MyCity » Ambulanta -> Arhiva Ambulante » virus sa usb-a

virus sa usb-a

Napisano na dan: 21.8.2010

Strana:
1
2
3

virus sa usb-a

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

jeca_037 Poslao: 21 Avg 2010 13:42 Idi na vrh
offline jeca_037 Novi MyCity građanin Pridružio: 16 Avg 2008 Poruke: 20 Gde živiš: U pustinji	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Zdravo, u jednom internet centru sam kopirala neke fajlove sa SD kartice na flash. kad sam ubacila flash u svoj kompjuter NOD je prijavljivao worm, obrisao je dva fajla, ali sada flash pokazuje 0 fajlova a memorija mu je i dalje puna. SD kartica se ponasala cudno takodje, pa sam je formatirala i Nod sada pokazuje da je cista. Brine me sto sam u medjuvremenu kopirala neke fajlove sa kompa na eksterni hard drive, pa se plasim da je sada i komp i hard drive i sve to zajedno inficirano. DDS (Ver_10-03-17.01) - NTFSx86 Run by Jelena at 12:54:22,45 on sub 21.08.2010 Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_20 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1256.971.1033.18.2037.949 [GMT 4:00] AV: ESET NOD32 antivirus system 2.70 On-access scanning enabled (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} SP: Windows Defender enabled (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\WLTRYSVC.EXE C:\Windows\System32\bcmwltry.exe C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\aestsrv.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe C:\Program Files\Hotspot Shield\bin\hsswd.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Eset\nod32krn.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\Windows\system32\STacSV.exe C:\Program Files\DellTPad\Apoint.exe C:\Windows\OEM02Mon.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\System32\WLTRAY.EXE C:\Program Files\Dell\MediaDirect\PCMService.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\iDailyDiary\iDD.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Digital Line Detect\DLG.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DellTPad\Apntex.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe C:\Users\Jelena\Desktop\dds.scr C:\Windows\system32\conime.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.facebook.com/ BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll BHO: Windows Live pomaga? za prijavljivanje: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.5126.1836\swg.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Hotspot Shield Class: {f9e4a054-e9b1-4bc3-83a3-76a1ae736170} - c:\program files\hotspot shield\hssie\HssIE.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [iDailyDiary] "c:\progra~1\idaily~1\iDD.exe" /LOGMIN uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe mRun: [Apoint] c:\program files\delltpad\Apoint.exe mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe" mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe" mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe" mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [nod32kui] "c:\program files\eset\nod32kui.exe" /WAITSERVICE mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorun mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE StartupFolder: c:\users\jelena\appdata\roaming\micros~1\windows\startm~1\programs\startup\config~1.lnk - c:\configuration\configuration.exe StartupFolder: c:\users\jelena\appdata\roaming\micros~1\windows\startm~1\programs\startup\pravos~1.lnk - c:\program files\pravoslavac\pravoslavac.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL LSP: c:\windows\system32\imon.dll Trusted Zone: emirates.com\www.cabincrew DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: igfxcui - igfxdev.dll mASetup: {61E3FE32-07B9-4563-A3E0-2DE2D620FE10} - c:\program files\pixiepack codec pack\InstallerHelper.exe ================= FIREFOX =================== FF - ProfilePath - c:\users\jelena\appdata\roaming\mozilla\firefox\profiles\m7f6nc52.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1640187&SearchSource=3&q= FF - prefs.js: browser.search.selectedEngine - Web Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - component: c:\program files\mozilla firefox\extensions\{7c5c0f58-e061-457d-9033-77307f5ed00c}\components\FFAlert.dll FF - component: c:\program files\real\realplayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - component: c:\users\jelena\appdata\roaming\mozilla\firefox\profiles\m7f6nc52.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\all.js - pref("ui.allow_platform_file_picker", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom c:\program files\mozilla firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("signon.prefillForms", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.enabled", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.remoteLookups", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?client={moz:client}&appver={moz:version}&"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&appver={moz:version}&"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?"); ============= SERVICES / DRIVERS =============== R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2008-11-23 15424] R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2008-4-4 73728] R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe [2010-1-9 285744] R2 NOD32krn;NOD32 Kernel Service;c:\program files\eset\nod32krn.exe [2008-11-23 552064] R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-4-5 111616] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;خدمة تحديث Google (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-1 135664] S3 iadusb;MT882;c:\windows\system32\drivers\glauiad.sys [2008-11-20 30336] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] =============== Created Last 30 ================ 2010-08-15 19:03:01 0 d-sh--r- C:\configuration 2010-08-15 19:02:58 0 d-sh--r- C:\OptionalComponents 2010-08-15 18:25:52 0 d-----w- c:\users\jelena\slike tajland 2010-08-15 08:45:23 81920 ----a-w- c:\windows\system32\iccvid.dll 2010-08-15 08:45:02 833024 ----a-w- c:\windows\system32\wininet.dll 2010-08-15 08:45:01 389632 ----a-w- c:\windows\system32\html.iec 2010-08-15 08:22:29 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys ==================== Find3M ==================== 2010-06-28 16:13:32 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-06-21 13:18:15 2036736 ----a-w- c:\windows\system32\win32k.sys 2010-06-18 16:43:54 36352 ----a-w- c:\windows\system32\rtutils.dll 2010-06-11 15:31:42 274432 ----a-w- c:\windows\system32\schannel.dll 2010-06-11 15:30:23 1257472 ----a-w- c:\windows\system32\msxml3.dll 2010-06-08 17:00:42 3598216 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-06-08 17:00:41 3545992 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-05-26 16:16:50 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-05-26 14:25:15 289792 ----a-w- c:\windows\system32\atmfd.dll 2009-12-11 08:12:53 86016 ----a-w- c:\windows\inf\infstor.dat 2009-12-11 08:12:53 51200 ----a-w- c:\windows\inf\infpub.dat 2009-12-11 08:12:52 143360 ----a-w- c:\windows\inf\infstrng.dat 2008-07-28 12:34:24 174 --sha-w- c:\program files\desktop.ini 2008-07-28 12:23:27 665600 ----a-w- c:\windows\inf\drvindex.dat 2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat 2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat 2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat 2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat 2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2008-04-04 15:39:30 76 --sh--r- c:\windows\CT4CET.bin 2009-08-15 09:55:19 245760 --sha-w- c:\windows\system32\config\systemprofile\appdata\roaming\microsoft\windows\ietldcache\index.dat 2008-04-04 23:18:41 8192 --sha-w- c:\windows\users\default\NTUSER.DAT ============= FINISH: 12:55:59,68 =============== mycity.rs/must-login.png mycity.rs/must-login.png

Profil

Bogdan-Tc Poslao: 21 Avg 2010 14:44 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav. Nemoj priključivati usb memorijske uređaje dok god ti ne napišem da ih priključiš. Isprati sledeće uputstvo: Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

jeca_037 Poslao: 21 Avg 2010 20:14 Idi na vrh
offline jeca_037 Novi MyCity građanin Pridružio: 16 Avg 2008 Poruke: 20 Gde živiš: U pustinji	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 10-08-19.02 - Jelena 21.08.2010 21:55:41.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1256.971.1033.18.2037.1252 [GMT 4:00] Running from: c:\users\Jelena\Desktop\ComboFix.exe AV: ESET NOD32 antivirus system 2.70 On-access scanning disabled (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} SP: Windows Defender enabled (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} * Resident AV is active . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\progra~1\PRAVOS~1\PRAVos~1.exe . ((((((((((((((((((((((((( Files Created from 2010-07-21 to 2010-08-21 ))))))))))))))))))))))))))))))) . 2010-08-21 18:03 . 2010-08-21 18:03 -------- d-----w- c:\users\Jelena\AppData\Local\temp 2010-08-21 18:03 . 2010-08-21 18:03 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-08-15 19:03 . 2010-08-15 19:03 -------- d-----r- C:\configuration 2010-08-15 19:02 . 2010-08-15 19:03 -------- d-----r- C:\OptionalComponents 2010-08-15 18:25 . 2010-08-16 17:49 -------- d-----w- c:\users\Jelena\slike tajland 2010-08-15 08:45 . 2010-05-27 19:16 81920 ----a-w- c:\windows\system32\iccvid.dll 2010-08-15 08:45 . 2010-06-28 16:17 833024 ----a-w- c:\windows\system32\wininet.dll 2010-08-15 08:22 . 2010-06-16 15:59 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys 2010-07-24 08:34 . 2010-07-24 08:34 122880 ----a-w- c:\users\Jelena\AppData\Roaming\Real\Update\setup3.12\RUP\inst_config\compat.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-21 18:02 . 2010-01-19 09:20 -------- d-----w- c:\program files\Pravoslavac 2010-08-21 17:48 . 2008-04-04 15:26 12 ----a-w- c:\windows\bthservsdp.dat 2010-08-21 15:45 . 2010-07-17 10:01 452104 ----a-w- c:\users\Jelena\AppData\Roaming\Real\Update\setup3.12\setup.exe 2010-08-18 20:21 . 2008-06-20 21:58 -------- d-----w- c:\programdata\Roxio 2010-08-18 20:15 . 2008-10-11 17:30 -------- d-----w- c:\users\Jelena\AppData\Roaming\Skype 2010-08-18 20:04 . 2008-06-19 16:33 -------- d-----w- c:\users\Jelena\AppData\Roaming\skypePM 2010-08-15 15:09 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-08-15 15:07 . 2008-04-04 15:54 -------- d-----w- c:\program files\Microsoft Works 2010-08-02 21:06 . 2009-02-12 10:17 -------- d-----w- c:\users\Jelena\AppData\Roaming\uTorrent 2010-07-24 21:36 . 2008-06-17 07:29 5972 ----a-w- c:\users\Jelena\AppData\Local\d3d9caps.dat 2010-07-19 14:50 . 2009-02-02 15:04 -------- d-----w- c:\program files\Hotspot Shield 2010-07-15 23:49 . 2008-06-14 20:28 88624 ----a-w- c:\users\Jelena\AppData\Local\GDIPFONTCACHEV1.DAT 2010-07-15 12:15 . 2010-07-15 12:15 -------- d-----w- c:\program files\Polob32 2010-07-04 01:50 . 2010-03-03 11:39 439816 ----a-w- c:\users\Jelena\AppData\Roaming\Real\Update\setup3.10\setup.exe 2010-07-01 09:55 . 2008-10-11 17:29 -------- d-----r- c:\program files\Skype 2010-07-01 09:55 . 2010-07-01 09:55 -------- d-----w- c:\program files\Common Files\Skype 2010-07-01 09:55 . 2008-06-19 16:29 -------- d-----w- c:\programdata\Skype 2010-06-29 06:09 . 2008-06-20 19:48 -------- d-----w- c:\program files\Microsoft.NET 2010-06-28 18:57 . 2010-06-28 18:57 -------- d-----w- c:\program files\Cinemaware Marquee 2010-06-28 16:13 . 2010-08-15 08:44 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-06-28 14:16 . 2010-06-28 14:16 -------- d-----w- c:\program files\PowerISO 2010-06-22 20:06 . 2008-07-23 12:58 -------- d-----w- c:\program files\Common Files\Adobe 2010-06-22 19:46 . 2010-06-22 19:46 501936 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbB682.tmp.exe 2010-06-21 13:18 . 2010-08-15 08:44 2036736 ----a-w- c:\windows\system32\win32k.sys 2010-06-18 16:43 . 2010-08-15 08:44 36352 ----a-w- c:\windows\system32\rtutils.dll 2010-06-18 14:43 . 2010-08-15 08:44 302080 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-18 14:43 . 2010-08-15 08:44 144896 ----a-w- c:\windows\system32\drivers\srv2.sys 2010-06-11 15:31 . 2010-08-15 08:44 274432 ----a-w- c:\windows\system32\schannel.dll 2010-06-11 15:30 . 2010-08-15 08:44 1257472 ----a-w- c:\windows\system32\msxml3.dll 2010-06-08 17:00 . 2010-08-15 08:44 3598216 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-06-08 17:00 . 2010-08-15 08:44 3545992 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-05-26 16:16 . 2010-06-10 09:44 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-05-26 14:25 . 2010-06-10 09:44 289792 ----a-w- c:\windows\system32\atmfd.dll 2010-07-24 21:37 . 2008-07-10 14:42 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll 2010-07-24 21:37 . 2008-07-10 14:42 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll 2010-07-24 21:37 . 2008-07-10 14:42 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll 2010-07-24 21:37 . 2008-07-10 14:42 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll 2010-07-24 21:37 . 2008-07-10 14:42 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll 2008-04-04 15:39 . 2008-04-04 15:39 76 --sh--r- c:\windows\CT4CET.bin 2008-04-04 23:18 . 2008-04-04 23:00 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-06 39408] "iDailyDiary"="c:\progra~1\IDAILY~1\iDD.exe" [2007-05-27 1245184] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-10-25 167936] "OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-08-28 36864] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-06 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-06 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-03-06 133656] "DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-12 3444736] "dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-02-13 16384] "PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-11-01 189736] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-09-12 36352] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064] "SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-11-12 405504] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-08-02 185896] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-11-23 949376] "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-09-01 122368] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-06-17 40368] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-11-09 180224] c:\users\Jelena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ configuration.lnk - c:\configuration\configuration.exe [2010-8-15 420723] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-3 703280] Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-4-4 50688] QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2007-9-7 1180952] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer1"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;خدمة تحديث Google (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 135664] R3 iadusb;MT882;c:\windows\system32\DRIVERS\glauiad.sys [2006-03-20 30336] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2008-05-06 11520] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-04-19 717296] S1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2008-11-23 15424] S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-11-12 73728] S2 HssWd;Hotspot Shield Monitoring Service;c:\program files\Hotspot Shield\bin\hsswd.exe [2010-01-08 285744] S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-03-06 111616] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}] 2008-02-25 07:55 7680 ----a-w- c:\program files\PixiePack Codec Pack\InstallerHelper.exe . Contents of the 'Scheduled Tasks' folder 2010-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 00:22] 2010-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 00:22] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.facebook.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm LSP: c:\windows\system32\imon.dll Trusted Zone: emirates.com\www.cabincrew DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab FF - ProfilePath - c:\users\Jelena\AppData\Roaming\Mozilla\Firefox\Profiles\m7f6nc52.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1640187&SearchSource=3&q= FF - prefs.js: browser.search.selectedEngine - Web Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll FF - component: c:\program files\Mozilla Firefox\extensions\{7c5c0f58-e061-457d-9033-77307f5ed00c}\components\FFAlert.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - component: c:\users\Jelena\AppData\Roaming\Mozilla\Firefox\Profiles\m7f6nc52.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.allow_platform_file_picker", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("signon.prefillForms", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.enabled", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.remoteLookups", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?client={moz:client}&appver={moz:version}&"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&appver={moz:version}&"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?"); . - - - - ORPHANS REMOVED - - - - AddRemove-HijackThis - c:\users\Jelena\Desktop\ambulanta\HijackThis.exe ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2010-08-21 22:03 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Completion time: 2010-08-21 22:06:50 ComboFix-quarantined-files.txt 2010-08-21 18:06 ComboFix2.txt 2009-02-09 20:48 Pre-Run: 31.168.897.024 bytes free Post-Run: 31.102.615.552 bytes free - - End Of File - - 6B066B9EE4DFC3AC4A52407A9E1C5E80

Profil

Bogdan-Tc Poslao: 21 Avg 2010 23:02 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi program SystemLook sa ovog ili ovog linka na Desktop; Dvoklikom pokreni SystemLook; - U beli okvir prozora iskopirati sledeći tekst: `:file c:\configuration\configuration.exe c:\programdata\Google\Google Toolbar\Update\gtbB682.tmp.exe` Klikni taster Look; Po završetku rada programa priloži uz poruku file SystemLook.txt koji će se nalaziti na Desktop-u korišćenjem opcije Prikači Fajl.

Profil

jeca_037 Poslao: 22 Avg 2010 09:35 Idi na vrh
offline jeca_037 Novi MyCity građanin Pridružio: 16 Avg 2008 Poruke: 20 Gde živiš: U pustinji	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Jel ovo sve znaci da mi je i komp upropascen ili jos uvek ima nade samo da dodam da on super radi, ne prijavljavuje nikakve zastoje,greske u radu, viruse i sl. mycity.rs/must-login.png

Profil

Bogdan-Tc Poslao: 22 Avg 2010 10:37 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nada uvek postoji. Korak 1. Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\configuration\configuration.exe` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja. Korak 2. Arhiviraj (zip, rar) folder C:\Qoobox\Quarantine i upload-uj ga preko sledećeg linka: http://www.mycity.rs/ambulanta-upload.php

Profil

jeca_037 Poslao: 22 Avg 2010 12:23 Idi na vrh
offline jeca_037 Novi MyCity građanin Pridružio: 16 Avg 2008 Poruke: 20 Gde živiš: U pustinji	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hm, veoma optimisticno Folder je spakovan u RAR i upload-ovan, i evo combofix loga ComboFix 10-08-19.02 - Jelena 22.08.2010 13:59:02.4.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1256.971.1033.18.2037.1077 [GMT 4:00] Running from: c:\users\Jelena\Desktop\ComboFix.exe Command switches used :: c:\users\Jelena\Desktop\CFScript.txt AV: ESET NOD32 antivirus system 2.70 On-access scanning disabled (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} SP: Windows Defender enabled (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} FILE :: "c:\configuration\configuration.exe" . ((((((((((((((((((((((((( Files Created from 2010-07-22 to 2010-08-22 ))))))))))))))))))))))))))))))) . 2010-08-22 10:05 . 2010-08-22 10:05 -------- d-----w- c:\users\Public\AppData\Local\temp 2010-08-22 10:05 . 2010-08-22 10:05 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-08-21 18:07 . 2010-08-22 09:33 -------- d-sh--r- c:\windows\configuration 2010-08-21 18:06 . 2010-08-22 10:05 -------- d-----w- c:\users\Jelena\AppData\Local\temp 2010-08-15 19:03 . 2010-08-22 09:41 -------- d-----r- C:\configuration 2010-08-15 19:02 . 2010-08-15 19:03 -------- d-----r- C:\OptionalComponents 2010-08-15 18:25 . 2010-08-16 17:49 -------- d-----w- c:\users\Jelena\slike tajland 2010-08-15 08:45 . 2010-05-27 19:16 81920 ----a-w- c:\windows\system32\iccvid.dll 2010-08-15 08:45 . 2010-06-28 16:17 833024 ----a-w- c:\windows\system32\wininet.dll 2010-08-15 08:22 . 2010-06-16 15:59 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys 2010-07-24 08:34 . 2010-07-24 08:34 122880 ----a-w- c:\users\Jelena\AppData\Roaming\Real\Update\setup3.12\RUP\inst_config\compat.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-08-22 09:52 . 2008-04-04 15:26 12 ----a-w- c:\windows\bthservsdp.dat 2010-08-21 19:46 . 2008-10-11 17:30 -------- d-----w- c:\users\Jelena\AppData\Roaming\Skype 2010-08-21 18:28 . 2008-06-19 16:33 -------- d-----w- c:\users\Jelena\AppData\Roaming\skypePM 2010-08-21 18:02 . 2010-01-19 09:20 -------- d-----w- c:\program files\Pravoslavac 2010-08-21 15:45 . 2010-07-17 10:01 452104 ----a-w- c:\users\Jelena\AppData\Roaming\Real\Update\setup3.12\setup.exe 2010-08-18 20:21 . 2008-06-20 21:58 -------- d-----w- c:\programdata\Roxio 2010-08-15 15:09 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-08-15 15:07 . 2008-04-04 15:54 -------- d-----w- c:\program files\Microsoft Works 2010-08-02 21:06 . 2009-02-12 10:17 -------- d-----w- c:\users\Jelena\AppData\Roaming\uTorrent 2010-07-24 21:36 . 2008-06-17 07:29 5972 ----a-w- c:\users\Jelena\AppData\Local\d3d9caps.dat 2010-07-19 14:50 . 2009-02-02 15:04 -------- d-----w- c:\program files\Hotspot Shield 2010-07-15 23:49 . 2008-06-14 20:28 88624 ----a-w- c:\users\Jelena\AppData\Local\GDIPFONTCACHEV1.DAT 2010-07-15 12:15 . 2010-07-15 12:15 -------- d-----w- c:\program files\Polob32 2010-07-04 01:50 . 2010-03-03 11:39 439816 ----a-w- c:\users\Jelena\AppData\Roaming\Real\Update\setup3.10\setup.exe 2010-07-01 09:55 . 2008-10-11 17:29 -------- d-----r- c:\program files\Skype 2010-07-01 09:55 . 2010-07-01 09:55 -------- d-----w- c:\program files\Common Files\Skype 2010-07-01 09:55 . 2008-06-19 16:29 -------- d-----w- c:\programdata\Skype 2010-06-29 06:09 . 2008-06-20 19:48 -------- d-----w- c:\program files\Microsoft.NET 2010-06-28 18:57 . 2010-06-28 18:57 -------- d-----w- c:\program files\Cinemaware Marquee 2010-06-28 16:13 . 2010-08-15 08:44 78336 ----a-w- c:\windows\system32\ieencode.dll 2010-06-28 14:16 . 2010-06-28 14:16 -------- d-----w- c:\program files\PowerISO 2010-06-22 19:46 . 2010-06-22 19:46 501936 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbB682.tmp.exe 2010-06-21 13:18 . 2010-08-15 08:44 2036736 ----a-w- c:\windows\system32\win32k.sys 2010-06-18 16:43 . 2010-08-15 08:44 36352 ----a-w- c:\windows\system32\rtutils.dll 2010-06-18 14:43 . 2010-08-15 08:44 302080 ----a-w- c:\windows\system32\drivers\srv.sys 2010-06-18 14:43 . 2010-08-15 08:44 144896 ----a-w- c:\windows\system32\drivers\srv2.sys 2010-06-11 15:31 . 2010-08-15 08:44 274432 ----a-w- c:\windows\system32\schannel.dll 2010-06-11 15:30 . 2010-08-15 08:44 1257472 ----a-w- c:\windows\system32\msxml3.dll 2010-06-08 17:00 . 2010-08-15 08:44 3598216 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-06-08 17:00 . 2010-08-15 08:44 3545992 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-05-26 16:16 . 2010-06-10 09:44 34304 ----a-w- c:\windows\system32\atmlib.dll 2010-05-26 14:25 . 2010-06-10 09:44 289792 ----a-w- c:\windows\system32\atmfd.dll 2010-07-24 21:37 . 2008-07-10 14:42 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll 2010-07-24 21:37 . 2008-07-10 14:42 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll 2010-07-24 21:37 . 2008-07-10 14:42 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll 2010-07-24 21:37 . 2008-07-10 14:42 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll 2010-07-24 21:37 . 2008-07-10 14:42 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll 2008-04-04 15:39 . 2008-04-04 15:39 76 --sh--r- c:\windows\CT4CET.bin 2008-04-04 23:18 . 2008-04-04 23:00 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-06 39408] "iDailyDiary"="c:\progra~1\IDAILY~1\iDD.exe" [2007-05-27 1245184] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-10-25 167936] "OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-08-28 36864] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-06 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-06 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-03-06 133656] "DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-12 3444736] "dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-02-13 16384] "PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2007-11-01 189736] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-09-12 36352] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064] "SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-11-12 405504] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-08-02 185896] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-11-23 949376] "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-09-01 122368] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-06-17 40368] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832] "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-11-09 180224] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-3 703280] Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-4-4 50688] QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2007-9-7 1180952] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer1"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;خدمة تحديث Google (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 135664] R3 iadusb;MT882;c:\windows\system32\DRIVERS\glauiad.sys [2006-03-20 30336] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2008-05-06 11520] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-04-19 717296] S1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2008-11-23 15424] S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\aestsrv.exe [2007-11-12 73728] S2 HssWd;Hotspot Shield Monitoring Service;c:\program files\Hotspot Shield\bin\hsswd.exe [2010-01-08 285744] S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-03-06 111616] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}] 2008-02-25 07:55 7680 ----a-w- c:\program files\PixiePack Codec Pack\InstallerHelper.exe . Contents of the 'Scheduled Tasks' folder 2010-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 00:22] 2010-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 00:22] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.facebook.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm LSP: c:\windows\system32\imon.dll Trusted Zone: emirates.com\www.cabincrew DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab FF - ProfilePath - c:\users\Jelena\AppData\Roaming\Mozilla\Firefox\Profiles\m7f6nc52.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1640187&SearchSource=3&q= FF - prefs.js: browser.search.selectedEngine - Web Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll FF - component: c:\program files\Mozilla Firefox\extensions\{7c5c0f58-e061-457d-9033-77307f5ed00c}\components\FFAlert.dll FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - component: c:\users\Jelena\AppData\Roaming\Mozilla\Firefox\Profiles\m7f6nc52.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.allow_platform_file_picker", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("signon.prefillForms", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.enabled", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.remoteLookups", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?client={moz:client}&appver={moz:version}&"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&appver={moz:version}&"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?"); . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2010-08-22 14:05 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Completion time: 2010-08-22 14:07:59 ComboFix-quarantined-files.txt 2010-08-22 10:07 ComboFix2.txt 2010-08-22 09:47 ComboFix3.txt 2010-08-21 18:06 ComboFix4.txt 2009-02-09 20:48 Pre-Run: 30.804.283.392 bytes free Post-Run: 30.771.580.928 bytes free - - End Of File - - 5B8188E245D3B783F3ADECDF3931546E

Profil

Bogdan-Tc Poslao: 22 Avg 2010 12:56 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Idemo dalje. - Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa. - Sacekaj koji sekund dok program izvrsi inicijalno skeniranje. - Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi. - Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak - Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum. Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd.

Profil

jeca_037 Poslao: 22 Avg 2010 13:09 Idi na vrh
offline jeca_037 Novi MyCity građanin Pridružio: 16 Avg 2008 Poruke: 20 Gde živiš: U pustinji	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo logova, idu redom: 1)USB flash drive, 2) SD kartica i 3) eksterini hard drive USBNoRisk 2.5 (26 July 2009) by bobby Started at 22.8.2010 15:02:32 Searching for connected USB Mass storage... ---------------------------------------- ======================================== Searching for other storage... ---------------------------------------- D: {d902b472-025a-11dd-bd6a-806e6f6e6963} C: {d902b473-025a-11dd-bd6a-806e6f6e6963} ======================================== Scanning fixed storage... ---------------------------------------- No blocked files found on C: No Autorun.inf files found on C: No mountpoint found for C: No mountpoint found for d902b473-025a-11dd-bd6a-806e6f6e6963 No Desktop.ini files found on C: ---------------------------------------- No blocked files found on D: No Autorun.inf files found on D: No mountpoint found for D: No mountpoint found for d902b472-025a-11dd-bd6a-806e6f6e6963 No Desktop.ini files found on D: ---------------------------------------- ======================================== Initial scan finished! ======================================== New device connected at 22.8.2010 15:03:04 Scanning for connected USB mass storage... ---------------------------------------- G: {f8ba1b38-3a4f-11dd-a745-001f3ae273a2} Added G: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on G: ---------------------------------------- No Autorun.inf files found on G: Sanitized mountpoint for f8ba1b38-3a4f-11dd-a745-001f3ae273a2 ---------------------------------------- No Desktop.ini files found on G: ---------------------------------------- No mimics found on drive G: ======================================== ======================================== Removed G: ======================================== New device connected at 22.8.2010 15:04:55 Scanning for connected USB mass storage... ---------------------------------------- G: {bc114bd5-c108-11dd-abdd-001f3ae273a2} Added G: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on G: ---------------------------------------- No Autorun.inf files found on G: Sanitized mountpoint for bc114bd5-c108-11dd-abdd-001f3ae273a2 ---------------------------------------- No Desktop.ini files found on G: ---------------------------------------- No mimics found on drive G: ======================================== ======================================== Removed G: ======================================== New device connected at 22.8.2010 15:06:21 Scanning for connected USB mass storage... ---------------------------------------- ======================================== New drive connected, but USBNoRisk can't find it ======================================== New device connected at 22.8.2010 15:06:23 Scanning for connected USB mass storage... ---------------------------------------- H: {8ebb486e-d8d1-11de-b7c7-001d094a6c70} Added H: ======================================== Scanning USB mass storage for files... ---------------------------------------- No blocked files found on H: ---------------------------------------- No Autorun.inf files found on H: No mountpoint found for H: Sanitized mountpoint for 8ebb486e-d8d1-11de-b7c7-001d094a6c70 ---------------------------------------- No Desktop.ini files found on H: ---------------------------------------- No mimics found on drive H: ======================================== ======================================== Removed H: ========================================

Profil

Bogdan-Tc Poslao: 22 Avg 2010 13:28 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pri svakom priključivanju usb memorijskog uređaja klikni na taster Run Script. - Pokrenuti USBNoRisk i sačekati da izvrši inicijalno skeniranje. - Po završetku inicijalnog skeniranja priključiti USB memorijski uređaj. - Kliknuti na karticu Script; U beli okvir prozora iskopirati sledeći tekst: `{f8ba1b38-3a4f-11dd-a745-001f3ae273a2} no_sh: folder_list: %DRIVE% {8ebb486e-d8d1-11de-b7c7-001d094a6c70} no_sh: folder_list: %DRIVE% {bc114bd5-c108-11dd-abdd-001f3ae273a2} no_sh: folder_list: %DRIVE%` - Izvršiti komandu klikom na taster Run Script; Po izvršenju komande USBNoRisk će se automatski vratiti na karticu Monitor; - Uraditi desni klik unutar belog okvira prozora i odabrati opciju Save Log; Otvoriće se prozor Notepad_a sa tekstom koji je potrebno iskopirati ovde u poruci.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » virus sa usb-a

Ko je trenutno na forumu

Ukupno su 841 korisnika na forumu :: 27 registrovanih, 4 sakrivenih i 810 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Albin0, babaroga, bobomicek, drimer, Haris, interesujeme, Kubovac, Lieutenant, mercedesamg, Miki01, milenko crazy north, Milometer, Milos ZA, moldway, proka89, radoznao, raketaš, raptorsi, ruma, S2M, Sass Drake, skvara, stegonosa, vathra, VP6919, W123, Zanim98

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by