MyCity » Ambulanta -> Arhiva Ambulante » Kako da se rijesim virusa

Kako da se rijesim virusa

Napisano na dan: 13.4.2008

Kako da se rijesim virusa

Sledeća strana

Pagination

Zaključano

slajad Poslao: 13 Apr 2008 15:27 Idi na vrh
offline slajad Građanin Pridružio: 26 Apr 2007 Poruke: 34	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:22:57, on 13.4.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\DU Meter\DUMeterSvc.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\fireserv\Apache\bin\Apache.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\fireserv\mysql\bin\mysqld-nt.exe C:\fireserv\Apache\bin\Apache.exe C:\Program Files\Opera\Opera.exe C:\Documents and Settings\Dragan Sladoje\Desktop\HJT.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [Anti Trojan Elite] C:\Program Files\Anti Trojan Elite\TJEnder.exe :NO O4 - HKLM\..\Run: [TE_RegProtect] C:\Program Files\Anti Trojan Elite\TERegPct.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files\DU Meter\DUMeterSvc.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Fireserv - Apache Software Foundation - C:\fireserv\Apache\bin\Apache.exe O23 - Service: MySql - Unknown owner - c:\fireserv\mysql\bin\mysqld-nt.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- End of file - 6169 bytes

Profil

DEMIAN Poslao: 13 Apr 2008 15:43 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Koji virus? Šta, gde, kad i kako? Simptomi? Detekcija? Putanja detektovanog fajla? Info o problemu.. Ovo je forum - iznese se problem i predlaže rešenje.

Profil

slajad Poslao: 13 Apr 2008 17:27 Idi na vrh
offline slajad Građanin Pridružio: 26 Apr 2007 Poruke: 34	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imam virus u kompjuteru nod ga ne detektuje zove se sasa.exe.

Profil

DEMIAN Poslao: 13 Apr 2008 18:21 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok. Prvo privremeno zaustavi zaštitu tvog AV-a kao što je pokazano na linku ispod. [Link mogu videti samo ulogovani korisnici] Uključićeš je ponovo tek posle skeniranja ComboFix-om. Zatim skini ComboFix sa jedne od sledecih adresa na Desktop: [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

slajad Poslao: 13 Apr 2008 21:09 Idi na vrh
offline slajad Građanin Pridružio: 26 Apr 2007 Poruke: 34	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-04-13.1 - Dragan Sladoje 2008-04-13 21:01:43.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.258 [GMT 2:00] Running from: C:\Documents and Settings\Dragan Sladoje\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\vm26656.dll C:\WINDOWS\system32\ys00145.dll . ((((((((((((((((((((((((( Files Created from 2008-03-13 to 2008-04-13 ))))))))))))))))))))))))))))))) . 2008-04-13 15:03 . 2008-04-13 15:14 <DIR> d-------- C:\Program Files\Trojan Remover 2008-04-13 15:03 . 2008-04-13 15:03 <DIR> d-------- C:\Documents and Settings\Dragan Sladoje\Application Data\Simply Super Software 2008-04-13 10:49 . 2008-04-13 10:51 <DIR> d-------- C:\Program Files\AnswerWorks 4.0 2008-04-13 10:44 . 2008-04-13 10:52 <DIR> d-------- C:\Program Files\AutoCAD 2007 2008-04-13 10:44 . 2008-04-13 11:06 <DIR> d-------- C:\Documents and Settings\Dragan Sladoje\Application Data\Autodesk 2008-04-13 10:44 . 2008-04-13 10:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Autodesk 2008-04-13 10:39 . 2008-04-13 10:52 <DIR> d-------- C:\Program Files\Common Files\Autodesk Shared 2008-04-13 10:39 . 2008-04-13 10:39 <DIR> d-------- C:\Program Files\Autodesk 2008-04-12 11:11 . 2008-04-13 19:34 <DIR> d-------- C:\Program Files\Anti Trojan Elite 2008-04-07 15:55 . 2006-10-05 16:22 24,072 --a------ C:\WINDOWS\system32\uxtuneup.dll 2008-04-04 17:26 . 2008-04-04 17:26 38 --a------ C:\WINDOWS\avisplitter.INI 2008-03-23 18:13 . 2008-04-03 16:53 <DIR> d-------- C:\Program Files\Sybase 2008-03-23 11:02 . 2008-04-07 16:00 <DIR> d-------- C:\Program Files\Rapid-USD NoCaptcha -Th3zone.com Sep2007 2008-03-23 01:01 . 2008-03-23 01:01 31 --a------ C:\WINDOWS\idc.ini 2008-03-23 00:58 . 2008-04-07 16:00 <DIR> d-------- C:\Program Files\USD.1.3.4.9 2008-03-20 16:10 . 2007-11-30 00:30 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2008-03-20 16:10 . 2008-01-10 14:15 755,027 --a------ C:\WINDOWS\system32\xvidcore.dll 2008-03-20 16:10 . 2007-12-24 14:49 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll 2008-03-20 16:10 . 2007-07-10 18:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest 2008-03-18 21:13 . 2008-03-18 21:13 <DIR> d-------- C:\Program Files\Smart Projects 2008-03-18 13:22 . 2008-03-18 13:22 33 --a------ C:\WINDOWS\SYMGAMES.INI 2008-03-16 16:03 . 2008-03-16 16:03 <DIR> d-------- C:\Program Files\Windows Live 2008-03-16 00:01 . 2008-04-09 16:10 <DIR> d-------- C:\Program Files\DU Meter 2008-03-16 00:01 . 2008-03-16 00:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Hagel Technologies . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-04-13 17:31 --------- d-----w C:\Program Files\The KMPlayer 2008-04-13 13:05 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-04-08 20:41 --------- d-----w C:\Documents and Settings\Dragan Sladoje\Application Data\uTorrent 2008-04-07 17:40 --------- d-----w C:\Program Files\Bit Che 2008-04-07 13:56 --------- d-----w C:\Program Files\TuneUp Utilities 2006 2008-04-03 14:53 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-03-28 14:46 --------- d-----w C:\Program Files\ESET 2008-03-24 17:55 --------- d-----w C:\Program Files\Total Video Converter 2008-03-20 14:11 --------- d-----w C:\Program Files\K-Lite Codec Pack 2008-03-20 14:08 --------- d-----w C:\Program Files\Common Files\Real 2008-03-16 14:03 --------- d-----w C:\Program Files\MSN Messenger 2008-03-16 14:03 --------- d-----w C:\Program Files\Messenger Plus! Live 2008-03-14 20:43 --------- d-----w C:\Program Files\Java 2008-03-09 19:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Frag great bend logo 2008-03-09 09:39 737,280 ----a-w C:\WINDOWS\iun6002.exe 2008-03-06 19:34 --------- d-----w C:\Program Files\uTorrent 2008-03-01 10:38 --------- d-----w C:\Program Files\Hmonitor 2008-02-23 22:54 --------- d-----w C:\Documents and Settings\Dragan Sladoje\Application Data\ESET 2008-02-23 22:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET 2008-02-23 22:39 --------- d-----w C:\Program Files\Opera 2008-02-22 08:39 --------- d-----w C:\Program Files\Common Files\Adobe 2008-02-14 11:08 --------- d-----w C:\Documents and Settings\Dragan Sladoje\Application Data\Media Player Classic 2007-10-29 12:54 524 ----a-w C:\Program Files\Shortcut to nocompu.lnk 2004-09-23 22:56 3,730 ----a-w C:\Program Files\SP28818.cva 2004-07-29 04:11 796 ----a-w C:\Program Files\smwdms.txt 2004-07-29 04:11 552 ----a-w C:\Program Files\WSsmwdms.txt 2004-07-20 22:52 11,537 ----a-w C:\Program Files\smx.cat 2004-07-16 21:57 60,420 ----a-w C:\Program Files\smwdmCH4.inf 2004-01-14 22:33 74 ----a-w C:\Program Files\data.tag 2004-01-14 19:20 65,096 ----a-w C:\Program Files\data1.hdr 2004-01-14 19:20 512 ----a-w C:\Program Files\data2.cab 2004-01-14 19:20 495 ----a-w C:\Program Files\layout.bin 2004-01-14 19:20 1,265,100 ----a-w C:\Program Files\data1.cab 2004-01-13 23:40 612,032 ----a-w C:\Program Files\smwdm.sys 2003-12-19 22:59 239,567 ----a-w C:\Program Files\setup.inx 2003-04-08 17:30 3,744 ----a-w C:\Program Files\smsens.sys 2003-01-17 21:25 10,880 ----a-w C:\Program Files\WDMSTUB.sys 2002-07-25 22:07 346,602 ----a-w C:\Program Files\ikernel.ex_ 2002-06-19 22:26 40,960 ----a-w C:\Program Files\AEEnable.exe 2002-04-22 19:40 45,056 ----a-w C:\Program Files\adminchk.dll 2002-04-01 20:15 4,816 ----a-w C:\Program Files\AEAUDIO.sys 2002-03-29 01:40 308,278 ----a-w C:\Program Files\win256_3.bmp 2002-03-27 00:53 308,276 ----a-w C:\Program Files\SoundMAX.bmp 2002-03-11 23:10 1,078 ----a-w C:\Program Files\SMax3CP.ico 2001-11-19 21:42 7 ----a-w C:\Program Files\nocompi.txt 2001-11-19 21:42 6 ----a-w C:\Program Files\nocompu.txt 2001-10-26 00:40 401 ----a-w C:\Program Files\Setup.ini 2001-10-26 00:40 1,768 ----a-w C:\Program Files\setup.iss 2001-10-04 22:49 36,352 ----a-w C:\Program Files\install.exe 2001-10-03 20:14 381,200 ----a-w C:\Program Files\migrate.dll 2001-09-19 20:32 720,896 ----a-w C:\Program Files\a3d.dll 2001-08-24 22:45 61,440 ----a-w C:\Program Files\RemADI.exe 2001-08-16 00:08 377,856 ----a-w C:\Program Files\269601USA8.EXE 2000-05-15 16:08 134,656 ----a-w C:\Program Files\Setup.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-17 04:04 139264] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 10:06 1667584] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2007-08-12 11:02 103712] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 12:43 2097488] "DU Meter"="C:\Program Files\DU Meter\DUMeter.exe" [2007-10-17 21:23 979968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-13 00:40 155648] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 09:47 31016] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24 286720] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-12-21 09:21 1443072] "Anti Trojan Elite"="C:\Program Files\Anti Trojan Elite\TJEnder.exe" [2008-03-06 20:26 3562496] "TE_RegProtect"="C:\Program Files\Anti Trojan Elite\TERegPct.exe" [2003-12-07 01:42 781824] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:56 15360] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "C:\\Documents and Settings\\Dragan Sladoje\\My Documents\\Faks\\eclipse-europa\\eclipse\\eclipse.exe"= R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-12-21 09:21] R2 DUMeterSvc;DU Meter Service;C:\Program Files\DU Meter\DUMeterSvc.exe [2007-10-15 15:19] R2 Fireserv;Fireserv;"C:\fireserv\Apache\bin\Apache.exe" -k runservice [] R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2004-08-04 00:56] R3 ATE_PROCMON;ATE_PROCMON;C:\Program Files\Anti Trojan Elite\ATEPMon.sys [2004-09-10 04:05] R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;"C:\Program Files\MSN Messenger\usnsvc.exe" [2007-01-19 21:54] S2 EsetNod32Fix;Nod32 AV;C:\WINDOWS\Regedit.exe [2004-08-04 00:56] S3 ES-620;Edisonsoft ES-620 USB Infrared Adapter;C:\WINDOWS\system32\DRIVERS\ES-620.sys [2003-04-17 11:42] S3 SQLWriter;SQL Server VSS Writer;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2005-10-14 12:53] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-31 02:57] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-31 02:58] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-31 02:59] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0d8dc9eb-8e2b-11dc-9730-00112f6e3860}] \Shell\AutoOpen\command - .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{251f9c3f-e247-11dc-97b8-00112f6e3860}] \Shell\AutoOpen\command - F:\.\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5317cacb-07b7-11dc-9636-00112f6e3860}] \Shell\AutoOpen\command - F:\.\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a93d5b21-eba0-11dc-97d4-00112f6e3860}] \Shell\AutoOpen\command - F:\.\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\MSOCache\90000804-6000-11D3-8CFE-0150048383C9\KB915865.exe Newly Created Service - CATCHME . Contents of the 'Scheduled Tasks' folder "2008-04-11 16:38:57 C:\WINDOWS\Tasks\1-Click Maintenance.job" - C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe . ************************************************************************ catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2008-04-13 21:04:43 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\DUMeterSvc] "ImagePath"="C:\Program Files\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService" . Completion time: 2008-04-13 21:06:27 ComboFix-quarantined-files.txt 2008-04-13 19:06:04 Pre-Run: 4,082,192,384 bytes free Post-Run: 4,071,641,088 bytes free

Profil

DEMIAN Poslao: 13 Apr 2008 22:40 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Citat:2008-03-23 11:02 . 2008-04-07 16:00 <DIR> d-------- C:\Program Files\Rapid-USD NoCaptcha -Th3zone.com Sep2007 Ne posećuj i ne skidaj programe sa Th3zone.com i sličnih sajtova/foruma i nećeš imati viruse. Ako se pojavi sasa.exe obriši ga AV-om. Toliko od mene.. Citat:6. Svako onaj koji se zarazio svojom krivicom (posete sajtovima sa p0rn0grafijom, w@rezom, cr@ckovima, koriscenje P2P programa...) nek prvo pomogne sam sebi da se oslobodi losih navika. Zasto bi smo trosili svoje vreme na nekoga ko ce za kratko vreme ponovo da se zarazi? [Link mogu videti samo ulogovani korisnici] //lock

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Kako da se rijesim virusa

Ko je trenutno na forumu

Ukupno su 2524 korisnika na forumu :: 69 registrovanih, 5 sakrivenih i 2450 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 4783 - dana 08 Dec 2025 18:21

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 015, A.R.Chafee.Jr., acov34, Apok, avijacija, Belac91, blatruc82, bojan1234, casual03, cuculo, Dioniss, dj.ape, Djokislav, Drugsparrow, eagle.rs, gale48, Gall, Gitzherai, gobrad, goran.vvv, indja, Jakonjveliki, jarovitt, Jovan1983, kaskadija, kenny74, Kolimator, kolle.the.kid, Kubovac, Miki01, milan.tatanac1, mile.ilic75, MrNo, Nemanja.M, nesa1962, neutrino, Orc, ozzy, Paki, Paklenica, pceklic, Perudin_92, Rebel Frank, ruma, sistem22, Sky diver 29, sluga, ss10, sspp, stagezin, stokssone, Suva planina, TTN, tuf, ujke, VekiJ, Velizar Laro, vensla, Visionary, Voice1, Volkhov-M, VonDrobac, Vrač, vukajlo71, Wehicle, zhuki8, zivojin32, zlaya011, 79693

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by