Možda tražite i:
virus,virusi ili....
Nepobedivi virus VIRUT W32.CF
mbam i sas nasli viruse dali su to stvarno virusi?

MyCity » Ambulanta -> Arhiva Ambulante » SBB i virus?

SBB i virus?

Napisano na dan: 12.1.2008

SBB i virus?

Sledeća strana

Pagination

Odgovori

dorothy Poslao: 12 Jan 2008 13:21 Idi na vrh
offline dorothy Građanin Pridružio: 07 Feb 2007 Poruke: 144 Gde živiš: u Ozu...	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imala sam wireless prikljucen na komp i posto sam se preselila u NS prebacila se na sbb. E sad, sve sam lepo prikljucila modem, spojila kablove, i radi ali...cim odem na net i budem 5-10 min (varira) racunar mi se sam resetuje i onda kada probam opet isto se desava. Pokusala sam da sve iskopcam ( iskljucila net) i ne desava mi se to. Skenirala sam racunar sa NOD 32 i nista ne pronalazi. Sta bi to moglo da bude? Neke od kolega mi kazu ( studiram informatiku, ali se bas i ne interesujem za taj deo) da je neki worm blaster ili tako nesto, i da moram da radim reinstall. Imate li pojma sta bi to moglo da bude, sta da pokusam, a da nije reinstall? Unapred se izvinjavam sto nisam postavila HijackThis log jer sam sada kuci ( a ne u NS). Ako imate neke ideje sta bi moglo biti i kako da to resim, kazite... Ako nista, stavljam log ali tek utorak... Hvala unapred.

Profil

dr_Bora Poslao: 12 Jan 2008 16:33 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Dorothy... Nepotrebne poruke iz ove teme su obrisane. Kada budeš u mogućnosti isprati uputstvo za otvaranje teme i postavljanje HT loga i uradićemo potrebne provere kako bi ustanovili da li je pomenuti problem prouzrokovan malware-om.

Profil

dorothy Poslao: 13 Jan 2008 18:23 Idi na vrh
offline dorothy Građanin Pridružio: 07 Feb 2007 Poruke: 144 Gde živiš: u Ozu...	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of HijackThis v1.99.1 Scan saved at 18:16:01, on 13.01.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Eset\nod32krn.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\WINDOWS\system32\nutsrv4.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Google\Google Talk\googletalk.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\RssReader\RssReader.exe C:\Program Files\Last.fm\LastFMHelper.exe C:\Program Files\Winamp\Winamp.exe C:\Program Files\Last.fm\LastFM.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE D:\Za svu gamad\New Folder\TR3.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [NuTCSetupEnviron] C:\Program Files\Rational\Rational Test\nutcroot\bin\ncoeenv.exe O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [RssReader] C:\Program Files\RssReader\RssReader.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [DLD.EXE] C:\Program Files\Download Direct\DLD.exe O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: GN-WPKG Utility.lnk = C:\Program Files\GIGABYTE\Gigabyte GN-WPKG Wireless PCI Adapter SoftAP\Installer\WINXP\RaConfig2500.exe O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Korisnik\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1164012359218 O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://d-dragana.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NuT(zabranjeno)ERService - DataFocus, Inc. - C:\WINDOWS\system32\nutsrv4.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe evo...bila sam brza...hvala unapred!

Profil

dr_Bora Poslao: 13 Jan 2008 19:25 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pokreni HT, skeniraj i čekiraj sledeću liniju: 2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll Klikni Fix Checked. Obriši folder: C:\Program Files\ContextTool\ ------------------------------------------------------------------------------------- Skini ComboFix sa jedne od sledecih adresa na Desktop: http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

dorothy Poslao: 14 Jan 2008 09:46 Idi na vrh
offline dorothy Građanin Pridružio: 07 Feb 2007 Poruke: 144 Gde živiš: u Ozu...	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-01-14.3 - Korisnik 2008-01-14 9:31:44.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.91 [GMT 1:00] Running from: D:\Za svu gamad\ComboFix.exe * Created a new restore point [color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color] . ((((((((((((((((((((((((( Files Created from 2007-12-14 to 2008-01-14 ))))))))))))))))))))))))))))))) . 2008-01-14 09:30 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe 2008-01-10 18:53 . 2003-04-11 09:31 14,336 -ra------ C:\WINDOWS\system32\drivers\sacmxp2.sys 2008-01-10 18:53 . 2003-04-16 09:25 14,011 -ra------ C:\WINDOWS\UNDPX2.EXE 2008-01-07 15:38 . 2008-01-07 15:38 1,409 --a------ C:\WINDOWS\system32\tmp96CCE.FOT 2008-01-07 15:38 . 2008-01-07 15:38 1,409 --a------ C:\WINDOWS\system32\tmp6FCCE.FOT 2007-12-20 00:54 . 2007-12-20 00:57 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2007-12-20 00:53 . 2007-12-20 00:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2007-12-17 21:01 . 1996-04-04 03:11 345,600 --------- C:\WINDOWS\system32\qtim32.dll 2007-12-17 21:01 . 1996-04-04 03:11 128,000 --------- C:\WINDOWS\system32\mc32.qtc 2007-12-17 21:01 . 1996-04-04 03:11 83,456 --------- C:\WINDOWS\system32\iv32qt32.qtc 2007-12-17 21:01 . 1996-04-04 03:11 38,912 --------- C:\WINDOWS\system32\dhio32.qtc 2007-12-17 21:01 . 1996-04-04 03:11 35,840 --------- C:\WINDOWS\system32\navg32.qtc 2007-12-17 21:01 . 1996-04-04 03:11 34,816 --------- C:\WINDOWS\system32\jpeg32.qtc 2007-12-17 21:01 . 1996-04-04 03:11 32,768 --------- C:\WINDOWS\system32\cmgr32.dll 2007-12-17 21:01 . 1996-04-04 03:11 20,480 --------- C:\WINDOWS\system32\raw32.qtc 2007-12-17 21:00 . 1996-04-04 03:11 229,376 --------- C:\WINDOWS\system32\rpza32.qtc 2007-12-17 21:00 . 1996-04-04 03:11 165,888 --------- C:\WINDOWS\system32\smc32.qtc 2007-12-17 21:00 . 1996-04-04 03:11 151,040 --------- C:\WINDOWS\system32\cvid32.qtc 2007-12-17 21:00 . 1996-04-04 03:11 103,936 --------- C:\WINDOWS\system32\rle32.qtc 2007-12-17 21:00 . 1996-04-04 03:11 24,064 --------- C:\WINDOWS\system32\dci32.qtc 2007-12-17 20:53 . 2007-12-18 10:18 <DIR> d-------- C:\WINDOWS\COREL 2007-12-17 20:53 . 1996-10-29 23:01 409,600 --------- C:\WINDOWS\system32\scint70.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-05 11:48 --------- d-----w C:\Documents and Settings\Korisnik\Application Data\LimeWire 2008-01-04 10:33 --------- d-----w C:\Program Files\Last.fm 2007-12-30 15:58 --------- d-----w C:\Program Files\SUPERAntiSpyware 2007-12-29 17:14 --------- d-----w C:\Documents and Settings\Korisnik\Application Data\Skype 2007-12-20 00:02 --------- d-----w C:\Program Files\MSN Messenger 2007-12-19 23:54 --------- d-----w C:\Program Files\Windows Live 2007-12-19 23:43 --------- d-----w C:\Program Files\Messenger Plus! Live 2007-12-19 23:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2007-12-18 10:26 --------- d-----w C:\Documents and Settings\Korisnik\Application Data\Audacity 2007-12-17 19:22 --------- d-----w C:\Program Files\EA GAMES 2007-12-11 20:46 --------- d-----w C:\Program Files\Google 2007-12-09 15:57 --------- d-----w C:\Program Files\KaraFun 2007-12-07 22:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Last.fm 2007-11-29 22:33 223,128 ----a-w C:\WINDOWS\system32\drivers\dtscsi.sys 2007-11-29 22:30 96,256 ----a-w C:\WINDOWS\system32\drivers\sptd0797.sys 2007-11-29 22:30 664,064 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2007-11-24 17:08 --------- d-----w C:\Program Files\Yahoo! 2007-11-21 18:20 --------- d-----w C:\Documents and Settings\Korisnik\Application Data\Rational 2007-11-21 18:19 --------- d-----w C:\Program Files\Rational 2007-11-17 09:03 11,861 ----a-w C:\WINDOWS\system32\drivers\mdc8021x.sys 2007-11-17 09:03 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-11-17 09:03 --------- d-----w C:\Program Files\GIGABYTE 2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll 2007-10-27 16:40 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll 2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-27 10:52 1318912] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184] "RssReader"="C:\Program Files\RssReader\RssReader.exe" [2004-04-04 15:21 1077248] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-29 19:22 68856] "DLD.EXE"="C:\Program Files\Download Direct\DLD.exe" [ ] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [ ] "BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-11-28 06:55 98304] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-11-28 06:52 77824] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-11-28 06:55 118784] "RTHDCPL"="RTHDCPL.EXE" [2006-05-18 07:27 16207872 C:\WINDOWS\RTHDCPL.EXE] "SkyTel"="SkyTel.EXE" [2006-05-16 11:04 2879488 C:\WINDOWS\SkyTel.exe] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496] "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2006-12-07 22:07 917504] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-12-09 21:49 185896] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 15:57 282624] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 22:47 31016] "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [ ] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 01:06 40048] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 22:57 30208] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648] "LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 11:09 49152] "NuTCSetupEnviron"="C:\Program Files\Rational\Rational Test\nutcroot\bin\ncoeenv.exe" [2002-04-25 15:13 16384] "googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-01 22:22 3739648] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:56 15360] C:\Documents and Settings\Korisnik\Start Menu\Programs\Startup\ Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [2007-12-07 23:27:19] OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 18:24:54] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-12-09 14:16:39] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 11:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 2007-04-29 10:27 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL R0 rseb;rseb;C:\WINDOWS\system32\drivers\rseb.sys [2004-06-01 19:44] R2 NuT(zabranjeno)ERService;NuT(zabranjeno)ERService;C:\WINDOWS\system32\nutsrv4.exe [2002-04-25 15:27] R3 UsbCmxp;Scientific Atlanta WebSTAR 2000 series Cable Modem;C:\WINDOWS\system32\DRIVERS\sacmxp2.sys [2003-04-11 09:31] S3 ss_bus;Samsung Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-01-24 15:38] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-01-24 15:38] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-01-24 15:38] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;"C:\Program Files\Windows Live\Messenger\usnsvc.exe" [2007-10-18 11:31] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G] \Shell\AutoRun\command - G:\Menu.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a642f571-ba0b-11dc-b786-0006f40befd0}] \Shell\AutoRun\command - F:\fooool.exe \Shell\explore\Command - F:\fooool.exe \Shell\open\Command - F:\fooool.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ea19e60e-8625-11dc-b73b-0006f40befd0}] \Shell\AutoRun\command - F:\LaunchU3.exe -a Newly Created Service - PROCEXP90 . Contents of the 'Scheduled Tasks' folder "2007-11-30 13:07:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-14 09:37:14 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-01-14 9:39:38 . 2007-12-21 17:01:27 --- E O F --- Evo... cak i posle ovoga mi se restartovao racunar

Profil

dr_Bora Poslao: 14 Jan 2008 11:29 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovde nema tragova aktivnog malware-a... Proverićemo još nešto. Preuzmi fajl gmer.zip sa ovog linka i sačuvaj na Desktop-u. Raspakuj ga u neki folder. Dupli klik na gmer.exe za početak: Izaberi Rootkit Tab na vrhu. Klikni na Scan. Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati to u Clipboard. Iskoristi opciju Paste u Notepad-u da bi to prebacio u tekst. Snimi taj tekst iz Notepada kao file1.txt. Ponovi ovo isto sa Autostart Tab-om. Snimi taj tekst iz Notepada kao file2.txt. Iskopiraj nam ovde sadrzaj ta dva fajla koja smo malopre snimili. Napomena: ukoliko su logovi ekstremno veliki, može se dogoditi da deo poruke bude ''odsečen''. U tom slučaju, koristi više poruka da ih pošalješ.

Profil

dorothy Poslao: 14 Jan 2008 17:24 Idi na vrh
offline dorothy Građanin Pridružio: 07 Feb 2007 Poruke: 144 Gde živiš: u Ozu...	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png mycity.rs/must-login.png Izvinjavam se, ali morala sam ovako.

Profil

dr_Bora Poslao: 14 Jan 2008 18:12 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovako... Ovde nema malware-a. Znači, ovde smo gotovi. Mislim da je sledeće mesto na kome bi trebalo da otvoriš temu forum Windows (to je jedini "savet" koji ti sada mogu dati).

Profil

dorothy Poslao: 14 Jan 2008 18:15 Idi na vrh
offline dorothy Građanin Pridružio: 07 Feb 2007 Poruke: 144 Gde živiš: u Ozu...	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok. Hvala na trudu.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » SBB i virus?

Ko je trenutno na forumu

Ukupno su 949 korisnika na forumu :: 10 registrovanih, 4 sakrivenih i 935 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: bobomicek, croato, darkojbn, galijot, jukeboxer, Lazarus, Metanoja, Mi lao shu, panzerwaffe, voja64

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by