MyCity » Ambulanta -> Arhiva Ambulante » msn salje sam poruke ?

msn salje sam poruke ?

Napisano na dan: 17.6.2008

Strana:
1
2
3

msn salje sam poruke ?

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

seductress Poslao: 18 Jun 2008 23:03 Idi na vrh
offline seductress Novi MyCity građanin Pridružio: 10 Jan 2008 Poruke: 24 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-06-16.5 - jelena 2008-06-18 22:47:15.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.135 [GMT 2:00] Running from: C:\Documents and Settings\jelena\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\jelena\Desktop\CFScript.txt WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: C:\WINDOWS\livemsngs.exe C:\WINDOWS\system32\kbdcy.dll . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\All Users\Application Data\Drv Audio Dog About C:\Documents and Settings\All Users\Application Data\Drv Audio Dog About\Bits bat.exe C:\Documents and Settings\jelena\Application Data\Stop Atom C:\Documents and Settings\jelena\Application Data\Stop Atom\0 C:\Documents and Settings\jelena\Application Data\Stop Atom\Four size iso bird.exe C:\Documents and Settings\jelena\Application Data\Stop Atom\Move book.exe C:\Documents and Settings\jelena\Application Data\Stop Atom\mquydzak.exe C:\Documents and Settings\jelena\Application Data\Stop Atom\sistdiqh.exe C:\Documents and Settings\jelena\Application Data\Stop Atom\vznchutp.exe C:\WINDOWS\livemsngs.exe C:\WINDOWS\system32\kbdcy.dll . ((((((((((((((((((((((((( Files Created from 2008-05-18 to 2008-06-18 ))))))))))))))))))))))))))))))) . 2008-06-17 22:11 . 2008-06-17 22:11 <DIR> d-------- C:\deljob 2008-06-17 21:25 . 2008-06-17 21:25 <DIR> d-------- C:\WINDOWS\system32\xircom 2008-06-17 21:25 . 2008-06-17 21:25 <DIR> d-------- C:\WINDOWS\system32\restore 2008-06-17 21:25 . 2008-06-17 21:25 <DIR> d-------- C:\WINDOWS\srchasst 2008-06-17 21:25 . 2008-06-17 21:25 <DIR> d-------- C:\Program Files\microsoft frontpage 2008-06-17 18:52 . 2008-06-17 18:52 <DIR> d-------- C:\Program Files\Real 2008-06-12 23:43 . 2008-06-13 20:14 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-06-12 23:43 . 2008-06-12 23:43 1,409 --a------ C:\WINDOWS\QTFont.for 2008-06-11 14:59 . 2008-04-14 13:01 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys 2008-06-11 14:59 . 2008-04-14 13:01 272,128 --------- C:\WINDOWS\system32\DllCache\bthport.sys 2008-05-27 19:53 . 2008-05-27 19:53 <DIR> d-------- C:\Program Files\Stop Atom 2008-05-27 19:51 . 2008-05-27 19:55 <DIR> d-------- C:\Program Files\LimeWire 2008-05-27 19:51 . 2008-05-27 20:01 <DIR> d-------- C:\Documents and Settings\jelena\Application Data\LimeWire 2008-05-24 23:09 . 2008-05-24 23:09 <DIR> d-------- C:\Program Files\Octoshape Streaming Services 2008-05-20 23:48 . 2008-06-15 17:38 <DIR> d-------- C:\Documents and Settings\jelena\Application Data\BearShare 2008-05-20 23:48 . 2007-11-22 16:00 483,328 --a------ C:\WINDOWS\system32\actskn45.ocx 2008-05-20 23:47 . 2008-05-20 23:48 <DIR> d-------- C:\Program Files\BearShare Applications . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-18 19:03 --------- d-----w C:\Documents and Settings\jelena\Application Data\OpenOffice.org2 2008-06-17 17:01 --------- d-----w C:\Program Files\MSN Messenger 2008-06-17 17:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-06-10 20:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-06-02 16:01 --------- d-----w C:\Program Files\Java 2008-05-30 15:43 --------- d-----w C:\Documents and Settings\jelena\Application Data\Ahead 2008-05-27 18:00 --------- d-----w C:\Program Files\Internet Download Manager 2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys 2008-05-07 21:16 --------- d-----w C:\Program Files\Windows Media Connect 2 2008-05-05 13:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Bluetooth 2004-08-18 14:00 114,688 --sha-r C:\WINDOWS\system32\ajoy.dll . ------- Sigcheck ------- 2006-08-25 16:19 502272 6225f14b8ce08ccba8b25ad27843c674 C:\WINDOWS\system32\winlogon.exe . ((((((((((((((((((((((((((((( snapshot@2008-06-17_21.22.56.42 ))))))))))))))))))))))))))))))))))))))))) . - 2008-06-17 17:05:00 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-06-18 20:50:23 2,048 --s-a-w C:\WINDOWS\bootstat.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "npad_ql"="C:\WINDOWS\system32\Npad.exe" [ ] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 13:35 90112] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-10-09 12:28 139264] "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184] "IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2008-02-25 14:07 243072] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 23:18 443968] "ForKnob"="C:\DOCUME~1\jelena\APPLIC~1\STOPAT~1\Move book.exe" [ ] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:56 15360] "Octoshape Streaming Services"="C:\Program Files\Octoshape Streaming Services\jelena\OctoshapeClient.exe" [2006-02-13 18:33 214648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LClock"="C:\Program Files\LClock\LClock.exe" [2004-09-19 13:27 65536] "Vistadrv"="C:\WINDOWS\system32\vsdrv.exe" [2006-07-30 04:37 121089] "Device Detector"="DevDetect.exe" [] "HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2006-10-14 11:37 110592] "RTHDCPL"="RTHDCPL.EXE" [2006-10-30 13:49 16269312 C:\WINDOWS\RTHDCPL.EXE] "SkyTel"="SkyTel.EXE" [2006-05-16 12:04 2879488 C:\WINDOWS\SkyTel.exe] "SMSERIAL"="C:\WINDOWS\sm56hlpr.exe" [2006-03-21 16:54 544768] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 14:02 786521] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 17:40 155648] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "dog about manager team"="C:\Documents and Settings\All Users\Application Data\Drv Audio Dog About\Bits bat.exe" [ ] "Windows MSN Live Messanger"="livemsngs.exe" [] C:\Documents and Settings\jelena\Start Menu\Programs\Startup\ CCC.lnk - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-09-29 10:57:36 49152] OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 23:57:56 393216] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "NoResolveTrack"= 1 (0x1) "NoResolveSearch"= 1 (0x1) "NoSMMyDocs"= 1 (0x1) "NoSMMyPictures"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "NoResolveTrack"= 1 (0x1) "NoResolveSearch"= 1 (0x1) "NoSMMyDocs"= 1 (0x1) "NoSMMyPictures"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] avldr.dll 2007-02-15 21:02 50736 C:\WINDOWS\system32\avldr.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.X264"= x264vfw.dll "VIDC.FFDS"= C:\PROGRA~1\COMBIN~1\Filters\ff_vfw.dll "VIDC.wmv3"= C:\PROGRA~1\COMBIN~1\Filters\wmv9vcm.dll "VIDC.ACDV"= ACDV.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"= "C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"= "C:\\Program Files\\Octoshape Streaming Services\\jelena\\OctoshapeClient.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= R1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys [2008-03-09 22:47] R2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys [2008-03-09 22:47] R3 AtcL002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\atl02_xp.sys [2006-08-14 05:40] R3 RTSTOR;USB Mass Stroage Device;C:\WINDOWS\system32\drivers\RTSTOR.SYS [2006-06-10 01:07] R3 SynMini;USB2.0 1.3M WebCam;C:\WINDOWS\system32\Drivers\SynMini.sys [2006-08-09 08:15] R3 SynScan;USB2.0 1.3M WebCam Still Image;C:\WINDOWS\system32\Drivers\SynScan.sys [2006-08-09 08:15] S3 ss_bus;Samsung Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-01-24 16:38] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-01-24 16:38] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-01-24 16:38] [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static] msiexec /fums {857D4360-762B-978B-76AD-491AA719E47A} /qb . Contents of the 'Scheduled Tasks' folder "2008-06-18 20:00:01 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-06-18 22:50:41 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\ati2evxx.exe C:\Program Files\Panda Security\Panda Antivirus 2008\PAVSRV51.EXE C:\Program Files\Panda Security\Panda Antivirus 2008\AVENGINE.EXE C:\WINDOWS\system32\ati2evxx.exe C:\Program Files\Panda Security\Panda Antivirus 2008\PsCtrlS.exe C:\Program Files\Common Files\Panda Software\PavShld\PavPrSrv.exe C:\Program Files\Panda Security\Panda Antivirus 2008\PsImSvc.exe C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Program Files\Panda Security\Panda Antivirus 2008\ApVxdWin.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.bin C:\Program Files\IncrediMail\bin\ImApp.exe C:\Program Files\Panda Security\Panda Antivirus 2008\WebProxy.exe . ************************************************************************ . Completion time: 2008-06-18 22:57:24 - machine was rebooted ComboFix-quarantined-files.txt 2008-06-18 20:57:10 ComboFix2.txt 2008-06-17 19:23:15 Pre-Run: 20,048,384,000 bytes free Post-Run: 20,042,371,072 bytes free 180 --- E O F --- 2008-06-12 20:46:43

Profil

Blue Poslao: 19 Jun 2008 22:20 Idi na vrh
offline Blue Elitni građanin Pridružio: 06 Avg 2003 Poruke: 2214	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! mozda instalira neki antispyware i odmah krene sa ciscenjem polako ,....

Profil

bobby Poslao: 19 Jun 2008 23:22 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jedna od infekcija pocinje instalacijom programa Lime Wire i Internet Download Manager, sto me dovodi do zakljucka da su skinute verzije pune adwarea. Javljaju li se jos uvek oni simptomi sa MSN messengerom? Javite mi to, pa da pocistimo ostatke i da deinstaliramo ComboFix.

Profil

Blue Poslao: 20 Jun 2008 07:11 Idi na vrh
offline Blue Elitni građanin Pridružio: 06 Avg 2003 Poruke: 2214	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! msn je u redu,ne salje vise nista

Profil

bobby Poslao: 20 Jun 2008 17:53 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: C:\WINDOWS\system32\actskn45.ocx Folder:: C:\Program Files\Stop Atom Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "npad_ql"=- "ForKnob"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "dog about manager team"=-` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja. Nakon ovog postupka sledeci programi ce mozda prestati sa radom: BearShare LimeWire Oba ta programa su na sistem instalirala adware koji smo mi upravo uklonili. Preporucujem deinstalaciju ova dva programa i da sledeci put pazite koje programe instalirate.

Profil

seductress Poslao: 20 Jun 2008 19:28 Idi na vrh
offline seductress Novi MyCity građanin Pridružio: 10 Jan 2008 Poruke: 24 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-06-16.5 - jelena 2008-06-20 19:06:39.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.124 [GMT 2:00] Running from: C:\Documents and Settings\jelena\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\jelena\Desktop\CFScript.txt WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: C:\WINDOWS\system32\actskn45.ocx . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\Stop Atom C:\WINDOWS\system32\actskn45.ocx . ((((((((((((((((((((((((( Files Created from 2008-05-20 to 2008-06-20 ))))))))))))))))))))))))))))))) . 2008-06-19 14:54 . 2004-08-18 16:00 114,688 -rahs---- C:\WINDOWS\system32\wmiwrop.dll 2008-06-17 22:11 . 2008-06-17 22:11 <DIR> d-------- C:\deljob 2008-06-17 21:25 . 2008-06-17 21:25 <DIR> d-------- C:\WINDOWS\system32\xircom 2008-06-17 21:25 . 2008-06-17 21:25 <DIR> d-------- C:\WINDOWS\system32\restore 2008-06-17 21:25 . 2008-06-17 21:25 <DIR> d-------- C:\WINDOWS\srchasst 2008-06-17 21:25 . 2008-06-17 21:25 <DIR> d-------- C:\Program Files\microsoft frontpage 2008-06-17 18:52 . 2008-06-17 18:52 <DIR> d-------- C:\Program Files\Real 2008-06-12 23:43 . 2008-06-13 20:14 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-06-12 23:43 . 2008-06-12 23:43 1,409 --a------ C:\WINDOWS\QTFont.for 2008-06-11 14:59 . 2008-04-14 13:01 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys 2008-06-11 14:59 . 2008-04-14 13:01 272,128 --------- C:\WINDOWS\system32\DllCache\bthport.sys 2008-05-27 19:51 . 2008-05-27 19:55 <DIR> d-------- C:\Program Files\LimeWire 2008-05-27 19:51 . 2008-05-27 20:01 <DIR> d-------- C:\Documents and Settings\jelena\Application Data\LimeWire 2008-05-24 23:09 . 2008-05-24 23:09 <DIR> d-------- C:\Program Files\Octoshape Streaming Services 2008-05-20 23:48 . 2008-06-15 17:38 <DIR> d-------- C:\Documents and Settings\jelena\Application Data\BearShare 2008-05-20 23:47 . 2008-05-20 23:48 <DIR> d-------- C:\Program Files\BearShare Applications . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-20 14:08 --------- d-----w C:\Documents and Settings\jelena\Application Data\OpenOffice.org2 2008-06-17 17:01 --------- d-----w C:\Program Files\MSN Messenger 2008-06-17 17:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-06-10 20:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-06-02 16:01 --------- d-----w C:\Program Files\Java 2008-05-30 15:43 --------- d-----w C:\Documents and Settings\jelena\Application Data\Ahead 2008-05-27 18:00 --------- d-----w C:\Program Files\Internet Download Manager 2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys 2008-05-08 12:28 202,752 ------w C:\WINDOWS\system32\DllCache\rmcast.sys 2008-05-07 21:16 --------- d-----w C:\Program Files\Windows Media Connect 2 2008-05-07 04:55 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll 2008-05-07 04:55 1,288,192 ------w C:\WINDOWS\system32\DllCache\quartz.dll 2008-05-05 13:43 --------- d-----w C:\Documents and Settings\All Users\Application Data\Bluetooth 2008-04-17 10:46 18,432 ------w C:\WINDOWS\system32\DllCache\iedw.exe 2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll 2008-03-27 08:12 151,583 ------w C:\WINDOWS\system32\DllCache\msjint40.dll 2004-08-18 14:00 114,688 --sha-r C:\WINDOWS\system32\ajoy.dll 2004-08-18 14:00 114,688 --sha-r C:\WINDOWS\system32\wmiwrop.dll . ------- Sigcheck ------- 2006-08-25 16:19 502272 6225f14b8ce08ccba8b25ad27843c674 C:\WINDOWS\system32\winlogon.exe . ((((((((((((((((((((((((((((( snapshot@2008-06-17_21.22.56.42 ))))))))))))))))))))))))))))))))))))))))) . - 2008-06-17 17:05:00 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-06-20 14:07:04 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2003-06-20 12:00:00 180,224 ----a-w C:\WINDOWS\system32\nqlsapi.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 13:35 90112] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-10-09 12:28 139264] "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184] "IncrediMail"="C:\Program Files\IncrediMail\bin\IncMail.exe" [2008-02-25 14:07 243072] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 23:18 443968] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:56 15360] "Octoshape Streaming Services"="C:\Program Files\Octoshape Streaming Services\jelena\OctoshapeClient.exe" [2006-02-13 18:33 214648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LClock"="C:\Program Files\LClock\LClock.exe" [2004-09-19 13:27 65536] "Vistadrv"="C:\WINDOWS\system32\vsdrv.exe" [2006-07-30 04:37 121089] "Device Detector"="DevDetect.exe" [] "HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2006-10-14 11:37 110592] "RTHDCPL"="RTHDCPL.EXE" [2006-10-30 13:49 16269312 C:\WINDOWS\RTHDCPL.EXE] "SkyTel"="SkyTel.EXE" [2006-05-16 12:04 2879488 C:\WINDOWS\SkyTel.exe] "SMSERIAL"="C:\WINDOWS\sm56hlpr.exe" [2006-03-21 16:54 544768] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 14:02 786521] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 17:40 155648] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "Windows MSN Live Messanger"="livemsngs.exe" [] C:\Documents and Settings\jelena\Start Menu\Programs\Startup\ CCC.lnk - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [2006-09-29 10:57:36 49152] OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 23:57:56 393216] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "NoResolveTrack"= 1 (0x1) "NoResolveSearch"= 1 (0x1) "NoSMMyDocs"= 1 (0x1) "NoSMMyPictures"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSMHelp"= 1 (0x1) "NoResolveTrack"= 1 (0x1) "NoResolveSearch"= 1 (0x1) "NoSMMyDocs"= 1 (0x1) "NoSMMyPictures"= 1 (0x1) "NoSMConfigurePrograms"= 1 (0x1) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "UpdateCheck"= {0216364A-188A-4D2F-B5EE-32DDBCE2BF00} - C:\WINDOWS\system32\nqlsapi.dll [2003-06-20 14:00 180224] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] avldr.dll 2007-02-15 21:02 50736 C:\WINDOWS\system32\avldr.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.X264"= x264vfw.dll "VIDC.FFDS"= C:\PROGRA~1\COMBIN~1\Filters\ff_vfw.dll "VIDC.wmv3"= C:\PROGRA~1\COMBIN~1\Filters\wmv9vcm.dll "VIDC.ACDV"= ACDV.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"= "C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"= "C:\\Program Files\\Octoshape Streaming Services\\jelena\\OctoshapeClient.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= R1 ShldDrv;Panda File Shield Driver;C:\WINDOWS\system32\DRIVERS\ShlDrv51.sys [2008-03-09 22:47] R2 PavProc;Panda Process Protection Driver;C:\WINDOWS\system32\DRIVERS\PavProc.sys [2008-03-09 22:47] R3 AtcL002;NDIS Miniport Driver for Attansic L2 Fast Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\atl02_xp.sys [2006-08-14 05:40] R3 RTSTOR;USB Mass Stroage Device;C:\WINDOWS\system32\drivers\RTSTOR.SYS [2006-06-10 01:07] R3 SynMini;USB2.0 1.3M WebCam;C:\WINDOWS\system32\Drivers\SynMini.sys [2006-08-09 08:15] R3 SynScan;USB2.0 1.3M WebCam Still Image;C:\WINDOWS\system32\Drivers\SynScan.sys [2006-08-09 08:15] S3 ss_bus;Samsung Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-01-24 16:38] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-01-24 16:38] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-01-24 16:38] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{85b83b2c-e861-11dc-a9e0-001d6015f2c4}] \Shell\AutoRun\command - G:\ \Shell\open\Command - rundll32.exe .\\mqlugmgr.dll,InstallM Newly Created Service - CATCHME [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static] msiexec /fums {857D4360-762B-978B-76AD-491AA719E47A} /qb . Contents of the 'Scheduled Tasks' folder "2008-06-20 17:00:01 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-06-20 19:08:22 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-06-20 19:09:49 ComboFix-quarantined-files.txt 2008-06-20 17:09:45 ComboFix2.txt 2008-06-18 20:57:25 ComboFix3.txt 2008-06-17 19:23:15 Pre-Run: 20,052,291,584 bytes free Post-Run: 20,048,130,048 bytes free 160 --- E O F --- 2008-06-12 20:46:43

Profil

bobby Poslao: 20 Jun 2008 19:37 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Fino, dok mi resavamo jednu infekciju vi ste uspeli da nabacite novu Elem, sada imamo i crva koji se siri putem USB stickova. Da li ste pozajmljivali neke USB stickove, MP3 plejere ili ste prikljucivali mobilne telefone na ovaj komp u vremenu od prethodnog do ovog zadnjeg loga?

Profil

seductress Poslao: 20 Jun 2008 19:44 Idi na vrh
offline seductress Novi MyCity građanin Pridružio: 10 Jan 2008 Poruke: 24 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! sve! ..........

Profil

bobby Poslao: 20 Jun 2008 20:00 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Dajte mi i nov HijackThis log, pa da krenem od pocetka...

Profil

seductress Poslao: 20 Jun 2008 20:42 Idi na vrh
offline seductress Novi MyCity građanin Pridružio: 10 Jan 2008 Poruke: 24 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of HijackThis v1.99.1 Scan saved at 8:41:27 PM, on 6/20/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Antivirus 2008\pavsrv51.exe C:\Program Files\Panda Security\Panda Antivirus 2008\AVENGINE.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Panda Security\Panda Antivirus 2008\PsCtrls.exe C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe C:\Program Files\Panda Security\Panda Antivirus 2008\PsImSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Security\Panda Antivirus 2008\ApvxdWin.exe C:\Program Files\LClock\LClock.exe C:\WINDOWS\ATK0100\HControl.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\sm56hlpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Octoshape Streaming Services\jelena\OctoshapeClient.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN C:\Program Files\IncrediMail\bin\ImApp.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Panda Security\Panda Antivirus 2008\WebProxy.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\jelena\Desktop\hijack this\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = runonce.msn.com/?v=msgrv75 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\IDM\QUICKF~1\PlugIns\IEHelp.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\system32\vsdrv.exe O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [Windows MSN Live Messanger] livemsngs.exe O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Program Files\Octoshape Streaming Services\jelena\OctoshapeClient.exe" -inv:bootrun O4 - Startup: CCC.lnk = ? O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\Utilities\ieSpell\iespell.dll/SPELLOPTION.HTM O8 - Extra context menu item: &Lookup Meaning - res://C:\Program Files\Utilities\ieSpell\iespell.dll/LOOKUPMEANING.HTM O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\Utilities\ieSpell\iespell.dll/SPELLCHECK.HTM O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\Utilities\ieSpell\iespell.dll O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\Utilities\ieSpell\iespell.dll O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\Utilities\ieSpell\iespell.dll O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\Utilities\ieSpell\iespell.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O21 - SSODL: UpdateCheck - {0216364A-188A-4D2F-B5EE-32DDBCE2BF00} - C:\WINDOWS\system32\nqlsapi.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\PsCtrls.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\pavsrv51.exe O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Antivirus 2008\PsImSvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)

Profil

MyCity » Ambulanta -> Arhiva Ambulante » msn salje sam poruke ?

Ko je trenutno na forumu

Ukupno su 1240 korisnika na forumu :: 63 registrovanih, 6 sakrivenih i 1171 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., airsuba, babaroga, bojcistv, Boris90, BSD, bufanje, cemix, cenejac111, CheefCoach, cinoeye, comi_pfc, CrazyDiablo, Dimitrise93, DonRumataEstorski, DPera, dule10savic, elenemste, flash12, Georgius, GORDI, gorican, goxin, ikan, Još malo pa deda, Klecaviks, Kubovac, kuntalo, kybonacci, MB120mm, Metanoja, milenko crazy north, mkukoleca, moldway, muaddib, novator, nuke92, opt1, ozzy, Parker, repac, rovac, ruma, shaja1, Smiljke, Srky Boy, Srle993, StepskiVuk, Tas011, Tvrtko I, vasa.93, virked, Vlad000, vlad4, vobo, wizzardone, yrraf, YugoSlav, zillbg, Zimbabwe, |_MeD_|, 125

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by