Srodne teme
Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.

Kako mi čitaju poruke sa harddiska??

[es] :: Zaštita :: Kako mi čitaju poruke sa harddiska??
(Zaključana tema (lock), by Goran Mijailovic)
Strane: 1 2

[ Pregleda: 8188 | Odgovora: 33 ] > FB > Twit

Postavi temu

Autor
Pretraga teme: Traži
Markiranje Štampanje RSS

iio
branka kojic
neradim
sombor

Član broj: 265396
Poruke: 7
*.dynamic.isp.telekom.rs.



Profil

icon Kako mi čitaju poruke sa harddiska??12.02.2013. u 11:22 - pre 136 meseci
Pozdrav svima imam jedno pitanje ne znam kako niti se bas nesto razumem u racunare ali imam mali problem koji je postao iritirajući decko mi čita poruke sa Fb ..maila..skype i ako kaze da to ne radi a opet zna sve sta sam pisala sa kim sam se dopisivala i gde sam sve isla i ako na mozili brisem istoriju..cak su mi predlozili neki program koji kao brise sve ali ni to ne vredi znam da cita sa harda ali me naj vise iritira sto je ubeden da to niko ne zna i nema sanse da se provali sto ja licno mislim da je ne moguce znam da ima neka stelica samo je treba otkriti ako neko zna nesto vise o tome neka se javi hvala unapred :)
 
0

bachi
Vladimir Vučićević
System administrator
Beograd, Srbija

Član broj: 17912
Poruke: 5318

Sajt: www.bachi.in.rs


+2827 Profil

icon Re: Kako mi čitaju poruke sa harddiska??12.02.2013. u 11:33 - pre 136 meseci

Nađi majstora za računar da ti reinstalira Windows, promeni sve lozinke za facebook, email i sve online servise koje koristiš.


[Obrisan off topic.]

[Ovu poruku je menjao Goran Mijailovic dana 12.02.2013. u 20:18 GMT+1]
... Vladimir Vučićević aka. Bachi
~~~ www.bachi.in.rs <<<<>>>> [email protected]
>>> It's nice to be important, but it's more important to be nice...
 
+4

bakara
nBGd

SuperModerator
Član broj: 40157
Poruke: 16359



+2922 Profil

icon Re: Kako mi čitaju poruke sa harddiska??12.02.2013. u 11:53 - pre 136 meseci
Ja bih rekao da decko zna tvoje pasworde.
Menjaj prvo decka a posle i pasworde.
Nažalost i kazna stvara naviku!
Nažalost i kazna izgrađuje stav!
 
+12

kunc
Germany

Član broj: 195484
Poruke: 441



+56 Profil

icon Re: Kako mi čitaju poruke sa harddiska??12.02.2013. u 12:00 - pre 136 meseci
Citat:
bachi:Nađi majstora za računar da ti reinstalira Windows, promeni sve lozinke za facebook, email i sve online servise koje koristiš.


Sve je kazano, vjerovatno ti je decko ubacio neki od keyloggera pa kontantno nazire s`kim si u kontaktu
i cita cijelo vrijeme tvoje konverzacije.
Odi u neki dobar servis, uradi reinstalaciju i problem rijesen


[Obrisan off topic.]

[Ovu poruku je menjao Goran Mijailovic dana 12.02.2013. u 20:20 GMT+1]
 
0

Goran Mijailovic

Član broj: 12684
Poruke: 6907



+437 Profil

icon Re: Kako mi čitaju poruke sa harddiska??12.02.2013. u 19:21 - pre 136 meseci
Molim da se držite teme, ovo je forum Zaštita a ne Draga Saveta. Offtopic je obrisan.

Hvala.
 
0

kristi1

Član broj: 151211
Poruke: 2012
*.dynamic.isp.telekom.rs.

Sajt: www.mycity.rs/Ambulanta


+88 Profil

icon Re: Kako mi čitaju poruke sa harddiska??13.02.2013. u 08:37 - pre 136 meseci
@iio

Uradi ovako:


Preuzmi OTL na desktop http://oldtimer.geekstogo.com/OTL.exe

Dvoklikom pokreni OTL;

klikni Run Scan;

Po završetku skeniranja, izveštaj ce se otvoriti u Notepad-u.

Kopiraj mi log OTL.txt
 
0

iio
branka kojic
neradim
sombor

Član broj: 265396
Poruke: 7
*.dynamic.isp.telekom.rs.



Profil

icon Re: Kako mi čitaju poruke sa harddiska??13.02.2013. u 09:03 - pre 136 meseci
OTL logfile created on: 13.2.2013 9:47:50 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Documents and Settings\Branka\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000081A | Country: Serbia and Montenegro | Language: SRL | Date Format: d.M.yyyy

1023,17 Mb Total Physical Memory | 374,36 Mb Available Physical Memory | 36,59% Memory free
2,40 Gb Paging File | 1,87 Gb Available in Paging File | 77,60% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 24,41 Gb Total Space | 14,58 Gb Free Space | 59,73% Space Free | Partition Type: NTFS
Drive D: | 87,37 Gb Total Space | 64,16 Gb Free Space | 73,43% Space Free | Partition Type: NTFS
Drive E: | 2,47 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: HOME | User Name: Branka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013.02.13 09:47:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\Branka\My Documents\Downloads\OTL.exe
PRC - [2013.02.06 14:35:46 | 000,917,400 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.01.31 12:11:06 | 002,561,488 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.09.16 12:45:30 | 000,712,704 | ---- | M] (UniverzalSoft) -- C:\Documents and Settings\Branka\Tracing\Basp\Basp.exe
PRC - [2008.07.26 07:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008.07.26 07:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
PRC - [2008.04.14 13:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013.02.12 22:01:27 | 002,053,120 | ---- | M] () -- C:\Program Files\Alwil Software\Avast5\defs\13021201\algo.dll
MOD - [2013.02.08 11:01:05 | 014,586,736 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll
MOD - [2013.02.06 14:35:33 | 003,023,256 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013.01.31 12:11:06 | 002,561,488 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
MOD - [2013.01.31 12:10:04 | 002,231,248 | ---- | M] () -- c:\Documents and Settings\All Users\Application Data\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
MOD - [2008.07.26 07:24:04 | 000,068,120 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSPS.dll
MOD - [2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Disabled | Unknown] -- C:\Program Files\Alwil Software\Avast5\afwServ.exe -- (avast! Firewall)
SRV - [2013.02.08 11:01:07 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.01.31 12:11:06 | 002,561,488 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager)
SRV - [2013.01.08 14:41:40 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2008.07.26 07:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008.07.26 07:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\CDriver.sys -- (MSICDSetup)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012.10.30 23:51:57 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012.10.30 23:51:56 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.03 17:21:53 | 000,018,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2009.07.02 18:49:32 | 004,125,696 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.06.05 08:16:32 | 000,142,336 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009.06.02 14:26:28 | 000,099,856 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.03.12 10:25:12 | 005,051,904 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008.11.24 10:54:12 | 000,495,104 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt61.sys -- (RT61)
DRV - [2008.11.12 09:58:38 | 000,145,952 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2008.08.05 13:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.07.26 16:26:22 | 000,041,752 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008.07.26 16:25:48 | 000,627,864 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2008.07.26 16:22:34 | 002,570,520 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LV302V32.SYS -- (PID_PEPI)
DRV - [2008.07.26 16:22:22 | 000,013,848 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lv302af.sys -- (pepifilter)
DRV - [2008.07.26 07:25:02 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008.04.14 13:00:00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.14 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2008.04.14 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2007.04.16 15:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006.01.04 08:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.mocaflix.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results...ms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.mocaflix.com/?l=1&q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?aff...a0bf92000000000000001485ca23d8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com/?aff...a0bf92000000000000001485ca23d8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.mocaflix.com/
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={...c=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={...a0bf92000000000000001485ca23d8
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redir...ms}&locale=&apn_ptnrs=^RY&apn_dtid=^YYYYYY^V2^RS&apn_uid=383823f8-d898-450e-bd58-14f538abf91a&apn_sauid=99050740-A087-4304-9F75-317E4A5A61BB
IE - HKCU\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebsearch.com/...sb&searchfor={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q...ourceid=ie7&rlz=1I7ADFA_en
IE - HKCU\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = http://www.searchqu.com/web?src=ieb&q={SearchTerms}
IE - HKCU\..\SearchScopes\{8B63A8D6-BBED-4341-8867-790E5F524C96}: "URL" = http://mystart.hiyo.com/?search={searchTerms}&loc=ie_search
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/Resu...rchSource=4&ctid=CT2405280
IE - HKCU\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.mocaflix.com/?l=1&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "WebSearch"
FF - prefs.js..browser.search.defaultenginename,S: S", "WebSearch"
FF - prefs.js..browser.search.defaulturl: "http://websearch.mocaflix.com/?l=1&q="
FF - prefs.js..browser.search.order.1: "WebSearch"
FF - prefs.js..browser.search.order.1,S: S", "WebSearch"
FF - prefs.js..browser.search.selectedEngine: "WebSearch"
FF - prefs.js..browser.search.selectedEngine,S: S", "WebSearch"
FF - prefs.js..browser.startup.homepage: "www.facebook.com"
FF - prefs.js..extensions.enabledAddons: testpilot%40labs.mozilla.com:1.2.2
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - prefs.js..keyword.URL: "http://websearch.mocaflix.com/?l=1&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@funwebproducts.com/Plugin: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@SmileyCentral_1v.com/Plugin: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2013.01.11 21:24:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.02.06 14:35:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012.10.15 18:33:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Branka\Application Data\Mozilla\Extensions
[2013.01.30 12:44:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Branka\Application Data\Mozilla\Firefox\Profiles\05nfzp1o.default\extensions
[2013.01.11 21:18:51 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Branka\Application Data\Mozilla\Firefox\Profiles\05nfzp1o.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.01.30 12:44:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Branka\Application Data\Mozilla\Firefox\Profiles\lmmc95yr.default\extensions
[2012.10.15 18:41:26 | 000,621,521 | ---- | M] () (No name found) -- C:\Documents and Settings\Branka\Application Data\Mozilla\Firefox\Profiles\05nfzp1o.default\extensions\[email protected]
[2012.11.22 13:27:38 | 000,002,335 | ---- | M] () -- C:\Documents and Settings\Branka\Application Data\Mozilla\Firefox\Profiles\05nfzp1o.default\searchplugins\askcom.xml
[2012.12.11 08:59:25 | 000,000,544 | ---- | M] () -- C:\Documents and Settings\Branka\Application Data\Mozilla\Firefox\Profiles\05nfzp1o.default\searchplugins\WebSearch.xml
[2013.01.30 12:44:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.02.06 14:35:50 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.10.11 02:05:38 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.11 02:05:38 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2008.04.14 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Basp] C:\Documents and Settings\Branka\Tracing\Basp\Basp.exe (UniverzalSoft)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - Reg Error: Key error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6...tall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.7...tall-1_7_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6...tall-1_6_0_24-windows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94CBADAD-D71D-4A14-B912-066C197E0DFC}: NameServer = 192.168.20.254 192.168.10.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\docume~1\alluse~1\applic~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll) - c:\Documents and Settings\All Users\Application Data\Browser Manager\2.6.1123.78\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Branka\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Branka\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.08.19 15:29:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012.08.24 05:10:12 | 000,000,090 | ---- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{c3bcd436-abab-11df-a0b0-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{c3bcd436-abab-11df-a0b0-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c3bcd436-abab-11df-a0b0-806d6172696f}\Shell\AutoRun\command - "" = E:\DVDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013.02.06 19:58:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2013.02.06 19:58:07 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2013.02.06 19:58:04 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2013.01.31 06:02:23 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Branka\Start Menu\Programs\Startup-Disabled
[2013.01.30 10:16:47 | 000,000,000 | ---D | C] -- C:\Program Files\GameTap Web Player
[2013.01.30 10:16:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\GameTap Web Player
[2013.01.30 10:09:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Glary Utilities
[2013.01.30 10:08:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Branka\Application Data\GlarySoft
[2013.01.30 10:08:56 | 000,000,000 | ---D | C] -- C:\Program Files\Glary Utilities
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013.02.13 09:40:40 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.02.13 09:39:29 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2013.02.13 09:39:22 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\Express FilesUpdate.job
[2013.02.13 09:38:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.02.13 09:38:57 | 000,219,120 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2013.02.13 05:58:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.02.13 05:51:46 | 000,192,184 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.02.12 22:11:29 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.02.10 11:13:03 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013.02.10 11:13:02 | 000,140,288 | ---- | M] () -- C:\Documents and Settings\Branka\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.02.09 16:38:01 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.02.08 11:01:06 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.02.08 11:01:06 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.02.06 19:58:08 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013.02.06 13:27:22 | 000,000,765 | ---- | M] () -- C:\Documents and Settings\Branka\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk
[2013.02.02 07:37:16 | 000,002,100 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2013.01.31 12:47:54 | 000,000,520 | ---- | M] () -- C:\Documents and Settings\Branka\Desktop\Shortcut to net.lnk
[2013.01.31 05:50:00 | 000,000,000 | ---- | M] () -- C:\WINDOWS\ativpsrm.bin
[2013.01.29 12:33:05 | 000,395,530 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.01.29 12:33:05 | 000,059,644 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.01.26 04:55:44 | 000,552,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013.02.06 19:58:08 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013.02.06 13:27:22 | 000,000,765 | ---- | C] () -- C:\Documents and Settings\Branka\Application Data\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk
[2013.01.31 12:47:54 | 000,000,520 | ---- | C] () -- C:\Documents and Settings\Branka\Desktop\Shortcut to net.lnk
[2013.01.31 05:50:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013.01.30 10:09:04 | 000,000,314 | ---- | C] () -- C:\WINDOWS\tasks\GlaryInitialize.job
[2012.12.01 12:46:07 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.11.29 14:07:59 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dat
[2012.02.15 14:39:03 | 000,000,052 | ---- | C] () -- C:\WINDOWS\mafosav.INI
[2011.04.21 11:32:47 | 000,007,207 | R--- | C] () -- C:\WINDOWS\Disktool.INI
[2011.04.21 11:32:47 | 000,006,399 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
[2011.04.21 11:32:47 | 000,003,677 | R--- | C] () -- C:\WINDOWS\PlaySnd.INI
[2011.04.12 17:50:35 | 000,000,120 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2011.02.26 13:55:46 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.11.21 15:56:25 | 000,140,288 | ---- | C] () -- C:\Documents and Settings\Branka\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2010.08.19 23:54:01 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012.08.30 21:29:36 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.08.12 19:33:43 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 122 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:373E1720
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >
Pokrenula sam taj program i izbacilo mi je ovo..e sad gledala ja u to ili u zid isto mi dode jaoj muke kad zelis nesto da znas a ne znas zato nastavljam sa interesovanjem..guglovanjem..edukacijom pa valjda ce nesto da ispadne :)
 
0

kristi1

Član broj: 151211
Poruke: 2012
*.dynamic.isp.telekom.rs.

Sajt: www.mycity.rs/Ambulanta


+88 Profil

icon Re: Kako mi čitaju poruke sa harddiska??13.02.2013. u 10:05 - pre 136 meseci
Pokreni OTL

U beli okvir prozora gde piše Custom Scans/Fixes iskopiraj sledeci tekst:

Code:
:OTL
IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.mocaflix.com/?l=1&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?aff...a0bf92000000000000001485ca23d8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com/?aff...a0bf92000000000000001485ca23d8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://websearch.mocaflix.com/
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={...a0bf92000000000000001485ca23d8
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redir...ms}&locale=&apn_ptnrs=^RY&apn_dtid=^YYYYYY^V2^RS&apn_uid=383823f8-d898-450e-bd58-14f538abf91a&apn_sauid=99050740-A087-4304-9F75-317E4A5A61BB
IE - HKCU\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebsearch.com/...sb&searchfor={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q...ourceid=ie7&rlz=1I7ADFA_en
IE - HKCU\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = http://www.searchqu.com/web?src=ieb&q={SearchTerms}
IE - HKCU\..\SearchScopes\{8B63A8D6-BBED-4341-8867-790E5F524C96}: "URL" = http://mystart.hiyo.com/?search={searchTerms}&loc=ie_search
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/Resu...rchSource=4&ctid=CT2405280
IE - HKCU\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://websearch.mocaflix.com/?l=1&q={searchTerms}
FF - prefs.js..browser.search.defaultenginename: "WebSearch"
FF - prefs.js..browser.search.defaultenginename,S: S", "WebSearch"
FF - prefs.js..browser.search.defaulturl: "http://websearch.mocaflix.com/?l=1&q="
FF - prefs.js..browser.search.order.1: "WebSearch"
FF - prefs.js..browser.search.order.1,S: S", "WebSearch"
FF - prefs.js..browser.search.selectedEngine: "WebSearch"
FF - prefs.js..browser.search.selectedEngine,S: S", "WebSearch"
FF - prefs.js..keyword.URL: "http://websearch.mocaflix.com/?l=1&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O33 - MountPoints2\{c3bcd436-abab-11df-a0b0-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{c3bcd436-abab-11df-a0b0-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c3bcd436-abab-11df-a0b0-806d6172696f}\Shell\AutoRun\command - "" = E:\DVDSetup.exe
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - Reg Error: Key error. File not found

:commands
[CREATERESTOREPOINT]
[emptytemp]


Klikni taster Run Fix;


Log koji dobiješ iskopiraj ovde u poruci.





Korak2.



Preuzmi na desktop AdwCleaner sa donjeg linka:
http://general-changelog-team....-outils-de-xplode/2-adwcleaner


Pokreni program i klikni tab Delete.

Svaki sledeci klik je OK do restarta racunara.

Imaces izvbestaj koji ce se otvoriti u Notepad-u posle restarta, posalji ga na uvid.
 
0

djoka_l
Beograd

Član broj: 56075
Poruke: 3453

Jabber: djoka_l


+1462 Profil

icon Re: Kako mi čitaju poruke sa harddiska??13.02.2013. u 10:10 - pre 136 meseci
Hmm, a ima starovan i C:\Documents and Settings\Branka\Tracing\Basp\Basp.exe
Rekao bih da je to keylogger.
 
+1

kristi1

Član broj: 151211
Poruke: 2012
*.dynamic.isp.telekom.rs.

Sajt: www.mycity.rs/Ambulanta


+88 Profil

icon Re: Kako mi čitaju poruke sa harddiska??13.02.2013. u 10:22 - pre 136 meseci
Jbte zar je moguce da ga nisam ubacio, cccc

Tako je to kad te cimaju na mob a gledas log, nece i jedno i drugo :D



OK sredicemo ga u drugom prolazu.






Branka, uradi sledece:


Preuzmi programSystemLook sa ovog ili ovog linka na Desktop;

[list][*]Dvoklikom pokreni SystemLook;


- U beli okvir prozora iskopirati sledeći tekst:

Code:

:file 
C:\Documents and Settings\Branka\Tracing\Basp\Basp.exe



[*]Klikni taster Look;


Po završetku rada programa priloži uz poruku file SystemLook.txt koji će se nalaziti na Desktop-u korišćenjem opcije Prikači Fajl.[/list]
 
0

agasoft
Aleksandar Đurić
Tražim posao...
Beograd

Član broj: 43804
Poruke: 2249
*.com
Via: [es] mailing liste

Jabber: agasoft


+126 Profil

icon Re: Kako mi čitaju poruke sa harddiska??13.02.2013. u 10:36 - pre 136 meseci
Ahaaa,
Pazi dečka, prilikom guglanja, nalateh na basp pro, domaća pamet, izgleda...
Da ne reklamiram ovde...
 
0

kristi1

Član broj: 151211
Poruke: 2012
*.dynamic.isp.telekom.rs.

Sajt: www.mycity.rs/Ambulanta


+88 Profil

icon Re: Kako mi čitaju poruke sa harddiska??13.02.2013. u 11:35 - pre 136 meseci
Ovako stoje stvari, jeste keylogger, decko te spijunirao.

Zanemari prethodnu poruku i uradi sledece:

Pokreni OTL

U beli okvir prozora gde piše Custom Scans/Fixes iskopiraj sledeci tekst:

Code:



:OTL
PRC - [2010.09.16 12:45:30 | 000,712,704 | ---- | M] (UniverzalSoft) -- C:\Documents and Settings\Branka\Tracing\Basp\Basp.exe
O4 - HKLM..\Run: [Basp] C:\Documents and Settings\Branka\Tracing\Basp\Basp.exe (UniverzalSoft)

:commands
[emptytemp]


Klikni taster Run Fix;

Log koji dobiješ iskopiraj ovde u poruci.





Odradi i prvi i ovaj drugi fix






Evo kako izgleda program






Postoji mogucnost deinstalacije, ali je stavio sifru pa ti nisi u prilici to da odradis.




https://www.virustotal.com/sr/...216592b8d38756f13db8/analysis/






Vazno!!!

Posle ovog ciscenja obavezno da promenis sve sifre na svim messenger-ima, FB, Skype, mail ... svuda te je spijunirao.
 
+1

iio
branka kojic
neradim
sombor

Član broj: 265396
Poruke: 7
*.dynamic.isp.telekom.rs.



Profil

icon Re: Kako mi čitaju poruke sa harddiska??13.02.2013. u 11:38 - pre 136 meseci
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\bProtector Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\BrowserMngr Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8B63A8D6-BBED-4341-8867-790E5F524C96}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B63A8D6-BBED-4341-8867-790E5F524C96}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
C:\Program Files\ConduitEngine\ConduitEngin0.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\ not found.
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D0F4A166-B8D4-48b8-9D63-80849FE137CB} scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0F4A166-B8D4-48b8-9D63-80849FE137CB}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c3bcd436-abab-11df-a0b0-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c3bcd436-abab-11df-a0b0-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c3bcd436-abab-11df-a0b0-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c3bcd436-abab-11df-a0b0-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c3bcd436-abab-11df-a0b0-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c3bcd436-abab-11df-a0b0-806d6172696f}\ not found.
File E:\DVDSetup.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65}\ not found.
========== COMMANDS ==========
Restore point Set: OTL Restore Point

[EMPTYTEMP]

User: All Users

User: Branka
->Temp folder emptied: 1041738 bytes
->Temporary Internet Files folder emptied: 429169 bytes
->Java cache emptied: 32643 bytes
->FireFox cache emptied: 70632637 bytes
->Flash cache emptied: 506 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33237 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2402044 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 115300 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 19705 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 139668 bytes

Total Files Cleaned = 72,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02132013_122933

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File\Folder C:\WINDOWS\temp\logishrd\LVPrcInj01.dll not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D0F4A166-B8D4-48b8-9D63-80849FE137CB} scheduled to be deleted on reboot.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0F4A166-B8D4-48b8-9D63-80849FE137CB}\ not found.
Dobila sam ovo i posle kada sam otisla na taj run fix racunar mi se sam resetovao sad cu preuzeti onaj program adw cleaner pa sledim uputstva :) drustvance zahvaljujuci vama jos cu ja postati i haker :))
 
0

kristi1

Član broj: 151211
Poruke: 2012
*.dynamic.isp.telekom.rs.

Sajt: www.mycity.rs/Ambulanta


+88 Profil

icon Re: Kako mi čitaju poruke sa harddiska??13.02.2013. u 11:42 - pre 136 meseci
Uradi prvo ovaj drugi fix, pa posle pokreni AdwCleaner.


Kakav crni hacker, seo je za tvoj racunar i instalirao Keylogger, za to moze krivicno da odgovara.
 
+2

iio
branka kojic
neradim
sombor

Član broj: 265396
Poruke: 7
*.dynamic.isp.telekom.rs.



Profil

icon Re: Kako mi čitaju poruke sa harddiska??13.02.2013. u 12:07 - pre 136 meseci
All processes killed
Error: Unable to interpret <Code:> in the current context!
========== OTL ==========
No active process named Basp.exe was found!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Basp not found.
File C:\Documents and Settings\Branka\Tracing\Basp\Basp.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Branka
->Temp folder emptied: 641722 bytes
->Temporary Internet Files folder emptied: 33175 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 2286671 bytes
->Flash cache emptied: 492 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 109792 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 3,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02132013_125913

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Odradila sam i taj drugi korak racunar se sam resetovao i sad pokrenem taj adw cleaner pa da vidimo sta ce biti
 
0

iio
branka kojic
neradim
sombor

Član broj: 265396
Poruke: 7
*.dynamic.isp.telekom.rs.



Profil

icon Re: Kako mi čitaju poruke sa harddiska??13.02.2013. u 12:22 - pre 136 meseci
Opet ja :) pokusacu da vise ne dosadujem sa pitanjima narocito Kristi 1 ne znam kako sve sam odradila ali nisam dosla do tog programa basp pro ali mi je sad mozzila drugacija tj.normalna kako treba da bude mislim da sad mogu menjati sifre ako nije uspelo vec cu ja to saznati ;)
 
0

kristi1

Član broj: 151211
Poruke: 2012
*.dynamic.isp.telekom.rs.

Sajt: www.mycity.rs/Ambulanta


+88 Profil

icon Re: Kako mi čitaju poruke sa harddiska??13.02.2013. u 12:36 - pre 136 meseci
Cekaj jos nismo zavrsili.

Pokreni ponovo OTL, klikni na Run scan i postavi mi svez log da pregledam definitivno.
 
0

newtesla
Aleksander Segedi
CEO / owner
Tim011 Digital doo
N 44.69344 - E 20.38175

Član broj: 147164
Poruke: 1532
178-223-9-10.dynamic.isp.telekom.rs.

Sajt: www.knjigovodja.in.rs


+404 Profil

icon Re: Kako mi čitaju poruke sa harddiska??13.02.2013. u 12:43 - pre 136 meseci
Možda je najpametnije da za početak odeš kod nekog VEOMA VEOMA SIGURNOG prijatelja, i:

-promeniš šifre
-uključiš FB autorizaciju putem telefona/SMS (čim probaš da se uloguješ, stigne ti SMS sa dodatnim kodom, a FB ti traži taj kod za nastavak)
-uključi Gmail autorizaciju u dva koraka.

I do daljnjeg idi samo sa mobilnog na FB.

=====

Probaću bez offtopic-a i Draga Saveta, ali: to što je tvoj =koji god da mu je status= učinio, je krivično kažnjivo delo!!! Ja bih te savetovao da ga ipak prijaviš policiji. No, odluka jeste tvoja, ali misli i na njegovu okolinu, i potencijalne buduće devojke.
Kad, tokom pravljenja Nes kafe, umesto da uzmeš mleko iz friza tamo ustvari staviš Nes konzervu - shvatiš koliko je multitasking za*ebana i pipava rabota :)
 
0

bakara
nBGd

SuperModerator
Član broj: 40157
Poruke: 16359



+2922 Profil

icon Re: Kako mi čitaju poruke sa harddiska??13.02.2013. u 13:32 - pre 136 meseci
Au bre sta ste iskopali devojci...ko bi ocekivao ovakav razvoj situacije.

A decko je krajnje bezobrazan.
Nažalost i kazna stvara naviku!
Nažalost i kazna izgrađuje stav!
 
0

plague
Software Developer
Auckland, NZ

Član broj: 46734
Poruke: 623
*.dynamic.isp.telekom.rs.



+373 Profil

icon Re: Kako mi čitaju poruke sa harddiska??13.02.2013. u 13:41 - pre 136 meseci
S obzirom da verovatno salje log file na mail, zar ne bi bilo zanimljivo pogledati koji je login info? Postoji verovatnoca da nije napravio nov mail nego da salje sam sebi. :D

Naravno, ne preporucujem logovanje na njegov mail jer je protivzakonito isto koliko i to njegovo spijuniranje.

Edit:typo

[Ovu poruku je menjao plague dana 13.02.2013. u 15:14 GMT+1]
 
0

[es] :: Zaštita :: Kako mi čitaju poruke sa harddiska??
(Zaključana tema (lock), by Goran Mijailovic)
Strane: 1 2

[ Pregleda: 8188 | Odgovora: 33 ] > FB > Twit

Postavi temu

Srodne teme
Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.