MyCity » Ambulanta -> Arhiva Ambulante » problem sa upload-om

problem sa upload-om

Napisano na dan: 28.2.2009

problem sa upload-om

Sledeća strana

Pagination

Odgovori

aloe Poslao: 28 Feb 2009 01:18 Idi na vrh
offline aloe Super građanin Pridružio: 01 Nov 2004 Poruke: 1270 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:52:47, on 27.2.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\TUProgSt.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\WINDOWS\system32\rsvp.exe C:\WINDOWS\System32\TuneUpDefragService.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Opera\Opera.exe C:\Documents and Settings\vlada\Desktop\slavko\TR3.exe C:\WINDOWS\system32\wuauclt.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.lu/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000 O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 3.79\AMVConverter\grab.html O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 3.79\MediaManager\grab.html O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe O23 - Service: iPod Service - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing) O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe -- End of file - 7216 bytes Drugarica ima dva rachunara, spojena preko rutera na net, jedan ima upload 100 kb/s , a drugi svega 18 kb/s , nije bitno ako je drugi komp ugasen. KAV nije nista pokazao.

Profil

helen1 Poslao: 28 Feb 2009 22:51 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, izvini sto si cekao: * Klikni desnim tasterom na Kaspersky ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Pause Protection. * U prozoru koji se otvori, izaberi By User Request. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. ----------------------------------- Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

aloe Poslao: 01 Mar 2009 01:25 Idi na vrh
offline aloe Super građanin Pridružio: 01 Nov 2004 Poruke: 1270 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-02-28.01 - vlada 2009-02-28 22:29:49.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.254.54 [GMT 1:00] Running from: c:\documents and settings\vlada\Application Data\Opera\Opera\profile\cache4\temporary_download\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\vlada\Desktop\Download programs.url c:\documents and settings\vlada\Favorites\Download programs.url c:\documents and settings\vlada\Favorites\Games.url c:\documents and settings\vlada\Favorites\Translator.url c:\documents and settings\vlada\Favorites\Videos.url c:\documents and settings\vlada\Start Menu\Programs\Download programs.url c:\documents and settings\vlada\Start Menu\Programs\Games.url c:\documents and settings\vlada\Start Menu\Programs\Translator.url c:\documents and settings\vlada\Start Menu\Programs\Videos.url E:\Autorun.inf . ((((((((((((((((((((((((( Files Created from 2009-01-28 to 2009-02-28 ))))))))))))))))))))))))))))))) . 2009-02-27 23:06 . 2009-02-27 23:06 <DIR> d-------- c:\documents and settings\vlada\Application Data\Malwarebytes 2009-02-27 23:05 . 2009-02-27 23:06 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-02-27 23:05 . 2009-02-27 23:05 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-02-27 23:05 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-02-27 23:05 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-02-27 19:20 . 2009-02-27 19:20 56 --ah----- c:\windows\system32\ezsidmv.dat 2009-02-27 19:14 . 2009-02-27 19:14 <DIR> d-------- c:\program files\Common Files\Skype 2009-02-27 19:14 . 2009-02-27 20:14 <DIR> d-------- c:\documents and settings\vlada\Application Data\Skype 2009-02-27 19:13 . 2009-02-27 19:14 <DIR> dr------- c:\program files\Skype 2009-02-25 23:13 . 2009-02-25 23:13 603,904 --a------ c:\windows\system32\TUProgSt.exe 2009-02-25 23:12 . 2009-02-25 23:12 <DIR> d-------- c:\documents and settings\vlada\Application Data\TuneUp Software 2009-02-25 23:12 . 2009-02-25 23:12 360,192 --a------ c:\windows\system32\TuneUpDefragService.exe 2009-02-25 23:12 . 2008-12-11 13:31 27,904 --a------ c:\windows\system32\uxtuneup.dll 2009-02-25 23:09 . 2009-02-25 23:17 <DIR> d-------- c:\program files\TuneUp Utilities 2009 2009-02-25 23:09 . 2009-02-25 23:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\TuneUp Software 2009-02-25 23:05 . 2009-02-25 23:05 <DIR> d--hs---- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-02-03 23:49 . 2009-02-03 23:46 410,984 --a------ c:\windows\system32\deploytk.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-28 21:56 54,837,024 --sha-w c:\windows\system32\drivers\fidbox.dat 2009-02-28 21:55 1,750,560 --sha-w c:\windows\system32\drivers\fidbox2.dat 2009-02-28 21:37 739,556 --sha-w c:\windows\system32\drivers\fidbox.idx 2009-02-28 21:37 166,160 --sha-w c:\windows\system32\drivers\fidbox2.idx 2009-02-28 05:27 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-02-27 18:20 --------- d-----w c:\documents and settings\vlada\Application Data\skypePM 2009-02-27 18:14 --------- d-----w c:\documents and settings\All Users\Application Data\Skype 2009-02-26 15:27 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-02-16 05:44 --------- d-----w c:\program files\Google 2009-02-09 19:49 --------- d--h--w c:\program files\InstallShield Installation Information 2009-02-09 19:49 --------- d-----w c:\program files\Common Files\InstallShield 2009-02-09 16:46 --------- d-----w c:\documents and settings\vlada\Application Data\Canon 2009-02-05 16:54 230,432 ----a-w C:\StiImg.dat 2009-02-03 22:45 --------- d-----w c:\program files\Java 2009-02-03 16:19 89,601 ----a-w c:\windows\system32\drivers\klick.dat 2009-02-03 16:19 101,287 ----a-w c:\windows\system32\drivers\klin.dat 2009-02-01 16:59 --------- d-----w c:\program files\CyberLink 2008-12-20 23:15 826,368 ----a-w c:\windows\system32\wininet.dll 2008-03-23 20:25 32 -c--a-w c:\documents and settings\All Users\Application Data\ezsid.dat 2007-04-25 10:27 14 -c--a-w c:\documents and settings\vlada\getfile.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-03-25 185896] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-03 136600] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-06-28 218376] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] c:\documents and settings\All Users\Start Menu\Programs\Startup\ BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-06-06 657168] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.xvid"= xvid.dll "VIDC.AP41"= APmpg4v1.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\DAP\\DAP.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2007-04-04 24344] R3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\drivers\PFC027.sys [2005-02-24 162176] S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [2006-09-05 217600] --- Other Services/Drivers In Memory --- Deregistered - ALG Deregistered - AudioSrv Deregistered - AVP Deregistered - Browser Deregistered - CryptSvc Deregistered - DcomLaunch Deregistered - Dhcp Deregistered - dmserver Deregistered - Dnscache Deregistered - ERSvc Deregistered - EventSystem Deregistered - FastUserSwitchingCompatibility Deregistered - helpsvc Deregistered - ImapiService Deregistered - JavaQuickStarterService Deregistered - lanmanserver Deregistered - lanmanworkstation Deregistered - LmHosts Deregistered - Netman Deregistered - Nla Deregistered - NWCWorkstation Deregistered - ProtectedStorage Deregistered - RasMan Deregistered - RpcSs Deregistered - SamSs Deregistered - Schedule Deregistered - SENS Deregistered - SharedAccess Deregistered - ShellHWDetection Deregistered - Spooler Deregistered - srservice Deregistered - SSDPSRV Deregistered - STI Simulator Deregistered - stisvc Deregistered - TapiSrv Deregistered - TermService Deregistered - Themes Deregistered - TrkWks Deregistered - TuneUp.ProgramStatisticsSvc Deregistered - UxTuneUp Deregistered - W32Time Deregistered - winmgmt Deregistered - wscsvc Deregistered - wuauserv Deregistered - WZCSVC HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F] \Shell\Auto\command - oguyeczdp.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL oguyeczdp.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9f743bac-1676-11dd-9baa-0002a57a5ce6}] \Shell\Auto\command - oguyeczdp.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL oguyeczdp.exe . Contents of the 'Scheduled Tasks' folder 2009-02-28 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-01-10 14:42] 2009-02-28 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 15:04] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.lu/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mStart Page = hxxp://home.sweetim.com uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm IE: &Download with &DAP - c:\program files\DAP\dapextie.htm IE: &Search IE: Add to AMV Convert Tool... - c:\program files\MP3 Player Utilities 3.79\AMVConverter\grab.html IE: Add to Media Manager... - c:\program files\MP3 Player Utilities 3.79\MediaManager\grab.html IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html Handler: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - c:\windows\wc98pp.dll Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\DAP\dapie.dll Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\DAP\dapie.dll . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-28 22:55:29 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(132) c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll c:\windows\system32\klogon.dll - - - - - - - > 'lsass.exe'(288-) c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll - - - - - - - > 'explorer.exe'(836) c:\program files\ScanSoft\OmniPageSE2.0\ophookSE2.dll c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\PAStiSvc.exe c:\windows\system32\TUProgSt.exe . ************************************************************************ . Completion time: 2009-02-28 23:06:13 - machine was rebooted ComboFix-quarantined-files.txt 2009-02-28 22:06:02 Pre-Run: 413.007.872 bytes free Post-Run: 371,847,168 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 225 --- E O F --- 2009-02-26 05:39:05

Profil

helen1 Poslao: 01 Mar 2009 11:09 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Cini mi se da je ovde nesto brisano, i pre CF-a. Da li ste koristili MBAM? Ako jeste, imate li taj log?

Profil

aloe Poslao: 01 Mar 2009 14:20 Idi na vrh
offline aloe Super građanin Pridružio: 01 Nov 2004 Poruke: 1270 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U medzuvremenu je koriscen Malwarebytes' Anti-Malware , nasao je dosta malware, ali nije ostavila log.

Profil

helen1 Poslao: 01 Mar 2009 15:43 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ugasi KAV. Otvoriti Notepad i iskopirati sledeci tekst: `Registry:: [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F\Shell] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9f743bac-1676-11dd-9baa-0002a57a5ce6}]` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

aloe Poslao: 02 Mar 2009 02:31 Idi na vrh
offline aloe Super građanin Pridružio: 01 Nov 2004 Poruke: 1270 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-03-01.01 - vlada 2009-03-01 23:53:19.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.254.76 [GMT 1:00] Running from: c:\documents and settings\vlada\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\vlada\Desktop\CFScript.txt AV: Kaspersky Anti-Virus On-access scanning disabled (Updated) FW: Kaspersky Anti-Virus disabled * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2009-02-01 to 2009-03-01 ))))))))))))))))))))))))))))))) . 2009-02-28 23:51 . 2009-03-01 08:32 <DIR> d-------- c:\program files\Spybot - Search & Destroy 2009-02-28 23:51 . 2009-03-01 08:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-02-28 23:21 . 2009-02-28 23:21 <DIR> d-------- c:\program files\AskBarDis 2009-02-27 23:06 . 2009-02-27 23:06 <DIR> d-------- c:\documents and settings\vlada\Application Data\Malwarebytes 2009-02-27 23:05 . 2009-02-27 23:05 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-02-27 19:20 . 2009-02-27 19:20 56 --ah----- c:\windows\system32\ezsidmv.dat 2009-02-27 19:14 . 2009-02-27 19:14 <DIR> d-------- c:\program files\Common Files\Skype 2009-02-27 19:14 . 2009-02-27 20:14 <DIR> d-------- c:\documents and settings\vlada\Application Data\Skype 2009-02-27 19:13 . 2009-02-27 19:14 <DIR> dr------- c:\program files\Skype 2009-02-25 23:13 . 2009-02-25 23:13 603,904 --a------ c:\windows\system32\TUProgSt.exe 2009-02-25 23:12 . 2009-02-25 23:12 <DIR> d-------- c:\documents and settings\vlada\Application Data\TuneUp Software 2009-02-25 23:12 . 2009-02-25 23:12 360,192 --a------ c:\windows\system32\TuneUpDefragService.exe 2009-02-25 23:12 . 2008-12-11 13:31 27,904 --a------ c:\windows\system32\uxtuneup.dll 2009-02-25 23:09 . 2009-02-25 23:17 <DIR> d-------- c:\program files\TuneUp Utilities 2009 2009-02-25 23:09 . 2009-02-25 23:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\TuneUp Software 2009-02-25 23:05 . 2009-02-25 23:05 <DIR> d--hs---- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357} 2009-02-03 23:49 . 2009-02-03 23:46 410,984 --a------ c:\windows\system32\deploytk.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-01 23:02 55,263,520 --sha-w c:\windows\system32\drivers\fidbox.dat 2009-03-01 23:01 1,793,312 --sha-w c:\windows\system32\drivers\fidbox2.dat 2009-03-01 22:59 745,292 --sha-w c:\windows\system32\drivers\fidbox.idx 2009-03-01 22:59 170,144 --sha-w c:\windows\system32\drivers\fidbox2.idx 2009-03-01 22:15 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab 2009-02-27 18:20 --------- d-----w c:\documents and settings\vlada\Application Data\skypePM 2009-02-27 18:14 --------- d-----w c:\documents and settings\All Users\Application Data\Skype 2009-02-26 15:27 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-02-16 05:44 --------- d-----w c:\program files\Google 2009-02-09 19:49 --------- d--h--w c:\program files\InstallShield Installation Information 2009-02-09 19:49 --------- d-----w c:\program files\Common Files\InstallShield 2009-02-09 16:46 --------- d-----w c:\documents and settings\vlada\Application Data\Canon 2009-02-05 16:54 230,432 ----a-w C:\StiImg.dat 2009-02-03 22:45 --------- d-----w c:\program files\Java 2009-02-03 16:19 89,601 ----a-w c:\windows\system32\drivers\klick.dat 2009-02-03 16:19 101,287 ----a-w c:\windows\system32\drivers\klin.dat 2009-02-01 16:59 --------- d-----w c:\program files\CyberLink 2008-03-23 20:25 32 -c--a-w c:\documents and settings\All Users\Application Data\ezsid.dat 2007-04-25 10:27 14 -c--a-w c:\documents and settings\vlada\getfile.dat . ((((((((((((((((((((((((((((( SnapShot@2009-02-28_23.01.34.57 ))))))))))))))))))))))))))))))))))))))))) . - 2008-10-05 03:24:02 3,695,008 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll + 2009-02-03 02:15:28 3,771,296 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32.dll - 2008-10-05 03:24:04 235,936 -c--a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe + 2009-02-03 02:15:30 240,544 ----a-w c:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe - 2008-11-03 09:18:37 84,661 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe + 2009-03-01 08:27:25 84,661 ----a-w c:\windows\system32\Macromed\Flash\uninstall_plugin.exe + 2009-03-01 23:00:57 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_504.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2008-08-06 15:20 279944 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-08-06 279944] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-03-25 185896] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-03 136600] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" [2007-06-28 218376] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] c:\documents and settings\All Users\Start Menu\Programs\Startup\ BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-06-06 657168] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.xvid"= xvid.dll "VIDC.AP41"= APmpg4v1.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\DAP\\DAP.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-02-25 603904] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2007-04-04 24344] R3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\drivers\PFC027.sys [2005-02-24 162176] S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [2006-09-05 217600] S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader;c:\program files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contents of the 'Scheduled Tasks' folder 2009-02-28 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-01-10 14:42] 2009-03-01 c:\windows\Tasks\Maintenance en 1 clic.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-12 15:04] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.lu/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 mStart Page = hxxp://home.sweetim.com uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm IE: &Download with &DAP - c:\program files\DAP\dapextie.htm IE: &Search IE: Add to AMV Convert Tool... - c:\program files\MP3 Player Utilities 3.79\AMVConverter\grab.html IE: Add to Media Manager... - c:\program files\MP3 Player Utilities 3.79\MediaManager\grab.html IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html Handler: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - c:\windows\wc98pp.dll Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\DAP\dapie.dll Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program files\DAP\dapie.dll . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-03-02 00:01:23 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1956) c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll c:\windows\system32\klogon.dll - - - - - - - > 'lsass.exe'(252) c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\dnsq.dll c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\miscr3.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\PAStiSvc.exe c:\windows\system32\wscntfy.exe . ************************************************************************ . Completion time: 2009-03-02 0:08:05 - machine was rebooted [vlada] ComboFix-quarantined-files.txt 2009-03-01 23:07:58 ComboFix2.txt 2009-02-28 22:06:22 Pre-Run: 499.023.872 bytes free Post-Run: 488,636,416 bytes free 174 --- E O F --- 2009-03-01 08:44:52

Profil

helen1 Poslao: 02 Mar 2009 07:16 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! To bi bilo to. Da li ima sada nekih problema? Ako ne, onda: Klikni START a zatim RUN U liniju za unos teksta ukucaj Combofix /u i klikni OK Sačekaj da se proces deinstalacije završi Gornja procedura će: Obrisati sledeće: ComboFix i njegove file-ove i foldere VundoFix Backups folder, ako postoji C:\Deckard folder, ako postoji C:\OtMoveIt folder, ako postoji Resetovati podešavanja sata na kompjuteru Sakriti ekstenzije file-ova, ako je potrebno Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno Resetovati System Restore

Profil

aloe Poslao: 03 Mar 2009 01:23 Idi na vrh
offline aloe Super građanin Pridružio: 01 Nov 2004 Poruke: 1270 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! To je to, hvala.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » problem sa upload-om

Ko je trenutno na forumu

Ukupno su 1010 korisnika na forumu :: 27 registrovanih, 5 sakrivenih i 978 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., babaroga, Bickoooo, dankisha, Dogma21, draganl, Dukelander, Frunze, Goran 0000, jackreacher011011, Jeremiah, Kotarle, Krusarac, kybonacci, Mcdado, mercedesamg, Mercury, MiroslavD, mkukoleca, nebkv, Panter, pein, raketaš, sabros, Sir Budimir, stegonosa, Vatreni Zmaj

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by