MyCity » Ambulanta -> Arhiva Ambulante » Upomoc trojanac

Upomoc trojanac

Napisano na dan: 19.5.2008

Strana:
1
2

Upomoc trojanac

Sledeća strana

Pagination

Odgovori

Strana:
1
2

andrej007 Poslao: 19 Maj 2008 14:44 Idi na vrh
offline andrej007 Građanin Pridružio: 13 Jan 2008 Poruke: 40	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kompjuter mi je zarazen virusom po imenu Trojanski konj pa vas molim da mi pomognete da ga uklonim.......unapred hvala ))

Profil

helen1 Poslao: 19 Maj 2008 15:26 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ajde molim te isprati temu sa ovog linka: http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Profil

andrej007 Poslao: 20 Maj 2008 00:14 Idi na vrh
offline andrej007 Građanin Pridružio: 13 Jan 2008 Poruke: 40	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! sve po dogovoru..... Logfile of HijackThis v1.99.1 Scan saved at 00:10, on 2008-05-28 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Professional §©®ÎÞt v.3 Black\mirc.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\Opera\Opera.exe C:\Documents and Settings\Ivan\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = furka.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = resultsmaster.com/SmartOffers/Services/resu.....ftPane.htm R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] ~"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll (file missing) O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

Profil

helen1 Poslao: 20 Maj 2008 20:51 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imas li ti neki dokaz da si bio zarazen trojancem? Uradi ovo: Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

andrej007 Poslao: 20 Maj 2008 21:30 Idi na vrh
offline andrej007 Građanin Pridružio: 13 Jan 2008 Poruke: 40	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Znas kako - stalno mi se otvara prozor od antivirusa avast 4 home edition i kaze da je neki fajl zarazen virusom pod nazivom trojanski konj. dali mi mozes reci gde mogu da skinem neki dobar antivirus??? evo ga log od combo fix-a ComboFix 08-05-19.4 - Ivan 2008-05-28 21:23:15.5 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.207 [GMT 1:00] Running from: C:\Documents and Settings\Ivan\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Ivan\Application Data\ShoppingReport C:\Documents and Settings\Ivan\Application Data\ShoppingReport\cs\Config.xml C:\Documents and Settings\Ivan\Application Data\ShoppingReport\cs\db\Aliases.dbs C:\Documents and Settings\Ivan\Application Data\ShoppingReport\cs\db\Sites.dbs C:\Documents and Settings\Ivan\Application Data\ShoppingReport\cs\dwld\WhiteList.xip C:\Documents and Settings\Ivan\Application Data\ShoppingReport\cs\report\aggr_storage.xml C:\Documents and Settings\Ivan\Application Data\ShoppingReport\cs\report\send_storage.xml C:\Documents and Settings\Ivan\Application Data\ShoppingReport\cs\res1\WhiteList.dbs . ((((((((((((((((((((((((( Files Created from 2008-04-28 to 2008-05-28 ))))))))))))))))))))))))))))))) . 2008-05-28 21:20 . 2008-05-28 21:20 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb 2008-05-28 21:20 . 2008-05-28 21:20 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb 2008-05-18 17:22 . 2008-05-18 17:22 <DIR> d-------- C:\Program Files\PDFCreator Toolbar 2008-05-18 17:22 . 2008-05-18 17:22 264,097 --a------ C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_375.exe 2008-05-18 17:21 . 2008-05-18 17:22 <DIR> d-------- C:\Program Files\PDFCreator 2008-05-18 17:21 . 2004-03-09 01:00 662,288 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX 2008-05-18 17:21 . 1998-06-24 01:00 137,000 --a------ C:\WINDOWS\system32\MSMAPI32.OCX 2008-05-18 17:21 . 2001-10-28 17:42 116,224 --a------ C:\WINDOWS\system32\pdfcmnnt.dll 2008-05-18 17:21 . 1998-07-06 01:00 23,552 --a------ C:\WINDOWS\system32\MSMPIDE.DLL 2008-05-11 20:05 . 2008-05-14 10:00 <DIR> d-------- C:\Program Files\Three Rings Design 2008-05-11 19:52 . 2008-05-14 09:57 <DIR> d-------- C:\Program Files\Far Cry . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-28 19:30 --------- d-----w C:\Program Files\Windows Media Connect 2 2008-05-28 17:46 --------- d-----w C:\Program Files\Professional §©®ÎÞt v.3 Black 2008-05-11 18:55 --------- d-----w C:\Program Files\Java 2008-04-14 19:40 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-04-14 19:39 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe 2008-04-14 18:32 --------- d-----w C:\Program Files\Valve 2008-04-14 10:30 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-04-14 10:30 --------- d-----w C:\Program Files\Mv2Player 2008-04-14 10:30 --------- d-----w C:\Program Files\InterVideo 2008-04-14 10:29 --------- d-----w C:\Program Files\Common Files\InterVideo 2008-04-12 10:57 --------- d-----w C:\Program Files\sXe Injected 2008-04-12 10:57 --------- d-----w C:\Program Files\Return to Castle Wolfenstein 2008-04-11 21:42 --------- d--h--r C:\Documents and Settings\Ivan\Application Data\SecuROM 2008-04-11 21:29 --------- d-----w C:\Program Files\Electronic Arts 2008-04-11 20:09 --------- d-----w C:\Program Files\Sega 2008-04-11 19:58 --------- d-----w C:\Program Files\KONAMI 2008-04-03 22:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\WinZip 2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll 2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys 2007-12-24 13:07 22,328 ----a-w C:\Documents and Settings\Ivan\Application Data\PnkBstrK.sys . ------- Sigcheck ------- 2004-08-04 00:56 14336 8f078ae4ed187aaabc0a305146de6716 C:\WINDOWS\system32\svchost.exe 2004-08-04 00:56 14336 8f078ae4ed187aaabc0a305146de6716 C:\WINDOWS\system32\dllcache\svchost.exe 2004-08-04 00:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 C:\WINDOWS\system32\ws2_32.dll 2004-08-04 00:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 C:\WINDOWS\system32\dllcache\ws2_32.dll 2004-08-04 00:56 502272 01c3346c241652f43aed8e2149881bfe C:\WINDOWS\system32\winlogon.exe 2004-08-04 00:56 502272 01c3346c241652f43aed8e2149881bfe C:\WINDOWS\system32\dllcache\winlogon.exe 2004-08-03 23:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\dllcache\ndis.sys 2004-08-03 23:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\drivers\ndis.sys 2004-08-03 23:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\dllcache\ip6fw.sys 2004-08-03 23:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys 2007-06-13 11:23 1033216 97bd6515465659ff8f3b7be375b2ea87 C:\WINDOWS\explorer.exe 2007-06-13 12:26 1033216 7712df0cdde3a5ac89843e61cd5b3658 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe 2004-08-04 00:56 1032192 a0732187050030ae399b241436565e64 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe 2007-06-13 11:23 1033216 97bd6515465659ff8f3b7be375b2ea87 C:\WINDOWS\system32\dllcache\explorer.exe 2004-08-04 00:56 108032 c6ce6eec82f187615d1002bb3bb50ed4 C:\WINDOWS\system32\services.exe 2004-08-04 00:56 108032 c6ce6eec82f187615d1002bb3bb50ed4 C:\WINDOWS\system32\dllcache\services.exe 2004-08-04 00:56 13312 84885f9b82f4d55c6146ebf6065d75d2 C:\WINDOWS\system32\lsass.exe 2004-08-04 00:56 13312 84885f9b82f4d55c6146ebf6065d75d2 C:\WINDOWS\system32\dllcache\lsass.exe 2007-12-28 02:15 15360 24232996a38c0b0cf151c2140ae29fc8 C:\WINDOWS\system32\ctfmon.exe 2004-08-04 00:56 15360 24232996a38c0b0cf151c2140ae29fc8 C:\WINDOWS\system32\dllcache\ctfmon.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}] C:\Program Files\ShoppingReport\Bin\2.0.24\ShoppingReport.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2007-12-28 02:15 15360] "MsnMsgr"="~C:\Program Files\MSN Messenger\MsnMsgr.exe" [ ] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-16 02:53 103712] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2007-12-31 23:24 1694208] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [ ] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [ ] "Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ] "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-11-30 12:36 1945600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-09-04 00:15 4554752] "Samsung Common SM"="C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" [2008-01-16 06:34 372736] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-16 02:53 103712] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 00:19 79224] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-12-25 04:19 40048] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648] "WinFast Schedule"="C:\Program Files\WinFast\WFTVFM\WFWIZ.exe" [2006-04-27 16:18 344064] "UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.I420"= i263_32.drv "vidc.3ivx"= 3ivxVfWCodec.dll "vidc.3iv2"= 3ivxVfWCodec.dll "msacm.divxa32"= divxa32.acm "VIDC.HFYU"= huffyuv.dll "VIDC.i263"= i263_32.drv "msacm.imc"= imc32.acm "VIDC.VP31"= vp31vfw.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^SATARAID5.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SATARAID5.lnk backup=C:\WINDOWS\pss\SATARAID5.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon] --a------ 2004-09-04 00:15 4554752 C:\WINDOWS\system32\NvCpl.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter] --a------ 2004-09-04 00:15 86016 C:\WINDOWS\system32\NvMcTray.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz] --a------ 2004-09-04 00:15 921600 C:\WINDOWS\system32\nwiz.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] --a------ 2004-11-02 20:24 32768 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan] --a------ 2004-11-15 11:20 77824 C:\WINDOWS\SOUNDMAN.EXE [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VC7Player] C:\Program Files\HHVcdV7Sys\VC7Play.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule] --a------ 2006-04-27 16:18 344064 C:\Program Files\WinFast\WFTVFM\WFWIZ.exe [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\Program Files\\Professional §©®ÎÞt v.3 Black\\mirc.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\Valve\\hl.exe"= "C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "C:\\Program Files\\Valve\\hlds.exe"= "C:\\Program Files\\Opera\\Opera.exe"= "C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"= R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 00:20] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 00:16] R2 BT848;WinFast TV2000 XP WDM Video Capture;C:\WINDOWS\system32\drivers\wf2kvcap.sys [2006-04-20 14:50] R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;C:\WINDOWS\system32\drivers\wf2ktunr.sys [2006-04-20 15:20] R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;C:\WINDOWS\system32\drivers\wf2kxbar.sys [2006-04-20 14:49] R3 iadusb;MT882;C:\WINDOWS\system32\DRIVERS\glauiad.sys [2006-03-20 08:32] R3 WFIOCTL;WFIOCTL;C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS [2005-01-06 16:55] S1 vdrv7000;vdrv7000;C:\WINDOWS\system32\DRIVERS\vdrv7000.sys [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8254a0a9-9e4a-11dc-aa3e-806d6172696f}] \Shell\AutoRun\command - F:\ASUSACPI.exe Newly Created Service - CATCHME . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-05-28 21:25:03 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-05-28 21:26:24 ComboFix-quarantined-files.txt 2008-05-28 20:25:59 Pre-Run: 46,701,387,776 bytes free Post-Run: 47,565,639,680 bytes free 171 --- E O F --- 2008-05-23 14:43:04

Profil

helen1 Poslao: 20 Maj 2008 23:00 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovako: Spybot S&D's Teatimer Pokrenite Spybot S&D Kliknite Mode stavku u meniju Odaberite Advance Mode Na traci levo kliknite na Tools Kliknite na Resident Destiklirajte Resident Tea-Timer Zatvorite Spybot S&D Restartujte kompjuter. Nemojte zaboraviti da ponovo ukljucite ove opcije kada zavrsimo ciscenje. Zatim: Otvoriti Notepad i iskopirati sledeci tekst: `Registry:: [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{100EB1FD-D03E-47FD-81F3-EE91287F9465}]` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

andrej007 Poslao: 21 Maj 2008 22:53 Idi na vrh
offline andrej007 Građanin Pridružio: 13 Jan 2008 Poruke: 40	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ok odradicu ja sve to ali nemam taj program spybot ......gde mogu da ga skinem

Profil

helen1 Poslao: 22 Maj 2008 18:13 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Taj program vec imas instaliran. Pronadji ga u Start meniu i uradi kako sam ti sve gore napisao.

Profil

andrej007 Poslao: 22 Maj 2008 23:46 Idi na vrh
offline andrej007 Građanin Pridružio: 13 Jan 2008 Poruke: 40	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-05-19.4 - Ivan 2008-05-30 23:40:43.6 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.236 [GMT 1:00] Running from: C:\Documents and Settings\Ivan\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\Ivan\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-04-28 to 2008-05-30 ))))))))))))))))))))))))))))))) . 2008-05-30 23:31 . 2008-05-30 23:32 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy 2008-05-28 22:54 . 2008-05-28 22:54 <DIR> d-------- C:\WINDOWS\system32\Lang 2008-05-28 22:54 . 2008-05-28 22:54 940,794 --a------ C:\WINDOWS\system32\LoopyMusic.wav 2008-05-28 22:54 . 2008-05-28 22:54 146,650 --a------ C:\WINDOWS\system32\BuzzingBee.wav 2008-05-28 22:54 . 2008-05-30 16:20 60,416 --a------ C:\WINDOWS\ALCFDRTM.VER 2008-05-28 22:54 . 2008-05-28 22:54 60,416 --a------ C:\WINDOWS\ALCFDRTM.EXE 2008-05-28 21:20 . 2008-05-28 22:23 23,392 --a------ C:\WINDOWS\system32\nscompat.tlb 2008-05-28 21:20 . 2008-05-28 22:23 16,832 --a------ C:\WINDOWS\system32\amcompat.tlb 2008-05-18 17:22 . 2008-05-18 17:22 <DIR> d-------- C:\Program Files\PDFCreator Toolbar 2008-05-18 17:22 . 2008-05-18 17:22 264,097 --a------ C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_375.exe 2008-05-18 17:21 . 2008-05-18 17:22 <DIR> d-------- C:\Program Files\PDFCreator 2008-05-18 17:21 . 2004-03-09 01:00 662,288 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX 2008-05-18 17:21 . 1998-06-24 01:00 137,000 --a------ C:\WINDOWS\system32\MSMAPI32.OCX 2008-05-18 17:21 . 2001-10-28 17:42 116,224 --a------ C:\WINDOWS\system32\pdfcmnnt.dll 2008-05-18 17:21 . 1998-07-06 01:00 23,552 --a------ C:\WINDOWS\system32\MSMPIDE.DLL 2008-05-11 20:05 . 2008-05-14 10:00 <DIR> d-------- C:\Program Files\Three Rings Design 2008-05-11 19:52 . 2008-05-14 09:57 <DIR> d-------- C:\Program Files\Far Cry 2008-04-21 01:58 . 2008-05-28 20:30 <DIR> d-------- C:\Program Files\Windows Media Connect 2 2008-04-21 01:56 . 2008-05-28 22:21 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF 2008-04-13 22:42 . 2008-04-13 22:37 10,389,406 --ah----- C:\suzi__download.rar 2008-04-11 22:42 . 2008-04-11 22:42 <DIR> dr-h----- C:\Documents and Settings\Ivan\Application Data\SecuROM 2008-04-11 21:09 . 2008-04-11 21:09 <DIR> d-------- C:\Program Files\Sega 2008-04-11 20:58 . 2008-04-11 20:58 <DIR> d-------- C:\Program Files\KONAMI 2008-04-10 00:34 . 2008-04-10 00:36 2,503 --a------ C:\WINDOWS\MDVDP.Ini . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-30 22:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-05-30 21:41 --------- d-----w C:\Program Files\Professional §©®ÎÞt v.3 Black 2008-05-11 18:55 --------- d-----w C:\Program Files\Java 2008-04-14 19:40 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys 2008-04-14 19:39 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe 2008-04-14 18:32 --------- d-----w C:\Program Files\Valve 2008-04-14 10:30 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-04-14 10:30 --------- d-----w C:\Program Files\Mv2Player 2008-04-14 10:30 --------- d-----w C:\Program Files\InterVideo 2008-04-14 10:29 --------- d-----w C:\Program Files\Common Files\InterVideo 2008-04-12 10:57 --------- d-----w C:\Program Files\Return to Castle Wolfenstein 2008-04-11 21:29 --------- d-----w C:\Program Files\Electronic Arts 2008-04-03 22:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\WinZip 2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll 2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys 2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll 2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll 2008-02-16 08:59 659,456 ----a-w C:\WINDOWS\system32\wininet.dll 2007-12-24 13:07 22,328 ----a-w C:\Documents and Settings\Ivan\Application Data\PnkBstrK.sys . ------- Sigcheck ------- 2004-08-04 00:56 14336 8f078ae4ed187aaabc0a305146de6716 C:\WINDOWS\system32\svchost.exe 2004-08-04 00:56 14336 8f078ae4ed187aaabc0a305146de6716 C:\WINDOWS\system32\dllcache\svchost.exe 2004-08-04 00:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 C:\WINDOWS\system32\ws2_32.dll 2004-08-04 00:56 82944 2ed0b7f12a60f90092081c50fa0ec2b2 C:\WINDOWS\system32\dllcache\ws2_32.dll 2004-08-04 00:56 502272 01c3346c241652f43aed8e2149881bfe C:\WINDOWS\system32\winlogon.exe 2004-08-04 00:56 502272 01c3346c241652f43aed8e2149881bfe C:\WINDOWS\system32\dllcache\winlogon.exe 2004-08-03 23:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\dllcache\ndis.sys 2004-08-03 23:14 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\drivers\ndis.sys 2004-08-03 23:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\dllcache\ip6fw.sys 2004-08-03 23:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys 2007-06-13 11:23 1033216 97bd6515465659ff8f3b7be375b2ea87 C:\WINDOWS\explorer.exe 2007-06-13 12:26 1033216 7712df0cdde3a5ac89843e61cd5b3658 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe 2004-08-04 00:56 1032192 a0732187050030ae399b241436565e64 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe 2007-06-13 11:23 1033216 97bd6515465659ff8f3b7be375b2ea87 C:\WINDOWS\system32\dllcache\explorer.exe 2004-08-04 00:56 108032 c6ce6eec82f187615d1002bb3bb50ed4 C:\WINDOWS\system32\services.exe 2004-08-04 00:56 108032 c6ce6eec82f187615d1002bb3bb50ed4 C:\WINDOWS\system32\dllcache\services.exe 2004-08-04 00:56 13312 84885f9b82f4d55c6146ebf6065d75d2 C:\WINDOWS\system32\lsass.exe 2004-08-04 00:56 13312 84885f9b82f4d55c6146ebf6065d75d2 C:\WINDOWS\system32\dllcache\lsass.exe 2007-12-28 02:15 15360 24232996a38c0b0cf151c2140ae29fc8 C:\WINDOWS\system32\ctfmon.exe 2004-08-04 00:56 15360 24232996a38c0b0cf151c2140ae29fc8 C:\WINDOWS\system32\dllcache\ctfmon.exe . ((((((((((((((((((((((((((((( snapshot@2008-05-28_21.25.45.96 ))))))))))))))))))))))))))))))))))))))))) . - 2008-05-28 20:19:53 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-05-30 22:37:03 2,048 --s-a-w C:\WINDOWS\bootstat.dat - 2006-10-18 20:47:10 542,720 ----a-w C:\WINDOWS\system32\blackbox.dll + 2004-08-11 00:45:04 233,472 ----a-w C:\WINDOWS\system32\blackbox.dll - 2006-10-18 20:47:10 229,376 ----a-w C:\WINDOWS\system32\cewmdm.dll + 2004-08-11 00:45:04 161,792 ----a-w C:\WINDOWS\system32\cewmdm.dll - 2006-10-18 20:47:10 542,720 -c--a-w C:\WINDOWS\system32\dllcache\blackbox.dll + 2004-08-11 00:45:04 233,472 ----a-w C:\WINDOWS\system32\dllcache\blackbox.dll - 2006-10-18 20:47:10 229,376 -c--a-w C:\WINDOWS\system32\dllcache\cewmdm.dll + 2004-08-11 00:45:04 161,792 ----a-w C:\WINDOWS\system32\dllcache\cewmdm.dll - 2006-10-18 20:47:10 991,744 -c--a-w C:\WINDOWS\system32\dllcache\drmv2clt.dll + 2004-08-11 00:45:04 527,360 ----a-w C:\WINDOWS\system32\dllcache\drmv2clt.dll - 2006-10-18 20:47:14 11,264 -c--a-w C:\WINDOWS\system32\dllcache\LAPRXY.dll + 2004-08-11 00:45:04 6,656 ----a-w C:\WINDOWS\system32\dllcache\laprxy.dll - 2006-10-18 19:03:58 100,864 -c--a-w C:\WINDOWS\system32\dllcache\logagent.exe + 2004-08-11 00:45:04 96,768 ----a-w C:\WINDOWS\system32\dllcache\logagent.exe - 2006-10-18 20:47:14 4,096 -c--a-w C:\WINDOWS\system32\dllcache\MP43DMOD.dll + 2004-08-03 23:56:44 310,272 ----a-w C:\WINDOWS\system32\dllcache\mp43dmod.dll - 2006-10-18 20:47:14 4,096 -c--a-w C:\WINDOWS\system32\dllcache\MP4SDMOD.dll + 2004-08-03 23:56:44 384,512 ----a-w C:\WINDOWS\system32\dllcache\mp4sdmod.dll - 2006-10-18 20:47:14 4,096 -c--a-w C:\WINDOWS\system32\dllcache\MPG4DMOD.dll + 2004-08-03 23:56:44 240,640 ----a-w C:\WINDOWS\system32\dllcache\mpg4dmod.dll - 2006-10-18 20:47:16 179,712 -c--a-w C:\WINDOWS\system32\dllcache\msnetobj.dll + 2004-08-11 00:45:04 141,312 ----a-w C:\WINDOWS\system32\dllcache\msnetobj.dll - 2006-10-18 20:47:16 27,136 -c--a-w C:\WINDOWS\system32\dllcache\mspmsnsv.dll + 2004-08-11 00:45:04 25,088 ----a-w C:\WINDOWS\system32\dllcache\mspmsnsv.dll - 2006-10-18 20:47:16 175,616 -c--a-w C:\WINDOWS\system32\dllcache\mspmsp.dll + 2004-08-11 00:45:04 169,472 ----a-w C:\WINDOWS\system32\dllcache\mspmsp.dll - 2006-12-04 15:21:50 414,720 -c--a-w C:\WINDOWS\system32\dllcache\msscp.dll + 2004-08-11 00:45:04 360,176 ----a-w C:\WINDOWS\system32\dllcache\msscp.dll - 2006-10-18 20:47:16 321,536 -c--a-w C:\WINDOWS\system32\dllcache\mswmdm.dll + 2004-08-11 00:45:04 311,296 ----a-w C:\WINDOWS\system32\dllcache\mswmdm.dll - 2006-10-18 20:47:18 211,456 -c--a-w C:\WINDOWS\system32\dllcache\qasf.dll + 2004-08-11 00:45:04 221,184 ----a-w C:\WINDOWS\system32\dllcache\qasf.dll - 2006-10-18 20:47:18 757,248 -c--a-w C:\WINDOWS\system32\dllcache\WMADMOD.dll + 2004-08-11 00:45:04 380,144 ----a-w C:\WINDOWS\system32\dllcache\wmadmod.dll - 2006-10-18 20:47:18 1,117,696 -c--a-w C:\WINDOWS\system32\dllcache\WMADMOE.dll + 2004-08-11 00:45:04 712,704 ----a-w C:\WINDOWS\system32\dllcache\wmadmoe.dll - 2007-10-27 16:40:30 222,720 -c--a-w C:\WINDOWS\system32\dllcache\wmasf.dll + 2007-10-27 16:40:06 227,328 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll - 2006-10-18 20:47:18 33,792 -c--a-w C:\WINDOWS\system32\dllcache\wmdmlog.dll + 2004-08-11 00:45:04 30,208 ----a-w C:\WINDOWS\system32\dllcache\wmdmlog.dll - 2006-10-18 20:47:18 37,376 -c--a-w C:\WINDOWS\system32\dllcache\wmdmps.dll + 2004-08-11 00:45:04 34,304 ----a-w C:\WINDOWS\system32\dllcache\wmdmps.dll - 2006-10-18 20:47:20 157,184 -c--a-w C:\WINDOWS\system32\dllcache\wmidx.dll + 2004-08-11 00:45:04 150,016 ----a-w C:\WINDOWS\system32\dllcache\wmidx.dll - 2006-10-18 20:47:20 937,984 -c--a-w C:\WINDOWS\system32\dllcache\WMNetMgr.dll + 2004-08-11 00:45:04 1,027,072 ----a-w C:\WINDOWS\system32\dllcache\wmnetmgr.dll - 2006-10-18 20:47:22 4,096 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmod.dll + 2004-08-11 00:45:04 773,368 ----a-w C:\WINDOWS\system32\dllcache\wmsdmod.dll - 2006-10-18 20:47:22 4,096 -c--a-w C:\WINDOWS\system32\dllcache\wmsdmoe2.dll + 2004-08-11 00:45:04 1,116,160 ----a-w C:\WINDOWS\system32\dllcache\wmsdmoe2.dll - 2006-10-18 20:47:22 603,648 -c--a-w C:\WINDOWS\system32\dllcache\WMSPDMOD.dll + 2004-08-11 00:45:06 531,192 ----a-w C:\WINDOWS\system32\dllcache\wmspdmod.dll - 2006-10-18 20:47:22 1,329,152 -c--a-w C:\WINDOWS\system32\dllcache\WMSPDMOE.dll + 2004-08-11 00:45:06 936,960 ----a-w C:\WINDOWS\system32\dllcache\wmspdmoe.dll - 2006-10-18 20:47:22 2,450,944 -c--a-w C:\WINDOWS\system32\dllcache\wmvcore.dll + 2006-12-07 06:40:49 2,362,184 ----a-w C:\WINDOWS\system32\dllcache\wmvcore.dll - 2006-10-18 20:47:22 4,096 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmod.dll + 2004-08-11 00:45:06 871,160 ----a-w C:\WINDOWS\system32\dllcache\wmvdmod.dll - 2006-10-18 20:47:22 4,096 -c--a-w C:\WINDOWS\system32\dllcache\wmvdmoe2.dll + 2004-08-11 00:45:06 999,424 ----a-w C:\WINDOWS\system32\dllcache\wmvdmoe2.dll - 2008-01-17 16:34:01 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys + 2008-01-17 17:34:01 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys - 2006-10-18 19:00:00 38,528 ----a-w C:\WINDOWS\system32\drivers\wpdusb.sys + 2004-08-11 00:45:06 18,944 ----a-w C:\WINDOWS\system32\drivers\wpdusb.sys - 2006-10-18 20:47:10 991,744 ----a-w C:\WINDOWS\system32\drmv2clt.dll + 2004-08-11 00:45:04 527,360 ----a-w C:\WINDOWS\system32\drmv2clt.dll + 2008-05-28 21:54:11 11,548 ----a-w C:\WINDOWS\system32\Lang\Arabic.bin + 2008-05-28 21:54:11 13,536 ----a-w C:\WINDOWS\system32\Lang\Danish.bin + 2008-05-28 21:54:11 14,173 ----a-w C:\WINDOWS\system32\Lang\Dutch.bin + 2008-05-28 21:54:11 11,743 ----a-w C:\WINDOWS\system32\Lang\English.bin + 2008-05-28 21:54:11 15,434 ----a-w C:\WINDOWS\system32\Lang\French.bin + 2008-05-28 21:54:11 14,417 ----a-w C:\WINDOWS\system32\Lang\German.bin + 2008-05-28 21:54:11 15,410 ----a-w C:\WINDOWS\system32\Lang\Italian.bin + 2008-05-28 21:54:11 13,055 ----a-w C:\WINDOWS\system32\Lang\Japanese.bin + 2008-05-28 21:54:11 11,682 ----a-w C:\WINDOWS\system32\Lang\Korean.bin + 2008-05-28 21:54:11 14,329 ----a-w C:\WINDOWS\system32\Lang\Portuguese.bin + 2008-05-28 21:54:11 15,176 ----a-w C:\WINDOWS\system32\Lang\Russian.bin + 2008-05-28 21:54:11 9,695 ----a-w C:\WINDOWS\system32\Lang\SimChin.bin + 2008-05-28 21:54:11 15,093 ----a-w C:\WINDOWS\system32\Lang\Spanish.bin + 2008-05-28 21:54:11 13,267 ----a-w C:\WINDOWS\system32\Lang\SWEDISH.bin + 2008-05-28 21:54:11 11,973 ----a-w C:\WINDOWS\system32\Lang\Thai.bin + 2008-05-28 21:54:11 9,909 ----a-w C:\WINDOWS\system32\Lang\TradChin.bin - 2006-10-18 20:47:14 11,264 ----a-w C:\WINDOWS\system32\LAPRXY.dll + 2004-08-11 00:45:04 6,656 ----a-w C:\WINDOWS\system32\laprxy.dll - 2007-04-10 13:02:50 1,476,992 ------w C:\WINDOWS\system32\LegitCheckControl.dll + 2008-03-20 17:06:36 1,480,232 ----a-w C:\WINDOWS\system32\LegitCheckControl.DLL - 2006-10-18 19:03:58 100,864 ----a-w C:\WINDOWS\system32\logagent.exe + 2004-08-11 00:45:04 96,768 ----a-w C:\WINDOWS\system32\logagent.exe - 2006-10-18 20:47:14 4,096 ----a-w C:\WINDOWS\system32\MP43DMOD.dll + 2004-08-03 23:56:44 310,272 ----a-w C:\WINDOWS\system32\mp43dmod.dll - 2006-10-18 20:47:14 4,096 ----a-w C:\WINDOWS\system32\MP4SDMOD.dll + 2004-08-03 23:56:44 384,512 ----a-w C:\WINDOWS\system32\mp4sdmod.dll - 2006-10-18 20:47:14 4,096 ----a-w C:\WINDOWS\system32\MPG4DMOD.dll + 2004-08-03 23:56:44 240,640 ----a-w C:\WINDOWS\system32\mpg4dmod.dll - 2008-04-06 05:56:20 19,836,024 ----a-w C:\WINDOWS\system32\MRT.exe + 2008-05-09 21:35:04 16,863,864 ----a-w C:\WINDOWS\system32\MRT.exe - 2006-10-18 20:47:16 179,712 ----a-w C:\WINDOWS\system32\msnetobj.dll + 2004-08-11 00:45:04 141,312 ----a-w C:\WINDOWS\system32\msnetobj.dll - 2006-10-18 20:47:16 27,136 ----a-w C:\WINDOWS\system32\mspmsnsv.dll + 2004-08-11 00:45:04 25,088 ----a-w C:\WINDOWS\system32\mspmsnsv.dll - 2006-10-18 20:47:16 175,616 ----a-w C:\WINDOWS\system32\mspmsp.dll + 2004-08-11 00:45:04 169,472 ----a-w C:\WINDOWS\system32\mspmsp.dll - 2006-12-04 15:21:50 414,720 ----a-w C:\WINDOWS\system32\msscp.dll + 2004-08-11 00:45:04 360,176 ----a-w C:\WINDOWS\system32\msscp.dll - 2006-10-18 20:47:16 321,536 ----a-w C:\WINDOWS\system32\mswmdm.dll + 2004-08-11 00:45:04 311,296 ----a-w C:\WINDOWS\system32\mswmdm.dll - 2006-10-18 20:47:18 211,456 ----a-w C:\WINDOWS\system32\qasf.dll + 2004-08-11 00:45:04 221,184 ----a-w C:\WINDOWS\system32\qasf.dll - 2006-10-18 20:58:00 8,704 ----a-w C:\WINDOWS\system32\uwdf.exe + 2004-08-11 00:45:04 47,104 ----a-w C:\WINDOWS\system32\uwdf.exe - 2006-10-18 20:47:18 4,096 ----a-w C:\WINDOWS\system32\wdfapi.dll + 2004-08-11 00:45:04 15,872 ----a-w C:\WINDOWS\system32\wdfapi.dll - 2006-10-18 20:58:00 8,704 ----a-w C:\WINDOWS\system32\wdfmgr.exe + 2004-08-11 00:45:04 38,912 ----a-w C:\WINDOWS\system32\wdfmgr.exe - 2006-10-18 20:47:18 757,248 ----a-w C:\WINDOWS\system32\wmadmod.dll + 2004-08-11 00:45:04 380,144 ----a-w C:\WINDOWS\system32\wmadmod.dll - 2006-10-18 20:47:18 1,117,696 ----a-w C:\WINDOWS\system32\WMADMOE.dll + 2004-08-11 00:45:04 712,704 ----a-w C:\WINDOWS\system32\wmadmoe.dll - 2007-10-27 16:40:30 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll + 2007-10-27 16:40:06 227,328 ----a-w C:\WINDOWS\system32\wmasf.dll - 2006-10-18 20:47:18 33,792 ----a-w C:\WINDOWS\system32\wmdmlog.dll + 2004-08-11 00:45:04 30,208 ----a-w C:\WINDOWS\system32\wmdmlog.dll - 2006-10-18 20:47:18 37,376 ----a-w C:\WINDOWS\system32\wmdmps.dll + 2004-08-11 00:45:04 34,304 ----a-w C:\WINDOWS\system32\wmdmps.dll - 2006-10-18 20:47:18 429,056 ----a-w C:\WINDOWS\system32\wmdrmdev.dll + 2004-08-11 00:45:04 344,064 ----a-w C:\WINDOWS\system32\wmdrmdev.dll - 2006-10-18 20:47:20 348,672 ----a-w C:\WINDOWS\system32\wmdrmnet.dll + 2004-08-11 00:45:04 290,816 ----a-w C:\WINDOWS\system32\wmdrmnet.dll - 2006-10-18 20:47:20 157,184 ----a-w C:\WINDOWS\system32\wmidx.dll + 2004-08-11 00:45:04 150,016 ----a-w C:\WINDOWS\system32\wmidx.dll - 2006-10-18 20:47:20 937,984 ----a-w C:\WINDOWS\system32\wmnetmgr.dll + 2004-08-11 00:45:04 1,027,072 ----a-w C:\WINDOWS\system32\wmnetmgr.dll - 2006-10-18 20:47:22 4,096 ----a-w C:\WINDOWS\system32\wmsdmod.dll + 2004-08-11 00:45:04 773,368 ----a-w C:\WINDOWS\system32\wmsdmod.dll - 2006-10-18 20:47:22 4,096 ----a-w C:\WINDOWS\system32\wmsdmoe2.dll + 2004-08-11 00:45:04 1,116,160 ----a-w C:\WINDOWS\system32\wmsdmoe2.dll - 2006-10-18 20:47:22 603,648 ----a-w C:\WINDOWS\system32\WMSPDMOD.dll + 2004-08-11 00:45:06 531,192 ----a-w C:\WINDOWS\system32\wmspdmod.dll - 2006-10-18 20:47:22 1,329,152 ----a-w C:\WINDOWS\system32\WMSPDMOE.dll + 2004-08-11 00:45:06 936,960 ----a-w C:\WINDOWS\system32\wmspdmoe.dll - 2006-10-18 20:47:22 4,096 ----a-w C:\WINDOWS\system32\WMVADVD.dll + 2004-08-11 00:45:06 1,181,944 ----a-w C:\WINDOWS\system32\wmvadvd.dll - 2006-10-18 20:47:22 4,096 ----a-w C:\WINDOWS\system32\WMVADVE.DLL + 2004-08-11 00:45:06 1,509,376 ----a-w C:\WINDOWS\system32\wmvadve.dll - 2006-10-18 20:47:22 2,450,944 ----a-w C:\WINDOWS\system32\wmvcore.dll + 2006-12-07 06:40:49 2,362,184 ----a-w C:\WINDOWS\system32\wmvcore.dll - 2006-10-18 20:47:22 4,096 ----a-w C:\WINDOWS\system32\wmvdmod.dll + 2004-08-11 00:45:06 871,160 ----a-w C:\WINDOWS\system32\wmvdmod.dll - 2006-10-18 20:47:22 4,096 ----a-w C:\WINDOWS\system32\wmvdmoe2.dll + 2004-08-11 00:45:06 999,424 ----a-w C:\WINDOWS\system32\wmvdmoe2.dll - 2006-10-18 20:47:22 629,760 ----a-w C:\WINDOWS\system32\wpd_ci.dll + 2004-08-11 00:45:06 38,912 ----a-w C:\WINDOWS\system32\wpd_ci.dll - 2006-10-18 20:47:22 35,840 ----a-w C:\WINDOWS\system32\wpdconns.dll + 2004-08-11 00:45:06 61,952 ----a-w C:\WINDOWS\system32\wpdconns.dll - 2006-10-18 20:47:22 154,624 ----a-w C:\WINDOWS\system32\wpdmtp.dll + 2004-08-11 00:45:06 114,176 ----a-w C:\WINDOWS\system32\wpdmtp.dll - 2006-10-18 20:47:22 63,488 ----a-w C:\WINDOWS\system32\wpdmtpus.dll + 2004-08-11 00:45:06 66,560 ----a-w C:\WINDOWS\system32\wpdmtpus.dll - 2006-10-18 20:47:22 356,352 ----a-w C:\WINDOWS\system32\wpdsp.dll + 2004-08-11 00:45:06 327,680 ----a-w C:\WINDOWS\system32\wpdsp.dll - 2008-03-26 19:24:33 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_5ec.dat + 2008-05-30 22:37:09 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_5ec.dat . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2007-12-28 02:15 15360] "MsnMsgr"="~C:\Program Files\MSN Messenger\MsnMsgr.exe" [ ] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-16 02:53 103712] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2007-12-31 23:24 1694208] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [ ] "Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ] "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-11-30 12:36 1945600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-09-04 00:15 4554752] "Samsung Common SM"="C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" [2008-01-16 06:34 372736] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-16 02:53 103712] "SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe" [ ] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-12-25 04:19 40048] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648] "WinFast Schedule"="C:\Program Files\WinFast\WFTVFM\WFWIZ.exe" [2006-04-27 16:18 344064] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 00:19 79224] "VC7Player"="C:\Program Files\HHVcdV7Sys\VC7Play.exe" [ ] "SoundMan"="SOUNDMAN.EXE" [2004-11-15 11:20 77824 C:\WINDOWS\SOUNDMAN.EXE] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 20:24 32768] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [ ] "nwiz"="nwiz.exe" [2004-09-04 00:15 921600 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2004-09-04 00:15 86016] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.I420"= i263_32.drv "vidc.3ivx"= 3ivxVfWCodec.dll "vidc.3iv2"= 3ivxVfWCodec.dll "msacm.divxa32"= divxa32.acm "VIDC.HFYU"= huffyuv.dll "VIDC.i263"= i263_32.drv "msacm.imc"= imc32.acm "VIDC.VP31"= vp31vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\Program Files\\Professional §©®ÎÞt v.3 Black\\mirc.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\Valve\\hl.exe"= "C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "C:\\Program Files\\Valve\\hlds.exe"= "C:\\Program Files\\Opera\\Opera.exe"= "C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"= R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 00:20] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 00:16] R2 BT848;WinFast TV2000 XP WDM Video Capture;C:\WINDOWS\system32\drivers\wf2kvcap.sys [2006-04-20 14:50] R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;C:\WINDOWS\system32\drivers\wf2ktunr.sys [2006-04-20 15:20] R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;C:\WINDOWS\system32\drivers\wf2kxbar.sys [2006-04-20 14:49] R3 iadusb;MT882;C:\WINDOWS\system32\DRIVERS\glauiad.sys [2006-03-20 08:32] R3 WFIOCTL;WFIOCTL;C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS [2005-01-06 16:55] S1 vdrv7000;vdrv7000;C:\WINDOWS\system32\DRIVERS\vdrv7000.sys [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8254a0a9-9e4a-11dc-aa3e-806d6172696f}] \Shell\AutoRun\command - F:\ASUSACPI.exe . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-05-30 23:42:16 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-05-30 23:43:15 ComboFix-quarantined-files.txt 2008-05-30 22:43:04 ComboFix2.txt 2008-05-28 20:26:24 Pre-Run: 47,425,101,824 bytes free Post-Run: 47,435,550,720 bytes free 323 --- E O F --- 2008-05-30 13:11:27

Profil

helen1 Poslao: 23 Maj 2008 22:28 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl:

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Upomoc trojanac

Ko je trenutno na forumu

Ukupno su 521 korisnika na forumu :: 6 registrovanih, 0 sakrivenih i 515 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: ikan, nenad81, pacika, Shilok, Smiljke, sombrero

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by