MyCity » Ambulanta -> Arhiva Ambulante » Dosta trojanaca

Dosta trojanaca

Napisano na dan: 14.10.2010

Strana:
1
2

Dosta trojanaca

Pagination

Prethodna strana

Odgovori

Strana:
1
2

bobang Poslao: 15 Okt 2010 17:19 Idi na vrh
offline bobang Ugledni građanin Pridružio: 16 Avg 2007 Poruke: 315 Gde živiš: Srbija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 15 Okt 2010 16:35 Za sada mi izgleda sve OK! Dopuna: 15 Okt 2010 17:19 Dok ne dobijem odgovor sta dalje evo sta sad pise Opet ima Smart engine DDS (Ver_10-10-10.03) - NTFSx86 Run by Boban at 17:16:59,50 on pet 15.10.2010 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.1023.551 [GMT 2:00] AV: Smart Engine On-access scanning enabled (Updated) {43E6C7C0-F2DA-4DCD-8168-B704F47AC639} FW: Smart Engine enabled {FBE97B5D-5C3F-4C5A-B804-509D305CD8EA} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\soundman.exe C:\Windows\PixArt\PAC7302\Monitor.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Program Files\USB Disk Security\USBGuard.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\FsUsbExService.Exe C:\Windows\system32\lxblcoms.exe C:\Windows\Installer\MSI8878.tmp C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\DllHost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Users\Boban\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = [Link mogu videti samo ulogovani korisnici] mStart Page = [Link mogu videti samo ulogovani korisnici] uInternet Settings,ProxyServer = 61.213.158.124:8080 BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun mRun: [SoundMan] SOUNDMAN.EXE mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe mRun: [USB Antivirus] c:\program files\usb disk security\RunUSBGuard.exe mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe" mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice dRun: [Samsung.PCSync] "c:\program files\samsung\samsung pc studio 7\PcSync2.exe" /NoDialog mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 2 (0x2) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {36ECAF82-3300-8F84-092E-AFF36D6C7040} - {86529161-034E-4F8A-88D2-3C625E612E04} - c:\program files\winhttrack\WinHTTrackIEBar.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL TCP: {13216134-FE2B-463E-AAE2-7B8366D322C2} = 194.106.162.10,194.106.162.3 TCP: {E87B3B01-C5BC-4536-9537-998186833CAD} = 212.200.191.166,212.200.190.166 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL ================= FIREFOX =================== FF - ProfilePath - c:\users\boban\appdata\roaming\mozilla\firefox\profiles\kinlniph.default\ FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici] FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); ============= SERVICES / DRIVERS =============== R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2009-2-13 727720] R2 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2009-2-13 38240] R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-9-1 222568] R2 lxbl_device;lxbl_device;c:\windows\system32\lxblcoms.exe -service --> c:\windows\system32\lxblcoms.exe -service [?] R2 SCPDFReadSpool;SolidConverterPDFReadSpool;c:\windows\installer\MSI8878.tmp [2010-2-28 189760] R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-9-1 36640] R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2010-3-3 27632] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 nmwcdsa;Samsung USB Phone Parent;c:\windows\system32\drivers\nmwcdsa.sys [2007-5-2 135680] S3 nmwcdsac;Samsung USB Generic;c:\windows\system32\drivers\nmwcdsac.sys [2007-5-2 8320] S3 nmwcdsacj;Samsung USB Port;c:\windows\system32\drivers\nmwcdsacj.sys [2007-5-2 12288] S3 nmwcdsacm;Samsung USB Modem;c:\windows\system32\drivers\nmwcdsacm.sys [2007-5-2 12288] ============== File Associations =============== .txt=UltraEdit.txt =============== Created Last 30 ================ 2010-10-15 10:22:30 -------- d-sh--w- C:\$RECYCLE.BIN 2010-10-15 07:34:33 -------- d-----w- c:\program files\ESET 2010-10-14 13:34:21 -------- d-----w- c:\users\boban\appdata\local\temp 2010-10-14 11:55:04 -------- d-----w- c:\program files\Thinking BIG 2010-10-14 09:18:23 -------- d-sh--w- c:\progra~2\SMPVGYFWE 2010-10-14 08:07:53 -------- d-----w- c:\users\boban\appdata\local\Google 2010-10-14 07:48:57 6084944 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{3ee9c02d-90fa-411e-b06e-8b7a57c627c2}\mpengine.dll 2010-10-14 07:35:22 2048 ----a-w- c:\windows\system32\tzres.dll 2010-10-14 07:35:09 4247040 ----a-w- c:\program files\windows nt\accessories\wordpad.exe 2010-10-14 07:35:08 1413632 ----a-w- c:\windows\system32\ole32.dll 2010-10-14 07:35:02 530432 ----a-w- c:\windows\system32\comctl32.dll 2010-10-14 07:35:00 109056 ----a-w- c:\windows\system32\t2embed.dll 2010-10-14 07:34:59 224256 ----a-w- c:\windows\system32\schannel.dll 2010-10-14 07:34:57 316928 ----a-w- c:\windows\system32\spoolsv.exe 2010-10-14 07:34:44 2327552 ----a-w- c:\windows\system32\win32k.sys 2010-10-14 07:34:26 310784 ----a-w- c:\windows\system32\drivers\srv.sys 2010-10-14 07:34:26 308736 ----a-w- c:\windows\system32\drivers\srv2.sys 2010-10-14 07:34:26 168448 ----a-w- c:\windows\system32\srvsvc.dll 2010-10-14 07:34:26 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys 2010-10-14 07:33:30 738816 ----a-w- c:\windows\system32\wmpmde.dll 2010-10-14 07:33:29 363520 ----a-w- c:\windows\system32\StructuredQuery.dll 2010-10-10 08:13:25 -------- d-----w- c:\users\boban\appdata\roaming\Uniblue 2010-10-10 08:13:25 -------- d-----w- c:\program files\Uniblue 2010-10-10 08:13:25 -------- d-----w- c:\progra~2\DriverScanner 2010-10-10 08:10:48 -------- dc-h--w- c:\progra~2\{148D8B8A-8F96-4822-81EC-D510B626B7D5} 2010-10-10 08:03:05 -------- d-----w- c:\program files\FLVTube Player 2010-10-07 08:11:14 98304 ----a-r- c:\users\boban\appdata\roaming\microsoft\installer\{3577e42b-3347-4eb8-bfda-d36e8ed3c519}\icons.exe 2010-10-01 07:37:19 -------- d-----w- c:\program files\ADR 2010-09-30 17:06:37 117760 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\lxblpp5c.dll 2010-09-30 07:12:15 56496 ----a-w- c:\windows\system32\wbhelp2.dll 2010-09-30 07:12:15 544768 ----a-w- c:\windows\system32\wbocx.ocx 2010-09-30 07:12:15 258352 ----a-w- c:\windows\system32\unicows.dll 2010-09-30 07:12:14 4608 ----a-w- c:\windows\system32\W95INF32.DLL 2010-09-30 07:12:14 33968 ----a-w- c:\windows\system32\anim.dll 2010-09-30 07:12:14 2272 ----a-w- c:\windows\system32\W95INF16.DLL 2010-09-30 07:12:14 1706800 ----a-w- c:\windows\system32\gdiplus.dll 2010-09-30 07:12:13 -------- d-----w- c:\program files\WinUtilities 2010-09-30 06:45:30 -------- d-----w- c:\program files\common files\UIE 2010-09-27 20:33:44 -------- d-----w- c:\program files\GNU 2010-09-23 17:04:16 231712 ----a-w- c:\windows\FOXDOC.EXE 2010-09-23 11:19:49 -------- d-----w- C:\mag 2010-09-22 16:10:52 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll 2010-09-19 11:04:37 -------- d-----w- c:\users\boban\Programs 2010-09-19 10:48:03 -------- d-----w- c:\program files\Smart PC Solutions 2010-09-17 13:44:35 -------- d-----w- c:\program files\Able2Extract Professional 5.0 ==================== Find3M ==================== 2010-09-08 04:30:04 978432 ----a-w- c:\windows\system32\wininet.dll 2010-09-08 04:28:15 44544 ----a-w- c:\windows\system32\licmgr10.dll 2010-09-08 03:22:31 386048 ----a-w- c:\windows\system32\html.iec 2010-09-08 02:48:16 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2010-09-01 04:23:49 12625408 ----a-w- c:\windows\system32\wmploc.DLL 2010-08-31 04:32:30 954752 ----a-w- c:\windows\system32\mfc40.dll 2010-08-31 04:32:30 954288 ----a-w- c:\windows\system32\mfc40u.dll 2010-07-29 06:30:49 197632 ----a-w- c:\windows\system32\ir32_32.dll 2010-07-29 06:30:34 82944 ----a-w- c:\windows\system32\iccvid.dll ============= FINISH: 17:17:40,62 ===============

Profil

diarno Poslao: 15 Okt 2010 21:00 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! jos samo ovo pa smo zavrsili : Privremeno iskljuci Antivirus! Uploaduj mi sledece fajlove : C:\Qoobox\Quarantine\c\users\Public\Documents\Server\admin.txt.vir C:\Qoobox\Quarantine\c\users\Public\Documents\Server\server.dat.vir C:\Qoobox\Quarantine\c\windows\System32\wininit.exe.vir [Link mogu videti samo ulogovani korisnici] Zatim uradi sledece : Otvoriti Notepad i iskopirati sledeci tekst: `SecCenter:: {43E6C7C0-F2DA-4DCD-8168-B704F47AC639} {FBE97B5D-5C3F-4C5A-B804-509D305CD8EA}` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

bobang Poslao: 15 Okt 2010 23:53 Idi na vrh
offline bobang Ugledni građanin Pridružio: 16 Avg 2007 Poruke: 315 Gde živiš: Srbija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 10-10-14.01 - Boban 15.10.2010 23:42:39.3.1 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.1023.546 [GMT 2:00] Running from: c:\users\Boban\Desktop\ComboFix.exe Command switches used :: c:\users\Boban\Desktop\CFScript.txt * Resident AV is active . ((((((((((((((((((((((((( Files Created from 2010-09-15 to 2010-10-15 ))))))))))))))))))))))))))))))) . 2010-10-15 21:49 . 2010-10-15 21:49 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-10-15 07:34 . 2010-10-15 07:34 -------- d-----w- c:\program files\ESET 2010-10-14 13:34 . 2010-10-15 21:49 -------- d-----w- c:\users\Boban\AppData\Local\temp 2010-10-14 11:55 . 2010-10-14 11:55 -------- d-----w- c:\program files\Thinking BIG 2010-10-14 09:18 . 2010-10-14 09:18 -------- d-sh--w- c:\programdata\SMPVGYFWE 2010-10-14 09:02 . 2010-10-14 09:02 -------- d-----w- c:\program files\Common Files\Adobe 2010-10-14 08:07 . 2010-10-14 08:07 -------- d-----w- c:\users\Boban\AppData\Local\Google 2010-10-14 07:48 . 2010-09-09 22:52 6084944 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3EE9C02D-90FA-411E-B06E-8B7A57C627C2}\mpengine.dll 2010-10-14 07:35 . 2010-06-19 06:15 2048 ----a-w- c:\windows\system32\tzres.dll 2010-10-14 07:35 . 2010-06-29 04:57 4247040 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe 2010-10-14 07:35 . 2010-06-29 05:02 1413632 ----a-w- c:\windows\system32\ole32.dll 2010-10-14 07:35 . 2010-08-21 05:33 530432 ----a-w- c:\windows\system32\comctl32.dll 2010-10-14 07:35 . 2010-08-26 04:39 109056 ----a-w- c:\windows\system32\t2embed.dll 2010-10-14 07:34 . 2010-08-21 05:36 224256 ----a-w- c:\windows\system32\schannel.dll 2010-10-14 07:34 . 2010-08-21 05:32 316928 ----a-w- c:\windows\system32\spoolsv.exe 2010-10-14 07:34 . 2010-09-01 02:34 2327552 ----a-w- c:\windows\system32\win32k.sys 2010-10-14 07:34 . 2010-08-27 05:46 168448 ----a-w- c:\windows\system32\srvsvc.dll 2010-10-14 07:34 . 2010-08-27 03:31 310784 ----a-w- c:\windows\system32\drivers\srv.sys 2010-10-14 07:34 . 2010-08-27 03:30 308736 ----a-w- c:\windows\system32\drivers\srv2.sys 2010-10-14 07:34 . 2010-08-27 03:30 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys 2010-10-14 07:33 . 2010-08-21 05:36 738816 ----a-w- c:\windows\system32\wmpmde.dll 2010-10-14 07:33 . 2010-05-05 06:46 363520 ----a-w- c:\windows\system32\StructuredQuery.dll 2010-10-10 08:13 . 2010-10-10 08:13 -------- d-----w- c:\programdata\DriverScanner 2010-10-10 08:13 . 2010-10-10 08:13 -------- d-----w- c:\users\Boban\AppData\Roaming\Uniblue 2010-10-10 08:13 . 2010-10-10 08:13 -------- d-----w- c:\program files\Uniblue 2010-10-10 08:10 . 2010-10-10 08:13 -------- dc-h--w- c:\programdata\{148D8B8A-8F96-4822-81EC-D510B626B7D5} 2010-10-10 08:03 . 2010-10-10 08:13 -------- d-----w- c:\program files\FLVTube Player 2010-10-07 08:11 . 2010-10-07 08:11 98304 ----a-r- c:\users\Boban\AppData\Roaming\Microsoft\Installer\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}\icons.exe 2010-10-01 07:37 . 2010-10-01 07:37 -------- d-----w- c:\program files\ADR 2010-09-30 17:06 . 2007-03-23 00:10 117760 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\lxblpp5c.dll 2010-09-30 07:12 . 2010-07-25 20:23 56496 ----a-w- c:\windows\system32\wbhelp2.dll 2010-09-30 07:12 . 2010-07-25 20:23 544768 ----a-w- c:\windows\system32\wbocx.ocx 2010-09-30 07:12 . 2010-07-25 20:23 258352 ----a-w- c:\windows\system32\unicows.dll 2010-09-30 07:12 . 2010-07-25 20:23 33968 ----a-w- c:\windows\system32\anim.dll 2010-09-30 07:12 . 2010-07-25 20:23 1706800 ----a-w- c:\windows\system32\gdiplus.dll 2010-09-30 07:12 . 2010-07-25 20:23 4608 ----a-w- c:\windows\system32\W95INF32.DLL 2010-09-30 07:12 . 2010-07-25 20:23 2272 ----a-w- c:\windows\system32\W95INF16.DLL 2010-09-30 07:12 . 2010-09-30 07:18 -------- d-----w- c:\program files\WinUtilities 2010-09-30 06:45 . 2010-10-14 13:33 -------- d-----w- c:\program files\Common Files\UIE 2010-09-30 06:44 . 2010-09-30 07:22 -------- d-----w- c:\programdata\WinZip 2010-09-27 20:33 . 2010-09-27 20:33 -------- d-----w- c:\program files\GNU 2010-09-23 17:04 . 1988-07-25 13:17 231712 ----a-w- c:\windows\FOXDOC.EXE 2010-09-23 11:19 . 2010-10-08 07:29 -------- d-----w- C:\mag 2010-09-22 16:10 . 2010-09-22 16:10 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll 2010-09-19 11:04 . 2010-09-19 14:29 -------- d-----w- c:\users\Boban\Programs 2010-09-19 10:48 . 2010-09-19 10:48 -------- d-----w- c:\program files\Smart PC Solutions 2010-09-17 13:44 . 2010-09-17 13:47 -------- d-----w- c:\program files\Able2Extract Professional 5.0 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2005-07-26 77824] "PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584] "USB Antivirus"="c:\program files\USB Disk Security\RunUSBGuard.exe" [2010-01-10 86016] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-03-09 15872] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-13 2046120] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Samsung.PCSync"="c:\program files\Samsung\Samsung PC Studio 7\PcSync2.exe" [2009-06-04 1294336] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 2 (0x2) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer1"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp R3 nmwcdsa;Samsung USB Phone Parent;c:\windows\system32\drivers\nmwcdsa.sys [2007-05-02 135680] R3 nmwcdsac;Samsung USB Generic;c:\windows\system32\drivers\nmwcdsac.sys [2007-05-02 8320] R3 nmwcdsacj;Samsung USB Port;c:\windows\system32\drivers\nmwcdsacj.sys [2007-05-02 12288] R3 nmwcdsacm;Samsung USB Modem;c:\windows\system32\drivers\nmwcdsacm.sys [2007-05-02 12288] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-13 106208] S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-02-13 727720] S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-02-13 38240] S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-02-25 222568] S2 lxbl_device;lxbl_device;c:\windows\system32\lxblcoms.exe [2007-04-20 537520] S2 SCPDFReadSpool;SolidConverterPDFReadSpool;c:\windows\Installer\MSI8878.tmp [2010-02-28 189760] S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-02-16 36640] S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2010-03-03 27632] . . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] mStart Page = [Link mogu videti samo ulogovani korisnici] uInternet Settings,ProxyServer = 61.213.158.124:8080 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: {13216134-FE2B-463E-AAE2-7B8366D322C2} = 194.106.162.10,194.106.162.3 TCP: {E87B3B01-C5BC-4536-9537-998186833CAD} = 212.200.191.166,212.200.190.166 FF - ProfilePath - c:\users\Boban\AppData\Roaming\Mozilla\Firefox\Profiles\kinlniph.default\ FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici] FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SCPDFReadSpool] "ImagePath"="c:\windows\Installer\MSI8878.tmp" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-194353341-2772204618-2978154948-1001_Classes\VirtualStore\MACHINE\SOFTWARE\zbshareware] @DACL=(02 0000) DUMPHIVE0.003 (REGF) [HKEY_LOCAL_MACHINE\SOFTWARE\zbshareware] @DACL=(02 0000) DUMPHIVE0.003 (REGF) . Completion time: 2010-10-15 23:53:47 ComboFix-quarantined-files.txt 2010-10-15 21:53 ComboFix2.txt 2010-10-15 10:23 ComboFix3.txt 2010-10-14 13:40 Pre-Run: 3.199.090.688 bytes free Post-Run: 3.150.364.672 bytes free - - End Of File - - A8A4C13BD1F649BA05E896004A2A352F

Profil

diarno Poslao: 16 Okt 2010 15:00 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok to bi bilo to.. Uradi jos sledece : Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. Pozzzz

Profil

bobang Poslao: 16 Okt 2010 15:40 Idi na vrh
offline bobang Ugledni građanin Pridružio: 16 Avg 2007 Poruke: 315 Gde živiš: Srbija	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! hvala mnogooooooooo...

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Dosta trojanaca

Ko je trenutno na forumu

Ukupno su 1110 korisnika na forumu :: 115 registrovanih, 11 sakrivenih i 984 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, 8u47, A.R.Chafee.Jr., amstel2, Apok, Aquarius73, Arhiv, armor, B61, babaroga, bigfoot, black sabah, Bo96, bokisha253, bolimejoli, Bosnjo, brkan1, cemix, crazydkure, Crazzer, croato, darkangel, DavidA, del boy, Denaya, Dioniss, Djota1, DJUNTA, dolinalima, ds69, DucicM, Duh16, dule10savic, E_Kurir, Electron, Flotikius, FOX, Frunze, Gall, Georgius, goran.vvv, GrobarPovratak, Igor Antonic, ILGromovnik, ivan979, ivanb, jalos, JK, jodzula, Jomini, jovapad, kovinacc, KUZMAR, kybonacci, lavi, Lotus, lucko1, M74AB3, Macalone, Manjane, Marko Marković, Marko1238, Mercury, metallac777, Miki281, milenko crazy north, Milo97, Milometer, Mitogna, moldway, monomah, MrNo, N.e.m.a.nj.a., Nikola00, nisamBot, novator, nuki1234, Ognjen D., oldtimer, Panter, panzermilan45, Polemarchoi, Prečanin30, Profesor_018, proka89, raster12, Ray1973, RD84, redstar72, repac, rikirubio, ruma, Sagotolio, Sarmat, shota91, Sir Budimir, Sirius, sixpac, skvara, solic, Srky Boy, StalniPromatrač, synergia, tomigun, Tribal, uruk, Vica1958, Visionary, VNVK, voja64, wolverined4, YugoSlav, ZetaMan, zixmix, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by