MyCity » Ambulanta -> Arhiva Ambulante » Problem

Problem

Napisano na dan: 7.12.2008

Strana:
1
2

Problem

Sledeća strana

Pagination

Odgovori

Strana:
1
2

sex_mashine002 Poslao: 07 Dec 2008 17:12 Idi na vrh
offline sex_mashine002 Novi MyCity građanin Pridružio: 07 Dec 2008 Poruke: 14	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! A prije nego sto se digne sistem pojavi mi se neki problem neki error zute boje i pise YOU MAX A VICTIM OF SOFTWARE COUNTERFITING. a ispod pise REWSOLVE NOW I LATER NOW kao obnovi sad ili poslije ako ocu da se digne sistem mram kliknut REWSOLVE NOW . Cim se digne sistem odmah se automacki pokrece internet Explorer i govori da skinem nesto. A davno sam nesto skinuo zove se Genue Microsoft Softvare i stoji u desnom donjem uglu i nemoze se izbrisat.PROVIDNO JE I racunar mi strasno lose ide kad treba da otvorim fasciklu neku cekam dugo.SPOR TOTALNO Pa pogledaj te mozeli se sta uciniti da ga oporavim da bude kao prije.Unaprijed HVALA Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:49:46, on 7.12.2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\system32\slserv.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\D-Tools\daemon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\NVIDIA Corporation\NvMixer\NvMixerTray.exe C:\Program Files\Digsby\lib\digsby-app.exe C:\WINDOWS\explorer.exe C:\Program Files\Digsby\lib\aspell\bin\aspell.exe C:\Program Files\Opera\opera.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\svchost.exe C:\Documents and Settings\AB\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.freeze.com/?AcquisitionID=491bec86-2878-.....=&ipc= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=127.0.0.1:7070 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,C:\WINDOWS\system32\MPK\MPK.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - (no file) O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O3 - Toolbar: iMesh MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file) O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1606980848-1592454029-725345543-501\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Guest') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O8 - Extra context menu item: Add to Windows &Live Favorites - favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = kokot O17 - HKLM\Software\..\Telephony: DomainName = kokot O17 - HKLM\System\CCS\Services\Tcpip\..\{CCA65C1D-25E2-495F-921A-2A8E5304519B}: NameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = kokot O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 9302 bytes

Profil

bobby Poslao: 07 Dec 2008 17:18 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! To sto ti se pojavljuje, to ti Windows kaze da imas nelegalnu verziju (samog Windowsa) i da treba da kupis legalnu. To je sve.

Profil

sex_mashine002 Poslao: 07 Dec 2008 17:30 Idi na vrh
offline sex_mashine002 Novi MyCity građanin Pridružio: 07 Dec 2008 Poruke: 14	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! a imali kakvih virusa ili nepotrebnih fajlova ili errora

Profil

bobby Poslao: 07 Dec 2008 17:36 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imas KGB keylogger. Jesi li ga ti namerno instalirao ili ne?

Profil

sex_mashine002 Poslao: 07 Dec 2008 19:06 Idi na vrh
offline sex_mashine002 Novi MyCity građanin Pridružio: 07 Dec 2008 Poruke: 14	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! kako cu ga izbrisat nema ga u Add or Remuve programs

Profil

bobby Poslao: 07 Dec 2008 20:02 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

sex_mashine002 Poslao: 07 Dec 2008 20:42 Idi na vrh
offline sex_mashine002 Novi MyCity građanin Pridružio: 07 Dec 2008 Poruke: 14	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! skinem ga i nece da startuje pojavi se problem. pise WINDOWS CANNOT ACCESS THE SPECIFIED DEVICE.PATH,OR FILE. YOU MAY NOT HAVE THE APPROPRIATE PREMISSIONS TO ACCESS THE ITEM imali kakav drugi program. Dopuna: 07 Dec 2008 20:42 mOZELI SHORTCUT FIXER

Profil

bobby Poslao: 07 Dec 2008 22:22 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Probaj da skines odavde ovu verziju: http://amf.mycity.rs/programs/mirrored/C-F.exe

Profil

sex_mashine002 Poslao: 08 Dec 2008 15:38 Idi na vrh
offline sex_mashine002 Novi MyCity građanin Pridružio: 07 Dec 2008 Poruke: 14	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-12-07.01 - AB 2008-12-08 15:16:27.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.156 [GMT 1:00] Running from: c:\documents and settings\AB\Desktop\C-F.exe * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2008-11-08 to 2008-12-08 ))))))))))))))))))))))))))))))) . 2008-12-07 21:53 . 2008-12-08 00:31 <DIR> d-------- c:\documents and settings\AB\Application Data\.purple 2008-12-07 21:52 . 2008-12-07 21:52 <DIR> d-------- c:\program files\Pidgin 2008-12-07 21:52 . 2008-12-07 21:52 <DIR> d-------- c:\program files\Common Files\GTK 2008-12-07 21:22 . 2008-12-08 15:12 <DIR> d-------- C:\ComboFix 2008-12-06 18:48 . 2008-12-06 18:48 <DIR> d-------- c:\documents and settings\AB\Application Data\TuneUp Software 2008-12-06 18:47 . 2008-12-06 18:54 <DIR> d-------- c:\program files\TuneUp Utilities 2007 2008-12-06 18:47 . 2008-12-06 18:47 <DIR> d-------- c:\documents and settings\All Users\Application Data\TuneUp Software 2008-12-06 18:47 . 2007-05-16 09:41 29,704 --a------ c:\windows\system32\uxtuneup.dll 2008-12-06 18:45 . 2008-12-06 18:45 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard 2008-12-06 18:09 . 2008-12-06 18:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\Digsby 2008-12-06 18:00 . 2008-12-06 18:09 <DIR> d-------- c:\documents and settings\AB\Application Data\Digsby 2008-12-06 17:58 . 2008-12-06 17:59 <DIR> d-------- c:\program files\Digsby 2008-12-06 17:27 . 2008-12-06 17:32 <DIR> d-------- c:\program files\Online TV Player 4 2008-12-06 17:12 . 2008-12-06 17:12 <DIR> d-------- c:\documents and settings\AB\Application Data\Desktop Maestro 2008-12-06 17:11 . 2008-12-06 17:25 <DIR> d-------- c:\program files\Desktop Maestro 2008-12-06 15:58 . 2008-12-06 15:58 <DIR> d-------- c:\program files\MyTubePlayer 2008-12-06 12:02 . 2008-12-06 12:02 236 --a------ C:\sqmdata00.sqm 2008-12-06 12:02 . 2008-12-06 12:02 200 --a------ C:\sqmnoopt00.sqm 2008-12-06 12:01 . 2008-12-06 12:01 1,024 --a------ C:\.rnd 2008-12-06 12:00 . 2008-12-06 12:00 22 --a------ c:\windows\FileName 2008-12-06 11:57 . 2008-12-06 12:00 <DIR> d-------- c:\program files\NVIDIA Corporation 2008-12-06 11:57 . 2008-12-06 11:57 <DIR> d-------- c:\program files\Common Files\NVIDIA Shared 2008-12-06 11:56 . 2005-06-03 15:07 176,128 --a------ c:\windows\system32\nvuaudio.exe 2008-12-06 11:56 . 2005-02-11 04:14 4,624 --a------ c:\windows\system32\nvaudio.nvu 2008-12-06 11:48 . 2008-12-06 11:48 <DIR> d-------- C:\NVIDIA 2008-12-06 11:47 . 2008-12-06 11:47 224 --a------ c:\windows\system32\9B13A86D.plf 2008-12-06 11:20 . 2008-12-06 11:21 <DIR> d-------- c:\windows\$regcmp$ 2008-12-06 04:05 . 2008-12-06 04:05 <DIR> d-------- c:\documents and settings\All Users\Application Data\Cached Installations 2008-12-06 03:39 . 2008-12-06 03:40 <DIR> d-------- c:\windows\system32\NtmsData 2008-12-06 03:18 . 2008-12-06 03:18 <DIR> d-------- c:\program files\IObit 2008-12-06 03:18 . 2008-12-06 03:32 <DIR> d-------- c:\documents and settings\AB\Application Data\IObit 2008-12-06 02:09 . 2008-12-06 02:11 <DIR> d-------- c:\program files\SpywareBlaster 2008-12-06 02:09 . 2005-08-25 19:18 118,784 --a------ c:\windows\system32\MSSTDFMT.DLL 2008-12-06 01:49 . 2008-12-06 01:49 <DIR> d-------- c:\program files\Zappit 2008-12-06 01:23 . 2008-12-06 01:23 <DIR> d-------- c:\program files\Registry Clean Expert 2008-12-06 01:18 . 2008-12-06 11:19 <DIR> d-------- c:\program files\EMCO Malware Destroyer 2008-11-30 18:49 . 2008-11-30 18:49 <DIR> d-------- c:\documents and settings\AB\Application Data\Uniblue 2008-11-29 23:22 . 2008-11-30 12:13 <DIR> d-------- c:\program files\weblin 2008-11-29 23:20 . 2008-12-06 03:35 <DIR> d-------- c:\documents and settings\AB\Application Data\zweitgeist 2008-11-29 21:59 . 2008-11-29 21:59 96,976 --a------ c:\windows\system32\drivers\klin.dat 2008-11-29 21:59 . 2008-11-29 21:59 87,855 --a------ c:\windows\system32\drivers\klick.dat 2008-11-29 21:58 . 2008-11-29 21:58 <DIR> d-------- c:\program files\Kaspersky Lab 2008-11-29 21:58 . 2008-12-08 14:55 <DIR> d-------- c:\documents and settings\All Users\Application Data\Kaspersky Lab 2008-11-29 21:58 . 2008-12-08 00:34 2,791,968 --ahs---- c:\windows\system32\drivers\fidbox.dat 2008-11-29 21:58 . 2008-12-08 15:16 516,128 --ahs---- c:\windows\system32\drivers\fidbox2.dat 2008-11-29 21:58 . 2008-12-08 00:34 23,940 --ahs---- c:\windows\system32\drivers\fidbox.idx 2008-11-29 21:58 . 2008-12-08 15:16 2,844 --ahs---- c:\windows\system32\drivers\fidbox2.idx 2008-11-29 20:02 . 2008-11-29 20:42 664 --a------ c:\windows\system32\d3d9caps.dat 2008-11-28 16:45 . 2008-11-28 16:45 <DIR> d-------- c:\documents and settings\All Users\Application Data\ESET 2008-11-28 08:42 . 2008-05-09 11:53 512,000 -----c--- c:\windows\system32\dllcache\jscript.dll 2008-11-28 08:42 . 2008-05-09 11:53 430,080 -----c--- c:\windows\system32\dllcache\vbscript.dll 2008-11-28 08:42 . 2008-05-09 11:53 180,224 -----c--- c:\windows\system32\dllcache\scrobj.dll 2008-11-28 08:42 . 2008-05-09 11:53 172,032 -----c--- c:\windows\system32\dllcache\scrrun.dll 2008-11-28 08:42 . 2008-05-08 12:24 155,648 -----c--- c:\windows\system32\dllcache\wscript.exe 2008-11-28 08:42 . 2008-05-09 09:45 135,168 -----c--- c:\windows\system32\dllcache\cscript.exe 2008-11-28 08:42 . 2008-05-09 11:53 90,112 -----c--- c:\windows\system32\dllcache\wshext.dll 2008-11-27 23:13 . 2008-11-27 23:13 <DIR> d-------- c:\windows\system32\scripting 2008-11-27 23:13 . 2008-11-27 23:13 <DIR> d-------- c:\windows\system32\bits 2008-11-27 23:13 . 2008-11-27 23:13 <DIR> d-------- c:\windows\l2schemas 2008-11-27 23:10 . 2008-11-27 23:13 <DIR> d-------- c:\windows\ServicePackFiles 2008-11-27 23:02 . 2008-11-27 23:02 <DIR> d-------- c:\windows\system32\msmq 2008-11-25 20:19 . 2008-09-04 22:03 56,344 --a------ c:\windows\system32\drivers\fssfltr.sys 2008-11-24 18:48 . 2008-07-07 21:26 253,952 -----c--- c:\windows\system32\dllcache\es.dll 2008-11-24 18:48 . 2008-06-24 17:43 74,240 -----c--- c:\windows\system32\dllcache\mscms.dll 2008-11-24 18:46 . 2008-09-15 13:12 1,846,400 -----c--- c:\windows\system32\dllcache\win32k.sys 2008-11-24 18:46 . 2008-09-08 11:41 333,824 -----c--- c:\windows\system32\dllcache\srv.sys 2008-11-24 18:43 . 2008-08-14 11:11 2,189,184 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe 2008-11-24 18:43 . 2008-08-14 11:09 2,145,280 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe 2008-11-24 18:43 . 2008-08-14 10:33 2,066,048 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe 2008-11-24 18:43 . 2008-08-14 10:33 2,023,936 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe 2008-11-24 18:39 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys 2008-11-24 18:38 . 2008-04-11 20:04 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll 2008-11-24 18:35 . 2008-10-15 17:34 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll 2008-11-24 18:00 . 2008-04-14 01:12 397,056 --------- c:\windows\system32\s3gnb.dll 2008-11-24 18:00 . 2008-04-14 01:12 291,328 --------- c:\windows\system32\qagentrt.dll 2008-11-24 18:00 . 2008-04-14 01:12 290,304 --------- c:\windows\system32\rhttpaa.dll 2008-11-24 18:00 . 2004-08-03 22:29 166,912 --------- c:\windows\system32\drivers\s3gnbm.sys 2008-11-24 18:00 . 2008-04-14 01:12 150,528 --------- c:\windows\system32\qagent.dll 2008-11-24 18:00 . 2008-04-14 01:12 144,384 --------- c:\windows\system32\onex.dll 2008-11-24 18:00 . 2008-04-14 01:12 76,800 --------- c:\windows\system32\qutil.dll 2008-11-24 18:00 . 2008-04-14 01:12 62,464 --------- c:\windows\system32\qcliprov.dll 2008-11-24 18:00 . 2008-04-14 01:12 61,952 --------- c:\windows\system32\rasqec.dll 2008-11-24 18:00 . 2008-04-13 19:46 59,136 --------- c:\windows\system32\drivers\rfcomm.sys 2008-11-24 18:00 . 2008-04-14 01:12 32,768 --------- c:\windows\system32\setupn.exe 2008-11-24 18:00 . 2008-04-13 19:56 30,592 --------- c:\windows\system32\drivers\rndismpx.sys 2008-11-24 18:00 . 2008-04-13 19:40 10,240 --------- c:\windows\system32\drivers\sffp_mmc.sys 2008-11-24 17:59 . 2008-04-14 01:12 4,274,816 --------- c:\windows\system32\nv4_disp.dll 2008-11-24 17:59 . 2004-08-03 22:29 1,897,408 --------- c:\windows\system32\drivers\nv4_mini.sys 2008-11-24 17:58 . 2004-08-03 22:29 452,736 --------- c:\windows\system32\drivers\mtxparhm.sys 2008-11-24 17:58 . 2008-04-14 01:12 193,024 --------- c:\windows\system32\napmontr.dll 2008-11-24 17:58 . 2008-04-14 01:12 176,640 --------- c:\windows\system32\napstat.exe 2008-11-24 17:58 . 2004-07-17 11:35 67,866 --------- c:\windows\system32\drivers\netwlan5.img 2008-11-24 17:58 . 2008-04-14 01:12 30,208 --------- c:\windows\system32\napipsec.dll 2008-11-24 17:58 . 2008-04-13 19:43 12,672 --------- c:\windows\system32\drivers\mutohpen.sys 2008-11-24 17:57 . 2008-04-14 01:12 1,737,856 --------- c:\windows\system32\mtxparhd.dll 2008-11-24 17:57 . 2008-04-14 01:12 1,306,624 -----c--- c:\windows\system32\dllcache\msxml6.dll 2008-11-24 17:57 . 2008-04-14 01:12 155,136 --------- c:\windows\system32\mssha.dll 2008-11-24 17:57 . 2008-04-13 18:27 79,872 --a------ c:\windows\system32\msxml6r.dll 2008-11-24 17:57 . 2008-04-13 18:27 79,872 -----c--- c:\windows\system32\dllcache\msxml6r.dll 2008-11-24 17:57 . 2008-04-13 19:14 76,800 --------- c:\windows\system32\msshavmsg.dll 2008-11-24 17:56 . 2008-04-14 01:11 86,016 --------- c:\windows\system32\mdmxsdk.dll 2008-11-24 17:56 . 2004-08-03 22:41 11,868 --------- c:\windows\system32\drivers\mdmxsdk.sys 2008-11-24 17:55 . 2008-04-14 01:10 102,912 -----c--- c:\windows\system32\dllcache\dpcdll.dll 2008-11-24 17:55 . 2008-04-14 01:11 61,440 --------- c:\windows\system32\kmsvc.dll 2008-11-24 17:55 . 2008-04-14 01:11 37,376 --------- c:\windows\system32\l2gpstore.dll 2008-11-24 17:55 . 2008-04-14 01:09 24,064 -----c--- c:\windows\system32\dllcache\pidgen.dll 2008-11-24 17:55 . 2007-06-21 06:52 974 --------- c:\windows\system32\pid.inf 2008-11-24 17:53 . 2008-04-14 01:11 870,784 --------- c:\windows\system32\ati3d1ag.dll 2008-11-24 17:52 . 2008-04-14 01:11 290,816 --a--c--- c:\windows\system32\dllcache\adsiis51.dll 2008-11-24 15:45 . 2008-11-24 15:45 <DIR> d-------- c:\program files\Microsoft Office Outlook Connector 2008-11-24 15:39 . 2008-11-24 15:39 <DIR> d-------- c:\program files\Microsoft 2008-11-24 15:19 . 2008-11-24 15:19 <DIR> d-------- c:\program files\Common Files\Windows Live 2008-11-11 20:00 . 2008-11-11 20:00 218,376 --a------ c:\windows\system32\klogon.dll 2008-11-11 19:58 . 2008-11-11 19:58 25,601 --a------ c:\windows\system32\drivers\klopp.dat . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-08 14:20 --------- d-----w c:\documents and settings\AB\Application Data\Skype 2008-12-08 13:28 --------- d-----w c:\documents and settings\AB\Application Data\skypePM 2008-12-08 13:28 --------- d-----w c:\documents and settings\AB\Application Data\MegauploadToolbar 2008-12-06 16:19 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2008-12-06 11:10 --------- d-sh--w c:\documents and settings\All Users\Application Data\MPK 2008-12-06 10:57 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-06 02:35 --------- d-----w c:\program files\FDN 2008-11-30 11:11 --------- d-----w c:\program files\Transform XP to Vista 2008-11-29 19:51 --------- d-----w c:\documents and settings\All Users\Application Data\Bluetooth 2008-11-29 17:42 --------- d-----w c:\program files\Bonjour 2008-11-28 15:45 --------- d-----w c:\program files\Eset 2008-11-27 21:03 --------- d-----w c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files 2008-11-25 19:19 --------- d-----w c:\program files\Windows Live 2008-11-24 14:41 --------- d-----w c:\program files\Windows Live Toolbar 2008-11-24 13:15 --------- d-----w c:\program files\Opera 2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll 2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll 2008-09-30 15:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll 2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys 2008-09-08 23:03 51,712 ----a-w c:\windows\system32\sirenacm.dll 2008-04-03 09:44 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2008-09-09 3513344] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2007-12-07 21686568] "Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2008-11-26 2235920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-11-11 206088] "NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 131072] "nTrayFw"="c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" [2005-04-29 266240] "SoundMan"="SOUNDMAN.EXE" [2005-08-11 c:\windows\SOUNDMAN.EXE] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.DIV3"= DivXc32.dll "vidc.DIV4"= DivXc32f.dll "msacm.divxa32"= DivXa32.acm "vidc.xvid"= xvid.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\WINDOWS\\system32\\MPK\\Mpk.exe"= "c:\\WINDOWS\\system32\\MPK\\MpkView.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil_.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-01-29 32784] R2 fssfltr;FssFltr;c:\windows\system32\DRIVERS\fssfltr.sys [2008-11-25 56344] R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\DRIVERS\klfltdev.sys [2008-03-13 26640] R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\DRIVERS\klim5.sys [2008-04-30 24592] S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [] S3 fsssvc;Windows Live Family Safety;"c:\program files\Windows Live\Family Safety\fsssvc.exe" [2008-09-04 512536] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F946C9B1-VMVQ-A9RC-NUFL-D0BA00B4E444}] c:\documents and settings\AB\Desktop\data\L.exe . Contents of the 'Scheduled Tasks' folder 2008-12-06 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-08-02 19:35] 2008-12-06 c:\windows\Tasks\ParetoLogic Registration.job - c:\windows\system32\rundll32.exe [2008-04-14 01:12] . - - - - ORPHANS REMOVED - - - - BHO-{474597C5-AB09-49d6-A4D5-2E8D7341384E} - (no file) . ------- Supplementary Scan ------- . uStart Page = hxxp://my.freeze.com/?AcquisitionID=491bec86-2878-49d0-a13e-31fbc59e1e5f&s=&ipc= uInternet Settings,ProxyServer = socks=127.0.0.1:7070 uInternet Settings,ProxyOverride = .local IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm IE: Add to Banner Ad Blocker - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm IE: Add to Windows &Live Favorites - favorites.live.com/quickadd.aspx IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 LSP: %SYSTEMROOT%\system32\nvappfilter.dll TCP: {CCA65C1D-25E2-495F-921A-2A8E5304519B} = 192.168.1.1 FireFox -: Profile - c:\documents and settings\AB\Application Data\Mozilla\Firefox\Profiles\amenmeqk.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.ba/ . *********************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-12-08 15:20:34 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(1264) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'lsass.exe'(1404) c:\windows\system32\nvappfilter.dll - - - - - - - > 'explorer.exe'(5864) c:\program files\Windows Media Player\wmpband.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Completion time: 2008-12-08 15:28:05 ComboFix-quarantined-files.txt 2008-12-08 14:22:02 Pre-Run: 5,983,428,608 bytes free Post-Run: 5,967,843,328 bytes free 259 --- E O F --- 2008-12-07 23:34:38

Profil

bobby Poslao: 08 Dec 2008 21:21 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pokreni ponovo HijackThis, klikni na Do a system scan only Kada se pojavi lista, stikliraj polje ispred sledece linije: F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe,C:\WINDOWS\system32\MPK\MPK.exe klikni Fix checked ================================ Otvoriti Notepad i iskopirati sledeci tekst: `Folder:: c:\WINDOWS\system32\MPK\ Registry:: [-HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{F946C9B1-VMVQ-A9RC-NUFL-D0BA00B4E444}] DirLook: c:\documents and settings\AB\Desktop\data` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Problem

Ko je trenutno na forumu

Ukupno su 904 korisnika na forumu :: 6 registrovanih, 3 sakrivenih i 895 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: babaroga, Darkoniii_94, DejanSt, kolle.the.kid, Visionary, yrraf

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by