MyCity » Ambulanta -> Arhiva Ambulante » problem sa flash karticom od 1gb

problem sa flash karticom od 1gb

Napisano na dan: 11.4.2008

Strana:
1
2

problem sa flash karticom od 1gb

Sledeća strana

Pagination

Odgovori

Strana:
1
2

gogi100 Poslao: 11 Apr 2008 11:22 Idi na vrh
offline gogi100 Građanin Pridružio: 26 Jan 2006 Poruke: 233	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! imam flash karticu od 1gb kingston. skenirao sam je sa antivirus programom mwav koji sadrzi najnovije definicije od 11.04.2008. pronasao mi je neke viruse na njoj i obrisao. kad sam ga opet ukljucio opet ponavlja isto izbacuje mi sledece. `File G:\auto.exe//PE_Patch//UPack infected by "Trojan-Downloader.Win32.Flux.fm" Virus! Action Taken: File Deleted. File G:\autorun.inf infected by "Virus.Win32.AutoRun.mg" Virus! Action Taken: File Renamed.` flash karticu sam formatirao. Opet sam startovao mwav i opet izbacuje isto. da li zaista na kartici postoji virus ili to mwav brlja? i ako postoji kako da ga sklonim? hvala

Profil

helen1 Poslao: 11 Apr 2008 14:00 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Isprati lepo temu sa ovog linka: http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Profil

gogi100 Poslao: 11 Apr 2008 16:55 Idi na vrh
offline gogi100 Građanin Pridružio: 26 Jan 2006 Poruke: 233	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo kako izgleda scan mog kompjutera sa hijackthis Logfile of HijackThis v1.99.1 Scan saved at 4:50:35 PM, on 4/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\mafija75\Desktop\virusi\TR3.exe R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: 127.255.255.255 www.getright.com O1 - Hosts: 127.255.255.255 pro.getright.com O1 - Hosts: 127.255.255.255 www.headlightinc.com O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [BMdbb61280] Rundll32.exe "C:\WINDOWS\system32\hmkllrgk.dll",s O4 - HKLM\..\Run: [d885211c] rundll32.exe "C:\WINDOWS\system32\muygvtrw.dll",b O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program Files\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe O8 - Extra context menu item: Download with GetRight Pro - C:\Program Files\GetRight\GRdownload.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Open with GetRight Pro Browser - C:\Program Files\GetRight\GRbrowse.htm O8 - Extra context menu item: Prevedi sa Di recnikom - C:\Program Files\Di recnik\diie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O11 - Options group: [INTERNATIONAL] International* O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: urqOGVpO - C:\WINDOWS\SYSTEM32\urqOGVpO.dll O23 - Service: Apache2 - Unknown owner - C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe" -k runservice (file missing) O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

Profil

helen1 Poslao: 11 Apr 2008 17:02 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skini ComboFix sa jedne od sledecih adresa na Desktop: http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati. Preuzmi program Flash_Disinfector. program se pokreće dvoklikom na Flash_Disinfector.exe kada se pojavi poruka sa obaveštenjem, potrebno je priključiti inficirane USB flash drive-ove (pri tome držati pritisnut taster Shift kako bi se izbegao autoplay) kliknuti na OK i sačekati da se proces završi kada se pojavi poruka Done !!, kliknuti na OK.

Profil

gogi100 Poslao: 11 Apr 2008 20:29 Idi na vrh
offline gogi100 Građanin Pridružio: 26 Jan 2006 Poruke: 233	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo kako izgleda log fajl combofix-a ComboFix 08-04-11.1 - mafija75 2008-04-11 19:54:28.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.471 [GMT 2:00] Running from: C:\Documents and Settings\mafija75\Desktop\virusi\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\temp\tn3 C:\WINDOWS\BMdbb61280.xml C:\WINDOWS\dxtmechk C:\WINDOWS\pskt.ini C:\WINDOWS\regedit.com C:\WINDOWS\system32\12F06B5F.DLL C:\WINDOWS\system32\awmkwlrn.ini C:\WINDOWS\system32\bmpxdixv.ini C:\WINDOWS\system32\cputnrrx.ini C:\WINDOWS\system32\crmdvmba.dll C:\WINDOWS\system32\ddcjyjhv.dll C:\WINDOWS\system32\dhybubmt.dll C:\WINDOWS\system32\diykhpgj.dll C:\WINDOWS\system32\drivers\npf.sys C:\WINDOWS\system32\efccAPji.dll C:\WINDOWS\system32\eqxiqaoa.dll C:\WINDOWS\system32\flmsheww.dll C:\WINDOWS\system32\hgscnvla.dll C:\WINDOWS\system32\hmkllrgk.dll C:\WINDOWS\system32\ijPAccfe.ini C:\WINDOWS\system32\ijPAccfe.ini2 C:\WINDOWS\system32\iskisedn.ini C:\WINDOWS\system32\iwyjmbtl.dll C:\WINDOWS\system32\ltbmjywi.ini C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\mrwfbdeb.dll C:\WINDOWS\system32\muygvtrw.dll C:\WINDOWS\system32\ndesiksi.dll C:\WINDOWS\system32\nrlwkmwa.dll C:\WINDOWS\system32\oqexntse.dll C:\WINDOWS\system32\packet.dll C:\WINDOWS\system32\pthreadVC.dll C:\WINDOWS\system32\REGKEY.hiv C:\WINDOWS\system32\ripnalbh.dll C:\WINDOWS\system32\rnxmpugn.dll C:\WINDOWS\system32\rrrktpys.dll C:\WINDOWS\system32\taskmgr.com C:\WINDOWS\system32\tmbubyhd.ini C:\WINDOWS\system32\urqOGVpO.dll C:\WINDOWS\system32\uubnrqcx.ini C:\WINDOWS\system32\vxidxpmb.dll C:\WINDOWS\system32\wpcap.dll C:\WINDOWS\system32\wrtvgyum.ini C:\WINDOWS\system32\xcqrnbuu.dll C:\WINDOWS\system32\xrrntupc.dll C:\WINDOWS\system32\ybypobsm.dll D:\auto.exe E:\auto.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_CORE -------\NPF ((((((((((((((((((((((((( Files Created from 2008-03-11 to 2008-04-11 ))))))))))))))))))))))))))))))) . 2008-04-11 16:49 . 2004-02-23 01:00 1,386,496 --a------ C:\WINDOWS\system\MSVBVM60.DLL 2008-04-11 06:46 . 2008-04-11 09:26 817,369,826 --a------ C:\superdvdripper.avi 2008-04-11 00:18 . 2008-04-11 06:49 <DIR> d-------- C:\Program Files\Max DVD to AVI Converter 4.0 2008-04-10 22:28 . 2008-04-10 22:28 3,648 --a------ C:\WINDOWS\system32\wcqvlcer.dll 2008-04-10 21:42 . 2008-04-10 23:57 0 --a------ C:\WINDOWS\system32\video.avs 2008-04-10 21:37 . 2006-06-03 00:07 176,128 --a------ C:\WINDOWS\nss3.dll 2008-04-10 21:37 . 2006-06-03 00:07 159,232 --a------ C:\WINDOWS\softokn3.dll 2008-04-10 21:37 . 2006-06-03 00:07 73,728 --a------ C:\WINDOWS\nspr4.dll 2008-04-10 21:37 . 2007-06-16 18:44 69,632 --a------ C:\WINDOWS\Projekt1.exe 2008-04-10 21:37 . 2007-03-03 16:00 40,960 --a------ C:\WINDOWS\FirePassword.exe 2008-04-10 21:37 . 2006-06-03 00:07 8,704 --a------ C:\WINDOWS\plc4.dll 2008-04-10 21:37 . 2006-06-03 00:07 6,144 --a------ C:\WINDOWS\plds4.dll 2008-04-10 21:36 . 2008-04-10 21:36 <DIR> d-------- C:\Program Files\Agogo DVD Ripper 2008-04-10 21:36 . 2004-07-03 07:59 524,288 --a------ C:\WINDOWS\system32\xvidcore.dll 2008-04-10 21:36 . 2004-07-03 08:08 139,264 --a------ C:\WINDOWS\system32\xvidvfw.dll 2008-04-10 21:36 . 2004-09-06 03:06 53,248 --a------ C:\WINDOWS\system32\xvid.ax 2008-04-09 23:31 . 2008-04-09 23:31 3,648 --a------ C:\WINDOWS\system32\ypvbrphj.dll 2008-04-09 22:37 . 2008-04-09 22:37 3,648 --a------ C:\WINDOWS\system32\kepmougi.dll 2008-04-08 22:34 . 2008-04-08 22:34 3,648 --a------ C:\WINDOWS\system32\dmrxjflb.dll 2008-04-06 22:28 . 2008-04-07 22:28 294 --ahs---- C:\WINDOWS\system32\gjtoauqh.ini 2008-04-06 11:52 . 2008-04-06 11:54 6,942,778 --a------ C:\WINDOWS\REGBK00.ZIP 2008-04-04 22:32 . 2008-04-04 22:32 294 --ahs---- C:\WINDOWS\system32\yuxoxflm.ini 2008-04-04 01:07 . 2008-04-04 01:08 12,168 --a------ C:\WINDOWS\system32\k120726382618.exe 2008-04-04 01:06 . 2008-04-04 01:10 12,168 --a------ C:\WINDOWS\system32\k12072638083.exe 2008-04-03 23:59 . 2008-04-03 23:59 <DIR> d-a------ C:\WINDOWS\zts2.exe 2008-04-03 23:59 . 2008-04-03 23:59 <DIR> d-a------ C:\WINDOWS\system32\vcmgcd32.dll 2008-04-03 23:59 . 2008-04-03 23:59 <DIR> d-a------ C:\WINDOWS\system32\iifgfgf.dll 2008-04-03 23:59 . 2008-04-03 23:59 <DIR> d-a------ C:\WINDOWS\rundll16.exe 2008-04-03 23:59 . 2008-04-03 23:59 <DIR> d-a------ C:\WINDOWS\rundl132.dll 2008-04-03 23:59 . 2008-04-03 23:59 <DIR> d-a------ C:\WINDOWS\logo1_.exe 2008-04-03 22:28 . 2008-04-04 22:28 534 --ahs---- C:\WINDOWS\system32\aogyrfdj.ini 2008-04-03 10:43 . 2008-04-03 11:43 3,114 --a------ C:\WINDOWS\system32\k120721179016.exe 2008-04-03 10:39 . 2008-04-03 11:39 7,846 --a------ C:\WINDOWS\system32\k12072117797.exe 2008-04-02 22:34 . 2008-04-03 10:13 414 --ahs---- C:\WINDOWS\system32\iulvtvdk.ini 2008-04-01 22:27 . 2008-04-02 22:28 294 --ahs---- C:\WINDOWS\system32\scadeiax.ini 2008-04-01 18:58 . 2008-04-01 20:01 14,872 --a------ C:\WINDOWS\system32\k12070688966.exe 2008-04-01 18:58 . 2008-04-01 19:01 12,168 --a------ C:\WINDOWS\system32\k12070688923.exe 2008-04-01 18:58 . 2008-04-01 19:58 4,582 --a------ C:\WINDOWS\system32\k120706890211.exe 2008-04-01 18:21 . 2006-03-28 08:54 696,320 --a------ C:\WINDOWS\system32\libeay32.dll 2008-04-01 18:21 . 2006-03-28 08:55 155,648 --a------ C:\WINDOWS\system32\ssleay32.dll 2008-04-01 18:19 . 2008-04-01 18:19 <DIR> d-------- C:\Documents and Settings\mafija75\Application Data\iolo 2008-04-01 18:19 . 2008-04-01 18:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\iolo 2008-03-30 23:27 . 2008-03-30 23:27 12,168 --a------ C:\WINDOWS\system32\k12069121733.exe 2008-03-30 23:16 . 2008-03-30 23:16 12,168 --a------ C:\WINDOWS\system32\k12069114436.exe 2008-03-30 23:15 . 2008-03-30 23:16 12,168 --a------ C:\WINDOWS\system32\k12069114382.exe 2008-03-30 23:13 . 2008-03-30 23:15 12,168 --a------ C:\WINDOWS\system32\k12069114404.exe 2008-03-30 22:34 . 2008-03-30 22:34 17,576 --a------ C:\WINDOWS\system32\k12069090675.exe 2008-03-30 22:34 . 2008-03-30 22:34 16,224 --a------ C:\WINDOWS\system32\k12069090642.exe 2008-03-30 22:34 . 2008-03-30 22:34 6,495 --a------ C:\WINDOWS\system32\k12069090707.exe 2008-03-30 22:34 . 2008-03-30 22:34 4,056 --a------ C:\WINDOWS\system32\k12069090653.exe 2008-03-30 22:34 . 2008-03-30 22:34 2,437 --a------ C:\WINDOWS\system32\k120690907612.exe 2008-03-30 22:15 . 2008-03-30 22:15 17,576 --a------ C:\WINDOWS\system32\k12069079223.exe 2008-03-30 22:15 . 2008-03-30 22:25 10,816 --a------ C:\WINDOWS\system32\k12069079234.exe 2008-03-30 21:23 . 2008-03-30 22:05 280 --a------ C:\WINDOWS\wininit.ini 2008-03-30 19:54 . 2008-03-30 22:30 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-03-30 11:06 . 2008-03-30 12:06 2,158 --a------ C:\WINDOWS\system32\k120686776010.exe 2008-03-30 11:05 . 2008-03-30 11:07 12,168 --a------ C:\WINDOWS\system32\k12068677502.exe 2008-03-29 19:02 . 2008-03-15 14:07 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll 2008-03-29 19:02 . 2008-03-15 13:12 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest 2008-03-27 12:10 . 2008-03-27 13:10 8,112 --a------ C:\WINDOWS\system32\k12066123486.exe 2008-03-27 12:10 . 2008-03-27 13:13 6,760 --a------ C:\WINDOWS\system32\k12066123465.exe 2008-03-27 12:08 . 2008-03-27 13:10 8,112 --a------ C:\WINDOWS\system32\k12066123443.exe 2008-03-26 01:13 . 2008-04-06 11:59 78 --ah----- C:\autorun.inf.mwt 2008-03-12 19:17 . 2008-03-30 22:33 <DIR> d-------- C:\Program Files\Imenik 2008-03-12 19:16 . 2000-09-04 15:24 8,055 --a------ C:\WINDOWS\Serbian2.gpl 2008-03-12 19:04 . 2008-03-12 19:04 <DIR> d-------- C:\Program Files\SmileSoft 2008-03-12 19:04 . 2008-03-12 19:04 8 --ah----- C:\dbisam.lck . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-11 17:52 --------- d-----w C:\Program Files\GetRight 2008-04-11 17:49 --------- d-----w C:\Program Files\Soulseek 2008-04-11 17:49 --------- d-----w C:\Documents and Settings\mafija75\Application Data\uTorrent 2008-04-11 13:25 --------- d-----w C:\Documents and Settings\mafija75\Application Data\AVG7 2008-04-09 19:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-04-09 16:57 --------- d-----w C:\Documents and Settings\mafija75\Application Data\Canon 2008-04-07 21:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-04-07 20:37 --------- d-----w C:\Program Files\Di recnik 2008-04-06 10:43 46,592 ----a-w C:\Program Files\Common Files\WIN.exe.mwt 2008-04-06 09:52 72,960 ----a-w C:\WINDOWS\system32\drivers\core.sys.mwt 2008-04-06 09:21 --------- d-----w C:\Program Files\UltraLott Ticket Printing 2008-04-06 09:21 --------- d-----w C:\Program Files\Net Tools 2008-04-06 09:21 --------- d-----w C:\Program Files\DBPut 2008-04-06 09:21 --------- d-----w C:\Documents and Settings\mafija75\Application Data\Skype 2008-04-06 09:21 --------- d-----w C:\Documents and Settings\mafija75\Application Data\phpDesigner 2008 2008-04-06 09:21 --------- d-----w C:\Documents and Settings\mafija75\Application Data\Azureus 2008-03-30 20:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-03-30 20:28 --------- d-----w C:\Program Files\DivX 2008-03-30 20:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-03-30 17:43 --------- d-----w C:\Program Files\TuneUp Utilities 2007 2008-03-29 17:02 --------- d-----w C:\Program Files\ffdshow 2008-03-28 09:04 --------- d-----w C:\Documents and Settings\mafija75\Application Data\SolidDocuments 2008-03-20 22:55 --------- d-----w C:\Program Files\Safari 2008-02-27 23:13 --------- d-----w C:\Program Files\uTorrent 2008-02-25 23:18 --------- d-----w C:\Program Files\WinPcap 2008-02-17 22:06 --------- d-----w C:\Program Files\kmp 2008-02-12 19:29 --------- d-----w C:\Program Files\GNU 2008-02-11 22:41 --------- d-----w C:\Program Files\ImTOO 2008-02-11 22:20 --------- d-----w C:\Documents and Settings\mafija75\Application Data\Apple Computer 2007-12-04 23:37 2,339 ----a-w C:\Program Files\Common Files\m3.exe 2007-12-04 23:37 2,339 ----a-w C:\Program Files\Common Files\m2.exe 2007-12-04 23:37 2,339 ----a-w C:\Program Files\Common Files\m1.exe . ------- Sigcheck ------- 2007-10-31 00:00 360448 5f252dd88b0841e64010d058e02af929 C:\WINDOWS\system32\dllcache\TCPIP.SYS 2007-10-31 00:00 360448 5f252dd88b0841e64010d058e02af929 C:\WINDOWS\system32\drivers\TCPIP.SYS . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2002-12-31 14:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AudioDrvEmulator"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 18:25 49152] "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-21 09:32 579072] "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 17:46 172032] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2002-12-31 14:00 15360] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-24 08:34 219136] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Monitor Apache Servers.lnk - C:\Program Files\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe [2007-01-09 23:20:44 41041] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\urqOGVpO] urqOGVpO.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GetRight - Tray Icon.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GetRight - Tray Icon.lnk backup=C:\WINDOWS\pss\GetRight - Tray Icon.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] --a------ 2004-08-12 21:10 339968 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] --a------ 2006-11-16 19:04 139264 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMdbb61280] C:\WINDOWS\system32\mrwfbdeb.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cmdbcs] C:\WINDOWS\cmdbcs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Detector] --------- 2004-12-02 18:23 102400 C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDET] --------- 2003-06-18 01:00 45056 C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper] --a------ 2005-06-18 08:01 16384 C:\WINDOWS\CTHELPER.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSysVol] --------- 2005-02-15 16:10 57344 C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DbgHlp32] C:\WINDOWS\DbgHlp32.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] --a------ 2006-10-27 00:47 31016 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] --a------ 2003-12-22 08:38 241664 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] --a------ 2004-02-18 19:55 49152 C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility] --a------ 2004-03-04 17:46 172032 C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsIMMs32] C:\WINDOWS\MsIMMs32.exE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NAVMon32] C:\WINDOWS\NAVMon32.exE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2006-01-12 15:40 155648 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] -ra------ 2007-08-17 03:45 23120680 C:\Program Files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2007-09-25 01:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] --a------ 2006-03-03 03:39 6144 C:\Program Files\Unlocker\UnlockerAssistant.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg] --------- 2000-05-11 01:00 90112 C:\WINDOWS\UpdReg.EXE [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Firebird"=C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe -a "BMdbb61280"=Rundll32.exe "C:\WINDOWS\system32\mrwfbdeb.dll",s [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\WINDOWS\\system32\\sessmgr.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "C:\\Program Files\\Soulseek\\slsk.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= "C:\\Program Files\\Mozilla Firefox\\firefox.exe"= "C:\\Program Files\\Bonjour\\mDNSResponder.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= R2 CX88XBAR;MSI 8606 Crossbar;C:\WINDOWS\system32\drivers\CX88XBar.SYS [2003-03-19 07:50] R2 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe [2007-09-03 17:13] S3 iadusb;MT882;C:\WINDOWS\system32\DRIVERS\glauiad.sys [2006-03-20 09:32] S4 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2002-12-31 14:00] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a2b15085-97af-11dc-9f90-0040f4bf0254}] \Shell\Auto\command - I:\auto.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d6c4b607-4bdd-11dc-9f5e-0040f4bf0254}] \Shell\Auto\command - H:\auto.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe . Contents of the 'Scheduled Tasks' folder "2007-09-14 15:15:00 C:\WINDOWS\Tasks\1-Click Maintenance.job" - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe "2007-10-05 21:29:20 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************ catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-11 19:59:49 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\MySQL] "ImagePath"="\"C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"C:\Program Files\MySQL\MySQL Server 5.0\my.ini\" MySQL" . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\WINDOWS\system32\winlogon.exe -> C:\WINDOWS\system32\Ati2evxx.dll . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\ati2evxx.exe C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\CTSVCCDA.EXE C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe . ************************************************************************ . Completion time: 2008-04-11 20:01:58 - machine was rebooted ComboFix-quarantined-files.txt 2008-04-11 18:01:52 Pre-Run: 18,079,043,584 bytes free Post-Run: 18,009,636,864 bytes free

Profil

helen1 Poslao: 11 Apr 2008 20:30 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! A,drugi log.I taj mi je vazan.Jesi pokrenuo Flash Disinfector?

Profil

gogi100 Poslao: 11 Apr 2008 21:05 Idi na vrh
offline gogi100 Građanin Pridružio: 26 Jan 2006 Poruke: 233	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! pokazao mi je od combofix-a samo jedan log to sam zakacio. Pokreno sam i flash disinfector on mi je samo izbacio poruku done i to je to

Profil

helen1 Poslao: 11 Apr 2008 23:04 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skini VundoFix: http://www.atribune.org/ccount/click.php?id=4 * Dvoklikom se startuje fajl VundoFix.exe. * Izabere opcija Scan for Vundo. * Posle završenog skeniranja i pojave poruke Done Searching for files klikne se na OK. * Sada, kada je skeniranje obavljeno potrebno je kliknuti na opciju Fix Vundo. * Po pojavljivanju upita o uklanjaju Vundo fajlova klikne se na Yes. * Pokretanje ove opcije učiniće Desktop privremeno praznim u cilju pripreme sistema za uklanjanje Vundo-a. * Po završetku, pojaviće se obaveštenje o gašnjenju računara, klikne se OK. * Uključi se računar i podigne sistem iznova. * Iskopira se sadržaj loga sa putanje C:\vundofix.txt i novi HiJackThis log u poruku na forumu.

Profil

gogi100 Poslao: 12 Apr 2008 03:09 Idi na vrh
offline gogi100 Građanin Pridružio: 26 Jan 2006 Poruke: 233	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! vundofix nije nasao nista VundoFix V7.0.3 Scan started at 3:00:24 AM 4/12/2008 Listing files found while scanning.... No infected files were found. Beginning removal... a kacim i hijackthis Logfile of HijackThis v1.99.1 Scan saved at 3:06:47 AM, on 4/12/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0013) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\mafija75\Desktop\virusi\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Monitor Apache Servers.lnk = C:\Program Files\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe O8 - Extra context menu item: Download with GetRight Pro - C:\Program Files\GetRight\GRdownload.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Open with GetRight Pro Browser - C:\Program Files\GetRight\GRbrowse.htm O8 - Extra context menu item: Prevedi sa Di recnikom - C:\Program Files\Di recnik\diie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O11 - Options group: [INTERNATIONAL] International* O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: urqOGVpO - urqOGVpO.dll (file missing) O23 - Service: Apache2 - Unknown owner - C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe" -k runservice (file missing) O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - FirebirdSQL Project - C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

Profil

helen1 Poslao: 12 Apr 2008 10:31 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi CatchMe. Dvoklikom pokreni catchme.exe i pređi na Script tab. U (beli) prozor programa iskopiraj tekst koji se nalazi unutar kod polja: files: C:\WINDOWS\system32\k12072638083.exe C:\WINDOWS\system32\k120721179016.exe C:\WINDOWS\system32\k12072117797.exe C:\WINDOWS\system32\k12070688966.exe C:\WINDOWS\system32\k120706890211.exe C:\WINDOWS\system32\k12069090675.exe C:\WINDOWS\system32\k12069090642.exe C:\WINDOWS\system32\k12069090707.exe C:\WINDOWS\system32\k12069090653.exe C:\WINDOWS\system32\k120690907612.exe C:\WINDOWS\system32\k12069079234.exe C:\WINDOWS\system32\k120686776010.exe C:\WINDOWS\system32\k12066123486.exe C:\WINDOWS\system32\k12066123465.exe C:\Program Files\Common Files\m1.exe Klikni na taster Run. Kada se pojavi poruka sa obaveštenjem, kliknuti OK. Po završetku procesa, na Desktopu će se nalaziti file catchme.zip. Uploaduj ga preko sledeće forme: http://www.mycity.rs/ambulanta-upload.php

Profil

MyCity » Ambulanta -> Arhiva Ambulante » problem sa flash karticom od 1gb

Ko je trenutno na forumu

Ukupno su 488 korisnika na forumu :: 3 registrovanih, 0 sakrivenih i 485 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Penzula, Shilok, zlaya011

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by