MyCity » Ambulanta -> Arhiva Ambulante » treba mi pomoc

treba mi pomoc

Napisano na dan: 22.8.2009

Strana:
1
2

treba mi pomoc

Sledeća strana

Pagination

Odgovori

Strana:
1
2

friends555 Poslao: 22 Avg 2009 11:40 Idi na vrh
offline friends555 Građanin Pridružio: 30 Nov 2007 Poruke: 160	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! zna li neko sta da uradim da mi se ovo vise ne pojavljuje pri paljenju racunara mycity.rs/imgs/84013_54388591_untitled.JPG

Profil

Bogdan-Tc Poslao: 22 Avg 2009 12:18 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav Isprati uputstvo za Ambulantu. http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Profil

friends555 Poslao: 24 Avg 2009 22:50 Idi na vrh
offline friends555 Građanin Pridružio: 30 Nov 2007 Poruke: 160	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 24 Avg 2009 22:39 DDS (Ver_09-07-30.01) - NTFSx86 Run by Sinisa at 22:24:12,85 on pon 24.08.2009 Internet Explorer: 7.0.5730.13 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1516 [GMT 2:00] FW: ActiveArmor Firewall disabled {EDC10449-64D1-46c7-A59A-EC20D662F26D} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\Ati2evxx.exe svchost.exe C:\WINDOWS\Explorer.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\PROGRA~1\INTERV~1\WinDVR\WINSCH~1.EXE C:\Program Files\InterVideo\WinDVR\WinRemote.exe C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe D:\Program Files\BitTorrent\bittorrent.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\WINDOWS\raidhost.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe "C:\Documents and Settings\Sinisa\Application Data\Microsoft\svchost.exe" C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe svchost C:\WINDOWS\TEMP\dqfcwfnnyw.exe C:\Program Files\AskBarDis\bar\bin\AskService.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PSIService.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\TEMP\dqfcwfnnyw.exe C:\Documents and Settings\Sinisa\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.ba/ uSearch Page = uSearch Bar = mSearchAssistant = mURLSearchHooks: H - No File mWinlogon: Shell=Explorer.exe c:\windows\cursors\lsass.exe BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_02\bin\ssv.dll BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll TB: {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No File TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [BitTorrent] "d:\program files\bittorrent\bittorrent.exe" uRun: [msnmsgr] "c:\program files\msn messenger\msnmsgr.exe" /background uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe" uRun: [Nvidias] c:\windows\system32\rundll32.exe c:\docume~1\sinisa\locals~1\temp\237670781734Ati.dll,Sets uRun: [svchost.exe] c:\documents and settings\sinisa\application data\microsoft\svchost.exe mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe" mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [WINSCHEDULER] c:\progra~1\interv~1\windvr\WINSCH~1.EXE mRun: [WinRemote] "c:\program files\intervideo\windvr\WinRemote.exe" mRun: [WindowsHive] c:\windows\system32\rpcc.exe mRun: [NokiaMServer] c:\program files\common files\nokia\mplatform\NokiaMServer /watchfiles mRun: [raidhost] raidhost.exe StartupFolder: c:\documents and settings\sinisa\start menu\programs\startup\rncsys32.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hppsc1~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpohmr08.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpoddt~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\interv~1.lnk - c:\program files\intervideo\common\bin\WinCinemaMgr.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\nokiao~1.lnk - f:\program files\nokia\ovi\suite\RunLauncher.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_02\bin\ssv.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.srtest.com/srl_bin/sysreqlab_srl.cab DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL ============= SERVICES / DRIVERS =============== R?2 AlerterALG;Alerter AlerterALG;c:\windows\temp\dqfcwfnnyw.exe service --> c:\windows\temp\dqfcwfnnyw.exe service [?] R2 ASKService;ASKService;c:\program files\askbardis\bar\bin\AskService.exe [2008-11-23 464264] R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2007-7-20 84992] R3 PhTVTune;TV Capture Card WDM TV Tuner;c:\windows\system32\drivers\PhTVTune.sys [2008-4-1 19616] S2 TwonkyMedia;TwonkyMedia;f:\program files\nokia\nokia home media server\media server\twonkymedia.exe -serviceversion 0 --> f:\program files\nokia\nokia home media server\media server\TwonkyMedia.exe -serviceversion 0 [?] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\msn messenger\usnsvc.exe [2007-1-19 97136] =============== Created Last 30 ================ 2009-08-21 22:07 159,744 a------- C:\Adooobe.exe 2009-08-17 19:27 8 a------- c:\windows\system32\DROPPEDFILEOK2.tmp 2009-08-17 19:27 595,968 ---shr-- c:\windows\raidhost.exe 2009-08-14 17:18 <DIR> --d----- c:\docume~1\sinisa\applic~1\GARMIN 2009-08-14 17:17 <DIR> --d----- C:\Garmin ==================== Find3M ==================== 2009-08-21 23:42 292,865 ---sh--- c:\windows\cursors\lsass.exe 2009-07-06 19:20 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf 2009-07-06 19:20 0 a---h--- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2008-10-29 23:14 22,328 a------- c:\docume~1\sinisa\applic~1\PnkBstrK.sys 2009-04-19 11:13 88 ---shr-- c:\windows\system32\A3D6196DB1.sys 2009-04-19 11:13 2,828 a--sh--- c:\windows\system32\KGyGaAvL.sys ============= FINISH: 22:25:35,43 =============== mycity.rs/must-login.png Dopuna: 24 Avg 2009 22:43 mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png Dopuna: 24 Avg 2009 22:50 zaboravih da pitam dali mozda znate u cemu je problem pa posle duzeg rada kompjutera ne mogu uci u ie , samo mi pokazuje da konekcija nije uredu i ja samo restartujem komp. i onda mi normalno radi i otvara mi sve stranice ali za nekih otprilike 5,6 sati opet isto

Profil

Bogdan-Tc Poslao: 25 Avg 2009 17:12 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

friends555 Poslao: 26 Avg 2009 20:22 Idi na vrh
offline friends555 Građanin Pridružio: 30 Nov 2007 Poruke: 160	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-08-26.03 - Sinisa 26.08.2009 20:10.3.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1650 [GMT 2:00] Running from: c:\documents and settings\Sinisa\Desktop\ComboFix.exe FW: ActiveArmor Firewall disabled {EDC10449-64D1-46c7-A59A-EC20D662F26D} * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Sinisa\Application Data\wiaserva.log c:\documents and settings\Sinisa\Start Menu\Programs\Startup\rncsys32.exe c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013 c:\windows\Cursors\lsass.exe c:\windows\Fonts\Reubalach.ttf c:\windows\Installer\SwInstall.msi c:\windows\raidhost.exe c:\windows\system32\drivers\hjgruivvwqttrp.sys c:\windows\system32\hjgruibprdsipf.dll c:\windows\system32\hjgruirdylkrfp.dll c:\windows\system32\hjgruismsqfupj.dat c:\windows\system32\hjgruiwbihwuya.dat c:\windows\system32\nerocheck.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_hjgruiopupoboi -------\Legacy_hjgruiopupoboi ((((((((((((((((((((((((( Files Created from 2009-07-26 to 2009-08-26 ))))))))))))))))))))))))))))))) . 2009-08-21 20:08 . 2009-08-21 20:08 159744 ---h--w- c:\documents and settings\Sinisa\Application Data\Microsoft\svchost.exe 2009-08-21 20:07 . 2009-08-21 20:08 159744 ----a-w- C:\Adooobe.exe 2009-08-14 15:18 . 2009-08-14 15:32 -------- d-----w- c:\documents and settings\Sinisa\Application Data\GARMIN 2009-08-14 15:17 . 2009-08-14 15:18 -------- d-----w- C:\Garmin . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-26 18:07 . 2008-09-01 18:14 -------- d-----w- c:\documents and settings\Sinisa\Application Data\BitTorrent 2009-08-26 18:07 . 2008-08-15 14:31 -------- d-----w- c:\documents and settings\Sinisa\Application Data\DNA 2009-08-26 15:29 . 2008-08-15 14:31 -------- d-----w- c:\program files\DNA 2009-08-17 17:27 . 2009-08-17 17:27 8 ----a-w- c:\windows\system32\DROPPEDFILEOK2.tmp 2009-08-13 22:28 . 2009-03-09 13:29 2978776 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-07-08 11:40 . 2008-10-30 18:58 -------- d-----w- c:\documents and settings\Sinisa\Application Data\PC Suite 2009-07-08 11:22 . 2008-10-30 19:08 -------- d-----w- c:\documents and settings\Sinisa\Application Data\Nokia 2009-07-07 14:02 . 2009-07-06 17:03 -------- d-----w- c:\program files\Common Files\Nokia 2009-07-06 17:24 . 2009-07-06 17:24 -------- d-----w- c:\documents and settings\Sinisa\Application Data\Nseries 2009-07-06 17:21 . 2008-10-30 18:58 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite 2009-07-06 17:20 . 2009-07-06 17:20 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf 2009-07-06 17:20 . 2009-07-06 17:20 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2009-07-06 17:13 . 2008-04-01 17:16 181760 ----a-w- c:\documents and settings\Sinisa\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-07-06 17:06 . 2009-07-06 17:06 -------- d-----w- c:\program files\Nokia 2009-07-06 17:06 . 2009-07-06 17:06 -------- d-----w- c:\program files\MSXML 6.0 2009-07-06 17:06 . 2009-07-06 17:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations 2009-07-06 17:05 . 2009-07-06 17:05 -------- d-----w- c:\program files\Common Files\PCSuite 2009-07-06 17:05 . 2009-07-06 17:04 -------- d-----w- c:\program files\Common Files\muvee Technologies 2009-07-06 16:57 . 2008-10-30 18:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations 2009-06-18 19:05 . 2009-06-18 19:05 49152 ----a-r- c:\documents and settings\Sinisa\Application Data\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe 2009-06-11 16:21 . 2009-06-11 16:21 15 ----a-w- c:\windows\popcinfo.dat 2009-04-19 09:13 . 2008-04-11 14:03 88 --sh--r- c:\windows\system32\A3D6196DB1.sys 2009-04-19 09:13 . 2008-04-11 14:03 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2008-11-12 21:37 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-12 333192] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-12 333192] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-03 1667584] "BitTorrent"="d:\program files\BitTorrent\bittorrent.exe" [2009-08-21 653104] "msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-04-22 342848] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil9f.exe" [2008-03-25 218496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-02-16 282624] "WinRemote"="c:\program files\InterVideo\WinDVR\WinRemote.exe" [2003-09-03 131072] c:\documents and settings\All Users\Start Menu\Programs\Startup\ hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-6 147456] hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672] InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2009-1-6 131072] Nokia Ovi Suite.lnk - f:\program files\Nokia\Ovi\Suite\RunLauncher.exe [2008-7-25 951600] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\TGbox\\Gbox Control\\webinterface\\bin\\apache\\mapache.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "d:\\Program Files\\BitTorrent\\bittorrent.exe"= "d:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\PES 09\\PES 2009\\pes2009.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "f:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "f:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"= "f:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"= "f:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"= "f:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"= "f:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"= "f:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymedia.exe"= "f:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymediaserver.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6168:TCP"= 6168:TCP:Gbox "6168:UDP"= 6168:UDP:gbox R2 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [23.11.2008 1:03 464264] R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [20.7.2007 18:40 84992] R3 PhTVTune;TV Capture Card WDM TV Tuner;c:\windows\system32\drivers\PhTVTune.sys [1.4.2008 19:54 19616] S2 AlerterALG;Alerter AlerterALG;c:\windows\TEMP\dqfcwfnnyw.exe service --> c:\windows\TEMP\dqfcwfnnyw.exe service [?] S2 TwonkyMedia;TwonkyMedia;f:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 --> f:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 [?] . Contents of the 'Scheduled Tasks' folder 2008-09-19 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1100 series5E771253C1676EBED677BF361FDFC537825E15B8213910032.job - c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52] . - - - - ORPHANS REMOVED - - - - WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) HKLM-Run-NeroFilterCheck - c:\windows\system32\NeroCheck.exe HKLM-Run-raidhost - raidhost.exe . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.ba/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-08-26 20:16 Windows 5.1.2600 Service Pack 3, v.3180 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKCU\Software\Microsoft\Windows\CurrentVersion\Run msnmsgr = "c:\program files\MSN Messenger\msnmsgr.exe" /background?g scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1960408961-179605362-725345543-1003\Software\SecuROM\License information*] "datasecu"=hex:c0,19,c4,28,16,df,88,b4,73,62,15,57,cb,58,96,35,eb,ff,33,7c,68, 2c,77,81,ea,a0,39,6b,41,b6,7e,02,f4,ee,85,b6,ec,89,2f,67,b9,ee,ec,10,a1,27,\ "rkeysecu"=hex:ea,c6,3c,ac,13,29,ba,78,17,23,fa,72,3f,a8,ac,d8 . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(836) c:\windows\system32\Ati2evxx.dll . Completion time: 2009-08-26 20:18 ComboFix-quarantined-files.txt 2009-08-26 18:18 ComboFix2.txt 2009-01-02 00:04 Pre-Run: 9.386.278.912 bytes free Post-Run: 9.807.732.736 bytes free 173 --- E O F --- 2008-06-21 10:55

Profil

Bogdan-Tc Poslao: 26 Avg 2009 23:05 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\documents and settings\Sinisa\Application Data\Microsoft\svchost.exe C:\Adooobe.exe c:\windows\system32\DROPPEDFILEOK2.tmp Driver:: AlerterALG` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

friends555 Poslao: 26 Avg 2009 23:42 Idi na vrh
offline friends555 Građanin Pridružio: 30 Nov 2007 Poruke: 160	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-08-26.05 - Sinisa 26.08.2009 23:28.4.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1558 [GMT 2:00] Running from: c:\documents and settings\Sinisa\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Sinisa\Desktop\CFScript.txt FW: ActiveArmor Firewall disabled {EDC10449-64D1-46c7-A59A-EC20D662F26D} FILE :: "C:\Adooobe.exe" "c:\documents and settings\Sinisa\Application Data\Microsoft\svchost.exe" "c:\windows\system32\DROPPEDFILEOK2.tmp" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Adooobe.exe c:\documents and settings\Sinisa\Application Data\Microsoft\svchost.exe c:\windows\system32\DROPPEDFILEOK2.tmp c:\windows\system32\nerocheck.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_ALERTERALG -------\Service_AlerterALG ((((((((((((((((((((((((( Files Created from 2009-07-26 to 2009-08-26 ))))))))))))))))))))))))))))))) . 2009-08-14 15:18 . 2009-08-14 15:32 -------- d-----w- c:\documents and settings\Sinisa\Application Data\GARMIN 2009-08-14 15:17 . 2009-08-14 15:18 -------- d-----w- C:\Garmin . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-26 21:37 . 2008-09-01 18:14 -------- d-----w- c:\documents and settings\Sinisa\Application Data\BitTorrent 2009-08-26 21:34 . 2008-08-15 14:31 -------- d-----w- c:\program files\DNA 2009-08-26 21:34 . 2008-08-15 14:31 -------- d-----w- c:\documents and settings\Sinisa\Application Data\DNA 2009-08-26 19:01 . 2008-04-02 09:33 -------- d-----w- c:\program files\Ahead 2009-08-13 22:28 . 2009-03-09 13:29 2978776 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-07-08 11:40 . 2008-10-30 18:58 -------- d-----w- c:\documents and settings\Sinisa\Application Data\PC Suite 2009-07-08 11:22 . 2008-10-30 19:08 -------- d-----w- c:\documents and settings\Sinisa\Application Data\Nokia 2009-07-07 14:02 . 2009-07-06 17:03 -------- d-----w- c:\program files\Common Files\Nokia 2009-07-06 17:24 . 2009-07-06 17:24 -------- d-----w- c:\documents and settings\Sinisa\Application Data\Nseries 2009-07-06 17:21 . 2008-10-30 18:58 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite 2009-07-06 17:20 . 2009-07-06 17:20 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf 2009-07-06 17:20 . 2009-07-06 17:20 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2009-07-06 17:13 . 2008-04-01 17:16 181760 ----a-w- c:\documents and settings\Sinisa\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-07-06 17:06 . 2009-07-06 17:06 -------- d-----w- c:\program files\Nokia 2009-07-06 17:06 . 2009-07-06 17:06 -------- d-----w- c:\program files\MSXML 6.0 2009-07-06 17:06 . 2009-07-06 17:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations 2009-07-06 17:05 . 2009-07-06 17:05 -------- d-----w- c:\program files\Common Files\PCSuite 2009-07-06 17:05 . 2009-07-06 17:04 -------- d-----w- c:\program files\Common Files\muvee Technologies 2009-07-06 16:57 . 2008-10-30 18:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Downloaded Installations 2009-06-18 19:05 . 2009-06-18 19:05 49152 ----a-r- c:\documents and settings\Sinisa\Application Data\Microsoft\Installer\{C37A0BC1-52EE-4F97-8223-5CA9FC0357B0}\ARPPRODUCTICON.exe 2009-06-11 16:21 . 2009-06-11 16:21 15 ----a-w- c:\windows\popcinfo.dat 2009-04-19 09:13 . 2008-04-11 14:03 88 --sh--r- c:\windows\system32\A3D6196DB1.sys 2009-04-19 09:13 . 2008-04-11 14:03 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((( SnapShot@2009-08-26_18.16.18 ))))))))))))))))))))))))))))))))))))))))) . + 2000-09-21 06:47 . 2000-09-21 06:47 35328 c:\windows\system32\picn20.dll + 2009-08-26 21:34 . 2009-08-26 21:34 1536 c:\windows\temp\NEventMessages.dll + 2000-09-21 11:53 . 2000-09-21 11:53 275312 c:\windows\system32\ImagXpr5.dll + 2000-09-27 15:15 . 2000-09-27 15:15 532480 c:\windows\system32\imagx5.dll + 2000-09-21 16:02 . 2000-09-21 16:02 507904 c:\windows\system32\imagr5.dll + 2009-08-26 19:01 . 2009-08-26 19:01 14303744 c:\windows\Installer\300b93.msi . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2008-11-12 21:37 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-12 333192] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-12 333192] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-03 1667584] "BitTorrent"="d:\program files\BitTorrent\bittorrent.exe" [2009-08-21 653104] "msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-04-22 342848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-02-16 282624] "WinRemote"="c:\program files\InterVideo\WinDVR\WinRemote.exe" [2003-09-03 131072] c:\documents and settings\All Users\Start Menu\Programs\Startup\ hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-6 147456] hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672] InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2009-1-6 131072] Nokia Ovi Suite.lnk - f:\program files\Nokia\Ovi\Suite\RunLauncher.exe [2008-7-25 951600] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "c:\\Program Files\\MSN Messenger\\livecall.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\TGbox\\Gbox Control\\webinterface\\bin\\apache\\mapache.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "d:\\Program Files\\BitTorrent\\bittorrent.exe"= "d:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\PES 09\\PES 2009\\pes2009.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "f:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "f:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"= "f:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"= "f:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"= "f:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"= "f:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"= "f:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymedia.exe"= "f:\\Program Files\\Nokia\\Nokia Home Media Server\\Media Server\\twonkymediaserver.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "6168:TCP"= 6168:TCP:Gbox "6168:UDP"= 6168:UDP:gbox R2 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [23.11.2008 1:03 464264] R3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [20.7.2007 18:40 84992] R3 PhTVTune;TV Capture Card WDM TV Tuner;c:\windows\system32\drivers\PhTVTune.sys [1.4.2008 19:54 19616] S2 TwonkyMedia;TwonkyMedia;f:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 --> f:\program files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -serviceversion 0 [?] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\MSN Messenger\usnsvc.exe [19.1.2007 12:54 97136] . Contents of the 'Scheduled Tasks' folder 2008-09-19 c:\windows\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 1100 series5E771253C1676EBED677BF361FDFC537825E15B8213910032.job - c:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52] . - - - - ORPHANS REMOVED - - - - HKLM-Run-NeroCheck - c:\windows\system32\\NeroCheck.exe . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.ba/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-08-26 23:34 Windows 5.1.2600 Service Pack 3, v.3180 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1960408961-179605362-725345543-1003\Software\SecuROM\License information] "datasecu"=hex:c0,19,c4,28,16,df,88,b4,73,62,15,57,cb,58,96,35,eb,ff,33,7c,68, 2c,77,81,ea,a0,39,6b,41,b6,7e,02,f4,ee,85,b6,ec,89,2f,67,b9,ee,ec,10,a1,27,\ "rkeysecu"=hex:ea,c6,3c,ac,13,29,ba,78,17,23,fa,72,3f,a8,ac,d8 . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(836) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(3564) c:\windows\system32\ieframe.dll c:\windows\system32\msi.dll c:\windows\system32\hnetcfg.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\ati2evxx.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\PSIService.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\progra~1\INTERV~1\WinDVR\WINSCH~1.EXE c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe c:\program files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe c:\program files\Hewlett-Packard\Digital Imaging\bin\hposts08.exe . ************************************************************************* . Completion time: 2009-08-26 23:38 - machine was rebooted ComboFix-quarantined-files.txt 2009-08-26 21:38 ComboFix2.txt 2009-08-26 18:18 ComboFix3.txt 2009-01-02 00:04 Pre-Run: 9.619.578.880 bytes free Post-Run: 9.525.956.608 bytes free 196 --- E O F --- 2008-06-21 10:55

Profil

Bogdan-Tc Poslao: 27 Avg 2009 16:51 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Otvoriti Notepad i iskopirati sledeci tekst: `DeQuarantine:: C:\Qoobox\Quarantine\C\windows\system32\nerocheck.exe.vir Quit::` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja. Nakon što odradiš prvo uputstvo preuzmi file sa linka i pokreni ga dvoklikom na ikonicu. Prikazaće se MessageBox. Klikni Yes pa Ok https://www.mycity.rs/must-login.png

Profil

friends555 Poslao: 27 Avg 2009 20:04 Idi na vrh
offline friends555 Građanin Pridružio: 30 Nov 2007 Poruke: 160	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! C:\Qoobox\Quarantine\C\windows\system32\nerocheck.exe.vir -> C:\windows\system32\nerocheck.exe ( 155648 bytes )

Profil

Bogdan-Tc Poslao: 27 Avg 2009 21:29 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sada stanje?

Profil

MyCity » Ambulanta -> Arhiva Ambulante » treba mi pomoc

Ko je trenutno na forumu

Ukupno su 983 korisnika na forumu :: 58 registrovanih, 9 sakrivenih i 916 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: _Sale, A.R.Chafee.Jr., atmel, bankulen, Bobrock1, bojank, bojankrstc, bojcistv, bokisha253, brundo65, cemix, crnitrn, croato, damirZR, darkangel, Denaya, Dimitrise93, Dorcolac, DPera, dule10savic, ginjica, GORDI, Griffon vulture, ikan, Ilija Cvorovic, Ivan Campo, Japidson, Joco Skljoco, Karla, krkalon, Krvava Devetka, Kubovac, kybonacci, Levi, mercedesamg, Mercury, Mi lao shu, milimoj, milutin134, Mixelotti, Nemanja.M, Parker, Petarvu, raketaš, repac, royst33, savaskytec, Sir Budimir, slonic_tonic, stalja, stegonosa, Stoilkovic, theNedjeljko, vlad4, vobo, voja64, zzapNDjuric99, 125

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by