MyCity » Ambulanta -> Arhiva Ambulante » Problem sa Task Manager-om

Problem sa Task Manager-om

Napisano na dan: 19.1.2009

Strana:
1
2
3

Problem sa Task Manager-om

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

TeoDos Poslao: 19 Jan 2009 13:09 Idi na vrh
offline TeoDos Građanin Pridružio: 23 Jan 2008 Poruke: 65 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Molim za proveru. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:53:36, on 19/01/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\system32\drivers\SbiCtr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\ltmoh\Ltmoh.exe C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\WINDOWS\LTMSG.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe c:\Program Files\Fujitsu Siemens\Hard Disk Noise Control\HDDFC.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\oodag.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TeamViewer3\TeamViewer_Host.exe C:\Program Files\TeamViewer3\TeamViewer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\user\Desktop\New Folder\Azra.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/http://www.yahoo.com/ext/search/search.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = us.rd.yahoo.com/customize/ie/defaults/su/msgr7/http://www.yahoo.com F2 - REG:system.ini: Shell=Explorer.exe %windir%\system32\drivers\SbiCtr.exe O1 - Hosts: 72.14.207.99 facebook.com O1 - Hosts: 72.14.207.99 myspace.com O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7 O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [SbiCtr.exe] C:\WINDOWS\system32\drivers\SbiCtr.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: KTITOR_2009.lnk = C:\Program Files\2009\2009.exe O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{11E41D21-F58E-4956-938C-41741B79A8A7}: NameServer = 192.168.0.11,91.150.90.2,91.150.90.3 O17 - HKLM\System\CS1\Services\Tcpip\..\{11E41D21-F58E-4956-938C-41741B79A8A7}: NameServer = 192.168.0.11,91.150.90.2,91.150.90.3 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Hard Disk Noise Control (HDDFC) - Fujitsu Siemens Computers - c:\Program Files\Fujitsu Siemens\Hard Disk Noise Control\HDDFC.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer3\TeamViewer_Host.exe -- End of file - 8323 bytes

Profil

helen1 Poslao: 19 Jan 2009 13:16 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakav je to problem? Klikni desnim tasterom miša na avast! ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Stop OnAccess Protection. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. --------------------------------- Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

TeoDos Poslao: 19 Jan 2009 13:49 Idi na vrh
offline TeoDos Građanin Pridružio: 23 Jan 2008 Poruke: 65 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo i log ComboFix-a Problem je bio u tome da je Task Manager bio do skeniranja sa ComboFix-om bio desable i nisam mogao da mu pridjem. Jutros kad sam upalio komp avast je prijavio dva zarazena fajla koja je prilikom svakog restarta racunara ponavljao. Pokusavao sam i sa Malwarebytes' Anti-Malware-om da ih uklonim ali su se svaki put ''vracali''. ComboFix 09-01-18.03 - user 2009-01-19 13:26:24.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1534.1002 [GMT 1:00] Running from: c:\documents and settings\user\Desktop\New Folder\ComboFix.exe AV: avast! antivirus 4.8.1296 [VPS 090118-0] On-access scanning disabled (Updated) * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-12-19 to 2009-01-19 ))))))))))))))))))))))))))))))) . 2009-01-19 11:58 . 2009-01-19 11:58 <DIR> d-------- c:\documents and settings\user\Application Data\Malwarebytes 2009-01-19 11:57 . 2009-01-19 11:57 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-01-19 11:57 . 2009-01-19 11:57 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-01-19 11:57 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-01-19 11:57 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-01-19 11:27 . 2009-01-19 11:27 1,409 --a------ c:\windows\system32\tmpE1028.FOT 2009-01-19 11:27 . 2009-01-19 11:27 1,409 --a------ c:\windows\system32\tmp54428.FOT 2009-01-19 09:48 . 2009-01-19 09:48 1,409 --a------ c:\windows\system32\tmpCD9A0.FOT 2009-01-19 09:48 . 2009-01-19 09:48 1,409 --a------ c:\windows\system32\tmp039A0.FOT 2009-01-19 09:22 . 2009-01-19 09:22 1,409 --a------ c:\windows\system32\tmpE41B0.FOT 2009-01-19 09:22 . 2009-01-19 09:22 1,409 --a------ c:\windows\system32\tmp333B0.FOT 2009-01-19 08:44 . 2009-01-19 08:44 715,776 -r-hs---- c:\windows\system32\drivers\SbiCtr.exe 2009-01-19 08:43 . 2009-01-19 08:43 1,409 --a------ c:\windows\system32\tmpA66D0.FOT 2009-01-19 08:43 . 2009-01-19 08:43 1,409 --a------ c:\windows\system32\tmp7E6D0.FOT 2008-12-31 10:32 . 2008-12-31 10:32 1,409 --a------ c:\windows\system32\tmpFC3D5.FOT 2008-12-31 10:32 . 2008-12-31 10:32 1,409 --a------ c:\windows\system32\tmpD14D5.FOT 2008-12-27 08:38 . 2008-12-27 08:38 1,409 --a------ c:\windows\system32\tmp6A801.FOT 2008-12-27 08:38 . 2008-12-27 08:38 1,409 --a------ c:\windows\system32\tmp2A601.FOT 2008-12-26 13:22 . 2009-01-19 12:49 <DIR> d-------- c:\program files\2009 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-19 12:25 --------- d-----w c:\documents and settings\user\Application Data\Skype 2009-01-19 11:49 --------- d-----w c:\documents and settings\user\Application Data\OpenOffice.org2 2009-01-19 11:41 --------- d-----w c:\program files\CCLEANER 2008-12-13 06:40 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll 2008-12-11 11:57 333,184 ----a-w c:\windows\system32\drivers\srv.sys 2008-12-11 11:57 333,184 ----a-w c:\windows\system32\dllcache\srv.sys 2008-11-21 13:52 --------- d-----w c:\program files\TeamViewer3 2008-10-24 11:10 453,632 ------w c:\windows\system32\dllcache\mrxsmb.sys 2008-10-23 13:01 283,648 ----a-w c:\windows\system32\gdi32.dll 2008-10-23 13:01 283,648 ----a-w c:\windows\system32\dllcache\gdi32.dll 2008-04-03 08:04 14,290 ----a-w c:\program files\settings.dat 2007-07-10 08:40 114 -c--a-w c:\program files\plugin.ini 2004-10-05 15:12 138,430 -c--a-w c:\program files\Readme.rtf . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2007-09-13 22880040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-08-02 7110656] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-08-02 86016] "LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2003-01-22 184320] "RestoreIT!"="c:\program files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" [2004-05-27 114688] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2006-09-14 249927] "googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "SbiCtr.exe"="c:\windows\system32\drivers\SbiCtr.exe" [2009-01-19 715776] "RTHDCPL"="RTHDCPL.EXE" [2005-03-23 c:\windows\RTHDCPL.EXE] "nwiz"="nwiz.exe" [2005-08-02 c:\windows\system32\nwiz.exe] "LTMSG"="LTMSG.exe" [2003-07-14 c:\windows\ltmsg.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] c:\documents and settings\user\Start Menu\Programs\Startup\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-05-03 113664] KTITOR_2009.lnk - c:\program files\2009\2009.exe [2008-12-26 2249384] OpenOffice.org 2.3.lnk - c:\program files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 393216] Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [2007-12-11 3746856] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-05-03 113664] AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2005-03-05 10872] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk \0oodbs [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "c:\\Program Files\\3d max\\3dsmax.exe"= "c:\\Program Files\\backburner 2\\monitor.exe"= "c:\\Program Files\\backburner 2\\manager.exe"= "c:\\Program Files\\backburner 2\\server.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\WINDOWS\\system32\\drivers\\SbiCtr.exe"= R0 RITCPT;RITCPT;c:\windows\system32\drivers\RITCPT.SYS [2006-04-14 43512] R0 VVBackd5;VVBackd5;c:\windows\system32\drivers\VVBackd5.sys [2006-04-14 179482] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-04-02 111184] R3 SMBus_2k;SMBus_2k;c:\windows\system32\drivers\SMBus_2k.sys [2006-04-04 14208] R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-04-02 20560] R4 FBAPI;FBAPI;c:\windows\system32\drivers\FBAPI.sys [2006-04-14 5088] R4 HDDFC;Hard Disk Noise Control;c:\program files\Fujitsu Siemens\Hard Disk Noise Control\HDDFC.exe [2005-03-22 155745] R4 TeamViewer;TeamViewer 3;c:\program files\TeamViewer3\TeamViewer_Host.exe [2008-03-12 181544] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6056a756-35f6-11dd-8847-003005ace4d4}] \Shell\Auto\command - Autorun.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Autorun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad545a9c-808f-11dc-bed3-003005ace4d4}] \Shell\AutoRun\command - F:\gmbcjmly.exezjpjkbuy.exe \Shell\explore\Command - F:\gmbcjmly.exezjpjkbuy.exe \Shell\open\Command - F:\gmbcjmly.exezjpjkbuy.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e788fd06-bf94-11dd-88d9-003005ace4d4}] \Shell\AutoRun\command - f:\restore\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe \Shell\open\command - f:\restore\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fadfa616-2bc2-11dd-883a-003005ace4d4}] \Shell\Auto\command - setup.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL setup.exe . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com uDefault_Search_URL = hxxp://www.google.com/ie uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mStart Page = hxxp://www.yahoo.com mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/http://www.yahoo.com/ext/search/search.html uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/http://www.yahoo.com IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: {11E41D21-F58E-4956-938C-41741B79A8A7} = 192.168.0.11,91.150.90.2,91.150.90.3 FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\ltag9nch.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll . *********************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-01-19 13:27:38 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2009-01-19 13:29:33 ComboFix-quarantined-files.txt 2009-01-19 12:29:22 Pre-Run: 10,699,431,936 bytes free Post-Run: 10,889,236,480 bytes free 149 --- E O F --- 2009-01-14 15:04:03

Profil

helen1 Poslao: 19 Jan 2009 15:04 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi program RootRepeal na Desktop. Raspakuj RootRepeal.zip u neki folder. Dvoklikom pokreni RootRepeal.exe. Pređi na Report karticu (klikom na Report taster, dole, desno). Klikni Scan taster. U prozoru koji se otvori (Select Scan), obeleži kućice ispred svih stavki i klikni OK. U narednom prozoru (Select Drives) obeleži kućicu ispred sistemskog diska (obično C:\) i klikni OK. Po završetku procesa, klikni Save Report i sačuvaj izveštaj o skeniranju. Priloži dobijeni izveštaj uz poruku korišćenjem opcije Prikači fajl.

Profil

TeoDos Poslao: 19 Jan 2009 15:18 Idi na vrh
offline TeoDos Građanin Pridružio: 23 Jan 2008 Poruke: 65 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Evo izvestaja. Nisam najbolje razumeo poslednju recenicu uputstva? mycity.rs/must-login.png ROOTREPEAL (c) AD, 2007-2008 ================================================== Scan Time: 2009/01/19 15:04 Program Version: Version 1.2.3.0 Windows Version: Windows XP SP2 ================================================== Drivers ------------------- Name: catchme.sys Image Path: C:\ComboFix\catchme.sys Address: 0xBAC58000 Size: 30592 File Visible: No Status: - Name: dump_atapi.sys Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys Address: 0xB6817000 Size: 98304 File Visible: No Status: - Name: dump_WMILIB.SYS Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS Address: 0xBADE4000 Size: 8192 File Visible: No Status: - Name: PROCEXP90.SYS Image Path: C:\WINDOWS\system32\Drivers\PROCEXP90.SYS Address: 0xBAE56000 Size: 6464 File Visible: No Status: - Name: rootrepeal.sys Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys Address: 0xB5540000 Size: 45056 File Visible: No Status: - SSDT ------------------- #: 025 Function Name: NtClose Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb685a576 #: 041 Function Name: NtCreateKey Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb685a432 #: 065 Function Name: NtDeleteValueKey Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb685a910 #: 068 Function Name: NtDuplicateObject Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb685a00a #: 119 Function Name: NtOpenKey Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb685a50c #: 122 Function Name: NtOpenProcess Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb6859f4a #: 128 Function Name: NtOpenThread Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb6859fae #: 177 Function Name: NtQueryValueKey Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb685a62c #: 204 Function Name: NtRestoreKey Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb685a5ec #: 247 Function Name: NtSetValueKey Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb685a76c

Profil

helen1 Poslao: 19 Jan 2009 22:20 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uploaduj mi sledece fajlove: c:\windows\system32\drivers\FBAPI.sys c:\windows\system32\tmpE41B0.FOT preko sledeceg linka: http://www.mycity.rs/ambulanta-upload.php

Profil

TeoDos Poslao: 20 Jan 2009 09:01 Idi na vrh
offline TeoDos Građanin Pridružio: 23 Jan 2008 Poruke: 65 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradio sam sve kako si mi napisao.

Profil

helen1 Poslao: 20 Jan 2009 21:06 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ponovo iskljuci Antivirus: Otvoriti Notepad i iskopirati sledeci tekst: File:: c:\windows\system32\drivers\SbiCtr.exe Folder:: c:\program files\2009 Registry:: [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6056a756-35f6-11dd-8847-003005ace4d4}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ad545a9c-808f-11dc-bed3-003005ace4d4}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e788fd06-bf94-11dd-88d9-003005ace4d4}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fadfa616-2bc2-11dd-883a-003005ace4d4}] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\drivers\\SbiCtr.exe"=- Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

TeoDos Poslao: 21 Jan 2009 09:19 Idi na vrh
offline TeoDos Građanin Pridružio: 23 Jan 2008 Poruke: 65 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Prilikom podizanja sistema, avast mi je signalizirao da je pronadjen virus i naravno pitao je za akciju. Ja sam pomenuti fajl premestio u kovceg. Ovo je iz avastovog dnevnika: 21/01/2009 08:41:09 SYSTEM 1376 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\WINDOWS\system32\drivers\SbiCtr.exe" file. Kasnije sam video u tvom log-u da si taj fajl ubacio u skriptu pa sad ne znam da li sam uradio sve kako bi trebalo. Evo i ComboFix log/a: ComboFix 09-01-20.05 - user 2009-01-21 8:48:38.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1534.943 [GMT 1:00] Running from: c:\documents and settings\user\Desktop\New Folder\ComboFix.exe Command switches used :: c:\documents and settings\user\Desktop\New Folder\CFScript.txt AV: avast! antivirus 4.8.1296 [VPS 090120-0] On-access scanning disabled (Updated) * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: c:\windows\system32\drivers\SbiCtr.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\2009 c:\program files\2009\2009.exe c:\program files\2009\agenda.dxr c:\program files\2009\editor\calc.exe c:\program files\2009\editor\Notepad2.exe c:\program files\2009\editor\Notepad2.reg c:\program files\2009\files\licencesr.txt c:\program files\2009\files\meseci\april.txt c:\program files\2009\files\meseci\august.txt c:\program files\2009\files\meseci\december.txt c:\program files\2009\files\meseci\february.txt c:\program files\2009\files\meseci\january.txt c:\program files\2009\files\meseci\july.txt c:\program files\2009\files\meseci\june.txt c:\program files\2009\files\meseci\march.txt c:\program files\2009\files\meseci\may.txt c:\program files\2009\files\meseci\november.txt c:\program files\2009\files\meseci\october.txt c:\program files\2009\files\meseci\september.txt c:\program files\2009\files\mjeseci\APRIL.txt c:\program files\2009\files\mjeseci\AVGUST.txt c:\program files\2009\files\mjeseci\CONTACTS.txt c:\program files\2009\files\mjeseci\DECEMBAR.txt c:\program files\2009\files\mjeseci\FEBRUAR.txt c:\program files\2009\files\mjeseci\JANUAR.txt c:\program files\2009\files\mjeseci\JULI.txt c:\program files\2009\files\mjeseci\JUNI.txt c:\program files\2009\files\mjeseci\MAJ.txt c:\program files\2009\files\mjeseci\MART.txt c:\program files\2009\files\mjeseci\NOTES.txt c:\program files\2009\files\mjeseci\NOVEMBAR.txt c:\program files\2009\files\mjeseci\OKTOBAR.txt c:\program files\2009\files\mjeseci\SEPTEMBAR.txt c:\program files\2009\files\prezentacija\1.txt c:\program files\2009\files\prezentacija\3.txt c:\program files\2009\img.cxt c:\program files\2009\kLODOVIK.url c:\program files\2009\Notes.txt c:\program files\2009\PF2009.ico c:\program files\2009\start.dxr c:\program files\2009\unins000.dat c:\program files\2009\unins000.exe c:\program files\2009\Xtras\budapi.x32 c:\program files\2009\Xtras\Flash Asset\Flash Asset.x32 c:\program files\2009\Xtras\Media Support\Actor Control.x32 c:\program files\2009\Xtras\Media Support\Cursor Asset.x32 c:\program files\2009\Xtras\Media Support\Cursor Options.x32 c:\program files\2009\Xtras\Media Support\FileIo.x32 c:\program files\2009\Xtras\Media Support\Font Asset Dialog.x32 c:\program files\2009\Xtras\Media Support\Font Asset.x32 c:\program files\2009\Xtras\Media Support\Font Xtra.x32 c:\program files\2009\Xtras\Media Support\LZComprs.x32 c:\program files\2009\Xtras\Media Support\Squish.x32 c:\program files\2009\Xtras\Media Support\SWADCmpr.x32 c:\program files\2009\Xtras\Media Support\Text Asset.x32 c:\program files\2009\Xtras\Media Support\TextAuth.x32 c:\program files\2009\Xtras\Media Support\TextXtra.x32 c:\program files\2009\Xtras\Media Support\ZipXtra.x32 c:\program files\2009\Xtras\PMATIC.reg c:\program files\2009\Xtras\PMATIC.X32 . ((((((((((((((((((((((((( Files Created from 2008-12-21 to 2009-01-21 ))))))))))))))))))))))))))))))) . 2009-01-21 08:42 . 2009-01-21 08:42 720,896 -r-hs---- c:\windows\system32\drivers\SbCtri.exe 2009-01-21 08:41 . 2009-01-19 08:44 715,776 --------- c:\windows\system32\drivers\trz1.tmp 2009-01-19 11:58 . 2009-01-19 11:58 <DIR> d-------- c:\documents and settings\user\Application Data\Malwarebytes 2009-01-19 11:57 . 2009-01-19 11:57 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-01-19 11:57 . 2009-01-19 11:57 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-01-19 11:57 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-01-19 11:57 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-01-19 11:27 . 2009-01-19 11:27 1,409 --a------ c:\windows\system32\tmpE1028.FOT 2009-01-19 11:27 . 2009-01-19 11:27 1,409 --a------ c:\windows\system32\tmp54428.FOT 2009-01-19 09:48 . 2009-01-19 09:48 1,409 --a------ c:\windows\system32\tmpCD9A0.FOT 2009-01-19 09:48 . 2009-01-19 09:48 1,409 --a------ c:\windows\system32\tmp039A0.FOT 2009-01-19 09:22 . 2009-01-19 09:22 1,409 --a------ c:\windows\system32\tmpE41B0.FOT 2009-01-19 09:22 . 2009-01-19 09:22 1,409 --a------ c:\windows\system32\tmp333B0.FOT 2009-01-19 08:43 . 2009-01-19 08:43 1,409 --a------ c:\windows\system32\tmpA66D0.FOT 2008-12-31 10:32 . 2008-12-31 10:32 1,409 --a------ c:\windows\system32\tmpFC3D5.FOT 2008-12-31 10:32 . 2008-12-31 10:32 1,409 --a------ c:\windows\system32\tmpD14D5.FOT 2008-12-27 08:38 . 2008-12-27 08:38 1,409 --a------ c:\windows\system32\tmp6A801.FOT 2008-12-27 08:38 . 2008-12-27 08:38 1,409 --a------ c:\windows\system32\tmp2A601.FOT . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-21 07:43 --------- d-----w c:\documents and settings\user\Application Data\Skype 2009-01-21 07:42 --------- d-----w c:\documents and settings\user\Application Data\OpenOffice.org2 2009-01-19 11:41 --------- d-----w c:\program files\CCLEANER 2008-12-13 06:40 3,593,216 ----a-w c:\windows\system32\dllcache\mshtml.dll 2008-12-11 11:57 333,184 ----a-w c:\windows\system32\drivers\srv.sys 2008-12-11 11:57 333,184 ----a-w c:\windows\system32\dllcache\srv.sys 2008-11-21 13:52 --------- d-----w c:\program files\TeamViewer3 2008-10-24 11:10 453,632 ------w c:\windows\system32\dllcache\mrxsmb.sys 2008-10-23 13:01 283,648 ----a-w c:\windows\system32\gdi32.dll 2008-10-23 13:01 283,648 ----a-w c:\windows\system32\dllcache\gdi32.dll 2008-04-03 08:04 14,290 ----a-w c:\program files\settings.dat 2007-07-10 08:40 114 -c--a-w c:\program files\plugin.ini 2004-10-05 15:12 138,430 -c--a-w c:\program files\Readme.rtf . ((((((((((((((((((((((((((((( snapshot@2009-01-19_13.28.12.76 ))))))))))))))))))))))))))))))))))))))))) . + 2009-01-21 07:40:45 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_560.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2007-09-13 22880040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-08-02 7110656] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-08-02 86016] "LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2003-01-22 184320] "RestoreIT!"="c:\program files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" [2004-05-27 114688] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [2006-09-14 249927] "googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "RTHDCPL"="RTHDCPL.EXE" [2005-03-23 c:\windows\RTHDCPL.EXE] "nwiz"="nwiz.exe" [2005-08-02 c:\windows\system32\nwiz.exe] "LTMSG"="LTMSG.exe" [2003-07-14 c:\windows\ltmsg.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-05-03 113664] AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2005-03-05 10872] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk \0oodbs [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "c:\\Program Files\\3d max\\3dsmax.exe"= "c:\\Program Files\\backburner 2\\monitor.exe"= "c:\\Program Files\\backburner 2\\manager.exe"= "c:\\Program Files\\backburner 2\\server.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 RITCPT;RITCPT;c:\windows\system32\drivers\RITCPT.SYS [2006-04-14 43512] R0 VVBackd5;VVBackd5;c:\windows\system32\drivers\VVBackd5.sys [2006-04-14 179482] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-04-02 111184] R3 SMBus_2k;SMBus_2k;c:\windows\system32\drivers\SMBus_2k.sys [2006-04-04 14208] R4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-04-02 20560] R4 FBAPI;FBAPI;c:\windows\system32\drivers\FBAPI.sys [2006-04-14 5088] R4 HDDFC;Hard Disk Noise Control;c:\program files\Fujitsu Siemens\Hard Disk Noise Control\HDDFC.exe [2005-03-22 155745] R4 Service Controler;Service Controler;c:\windows\system32\drivers\SbCtri.exe [2009-01-21 720896] R4 TeamViewer;TeamViewer 3;c:\program files\TeamViewer3\TeamViewer_Host.exe [2008-03-12 181544] --- Other Services/Drivers In Memory --- NewlyCreated* - SERVICE_CONTROLER . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com uDefault_Search_URL = hxxp://www.google.com/ie uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mStart Page = hxxp://www.yahoo.com mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr7/http://www.yahoo.com/ext/search/search.html uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/http://www.yahoo.com IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: {11E41D21-F58E-4956-938C-41741B79A8A7} = 192.168.0.11,91.150.90.2,91.150.90.3 FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\ltag9nch.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-01-21 08:50:19 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2009-01-21 8:52:12 ComboFix-quarantined-files.txt 2009-01-21 07:52:06 ComboFix2.txt 2009-01-19 12:29:35 Pre-Run: 10,841,579,520 bytes free Post-Run: 10,823,143,424 bytes free 202 --- E O F --- 2009-01-14 15:04:03

Profil

helen1 Poslao: 21 Jan 2009 17:53 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, kopiraj mi sadrzaj sledeceg fajla ovde na forum: C:\Qoobox\ComboFix-quarantined-files.txt

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Problem sa Task Manager-om

Ko je trenutno na forumu

Ukupno su 1001 korisnika na forumu :: 30 registrovanih, 4 sakrivenih i 967 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: anta, aramis s, Areal84, babaroga, Bluper, bojank, darkangel, DavidA, Denaya, dzoni19, FOX, Griffon vulture, havoc995, Kriglord, Lieutenant, mgolub, milenko crazy north, Millennium, milutin134, Neutral-M, oldtimer, rovac, ruma, sevenino, Shinobi, Stanlio, stegonosa, Tvrtko I, Wrangler, Zoca

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by