MyCity » Ambulanta -> Arhiva Ambulante » pomoc!!!

pomoc!!!

Napisano na dan: 2.1.2009

Strana:
1
2
3

pomoc!!!

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

kravadinka Poslao: 02 Jan 2009 18:35 Idi na vrh
offline kravadinka Građanin Pridružio: 12 Nov 2007 Poruke: 64	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! imam problem sa virusima,pomozite

Profil

bobby Poslao: 02 Jan 2009 18:36 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nisi prvi put u Ambulanti, znas kako treba otvoriti temu.

Profil

kravadinka Poslao: 02 Jan 2009 19:01 Idi na vrh
offline kravadinka Građanin Pridružio: 12 Nov 2007 Poruke: 64	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! nalog nije moj, a ja sam prvi put tu sta treba da radim Dopuna: 02 Jan 2009 19:01 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 5:51:45 PM, on 1/2/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Digidesign\Drivers\MMERefresh.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\M-AudioTaskBarIcon.exe C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\services.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\windows\system32\osupd.exe C:\Program Files\Winamp Remote\bin\OrbTray.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE c:\program files\winamp toolbar\WinampTbServer.exe C:\WINDOWS\system32\svchost.exe C:\Documents and Settings\Bane\Desktop\New Folder\TR3.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\ntos.exe, O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [saap] c:\program files\search-assistant\saap.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\WINDOWS\System32\M-AudioTaskBarIcon.exe O4 - HKLM\..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [services] C:\WINDOWS\services.exe O4 - HKLM\..\Run: [UpdateWin] C:\WINDOWS\system32\adsmsextx.exe O4 - HKLM\..\RunServices: [UpdateWin] C:\WINDOWS\system32\adsmsextx.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [osupd.exe] c:\windows\system32\osupd.exe O4 - HKCU\..\Run: [filehippo.com] "C:\Program Files\filehippo.com\UpdateChecker.exe" /background O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background O4 - HKCU\..\Run: [UpdateWin] C:\WINDOWS\system32\adsmsextx.exe O4 - HKCU\..\RunServices: [UpdateWin] C:\WINDOWS\system32\adsmsextx.exe O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O22 - SharedTaskScheduler: IPC Configuration Utility - IPC Configuration Utility - (no file) O22 - SharedTaskScheduler: Windows Installer Class - {020487CC-FC04-4B1E-863F-D9801796230B} - C:\DOCUME~1\Bane\LOCALS~1\Temp\wndutl32.dll O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Drivers\MMERefresh.exe O23 - Service: digiSPTIService - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe O23 - Service: FCI - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\GEST\GSvr.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe -- End of file - 7459 bytes

Profil

bobby Poslao: 02 Jan 2009 19:03 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

kravadinka Poslao: 02 Jan 2009 19:26 Idi na vrh
offline kravadinka Građanin Pridružio: 12 Nov 2007 Poruke: 64	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-01-01.02 - Bane 2009-01-02 18:14:32.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3582.3394 [GMT -8:00] Running from: c:\documents and settings\Bane\Desktop\ComboFix.exe AV: Avira AntiVir PersonalEdition On-access scanning enabled (Outdated) * Created a new restore point . ADS - svchost.exe: deleted 25088 bytes in 1 streams. ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat c:\documents and settings\Bane\Application Data\~tmp.html c:\documents and settings\LocalService\Application Data\wsnpoem c:\documents and settings\LocalService\Application Data\wsnpoem\audio.dll c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013 c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\sys32.exe c:\windows\IE4 Error Log.txt c:\windows\services.exe c:\windows\system32\a.exe c:\windows\system32\lsprst7.dll c:\windows\system32\msvcsv60.dll c:\windows\system32\ntos.exe c:\windows\system32\ssprs.dll c:\windows\system32\wsnpoem c:\windows\system32\wsnpoem\audio.dll c:\windows\system32\wsnpoem\video.dll ----- BITS: Possible infected sites ----- hxxp://www.telexexchange.net . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_FCI -------\Service_FCI ((((((((((((((((((((((((( Files Created from 2008-12-03 to 2009-01-03 ))))))))))))))))))))))))))))))) . 2008-12-31 19:36 . 2008-12-31 19:36 40,960 -r-hs---- c:\windows\system32\adsmsextx.exe 2008-12-31 19:36 . 2008-12-31 19:36 109 --ahs---- c:\windows\system32\3901381251.dat 2008-12-28 23:06 . 2008-12-28 23:06 <DIR> d-------- c:\program files\Winamp Toolbar 2008-12-28 23:06 . 2008-12-28 23:06 <DIR> d-------- c:\program files\Winamp Remote 2008-12-28 23:06 . 2008-12-28 23:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\Winamp Toolbar 2008-12-28 23:06 . 2008-12-28 23:07 <DIR> d-------- c:\documents and settings\All Users\Application Data\OrbNetworks 2008-12-28 23:02 . 2007-03-07 15:51 129,784 --------- c:\windows\system32\pxafs.dll 2008-12-28 23:02 . 2007-03-07 15:51 9,464 --------- c:\windows\system32\drivers\cdralw2k.sys 2008-12-28 23:02 . 2007-03-07 15:51 9,336 --------- c:\windows\system32\drivers\cdr4_xp.sys 2008-12-28 22:18 . 2008-12-28 22:18 <DIR> d-------- c:\program files\filehippo.com 2008-12-27 17:24 . 2008-12-27 17:24 89,600 --a------ c:\documents and settings\Bane\S87ekhV.exe 2008-12-23 23:48 . 2008-12-23 23:48 <DIR> d-------- c:\program files\uTorrent 2008-12-23 23:48 . 2008-12-24 20:43 <DIR> d-------- c:\documents and settings\Bane\Application Data\uTorrent 2008-12-17 02:30 . 2008-12-17 02:30 71,168 --a------ c:\windows\system32\sbin.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-01 03:38 --------- d-----w c:\program files\Mv2Player 2008-12-29 07:35 --------- d-----w c:\program files\Winamp 2008-12-28 01:24 14,336 ----a-w c:\windows\system32\svchost.exe 2008-12-24 07:43 --------- d-----w c:\program files\Micro DVD Player 2008-12-20 03:23 --------- d-----w c:\documents and settings\Bane\Application Data\Digidesign 2008-12-20 03:22 --------- d-----w c:\documents and settings\Bane\Application Data\Waves Preferences 2008-12-20 03:22 --------- d-----w c:\documents and settings\Bane\Application Data\PACE Anti-Piracy 2008-12-20 03:22 --------- d-----w c:\documents and settings\All Users\Application Data\PACE Anti-Piracy 2008-11-28 04:07 --------- d-----w c:\documents and settings\Bane\Application Data\Waves 2008-11-28 04:00 --------- d-----w c:\program files\MusicLab 2008-11-28 03:58 --------- d-----w c:\program files\Waves 2008-11-24 17:31 --------- d-----w c:\program files\Common Files\Adobe AIR 2008-11-24 17:31 --------- d-----w c:\program files\Adobe Media Player 2008-11-24 17:12 --------- d-----w c:\program files\Google . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2008-07-16 1266992] [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2006-06-01 94208] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-27 68856] "osupd.exe"="c:\windows\system32\osupd.exe" [2004-08-03 29184] "filehippo.com"="c:\program files\filehippo.com\UpdateChecker.exe" [2008-10-22 147968] "Orb"="c:\program files\Winamp Remote\bin\OrbTray.exe" [2008-03-31 507904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-19 36864] "36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-08-29 1966080] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-08-31 249896] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2007-12-11 307200] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "M-Audio Taskbar Icon"="c:\windows\System32\M-AudioTaskBarIcon.exe" [2008-05-15 356864] "DigidesignMMERefresh"="c:\program files\Digidesign\Drivers\MMERefresh.exe" [2007-10-30 77824] "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232] "nwiz"="nwiz.exe" [2007-06-28 c:\windows\system32\nwiz.exe] "RTHDCPL"="RTHDCPL.EXE" [2007-09-19 c:\windows\RTHDCPL.exe] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"= 1 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"= 1 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.I420"= i263_32.drv "vidc.DIV3"= DivXc32.dll "vidc.DIV4"= DivXc32f.dll "msacm.divxa32"= divxa32.acm "vidc.3iv2"= 3ivxVfWCodec.dll "VIDC.HFYU"= huffyuv.dll "VIDC.i263"= i263_32.drv "msacm.imc"= imc32.acm "VIDC.VP31"= vp31vfw.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] UpdateWin REG_SZ c:\windows\system32\adsmsextx.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= R0 DigiFilter;DigiFilter;c:\windows\system32\drivers\DigiFilt.sys [2008-07-05 16384] R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\DRIVERS\cledx.sys [2008-05-07 33792] R3 MAUSBFTP;Service for M-Audio Fast Track Pro (WDM);c:\windows\system32\DRIVERS\mausb.sys [2008-07-10 143624] S3 ews88mt;EWS88 WDM Audio;c:\windows\system32\drivers\ews88wdm.sys [2007-03-14 95712] S3 GEST Service;GEST Service for program management.;"c:\program files\GIGABYTE\GEST\GSvr.exe" [2008-05-07 47624] S3 MAUSB;Service for M-Audio Fast Track Pro Driver (WDM);c:\windows\system32\DRIVERS\mausb.sys [2008-07-10 143624] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{71db6ca8-1c8c-11dd-b218-b232c4fe4cde}] \Shell\AutoRun\command - G:\u.bat \Shell\explore\Command - G:\u.bat \Shell\open\Command - G:\u.bat . Contents of the 'Scheduled Tasks' folder 2008-10-03 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 12:42] . - - - - ORPHANS REMOVED - - - - HKLM-Run-saap - c:\program files\search-assistant\saap.exe SharedTaskScheduler-IPC Configuration Utility - (no file) SharedTaskScheduler-{020487CC-FC04-4B1E-863F-D9801796230B} - c:\docume~1\Bane\LOCALS~1\Temp\wndutl32.dll . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie mDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://www.yahoo.com uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s mSearchAssistant = hxxp://www.google.com/ie IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-01-02 18:18:08 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... c:\windows\system32\BIT2.tmp 0 bytes scan completed successfully hidden files: 1 ********************************************************************** . ------------------------ Other Running Processes ------------------------ . c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe c:\windows\system32\nvsvc32.exe c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe c:\windows\system32\wdfmgr.exe c:\windows\system32\rundll32.exe . ************************************************************************ . Completion time: 2009-01-02 18:19:46 - machine was rebooted ComboFix-quarantined-files.txt 2009-01-03 02:19:44 Pre-Run: 2,223,972,352 bytes free Post-Run: 4,938,653,696 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /3GB /noexecute=optin /fastdetect 189

Profil

bobby Poslao: 02 Jan 2009 19:37 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: File:: c:\windows\system32\adsmsextx.exe c:\windows\system32\3901381251.dat c:\documents and settings\Bane\S87ekhV.exe c:\windows\system32\sbin.exe Registry:: [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{71db6ca8-1c8c-11dd-b218-b232c4fe4cde}] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"=hex(7):6d,73,76,31,5f,30,00,00 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"= 0 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"= 0 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "osupd.exe"=- Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

kravadinka Poslao: 02 Jan 2009 19:49 Idi na vrh
offline kravadinka Građanin Pridružio: 12 Nov 2007 Poruke: 64	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-01-01.02 - Bane 2009-01-02 18:41:59.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3582.3293 [GMT -8:00] Running from: c:\documents and settings\Bane\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Bane\Desktop\CFScript.txt AV: Avira AntiVir PersonalEdition On-access scanning enabled (Outdated) * Created a new restore point FILE :: c:\documents and settings\Bane\S87ekhV.exe c:\windows\system32\3901381251.dat c:\windows\system32\adsmsextx.exe c:\windows\system32\sbin.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat c:\documents and settings\Bane\S87ekhV.exe c:\windows\system32\3901381251.dat c:\windows\system32\adsmsextx.exe c:\windows\system32\sbin.exe ----- BITS: Possible infected sites ----- hxxp://www.telexexchange.net . ((((((((((((((((((((((((( Files Created from 2008-12-03 to 2009-01-03 ))))))))))))))))))))))))))))))) . 2008-12-28 23:06 . 2008-12-28 23:06 <DIR> d-------- c:\program files\Winamp Toolbar 2008-12-28 23:06 . 2008-12-28 23:06 <DIR> d-------- c:\program files\Winamp Remote 2008-12-28 23:06 . 2008-12-28 23:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\Winamp Toolbar 2008-12-28 23:06 . 2008-12-28 23:07 <DIR> d-------- c:\documents and settings\All Users\Application Data\OrbNetworks 2008-12-28 23:02 . 2007-03-07 15:51 129,784 --------- c:\windows\system32\pxafs.dll 2008-12-28 23:02 . 2007-03-07 15:51 9,464 --------- c:\windows\system32\drivers\cdralw2k.sys 2008-12-28 23:02 . 2007-03-07 15:51 9,336 --------- c:\windows\system32\drivers\cdr4_xp.sys 2008-12-28 22:18 . 2008-12-28 22:18 <DIR> d-------- c:\program files\filehippo.com 2008-12-23 23:48 . 2008-12-23 23:48 <DIR> d-------- c:\program files\uTorrent 2008-12-23 23:48 . 2008-12-24 20:43 <DIR> d-------- c:\documents and settings\Bane\Application Data\uTorrent . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-01 03:38 --------- d-----w c:\program files\Mv2Player 2008-12-29 07:35 --------- d-----w c:\program files\Winamp 2008-12-28 01:24 14,336 ----a-w c:\windows\system32\svchost.exe 2008-12-24 07:43 --------- d-----w c:\program files\Micro DVD Player 2008-12-20 03:23 --------- d-----w c:\documents and settings\Bane\Application Data\Digidesign 2008-12-20 03:22 --------- d-----w c:\documents and settings\Bane\Application Data\Waves Preferences 2008-12-20 03:22 --------- d-----w c:\documents and settings\Bane\Application Data\PACE Anti-Piracy 2008-12-20 03:22 --------- d-----w c:\documents and settings\All Users\Application Data\PACE Anti-Piracy 2008-11-28 04:07 --------- d-----w c:\documents and settings\Bane\Application Data\Waves 2008-11-28 04:00 --------- d-----w c:\program files\MusicLab 2008-11-28 03:58 --------- d-----w c:\program files\Waves 2008-11-24 17:31 --------- d-----w c:\program files\Common Files\Adobe AIR 2008-11-24 17:31 --------- d-----w c:\program files\Adobe Media Player 2008-11-24 17:12 --------- d-----w c:\program files\Google . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2008-07-16 1266992] [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2006-06-01 94208] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-27 68856] "filehippo.com"="c:\program files\filehippo.com\UpdateChecker.exe" [2008-10-22 147968] "Orb"="c:\program files\Winamp Remote\bin\OrbTray.exe" [2008-03-31 507904] "osupd.exe"="c:\windows\system32\osupd.exe" [2004-08-03 29184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-19 36864] "36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-08-29 1966080] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-08-31 249896] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2007-12-11 307200] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "M-Audio Taskbar Icon"="c:\windows\System32\M-AudioTaskBarIcon.exe" [2008-05-15 356864] "DigidesignMMERefresh"="c:\program files\Digidesign\Drivers\MMERefresh.exe" [2007-10-30 77824] "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232] "nwiz"="nwiz.exe" [2007-06-28 c:\windows\system32\nwiz.exe] "RTHDCPL"="RTHDCPL.EXE" [2007-09-19 c:\windows\RTHDCPL.exe] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.I420"= i263_32.drv "vidc.DIV3"= DivXc32.dll "vidc.DIV4"= DivXc32f.dll "msacm.divxa32"= divxa32.acm "vidc.3iv2"= 3ivxVfWCodec.dll "VIDC.HFYU"= huffyuv.dll "VIDC.i263"= i263_32.drv "msacm.imc"= imc32.acm "VIDC.VP31"= vp31vfw.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] UpdateWin REG_SZ c:\windows\system32\adsmsextx.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= R0 DigiFilter;DigiFilter;c:\windows\system32\drivers\DigiFilt.sys [2008-07-05 16384] R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\DRIVERS\cledx.sys [2008-05-07 33792] R3 MAUSBFTP;Service for M-Audio Fast Track Pro (WDM);c:\windows\system32\DRIVERS\mausb.sys [2008-07-10 143624] S3 ews88mt;EWS88 WDM Audio;c:\windows\system32\drivers\ews88wdm.sys [2007-03-14 95712] S3 GEST Service;GEST Service for program management.;"c:\program files\GIGABYTE\GEST\GSvr.exe" [2008-05-07 47624] S3 MAUSB;Service for M-Audio Fast Track Pro Driver (WDM);c:\windows\system32\DRIVERS\mausb.sys [2008-07-10 143624] . Contents of the 'Scheduled Tasks' folder 2008-10-03 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 12:42] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie mStart Page = hxxp://www.yahoo.com uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-01-02 18:42:30 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2009-01-02 18:42:53 ComboFix-quarantined-files.txt 2009-01-03 02:42:44 ComboFix2.txt 2009-01-03 02:19:47 Pre-Run: 4,940,455,936 bytes free Post-Run: 4,930,920,448 bytes free 141

Profil

bobby Poslao: 02 Jan 2009 20:04 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\windows\system32\osupd.exe Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "osupd.exe"=- [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "UpdateWin"=-` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

kravadinka Poslao: 02 Jan 2009 20:09 Idi na vrh
offline kravadinka Građanin Pridružio: 12 Nov 2007 Poruke: 64	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-01-01.02 - Bane 2009-01-02 19:03:06.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.3582.3298 [GMT -8:00] Running from: c:\documents and settings\Bane\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Bane\Desktop\CFScript.txt AV: Avira AntiVir PersonalEdition On-access scanning enabled (Outdated) * Created a new restore point FILE :: c:\windows\system32\osupd.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat c:\windows\system32\osupd.exe ----- BITS: Possible infected sites ----- hxxp://www.telexexchange.net . ((((((((((((((((((((((((( Files Created from 2008-12-03 to 2009-01-03 ))))))))))))))))))))))))))))))) . 2008-12-28 23:06 . 2008-12-28 23:06 <DIR> d-------- c:\program files\Winamp Toolbar 2008-12-28 23:06 . 2008-12-28 23:06 <DIR> d-------- c:\program files\Winamp Remote 2008-12-28 23:06 . 2008-12-28 23:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\Winamp Toolbar 2008-12-28 23:06 . 2008-12-28 23:07 <DIR> d-------- c:\documents and settings\All Users\Application Data\OrbNetworks 2008-12-28 23:02 . 2007-03-07 15:51 129,784 --------- c:\windows\system32\pxafs.dll 2008-12-28 23:02 . 2007-03-07 15:51 9,464 --------- c:\windows\system32\drivers\cdralw2k.sys 2008-12-28 23:02 . 2007-03-07 15:51 9,336 --------- c:\windows\system32\drivers\cdr4_xp.sys 2008-12-28 22:18 . 2008-12-28 22:18 <DIR> d-------- c:\program files\filehippo.com 2008-12-23 23:48 . 2008-12-23 23:48 <DIR> d-------- c:\program files\uTorrent 2008-12-23 23:48 . 2008-12-24 20:43 <DIR> d-------- c:\documents and settings\Bane\Application Data\uTorrent . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-01 03:38 --------- d-----w c:\program files\Mv2Player 2008-12-29 07:35 --------- d-----w c:\program files\Winamp 2008-12-28 01:24 14,336 ----a-w c:\windows\system32\svchost.exe 2008-12-24 07:43 --------- d-----w c:\program files\Micro DVD Player 2008-12-20 03:23 --------- d-----w c:\documents and settings\Bane\Application Data\Digidesign 2008-12-20 03:22 --------- d-----w c:\documents and settings\Bane\Application Data\Waves Preferences 2008-12-20 03:22 --------- d-----w c:\documents and settings\Bane\Application Data\PACE Anti-Piracy 2008-12-20 03:22 --------- d-----w c:\documents and settings\All Users\Application Data\PACE Anti-Piracy 2008-11-28 04:07 --------- d-----w c:\documents and settings\Bane\Application Data\Waves 2008-11-28 04:00 --------- d-----w c:\program files\MusicLab 2008-11-28 03:58 --------- d-----w c:\program files\Waves 2008-11-24 17:31 --------- d-----w c:\program files\Common Files\Adobe AIR 2008-11-24 17:31 --------- d-----w c:\program files\Adobe Media Player 2008-11-24 17:12 --------- d-----w c:\program files\Google . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2008-07-16 1266992] [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2006-06-01 94208] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-27 68856] "filehippo.com"="c:\program files\filehippo.com\UpdateChecker.exe" [2008-10-22 147968] "Orb"="c:\program files\Winamp Remote\bin\OrbTray.exe" [2008-03-31 507904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-19 36864] "36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-08-29 1966080] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-08-31 249896] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2007-12-11 307200] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "M-Audio Taskbar Icon"="c:\windows\System32\M-AudioTaskBarIcon.exe" [2008-05-15 356864] "DigidesignMMERefresh"="c:\program files\Digidesign\Drivers\MMERefresh.exe" [2007-10-30 77824] "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232] "nwiz"="nwiz.exe" [2007-06-28 c:\windows\system32\nwiz.exe] "RTHDCPL"="RTHDCPL.EXE" [2007-09-19 c:\windows\RTHDCPL.exe] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.I420"= i263_32.drv "vidc.DIV3"= DivXc32.dll "vidc.DIV4"= DivXc32f.dll "msacm.divxa32"= divxa32.acm "vidc.3iv2"= 3ivxVfWCodec.dll "VIDC.HFYU"= huffyuv.dll "VIDC.i263"= i263_32.drv "msacm.imc"= imc32.acm "VIDC.VP31"= vp31vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= R0 DigiFilter;DigiFilter;c:\windows\system32\drivers\DigiFilt.sys [2008-07-05 16384] R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\DRIVERS\cledx.sys [2008-05-07 33792] R3 MAUSBFTP;Service for M-Audio Fast Track Pro (WDM);c:\windows\system32\DRIVERS\mausb.sys [2008-07-10 143624] S3 ews88mt;EWS88 WDM Audio;c:\windows\system32\drivers\ews88wdm.sys [2007-03-14 95712] S3 GEST Service;GEST Service for program management.;"c:\program files\GIGABYTE\GEST\GSvr.exe" [2008-05-07 47624] S3 MAUSB;Service for M-Audio Fast Track Pro Driver (WDM);c:\windows\system32\DRIVERS\mausb.sys [2008-07-10 143624] . Contents of the 'Scheduled Tasks' folder 2008-10-03 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 12:42] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie mStart Page = hxxp://www.yahoo.com uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-01-02 19:03:30 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2009-01-02 19:03:52 ComboFix-quarantined-files.txt 2009-01-03 03:03:43 ComboFix2.txt 2009-01-03 02:42:54 ComboFix3.txt 2009-01-03 02:19:47 Pre-Run: 4,922,097,664 bytes free Post-Run: 4,912,951,296 bytes free 133

Profil

bobby Poslao: 02 Jan 2009 20:12 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hajde pokreni ponovo HijackThis i napravi novi log koji ces mi ovde postaviti.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » pomoc!!!

Ko je trenutno na forumu

Ukupno su 947 korisnika na forumu :: 50 registrovanih, 6 sakrivenih i 891 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., arton, cavatina, comi_pfc, Djokkinen, DonRumataEstorski, drazenm, dulleo, FileFinder, FOX, goxin, HrcAk47, ikan, Ivica1102, kolle.the.kid, Kubovac, laganini123, lord sir giga, Mi lao shu, milenko crazy north, Milos82, minmatar34957, muaddib, nebkv, novator, nuke92, ozzy, pacika, Pakito93, Panter, panzerwaffe, pein, Ripanjac, RJ, ruma, Sančo, sasa76, sevenino, Simon simonović, solic, Srle993, theNedjeljko, vlad4, vlajkox, voja64, W123, Zimbabwe, zziko, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by