MyCity » Ambulanta -> Arhiva Ambulante » msn virus

msn virus

Napisano na dan: 28.9.2008

msn virus

Sledeća strana

Pagination

Odgovori

max1101 Poslao: 28 Sep 2008 22:47 Idi na vrh
offline max1101 Građanin Pridružio: 15 Sep 2008 Poruke: 74	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! dobio sam neki link preko msn-a i otovrio sam ga i od onda avast nađe neki trojan i ja sam ga izbrisao, sad bi vas molio da pogledate jel još ima kakav virus? Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:44:36, on 28.9.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\BHROOT\BIN\NT611SVC.EXE C:\Program Files\BHROOT\BIN\monitor.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\BHROOT\BIN\PORTMAP.EXE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Documents and Settings\Robi\Desktop\Nova mapa\TR3.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R3 - URLSearchHook: OLE (Part 1 of 5) - - (no file) R3 - URLSearchHook: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbReg1.dll O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) O2 - BHO: Google Update Helper - {77D7E795-33C5-4323-974D-A2A49AB75517} - C:\Program Files\Google\Update\1.2.131.11\GoopdateBho.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Pomoc za prijavu - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbReg1.dll O3 - Toolbar: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbReg1.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Windows Update] WindowsUpdate.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\RunServices: [Windows Update] WindowsUpdate.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: &Search - [Link mogu videti samo ulogovani korisnici] O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing) O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing) O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing) O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: bh611 - Bell& Howell - C:\Program Files\BHROOT\BIN\NT611SVC.EXE O23 - Service: Bell & Howell Monitor Service (BHMonitorService) - Bell & Howell - C:\Program Files\BHROOT\BIN\monitor.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Google Update Service (gupdate1c8fe527b2f7a97) (gupdate1c8fe527b2f7a97) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ONC/RPC Portmapper (portmapper) - Bell & Howell - C:\Program Files\BHROOT\BIN\PORTMAP.EXE O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- End of file - 7979 bytes

Profil

dr_Bora Poslao: 29 Sep 2008 16:27 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Poz... Klikni desnim tasterom miša na avast! ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Program settings.... U prozoru koji se otvori, pod Troubleshooting, čekiraj opciju Disable avast! self-defence i klikni OK. Takođe, klikni desnim tasterom miša na avast! ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Stop OnAccess Protection. Napomena: Ne zaboravi da uključiš ove opcije po završetku čišćenja. ------------------------------------------------------------------------------------- Skini ComboFix sa jedne od sledecih adresa na Desktop: [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

max1101 Poslao: 29 Sep 2008 22:35 Idi na vrh
offline max1101 Građanin Pridružio: 15 Sep 2008 Poruke: 74	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo combofix logo ComboFix 08-09-28.01 - Robi 2008-09-29 22:27:32.4 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.191 [GMT 2:00] Running from: C:\Documents and Settings\Robi\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\DOCUME~1\Robi\LOCALS~1\Temp\install_flash_player.exe C:\Documents and Settings\Robi\Cookies\robi@ad.yieldmanager[2].txt C:\Documents and Settings\Robi\Cookies\robi@autos.yahoo[1].txt C:\Documents and Settings\Robi\Cookies\robi@mercedesklub[1].txt C:\Documents and Settings\Robi\Cookies\robi@mobile[2].txt C:\WINDOWS\admintxt.txt C:\WINDOWS\windowsupdate.exe . ((((((((((((((((((((((((( Files Created from 2008-08-28 to 2008-09-29 ))))))))))))))))))))))))))))))) . 2008-09-28 23:55 . 2008-09-28 23:55 <DIR> d-------- C:\Documents and Settings\Robi\Application Data\Windows Live Writer 2008-09-28 23:54 . 2008-09-28 23:54 <DIR> d-------- C:\Program Files\Microsoft 2008-09-28 22:55 . 2008-09-28 22:55 <DIR> d-------- C:\Program Files\ESET 2008-09-28 21:14 . 2008-09-28 21:14 <DIR> d-------- C:\Program Files\Alwil Software 2008-09-28 12:34 . 2008-07-18 22:07 270,880 --a------ C:\WINDOWS\system32\mucltui.dll 2008-09-28 12:34 . 2008-07-18 22:07 210,976 --a------ C:\WINDOWS\system32\muweb.dll 2008-09-28 12:34 . 2008-07-18 22:07 29,728 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-09-27 13:50 . 2008-09-27 13:50 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2008-09-27 13:49 . 2008-09-27 13:49 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-09-26 20:30 . 2008-09-26 20:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BlackPencil 2008-09-24 17:42 . 2008-09-24 17:42 <DIR> d-------- C:\Documents and Settings\Robi\Application Data\ESET 2008-09-24 17:41 . 2008-09-28 22:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ESET 2008-09-24 16:54 . 2008-09-24 16:54 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Xfire 2008-09-23 21:59 . 2008-09-23 21:59 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\Xfire 2008-09-23 21:58 . 2008-09-25 22:01 <DIR> d-------- C:\Documents and Settings\Robi\Application Data\Xfire 2008-09-23 21:57 . 2008-09-24 16:55 <DIR> d-------- C:\Program Files\Xfire 2008-09-22 00:01 . 2008-09-22 00:01 <DIR> d-------- C:\Documents and Settings\Robi\Application Data\MSNInstaller 2008-09-19 21:46 . 2008-09-19 21:46 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy 2008-09-18 22:04 . 2008-09-18 22:04 <DIR> d-------- C:\Program Files\Alcohol Soft 2008-09-18 21:57 . 2005-10-09 00:06 3,584 --a------ C:\WINDOWS\system32\drivers\sfcure01.sys 2008-09-18 21:42 . 2008-09-18 21:42 <DIR> d-------- C:\Program Files\uTorrent 2008-09-18 21:42 . 2008-09-29 20:26 <DIR> d-------- C:\Documents and Settings\Robi\Application Data\uTorrent 2008-09-18 02:40 . 2008-09-18 02:40 42,320 --a------ C:\WINDOWS\system32\xfcodec.dll 2008-09-16 19:25 . 2008-09-16 19:25 <DIR> d-------- C:\Program Files\USB GamePad 2008-09-16 19:25 . 2006-01-08 11:18 159,744 --a------ C:\WINDOWS\system32\FFDR.dll 2008-09-16 19:25 . 2005-12-09 09:39 69,699 --a------ C:\WINDOWS\system32\drivers\VL813.sys 2008-09-16 19:25 . 2005-12-08 11:01 40,960 --a------ C:\WINDOWS\system32\restart.exe 2008-09-16 19:25 . 2005-11-17 08:10 36,864 --a------ C:\WINDOWS\system32\Sign2k.exe 2008-09-16 19:25 . 2005-12-08 11:01 32,768 --a------ C:\WINDOWS\system32\Removejoy.exe 2008-09-16 19:25 . 2004-03-30 19:37 25,600 --a------ C:\WINDOWS\system32\remove.exe 2008-09-16 19:25 . 2004-03-29 17:59 20,992 --a------ C:\WINDOWS\system32\rescan.exe 2008-09-15 22:30 . 2008-09-28 22:56 <DIR> d-------- C:\WINDOWS\system32\CatRoot2 2008-09-15 14:27 . 1998-11-17 12:44 328,704 --a------ C:\WINDOWS\IsUn0407.exe 2008-09-15 14:10 . 2008-09-15 14:10 <DIR> d-------- C:\Documents and Settings\Robi\Application Data\MozillaControl 2008-09-15 12:59 . 2008-09-15 12:59 <DIR> d-------- C:\WINDOWS\'Full Speed' Internet Booster + Performance Tests 2008-09-15 00:55 . 2008-09-15 00:55 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Trymedia 2008-09-14 02:04 . 2008-09-14 02:04 45 --a------ C:\WINDOWS\system32\initdebug.nfo 2008-09-14 00:45 . 2007-07-11 11:11 888,832 --a------ C:\WINDOWS\system32\securenet.dll 2008-09-14 00:10 . 2004-08-03 22:58 100,992 --a------ C:\WINDOWS\system32\drivers\bthpan.sys 2008-09-14 00:10 . 2004-08-03 22:58 100,992 --a--c--- C:\WINDOWS\system32\dllcache\bthpan.sys 2008-09-13 17:02 . 2008-09-13 17:02 32 --a------ C:\WINDOWS\tdlp32.ini 2008-09-12 20:59 . 2008-09-12 20:59 <DIR> d-------- C:\Program Files\vso 2008-09-12 20:59 . 2008-09-12 21:22 <DIR> d-------- C:\Documents and Settings\Robi\Application Data\Vso 2008-09-12 20:59 . 2008-09-12 20:59 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys 2008-09-12 20:59 . 2008-09-12 20:59 47,360 --a------ C:\Documents and Settings\Robi\Application Data\pcouffin.sys 2008-09-09 00:16 . 2008-09-09 00:16 <DIR> d-------- C:\WINDOWS\system32\Futuremark 2008-09-08 21:30 . 1998-09-02 10:02 194,320 --a------ C:\WINDOWS\system32\qcut.dll 2008-09-08 21:30 . 1998-08-27 06:51 182,032 --a------ C:\WINDOWS\system32\dxtmsft3.dll 2008-09-08 21:30 . 1998-08-20 13:02 140,800 --a------ C:\WINDOWS\system32\tm20dec.ax 2008-09-08 21:30 . 1998-09-02 10:28 63,488 --a------ C:\WINDOWS\system32\unam4ie.exe 2008-09-08 21:30 . 1998-09-02 10:28 38,160 --a------ C:\WINDOWS\system32\LMRTREND.dll 2008-09-08 21:30 . 1998-08-17 11:21 11,776 --a------ C:\WINDOWS\system32\mciqtz.drv 2008-09-08 21:30 . 1998-08-17 11:21 10,240 --a------ C:\WINDOWS\system32\vidx16.dll 2008-09-08 21:30 . 1998-08-17 11:21 5,672 --a------ C:\WINDOWS\system32\quartz.vxd 2008-09-08 21:30 . 2008-09-08 21:30 4,608 --a------ C:\WINDOWS\system32\w95inf32.dll 2008-09-08 21:30 . 2008-09-08 21:30 2,272 --a------ C:\WINDOWS\system32\w95inf16.dll 2008-09-07 23:48 . 2008-09-07 23:48 <DIR> d-------- C:\Program Files\PowerISO 2008-09-07 20:34 . 2008-09-07 20:34 88 --a------ C:\WINDOWS\StyleBuilder.INI 2008-09-07 02:05 . 2008-09-07 02:05 2,560 --a------ C:\WINDOWS\_MSRSTRT.EXE 2008-09-07 00:43 . 2008-09-07 00:43 <DIR> d-------- C:\Documents and Settings\Robi\Application Data\InstallShield 2008-09-06 22:34 . 2008-09-06 22:34 360,320 --a------ C:\WINDOWS\system32\drivers\TCPIP.SYS.ORIGINAL 2008-09-06 17:58 . 2008-09-06 17:58 <DIR> d-------- C:\Program Files\VDOWNLOADER 2008-09-06 15:37 . 2008-09-06 15:37 <DIR> d-------- C:\WINDOWS\system32\LogFiles 2008-09-06 15:34 . 2008-09-06 15:34 <DIR> d--hs---- C:\WINDOWS\ftpcache 2008-09-06 15:20 . 2008-09-10 21:50 <DIR> d-------- C:\WINDOWS\system32\Adobe 2008-09-06 15:09 . 2008-09-07 02:05 <DIR> d-------- C:\Program Files\Reganam 2008-09-06 14:06 . 2008-09-29 14:09 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-09-04 23:38 . 2008-09-04 23:38 520 --a------ C:\WINDOWS\netdet.ini 2008-09-04 23:37 . 2000-12-06 01:00 209,608 --a------ C:\WINDOWS\system32\Tabctl32.ocx 2008-09-04 23:37 . 2000-12-06 01:00 109,248 --a------ C:\WINDOWS\system32\Mswinsck.ocx 2008-09-02 20:39 . 2008-09-02 20:39 <DIR> d-------- C:\Program Files\MyXOFT 2008-09-02 20:39 . 2006-12-01 22:03 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll 2008-09-02 20:39 . 2006-12-01 22:03 548,864 --a------ C:\WINDOWS\system32\msvcp80.dll 2008-09-02 20:39 . 2006-12-02 06:22 479,232 --a------ C:\WINDOWS\system32\msvcm80.dll 2008-09-02 20:39 . 2006-12-01 22:03 1,869 --a------ C:\WINDOWS\system32\Microsoft.VC80.CRT.manifest 2008-08-30 21:35 . 2008-08-30 21:36 <DIR> d-------- C:\Documents and Settings\Robi\Application Data\ICQ 2008-08-30 21:35 . 2008-08-30 21:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ICQ 2008-08-30 21:34 . 2008-09-23 16:26 <DIR> d-------- C:\Program Files\ICQ6 2008-08-30 00:13 . 2008-09-29 22:31 <DIR> d-------- C:\Documents and Settings\Robi\Tracing 2008-08-30 00:13 . 2008-09-09 21:48 <DIR> d-------- C:\Documents and Settings\Robi\Contacts 2008-08-30 00:11 . 2008-09-08 21:36 <DIR> d-------- C:\Documents and Settings\Robi\Application Data\MSN6 2008-08-30 00:11 . 2008-08-30 00:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MSN6 2008-08-30 00:01 . 2008-08-30 00:01 <DIR> d-------- C:\Program Files\Common Files\Windows Live 2008-08-29 23:56 . 2008-09-29 10:21 <DIR> d-------- C:\Program Files\Windows Live . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-22 16:04 --------- d-----w C:\Program Files\Google 2008-09-22 12:40 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-09-22 12:39 --------- d-----w C:\Documents and Settings\Robi\Application Data\Samsung 2008-09-18 20:01 716,272 ----a-w C:\WINDOWS\system32\drivers\sptd.sys 2008-09-18 19:31 360,320 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS 2008-09-16 11:26 --------- d-----w C:\Documents and Settings\Robi\Application Data\TransRender 2008-09-16 11:25 --------- d-----w C:\Documents and Settings\Robi\Application Data\Temporary 2008-09-15 12:27 --------- d-----w C:\Program Files\Common Files\Adobe 2008-08-24 20:16 --------- d-----w C:\Program Files\Sony Ericsson 2008-08-24 19:29 --------- d-----w C:\Program Files\Far 2008-08-24 19:25 --------- d-----w C:\Program Files\Common Files\Teleca Shared 2008-08-24 19:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Ericsson 2008-08-24 14:10 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf 2008-08-24 14:10 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_ggsemc_01005.Wdf 2008-08-24 14:02 21,672 ----a-w C:\WINDOWS\system32\drivers\ggsemc.sys 2008-08-24 14:02 13,352 ----a-w C:\WINDOWS\system32\drivers\ggflt.sys 2008-08-21 20:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Disk Cleaner 2008-08-21 20:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Registry Helper 2008-08-19 16:36 --------- d-----w C:\Program Files\IrfanView 2008-08-18 11:27 34,312 ----a-w C:\WINDOWS\system32\drivers\epfwtdir.sys 2008-08-18 11:19 53,256 ----a-w C:\WINDOWS\system32\drivers\easdrv.sys 2008-08-18 11:18 39,944 ----a-w C:\WINDOWS\system32\drivers\eamon.sys 2008-08-16 17:32 --------- d-----w C:\Program Files\Winamp 2008-08-16 17:21 --------- d-----w C:\Documents and Settings\Robi\Application Data\Smart PC Solutions 2008-08-16 17:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-08-16 17:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-08-16 16:25 --------- d-----w C:\Documents and Settings\Robi\Application Data\Uniblue 2008-08-13 11:25 --------- d-----w C:\Documents and Settings\Robi\Application Data\www.TheXSoft.com 2008-08-13 11:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\www.TheXSoft.com 2008-08-12 22:52 --------- d-----w C:\Program Files\DivX 2008-08-12 20:03 --------- d-----w C:\Program Files\Common Files\Vbox 2008-08-11 20:27 --------- d-----w C:\Documents and Settings\Robi\Application Data\zweitgeist 2008-08-08 16:05 --------- d-----w C:\Program Files\vanBasco's Karaoke Player 2008-08-08 15:45 737,280 ----a-w C:\WINDOWS\iun6002.exe 2008-08-07 22:13 --------- d-----w C:\Documents and Settings\Robi\Application Data\ICQ Toolbar 2008-08-07 18:16 --------- d-----w C:\Program Files\Marvell 2008-08-05 19:07 --------- d-----w C:\Documents and Settings\Robi\Application Data\DivX 2008-07-31 20:23 --------- d-----w C:\Program Files\Common Files\Autodata Limited Shared 2008-05-21 18:59 116,512 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat 2008-05-21 18:10 1,824 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{db9d7a78-a76c-4bf2-97c6-258925ee1542}"= "C:\Program Files\Reganam\tbReg1.dll" [2008-09-06 1569304] [HKEY_CLASSES_ROOT\clsid\{db9d7a78-a76c-4bf2-97c6-258925ee1542}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] 2008-09-02 21:02 75272 --a------ C:\Program Files\Windows Live\Messenger\wlchtc.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] 2008-08-21 15:15 94736 --a------ C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{77D7E795-33C5-4323-974D-A2A49AB75517}] 2008-08-29 19:28 133616 --a----t- C:\Program Files\Google\Update\1.2.131.11\GoopdateBho.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{db9d7a78-a76c-4bf2-97c6-258925ee1542}] 2008-09-06 15:11 1569304 --------- C:\Program Files\Reganam\tbReg1.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] 2008-09-02 21:13 953360 --a------ C:\Program Files\Windows Live\Toolbar\wltcore.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{db9d7a78-a76c-4bf2-97c6-258925ee1542}"= "C:\Program Files\Reganam\tbReg1.dll" [2008-09-06 1569304] "{21FA44EF-376D-4D53-9B0F-8A89D3229068}"= "C:\Program Files\Windows Live\Toolbar\wltcore.dll" [2008-09-02 953360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{DB9D7A78-A76C-4BF2-97C6-258925EE1542}"= "C:\Program Files\Reganam\tbReg1.dll" [2008-09-06 1569304] "{21FA44EF-376D-4D53-9B0F-8A89D3229068}"= "C:\Program Files\Windows Live\Toolbar\wltcore.dll" [2008-09-02 953360] [HKEY_CLASSES_ROOT\clsid\{db9d7a78-a76c-4bf2-97c6-258925ee1542}] [HKEY_CLASSES_ROOT\clsid\{21fa44ef-376d-4d53-9b0f-8a89d3229068}] [HKEY_CLASSES_ROOT\TypeLib\{182E05A4-F4FF-4F73-8C84-D36B87D915AF}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360] "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-03-20 217544] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-11-07 3739672] "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-01 7618560] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-05-15 35328] "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2008-07-07 167936] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008] "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-08-18 1447168] "NvMediaCenter"="NvMCTray.dll" [2006-06-01 C:\WINDOWS\system32\nvmctray.dll] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 C:\WINDOWS\system32\bthprops.cpl] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15360] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoInstrumentation"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.XFR1"= xfcodec.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages REG_MULTI_SZ msv1_0 nwprovau [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\WINDOWS\\system32\\sessmgr.exe"= "D:\\Program Files\\game.dat"= "D:\\UT2004\\System\\UT2004.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "C:\\Program Files\\ICQ6\\ICQ.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "C:\\Program Files\\Xfire\\xfire.exe"= "D:\\Program Files\\Counter-Strike 1.6\\hl.exe"= "D:\\Program Files\\Activision Value\\Soldier of Fortune Payback\\sof3.exe"= "D:\\Program Files\\Counter-Strike 1.6\\hlds.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416] R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2008-08-18 34312] R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560] R2 NwSapAgent;SAP Agent;C:\WINDOWS\system32\svchost.exe [2004-08-04 14336] S2 gupdate1c8fe527b2f7a97;Google Update Service (gupdate1c8fe527b2f7a97);C:\Program Files\Google\Update\GoogleUpdate.exe [2008-08-29 133104] S3 ggflt;SEMC USB Flash Driver Filter;C:\WINDOWS\system32\DRIVERS\ggflt.sys [2008-08-24 13352] S3 s115bus;Sony Ericsson Device 115 driver (WDM);C:\WINDOWS\system32\DRIVERS\s115bus.sys [2007-04-23 83208] S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s115mdfl.sys [2007-04-23 15112] S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s115mdm.sys [2007-04-23 108680] S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s115obex.sys [2007-04-23 98568] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-11-07 98840] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . . ------- Supplementary Scan ------- . R0 -: HKCU-Main,Start Page = [Link mogu videti samo ulogovani korisnici] R0 -: HKCU-Main,SearchMigratedDefaultUrl = [Link mogu videti samo ulogovani korisnici]{searchTerms} O8 -: &Search - [Link mogu videti samo ulogovani korisnici] O9 -: {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 -: {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm - . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2008-09-29 22:30:48 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\Program Files\BHROOT\BIN\NT611SVC.EXE C:\Program Files\BHROOT\BIN\MONITOR.EXE C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\BHROOT\BIN\PORTMAP.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\ComboFix\pv.cfexe . ************************************************************************ . Completion time: 2008-09-29 22:33:29 - machine was rebooted ComboFix-quarantined-files.txt 2008-09-29 20:33:23 Pre-Run: 23.794.085.888 bytes free Post-Run: 24,329,105,408 bytes free 272 --- E O F --- 2008-09-28 12:10:06

Profil

dr_Bora Poslao: 30 Sep 2008 18:21 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sada stanje? Postoji li neki problem?

Profil

max1101 Poslao: 30 Sep 2008 19:48 Idi na vrh
offline max1101 Građanin Pridružio: 15 Sep 2008 Poruke: 74	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ne sada je sve ok Dopuna: 30 Sep 2008 19:48 eh da ja sam još izbrisao msn i ponovno instalirao

Profil

dr_Bora Poslao: 30 Sep 2008 20:28 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok. Uradi sledeće: Klikni START a zatim RUN U liniju za unos teksta ukucaj Combofix /u i klikni OK Sačekaj da se proces deinstalacije završi Gornja procedura će: Obrisati sledeće: ComboFix i njegove file-ove i foldere VundoFix Backups folder, ako postoji C:\Deckard folder, ako postoji C:\OtMoveIt folder, ako postoji Resetovati podešavanja sata na kompjuteru Sakriti ekstenzije file-ova, ako je potrebno Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno Resetovati System Restore To je sve.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » msn virus

Ko je trenutno na forumu

Ukupno su 1891 korisnika na forumu :: 98 registrovanih, 7 sakrivenih i 1786 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 5253 - dana 09 Dec 2025 16:26

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 100jan, Agape, alberto, alex71, amaterSRB, annon, Aristotle2002, Avalon015, Avladi, babaroga, baltazar01, Banovo Brdo, Bivan, bokicacar, boromir, BSD, Ciri1994, Comyymoc, crazydkure, Darth Wader, DeerHunter, Dekanovic, Despot Đurađ, Dimitrise93, Django777, djonsule, Doca, doktor1964, dule10savic, dunavzed, EXIT78, Fructo, gagidjuric, GrammaticalAnalysis, h8propaganda, Hans Gajger, Hardenberg, igorkozar83, iznurenitragalac, Jager715510, Jan, Jeremiah, Kajzer Soze, kib, kolle.the.kid, Kontrausluga, kunktator, kuntakinte, ladro, Lelemood, luka35, Macalone, MarkoDzimi, mercedesamg, Mi lao shu, milenko crazy north, Miler88, MiljanXD, mir juzni, mocnijogurt, Moldovan, mrgud2025, N.e.m.a.nj.a., niki-mini_maki, nikolapetkovic, Nmr, Novakomp, Orc, Pilence, Plavi1, PlayerOne, Remarqe, Resad76, Robin, s0ne, shaja1, shone34, Slobodan Filipović, stegonosa, Tajpan, theNedjeljko, Tihi86, troki1971, Vanderx, Vaske8990, vaso1, vidra boy, Vlado82, Vojkan Petrovic, VonDrobac, Weah88, yagosh, yip314, Yugol33, Zastava, zmajbre, Čivi, 127

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by