MyCity » Ambulanta -> Arhiva Ambulante » problem sa flash karticom od 1gb

problem sa flash karticom od 1gb

Napisano na dan: 11.4.2008

Strana:
1
2

problem sa flash karticom od 1gb

Pagination

Prethodna strana

Odgovori

Strana:
1
2

gogi100 Poslao: 12 Apr 2008 11:51 Idi na vrh
offline gogi100 Građanin Pridružio: 26 Jan 2006 Poruke: 233	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! poslao sam fajl preko upload linka catchme.zip

Profil

helen1 Poslao: 12 Apr 2008 13:06 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: File:: C:\WINDOWS\system32\wcqvlcer.dll C:\WINDOWS\system32\ypvbrphj.dll C:\WINDOWS\system32\kepmougi.dll C:\WINDOWS\system32\dmrxjflb.dll C:\WINDOWS\system32\gjtoauqh.ini C:\WINDOWS\system32\yuxoxflm.ini C:\WINDOWS\system32\k120726382618.exe C:\WINDOWS\system32\k12072638083.exe C:\WINDOWS\system32\aogyrfdj.ini C:\WINDOWS\system32\k120721179016.exe C:\WINDOWS\system32\k12072117797.exe C:\WINDOWS\system32\iulvtvdk.ini C:\WINDOWS\system32\scadeiax.ini C:\WINDOWS\system32\k12070688966.exe C:\WINDOWS\system32\k12070688923.exe C:\WINDOWS\system32\k120706890211.exe C:\WINDOWS\system32\k12069121733.exe C:\WINDOWS\system32\k12069114436.exe C:\WINDOWS\system32\k12069114382.exe C:\WINDOWS\system32\k12069114404.exe C:\WINDOWS\system32\k12069090675.exe C:\WINDOWS\system32\k12069090642.exe C:\WINDOWS\system32\k12069090707.exe C:\WINDOWS\system32\k12069090653.exe C:\WINDOWS\system32\k120690907612.exe C:\WINDOWS\system32\k12069079223.exe C:\WINDOWS\system32\k12069079234.exe C:\WINDOWS\system32\k120686776010.exe C:\WINDOWS\system32\k12068677502.exe C:\WINDOWS\system32\k12066123486.exe C:\WINDOWS\system32\k12066123465.exe C:\WINDOWS\system32\k12066123443.exe C:\autorun.inf.mwt C:\Program Files\Common Files\WIN.exe.mwt C:\WINDOWS\system32\drivers\core.sys.mwt C:\WINDOWS\system32\mrwfbdeb.dll C:\WINDOWS\cmdbcs.exe C:\WINDOWS\MsIMMs32.exE C:\WINDOWS\system32\mrwfbdeb.dll C:\WINDOWS\nss3.dll C:\WINDOWS\softokn3.dll C:\WINDOWS\nspr4.dll C:\WINDOWS\Projekt1.exe C:\WINDOWS\FirePassword.exe C:\WINDOWS\plc4.dll C:\WINDOWS\plds4.dll C:\Program.exe Registry:: [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\urqOGVpO] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMdbb61280] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cmdbcs] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsIMMs32] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "BMdbb61280"=- [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a2b15085-97af-11dc-9f90-0040f4bf0254}] [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d6c4b607-4bdd-11dc-9f5e-0040f4bf0254}] Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

gogi100 Poslao: 13 Apr 2008 01:08 Idi na vrh
offline gogi100 Građanin Pridružio: 26 Jan 2006 Poruke: 233	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! log fajl od ComboFixa ComboFix 08-04-11.1 - mafija75 2008-04-13 1:00:42.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.539 [GMT 2:00] Running from: C:\Documents and Settings\mafija75\Desktop\virusi\ComboFix.exe Command switches used :: C:\Documents and Settings\mafija75\Desktop\virusi\CFScript.txt WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: C:\autorun.inf.mwt C:\Program Files\Common Files\WIN.exe.mwt C:\Program.exe C:\WINDOWS\cmdbcs.exe C:\WINDOWS\FirePassword.exe C:\WINDOWS\MsIMMs32.exE C:\WINDOWS\nspr4.dll C:\WINDOWS\nss3.dll C:\WINDOWS\plc4.dll C:\WINDOWS\plds4.dll C:\WINDOWS\Projekt1.exe C:\WINDOWS\softokn3.dll C:\WINDOWS\system32\aogyrfdj.ini C:\WINDOWS\system32\dmrxjflb.dll C:\WINDOWS\system32\drivers\core.sys.mwt C:\WINDOWS\system32\gjtoauqh.ini C:\WINDOWS\system32\iulvtvdk.ini C:\WINDOWS\system32\k12066123443.exe C:\WINDOWS\system32\k12066123465.exe C:\WINDOWS\system32\k12066123486.exe C:\WINDOWS\system32\k12068677502.exe C:\WINDOWS\system32\k120686776010.exe C:\WINDOWS\system32\k12069079223.exe C:\WINDOWS\system32\k12069079234.exe C:\WINDOWS\system32\k12069090642.exe C:\WINDOWS\system32\k12069090653.exe C:\WINDOWS\system32\k12069090675.exe C:\WINDOWS\system32\k12069090707.exe C:\WINDOWS\system32\k120690907612.exe C:\WINDOWS\system32\k12069114382.exe C:\WINDOWS\system32\k12069114404.exe C:\WINDOWS\system32\k12069114436.exe C:\WINDOWS\system32\k12069121733.exe C:\WINDOWS\system32\k12070688923.exe C:\WINDOWS\system32\k12070688966.exe C:\WINDOWS\system32\k120706890211.exe C:\WINDOWS\system32\k12072117797.exe C:\WINDOWS\system32\k120721179016.exe C:\WINDOWS\system32\k12072638083.exe C:\WINDOWS\system32\k120726382618.exe C:\WINDOWS\system32\kepmougi.dll C:\WINDOWS\system32\mrwfbdeb.dll C:\WINDOWS\system32\scadeiax.ini C:\WINDOWS\system32\wcqvlcer.dll C:\WINDOWS\system32\ypvbrphj.dll C:\WINDOWS\system32\yuxoxflm.ini . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\autorun.inf.mwt C:\Program Files\Common Files\WIN.exe.mwt C:\WINDOWS\FirePassword.exe C:\WINDOWS\nspr4.dll C:\WINDOWS\nss3.dll C:\WINDOWS\plc4.dll C:\WINDOWS\plds4.dll C:\WINDOWS\Projekt1.exe C:\WINDOWS\regedit.com C:\WINDOWS\softokn3.dll C:\WINDOWS\system32\aogyrfdj.ini C:\WINDOWS\system32\dmrxjflb.dll C:\WINDOWS\system32\drivers\core.cache.dsk C:\WINDOWS\system32\drivers\core.sys.mwt C:\WINDOWS\system32\gjtoauqh.ini C:\WINDOWS\system32\iulvtvdk.ini C:\WINDOWS\system32\k12066123443.exe C:\WINDOWS\system32\k12066123465.exe C:\WINDOWS\system32\k12066123486.exe C:\WINDOWS\system32\k12068677502.exe C:\WINDOWS\system32\k120686776010.exe C:\WINDOWS\system32\k12069079223.exe C:\WINDOWS\system32\k12069079234.exe C:\WINDOWS\system32\k12069090642.exe C:\WINDOWS\system32\k12069090653.exe C:\WINDOWS\system32\k12069090675.exe C:\WINDOWS\system32\k12069090707.exe C:\WINDOWS\system32\k120690907612.exe C:\WINDOWS\system32\k12069114382.exe C:\WINDOWS\system32\k12069114404.exe C:\WINDOWS\system32\k12069114436.exe C:\WINDOWS\system32\k12069121733.exe C:\WINDOWS\system32\k12070688923.exe C:\WINDOWS\system32\k12070688966.exe C:\WINDOWS\system32\k120706890211.exe C:\WINDOWS\system32\k12072117797.exe C:\WINDOWS\system32\k120721179016.exe C:\WINDOWS\system32\k12072638083.exe C:\WINDOWS\system32\k120726382618.exe C:\WINDOWS\system32\kepmougi.dll C:\WINDOWS\system32\scadeiax.ini C:\WINDOWS\system32\taskmgr.com C:\WINDOWS\system32\W007T32W.DLL C:\WINDOWS\system32\wcqvlcer.dll C:\WINDOWS\system32\ypvbrphj.dll C:\WINDOWS\system32\yuxoxflm.ini . ((((((((((((((((((((((((( Files Created from 2008-03-12 to 2008-04-12 ))))))))))))))))))))))))))))))) . 2008-04-12 03:00 . 2008-04-12 03:00 <DIR> d-------- C:\VundoFix Backups 2008-04-11 16:49 . 2004-02-23 01:00 1,386,496 --a------ C:\WINDOWS\system\MSVBVM60.DLL 2008-04-11 06:46 . 2008-04-11 09:26 817,369,826 --a------ C:\superdvdripper.avi 2008-04-11 00:18 . 2008-04-11 06:49 <DIR> d-------- C:\Program Files\Max DVD to AVI Converter 4.0 2008-04-10 21:42 . 2008-04-10 23:57 0 --a------ C:\WINDOWS\system32\video.avs 2008-04-10 21:36 . 2008-04-10 21:36 <DIR> d-------- C:\Program Files\Agogo DVD Ripper 2008-04-10 21:36 . 2004-07-03 07:59 524,288 --a------ C:\WINDOWS\system32\xvidcore.dll 2008-04-10 21:36 . 2004-07-03 08:08 139,264 --a------ C:\WINDOWS\system32\xvidvfw.dll 2008-04-10 21:36 . 2004-09-06 03:06 53,248 --a------ C:\WINDOWS\system32\xvid.ax 2008-04-06 11:52 . 2008-04-06 11:54 6,942,778 --a------ C:\WINDOWS\REGBK00.ZIP 2008-04-03 23:59 . 2008-04-03 23:59 <DIR> d-a------ C:\WINDOWS\zts2.exe 2008-04-03 23:59 . 2008-04-03 23:59 <DIR> d-a------ C:\WINDOWS\system32\vcmgcd32.dll 2008-04-03 23:59 . 2008-04-03 23:59 <DIR> d-a------ C:\WINDOWS\system32\iifgfgf.dll 2008-04-03 23:59 . 2008-04-03 23:59 <DIR> d-a------ C:\WINDOWS\rundll16.exe 2008-04-03 23:59 . 2008-04-03 23:59 <DIR> d-a------ C:\WINDOWS\rundl132.dll 2008-04-03 23:59 . 2008-04-03 23:59 <DIR> d-a------ C:\WINDOWS\logo1_.exe 2008-04-01 18:21 . 2006-03-28 08:54 696,320 --a------ C:\WINDOWS\system32\libeay32.dll 2008-04-01 18:21 . 2006-03-28 08:55 155,648 --a------ C:\WINDOWS\system32\ssleay32.dll 2008-04-01 18:19 . 2008-04-01 18:19 <DIR> d-------- C:\Documents and Settings\mafija75\Application Data\iolo 2008-04-01 18:19 . 2008-04-01 18:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\iolo 2008-03-30 21:23 . 2008-03-30 22:05 280 --a------ C:\WINDOWS\wininit.ini 2008-03-30 19:54 . 2008-03-30 22:30 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-03-29 19:02 . 2008-03-15 14:07 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll 2008-03-29 19:02 . 2008-03-15 13:12 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest 2008-03-12 19:17 . 2008-03-30 22:33 <DIR> d-------- C:\Program Files\Imenik 2008-03-12 19:16 . 2000-09-04 15:24 8,055 --a------ C:\WINDOWS\Serbian2.gpl 2008-03-12 19:04 . 2008-03-12 19:04 <DIR> d-------- C:\Program Files\SmileSoft 2008-03-12 19:04 . 2008-03-12 19:04 8 --ah----- C:\dbisam.lck . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-12 23:01 --------- d-----w C:\Documents and Settings\mafija75\Application Data\uTorrent 2008-04-12 09:50 --------- d-----w C:\Program Files\Soulseek 2008-04-11 17:52 --------- d-----w C:\Program Files\GetRight 2008-04-11 13:25 --------- d-----w C:\Documents and Settings\mafija75\Application Data\AVG7 2008-04-09 19:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-04-09 16:57 --------- d-----w C:\Documents and Settings\mafija75\Application Data\Canon 2008-04-07 21:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-04-07 20:37 --------- d-----w C:\Program Files\Di recnik 2008-04-06 09:21 --------- d-----w C:\Program Files\UltraLott Ticket Printing 2008-04-06 09:21 --------- d-----w C:\Program Files\Net Tools 2008-04-06 09:21 --------- d-----w C:\Program Files\DBPut 2008-04-06 09:21 --------- d-----w C:\Documents and Settings\mafija75\Application Data\Skype 2008-04-06 09:21 --------- d-----w C:\Documents and Settings\mafija75\Application Data\phpDesigner 2008 2008-04-06 09:21 --------- d-----w C:\Documents and Settings\mafija75\Application Data\Azureus 2008-03-30 20:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-03-30 20:28 --------- d-----w C:\Program Files\DivX 2008-03-30 20:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-03-30 17:43 --------- d-----w C:\Program Files\TuneUp Utilities 2007 2008-03-29 17:02 --------- d-----w C:\Program Files\ffdshow 2008-03-28 09:04 --------- d-----w C:\Documents and Settings\mafija75\Application Data\SolidDocuments 2008-03-20 22:55 --------- d-----w C:\Program Files\Safari 2008-02-27 23:13 --------- d-----w C:\Program Files\uTorrent 2008-02-25 23:18 --------- d-----w C:\Program Files\WinPcap 2008-02-17 22:06 --------- d-----w C:\Program Files\kmp 2008-02-12 19:29 --------- d-----w C:\Program Files\GNU 2007-12-04 23:37 2,339 ----a-w C:\Program Files\Common Files\m3.exe 2007-12-04 23:37 2,339 ----a-w C:\Program Files\Common Files\m2.exe 2007-12-04 23:37 2,339 ----a-w C:\Program Files\Common Files\m1.exe . ------- Sigcheck ------- 2007-10-31 00:00 360448 5f252dd88b0841e64010d058e02af929 C:\WINDOWS\system32\dllcache\TCPIP.SYS 2007-10-31 00:00 360448 5f252dd88b0841e64010d058e02af929 C:\WINDOWS\system32\drivers\TCPIP.SYS . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2002-12-31 14:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AudioDrvEmulator"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 18:25 49152] "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-21 09:32 579072] "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 17:46 172032] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2002-12-31 14:00 15360] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-24 08:34 219136] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Monitor Apache Servers.lnk - C:\Program Files\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe [2007-01-09 23:20:44 41041] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GetRight - Tray Icon.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GetRight - Tray Icon.lnk backup=C:\WINDOWS\pss\GetRight - Tray Icon.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] --a------ 2004-08-12 21:10 339968 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] --a------ 2006-11-16 19:04 139264 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Detector] --------- 2004-12-02 18:23 102400 C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDET] --------- 2003-06-18 01:00 45056 C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper] --a------ 2005-06-18 08:01 16384 C:\WINDOWS\CTHELPER.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSysVol] --------- 2005-02-15 16:10 57344 C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DbgHlp32] C:\WINDOWS\DbgHlp32.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] --a------ 2006-10-27 00:47 31016 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] --a------ 2003-12-22 08:38 241664 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] --a------ 2004-02-18 19:55 49152 C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility] --a------ 2004-03-04 17:46 172032 C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NAVMon32] C:\WINDOWS\NAVMon32.exE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2006-01-12 15:40 155648 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] -ra------ 2007-08-17 03:45 23120680 C:\Program Files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2007-09-25 01:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] --a------ 2006-03-03 03:39 6144 C:\Program Files\Unlocker\UnlockerAssistant.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg] --------- 2000-05-11 01:00 90112 C:\WINDOWS\UpdReg.EXE [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Firebird"=C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe -a [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\WINDOWS\\system32\\sessmgr.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "C:\\Program Files\\Soulseek\\slsk.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= "C:\\Program Files\\Mozilla Firefox\\firefox.exe"= "C:\\Program Files\\Bonjour\\mDNSResponder.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= R2 CX88XBAR;MSI 8606 Crossbar;C:\WINDOWS\system32\drivers\CX88XBar.SYS [2003-03-19 07:50] R2 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe [2007-09-03 17:13] S3 iadusb;MT882;C:\WINDOWS\system32\DRIVERS\glauiad.sys [2006-03-20 09:32] S4 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2002-12-31 14:00] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contents of the 'Scheduled Tasks' folder "2007-09-14 15:15:00 C:\WINDOWS\Tasks\1-Click Maintenance.job" - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe "2007-10-05 21:29:20 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************ catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-13 01:02:45 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\system\ControlSet002\Services\MySQL] "ImagePath"="\"C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"C:\Program Files\MySQL\MySQL Server 5.0\my.ini\" MySQL" . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\WINDOWS\system32\winlogon.exe -> C:\WINDOWS\system32\Ati2evxx.dll . Completion time: 2008-04-13 1:03:23 ComboFix-quarantined-files.txt 2008-04-12 23:03:05 ComboFix2.txt 2008-04-11 18:01:59 Pre-Run: 16,072,454,144 bytes free Post-Run: 16,059,101,184 bytes free

Profil

helen1 Poslao: 13 Apr 2008 21:10 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: C:\WINDOWS\DbgHlp32.exe C:\WINDOWS\NAVMon32.exE Registry:: [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NAVMon32] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DbgHlp32]` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

gogi100 Poslao: 13 Apr 2008 22:16 Idi na vrh
offline gogi100 Građanin Pridružio: 26 Jan 2006 Poruke: 233	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! log combofix-a je sledeci ComboFix 08-04-11.1 - mafija75 2008-04-13 22:09:05.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.497 [GMT 2:00] Running from: C:\Documents and Settings\mafija75\Desktop\virusi\ComboFix.exe Command switches used :: C:\Documents and Settings\mafija75\Desktop\virusi\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: C:\WINDOWS\DbgHlp32.exe C:\WINDOWS\NAVMon32.exE . ((((((((((((((((((((((((( Files Created from 2008-03-13 to 2008-04-13 ))))))))))))))))))))))))))))))) . 2008-04-12 03:00 . 2008-04-12 03:00 <DIR> d-------- C:\VundoFix Backups 2008-04-11 16:49 . 2004-02-23 01:00 1,386,496 --a------ C:\WINDOWS\system\MSVBVM60.DLL 2008-04-11 06:46 . 2008-04-11 09:26 817,369,826 --a------ C:\superdvdripper.avi 2008-04-11 00:18 . 2008-04-11 06:49 <DIR> d-------- C:\Program Files\Max DVD to AVI Converter 4.0 2008-04-10 21:42 . 2008-04-10 23:57 0 --a------ C:\WINDOWS\system32\video.avs 2008-04-10 21:36 . 2008-04-10 21:36 <DIR> d-------- C:\Program Files\Agogo DVD Ripper 2008-04-10 21:36 . 2004-07-03 07:59 524,288 --a------ C:\WINDOWS\system32\xvidcore.dll 2008-04-10 21:36 . 2004-07-03 08:08 139,264 --a------ C:\WINDOWS\system32\xvidvfw.dll 2008-04-10 21:36 . 2004-09-06 03:06 53,248 --a------ C:\WINDOWS\system32\xvid.ax 2008-04-06 11:52 . 2008-04-06 11:54 6,942,778 --a------ C:\WINDOWS\REGBK00.ZIP 2008-04-03 23:59 . 2008-04-03 23:59 <DIR> d-a------ C:\WINDOWS\zts2.exe 2008-04-03 23:59 . 2008-04-03 23:59 <DIR> d-a------ C:\WINDOWS\system32\vcmgcd32.dll 2008-04-03 23:59 . 2008-04-03 23:59 <DIR> d-a------ C:\WINDOWS\system32\iifgfgf.dll 2008-04-03 23:59 . 2008-04-03 23:59 <DIR> d-a------ C:\WINDOWS\rundll16.exe 2008-04-03 23:59 . 2008-04-03 23:59 <DIR> d-a------ C:\WINDOWS\rundl132.dll 2008-04-03 23:59 . 2008-04-03 23:59 <DIR> d-a------ C:\WINDOWS\logo1_.exe 2008-04-01 18:21 . 2006-03-28 08:54 696,320 --a------ C:\WINDOWS\system32\libeay32.dll 2008-04-01 18:21 . 2006-03-28 08:55 155,648 --a------ C:\WINDOWS\system32\ssleay32.dll 2008-04-01 18:19 . 2008-04-01 18:19 <DIR> d-------- C:\Documents and Settings\mafija75\Application Data\iolo 2008-04-01 18:19 . 2008-04-01 18:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\iolo 2008-03-30 21:23 . 2008-03-30 22:05 280 --a------ C:\WINDOWS\wininit.ini 2008-03-30 19:54 . 2008-03-30 22:30 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-03-29 19:02 . 2008-03-15 14:07 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll 2008-03-29 19:02 . 2008-03-15 13:12 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-13 20:08 --------- d-----w C:\Program Files\Soulseek 2008-04-13 20:08 --------- d-----w C:\Documents and Settings\mafija75\Application Data\uTorrent 2008-04-11 17:52 --------- d-----w C:\Program Files\GetRight 2008-04-11 13:25 --------- d-----w C:\Documents and Settings\mafija75\Application Data\AVG7 2008-04-09 19:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-04-09 16:57 --------- d-----w C:\Documents and Settings\mafija75\Application Data\Canon 2008-04-07 21:31 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-04-07 20:37 --------- d-----w C:\Program Files\Di recnik 2008-04-06 09:21 --------- d-----w C:\Program Files\UltraLott Ticket Printing 2008-04-06 09:21 --------- d-----w C:\Program Files\Net Tools 2008-04-06 09:21 --------- d-----w C:\Program Files\DBPut 2008-04-06 09:21 --------- d-----w C:\Documents and Settings\mafija75\Application Data\Skype 2008-04-06 09:21 --------- d-----w C:\Documents and Settings\mafija75\Application Data\phpDesigner 2008 2008-04-06 09:21 --------- d-----w C:\Documents and Settings\mafija75\Application Data\Azureus 2008-03-30 20:33 --------- d-----w C:\Program Files\Imenik 2008-03-30 20:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-03-30 20:28 --------- d-----w C:\Program Files\DivX 2008-03-30 20:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-03-30 17:43 --------- d-----w C:\Program Files\TuneUp Utilities 2007 2008-03-29 17:02 --------- d-----w C:\Program Files\ffdshow 2008-03-28 09:04 --------- d-----w C:\Documents and Settings\mafija75\Application Data\SolidDocuments 2008-03-20 22:55 --------- d-----w C:\Program Files\Safari 2008-03-12 17:04 --------- d-----w C:\Program Files\SmileSoft 2008-02-27 23:13 --------- d-----w C:\Program Files\uTorrent 2008-02-25 23:18 --------- d-----w C:\Program Files\WinPcap 2008-02-17 22:06 --------- d-----w C:\Program Files\kmp 2007-12-04 23:37 2,339 ----a-w C:\Program Files\Common Files\m3.exe 2007-12-04 23:37 2,339 ----a-w C:\Program Files\Common Files\m2.exe 2007-12-04 23:37 2,339 ----a-w C:\Program Files\Common Files\m1.exe . ------- Sigcheck ------- 2007-10-31 00:00 360448 5f252dd88b0841e64010d058e02af929 C:\WINDOWS\system32\dllcache\TCPIP.SYS 2007-10-31 00:00 360448 5f252dd88b0841e64010d058e02af929 C:\WINDOWS\system32\drivers\TCPIP.SYS . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2002-12-31 14:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AudioDrvEmulator"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-06-16 18:25 49152] "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-21 09:32 579072] "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-03-04 17:46 172032] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2002-12-31 14:00 15360] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-24 08:34 219136] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Monitor Apache Servers.lnk - C:\Program Files\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe [2007-01-09 23:20:44 41041] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GetRight - Tray Icon.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GetRight - Tray Icon.lnk backup=C:\WINDOWS\pss\GetRight - Tray Icon.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] --a------ 2004-08-12 21:10 339968 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] --a------ 2006-11-16 19:04 139264 C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Detector] --------- 2004-12-02 18:23 102400 C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDET] --------- 2003-06-18 01:00 45056 C:\Program Files\Creative\SBAudigy4\DVDAudio\CTDVDDET.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper] --a------ 2005-06-18 08:01 16384 C:\WINDOWS\CTHELPER.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSysVol] --------- 2005-02-15 16:10 57344 C:\Program Files\Creative\SBAudigy4\Surround Mixer\CTSysVol.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] --a------ 2006-10-27 00:47 31016 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] --a------ 2003-12-22 08:38 241664 C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] --a------ 2004-02-18 19:55 49152 C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility] --a------ 2004-03-04 17:46 172032 C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2006-01-12 15:40 155648 C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] -ra------ 2007-08-17 03:45 23120680 C:\Program Files\Skype\Phone\Skype.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] --a------ 2007-09-25 01:11 132496 C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] --a------ 2006-03-03 03:39 6144 C:\Program Files\Unlocker\UnlockerAssistant.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg] --------- 2000-05-11 01:00 90112 C:\WINDOWS\UpdReg.EXE [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Firebird"=C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe -a [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\WINDOWS\\system32\\sessmgr.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "C:\\Program Files\\Soulseek\\slsk.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= "C:\\Program Files\\Mozilla Firefox\\firefox.exe"= "C:\\Program Files\\Bonjour\\mDNSResponder.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= R2 CX88XBAR;MSI 8606 Crossbar;C:\WINDOWS\system32\drivers\CX88XBar.SYS [2003-03-19 07:50] R2 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe [2007-09-03 17:13] S3 iadusb;MT882;C:\WINDOWS\system32\DRIVERS\glauiad.sys [2006-03-20 09:32] S4 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2002-12-31 14:00] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contents of the 'Scheduled Tasks' folder "2007-09-14 15:15:00 C:\WINDOWS\Tasks\1-Click Maintenance.job" - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe "2007-10-05 21:29:20 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************ catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-13 22:10:46 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\system\ControlSet002\Services\MySQL] "ImagePath"="\"C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"C:\Program Files\MySQL\MySQL Server 5.0\my.ini\" MySQL" . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\WINDOWS\system32\winlogon.exe -> C:\WINDOWS\system32\Ati2evxx.dll . Completion time: 2008-04-13 22:11:22 ComboFix-quarantined-files.txt 2008-04-13 20:11:05 ComboFix2.txt 2008-04-12 23:03:23 ComboFix3.txt 2008-04-11 18:01:59 Pre-Run: 15,969,816,576 bytes free Post-Run: 15,956,090,880 bytes free

Profil

helen1 Poslao: 13 Apr 2008 22:54 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl:

Profil

gogi100 Poslao: 14 Apr 2008 06:54 Idi na vrh
offline gogi100 Građanin Pridružio: 26 Jan 2006 Poruke: 233	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! jesu li virusi sada sklonjeni? mozes li mi reci koji su virusi bili i nesto detaljnije u vezi virusa koje sam imao?

Profil

helen1 Poslao: 14 Apr 2008 07:28 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sada bi sve trebalo da bude uredu. Logovi kazu da si cist. Pravo je pitanje cega tu nije bilo. Bio je tu Vundo, razni trijanci, spyware...

Profil

gogi100 Poslao: 14 Apr 2008 09:58 Idi na vrh
offline gogi100 Građanin Pridružio: 26 Jan 2006 Poruke: 233	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! da li se ova metoda moze primeniti i na jos nekom kompjuteru, jer sam moju flash karticu kacio na jos dva racunara?

Profil

helen1 Poslao: 14 Apr 2008 10:35 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! gogi100 ::da li se ova metoda moze primeniti i na jos nekom kompjuteru, jer sam moju flash karticu kacio na jos dva racunara? Sasvim je moguce da su i oni zarazeni. Ali ne mora da znaci da su sa istim infekcijama.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » problem sa flash karticom od 1gb

Ko je trenutno na forumu

Ukupno su 943 korisnika na forumu :: 32 registrovanih, 5 sakrivenih i 906 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: aramis s, Asparagus, babaroga, branko7, croato, darkangel, deimos25, dekan.m, Dovla, gomago, Haris, Koridor, ladro, lord sir giga, Lucije Kvint, Marko Marković, mercedesamg, Milos ZA, milos.cbr, Panter, Primus17, Regrut Boskica, robertino, trajkoni018, tubular, Vatreni Zmaj, VJ, voja64, wolf431, Wrangler, YugoSlav, 223223

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by