MyCity » Ambulanta -> Arhiva Ambulante » Moguc virus u kompjuteru

Moguc virus u kompjuteru

Napisano na dan: 18.8.2010

Moguc virus u kompjuteru
Sledeća strana Pagination

Idi na vrh

Poslao: 18 Avg 2010 10:33
Idi na vrh
offline
  • Banop  Male
  • Super građanin
  • Pridružio: 23 Maj 2009
  • Poruke: 1475

Preke koji dan pokusao sam da pokrenem jedan video fajl koji je po pretpostavci bio virus.
Nakon pokretanja fajla pojavila mi se poruka "Codec Error: Use Windows Media Player".
Nisam pokrenuo WMP ali sumnjam da je virus negde u kompjuteru.
Evo logova,


DDS (Ver_10-03-17.01) - NTFSx86
Run by Branislav at 10:31:03.75 on Wed 08/18/2010
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_21
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.957.409 [GMT 2:00]

AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

============== Running Processes ===============

F:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
F:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
F:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\spoolsv.exe
svchost.exe
svchost.exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\Program Files\CDBurnerXP\NMSAccessU.exe
F:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
F:\Program Files\Synaptics\SynTP\SynTPEnh.exe
F:\Program Files\FSC\TouchPad HotKey Utility\TouchPad_HotKey.exe
F:\Program Files\Common Files\Java\Java Update\jusched.exe
F:\WINDOWS\RTHDCPL.EXE
F:\WINDOWS\system32\rundll32.exe
F:\Program Files\COMODO\COMODO Internet Security\cfp.exe
F:\Program Files\Windows Live\Messenger\msnmsgr.exe
F:\WINDOWS\system32\ctfmon.exe
F:\WINDOWS\system32\sistray.exe
F:\Program Files\FSC\Wireless Utility\WirelessSelector.exe
F:\Documents and Settings\Branislav\Local Settings\Apps\2.0\YY3TRBZL.M8Q\0N7WX9T0.7JX\curs..tion_eee711038731a406_0004.0000_172b37d8269e5e48\CurseClient.exe
F:\Program Files\Moo0\SystemMonitor 1.59\SystemMonitor.exe
F:\Program Files\OpenOffice.org 3\program\soffice.exe
F:\Program Files\OpenOffice.org 3\program\soffice.bin
F:\Program Files\Windows Live\Contacts\wlcomm.exe
F:\Program Files\Opera\opera.exe
F:\Program Files\uTorrent\uTorrent.exe
F:\Documents and Settings\Branislav\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.rs/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - f:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - f:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - f:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - f:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - f:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [msnmsgr] "f:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [ctfmon.exe] f:\windows\system32\ctfmon.exe
mRun: [IMJPMIG8.1] "f:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [PHIME2002ASync] f:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] f:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [SMSERIAL] f:\program files\motorola\smserial\sm56hlpr.exe
mRun: [SynTPEnh] f:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [TouchPadHotKey] f:\program files\fsc\touchpad hotkey utility\TouchPad_HotKey.exe
mRun: [VIPv3_Auto_Update] f:\windows\vipv3\CheckForUpdates.exe
mRun: [Google Desktop Search] "f:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [SunJavaUpdateSched] "f:\program files\common files\java\java update\jusched.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [COMODO Internet Security] "f:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [Adobe Reader Speed Launcher] "f:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "f:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: f:\documents and settings\branislav\start menu\programs\startup\CurseClientStartup.ccip
StartupFolder: f:\docume~1\branis~1\startm~1\programs\startup\moo0sy~1.lnk - f:\program files\moo0\systemmonitor 1.59\SystemMonitor.exe
StartupFolder: f:\docume~1\branis~1\startm~1\programs\startup\openof~1.lnk - f:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: f:\docume~1\alluse~1\startm~1\programs\startup\utilit~1.lnk - f:\windows\system32\sistray.exe
StartupFolder: f:\docume~1\alluse~1\startm~1\programs\startup\wirele~1.lnk - f:\program files\fsc\wireless utility\WirelessSelector.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - f:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - f:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - f:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - f:\progra~1\common~1\skype\SKYPE4~1.DLL
AppInit_DLLs: f:\progra~1\google\google~1\goec62~1.dll f:\windows\system32\guard32.dll

================= FIREFOX ===================

FF - ProfilePath - f:\docume~1\branis~1\applic~1\mozilla\firefox\profiles\eul47fzn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs
FF - component: f:\documents and settings\branislav\application data\mozilla\firefox\profiles\eul47fzn.default\extensions\{6ac85730-7d0f-4de0-b3fa-21142dd85326}\platform\winnt\components\ColorZilla.dll
FF - plugin: f:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - f:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - f:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - f:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - f:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
f:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
f:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
f:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
f:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
f:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
f:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
f:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
f:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
f:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
f:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
f:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
f:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
f:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
f:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
f:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
f:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
f:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
f:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
f:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
f:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
f:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
f:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
f:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
f:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
f:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
f:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
f:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
f:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
f:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
f:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
f:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
f:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
f:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
f:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
f:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
f:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
f:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
f:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
f:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R1 cmderd;COMODO Internet Security Eradication Driver;f:\windows\system32\drivers\cmderd.sys [2010-6-1 15464]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;f:\windows\system32\drivers\cmdGuard.sys [2010-6-4 229312]
R1 cmdHlp;COMODO Internet Security Helper Driver;f:\windows\system32\drivers\cmdhlp.sys [2010-6-1 25240]
R2 cmdAgent;COMODO Internet Security Helper Service;f:\program files\comodo\comodo internet security\cmdagent.exe [2010-6-1 1778480]
R3 WinRing0_1_2_0;WinRing0_1_2_0;f:\program files\moo0\systemmonitor 1.59\WinRing0.sys [2010-8-10 14416]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;f:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 Ambfilt;Ambfilt;f:\windows\system32\drivers\Ambfilt.sys [2010-8-11 1691480]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;f:\program files\google\google desktop search\GoogleDesktop.exe [2010-7-23 30192]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;f:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

=============== Created Last 30 ================

2010-08-14 09:20:02 0 d-----w- f:\program files\Defraggler
2010-08-14 09:19:44 0 d-----w- f:\program files\CCleaner
2010-08-14 09:18:49 0 d-----w- f:\program files\Speccy
2010-08-13 21:52:46 0 d--h--w- F:\VritualRoot
2010-08-13 21:52:08 468081 ----a-w- f:\windows\system32\drivers\sfi.dat
2010-08-13 21:50:22 0 d-----w- f:\docume~1\alluse~1\applic~1\Comodo
2010-08-13 21:49:38 0 d-----w- f:\program files\COMODO
2010-08-13 21:47:30 0 d-----w- f:\docume~1\alluse~1\applic~1\Comodo Downloader
2010-08-13 21:46:08 0 d-----w- f:\windows\Internet Logs
2010-08-13 21:16:38 52 ----a-w- f:\windows\system32\ashttpstats.csv
2010-08-13 21:11:29 850 ----a-w- f:\documents and settings\branislav\Application DataProductTweaks.xml
2010-08-13 21:11:28 385 ----a-w- f:\documents and settings\branislav\Application Datauser_gensett.xml
2010-08-13 21:11:27 376 ----a-w- f:\documents and settings\branislav\Application Dataprivacy.xml
2010-08-13 21:05:21 0 d-----w- f:\docume~1\alluse~1\applic~1\BitDefender
2010-08-13 21:04:12 0 d-----w- f:\program files\common files\BitDefender
2010-08-13 11:13:56 0 d-----w- f:\program files\GRETECH
2010-08-13 11:09:59 0 d-----w- f:\docume~1\branis~1\applic~1\foobar2000
2010-08-13 11:09:49 0 d-----w- f:\program files\foobar2000
2010-08-12 13:23:22 0 d-----w- f:\docume~1\branis~1\applic~1\CursorArts
2010-08-12 12:58:22 0 d-----w- f:\docume~1\branis~1\applic~1\IconTweaker
2010-08-12 12:58:22 0 d-----w- f:\docume~1\alluse~1\applic~1\IconTweaker
2010-08-12 12:21:08 266360 ----a-w- f:\windows\system32\TweakUI.exe
2010-08-12 12:21:08 160217 ----a-w- f:\windows\system32\PowerToysLicense.rtf
2010-08-12 10:14:39 8192 -c--a-w- f:\windows\system32\dllcache\wshirda.dll
2010-08-12 10:14:39 8192 ----a-w- f:\windows\system32\wshirda.dll
2010-08-12 10:14:39 28160 -c--a-w- f:\windows\system32\dllcache\irmon.dll
2010-08-12 10:14:39 28160 ----a-w- f:\windows\system32\irmon.dll
2010-08-12 10:14:39 151552 -c--a-w- f:\windows\system32\dllcache\irftp.exe
2010-08-12 10:14:39 151552 ----a-w- f:\windows\system32\irftp.exe
2010-08-11 20:26:15 93718 ----a-w- f:\windows\VGAsetup.ini
2010-08-11 20:26:02 4984 ----a-w- f:\windows\system32\d3d9caps.dat
2010-08-11 20:25:57 65536 ------w- f:\windows\system32\SiSHook.dll
2010-08-11 20:25:57 110592 ------w- f:\windows\system32\TVMode.dll
2010-08-11 20:25:57 0 d-----w- f:\windows\SIS
2010-08-11 20:25:56 135168 ------w- f:\windows\system32\SiSApCom.dll
2010-08-11 20:25:56 0 d-----w- f:\program files\SiSUnin
2010-08-11 20:25:48 262144 ----a-w- f:\windows\system32\sistray.exe
2010-08-11 20:25:45 53248 ----a-w- f:\windows\system32\SiSPower.dll
2010-08-11 20:25:45 49152 ----a-w- f:\windows\InstFunc.exe
2010-08-11 20:25:45 196608 ----a-w- f:\windows\Progress.exe
2010-08-11 20:25:45 12288 ----a-w- f:\windows\InstFunc.dll
2010-08-11 20:24:46 0 d-----w- f:\program files\SiS VGA Utilities V3.90
2010-08-11 20:20:33 129781 ----a-w- f:\windows\system32\VGAunistlog.ini
2010-08-11 20:20:11 9728 ----a-w- f:\windows\system32\SiSPIns2.dll
2010-08-11 20:20:11 65536 ----a-w- f:\windows\system32\sis760.bin
2010-08-11 20:20:11 65536 ----a-w- f:\windows\system32\sis741.bin
2010-08-11 20:20:11 49152 ----a-w- f:\windows\system32\SiSBase.dll
2010-08-11 20:20:11 49152 ----a-w- f:\windows\system32\sis660.bin
2010-08-11 20:20:11 3984896 ----a-w- f:\windows\system32\sisgl770.dll
2010-08-11 20:20:11 3467776 -c--a-w- f:\windows\system32\dllcache\sisgrv.dll
2010-08-11 20:20:11 3467776 ----a-w- f:\windows\system32\sisgrv.dll
2010-08-11 20:20:11 258048 ----a-w- f:\windows\system32\SiSParse.dll
2010-08-11 20:20:11 19200 ----a-w- f:\windows\system32\drivers\srvkp.sys
2010-08-11 20:20:11 172032 ----a-w- f:\windows\system32\SiSInst.dll
2010-08-11 20:10:31 359016 ----a-w- f:\windows\vncutil.exe
2010-08-11 20:10:30 52840 ----a-w- f:\windows\system32\RtkCoInstXP.dll
2010-08-11 20:10:30 129640 ----a-w- f:\windows\RtkAudioService.exe
2010-08-11 20:10:27 1395800 ----a-w- f:\windows\system32\drivers\Monfilt.sys
2010-08-11 20:10:25 1691480 ----a-w- f:\windows\system32\drivers\Ambfilt.sys
2010-08-11 19:57:38 0 d-----w- f:\docume~1\branis~1\applic~1\WinBatch
2010-08-11 19:47:11 1066176 ----a-w- f:\windows\system32\MSCOMCTL.OCX
2010-08-11 19:44:17 58208 ----a-w- f:\windows\system32\wsimd.sys
2010-08-11 19:44:17 58208 ----a-w- f:\windows\system32\drivers\wsimd.sys
2010-08-11 19:44:17 5361 ----a-w- f:\windows\system32\wsimdp.inf
2010-08-11 19:44:17 42475 ----a-w- f:\windows\system32\wsimdp.cat
2010-08-11 19:44:17 42065 ----a-w- f:\windows\system32\wsimd.cat
2010-08-11 19:44:17 2179 ----a-w- f:\windows\system32\wsimd.inf
2010-08-11 19:44:04 1585728 ----a-w- f:\windows\system32\drivers\athw.sys
2010-08-11 19:44:04 0 d-----w- f:\program files\Atheros
2010-08-11 19:43:43 0 d-----w- f:\docume~1\alluse~1\applic~1\Atheros
2010-08-11 19:32:55 237568 ----a-w- f:\windows\system32\sm56co76.dll
2010-08-11 19:25:46 0 d-----w- f:\docume~1\branis~1\applic~1\Easeware
2010-08-11 19:25:25 0 d-----w- f:\program files\Easeware
2010-08-11 19:20:54 0 d-----w- f:\program files\MP3Gain
2010-08-11 14:15:18 59392 ----a-w- f:\windows\UnDeploy.exe
2010-08-10 14:11:11 0 d-----w- f:\program files\Moo0
2010-08-10 12:41:27 0 d-----w- f:\docume~1\alluse~1\applic~1\Alwil Software
2010-08-10 12:04:28 0 d-----w- f:\docume~1\branis~1\applic~1\FireShot
2010-08-08 15:24:41 0 d-----w- f:\program files\Paint.NET
2010-07-31 08:29:14 0 d-----w- f:\windows\system32\GroupPolicy
2010-07-30 21:40:48 0 d-----w- f:\docume~1\branis~1\applic~1\OpenOffice.org
2010-07-22 12:41:52 0 d--h--w- f:\windows\PIF
2010-07-22 12:38:15 0 d-----w- f:\program files\uTorrent
2010-07-22 12:37:56 0 d-----w- f:\docume~1\branis~1\applic~1\uTorrent
2010-07-22 04:56:02 215920 ----a-w- f:\windows\system32\muweb.dll
2010-07-22 04:56:01 274288 ----a-w- f:\windows\system32\mucltui.dll
2010-07-22 04:56:01 16736 ----a-w- f:\windows\system32\mucltui.dll.mui
2010-07-21 10:24:51 0 d-----w- f:\docume~1\branis~1\applic~1\CheckPoint
2010-07-21 10:24:29 4212 ---ha-w- f:\windows\system32\zllictbl.dat
2010-07-21 10:12:34 0 d-----w- f:\docume~1\alluse~1\applic~1\Messenger Plus!
2010-07-21 10:12:09 0 d-----w- f:\program files\Messenger Plus! Live
2010-07-21 09:48:44 0 d-----w- f:\documents and settings\branislav\Tracing
2010-07-21 09:45:57 0 d-----w- f:\program files\Microsoft
2010-07-21 09:45:40 0 d-----w- f:\program files\Windows Live SkyDrive
2010-07-21 09:40:26 0 d-----w- f:\program files\common files\Windows Live
2010-07-21 08:34:02 0 d-----w- f:\program files\common files\Blizzard Entertainment

==================== Find3M ====================

2010-07-17 03:00:04 423656 ----a-w- f:\windows\system32\deployJava1.dll
2010-07-06 11:32:16 64567 ----a-w- f:\windows\BricoPackUninst.cmd
2010-07-06 11:32:16 6120 ----a-w- f:\windows\BricoPackFoldersDelete.cmd
2010-07-06 11:32:15 218624 ----a-w- f:\windows\system32\uxtheme.dll
2010-07-05 17:01:33 21640 ----a-w- f:\windows\system32\emptyregdb.dat
2010-06-30 12:31:35 149504 ----a-w- f:\windows\system32\schannel.dll
2010-06-24 12:10:44 81920 ----a-w- f:\windows\system32\ieencode.dll
2010-06-24 12:10:44 667136 ----a-w- f:\windows\system32\wininet.dll
2010-06-23 13:44:04 1851904 ----a-w- f:\windows\system32\win32k.sys
2010-06-21 15:27:11 354304 ----a-w- f:\windows\system32\drivers\srv.sys
2010-06-17 14:03:00 80384 ----a-w- f:\windows\system32\iccvid.dll
2010-06-14 07:41:45 1172480 ----a-w- f:\windows\system32\msxml3.dll
2010-06-08 15:16:38 84584 ----a-w- f:\windows\SOUNDMAN.EXE
2010-06-08 15:16:38 1833576 ----a-w- f:\windows\SkyTel.exe
2010-06-08 15:16:32 9721960 ----a-w- f:\windows\RTLCPL.EXE
2010-06-08 15:16:32 1489512 ----a-w- f:\windows\RtlUpd.exe
2010-06-08 15:16:20 19552872 ----a-w- f:\windows\RTHDCPL.EXE
2010-06-08 15:16:14 2180712 ----a-w- f:\windows\MicCal.exe
2010-06-08 15:16:08 64104 ----a-w- f:\windows\ALCMTR.EXE
2010-06-08 15:16:08 2815592 ----a-w- f:\windows\ALCWZRD.EXE
2010-06-01 17:00:52 278288 ----a-w- f:\windows\system32\guard32.dll

============= FINISH: 10:33:22.12 ===============



https://www.mycity.rs/must-login.png

Poslao: 18 Avg 2010 11:35
Idi na vrh
offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Pozdrav i dobro dosao u Ambulantu MyCity foruma.




Ispratio si samo delimicno Uputstvo za otvaranje teme sa ovog link-a:
-> http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Potrebno je da ispratis jos jedan korak (Korak #3: iz uputstva) i da postavis potrebne log-ove.






goran9888 (AMF Tim)

Poslao: 18 Avg 2010 15:56
Idi na vrh
offline
  • Banop  Male
  • Super građanin
  • Pridružio: 23 Maj 2009
  • Poruke: 1475

Evo i preostalih logova

https://www.mycity.rs/must-login.png
https://www.mycity.rs/must-login.png
https://www.mycity.rs/must-login.png

Poslao: 18 Avg 2010 23:33
Idi na vrh
offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Log-ovi su cisti.
Problem sa tim file-om nije vezan za malware.




Hvala sto verujes AMF Timu. Ziveli



Pozdrav,
goran9888 (AMF Tim)

MyCity » Ambulanta -> Arhiva Ambulante » Moguc virus u kompjuteru

Ko je trenutno na forumu
 

Ukupno su 945 korisnika na forumu :: 16 registrovanih, 3 sakrivenih i 926 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: brundo65, dragoljub11987, goxin, havoc995, ILGromovnik, Insan, JOntra, Koridor, kovac9mm, Krvava Devetka, kybonacci, pein, radionica1, sasa76, wizzardone, šumar bk2