MyCity » Ambulanta -> Arhiva Ambulante » Antichrist!!!! Help..........

Antichrist!!!! Help..........

Napisano na dan: 10.7.2008

Strana:
1
2

Antichrist!!!! Help..........

Pagination

Prethodna strana

Odgovori

Strana:
1
2

keleraba1 Poslao: 12 Jul 2008 14:41 Idi na vrh
offline keleraba1 Novi MyCity građanin Pridružio: 09 Jul 2008 Poruke: 10	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kada palim komp i dalje ima problema!Pojavi mi se prozor na kome pise Antichrist i moram da pritisnem ok da bi startovala windows!Problem je resen sto se tice windows explorera!i na tome ti PUNOOOOOO HVALA! Nod mi je prepoznao virus koji se nalazi na C:\Documents and settings\Mia Vujosevic\Local Settings\Temp\Av-test.txt ,trenutno je u karantinu i ne znam da li smem da ga obrisem! POSAVETUJ ME KOJI MI JE NAJBOLJI ANTIVIRUS PROGRAM DA SKINEM!!!!

Profil

helen1 Poslao: 12 Jul 2008 21:04 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nod je dovoljno dobar. * Otvori Nod32 Control Center (Klik na njegovu tray ikonicu ( ) u donjem desnom uglu ekrana). * Izaberi AMON iz Threat Protection grupe opcija. * Na desnom panelu deštikliraj opciju File system monitor (AMON) enabled. * Gašenje ove opcije pokazaće se kroz promenu boje Control Center-a iz zelene u crvenu. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. -------------------------------- Otvoriti Notepad i iskopirati sledeci tekst: `Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon] "LegalNoticeCaption"=- "LegalNoticeText"=- "LogonPrompt"=- "Welcome"=-` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

keleraba1 Poslao: 12 Jul 2008 21:51 Idi na vrh
offline keleraba1 Novi MyCity građanin Pridružio: 09 Jul 2008 Poruke: 10	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-07-09.5 - Mia Vujosevic 2008-07-12 21:48:26.4 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.164 [GMT 2:00] Running from: C:\Documents and Settings\Mia Vujosevic\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\Mia Vujosevic\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-06-12 to 2008-07-12 ))))))))))))))))))))))))))))))) . 2008-06-21 00:20 . 2008-06-13 15:10 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys 2008-06-21 00:20 . 2008-06-13 15:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-07-11 10:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira 2008-07-08 20:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-06-21 08:31 --------- d-----w C:\Program Files\ESET 2008-06-20 22:09 502,368 ----a-w C:\WINDOWS\system32\drivers\amon.sys 2008-06-20 22:09 274,432 ----a-w C:\WINDOWS\system32\imon.dll 2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-01 13:58 --------- d-----w C:\Documents and Settings\Mia Vujosevic\Application Data\Corel 2008-05-31 15:58 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-31 15:57 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-05-31 15:57 --------- d-----w C:\Program Files\Common Files\Corel 2008-05-31 15:56 --------- d-----w C:\Program Files\Corel 2008-05-31 15:33 --------- d-----w C:\Program Files\Common Files\Autodesk Shared 2008-05-31 15:32 --------- d-----w C:\Program Files\Autodesk 2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll 2008-05-01 06:05 60,416 ----a-w C:\WINDOWS\ALCFDRTM.EXE 2008-04-21 07:04 659,456 ----a-w C:\WINDOWS\system32\wininet.dll 2008-01-06 11:36 47,664 ----a-w C:\Documents and Settings\Mia Vujosevic\Application Data\GDIPFONTCACHEV1.DAT . ((((((((((((((((((((((((((((( snapshot@2008-07-10_22.47.52,21 ))))))))))))))))))))))))))))))))))))))))) . - 2008-07-10 19:20:28 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-07-12 19:44:12 2,048 --s-a-w C:\WINDOWS\bootstat.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:07 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [2006-03-01 20:43 90112] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-21 14:44 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-12-15 06:01 5513216] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2004-12-15 06:01 86016] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-02-23 21:10 35328] "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-06-21 00:09 921600] "D_V_T"="C:\\dvt.exe" [2007-12-04 14:33 3584] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 22:34 49152] "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-04-09 14:23 200704] "Sys32"="c:\WINDOWS\Sys32.exe" [BU] "SoundMan"="SOUNDMAN.EXE" [2005-06-14 12:36 77824 C:\WINDOWS\SOUNDMAN.EXE] "nwiz"="nwiz.exe" [2004-12-15 06:01 1490944 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 03:07 15360] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 05:44:06 29696] HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 22:26:24 210520] ImageMixer HDD Camera Monitor.lnk - C:\Program Files\PIXELA\ImageMixer3\HDDCameraMonitor.exe [2007-12-13 20:43:09 2117632] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 02:01:04 83360] Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 18:23:32 74308] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "LegalNoticeCaption"="[Antichrist]" "LegalNoticeText"="[Day of judgment]" "LogonPrompt"="[Day of judgment]" "Welcome"="[Antichrist]" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.YV12"= yv12vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\NVIDIA\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= R1 VD_FileDisk;VD_FileDisk;C:\WINDOWS\system32\drivers\VD_FileDisk.sys [2006-01-13 15:00] R2 nvTUNEP;nVidia WDM TVTuner;C:\WINDOWS\system32\DRIVERS\nvtunep.sys [2004-04-06 12:30] R2 nvtvSND;nVidia WDM TVAudio Crossbar;C:\WINDOWS\system32\DRIVERS\nvtvsnd.sys [2004-04-06 12:31] S3 MSSQL$PSIT;MSSQL$PSIT;C:\Program Files\Microsoft SQL Server\MSSQL$PSIT\Binn\sqlservr.exe [2002-12-17 18:26] S3 SQLAgent$PSIT;SQLAgent$PSIT;C:\Program Files\Microsoft SQL Server\MSSQL$PSIT\Binn\sqlagent.EXE [2002-12-17 18:23] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{84b28d37-a261-11dc-9e93-806d6172696f}] \Shell\AutoRun\command - E:\ASUSACPI.exe . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-07-12 21:49:45 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-07-12 21:50:43 ComboFix-quarantined-files.txt 2008-07-12 19:50:40 ComboFix2.txt 2008-07-12 12:00:54 ComboFix3.txt 2008-07-11 13:47:30 ComboFix4.txt 2008-07-10 20:48:13 Pre-Run: 10,748,567,552 bytes free Post-Run: 10,736,873,472 bytes free 115 --- E O F --- 2008-07-09 22:10:57

Profil

helen1 Poslao: 13 Jul 2008 00:32 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Program za ciscenje se nesto tripuje * Otvori Nod32 Control Center (Klik na njegovu tray ikonicu ( ) u donjem desnom uglu ekrana). * Izaberi AMON iz Threat Protection grupe opcija. * Na desnom panelu deštikliraj opciju File system monitor (AMON) enabled. * Gašenje ove opcije pokazaće se kroz promenu boje Control Center-a iz zelene u crvenu. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. -------------------------------- Otvoriti Notepad i iskopirati sledeci tekst: `Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sys32"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon] "LegalNoticeCaption"=- "LegalNoticeText"=- "LogonPrompt"=- "Welcome"=-` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

keleraba1 Poslao: 13 Jul 2008 18:14 Idi na vrh
offline keleraba1 Novi MyCity građanin Pridružio: 09 Jul 2008 Poruke: 10	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-07-09.5 - Mia Vujosevic 2008-07-13 18:11:43.5 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.145 [GMT 2:00] Running from: C:\Documents and Settings\Mia Vujosevic\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\Mia Vujosevic\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-06-13 to 2008-07-13 ))))))))))))))))))))))))))))))) . 2008-06-21 00:20 . 2008-06-13 15:10 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys 2008-06-21 00:20 . 2008-06-13 15:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-07-11 10:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira 2008-07-08 20:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-06-21 08:31 --------- d-----w C:\Program Files\ESET 2008-06-20 22:09 502,368 ----a-w C:\WINDOWS\system32\drivers\amon.sys 2008-06-20 22:09 274,432 ----a-w C:\WINDOWS\system32\imon.dll 2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-01 13:58 --------- d-----w C:\Documents and Settings\Mia Vujosevic\Application Data\Corel 2008-05-31 15:58 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-31 15:57 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-05-31 15:57 --------- d-----w C:\Program Files\Common Files\Corel 2008-05-31 15:56 --------- d-----w C:\Program Files\Corel 2008-05-31 15:33 --------- d-----w C:\Program Files\Common Files\Autodesk Shared 2008-05-31 15:32 --------- d-----w C:\Program Files\Autodesk 2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll 2008-05-01 06:05 60,416 ----a-w C:\WINDOWS\ALCFDRTM.EXE 2008-04-21 07:04 659,456 ----a-w C:\WINDOWS\system32\wininet.dll 2008-01-06 11:36 47,664 ----a-w C:\Documents and Settings\Mia Vujosevic\Application Data\GDIPFONTCACHEV1.DAT . ((((((((((((((((((((((((((((( snapshot@2008-07-10_22.47.52,21 ))))))))))))))))))))))))))))))))))))))))) . - 2008-07-10 19:20:28 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-07-13 16:03:46 2,048 --s-a-w C:\WINDOWS\bootstat.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:07 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [2006-03-01 20:43 90112] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-21 14:44 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-12-15 06:01 5513216] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2004-12-15 06:01 86016] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-02-23 21:10 35328] "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-06-21 00:09 921600] "D_V_T"="C:\\dvt.exe" [2007-12-04 14:33 3584] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 22:34 49152] "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-04-09 14:23 200704] "SoundMan"="SOUNDMAN.EXE" [2005-06-14 12:36 77824 C:\WINDOWS\SOUNDMAN.EXE] "nwiz"="nwiz.exe" [2004-12-15 06:01 1490944 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 03:07 15360] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 05:44:06 29696] HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 22:26:24 210520] ImageMixer HDD Camera Monitor.lnk - C:\Program Files\PIXELA\ImageMixer3\HDDCameraMonitor.exe [2007-12-13 20:43:09 2117632] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 02:01:04 83360] Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 18:23:32 74308] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "LegalNoticeCaption"="[Antichrist]" "LegalNoticeText"="[Day of judgment]" "LogonPrompt"="[Day of judgment]" "Welcome"="[Antichrist]" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.YV12"= yv12vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\NVIDIA\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= R1 VD_FileDisk;VD_FileDisk;C:\WINDOWS\system32\drivers\VD_FileDisk.sys [2006-01-13 15:00] R2 nvTUNEP;nVidia WDM TVTuner;C:\WINDOWS\system32\DRIVERS\nvtunep.sys [2004-04-06 12:30] R2 nvtvSND;nVidia WDM TVAudio Crossbar;C:\WINDOWS\system32\DRIVERS\nvtvsnd.sys [2004-04-06 12:31] S3 MSSQL$PSIT;MSSQL$PSIT;C:\Program Files\Microsoft SQL Server\MSSQL$PSIT\Binn\sqlservr.exe [2002-12-17 18:26] S3 SQLAgent$PSIT;SQLAgent$PSIT;C:\Program Files\Microsoft SQL Server\MSSQL$PSIT\Binn\sqlagent.EXE [2002-12-17 18:23] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{84b28d37-a261-11dc-9e93-806d6172696f}] \Shell\AutoRun\command - E:\ASUSACPI.exe . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-07-13 18:12:59 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-07-13 18:13:58 ComboFix-quarantined-files.txt 2008-07-13 16:13:53 ComboFix2.txt 2008-07-12 19:50:45 ComboFix3.txt 2008-07-12 12:00:54 ComboFix4.txt 2008-07-11 13:47:30 ComboFix5.txt 2008-07-10 20:48:13 Pre-Run: 10,721,247,232 bytes free Post-Run: 10,710,896,640 bytes free 115 --- E O F --- 2008-07-09 22:10:57

Profil

helen1 Poslao: 14 Jul 2008 00:01 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Antihrist nece da ode.... https://www.mycity.rs/must-login.png Sačuvaj na desktop, dvoklik na ikonicu i klik na Yes. Posle mi postavi novi ComboFix log.

Profil

keleraba1 Poslao: 14 Jul 2008 01:03 Idi na vrh
offline keleraba1 Novi MyCity građanin Pridružio: 09 Jul 2008 Poruke: 10	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-07-09.5 - Mia Vujosevic 2008-07-14 0:58:55.6 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.158 [GMT 2:00] Running from: C:\Documents and Settings\Mia Vujosevic\Desktop\ComboFix.exe * Resident AV is active WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-06-13 to 2008-07-13 ))))))))))))))))))))))))))))))) . 2008-06-21 00:20 . 2008-06-13 15:10 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys 2008-06-21 00:20 . 2008-06-13 15:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-07-11 10:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira 2008-07-08 20:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-06-21 08:31 --------- d-----w C:\Program Files\ESET 2008-06-20 22:09 502,368 ----a-w C:\WINDOWS\system32\drivers\amon.sys 2008-06-20 22:09 274,432 ----a-w C:\WINDOWS\system32\imon.dll 2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-01 13:58 --------- d-----w C:\Documents and Settings\Mia Vujosevic\Application Data\Corel 2008-05-31 15:58 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-31 15:57 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-05-31 15:57 --------- d-----w C:\Program Files\Common Files\Corel 2008-05-31 15:56 --------- d-----w C:\Program Files\Corel 2008-05-31 15:33 --------- d-----w C:\Program Files\Common Files\Autodesk Shared 2008-05-31 15:32 --------- d-----w C:\Program Files\Autodesk 2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll 2008-05-01 06:05 60,416 ----a-w C:\WINDOWS\ALCFDRTM.EXE 2008-04-21 07:04 659,456 ----a-w C:\WINDOWS\system32\wininet.dll 2008-01-06 11:36 47,664 ----a-w C:\Documents and Settings\Mia Vujosevic\Application Data\GDIPFONTCACHEV1.DAT . ((((((((((((((((((((((((((((( snapshot@2008-07-10_22.47.52,21 ))))))))))))))))))))))))))))))))))))))))) . - 2008-07-10 19:20:28 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-07-13 22:52:53 2,048 --s-a-w C:\WINDOWS\bootstat.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 03:07 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [2006-03-01 20:43 90112] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-21 14:44 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-12-15 06:01 5513216] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2004-12-15 06:01 86016] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-02-23 21:10 35328] "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-06-21 00:09 921600] "D_V_T"="C:\\dvt.exe" [2007-12-04 14:33 3584] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 22:34 49152] "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-04-09 14:23 200704] "SoundMan"="SOUNDMAN.EXE" [2005-06-14 12:36 77824 C:\WINDOWS\SOUNDMAN.EXE] "nwiz"="nwiz.exe" [2004-12-15 06:01 1490944 C:\WINDOWS\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 03:07 15360] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 05:44:06 29696] HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 22:26:24 210520] ImageMixer HDD Camera Monitor.lnk - C:\Program Files\PIXELA\ImageMixer3\HDDCameraMonitor.exe [2007-12-13 20:43:09 2117632] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 02:01:04 83360] Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 18:23:32 74308] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.YV12"= yv12vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\NVIDIA\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= R1 VD_FileDisk;VD_FileDisk;C:\WINDOWS\system32\drivers\VD_FileDisk.sys [2006-01-13 15:00] R2 nvTUNEP;nVidia WDM TVTuner;C:\WINDOWS\system32\DRIVERS\nvtunep.sys [2004-04-06 12:30] R2 nvtvSND;nVidia WDM TVAudio Crossbar;C:\WINDOWS\system32\DRIVERS\nvtvsnd.sys [2004-04-06 12:31] S3 MSSQL$PSIT;MSSQL$PSIT;C:\Program Files\Microsoft SQL Server\MSSQL$PSIT\Binn\sqlservr.exe [2002-12-17 18:26] S3 SQLAgent$PSIT;SQLAgent$PSIT;C:\Program Files\Microsoft SQL Server\MSSQL$PSIT\Binn\sqlagent.EXE [2002-12-17 18:23] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{84b28d37-a261-11dc-9e93-806d6172696f}] \Shell\AutoRun\command - E:\ASUSACPI.exe . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-07-14 01:00:16 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-07-14 1:01:16 ComboFix-quarantined-files.txt 2008-07-13 23:01:12 ComboFix2.txt 2008-07-13 16:14:00 ComboFix3.txt 2008-07-12 19:50:45 ComboFix4.txt 2008-07-12 12:00:54 ComboFix5.txt 2008-07-11 13:47:30 Pre-Run: 11,289,571,328 bytes free Post-Run: 11,278,491,648 bytes free 109 --- E O F --- 2008-07-09 22:10:57 Dopuna: 14 Jul 2008 1:03 Mnogo je dosadan ovaj Antichrist............

Profil

helen1 Poslao: 14 Jul 2008 08:44 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jel sad nestao?

Profil

keleraba1 Poslao: 14 Jul 2008 16:23 Idi na vrh
offline keleraba1 Novi MyCity građanin Pridružio: 09 Jul 2008 Poruke: 10	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! NEMA VISE........... Hvala na svemu (vremenu i trudu)! SVAKA CAST

Profil

helen1 Poslao: 14 Jul 2008 18:21 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Treba jos nesto da mi odradis: Jel znas da zipujes/rarujes i uploadujes folder? Potreban mi je ovaj folder: C:\QooBox\Quarantine a uploaduj ga preko sledeceg linka: http://www.mycity.rs/ambulanta-upload.php

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Antichrist!!!! Help..........

Ko je trenutno na forumu

Ukupno su 723 korisnika na forumu :: 43 registrovanih, 8 sakrivenih i 672 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: _Sale, aramis s, Ben Roj, bestguarder, bojankrstc, ccoogg123, CikaKURE, dankisha, Dannyboy, Dimitrise93, djboj, DonRumataEstorski, Georgius, Griffon vulture, Joja, ladro, ljuba, Luka Blažević, mercedesamg, Metanoja, milenko crazy north, milutin134, NoOneEver Dreams, pera12345, Petarvu, pristinski korpus, radoznao, S-lash, sasakrajina, Sir Budimir, slonic_tonic, sokars, solic, stegonosa, Stoilkovic, theNedjeljko, trajkoni018, Tvrtko I, vaso1, vathra, YU-UKI, zillbg, 125

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by