MyCity » Ambulanta -> Arhiva Ambulante » vlada

vlada

Napisano na dan: 23.11.2008

Strana:
1
2
3
4

vlada

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3
4

sumadijaboy Poslao: 23 Nov 2008 17:03 Idi na vrh
offline sumadijaboy Građanin Pridružio: 29 Dec 2008 Poruke: 42 Gde živiš: Kragujevac	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:55:08, on 11/23/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\windows\Explorer.EXE C:\Program Files\AskBarDis\bar\bin\AskService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\windows\System32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Antivirus 2009\av2009.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Opera 9.5 beta\opera.exe C:\Documents and Settings\XxX\Desktop\program\prg.exe..exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\M3PLUGIN.DLL,UPF O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL,S O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [10728480082136744852497218833827] C:\Program Files\Antivirus 2009\av2009.exe O4 - HKCU\..\Run: [Intelinet] C:\Program Files\Intelinet\Intelinet.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: PowerReg Scheduler V3.exe O4 - Startup: PowerReg Scheduler.exe O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe O8 - Extra context menu item: &Search - edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNman000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file://C:\Program Files\Book of Legends\Images\stg_drm.ocx O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file://C:\Program Files\Book of Legends\Images\armhelper.ocx O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: IntelinetSecure - Unknown owner - C:\Program Files\Intelinet\intelin2.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\windows\system32\drivers\KodakCCS.exe (file missing) O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwssvc.exe -- End of file - 6804 bytes

Profil

Piksi Poslao: 23 Nov 2008 17:21 Idi na vrh
offline Piksi Elitni građanin Pridružio: 13 Nov 2003 Poruke: 2435	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... * Klikni desnim tasterom miša na AVG ikonicu ( ) u donjem, desnom uglu ekrana. * Kada se pokrene AVG Control Center, dvoklikni na AVG Resident Shield komponentu. * U prozoru koji se otvori, deštikliraj opciju Turn on AVG Resident Shield i klikni OK. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. - Poželjno je da pre skeniranja ComboFix-om isključiš i taj Intelinet software koji poseduješ. -------------------------------------------- Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

sumadijaboy Poslao: 23 Nov 2008 18:17 Idi na vrh
offline sumadijaboy Građanin Pridružio: 29 Dec 2008 Poruke: 42 Gde živiš: Kragujevac	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-11-22.02 - XxX 2008-11-23 17:37:45.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.48 [GMT 1:00] Running from: c:\documents and settings\XxX\Application Data\Opera\Opera 9.5 beta\profile\cache4\temporary_download\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Antivirus 2009 c:\program files\Antivirus 2009\av2009.exe c:\program files\FunWebProducts c:\program files\FunWebProducts\ScreenSaver\Images\00A66A0A.urr c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn-new.html c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.html c:\program files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html c:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html c:\program files\FunWebProducts\Shared\Cache\WebfettiBtn.html c:\program files\MyWebSearch c:\program files\MyWebSearch\bar\2.bin\F3HTMLMU.DLL c:\program files\MyWebSearch\bar\2.bin\MWSBAR.DLL c:\program files\MyWebSearch\bar\2.bin\MWSOEMON.EXE c:\program files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL c:\program files\MyWebSearch\bar\2.bin\MWSOESTB.DLL c:\program files\MyWebSearch\bar\3.bin\F3BKGERR.JPG c:\program files\MyWebSearch\bar\3.bin\F3CJPEG.DLL c:\program files\MyWebSearch\bar\3.bin\F3DTACTL.DLL c:\program files\MyWebSearch\bar\3.bin\F3HISTSW.DLL c:\program files\MyWebSearch\bar\3.bin\F3HTMLMU.DLL c:\program files\MyWebSearch\bar\3.bin\F3HTTPCT.DLL c:\program files\MyWebSearch\bar\3.bin\F3IMSTUB.DLL c:\program files\MyWebSearch\bar\3.bin\F3POPSWT.DLL c:\program files\MyWebSearch\bar\3.bin\F3PSSAVR.SCR c:\program files\MyWebSearch\bar\3.bin\F3REPROX.DLL c:\program files\MyWebSearch\bar\3.bin\F3RESTUB.DLL c:\program files\MyWebSearch\bar\3.bin\F3SCHMON.EXE c:\program files\MyWebSearch\bar\3.bin\F3SCRCTR.DLL c:\program files\MyWebSearch\bar\3.bin\F3SPACER.WMV c:\program files\MyWebSearch\bar\3.bin\F3WALLPP.DAT c:\program files\MyWebSearch\bar\3.bin\F3WPHOOK.DLL c:\program files\MyWebSearch\bar\3.bin\FWPBUDDY.PNG c:\program files\MyWebSearch\bar\3.bin\M3FFXTBR.JAR c:\program files\MyWebSearch\bar\3.bin\M3FFXTBR.MANIFEST c:\program files\MyWebSearch\bar\3.bin\M3HIGHIN.EXE c:\program files\MyWebSearch\bar\3.bin\M3HTML.DLL c:\program files\MyWebSearch\bar\3.bin\M3IDLE.DLL c:\program files\MyWebSearch\bar\3.bin\M3IMPIPE.EXE c:\program files\MyWebSearch\bar\3.bin\M3MEDINT.EXE c:\program files\MyWebSearch\bar\3.bin\M3MSG.DLL c:\program files\MyWebSearch\bar\3.bin\M3NTSTBR.JAR c:\program files\MyWebSearch\bar\3.bin\M3NTSTBR.MANIFEST c:\program files\MyWebSearch\bar\3.bin\M3OUTLCN.DLL c:\program files\MyWebSearch\bar\3.bin\M3PLUGIN.DLL c:\program files\MyWebSearch\bar\3.bin\M3SKIN.DLL c:\program files\MyWebSearch\bar\3.bin\M3SKPLAY.EXE c:\program files\MyWebSearch\bar\3.bin\M3SLSRCH.EXE c:\program files\MyWebSearch\bar\3.bin\M3SRCHMN.EXE c:\program files\MyWebSearch\bar\3.bin\MWSBAR.DLL c:\program files\MyWebSearch\bar\3.bin\MWSOEMON.EXE c:\program files\MyWebSearch\bar\3.bin\MWSOEPLG.DLL c:\program files\MyWebSearch\bar\3.bin\MWSOESTB.DLL c:\program files\MyWebSearch\bar\3.bin\MWSSVC.EXE c:\program files\MyWebSearch\bar\3.bin\NPMYWEBS.DLL c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S c:\program files\MyWebSearch\bar\Cache\0008D1E5.bin c:\program files\MyWebSearch\bar\Cache\0008D614.bin c:\program files\MyWebSearch\bar\Cache\009B3580 c:\program files\MyWebSearch\bar\Cache\009B4833 c:\program files\MyWebSearch\bar\Cache\009B4ED9.bin c:\program files\MyWebSearch\bar\Cache\009B5792.bin c:\program files\MyWebSearch\bar\Cache\009B5BD6.bin c:\program files\MyWebSearch\bar\Cache\009B5FB5.bin c:\program files\MyWebSearch\bar\Cache\00D5C55E.bin c:\program files\MyWebSearch\bar\Cache\00D5CABA.bin c:\program files\MyWebSearch\bar\Cache\00D5D1E3.bin c:\program files\MyWebSearch\bar\Cache\014DCE70 c:\program files\MyWebSearch\bar\Cache\files.ini c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S c:\program files\MyWebSearch\bar\Game\CHESS.F3S c:\program files\MyWebSearch\bar\Game\REVERSI.F3S c:\program files\MyWebSearch\bar\History\search3 c:\program files\MyWebSearch\bar\icons\CM.ICO c:\program files\MyWebSearch\bar\icons\MFC.ICO c:\program files\MyWebSearch\bar\icons\PSS.ICO c:\program files\MyWebSearch\bar\icons\SMILEY.ICO c:\program files\MyWebSearch\bar\icons\WB.ICO c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO c:\program files\MyWebSearch\bar\Message\COMMON.F3S c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S c:\program files\MyWebSearch\bar\Notifier\DOG.F3S c:\program files\MyWebSearch\bar\Notifier\FISH.F3S c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S c:\program files\MyWebSearch\bar\Notifier\MAID.F3S c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S c:\program files\MyWebSearch\bar\Settings\prevcfg2.htm c:\program files\MyWebSearch\bar\Settings\s_pid.dat c:\program files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL c:\windows\prefs_zb.dll c:\windows\system32\f3PSSavr.scr c:\windows\system32\ieupdates.exe.tmp . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_MYWEBSEARCHSERVICE -------\Service_MyWebSearchService ((((((((((((((((((((((((( Files Created from 2008-10-23 to 2008-11-23 ))))))))))))))))))))))))))))))) . 2008-11-22 23:41 . 2008-11-22 23:41 0 --a------ C:\proc.id 2008-11-22 23:41 . 2008-11-22 23:41 0 --a------ C:\asdasd.asdasd 2008-11-22 23:39 . 2008-11-22 23:48 <DIR> d-------- c:\program files\Intelinet 2008-11-22 22:47 . 2008-11-22 22:47 <DIR> d-------- c:\program files\Enigma Software Group 2008-11-22 19:12 . 2008-11-22 19:12 <DIR> d-------- c:\documents and settings\XxX\Application Data\Gogii Games 2008-11-22 19:12 . 2008-11-22 19:12 <DIR> d-------- c:\documents and settings\All Users\Application Data\Gogii Games 2008-11-22 19:07 . 2008-11-22 19:07 <DIR> d-------- c:\documents and settings\XxX\Application Data\SpinTop 2008-11-20 18:17 . 2008-11-20 18:17 <DIR> d-------- c:\program files\Fun Web Products 2008-11-20 16:21 . 2008-11-20 16:21 <DIR> d--hs---- c:\windows\ftpcache 2008-11-20 02:01 . 2008-11-20 02:12 <DIR> d-------- c:\program files\Trymedia 2008-11-20 00:41 . 2008-11-20 00:41 <DIR> d-------- c:\program files\ReflexiveArcade 2008-11-19 21:08 . 2008-11-19 21:09 <DIR> d-------- c:\documents and settings\XxX\Application Data\FirstColony 2008-11-18 17:27 . 2008-11-18 17:27 <DIR> d-------- c:\documents and settings\XxX\Application Data\Elladive3 2008-11-18 16:55 . 2008-11-18 16:55 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple 2008-11-18 16:39 . 2008-11-18 16:50 <DIR> d-------- c:\documents and settings\XxX\Application Data\flightgear.org 2008-11-18 12:41 . 2008-11-19 14:16 <DIR> d--h----- C:\$AVG8.VAULT$ 2008-11-17 23:38 . 2008-11-17 23:38 <DIR> d-------- c:\documents and settings\XxX\Application Data\Pirates of the Atlantic 2008-11-17 20:14 . 2008-11-17 20:14 <DIR> d-------- c:\program files\AskSearch 2008-11-17 20:14 . 2008-11-17 20:14 <DIR> d-------- c:\program files\AskBarDis 2008-11-17 19:01 . 2008-11-17 19:01 <DIR> d-------- c:\program files\Common Files\Apple 2008-11-17 19:00 . 2008-11-17 19:01 <DIR> d-------- c:\program files\QuickTime 2008-11-17 18:59 . 2008-11-17 18:59 <DIR> d-------- c:\program files\Apple Software Update 2008-11-10 23:00 . 2008-11-10 23:00 <DIR> d-------- c:\program files\MSXML 4.0 2008-11-10 21:17 . 2008-11-10 21:17 <DIR> d-------- c:\documents and settings\XxX\Application Data\MSN6 2008-11-10 21:17 . 2008-11-10 21:17 <DIR> d-------- c:\documents and settings\All Users\Application Data\MSN6 2008-11-10 21:05 . 2008-06-13 12:05 272,128 -----c--- c:\windows\system32\dllcache\bthport.sys 2008-11-10 21:04 . 2008-08-14 11:04 138,496 -----c--- c:\windows\system32\dllcache\afd.sys 2008-11-10 21:03 . 2008-09-08 11:41 333,824 -----c--- c:\windows\system32\dllcache\srv.sys 2008-11-10 21:02 . 2008-09-15 13:12 1,846,400 -----c--- c:\windows\system32\dllcache\win32k.sys 2008-11-10 21:01 . 2008-08-14 11:11 2,189,184 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe 2008-11-10 21:01 . 2008-08-14 11:09 2,145,280 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe 2008-11-10 21:01 . 2008-08-14 10:33 2,066,048 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe 2008-11-10 21:01 . 2008-08-14 10:33 2,023,936 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe 2008-11-10 20:54 . 2008-05-08 15:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys 2008-11-10 20:52 . 2008-04-11 20:04 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll 2008-11-10 20:52 . 2008-05-01 15:33 331,776 -----c--- c:\windows\system32\dllcache\msadce.dll 2008-11-10 20:48 . 2008-10-15 17:34 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll 2008-11-10 20:47 . 2008-11-10 23:03 <DIR> d--h----- c:\windows\$hf_mig$ 2008-11-08 20:51 . 2008-11-08 20:51 <DIR> d---s---- c:\documents and settings\XxX\UserData 2008-11-07 12:18 . 2008-11-10 08:33 <DIR> d-------- c:\documents and settings\XxX\Contacts 2008-11-07 12:17 . 2008-11-07 12:17 268 --ah----- C:\sqmdata05.sqm 2008-11-07 12:17 . 2008-11-07 12:17 244 --ah----- C:\sqmnoopt05.sqm 2008-11-06 14:38 . 2004-06-10 15:31 135,168 -ra------ c:\windows\UNDPX2A.exe 2008-11-06 14:38 . 2004-06-10 15:34 53,693 -ra------ c:\windows\UNDPX2A.sys 2008-11-06 14:38 . 2004-06-10 00:42 15,429 -ra------ c:\windows\system32\drivers\Sacm2A.sys 2008-11-05 18:30 . 2008-11-05 18:30 268 --ah----- C:\sqmdata04.sqm 2008-11-05 18:30 . 2008-11-05 18:30 244 --ah----- C:\sqmnoopt04.sqm 2008-11-04 17:55 . 2008-11-04 17:55 554 --a------ c:\windows\eReg.dat 2008-11-03 23:21 . 2008-11-03 23:21 <DIR> d-------- c:\documents and settings\All Users\Application Data\Phenomedia . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-22 19:14 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2008-11-19 02:32 --------- d-----w c:\documents and settings\XxX\Application Data\Skype 2008-11-17 21:10 --------- d-----w c:\documents and settings\All Users\Application Data\avg8 2008-11-17 17:19 --------- d-----w c:\program files\Common Files\EasyInfo 2008-11-11 22:53 --------- d--h--w c:\program files\InstallShield Installation Information 2008-11-11 13:44 97,928 ----a-w c:\windows\system32\drivers\avgldx86.sys 2008-11-11 13:44 76,040 ----a-w c:\windows\system32\drivers\avgtdix.sys 2008-11-11 13:44 10,520 ----a-w c:\windows\system32\avgrsstx.dll 2008-11-04 18:25 --------- d-----w c:\program files\Kodak 2008-11-03 22:47 --------- d-----w c:\program files\Codemasters 2008-11-03 21:20 --------- d-----w c:\documents and settings\XxX\Application Data\BSplayer Pro 2008-11-02 12:52 --------- d-----w c:\program files\3DO 2008-10-21 09:14 164,992 ----a-w c:\windows\system32\drivers\athsgt.sys 2008-10-21 09:14 12,544 ----a-w c:\windows\system32\drivers\limsgt.sys 2008-10-17 20:20 43,520 ----a-w c:\windows\system32\CmdLineExt03.dll 2008-09-26 18:01 45 ----a-w c:\program files\Default.PLS 2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys 2008-09-10 15:48 30 ----a-w c:\program files\PDVD_MediaDisc.PlayList 2008-09-01 13:02 21,840 ----atw c:\windows\system32\SIntfNT.dll 2008-09-01 13:02 17,212 ----atw c:\windows\system32\SIntf32.dll 2008-09-01 13:02 12,067 ----atw c:\windows\system32\SIntf16.dll 2008-08-31 11:39 98,304 ----a-w c:\windows\system32\CmdLineExt.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2008-10-22 21:37 333192 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-10-22 333192] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-10-22 333192] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-20 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-11-11 1234712] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\XxX\Start Menu\Programs\Startup\ PowerReg Scheduler V3.exe [2008-07-01 225280] PowerReg Scheduler.exe [2008-06-04 256000] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2007-06-21 282624] KODAK Software Updater.lnk - c:\program files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-02-13 16423] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2007-10-10 18:51 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2007-09-25 00:11 132496 c:\program files\Java\jre1.6.0_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] --a------ 2007-12-20 16:16 37376 c:\program files\Winamp\winampa.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer] --a------ 2001-11-15 10:08 1216512 c:\windows\mixer.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "wuauserv"=2 (0x2) "WmdmPmSp"=2 (0x2) "usnjsvc"=3 (0x3) "seclogon"=2 (0x2) "Messenger"=2 (0x2) "ImapiService"=3 (0x3) "helpsvc"=2 (0x2) "FastUserSwitchingCompatibility"=3 (0x3) "wscsvc"=2 (0x2) "WmdmPmSN"=3 (0x3) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"= "c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-05-25 97928] R2 ASKService;ASKService;c:\program files\AskBarDis\bar\bin\AskService.exe [2008-11-17 464264] R2 athsgt;athsgt;c:\windows\system32\DRIVERS\athsgt.sys [2008-10-21 164992] R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-11-11 875288] R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-11-11 231704] R2 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-05-25 76040] R2 limsgt;limsgt;c:\windows\system32\DRIVERS\limsgt.sys [2008-10-21 12544] S3 IntelinetSecure;IntelinetSecure;c:\program files\Intelinet\intelin2.exe [2008-11-22 861464] S3 jswmidin;jswmidin;\??\c:\docume~1\XxX\LOCALS~1\Temp\jswmidin.sys [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{383fe9e0-3602-11dd-9d62-d33464f57776}] \Shell\Auto\command - auto.exe \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe . Contents of the 'Scheduled Tasks' folder 2008-11-23 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [] 2008-11-18 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] . - - - - ORPHANS REMOVED - - - - HKCU-Run-Intelinet - c:\program files\Intelinet\Intelinet.exe HKLM-Run-MyWebSearch Plugin - c:\progra~1\MYWEBS~1\bar\3.bin\M3PLUGIN.DLL MSConfigStartUp-DSS - c:\windows\dosocxpop32.exe MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\1.0.711.1664\GoogleToolbarNotifier.exe . ------- Supplementary Scan ------- . uStart Page = uSearch Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie mDefault_Search_URL = hxxp://www.google.com/ie uInternet Connection Wizard,ShellNext = iexplore uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s mSearchAssistant = hxxp://www.google.com/ie IE: &Search - edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNman000 O16 -: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab c:\windows\Downloaded Program Files\DirectAnimation Java Classes.osd O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd c:\windows\Downloaded Program Files\stg_drm.ocx - O16 -: {149E45D8-163E-4189-86FC-45022AB2B6C9} file://c:\program files\Book of Legends\Images\stg_drm.ocx c:\windows\Downloaded Program Files\armhelper.ocx - O16 -: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file://c:\program files\Book of Legends\Images\armhelper.ocx . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-11-23 17:42:46 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\wdfmgr.exe c:\windows\system32\wscntfy.exe c:\program files\AVG\AVG8\avgrsx.exe c:\program files\AVG\AVG8\avgrsx.exe c:\program files\AVG\AVG8\avgrsx.exe c:\program files\AVG\AVG8\avgrsx.exe . ************************************************************************ . Completion time: 2008-11-23 17:47:21 - machine was rebooted ComboFix-quarantined-files.txt 2008-11-23 16:47:16 Pre-Run: 837,541,888 bytes free Post-Run: 2,202,054,656 bytes free 316 --- E O F --- 2008-11-10 22:03:48

Profil

Piksi Poslao: 24 Nov 2008 17:35 Idi na vrh
offline Piksi Elitni građanin Pridružio: 13 Nov 2003 Poruke: 2435	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Izvini na čekanju... - Obriši sledeći folder: c:\program files\Intelinet - Nakon toga, preuzmi [url=https://www.mycity.rs/must-login.png fajl. Pokreni ga dvoklikom i prihvati sa Yes. Na kraju, reci mi kakvo je sada stanje. Ima li još nekih problema?

Profil

sumadijaboy Poslao: 24 Nov 2008 23:31 Idi na vrh
offline sumadijaboy Građanin Pridružio: 29 Dec 2008 Poruke: 42 Gde živiš: Kragujevac	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! jer manuelno da ga obrisem?

Profil

Piksi Poslao: 24 Nov 2008 23:34 Idi na vrh
offline Piksi Elitni građanin Pridružio: 13 Nov 2003 Poruke: 2435	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Selektuj folder, i pritisni kombinaciju tastera Shift + Delete. Naravno, potvrdi sa Yes. Nakon toga, isprati ostatak uputstva iz prethodnog posta, i reci mi kakvo je sada stanje... Inače, folder brišeš manuelno jer je suvišno pisati skript i pokretati ComboFix zbog jednog foldera.

Profil

sumadijaboy Poslao: 24 Nov 2008 23:38 Idi na vrh
offline sumadijaboy Građanin Pridružio: 29 Dec 2008 Poruke: 42 Gde živiš: Kragujevac	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! jel da ga iskopiram kod mene pa pokrenem ili kako?

Profil

Piksi Poslao: 24 Nov 2008 23:40 Idi na vrh
offline Piksi Elitni građanin Pridružio: 13 Nov 2003 Poruke: 2435	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Jesi li obrisao onaj folder? Preuzmi fajl sa sledeće lokacije (ako već nisi preuzeo iz posta iznad): https://www.mycity.rs/must-login.png Pokreni ga dvoklikom i prihvati sa Yes.

Profil

sumadijaboy Poslao: 24 Nov 2008 23:41 Idi na vrh
offline sumadijaboy Građanin Pridružio: 29 Dec 2008 Poruke: 42 Gde živiš: Kragujevac	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! mislim na ovaj fajl sto si mi dao?

Profil

Piksi Poslao: 24 Nov 2008 23:42 Idi na vrh
offline Piksi Elitni građanin Pridružio: 13 Nov 2003 Poruke: 2435	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Znam na koji fajl misliš, odgovorio sam ti u poruci iznad.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » vlada

Ko je trenutno na forumu

Ukupno su 866 korisnika na forumu :: 8 registrovanih, 1 sakriven i 857 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: bigfoot, branko7, esx66, hyla, mnn2, Parker, ruger357, yrraf

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by