaUI.exe O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: Download using LeechGet - file://C:\Program Files\LeechGet 2006\\AddUrl.html O8 - Extra context menu item: Download using LeechGet Wizard - file://C:\Program Files\LeechGet 2006\\Wizard.html O8 - Extra context menu item: Iz&vezi u Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Parse with LeechGet - file://C:\Program Files\LeechGet 2006\\Parser.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Istraživanje - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\-Mario-\Start Menu\Programs\IMVU\Run IMVU.lnk O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Profil

DEMIAN Poslao: 05 Jun 2007 00:22 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Taj bekap brisi slobodno a kompletan folder "C:\Documents and Settings\All Users\Application Data\Funk Bat Data Nurb" salji na upload. Log izgleda cisto ali ovaj folder i njegov sadrzaj mi je bas sumnjiv. Daj to da proverim. Zipuj/raruj i salji preko onog linka za upload.

Profil

MarioBB Poslao: 05 Jun 2007 00:31 Idi na vrh
offline MarioBB Građanin Pridružio: 27 Nov 2006 Poruke: 129 Gde živiš: Zrenjanin	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo uploadovao sam ti taj folder...Pa,ocigledno i jeste cist kada mi vise ne zapucava do sada bi vec provereno zapucao i vec bih ga min 5x restartovao...Ja odoh na spavanje a ti proveri taj folder...Navraticu sutra da vidim sta je...I,hvala ti..pozz

Profil

DEMIAN Poslao: 05 Jun 2007 00:36 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Svi fajlovi koje si upload-ovao su ti maliciozni. Posle ciscenja programom No Lop potrebno je da ih obrises zajedno sa folderima u kojima se nalaze jer ako to ne uradis postoji verovatnoca da ti se infekcija povrati. Znaci brises kompletno: C:\Documents and Settings\-mario-\Application Data\Acid 64 Live C:\Documents and Settings\All Users\Application Data\Funk Bat Data Nurb Takodje bih ti predlozio da preskeniras racunar online preko ovog linka: http://www.bitdefender.com/scan8/ie.html Za to ti treba Internet Explorer sa ukljucenim Active X kontrolama. Dopuna: 05 Jun 2007 0:36 Pisali smo u isto vreme.

Profil

MarioBB Poslao: 05 Jun 2007 23:26 Idi na vrh
offline MarioBB Građanin Pridružio: 27 Nov 2006 Poruke: 129 Gde živiš: Zrenjanin	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pa,valjda se nece vratiti...A,ne kontam ni sta je konkretno bilo u pitanju?? Foldere sam obrisao...A,komp sam preskenirao preko tog bit defender online scannera...Ali,prvi put kada sam ga skenirao nasao je oko 10 Trojanaca(Clicker,Obfus-ili tako nesto,i jedan Vb.AMD),ali je nestala struja...a sada kada sam ga skenirao nasao je samo onaj Trojan.VB.AMD,u jednom zapakovanom fajlu gde sam skidao acd9 ali ga je obrisao...a to je dobro...jel on sigurno poklao one prethodne,pisalo je da jeste(a pri drugom skenu niju nasao)...Uglavnom mashina lepo radi...Nema "abnormalnog usporavanja",a to je super...zahvaljujem se na trudu...pozz

Profil

DEMIAN Poslao: 06 Jun 2007 00:09 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovo prvo je bilo neka od varijanti zlob/swizzor trojana. Trojan downloader u svakom slucaju bas kao i taj Trojan.Win32.VB.amd drugi koji ti je detektovan u toj arhivi. Zbog toga sam ti rekao da postoji mogucnost da ti se infekcija povrati ako ne obrises one foldere posle No Lop-a. Mozda ti AV detektuje prisustvo malware-a u "System Volume Information"-u (windows bekap gde se skladiste informacije koje koristi System Restore) ali tu malware nije aktivan i opasan po sistem sem ako ga ne vratis kada vracas sistem na neko ranije vreme. Taj eventualni problem mozes to da sredis tako sto ces ih ili obrisati AV-om ili tako sto ces iskljuciti System Restore i restartovati racunar. Kada podignes windows ukljucis tu opciju i snimis novu tacku. Sto se brisanja ovih detektovanih malware-a uz pomoc BitDefender scan-a tice - prema onome sto citam pretpostavljam da ih je obrisao. Ipak nisam za tvojim kompom da bih to mogao da garantujem Sto se mene tice slobodno mozes da pustis jos jedan No Lop log da pogledam ima li nekog sumnjivog foldera. Video si sta smo radili. Mozes i ti da pogledas to isto. Ako ima neceg sto ti je nepoznato medju njima postuj slobodno. Moze i HJT log.

Profil

MarioBB Poslao: 06 Jun 2007 15:20 Idi na vrh
offline MarioBB Građanin Pridružio: 27 Nov 2006 Poruke: 129 Gde živiš: Zrenjanin	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo cisto predstroznosti radi...Posto sam stvarno mrzovoljan na te viruschije: HJT log: Logfile of HijackThis v1.99.1 Scan saved at 15:18:26, on 6.6.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\NetLimiter 2 Monitor\NLClient.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\DAEMON Tools\daemon.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\CursorXP\CursorXP.exe C:\PROGRA~1\Ashampoo\ASHAMP~1\UnInstaller Suite\UIWatcher.exe C:\Program Files\MSI\Common\RaUI.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\Program Files\Opera\Opera.exe C:\Documents and Settings\-Mario-\Desktop\t3.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP.exe" -s O4 - HKCU\..\Run: [UIWatcher] C:\PROGRA~1\Ashampoo\ASHAMP~1\UnInstaller Suite\UIWatcher.exe O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - Global Startup: MSI Wireless Utility.lnk = C:\Program Files\MSI\Common\RaUI.exe O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: Download using LeechGet - file://C:\Program Files\LeechGet 2006\\AddUrl.html O8 - Extra context menu item: Download using LeechGet Wizard - file://C:\Program Files\LeechGet 2006\\Wizard.html O8 - Extra context menu item: Iz&vezi u Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Parse with LeechGet - file://C:\Program Files\LeechGet 2006\\Parser.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Istraživanje - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\-Mario-\Start Menu\Programs\IMVU\Run IMVU.lnk O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - download.bitdefender.com/resources/scan8/oscan8.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5C82CBA0-3E06-41CC-96FF-5EA9E2B1A78F}: NameServer = 195.252.109.4 194.106.163.3 O17 - HKLM\System\CS1\Services\Tcpip\..\{5C82CBA0-3E06-41CC-96FF-5EA9E2B1A78F}: NameServer = 195.252.109.4 194.106.163.3 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Monitor\nlsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe NoLop log: NoLop! Log by Skate_Punk_21 Fix running from: C:\Documents and Settings\-Mario-\Desktop [6.6.2007] [15:19:06] ---Infection Files Found/Removed--- NO INFECTION FILES FOUND - Cleaning Aborted. ---Listing AppData sub directories--- C:\Documents and Settings\-mario-\Application Data\Acd Systems C:\Documents and Settings\-mario-\Application Data\Adobe C:\Documents and Settings\-mario-\Application Data\Adobeum -- EMPTY Directory C:\Documents and Settings\-mario-\Application Data\Ahead C:\Documents and Settings\-mario-\Application Data\Apple Computer C:\Documents and Settings\-mario-\Application Data\Autopoweron C:\Documents and Settings\-mario-\Application Data\Farstone C:\Documents and Settings\-mario-\Application Data\Google C:\Documents and Settings\-mario-\Application Data\Identities C:\Documents and Settings\-mario-\Application Data\Imvu C:\Documents and Settings\-mario-\Application Data\Lavasoft C:\Documents and Settings\-mario-\Application Data\Limewire C:\Documents and Settings\-mario-\Application Data\Locktime C:\Documents and Settings\-mario-\Application Data\Macromedia C:\Documents and Settings\-mario-\Application Data\Mailfrontier C:\Documents and Settings\-mario-\Application Data\Metacafe C:\Documents and Settings\-mario-\Application Data\Microsoft C:\Documents and Settings\-mario-\Application Data\Mozilla C:\Documents and Settings\-mario-\Application Data\Opera C:\Documents and Settings\-mario-\Application Data\Orbit C:\Documents and Settings\-mario-\Application Data\Pop Peeper C:\Documents and Settings\-mario-\Application Data\Publish Providers -- EMPTY Directory C:\Documents and Settings\-mario-\Application Data\Real C:\Documents and Settings\-mario-\Application Data\Skype C:\Documents and Settings\-mario-\Application Data\Sony C:\Documents and Settings\-mario-\Application Data\Trojanhunter C:\Documents and Settings\-mario-\Application Data\Tuneup Software C:\Documents and Settings\All Users\Application Data\Acd Systems C:\Documents and Settings\All Users\Application Data\Adobe C:\Documents and Settings\All Users\Application Data\Apple Computer C:\Documents and Settings\All Users\Application Data\Google C:\Documents and Settings\All Users\Application Data\Locktime C:\Documents and Settings\All Users\Application Data\Macrovision C:\Documents and Settings\All Users\Application Data\Metacafe C:\Documents and Settings\All Users\Application Data\Microsoft C:\Documents and Settings\All Users\Application Data\Nview_profiles -- EMPTY Directory C:\Documents and Settings\All Users\Application Data\Skype C:\Documents and Settings\All Users\Application Data\Temp -- EMPTY Directory C:\Documents and Settings\All Users\Application Data\Tuneup Software C:\Documents and Settings\Default User\Application Data\Microsoft C:\Documents and Settings\Localservice\Application Data\Microsoft C:\Documents and Settings\Maki\Application Data\Opera C:\Documents and Settings\Networkservice\Application Data\Microsoft C:\Documents and Settings\Nevenka\Application Data\Acd Systems C:\Documents and Settings\Nevenka\Application Data\Adobe C:\Documents and Settings\Nevenka\Application Data\Divx C:\Documents and Settings\Nevenka\Application Data\Google C:\Documents and Settings\Nevenka\Application Data\Identities C:\Documents and Settings\Nevenka\Application Data\Locktime C:\Documents and Settings\Nevenka\Application Data\Mailfrontier C:\Documents and Settings\Nevenka\Application Data\Microsoft C:\Documents and Settings\Nevenka\Application Data\Mozilla C:\Documents and Settings\Nevenka\Application Data\Opera C:\Documents and Settings\Nevenka\Application Data\Publish Providers -- EMPTY Directory C:\Documents and Settings\Nevenka\Application Data\Real C:\Documents and Settings\Nevenka\Application Data\Skype -- EMPTY Directory C:\Documents and Settings\Nevenka\Application Data\Sony C:\Documents and Settings\Nevenka\Application Data\Sun

Profil

DEMIAN Poslao: 06 Jun 2007 15:52 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ajde samo pogledaj sta je ovo tacno: C:\Documents and Settings\-mario-\Application Data\Autopoweron Moze biti software za brzi Shutdown/Power racunara ili povezano sa PCTV karticom. Ostalo je ok.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » StrasnoUsporenWin...

Ko je trenutno na forumu

Ukupno su 994 korisnika na forumu :: 75 registrovanih, 11 sakrivenih i 908 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: _Rade, aljosa7, Apok, aramis s, arzak, Bobrock1, Boris BM, BraneS, BSD, Bubili, Bubimir, bufanje, cavatina, Chainsaw, chichabg, davison20, DeerHunter, Dejan84, Drazenbg, dule10savic, famoso, FOX, HDMI, Ilija Cvorovic, indja, ivan1973, Jovan Nenad, kalens021, Kanader, Kibice, krkalon, liman, ljuba, lord sir giga, Lucije Kvint, Mahovljani, Maschinekalibar, maskirovka, menges, Milan A. Nikolic, milan op1978, Mimikrija, mr.mudri, mushroom, nobutado, novator, nuke92, opt1, Oscar2, pceklic, pera12345, proleter373, pvoman, radoznao, raptorsi, Ray1973, RobinHood12, Rocker, royst33, S2M, Shinobi, Sirius, slonic_tonic, Srpska zauvjek, stegonosa, Stoorbak, TheBeastOfMG, tubular, tvlada, vobo, vukovi, W123, Wisdomseeker, zdrebac, zexoni

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by