MyCity » Ambulanta -> Arhiva Ambulante » Pomoc,problem sa trojancem

Pomoc,problem sa trojancem

Napisano na dan: 22.1.2008

Strana:
1
2

Pomoc,problem sa trojancem

Pagination

Prethodna strana

Odgovori

Strana:
1
2

ekano Poslao: 22 Jan 2008 21:46 Idi na vrh
offline ekano Građanin Pridružio: 03 Dec 2007 Poruke: 156 Gde živiš: Novi Sad	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ma stari komp,integrisana graficka,nadogradjivan al se ja malo razumem sta je sta tu Dopuna: 22 Jan 2008 21:46 sve sam ono uradio,ali ne mogu da nadjem folderC:\program files\video add-on,i fajl C:\windows\pandsf.dll

Profil

bobby Poslao: 22 Jan 2008 21:51 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pokreni ponovo ComboFix i postavi mi novi log, tu cu videti da li su ti folderi/fajlovi obrisani. Postavi mi takodje i novi HijackThis log, kao sto sam te vec zamolio u prethodnoj poruci.

Profil

ekano Poslao: 22 Jan 2008 22:21 Idi na vrh
offline ekano Građanin Pridružio: 03 Dec 2007 Poruke: 156 Gde živiš: Novi Sad	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-01-23.1 - x 2008-01-23 21:56:55.2 - NTFSx86 Running from: D:\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2007-12-23 to 2008-01-23 ))))))))))))))))))))))))))))))) . 2008-01-22 20:47 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe 2008-01-22 19:51 . 2008-01-22 19:51 1,468 --a------ C:\WINDOWS\system32\tmp.reg 2008-01-22 19:50 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2008-01-22 19:50 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2008-01-22 19:50 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe 2008-01-22 19:50 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe 2008-01-22 19:50 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2008-01-22 19:50 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2008-01-22 01:19 . 2008-01-22 01:19 44 --a------ C:\tmp.bat . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-14 00:18 --------- d-----w C:\Program Files\Common Files\NSV 2007-12-11 00:07 --------- d-----w C:\Program Files\Common Files\Adobe 2007-12-10 18:00 --------- d-----w C:\Program Files\directx 2007-12-10 14:32 --------- d-----w C:\Program Files\AIV Reminder 2007-12-09 23:15 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller 2007-12-09 22:50 --------- d-----w C:\Program Files\Windows Live 2007-12-07 23:23 --------- d-----w C:\Program Files\Multilizer2007TE 2007-12-03 16:59 --------- d-----w C:\Program Files\FDRLab 2007-11-26 18:24 1,434,582 ----a-w C:\Ipref271i_instalacija.exe 2007-11-20 11:03 1 -c--a-w C:\Program Files\Multilizer2007TEsetupkind.bin 2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll 2007-10-31 12:03 245,408 ----a-w C:\WINDOWS\system32\unicows.dll 2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll 2007-10-27 16:40 227,328 ----a-w C:\WINDOWS\system32\wmasf.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{6CA49FDD-4AEB-4F08-A394-C0A1F82CAA16}"= C:\Program Files\Video Add-on\ictmdl.dll [ ] [HKEY_CLASSES_ROOT\clsid\{6ca49fdd-4aeb-4f08-a394-c0a1f82caa16}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Octoshape Streaming Services"="C:\Program Files\Octoshape Streaming Services\x\OctoshapeClient.exe" [ ] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SystemTray"="SysTray.Exe" [2002-08-30 15:00 3072 C:\WINDOWS\system32\systray.exe] "FmctrlTray"="Fmctrl.EXE" [2001-08-20 21:47 270336 C:\WINDOWS\system32\fmctrl.exe] "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-10-22 11:43 949376] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 20:24 32768] "C-Media Mixer"="Mixer.exe" [2002-09-17 16:55 1622016 C:\WINDOWS\mixer.exe] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-10-22 16:02 185632] "QuickTime Task"="C:\Program Files\QuickTime Alternative\qttask.exe" [2007-06-29 06:24 286720] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648] "AIV Reminder"="C:\Program Files\AIV Reminder\aivreminder.exe" [2007-08-15 11:47 12980224] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] "LvHidSvc"="C:\WINDOWS\system32\lvhidsvc.exe" [2004-10-10 18:17 33280] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ TVR Schedule.lnk - C:\WINDOWS\Installer\{E4C3B10E-E277-4458-8440-DAE332D50BF3}\_4ae13d6c.exe [2007-12-10 18:57:20 1078] R3 3dfxvs;3dfxvs;C:\WINDOWS\system32\DRIVERS\3dfxvsm.sys [2001-08-17 13:48] R3 gameport;FM801 PCI Joystick;C:\WINDOWS\system32\DRIVERS\fmjoy.sys [2001-11-02 10:49] R3 wdm_fm801;FM801 PCI Audio (WDM);C:\WINDOWS\system32\drivers\fm801.sys [2001-11-02 14:33] . Contents of the 'Scheduled Tasks' folder "2007-12-21 06:16:04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2008-01-23 22:00:37 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . Completion time: 2008-01-23 22:03:17 ComboFix-quarantined-files.txt 2008-01-23 21:02:46 ComboFix2.txt 2008-01-23 19:56:16 . 2008-01-13 18:10:26 --- E O F --- Dopuna: 22 Jan 2008 22:21 Logfile of HijackThis v1.99.1 Scan saved at 10:19:08 PM, on 23-Jan-2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\lvhidsvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Fmctrl.EXE C:\Program Files\Eset\nod32kui.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\Mixer.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\AIV Reminder\aivreminder.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\TVR\TVR\RecSche.EXE C:\WINDOWS\msagent\AgentSvr.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe D:\HijackThis.exe O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [FmctrlTray] Fmctrl.EXE O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\qttask.exe" -atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AIV Reminder] C:\Program Files\AIV Reminder\aivreminder.exe O4 - HKLM\..\RunServices: [LvHidSvc] C:\WINDOWS\system32\lvhidsvc.exe O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Program Files\Octoshape Streaming Services\x\OctoshapeClient.exe" -inv:bootrun O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: TVR Schedule.lnk = ? O8 - Extra context menu item: Download with Xilisoft Download YouTube Video - C:\Program Files\Xilisoft\Download YouTube Video\upod_link.HTM O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]**\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Canon Camera Access Library 8 (CCALib8-) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: Lifeview HID Remote Controller Service (lvhidsvc) - Animation Technologies Inc. - C:\WINDOWS\system32\lvhidsvc.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

Profil

bobby Poslao: 22 Jan 2008 22:27 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Javljaju li se sada jos uvek one poruke na koje si se zalio?

Profil

ekano Poslao: 22 Jan 2008 22:39 Idi na vrh
offline ekano Građanin Pridružio: 03 Dec 2007 Poruke: 156 Gde živiš: Novi Sad	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nisam ni primetio da se ne javljaju,izgleda da si sve sredio,cak je i odziv brzi.Mogu da vratim NOD u igru? Dopuna: 22 Jan 2008 22:39 Ukljucio sam NOD32,sve radi kako treba,beskrajno ti hvala na utrosenom vremenu i pomoci.pozz

Profil

bobby Poslao: 22 Jan 2008 22:44 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Pomoc,problem sa trojancem

Ko je trenutno na forumu

Ukupno su 1223 korisnika na forumu :: 154 registrovanih, 16 sakrivenih i 1053 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 1MAP, 357magnum, 4thFlavian, Abdee, ajo baba, aleksmajstor, Alexa77, alexbr, alternator, Apok, armor, Arsenije, Ba4e, babaroga, Bacac, bgs, Bivan, bokisha253, bpop, Bubimir, casual03, ccoogg123, cemix, Cian, Cicumile, Citalac, CrazyNorth, d.arsenal321, Dambi, Dannyboy, darkangel, DavidA, dejanbenkovic, dekiz, Dimitrise93, dinamik, Django777, Djordje29, djukapfc, Dorcolac, dovlafkcz, draganl, DrFlyFisherman, Drugsparrow, E_Kurir, Egzekutor13, EXIT78, Flanker-G, flash12, Frunze, gagidjuric, Gall, GORDI, grunff2, h8propaganda, Hardenberg, icemilos, ivan1973, ivicasimo, Jakonjveliki, jarovitt, jeen yuhs, Jerry Drake, Jonbonjovi, jukeboxer, kn19, Kobrim, Kosmos Banja Luka, krca73, lcc, Lelemood, Lep1na, lord sir giga, Lucije Kvint, luka35, madun123, MakiMaki02, mango, marko.markovic, Marko1238, markomacii9, markoni.slo, maxim_von_burdengate, mercedesamg, mexo, Mi lao shu, Miki281, mikidragi, Milan A. Nikolic, milenko crazy north, milenko1980, Miletić Zoran, milivoje13, miljannis, Milo97, Milos1389, Milos1987, mnn2, moldway, N.e.m.a.nj.a., Najax, nemkea71, Niko Bitan, nuke92, nuki1234, Orc, Pekman, pirke96, pisac12, Prašinar, Prečanin30, PrincipL, proka89, radoznao, RajkoB, raykan, rebro1974, rikirubio, romark, royst33, RS28, s0ne, saki80, sasics, savaskytec, scout81, sekretar, share00, sickmouse, Simonsen23, skvara, Sky diver 29, Smajser, Sr.Stat., Srpska zauvjek, stegonosa, Tandrkalo, The Boss, UAV operator, ujke, uruk, Vatreni Zmaj, Vica1958, vidra1, Viktor Petrenko, voja64, vojnik švejk, volimpivuvolimrakiju, Wrangler, XRF_d, zmajbre, zokizemun, Zrcalo, zziko

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by