Možda tražite i:
http://xat.com/kod_dva_kuma
Korisno - http://yu.review-hosting.com/
http://www.stage6.com/

MyCity » Ambulanta -> Arhiva Ambulante » http://www.renew.com/

http://www.renew.com/

Napisano na dan: 23.10.2010

Strana:
1
2

http://www.renew.com/

Sledeća strana

Pagination

Odgovori

Strana:
1
2

goust Poslao: 23 Okt 2010 22:13 Idi na vrh
offline goust Elitni građanin Pridružio: 09 Apr 2005 Poruke: 1799	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Malo, malo pa mi se otvori nov tab u FF na gore navedenu stranu. Nemam pojma o cemu se radi. Mozda i nije zaraza...

Profil

Bogdan-Tc Poslao: 24 Okt 2010 00:05 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Možemo da proverimo ako postaviš logove koji su navedeni u temi: [Link mogu videti samo ulogovani korisnici] Ovako možemo samo da nagađamo.

Profil

goust Poslao: 24 Okt 2010 11:30 Idi na vrh
offline goust Elitni građanin Pridružio: 09 Apr 2005 Poruke: 1799	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: DDS (Ver_10-10-21.02) - NTFSx86 Run by Sasa at 10:04:58,45 on ??? 24.10.2010 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_21 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.255.32 [GMT 2:00] AV: Kaspersky Internet Security On-access scanning disabled (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Internet Security enabled {2C4D4BC6-0793-4956-A9F9-E252435469C0} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\Sasa\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = [Link mogu videti samo ulogovani korisnici] uURLSearchHooks: H - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [AVP] "c:\program files\kaspersky lab\kaspersky internet security 7.0\avp.exe" mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 dRunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N StartupFolder: c:\docume~1\sasa\startm~1\programs\startup\corelr~1.lnk - c:\program files\corel\graphics9\register\Remind32.exe uPolicies-explorer: ForceClassicControlPanel = 1 (0x1) dPolicies-explorer: ForceClassicControlPanel = 1 (0x1) IE: Add to Anti-Banner - c:\program files\kaspersky lab\kaspersky internet security 7.0\ie_banner_deny.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky internet security 7.0\SCIEPlgn.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: Microsoft XML Parser for Java - [Link mogu videti samo ulogovani korisnici] DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - [Link mogu videti samo ulogovani korisnici] DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: klogon - c:\windows\system32\klogon.dll AppInit_DLLs: c:\progra~1\kasper~1\kasper~1.0\adialhk.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\sasa\applic~1\mozilla\firefox\profiles\wvh9xwk7.default\ FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici] FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici] FF - plugin: c:\documents and settings\sasa\application data\mozilla\firefox\profiles\wvh9xwk7.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified ============= SERVICES / DRIVERS =============== R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2007-4-28 110360] R1 klif;Klif;c:\windows\system32\drivers\klif.sys [2007-6-27 186640] R2 AVP;Kaspersky Internet Security 7.0;c:\program files\kaspersky lab\kaspersky internet security 7.0\avp.exe [2007-6-28 218376] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2007-4-4 24344] =============== Created Last 30 ================ 2010-10-23 18:55:23 -------- d-----r- c:\program files\Skype 2010-10-18 18:49:40 -------- d-----w- c:\docume~1\sasa\locals~1\applic~1\ApplicationHistory 2010-10-18 17:26:59 -------- d-----w- c:\windows\system32\FTCodecs 2010-10-18 17:26:55 45056 ----a-w- c:\windows\system32\ogg.dll 2010-10-18 14:17:56 51 ----a-w- c:\windows\SW_Win3112X32.DLL 2010-10-18 09:32:55 -------- d-----w- c:\docume~1\sasa\applic~1\GetRightToGo 2010-10-17 14:16:26 -------- d-----w- c:\program files\VSTplugins 2010-10-17 14:06:12 -------- d-----w- c:\program files\Sony 2010-10-17 13:58:47 -------- d-----w- c:\windows\system32\URTTEMP 2010-10-17 13:48:50 -------- d-----w- c:\program files\Sony Setup 2010-10-17 13:48:06 -------- d-----w- c:\program files\LitexMedia 2010-10-17 13:24:26 -------- d-----w- c:\program files\Windows Media Connect 2 2010-10-17 13:19:36 222208 ----a-w- c:\windows\system32\setb0.tmp 2010-10-17 13:09:56 -------- d-----w- c:\windows\system32\LogFiles 2010-10-16 00:47:17 -------- d-----w- c:\program files\MSXML 4.0 2010-10-15 20:12:42 -------- d-----w- c:\program files\Samsung 2010-10-15 18:29:40 -------- d-----w- c:\docume~1\sasa\applic~1\Samsung 2010-10-15 18:27:02 174592 ----a-w- c:\windows\system32\framedyn.dll 2010-10-15 18:25:11 83592 ----a-w- c:\windows\system32\drivers\ss_bus.sys 2010-10-15 18:25:11 15112 ----a-w- c:\windows\system32\drivers\ss_mdfl.sys 2010-10-15 18:25:11 12424 ----a-w- c:\windows\system32\drivers\ss_whnt.sys 2010-10-15 18:25:11 12424 ----a-w- c:\windows\system32\drivers\ss_wh.sys 2010-10-15 18:25:11 12424 ----a-w- c:\windows\system32\drivers\ss_cmnt.sys 2010-10-15 18:25:11 12424 ----a-w- c:\windows\system32\drivers\ss_cm.sys 2010-10-15 18:25:11 109704 ----a-w- c:\windows\system32\drivers\ss_mdm.sys 2010-10-15 18:25:11 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers 2010-10-15 18:22:12 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys 2010-10-13 23:30:52 221184 ----a-w- c:\windows\system32\wmpns.dll 2010-10-13 16:19:00 -------- d-----w- c:\program files\Fantasysoft 2010-10-08 21:40:13 122880 ----a-r- c:\docume~1\sasa\applic~1\microsoft\installer\{65eea363-8d47-4268-bbce-85cd54acdc15}\NewShortcut5_FA22C8B36029437A9646719DBA760EAE.exe 2010-10-08 21:40:11 122880 ----a-r- c:\docume~1\sasa\applic~1\microsoft\installer\{65eea363-8d47-4268-bbce-85cd54acdc15}\ARPPRODUCTICON.exe 2010-10-08 21:39:03 -------- d-----w- c:\program files\Electric Rain 2010-10-08 21:34:58 -------- d--h--w- c:\windows\PIF 2010-10-04 13:28:41 572022 ----a-w- C:\~VM1B.tmp 2010-10-04 13:28:23 497814 ----a-w- C:\~VM1A.tmp 2010-10-01 13:41:19 -------- d-----w- c:\windows\XSxS 2010-10-01 13:41:19 -------- d-----w- c:\program files\Xenocode 2010-10-01 13:41:19 -------- d-----w- c:\docume~1\sasa\locals~1\applic~1\Xenocode 2010-09-30 17:00:26 607744 ------w- c:\windows\system32\Decslib.dll 2010-09-30 16:54:28 245760 ------w- c:\windows\system32\Sccomp91.dll 2010-09-30 16:54:26 110592 ------w- c:\windows\system32\Sccres91.dll 2010-09-30 16:54:24 225280 ------w- c:\windows\system32\Scint91.dll 2010-09-30 16:53:56 -------- d-----w- c:\windows\Profiles 2010-09-30 13:37:08 -------- d-----w- c:\docume~1\sasa\applic~1\REALVIZ 2010-09-30 13:32:17 -------- d-----w- c:\program files\REALVIZ 2010-09-28 18:11:00 -------- d-----w- C:\Temp ==================== Find3M ==================== 2010-10-23 17:11:20 1056 --sha-w- C:\nj0jovma.sys 2010-10-12 10:17:06 479232 ----a-w- c:\windows\system32\PDFConverterX.ocx 2010-10-12 06:41:26 323584 ----a-w- c:\windows\system32\WordConverterX2.ocx 2010-09-18 10:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll 2010-09-18 06:53:25 974848 ------w- c:\windows\system32\mfc42.dll 2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll 2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll 2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll 2010-09-10 05:58:06 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-09-10 05:58:06 1469440 ------w- c:\windows\system32\inetcpl.cpl 2010-09-01 20:48:19 73728 ----a-w- c:\windows\system32\javacpl.cpl 2010-09-01 20:48:18 423656 ----a-w- c:\windows\system32\deployJava1.dll 2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll 2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys 2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll 2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll 2010-08-26 12:52:45 5120 ----a-w- c:\windows\system32\xpsp4res.dll 2010-08-26 09:32:34 204800 ----a-w- c:\windows\system32\beconv.dll 2010-08-26 06:50:50 1888256 ----a-w- c:\windows\system32\beconvlib.dll 2010-08-25 10:26:54 131072 ----a-w- c:\windows\system32\CSVSpecialProcessing.dll 2010-08-25 07:47:02 282624 ----a-w- c:\windows\system32\bprgcomm.dll 2010-08-25 07:39:58 102400 ----a-w- c:\windows\system32\bclnap.dll 2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll 2010-08-18 12:18:10 98304 ----a-w- c:\windows\system32\DVM.dll 2010-08-18 12:17:52 102400 ----a-w- c:\windows\system32\SARzilla.dll 2010-08-18 12:17:44 53248 ----a-w- c:\windows\system32\RegisterExe.exe 2010-08-17 14:59:09 37 ----a-w- c:\windows\system32\sysmwwod.dll 2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe 2010-08-16 08:45:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll 2010-08-11 13:10:00 831488 ----a-w- c:\windows\system32\tx151.dll 2010-08-02 01:03:00 618496 ----a-w- c:\windows\system32\tx151htm.dll 2010-08-02 00:07:00 360448 ----a-w- c:\windows\system32\tx151css.dll 2010-07-31 08:10:16 221184 ----a-w- c:\windows\system32\SII_PDF.dll 2010-07-29 03:32:00 659456 ----a-w- c:\windows\system32\tx151rtf.dll ============= FINISH: 10:07:08,90 =============== [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Nadam se da sam ispostovao proceduru. Gmer mi je restartovao racunar, ako to nesto znaci, pa sam zato skenirao sa RootRepea.

Profil

Bogdan-Tc Poslao: 24 Okt 2010 11:41 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

goust Poslao: 24 Okt 2010 12:36 Idi na vrh
offline goust Elitni građanin Pridružio: 09 Apr 2005 Poruke: 1799	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 10-10-23.01 - Sasa 24.10.2010 12:16:30.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.255.35 [GMT 2:00] Running from: c:\documents and settings\Sasa\Desktop\ComboFix.exe AV: Kaspersky Internet Security On-access scanning disabled (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Internet Security disabled {2C4D4BC6-0793-4956-A9F9-E252435469C0} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\RelevantKnowledge c:\program files\RelevantKnowledge\MSVCP71.DLL c:\program files\RelevantKnowledge\MSVCR71.DLL c:\windows\SW_Win3112X32.DLL c:\windows\system32\sysmwwod.dll D:\install.exe . ((((((((((((((((((((((((( Files Created from 2010-09-24 to 2010-10-24 ))))))))))))))))))))))))))))))) . 2010-10-23 18:55 . 2010-10-23 18:55 -------- d-----w- c:\program files\Common Files\Skype 2010-10-23 18:55 . 2010-10-23 18:55 -------- d-----r- c:\program files\Skype 2010-10-18 18:49 . 2010-10-18 18:51 -------- d-----w- c:\documents and settings\Sasa\Local Settings\Application Data\ApplicationHistory 2010-10-18 17:26 . 2010-10-18 17:27 -------- d-----w- c:\windows\system32\FTCodecs 2010-10-18 17:26 . 2003-03-25 03:49 45056 ----a-w- c:\windows\system32\ogg.dll 2010-10-18 09:32 . 2010-10-18 09:33 -------- d-----w- c:\documents and settings\Sasa\Application Data\GetRightToGo 2010-10-17 14:16 . 2010-10-17 14:16 -------- d-----w- c:\program files\VSTplugins 2010-10-17 14:16 . 2010-10-17 14:16 -------- d-----w- c:\documents and settings\Sasa\Application Data\Publish Providers 2010-10-17 14:15 . 2010-10-17 14:29 -------- d-----w- c:\documents and settings\Sasa\Application Data\Sony 2010-10-17 14:06 . 2010-10-17 14:06 -------- d-----w- c:\program files\Sony 2010-10-17 13:58 . 2010-10-17 13:58 -------- d-----w- c:\windows\system32\URTTEMP 2010-10-17 13:48 . 2010-10-17 13:48 -------- d-----w- c:\program files\Sony Setup 2010-10-17 13:48 . 2010-10-17 13:48 -------- d-----w- c:\program files\LitexMedia 2010-10-17 13:24 . 2010-10-17 13:24 -------- d-----w- c:\program files\Windows Media Connect 2 2010-10-17 13:19 . 2006-10-18 19:47 222208 ----a-w- c:\windows\system32\setb0.tmp 2010-10-17 13:09 . 2010-10-17 13:17 -------- d-----w- c:\windows\system32\drivers\UMDF 2010-10-17 13:09 . 2010-10-17 13:09 -------- d-----w- c:\windows\system32\LogFiles 2010-10-16 00:47 . 2010-10-16 00:47 -------- d-----w- c:\program files\MSXML 4.0 2010-10-15 20:12 . 2010-10-15 20:12 -------- d-----w- c:\program files\Samsung 2010-10-15 18:29 . 2010-10-15 20:23 -------- d-----w- c:\documents and settings\Sasa\Application Data\Samsung 2010-10-15 18:27 . 2006-05-03 20:53 174592 ----a-w- c:\windows\system32\framedyn.dll 2010-10-15 18:25 . 2010-10-15 18:25 -------- d-----w- c:\program files\DIFX 2010-10-15 18:25 . 2010-10-15 18:25 -------- dc----w- c:\windows\system32\DRVSTORE 2010-10-15 18:25 . 2010-10-15 18:25 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers 2010-10-15 18:25 . 2007-05-02 09:11 15112 ----a-w- c:\windows\system32\drivers\ss_mdfl.sys 2010-10-15 18:25 . 2007-05-02 09:11 12424 ----a-w- c:\windows\system32\drivers\ss_whnt.sys 2010-10-15 18:25 . 2007-05-02 09:11 12424 ----a-w- c:\windows\system32\drivers\ss_wh.sys 2010-10-15 18:25 . 2007-05-02 09:11 109704 ----a-w- c:\windows\system32\drivers\ss_mdm.sys 2010-10-15 18:25 . 2007-05-02 09:11 83592 ----a-w- c:\windows\system32\drivers\ss_bus.sys 2010-10-15 18:25 . 2007-05-02 09:11 12424 ----a-w- c:\windows\system32\drivers\ss_cmnt.sys 2010-10-15 18:25 . 2007-05-02 09:11 12424 ----a-w- c:\windows\system32\drivers\ss_cm.sys 2010-10-15 18:22 . 2006-07-24 14:05 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys 2010-10-13 23:30 . 2008-04-14 03:42 221184 ----a-w- c:\windows\system32\wmpns.dll 2010-10-13 16:19 . 2010-10-13 16:19 -------- d-----w- c:\program files\Fantasysoft 2010-10-08 21:40 . 2010-10-08 21:40 122880 ----a-r- c:\documents and settings\Sasa\Application Data\Microsoft\Installer\{65EEA363-8D47-4268-BBCE-85CD54ACDC15}\NewShortcut5_FA22C8B36029437A9646719DBA760EAE.exe 2010-10-08 21:40 . 2010-10-08 21:40 122880 ----a-r- c:\documents and settings\Sasa\Application Data\Microsoft\Installer\{65EEA363-8D47-4268-BBCE-85CD54ACDC15}\ARPPRODUCTICON.exe 2010-10-08 21:39 . 2010-10-08 21:39 -------- d-----w- c:\program files\Electric Rain 2010-10-08 21:34 . 2010-10-08 21:34 -------- d--h--w- c:\windows\PIF 2010-10-04 14:35 . 2010-10-04 14:35 -------- d-----w- c:\program files\Google 2010-10-04 13:28 . 2010-10-04 13:31 572022 ----a-w- C:\~VM1B.tmp 2010-10-04 13:28 . 2010-10-04 13:31 497814 ----a-w- C:\~VM1A.tmp 2010-10-01 13:41 . 2010-10-01 13:46 -------- d-----w- c:\windows\XSxS 2010-10-01 13:41 . 2010-10-01 13:41 -------- d-----w- c:\program files\Xenocode 2010-10-01 13:41 . 2010-10-01 13:41 -------- d-----w- c:\documents and settings\Sasa\Local Settings\Application Data\Xenocode 2010-09-30 17:00 . 1998-09-25 15:18 607744 ------w- c:\windows\system32\Decslib.dll 2010-09-30 16:54 . 1999-04-15 07:43 245760 ------w- c:\windows\system32\Sccomp91.dll 2010-09-30 16:54 . 1999-04-15 07:43 110592 ------w- c:\windows\system32\Sccres91.dll 2010-09-30 16:54 . 1999-04-15 07:43 225280 ------w- c:\windows\system32\Scint91.dll 2010-09-30 16:53 . 2010-09-30 16:53 -------- d-----w- c:\windows\Profiles 2010-09-30 13:37 . 2010-09-30 13:37 -------- d-----w- c:\documents and settings\Sasa\Application Data\REALVIZ 2010-09-30 13:32 . 2010-09-30 13:32 -------- d-----w- c:\program files\REALVIZ 2010-09-28 18:11 . 2010-09-28 18:11 -------- d-----w- C:\Temp . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-09-18 10:23 . 2007-04-03 06:44 974848 ----a-w- c:\windows\system32\mfc42u.dll 2010-09-18 06:53 . 2008-04-14 03:41 974848 ------w- c:\windows\system32\mfc42.dll 2010-09-18 06:53 . 2008-04-14 03:41 953856 ----a-w- c:\windows\system32\mfc40u.dll 2010-09-18 06:53 . 2001-08-23 09:00 954368 ----a-w- c:\windows\system32\mfc40.dll 2010-09-10 05:58 . 2008-04-28 10:01 916480 ----a-w- c:\windows\system32\wininet.dll 2010-09-10 05:58 . 2008-04-28 10:01 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-09-10 05:58 . 2008-04-28 10:01 1469440 ------w- c:\windows\system32\inetcpl.cpl 2010-09-01 20:48 . 2010-09-01 20:50 73728 ----a-w- c:\windows\system32\javacpl.cpl 2010-09-01 20:48 . 2010-09-01 20:50 423656 ----a-w- c:\windows\system32\deployJava1.dll 2010-09-01 11:51 . 2008-04-14 03:39 285824 ----a-w- c:\windows\system32\atmfd.dll 2010-08-31 13:42 . 2008-04-13 23:00 1852800 ----a-w- c:\windows\system32\win32k.sys 2010-08-27 08:02 . 2008-04-14 03:42 119808 ----a-w- c:\windows\system32\t2embed.dll 2010-08-27 05:57 . 2008-04-14 03:42 99840 ----a-w- c:\windows\system32\srvsvc.dll 2010-08-26 13:39 . 2008-04-13 22:45 357248 ----a-w- c:\windows\system32\drivers\srv.sys 2010-08-26 12:52 . 2010-02-21 15:38 5120 ----a-w- c:\windows\system32\xpsp4res.dll 2010-08-23 16:12 . 2008-04-14 03:41 617472 ----a-w- c:\windows\system32\comctl32.dll 2010-08-17 13:17 . 2008-04-14 03:42 58880 ----a-w- c:\windows\system32\spoolsv.exe 2010-08-16 08:45 . 2008-04-14 03:42 590848 ----a-w- c:\windows\system32\rpcrt4.dll . ------- Sigcheck ------- [-] 2008-04-28 . 2E7EA3E8D40C06F7D558E2485F8BD27E . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-02-04 23975720] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2003-09-24 5033984] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [2007-06-28 218376] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="shell32" [X] "nltide_3"="advpack.dll" [2009-03-08 128512] c:\documents and settings\Sasa\Start Menu\Programs\Startup\ Corel Registration.lnk - c:\program files\Corel\Graphics9\Register\Remind32.exe [2010-9-30 67584] [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) [HKLM\~\startupfolder\C:^Documents and Settings^Sasa^Start Menu^Programs^Startup^Corel Registration.lnk] path=c:\documents and settings\Sasa\Start Menu\Programs\Startup\Corel Registration.lnk backup=c:\windows\pss\Corel Registration.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-04-04 05:42 36272 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] 2003-09-24 11:32 5033984 ----a-r- c:\windows\system32\nvcpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] 2003-09-24 11:32 741376 ----a-r- c:\windows\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-02-15 17:50 417792 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2009-02-04 10:27 23975720 ----a-r- c:\program files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] 2003-06-10 11:12 55296 ----a-w- c:\windows\SOUNDMAN.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweeper.exe] 2006-06-02 22:42 176128 ----a-w- c:\program files\History Sweeper\sweeper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "JavaQuickStarterService"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [4.4.2007 15:58 24344] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] getPlusHelper REG_MULTI_SZ getPlusHelper . Contents of the 'Scheduled Tasks' folder 2010-10-23 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] . . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 DPF: Microsoft XML Parser for Java - [Link mogu videti samo ulogovani korisnici] FF - ProfilePath - c:\documents and settings\Sasa\Application Data\Mozilla\Firefox\Profiles\wvh9xwk7.default\ FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici] FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici] FF - plugin: c:\documents and settings\Sasa\Application Data\Mozilla\Firefox\Profiles\wvh9xwk7.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . . ------- File Associations ------- . . - - - - ORPHANS REMOVED - - - - URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file) BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) MSConfigStartUp-Adobe ARM - c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe AddRemove-Convert Doc_is1 - c:\program files\Softinterface ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2010-10-24 12:30 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(968-) c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll c:\windows\system32\klogon.dll - - - - - - - > 'lsass.exe'(1024) c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll - - - - - - - > 'explorer.exe'(3240) c:\windows\system32\WININET.dll c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll c:\program files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll c:\windows\system32\msi.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvsvc32.exe c:\program files\Skype\Plugin Manager\skypePM.exe . ************************************************************************ . Completion time: 2010-10-24 12:35:22 - machine was rebooted ComboFix-quarantined-files.txt 2010-10-24 10:35 Pre-Run: 678.629.376 bytes free Post-Run: 673.812.480 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - 1DF9D0AE7D1DA2D29DFB7571FC6B78DB

Profil

Bogdan-Tc Poslao: 24 Okt 2010 15:09 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sada stanje?

Profil

goust Poslao: 24 Okt 2010 17:47 Idi na vrh
offline goust Elitni građanin Pridružio: 09 Apr 2005 Poruke: 1799	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nema vise tog iskakanja renew.com

Profil

Bogdan-Tc Poslao: 24 Okt 2010 18:41 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradi prikaz skrivenih file-ova: [Link mogu videti samo ulogovani korisnici] Pogledaj da li postoji file pod nazivom nj0jovma.sys na sistemskoj particiji. C:\nj0jovma.sys Ukoliko postoji arhiviraj ga (zip, rar) i upload-uj preko sledećeg link-a: [Link mogu videti samo ulogovani korisnici]

Profil

goust Poslao: 24 Okt 2010 21:28 Idi na vrh
offline goust Elitni građanin Pridružio: 09 Apr 2005 Poruke: 1799	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 24 Okt 2010 21:21 Citat:Vas fajl je uspesno uploadovan. Molimo Vas da u temi u kojoj je od Vas zahtevano da uploadujete fajl, obavestite lice koje Vam pomaze da ste to uspesno uradili. Hvala Vam. Sredjeno. Dopuna: 24 Okt 2010 21:28 Na zalost, evo opet se pojavljuje [Link mogu videti samo ulogovani korisnici]

Profil

Bogdan-Tc Poslao: 24 Okt 2010 22:06 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Log deluje ok i nema tragova malwarea. Korak 1. Instaliraj CCleaner ... i odradi čišćenje sa njim. Korak 2. Preuzmi instalaciju za program Malwarebytes Anti-Malware sa sledećeg linka: [Link mogu videti samo ulogovani korisnici] Dvoklikom pokreni instalaciju - na samom kraju procesa, proveri da su obeležene opcije: Update Malwarebytes' Anti-Malware; Launch Malwarebytes Anti-Malware; a zatim klikni Finish. Nakon završenog ažuriranja program će se pokrenuti. Izaberi opciju Perform Quick Scan i klikni Scan. Po završetku procesa klikni OK, Show Results: u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected. Po završetku procesa, logfile će se otvoriti u Notepad-u; iskopiraj ga u temu na forumu. Ukoliko program zatraži restart kako bi se završio proces čišćenja, obavezno ga dozvoliti. Napomena: ako dođe do restarta na kraju procesa čišćenja, logfile će biti dostupan na Logs kartici (obeleži ga i klikni Open).

Profil

MyCity » Ambulanta -> Arhiva Ambulante » http://www.renew.com/

Ko je trenutno na forumu

Ukupno su 972 korisnika na forumu :: 95 registrovanih, 7 sakrivenih i 870 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: _Rade, A.R.Chafee.Jr., Aleksa-, alexbr, amadeus, bigfoot, blatruc82, bojanM84, Boris BM, Boris.A, Borski1977, cemix, Cian, Cicumile, d.arsenal321, dendrit86, Dogma21, Dovla 1980, draganl, dragon_hv, drpera, Dukelander, Electron, Fog of War, goran.vvv, goxin, ILGromovnik, IQ116, jalos, janbo, Joint Chief, Jose, Jovan.D, kori, Kubovac, Leonov, Lieutenant, lord sir giga, lukisa, MakiMaki02, Marko Marković, Marko1238, marsovac 2, mat, MB120mm, mercedesamg, Mercury, mihael4, miki kv, milenko1980, Milometer, Milos1389, milutin134, misapop, mocnijogurt, moldway, museum, nemkea71, nenad81, niksa517, ObelixSRB, Paki, pisac12, PlayerOne, Podljub, Povratak1912, Prečanin30, radoznao, RajkoB, Razdroid, rodoljub, samojednoimeznam, sedan, sekretar, Semprini, shota91, sol, stegonosa, Stoorb, superwhy, synergia, TalicniTom, TBoy, tehnika, Tribal, vathra, Visionary, Vrač, vuksa72, YU-UKI, ZetaMan, Zimbabwe, ZlatniRez, zljubomir, zoran-ruma

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by