MyCity » Ambulanta -> Arhiva Ambulante » Sporost.. :(

Sporost.. :(

Napisano na dan: 19.4.2008

Sporost.. :(

Sledeća strana

Pagination

Odgovori

Folidix Poslao: 19 Apr 2008 00:52 Idi na vrh
offline Folidix Građanin Pridružio: 07 Jan 2008 Poruke: 62	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jako, ali jako mi je usporio racunar... Logfile of HijackThis v1.99.1 Scan saved at 12:48:38 AM, on 4/19/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscript.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\SOUNDMAN.EXE D:\nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\802.11 Wireless LAN\802.11b Wireless CardBus & PCI Adapter HW.11 V1.10\WlanCU.exe C:\Documents and Settings\DankoA.DANKO\Start Menu\Programs\Startup\ctfmon.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Di recnik\Di.exe C:\WINDOWS\explorer.exe C:\Program Files\ICQLite\ICQLite.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Mozilla Firefox 3 Beta 3\firefox.exe C:\Documents and Settings\DankoA.DANKO\Desktop\xzxczczxc\tr3.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = google.icq.com/search/search_frame.php R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = google.icq.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\wscript.exe C:\WINDOWS\system32\killVBS.vbs O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MI1933~1\Office12\GRA8E1~1.DLL O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot O4 - Startup: ctfmon.exe O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\802.11 Wireless LAN\802.11b Wireless CardBus & PCI Adapter HW.11 V1.10\WlanCU.exe O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Prevedi sa Di recnikom - C:\Program Files\Di recnik\diie.htm O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{5D5BCD64-D152-4580-A185-311154FD0750}: NameServer = 80.95.69.145 84.236.124.5 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MI1933~1\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Profil

DEMIAN Poslao: 19 Apr 2008 01:03 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Poz... Sistem ti jeste inficiran malware-om. Skini ComboFix sa jedne od sledecih adresa na Desktop: http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

Folidix Poslao: 19 Apr 2008 11:02 Idi na vrh
offline Folidix Građanin Pridružio: 07 Jan 2008 Poruke: 62	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-04-18.3 - DankoA 2008-04-19 10:39:02.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.68 [GMT 2:00] Running from: C:\Documents and Settings\DankoA.DANKO\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . D:\Autorun.inf . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_npf ((((((((((((((((((((((((( Files Created from 2008-03-19 to 2008-04-19 ))))))))))))))))))))))))))))))) . 2008-04-17 21:07 . 2008-04-17 21:07 <DIR> d-------- C:\Program Files\FLVPlayer 2008-04-17 21:07 . 2008-04-17 21:07 <DIR> d-------- C:\Program Files\DivX Total Pack 2008-04-17 21:05 . 2008-04-17 21:05 <DIR> d-------- C:\Program Files\RadLight 2008-04-17 20:31 . 2008-04-17 20:31 <DIR> d-------- C:\Program Files\Intelore 2008-04-17 20:20 . 2008-04-17 20:20 <DIR> d-------- C:\Program Files\RAR Password (zabranjeno)er 2008-04-17 20:17 . 2008-04-17 20:17 <DIR> d-------- C:\Program Files\Visual Zip Password Recovery Processor 2008-04-17 12:46 . 2008-04-17 12:46 <DIR> d-------- C:\Program Files\ElcomSoft 2008-04-17 12:46 . 2008-04-17 12:47 1,265 --a------ C:\WINDOWS\aopr.ini 2008-04-17 12:15 . 2008-04-17 12:15 <DIR> d-------- C:\Temp 2008-04-03 20:35 . 2008-04-03 20:35 <DIR> d-------- C:\Documents and Settings\DankoA.DANKO\Application Data\Nokia Multimedia Player 2008-03-26 17:56 . 2008-03-30 22:52 38 --a------ C:\WINDOWS\SYMGAMES.INI 2008-03-20 15:21 . 2008-03-20 15:25 <DIR> d-------- C:\Documents and Settings\DankoA.DANKO\Contacts 2008-03-20 15:19 . 2008-03-20 15:19 <DIR> d-------- C:\Program Files\MSN Messenger . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-19 08:50 1,815,638 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip 2008-04-19 08:29 --------- d-----w C:\Program Files\Mozilla Firefox 3 Beta 3 2008-04-18 22:46 --------- d---a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP 2008-04-18 22:18 --------- d-----w C:\Program Files\ICQToolbar 2008-04-17 00:01 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help 2008-04-16 17:44 2,436 ----a-w C:\WINDOWS\OEM0.tmp 2008-04-15 18:28 --------- d-----w C:\Program Files\Di recnik 2008-03-27 14:47 2,583,040 ----a-w C:\WINDOWS\Internet Logs\xDBD.tmp 2008-03-27 11:30 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-03-27 11:12 2,643,968 ----a-w C:\WINDOWS\Internet Logs\xDBB.tmp 2008-03-27 11:12 2,576,384 ----a-w C:\WINDOWS\Internet Logs\xDBC.tmp 2008-03-15 17:24 --------- d-----w C:\Program Files\Recnik20 2008-03-08 01:11 1,424,384 ----a-w C:\WINDOWS\Internet Logs\xDB9.tmp 2008-03-08 01:02 2,859,008 ----a-w C:\WINDOWS\Internet Logs\xDBA.tmp 2008-03-06 13:49 --------- d-----w C:\Documents and Settings\DankoA.DANKO\Application Data\Nokia 2008-03-06 13:48 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Suite 2008-03-06 13:47 --------- d-----w C:\Documents and Settings\DankoA.DANKO\Application Data\PC Suite 2008-03-06 00:15 --------- d-----w C:\Documents and Settings\DankoA.DANKO\Application Data\Skype 2008-03-05 23:59 --------- d-----w C:\Documents and Settings\DankoA.DANKO\Application Data\skypePM 2008-03-01 18:11 13,824 ----a-w C:\WINDOWS\Internet Logs\xDB8.tmp 2008-03-01 18:11 1,332,224 ----a-w C:\WINDOWS\Internet Logs\xDB7.tmp 2008-03-01 17:23 17,408 ----a-w C:\WINDOWS\Internet Logs\xDB6.tmp 2008-03-01 17:23 1,332,736 ----a-w C:\WINDOWS\Internet Logs\xDB5.tmp 2008-03-01 14:46 1,332,736 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp 2008-03-01 14:27 1,584,640 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp 2008-02-28 16:06 --------- d-----w C:\Documents and Settings\DankoA.DANKO\Application Data\InterTrust 2008-02-28 13:17 32 ----a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\ezsid.dat 2008-02-28 13:13 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype 2008-02-28 13:12 --------- d-----w C:\Program Files\Common Files\Skype 2008-02-15 01:19 727,552 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp 2008-02-15 01:19 1,193,984 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 13:54 5674352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2004-06-18 10:31 67584 C:\WINDOWS\SOUNDMAN.EXE] "PCSuiteTrayApplication"="D:\nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-08 14:27 222208] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 17:05 919016] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "PcSync"="D:\nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 18:15 1634304] C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\ Wireless Configuration Utility.lnk - C:\Program Files\802.11 Wireless LAN\802.11b Wireless CardBus & PCI Adapter HW.11 V1.10\WlanCU.exe [2003-08-08 11:24:02 425984] [HKLM\~\startupfolder\C:^Documents and Settings^DankoA.DANKO^Start Menu^Programs^Startup^ctfmon.exe] path=C:\Documents and Settings\DankoA.DANKO\Start Menu\Programs\Startup\ctfmon.exe backup=C:\WINDOWS\pss\ctfmon.exeStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator] --a------ 2008-02-17 11:34 3364616 C:\Program Files\DAP\DAP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] --a------ 2006-10-27 01:47 31016 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --------- 2004-10-13 18:24 1694208 C:\Program Files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] --a------ 2007-01-19 13:54 5674352 C:\Program Files\MSN Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "wscsvc"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\WINDOWS\\system32\\sessmgr.exe"= "C:\\Program Files\\ICQLite\\ICQLite.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "D:\\BAckup2\\Skype\\Phone\\Skype.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);C:\WINDOWS\system32\DRIVERS\RMSPPPOE.SYS [2002-06-10 01:09] R3 rtl8180;IEEE 802.11b Wireless Cardbus/PCI Adapter;C:\WINDOWS\system32\DRIVERS\rtl8180.SYS [2003-06-16 12:18] R3 SjyPkt;SjyPkt;C:\WINDOWS\System32\Drivers\SjyPkt.sys [2002-10-02 09:57] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{116448f2-ab06-11db-a6ee-0040f4ba5261}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2aa10888-69de-11dc-a7df-0040f4ba5261}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cb373483-1111-11dc-a766-0040f4ba5261}] \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs . ************************************************************************ catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-04-19 10:50:55 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\wscript.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe . ************************************************************************ . Completion time: 2008-04-19 10:56:36 - machine was rebooted ComboFix-quarantined-files.txt 2008-04-19 08:56:30 ComboFix2.txt 2008-01-27 01:49:52 Pre-Run: 2,122,809,344 bytes free Post-Run: 2,128,945,152 bytes free 140 --- E O F --- 2008-02-15 01:19:10 Dopuna: 19 Apr 2008 11:02 Zaboravio sam iskljuciti ZA dok se skeniralo

Profil

DEMIAN Poslao: 19 Apr 2008 13:45 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: File:: C:\WINDOWS\system32\wscript.exe C:\Windows\System32\killVBS.vbs Registry:: [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "wscsvc"=- [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{116448f2-ab06-11db-a6ee-0040f4ba5261}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2aa10888-69de-11dc-a7df-0040f4ba5261}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cb373483-1111-11dc-a766-0040f4ba5261}] Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

Folidix Poslao: 19 Apr 2008 14:11 Idi na vrh
offline Folidix Građanin Pridružio: 07 Jan 2008 Poruke: 62	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-04-18.3 - DankoA 2008-04-19 13:55:28.2 - NTFSx86 Running from: C:\Documents and Settings\DankoA.DANKO\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\DankoA.DANKO\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: C:\Windows\System32\killVBS.vbs C:\WINDOWS\system32\wscript.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Windows\System32\killVBS.vbs C:\WINDOWS\system32\wscript.exe . ((((((((((((((((((((((((( Files Created from 2008-03-19 to 2008-04-19 ))))))))))))))))))))))))))))))) . 2008-04-17 21:07 . 2008-04-17 21:07 <DIR> d-------- C:\Program Files\FLVPlayer 2008-04-17 21:07 . 2008-04-17 21:07 <DIR> d-------- C:\Program Files\DivX Total Pack 2008-04-17 21:05 . 2008-04-17 21:05 <DIR> d-------- C:\Program Files\RadLight 2008-04-17 20:31 . 2008-04-17 20:31 <DIR> d-------- C:\Program Files\Intelore 2008-04-17 20:20 . 2008-04-17 20:20 <DIR> d-------- C:\Program Files\RAR Password (zabranjeno)er 2008-04-17 20:17 . 2008-04-17 20:17 <DIR> d-------- C:\Program Files\Visual Zip Password Recovery Processor 2008-04-17 12:46 . 2008-04-17 12:46 <DIR> d-------- C:\Program Files\ElcomSoft 2008-04-17 12:46 . 2008-04-17 12:47 1,265 --a------ C:\WINDOWS\aopr.ini 2008-04-17 12:15 . 2008-04-17 12:15 <DIR> d-------- C:\Temp 2008-04-03 20:35 . 2008-04-03 20:35 <DIR> d-------- C:\Documents and Settings\DankoA.DANKO\Application Data\Nokia Multimedia Player 2008-03-26 17:56 . 2008-03-30 22:52 38 --a------ C:\WINDOWS\SYMGAMES.INI 2008-03-20 15:21 . 2008-03-20 15:25 <DIR> d-------- C:\Documents and Settings\DankoA.DANKO\Contacts 2008-03-20 15:19 . 2008-03-20 15:19 <DIR> d-------- C:\Program Files\MSN Messenger . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-19 08:57 --------- d-----w C:\Program Files\Mozilla Firefox 3 Beta 3 2008-04-19 08:50 1,815,638 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip 2008-04-18 22:46 --------- d---a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP 2008-04-18 22:18 --------- d-----w C:\Program Files\ICQToolbar 2008-04-17 00:01 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help 2008-04-16 17:44 2,436 ----a-w C:\WINDOWS\OEM0.tmp 2008-04-15 18:28 --------- d-----w C:\Program Files\Di recnik 2008-03-27 14:47 2,583,040 ----a-w C:\WINDOWS\Internet Logs\xDBD.tmp 2008-03-27 11:30 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-03-27 11:12 2,643,968 ----a-w C:\WINDOWS\Internet Logs\xDBB.tmp 2008-03-27 11:12 2,576,384 ----a-w C:\WINDOWS\Internet Logs\xDBC.tmp 2008-03-15 17:24 --------- d-----w C:\Program Files\Recnik20 2008-03-08 01:11 1,424,384 ----a-w C:\WINDOWS\Internet Logs\xDB9.tmp 2008-03-08 01:02 2,859,008 ----a-w C:\WINDOWS\Internet Logs\xDBA.tmp 2008-03-06 13:49 --------- d-----w C:\Documents and Settings\DankoA.DANKO\Application Data\Nokia 2008-03-06 13:48 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\PC Suite 2008-03-06 13:47 --------- d-----w C:\Documents and Settings\DankoA.DANKO\Application Data\PC Suite 2008-03-06 00:15 --------- d-----w C:\Documents and Settings\DankoA.DANKO\Application Data\Skype 2008-03-05 23:59 --------- d-----w C:\Documents and Settings\DankoA.DANKO\Application Data\skypePM 2008-03-01 18:11 13,824 ----a-w C:\WINDOWS\Internet Logs\xDB8.tmp 2008-03-01 18:11 1,332,224 ----a-w C:\WINDOWS\Internet Logs\xDB7.tmp 2008-03-01 17:23 17,408 ----a-w C:\WINDOWS\Internet Logs\xDB6.tmp 2008-03-01 17:23 1,332,736 ----a-w C:\WINDOWS\Internet Logs\xDB5.tmp 2008-03-01 14:46 1,332,736 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp 2008-03-01 14:27 1,584,640 ----a-w C:\WINDOWS\Internet Logs\xDB4.tmp 2008-02-28 16:06 --------- d-----w C:\Documents and Settings\DankoA.DANKO\Application Data\InterTrust 2008-02-28 13:17 32 ----a-w C:\Documents and Settings\All Users.WINDOWS\Application Data\ezsid.dat 2008-02-28 13:13 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype 2008-02-28 13:12 --------- d-----w C:\Program Files\Common Files\Skype 2008-02-17 09:34 50,688 ----a-w C:\WINDOWS\system32\wbhelp2.dll 2008-02-15 01:19 727,552 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp 2008-02-15 01:19 1,193,984 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 13:54 5674352] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "ICQ Lite"="C:\Program Files\ICQLite\ICQLite.exe" [2006-07-11 12:06 3144800] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2004-06-18 10:31 67584 C:\WINDOWS\SOUNDMAN.EXE] "PCSuiteTrayApplication"="D:\nokia\Nokia PC Suite 6\LaunchApplication.exe" [2006-11-08 14:27 222208] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 17:05 919016] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "PcSync"="D:\nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 18:15 1634304] C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\ Wireless Configuration Utility.lnk - C:\Program Files\802.11 Wireless LAN\802.11b Wireless CardBus & PCI Adapter HW.11 V1.10\WlanCU.exe [2003-08-08 11:24:02 425984] [HKLM\~\startupfolder\C:^Documents and Settings^DankoA.DANKO^Start Menu^Programs^Startup^ctfmon.exe] path=C:\Documents and Settings\DankoA.DANKO\Start Menu\Programs\Startup\ctfmon.exe backup=C:\WINDOWS\pss\ctfmon.exeStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator] --a------ 2008-02-17 11:34 3364616 C:\Program Files\DAP\DAP.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] --a------ 2006-10-27 01:47 31016 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --------- 2004-10-13 18:24 1694208 C:\Program Files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] --a------ 2007-01-19 13:54 5674352 C:\Program Files\MSN Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\WINDOWS\\system32\\sessmgr.exe"= "C:\\Program Files\\ICQLite\\ICQLite.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "D:\\BAckup2\\Skype\\Phone\\Skype.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);C:\WINDOWS\system32\DRIVERS\RMSPPPOE.SYS [2002-06-10 01:09] R3 rtl8180;IEEE 802.11b Wireless Cardbus/PCI Adapter;C:\WINDOWS\system32\DRIVERS\rtl8180.SYS [2003-06-16 12:18] R3 SjyPkt;SjyPkt;C:\WINDOWS\System32\Drivers\SjyPkt.sys [2002-10-02 09:57] . ************************************************************************ catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-04-19 13:59:56 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-04-19 14:06:42 ComboFix-quarantined-files.txt 2008-04-19 12:06:37 ComboFix2.txt 2008-04-19 08:56:39 ComboFix3.txt 2008-01-27 01:49:52 Pre-Run: 2,182,574,080 bytes free Post-Run: 2,159,980,544 bytes free 129 --- E O F --- 2008-02-15 01:19:10

Profil

DEMIAN Poslao: 19 Apr 2008 14:16 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Reci mi jesi li koristio neki USB flash drive zadnjih dana od kada si primetio da ti se system usporio?

Profil

Folidix Poslao: 19 Apr 2008 14:26 Idi na vrh
offline Folidix Građanin Pridružio: 07 Jan 2008 Poruke: 62	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pa koristio sam svoj, ali na njemu nema sta da bude zarazeno.. Jedino da nije sa telefona...

Profil

DEMIAN Poslao: 19 Apr 2008 14:33 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl:

Profil

Folidix Poslao: 19 Apr 2008 16:06 Idi na vrh
offline Folidix Građanin Pridružio: 07 Jan 2008 Poruke: 62	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! videcemo kako radi.. Hvala puno!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Sporost.. :(

Ko je trenutno na forumu

Ukupno su 1025 korisnika na forumu :: 5 registrovanih, 1 sakriven i 1019 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: LUDI, pein, saputnik plavetnila, voja64, zziko

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by