Možda tražite i:
Winamp opet zeza
Internet Explorer 11 beta za Windows 7
problem explorer exe
AOL explorer

MyCity » Ambulanta -> Arhiva Ambulante » explorer zeza :)

explorer zeza :)

Napisano na dan: 26.10.2007

Strana:
1
2
3

explorer zeza :)

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

nea Poslao: 26 Okt 2007 22:33 Idi na vrh
offline nea Novi MyCity građanin Pridružio: 25 Okt 2007 Poruke: 14	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! DeM14n ::Puna si kao brod je, sve su u sytemu32... uploadala sam ih sve...

Profil

DEMIAN Poslao: 26 Okt 2007 22:46 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok. Da proverimo to pa, dobijes uputstvo.. Budi strpljiva

Profil

nea Poslao: 26 Okt 2007 22:50 Idi na vrh
offline nea Novi MyCity građanin Pridružio: 25 Okt 2007 Poruke: 14	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ma dobro, sam se ti zabavljaj s tim, idem ja pse dotle izvest... inače, komp puno bolje radi nakon onog čišćenja ujutro... i explorer već pol sata miruje...

Profil

DEMIAN Poslao: 26 Okt 2007 23:03 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odlično. Idem i ja da setam sebe, kao što sam i planirao, pa nastavljamo kasnije.. Evo ti uputstvo za sledeci korak. I ne raduj se prerano, racunar ti je i dalje zaražen. Skini ComboFix sa jedne od sledecih adresa: [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log koji ces nam ovde iskopirati.

Profil

nea Poslao: 26 Okt 2007 23:54 Idi na vrh
offline nea Novi MyCity građanin Pridružio: 25 Okt 2007 Poruke: 14	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! da, izgleda da sam se prerano veselila, opet je nesto kad sam skidala ComboFix... evo ovaj log, kolko vidim bilo je puno fileova sličnih onima gore... ComboFix 07-10-23.2 - PC 2007-10-26 23:34:43.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.451 [GMT 2:00] Running from: C:\Documents and Settings\PC\Desktop\ComboFix.exe * Created a new restore point . ADS - svchost.exe: deleted 51712 bytes in 1 streams. ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\check_LSA7.txt C:\Documents and Settings\PC\Application Data\macromedia\Flash Player\#SharedObjects\JLQNEAD6\www.broadcaster.com C:\Documents and Settings\PC\Application Data\macromedia\Flash Player\#SharedObjects\JLQNEAD6\www.broadcaster.com\played_list.sol C:\Documents and Settings\PC\Application Data\macromedia\Flash Player\#SharedObjects\JLQNEAD6\www.broadcaster.com\video_queue.sol C:\Documents and Settings\PC\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com C:\Documents and Settings\PC\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol C:\WINDOWS\cookies.ini C:\WINDOWS\system32\aansuxeo.ini C:\WINDOWS\system32\abeeg.bak1 C:\WINDOWS\system32\abeeg.bak2 C:\WINDOWS\system32\abeeg.ini C:\WINDOWS\system32\acbeg.ini C:\WINDOWS\system32\adeeg.bak1 C:\WINDOWS\system32\adeeg.bak2 C:\WINDOWS\system32\adeeg.ini C:\WINDOWS\system32\amuqufym.dll C:\WINDOWS\system32\awtqn.dll C:\WINDOWS\system32\awtqo.dll C:\WINDOWS\system32\awtqp.dll C:\WINDOWS\system32\awtqr.dll C:\WINDOWS\system32\awtss.dll C:\WINDOWS\system32\awtst.dll C:\WINDOWS\system32\awvtq.dll C:\WINDOWS\system32\awvvs.dll C:\WINDOWS\system32\awvvt.dll C:\WINDOWS\system32\awvvw.dll C:\WINDOWS\system32\ayadd.bak1 C:\WINDOWS\system32\ayadd.bak2 C:\WINDOWS\system32\ayadd.ini C:\WINDOWS\system32\aycdd.bak1 C:\WINDOWS\system32\aycdd.ini C:\WINDOWS\system32\bbadd.bak1 C:\WINDOWS\system32\bbadd.ini C:\WINDOWS\system32\bbeeg.bak1 C:\WINDOWS\system32\bbeeg.ini C:\WINDOWS\system32\bdeeg.bak1 C:\WINDOWS\system32\bdeeg.ini C:\WINDOWS\system32\bquvusbj.dll C:\WINDOWS\system32\ckgjaguh.ini C:\WINDOWS\system32\codtdooq.dll C:\WINDOWS\system32\cscdqqgl.ini C:\WINDOWS\system32\dcbeg.bak1 C:\WINDOWS\system32\dcbeg.ini C:\WINDOWS\system32\dccdd.bak1 C:\WINDOWS\system32\dccdd.bak2 C:\WINDOWS\system32\dccdd.ini C:\WINDOWS\system32\ddabb.dll C:\WINDOWS\system32\ddaya.dll C:\WINDOWS\system32\ddayv.dll C:\WINDOWS\system32\ddayw.dll C:\WINDOWS\system32\ddayy.dll C:\WINDOWS\system32\ddccd.dll C:\WINDOWS\system32\ddcya.dll C:\WINDOWS\system32\dfhkj.ini C:\WINDOWS\system32\dgjlm.bak1 C:\WINDOWS\system32\dgjlm.ini C:\WINDOWS\system32\dqwulbvx.ini C:\WINDOWS\system32\dusihhdf.ini C:\WINDOWS\system32\ecbrysxy.dll C:\WINDOWS\system32\egjlm.bak1 C:\WINDOWS\system32\egjlm.ini C:\WINDOWS\system32\ehhkj.bak1 C:\WINDOWS\system32\ehhkj.ini C:\WINDOWS\system32\ehkmp.bak1 C:\WINDOWS\system32\ehkmp.bak2 C:\WINDOWS\system32\ehkmp.ini C:\WINDOWS\system32\erxpmcgd.dll C:\WINDOWS\system32\fdhhisud.dll C:\WINDOWS\system32\ffhkj.bak1 C:\WINDOWS\system32\ffhkj.bak2 C:\WINDOWS\system32\ffhkj.ini C:\WINDOWS\system32\fgjlm.bak1 C:\WINDOWS\system32\fgjlm.ini C:\WINDOWS\system32\fhhkj.bak1 C:\WINDOWS\system32\fhhkj.bak2 C:\WINDOWS\system32\fhhkj.ini C:\WINDOWS\system32\gebca.dll C:\WINDOWS\system32\gebcd.dll C:\WINDOWS\system32\gebyv.dll C:\WINDOWS\system32\gebyw.dll C:\WINDOWS\system32\gebyx.dll C:\WINDOWS\system32\gebyy.dll C:\WINDOWS\system32\geeba.dll C:\WINDOWS\system32\geebb.dll C:\WINDOWS\system32\geebx.dll C:\WINDOWS\system32\geeby.dll C:\WINDOWS\system32\geeda.dll C:\WINDOWS\system32\geedb.dll C:\WINDOWS\system32\geede.dll C:\WINDOWS\system32\ghkmp.bak1 C:\WINDOWS\system32\ghkmp.bak2 C:\WINDOWS\system32\ghkmp.ini C:\WINDOWS\system32\gjjlm.bak1 C:\WINDOWS\system32\gjjlm.ini C:\WINDOWS\system32\gjllm.bak1 C:\WINDOWS\system32\gjllm.bak2 C:\WINDOWS\system32\gjllm.ini C:\WINDOWS\system32\hfghukmr.dll C:\WINDOWS\system32\hjkkj.bak1 C:\WINDOWS\system32\hjkkj.ini C:\WINDOWS\system32\hktrxbar.dll C:\WINDOWS\system32\hqenwmiq.dll C:\WINDOWS\system32\hugajgkc.dll C:\WINDOWS\system32\ijjlm.bak2 C:\WINDOWS\system32\ijjlm.ini C:\WINDOWS\system32\ijkkj.bak1 C:\WINDOWS\system32\ijkkj.bak2 C:\WINDOWS\system32\ijkkj.ini C:\WINDOWS\system32\ilnmp.bak1 C:\WINDOWS\system32\ilnmp.ini C:\WINDOWS\system32\jbsuvuqb.ini C:\WINDOWS\system32\jjkkj.bak1 C:\WINDOWS\system32\jjkkj.ini C:\WINDOWS\system32\jkhfd.dll C:\WINDOWS\system32\jkhfe.dll C:\WINDOWS\system32\jkhff.dll C:\WINDOWS\system32\jkhhe.dll C:\WINDOWS\system32\jkhhf.dll C:\WINDOWS\system32\jkkjh.dll C:\WINDOWS\system32\jkkji.dll C:\WINDOWS\system32\jkkjj.dll C:\WINDOWS\system32\jkklm.dll C:\WINDOWS\system32\jkklj.dll C:\WINDOWS\system32\jlkkj.bak1 C:\WINDOWS\system32\jlkkj.ini C:\WINDOWS\system32\jlnmp.bak2 C:\WINDOWS\system32\jlnmp.ini C:\WINDOWS\system32\jqxbwvgx.dll C:\WINDOWS\system32\kdckhhkl.ini C:\WINDOWS\system32\kjjlm.bak1 C:\WINDOWS\system32\kjjlm.ini C:\WINDOWS\system32\kjllm.bak1 C:\WINDOWS\system32\kjllm.ini C:\WINDOWS\system32\klnmp.ini C:\WINDOWS\system32\kmllm.bak1 C:\WINDOWS\system32\kmllm.ini C:\WINDOWS\system32\lgqqdcsc.dll C:\WINDOWS\system32\lkhhkcdk.dll C:\WINDOWS\system32\llnmp.bak1 C:\WINDOWS\system32\llnmp.ini C:\WINDOWS\system32\LMIinit.dll C:\WINDOWS\system32\lmllm.bak2 C:\WINDOWS\system32\lmllm.ini C:\WINDOWS\system32\mdvovpdi.dll C:\WINDOWS\system32\mgjadfhw.ini C:\WINDOWS\system32\mlkkj.bak1 C:\WINDOWS\system32\mlkkj.bak2 C:\WINDOWS\system32\mlkkj.ini C:\WINDOWS\system32\mllmk.dll C:\WINDOWS\system32\mllml.dll C:\WINDOWS\system32\mllmm.dll C:\WINDOWS\system32\mllmn.dll C:\WINDOWS\system32\mlljg.dll C:\WINDOWS\system32\mlljk.dll C:\WINDOWS\system32\mlnmp.bak1 C:\WINDOWS\system32\mlnmp.bak2 C:\WINDOWS\system32\mlnmp.ini C:\WINDOWS\system32\mljgd.dll C:\WINDOWS\system32\mljge.dll C:\WINDOWS\system32\mljgf.dll C:\WINDOWS\system32\mljjg.dll C:\WINDOWS\system32\mljji.dll C:\WINDOWS\system32\mljjj.dll C:\WINDOWS\system32\mljjk.dll C:\WINDOWS\system32\mmllm.bak1 C:\WINDOWS\system32\mmllm.ini C:\WINDOWS\system32\mnnmp.ini C:\WINDOWS\system32\myfuquma.ini C:\WINDOWS\system32\nnnmp.bak1 C:\WINDOWS\system32\nnnmp.ini C:\WINDOWS\system32\npqss.ini C:\WINDOWS\system32\nqstv.bak1 C:\WINDOWS\system32\nqstv.ini C:\WINDOWS\system32\nqtwa.bak1 C:\WINDOWS\system32\nqtwa.ini C:\WINDOWS\system32\oexusnaa.dll C:\WINDOWS\system32\opqss.bak1 C:\WINDOWS\system32\opqss.bak2 C:\WINDOWS\system32\opqss.ini C:\WINDOWS\system32\oqstv.bak1 C:\WINDOWS\system32\oqstv.ini C:\WINDOWS\system32\orqss.bak1 C:\WINDOWS\system32\orqss.ini C:\WINDOWS\system32\pmkhe.dll C:\WINDOWS\system32\pmkhf.dll C:\WINDOWS\system32\pmkhg.dll C:\WINDOWS\system32\pmnli.dll C:\WINDOWS\system32\pmnlk.dll C:\WINDOWS\system32\pmnll.dll C:\WINDOWS\system32\pmnlm.dll C:\WINDOWS\system32\pmnlj.dll C:\WINDOWS\system32\pmnnl.dll C:\WINDOWS\system32\pmnnm.dll C:\WINDOWS\system32\pmnnn.dll C:\WINDOWS\system32\ppqss.bak1 C:\WINDOWS\system32\ppqss.ini C:\WINDOWS\system32\pqtss.bak1 C:\WINDOWS\system32\pqtss.bak2 C:\WINDOWS\system32\pqtss.ini C:\WINDOWS\system32\pqtwa.bak1 C:\WINDOWS\system32\pqtwa.ini C:\WINDOWS\system32\puksnpsx.ini C:\WINDOWS\system32\qimwneqh.ini C:\WINDOWS\system32\qqstv.bak2 C:\WINDOWS\system32\qqstv.ini C:\WINDOWS\system32\qttss.bak1 C:\WINDOWS\system32\qttss.bak2 C:\WINDOWS\system32\qttss.ini C:\WINDOWS\system32\qtvwa.bak1 C:\WINDOWS\system32\qtvwa.bak2 C:\WINDOWS\system32\qtvwa.ini C:\WINDOWS\system32\rqstv.bak1 C:\WINDOWS\system32\rqstv.ini C:\WINDOWS\system32\rqtwa.bak2 C:\WINDOWS\system32\rqtwa.ini C:\WINDOWS\system32\rrqss.bak1 C:\WINDOWS\system32\rrqss.ini C:\WINDOWS\system32\rtstv.bak1 C:\WINDOWS\system32\rtstv.ini C:\WINDOWS\system32\sslynhiu.dll C:\WINDOWS\system32\ssqpn.dll C:\WINDOWS\system32\ssqpo.dll C:\WINDOWS\system32\ssqpp.dll C:\WINDOWS\system32\ssqro.dll C:\WINDOWS\system32\ssqrr.dll C:\WINDOWS\system32\sstqp.dll C:\WINDOWS\system32\ssttq.dll C:\WINDOWS\system32\ssttr.dll C:\WINDOWS\system32\sstts.dll C:\WINDOWS\system32\ssttu.dll C:\WINDOWS\system32\sstwa.bak1 C:\WINDOWS\system32\sstwa.ini C:\WINDOWS\system32\ststv.bak1 C:\WINDOWS\system32\ststv.ini C:\WINDOWS\system32\sttss.bak1 C:\WINDOWS\system32\sttss.bak2 C:\WINDOWS\system32\sttss.ini C:\WINDOWS\system32\stutv.bak1 C:\WINDOWS\system32\stutv.ini C:\WINDOWS\system32\svvwa.bak1 C:\WINDOWS\system32\svvwa.ini C:\WINDOWS\system32\toyqayal.dll C:\WINDOWS\system32\tstwa.bak1 C:\WINDOWS\system32\tstwa.bak2 C:\WINDOWS\system32\tstwa.ini C:\WINDOWS\system32\tvvwa.ini C:\WINDOWS\system32\utstv.bak1 C:\WINDOWS\system32\utstv.ini C:\WINDOWS\system32\uttss.bak1 C:\WINDOWS\system32\uttss.ini C:\WINDOWS\system32\vmnisfcw.dll C:\WINDOWS\system32\vtsqn.dll C:\WINDOWS\system32\vtsqo.dll C:\WINDOWS\system32\vtsqq.dll C:\WINDOWS\system32\vtsqr.dll C:\WINDOWS\system32\vtstr.dll C:\WINDOWS\system32\vtsts.dll C:\WINDOWS\system32\vtstu.dll C:\WINDOWS\system32\vtutq.dll C:\WINDOWS\system32\vtutr.dll C:\WINDOWS\system32\vtuts.dll C:\WINDOWS\system32\vtutu.dll C:\WINDOWS\system32\vyadd.bak1 C:\WINDOWS\system32\vyadd.ini C:\WINDOWS\system32\vybeg.bak2 C:\WINDOWS\system32\vybeg.ini C:\WINDOWS\system32\vybeg.ini2 C:\WINDOWS\system32\vybeg.tmp C:\WINDOWS\system32\whfdajgm.dll C:\WINDOWS\system32\winepi32.dll C:\WINDOWS\system32\wvvwa.bak1 C:\WINDOWS\system32\wvvwa.ini C:\WINDOWS\system32\wyadd.bak1 C:\WINDOWS\system32\wyadd.bak2 C:\WINDOWS\system32\wyadd.ini C:\WINDOWS\system32\wybeg.bak1 C:\WINDOWS\system32\wybeg.ini C:\WINDOWS\system32\xbeeg.bak1 C:\WINDOWS\system32\xbeeg.ini C:\WINDOWS\system32\xspnskup.dll C:\WINDOWS\system32\xvbluwqd.dll C:\WINDOWS\system32\xybeg.bak1 C:\WINDOWS\system32\xybeg.bak2 C:\WINDOWS\system32\xybeg.ini C:\WINDOWS\system32\ybeeg.bak1 C:\WINDOWS\system32\ybeeg.ini C:\WINDOWS\system32\yyadd.bak2 C:\WINDOWS\system32\yyadd.ini C:\WINDOWS\system32\yybeg.bak1 C:\WINDOWS\system32\yybeg.bak2 C:\WINDOWS\system32\yybeg.ini . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_DOMAINSERVICE -------\DomainService ((((((((((((((((((((((((( Files Created from 2007-09-26 to 2007-10-26 ))))))))))))))))))))))))))))))) . 2007-10-26 23:34 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-10-26 11:52 1,508 --a------ C:\WINDOWS\system32\tmp.reg 2007-10-26 11:46 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2007-10-26 11:46 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-10-26 11:46 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-10-26 11:46 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-10-26 11:46 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2007-10-26 10:35 <DIR> d-------- C:\VundoFix Backups 2007-10-26 00:42 <DIR> d-------- C:\Program Files\IObit 2007-10-26 00:17 <DIR> d-------- C:\Program Files\Trojan Remover 2007-10-24 03:05 <DIR> d-------- C:\Program Files\The Privacy Guard 2007-10-22 17:09 <DIR> d-------- C:\Documents and Settings\Bole\Application Data\Uniblue 2007-10-22 00:34 <DIR> d-------- C:\Program Files\Advanced Port Scanner 2007-10-19 21:56 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Xfire 2007-10-19 21:54 <DIR> d-------- C:\Program Files\Xfire 2007-10-19 21:54 <DIR> d-------- C:\Documents and Settings\PC\Application Data\Xfire 2007-10-17 19:08 <DIR> d-------- C:\Program Files\Uniblue 2007-10-17 19:08 <DIR> d-------- C:\Documents and Settings\PC\Application Data\Uniblue 2007-10-13 11:27 248,064 --a------ C:\WINDOWS\UNINST16.EXE 2007-10-13 11:27 26,768 --a------ C:\WINDOWS\system\CTL3D.DLL 2007-10-05 15:56 <DIR> d-------- C:\Program Files\ACW 2007-10-04 20:45 <DIR> d-------- C:\Program Files\atom bird more 2007-10-04 20:39 <DIR> d--h----- C:\WINDOWS\PIF 2007-10-04 12:56 <DIR> d-------- C:\Documents and Settings\PC\Application Data\Spyware Terminator 2007-10-04 11:40 74,752 --a------ C:\WINDOWS\system32\AMTCLib.dll 2007-10-03 22:08 <DIR> d-------- C:\WINDOWS\pss 2007-10-03 20:46 <DIR> d-------- C:\Program Files\Crawler 2007-10-03 19:07 <DIR> d-------- C:\WINDOWS\Advanced WindowsCare 2007-10-03 19:06 <DIR> d-------- C:\Program Files\PowerPoint to Flash 2007-09-30 23:40 28 --a------ C:\WINDOWS\mscpt.dat . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-10-26 12:25 --------- d-----w C:\Documents and Settings\Bole\Application Data\LimeWire 2007-10-07 18:41 --------- d-----w C:\Documents and Settings\PC\Application Data\BearShare 2007-10-05 20:18 --------- d-----w C:\Program Files\LimeWire 2007-10-04 18:45 --------- d-----w C:\Documents and Settings\PC\Application Data\atom bird more 2007-10-04 13:24 --------- d-----w C:\Program Files\Ofb1 2007-10-04 09:56 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-10-04 09:56 --------- d-----w C:\Program Files\Kazaa 2007-10-04 09:54 --------- d-----w C:\Program Files\ICQToolbar 2007-10-04 09:40 --------- d-----w C:\Program Files\Exit Killer Pro 2007-09-29 22:00 --------- d-----w C:\Documents and Settings\Bole\Application Data\MEGAUPLOADTOOLBAR 2007-09-15 03:13 --------- d-----w C:\Program Files\MSN Messenger 2007-09-15 03:13 --------- d-----w C:\Program Files\Messenger Plus! Live 2007-09-14 18:44 --------- d-----w C:\Program Files\Java 2007-09-09 22:04 --------- d-----w C:\Program Files\YoutubeEXE 2007-09-07 17:11 --------- d-----w C:\Program Files\MessengerDiscovery 2007-09-07 14:11 --------- d-----w C:\Program Files\Windows Live 2007-09-07 14:11 --------- d-----w C:\Program Files\Adverts 2007-09-04 00:01 --------- d-----w C:\Program Files\Replay Converter 2007-09-03 13:29 --------- d-----w C:\Documents and Settings\PC\Application Data\Talkback 2007-09-02 19:42 737,280 ----a-w C:\WINDOWS\iun6002.exe 2007-09-02 19:42 --------- d-----w C:\Documents and Settings\PC\Application Data\GetRightToGo 2007-09-02 19:39 --------- d-----w C:\Program Files\Replay Media Catcher 2007-03-09 07:12:32 27,648 --sha-w C:\WINDOWS\system32\AVSredirect.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2F60EBF4-9FAD-4A07-AB48-DA2A9E5B23C7}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3E1500AC-87A5-416b-A211-82E848649DA9}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-04-27 17:33] "TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [2002-03-15 23:10] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 15:43] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:07] C:\Documents and Settings\Bole\Start Menu\Programs\Startup\ LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe [2007-09-17 16:19:14] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveSearch"=1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^PC^Start Menu^Programs^Startup^T-Com MAXadsl Start.lnk] backup=C:\WINDOWS\pss\T-Com MAXadsl Start.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] ALCMTR.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\audio debug boob locks] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer] KHALMNPR.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] nwiz.exe /install [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProxyWay] C:\Program Files\ProxyWay\proxyway.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] RTHDCPL.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchIndexer] rundll32.exe "C:\WINDOWS\system32\xvbluwqd.dll",sitypnow [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel] SkyTel.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\style meal] C:\DOCUME~1\PC\APPLIC~1\ATOMBI~1\body regs.exe R2 LBeepKE;LBeepKE;C:\WINDOWS\system32\Drivers\LBeepKE.sys R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys R2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\system32\DRIVERS\nvcap.sys R2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\system32\DRIVERS\NVxbar.sys R3 lmimirr;lmimirr;C:\WINDOWS\system32\DRIVERS\lmimirr.sys R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);C:\WINDOWS\system32\DRIVERS\RMSPPPOE.SYS R3 USB_RNDIS_51;T-Com MAXadsl modem (USB, NDIS);C:\WINDOWS\system32\DRIVERS\usb8023.sys S2 Apache2.2;Apache2.2;"C:\Documents and Settings\PC\Desktop\xampplite\xampplite\apache\bin\apache.exe" -k runservice S2 FFI;FFI;C:\WINDOWS\system32\svchost.exe:exm.exe S2 LMIInfo;LogMeIn Kernel Information Provider;\??\C:\Program Files\LogMeIn\x86\RaInfo.sys S3 SetupNTGLM7X;SetupNTGLM7X;\??\D:\NTGLM7X.sys S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;"C:\Program Files\MSN Messenger\usnsvc.exe" S3 z530bus;Sony Ericsson Z530 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\z530bus.sys S3 z530mdfl;Sony Ericsson Z530 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\z530mdfl.sys S3 z530mdm;Sony Ericsson Z530 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\z530mdm.sys S3 z530mgmt;Sony Ericsson Z530 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\z530mgmt.sys S3 z530obex;Sony Ericsson Z530 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\z530obex.sys Newly Created Service - FFI . ************************************************************************ catchme 0.3.1232 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2007-10-26 23:40:28 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\system\ControlSet002\Services\FFI] "ImagePath"="C:\WINDOWS\system32\svchost.exe:exm.exe" . Completion time: 2007-10-26 23:41:20 - machine was rebooted . --- E O F ---

Profil

DEMIAN Poslao: 27 Okt 2007 00:51 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skeniraj komp sa GMER-om i postavi log da proverimo da nema nekih rootkitova, pošto ovaj zadnji log ukazuje na tu mogućnost.. Uradi sledeće: Preuzmi fajl gmer.zip sa ovog linka i sačuvaj na Desktop-u. Raspakuj ga u neki folder. Dupli klik na gmer.exe za početak: Izaberi Rootkit Tab na vrhu. Klikni na Scan. Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati to u Clipboard. U polju za pisanje poruke na forumu klikni desno dugme misa i odaberi opciju Paste.

Profil

nea Poslao: 27 Okt 2007 01:07 Idi na vrh
offline nea Novi MyCity građanin Pridružio: 25 Okt 2007 Poruke: 14	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! jesi se prošeto? evo log: GMER 1.0.13.12551 - [Link mogu videti samo ulogovani korisnici] Rootkit scan 2007-10-27 01:01:22 Windows 5.1.2600 Service Pack 2 ---- Kernel code sections - GMER 1.0.13 ---- ? C:\DOCUME~1\PC\LOCALS~1\Temp\catchme.sys The system cannot find the file specified. ---- User code sections - GMER 1.0.13 ---- .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] kernel32.dll!LoadResource 7C809FB5 7 Bytes JMP 28001B60 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] kernel32.dll!FindResourceExW 7C80AC88 7 Bytes JMP 28001AD0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] kernel32.dll!FindResourceW 7C80BBCE 7 Bytes JMP 28001A50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] kernel32.dll!SizeofResource 7C80BC69 7 Bytes JMP 28001C10 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] kernel32.dll!LockResource 7C80CC97 5 Bytes JMP 28001CC0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] kernel32.dll!CreateEventA 7C8308AD 5 Bytes JMP 28001830 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] kernel32.dll!SetUnhandledExceptionFilter 7C84479D 5 Bytes JMP 004DE392 C:\Program Files\MSN Messenger\msnmsgr.exe .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] ADVAPI32.dll!CryptDeriveKey 77DEA685 7 Bytes JMP 28001000 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] ADVAPI32.dll!CryptDecrypt 77DEA7B1 2 Bytes JMP 28001050 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] ADVAPI32.dll!CryptDecrypt + 3 77DEA7B4 4 Bytes [ 21, B0, CC, CC ] .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] USER32.dll!PeekMessageW 7E41929B 5 Bytes JMP 28003A60 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] USER32.dll!CreateWindowExW 7E41FC25 5 Bytes JMP 28003370 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] USER32.dll!SetWindowRgn 7E41FFB2 7 Bytes JMP 28004DB0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] USER32.dll!CreateDialogParamW 7E427D4F 5 Bytes JMP 28004E50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] USER32.dll!SetWindowPlacement 7E42D84C 5 Bytes JMP 28004CD0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] USER32.dll!MessageBoxIndirectW 7E4662AB 5 Bytes JMP 28004FB0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] USER32.dll!TrackPopupMenuEx 7E46CD28 5 Bytes JMP 28004230 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] WS2_32.dll!send 71AB428A 5 Bytes JMP 28009120 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] WS2_32.dll!WSARecv 71AB4318 5 Bytes JMP 28008F10 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] WS2_32.dll!recv 71AB615A 5 Bytes JMP 28008D80 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] WS2_32.dll!WSASend 71AB6233 5 Bytes JMP 280092A0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] WS2_32.dll!closesocket 71AB9639 5 Bytes JMP 280094B0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] SHELL32.dll!Shell_NotifyIconW 7CA21B6A 5 Bytes JMP 28002B50 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] ole32.dll!CoInitializeEx 774FEF6B 5 Bytes JMP 28001D20 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] ole32.dll!CoRegisterClassObject 77518720 5 Bytes JMP 28001E20 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] WININET.dll!HttpOpenRequestA 771C36AD 5 Bytes JMP 28007D10 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] WININET.dll!InternetCloseHandle 771C4D6C 5 Bytes JMP 28007FF0 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] WININET.dll!HttpSendRequestA 771C6249 5 Bytes JMP 28007F40 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\MSN Messenger\msnmsgr.exe[1756] WININET.dll!InternetReadFile 771C80F4 5 Bytes JMP 28007E70 C:\Program Files\Messenger Plus! Live\MsgPlusLive.dll .text C:\Program Files\BearShare Applications\BearShare\BearShare.exe[4064] USER32.dll!SetScrollInfo 7E419056 5 Bytes JMP 006EE18D C:\Program Files\BearShare Applications\BearShare\BearShare.exe .text C:\Program Files\BearShare Applications\BearShare\BearShare.exe[4064] USER32.dll!GetScrollBarInfo 7E420D74 5 Bytes JMP 006EE2EE C:\Program Files\BearShare Applications\BearShare\BearShare.exe .text C:\Program Files\BearShare Applications\BearShare\BearShare.exe[4064] USER32.dll!GetScrollInfo 7E420DA2 5 Bytes JMP 006EE262 C:\Program Files\BearShare Applications\BearShare\BearShare.exe .text C:\Program Files\BearShare Applications\BearShare\BearShare.exe[4064] USER32.dll!ShowScrollBar 7E42F2B3 5 Bytes JMP 006EE0B2 C:\Program Files\BearShare Applications\BearShare\BearShare.exe .text C:\Program Files\BearShare Applications\BearShare\BearShare.exe[4064] USER32.dll!GetScrollPos 7E42F6C4 5 Bytes JMP 006EE21F C:\Program Files\BearShare Applications\BearShare\BearShare.exe .text C:\Program Files\BearShare Applications\BearShare\BearShare.exe[4064] USER32.dll!SetScrollPos 7E42F710 5 Bytes JMP 006EE144 C:\Program Files\BearShare Applications\BearShare\BearShare.exe .text C:\Program Files\BearShare Applications\BearShare\BearShare.exe[4064] USER32.dll!GetScrollRange 7E42F747 5 Bytes JMP 006EE1D6 C:\Program Files\BearShare Applications\BearShare\BearShare.exe .text C:\Program Files\BearShare Applications\BearShare\BearShare.exe[4064] USER32.dll!SetScrollRange 7E42F95B 5 Bytes JMP 006EE0F8 C:\Program Files\BearShare Applications\BearShare\BearShare.exe .text C:\Program Files\BearShare Applications\BearShare\BearShare.exe[4064] USER32.dll!EnableScrollBar 7E467DDD 5 Bytes JMP 006EE2A8 C:\Program Files\BearShare Applications\BearShare\BearShare.exe AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE [BA573BCC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_NAMED_PIPE [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLOSE [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_READ [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_WRITE [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_INFORMATION [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_INFORMATION [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_EA [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_EA [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FLUSH_BUFFERS [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_VOLUME_INFORMATION [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_VOLUME_INFORMATION [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DIRECTORY_CONTROL [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_FILE_SYSTEM_CONTROL [BA5737D6] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CONTROL [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_INTERNAL_DEVICE_CONTROL [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SHUTDOWN [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_LOCK_CONTROL [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CLEANUP [BA573F94] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_CREATE_MAILSLOT [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_SECURITY [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_SECURITY [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_POWER [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SYSTEM_CONTROL [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_DEVICE_CHANGE [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_QUERY_QUOTA [BA5741CC] amon.sys AttachedDevice \FileSystem\Ntfs \Ntfs IRP_MJ_SET_QUOTA [BA5741CC] amon.sys ---- Registry - GMER 1.0.13 ---- Reg \Registry\USER\S-1-5-21-1417001333-1767777339-725345543-1003\Software\SecuROM\!CAUTION! NEVER DELETE OR CHANGE ANY KEY@?? 0x4A 0x9E 0xD2 0xCB ... Reg \Registry\USER\S-1-5-21-1417001333-1767777339-725345543-1003\Software\SecuROM\!CAUTION! NEVER DELETE OR CHANGE ANY KEY@?? 0x96 0xE6 0x8A 0x57 ... ---- Files - GMER 1.0.13 ---- ADS C:\System Volume Information\_restore{34D39F7D-3F99-4905-B0CB-147FFF70C3C9}\RP30\A0019125.exe:exm.exe ---- EOF - GMER 1.0.13 ---- kolko vidim, tu se uglavnom radi o msn-u i bear share-u... da ja jednostavno pobrišem bearshare? (msn neću... )

Profil

DEMIAN Poslao: 27 Okt 2007 01:27 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! nea ::jesi se prošeto? Onako.. i ne puno. Msn neće niko da ti dira, a bearshare bi mogla da deinstaliraš jer ga ovde vidim kao potencijalnu vezu sa tvojom infekcijom. Kad završiš sa time postavi novi HJT log, taman dok ja pregledam ovo što si zadnje postavila. btw. Vidim da si radoznala, i da nagađaš šta se to logovima traži. Evo ti članak o tome šta sam tačno hteo da proverim kod tebe da kad već pratiš proces - ne pratiš u prazno. [Link mogu videti samo ulogovani korisnici]

Profil

nea Poslao: 27 Okt 2007 02:04 Idi na vrh
offline nea Novi MyCity građanin Pridružio: 25 Okt 2007 Poruke: 14	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! makla sam ove neke programe, sad ću za sekundu postavit log... a što se tiče ovog linka... hvala, al logove sam prolistam, ne kužim ja to ništ... al piše o kojim se programima radi, tolko znam... volim prčkat po softverima i programskim jezicima, al kad se radi o ovim stvarima, za to sam tupava, totalno... logove ostavljam tebi... EDIT: evo, morala sam rebootat komp zbog RB-a... Logfile of HijackThis v1.99.1 Scan saved at 2:06:39, on 27.10.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Explorer.EXE C:\Program Files\TortoiseSVN\bin\TSVNCache.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Documents and Settings\PC\Desktop\HT\TR3.exe R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O2 - BHO: (no name) - {2F60EBF4-9FAD-4A07-AB48-DA2A9E5B23C7} - (no file) O2 - BHO: Ofb1 - {3E1500AC-87A5-416b-A211-82E848649DA9} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: Crawler Search - tbr:iemenu O8 - Extra context menu item: I&zvoz u Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Istraživanje - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{2D5021DB-4C10-4CAE-A4F7-494200A57A0F}: NameServer = 195.29.149.197 195.29.149.196 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Apache2.2 - Unknown owner - C:\Documents and Settings\PC\Desktop\xampplite\xampplite\apache\bin\apache.exe" -k runservice (file missing) O23 - Service: FFI - Unknown owner - C:\WINDOWS\system32\svchost.exe:exm.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Profil

DEMIAN Poslao: 27 Okt 2007 02:26 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Skeniraj opet HJT-om računar, idi na opciju "Do a system scan only" , označi ovu liniju (u onom kvadratiću pored nje) i klikni na "Fix Checked". O23 - Service: FFI - Unknown owner - C:\WINDOWS\system32\svchost.exe:exm.exe (file missing) Skini [url=https://www.mycity.rs/must-login.png arhivu[/url] i raspakuj je. Pokreni Lista_servisa.bat fajl, sačekaj da se završi postupak i sačuvaj taj txt fajl. Uploaduj ga uz sledeću poruku, koristi za to opciju foruma "Prikači fajl".

Profil

MyCity » Ambulanta -> Arhiva Ambulante » explorer zeza :)

Ko je trenutno na forumu

Ukupno su 987 korisnika na forumu :: 48 registrovanih, 4 sakrivenih i 935 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, Apok, babaroga, bokisha253, Boris.A, cojapop, CrazyNorth, Crazzer, Dioniss, Electron, HogarStrashni, ikan, janbo, Kubovac, kybonacci, ladro, Lap720, loon123, Lošmi, LUDI, MaksicZoran, mango, mercedesamg, mkukoleca, mnn2, moldway, nikoladim, olujnik, pceklic, pein, Peruta, powSrb, R_038, raptorsi, raso76, Sass Drake, Singidunumac, Sirius, Srle993, srpskasparta, sspp, Stoilkovic, Tribal, vathra, Vatreni Zmaj, Vlada1389, voja64, zastavnik

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by