Možda tražite i:
virus,virusi ili....
Nepobedivi virus VIRUT W32.CF
mbam i sas nasli viruse dali su to stvarno virusi?

MyCity » Ambulanta -> Arhiva Ambulante » Imam Virus pomoc!!!

Imam Virus pomoc!!!

Napisano na dan: 16.6.2009

Strana:
1
2
3
4

Imam Virus pomoc!!!

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3
4

Sofija2007 Poslao: 17 Jun 2009 14:16 Idi na vrh
offline Sofija2007 Novi MyCity građanin Pridružio: 16 Jun 2009 Poruke: 19	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! jos uvek sam u safe modu dali da restartujem komp

Profil

helen1 Poslao: 17 Jun 2009 14:17 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sofija2007 ::jos uvek sam u safe modu dali da restartujem komp Restartuj, probaj da udjes normalno, trebalo bi da se poboljsalo.

Profil

Sofija2007 Poslao: 17 Jun 2009 14:33 Idi na vrh
offline Sofija2007 Novi MyCity građanin Pridružio: 16 Jun 2009 Poruke: 19	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Restartovao sam komp. sad radi "normalno" sta sad...

Profil

helen1 Poslao: 17 Jun 2009 14:37 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ponovo pokreni onaj RSIT program, skeniraj, da vidim sta kaze.

Profil

Sofija2007 Poslao: 17 Jun 2009 14:41 Idi na vrh
offline Sofija2007 Novi MyCity građanin Pridružio: 16 Jun 2009 Poruke: 19	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of random's system information tool 1.06 (written by random/random) Run by miljan at 2009-06-17 14:39:44 Microsoft Windows XP Professional Service Pack 2 System drive C: has 3 GB (13%) free of 20 GB Total RAM: 512 MB (42% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:47:39, on 16.6.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\csrcs.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Winamp Remote\bin\OrbTray.exe C:\program Files\Manson\liser.exe C:\WINDOWS\system32\3361\services.exe C:\Program Files\Winamp Remote\bin\Orb.exe C:\WINDOWS\system32\bgsvcgen.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\system32\sopidkc.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\miljan.MILJAN-677AU8CL\Desktop\RSIT.exe C:\Program Files\trend micro\miljan.exe C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\net.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll F2 - REG:system.ini: Shell=Explorer.exe csrcs.exe F3 - REG:win.ini: load=C:\WINDOWS\system32\mspdttd.exe F3 - REG:win.ini: run=C:\WINDOWS\system32\mskpo.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background O4 - HKCU\..\Run: [kell] C:\program Files\Manson\liser.exe O4 - HKLM\..\Policies\Explorer\Run: [csrcs] C:\WINDOWS\system32\csrcs.exe O4 - HKLM\..\Policies\Explorer\Run: [exec] C:\WINDOWS\system32\msaxy.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users.WINDOWS\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Add To Print List - [Link mogu videti samo ulogovani korisnici]\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - [Link mogu videti samo ulogovani korisnici]\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - [Link mogu videti samo ulogovani korisnici]\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - [Link mogu videti samo ulogovani korisnici]\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~1\Manson\liser.dll O23 - Service: avast! iAVS4 Control Service (aswupdsv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus (avast! antivirus) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner (avast! mail scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner (avast! web scanner) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe O23 - Service: Background Intelligent Transfer Service (BITS) - Unknown owner - C:\WINDOWS\ O23 - Service: jmnhhgrtja35ujghuykj6r8io9iujg80 - Unknown owner - C:\WINDOWS\jmnhhgrtja35ujghuykj6r8io9iujg81.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: sopidkc Service (sopidkc) - Elecard Lt - C:\WINDOWS\system32\sopidkc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: Automatic Updates (wuauserv) - Unknown owner - C:\WINDOWS\ -- End of file - 7092 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2007-05-28 722472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}] Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-03-20 1267040] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-08-26 405504] {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2008-03-20 1267040] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2003-03-03 4595712] "nwiz"=nwiz.exe /install [] "WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-04-01 36352] "NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2007-08-17 77824] "OM_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe [2006-05-16 40960] "OpwareSE2"=C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152] "TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2007-09-04 185632] "Synchronization Manager"=C:\WINDOWS\system32\mobsync.exe [2004-08-04 143360] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "exec"=C:\WINDOWS\system32\msqmyfpa.exe [2004-08-04 262144] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208] "OM_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe [2006-05-16 57344] "Orb"=C:\Program Files\Winamp Remote\bin\OrbTray.exe [2008-01-07 495616] C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe::Enabled:RealPlayer" "C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe::Enabled:Orb" "C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe::Enabled:OrbTray" "C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe::Enabled:Orb Stream Client" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe::Enabled:Skype. Take a deep breath " "C:\WINDOWS\system32\3361\services.exe"="C:\WINDOWS\system32\3361\services.exe::Enabled:services.exe" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" ======File associations====== .exe - open - msnve.exe "%1" %* .bat - open - msnve.exe "%1" %* .bat - edit - .com - open - msnve.exe "%1" %* ======List of files/folders created in the last 1 months====== 2009-06-17 11:13:21 ----HD---- C:\WINDOWS\system32\3361 2009-06-17 10:15:18 ----D---- C:\_OTM 2009-06-17 09:37:08 ----A---- C:\WINDOWS\ntbtlog.txt 2009-06-16 17:47:17 ----D---- C:\Program Files\trend micro 2009-06-16 17:47:16 ----D---- C:\rsit 2009-06-16 17:40:09 ----D---- C:\32788R22FWJFW 2009-06-16 17:35:11 ----A---- C:\WINDOWS\nircmd.exe 2009-06-16 17:23:04 ----D---- C:\32788R22FWJFW.0.tmp 2009-06-16 11:01:30 ----A---- C:\WINDOWS\system32\aswBoot.exe 2009-06-16 11:01:26 ----D---- C:\Program Files\Alwil Software 2009-06-16 10:52:00 ----A---- C:\WINDOWS\irc.txt 2009-06-16 10:51:50 ----D---- C:\Documents and Settings\miljan.MILJAN-677AU8CL\Application Data\Mozilla 2009-06-16 10:51:38 ----D---- C:\Program Files\Mozilla Firefox 2009-06-16 00:00:23 ----RSHD---- C:\RECYCLER 2009-06-15 22:06:20 ----HD---- C:\WINDOWS\$NtUninstallKB923561$ ======List of files/folders modified in the last 1 months====== 2009-06-16 23:13:32 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-05-29 18:18:12 ----A---- C:\WINDOWS\MDVDP.Ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\aavmker4.sys [2009-02-05 26944] R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-03 37376] R1 aswsp;avast! Self Protection; C:\WINDOWS\system32\drivers\aswsp.sys [2009-02-05 114768] R1 aswtdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswtdi.sys [2009-02-05 51376] R1 cdrbsdrv;cdrbsdrv; C:\WINDOWS\system32\drivers\cdrbsdrv.sys [2005-05-11 32256] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632] R2 aswfsblk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560] R2 aswmon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswmon2.sys [2009-02-05 94032] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816] R3 aswrdr;aswRdr; C:\WINDOWS\system32\drivers\aswrdr.sys [2009-02-05 23152] R3 IntelC51;IntelC51; C:\WINDOWS\System32\DRIVERS\IntelC51.sys [2003-05-16 2202674] R3 IntelC52;IntelC52; C:\WINDOWS\System32\DRIVERS\IntelC52.sys [2003-05-16 451625] R3 IntelC53;IntelC53; C:\WINDOWS\System32\DRIVERS\IntelC53.sys [2003-05-16 29541] R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2003-03-03 1248794] R3 PAC207;VideoCAM GE111; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-04-08 162176] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2002-12-19 539008] R3 USBCM;Scientific-Atlanta USB Cable Modem Driver; C:\WINDOWS\system32\DRIVERS\Sacm2A.sys [2004-06-10 15429] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624] R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480] S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024] S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880] S3 NTSIM;NTSIM; \??\C:\WINDOWS\System32\ntsim.sys [] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136] S3 ss_bus;Samsung Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-01-24 52384] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2004-09-17 6064] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2004-09-17 84512] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360] S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616] S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856] S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104] S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-23 12032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 aswupdsv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752] R2 avast! antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680] R2 bgsvcgen;B's Recorder GOLD Library General Service; C:\WINDOWS\system32\bgsvcgen.exe [2005-04-30 86016] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2003-03-03 65536] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912] R3 avast! mail scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040] R3 avast! web scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] -----------------EOF-----------------

Profil

helen1 Poslao: 17 Jun 2009 14:54 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nista ovo ne valja Probaj ponovo da startujes ComboFix. Skini ga sa sajta i probaj.

Profil

Sofija2007 Poslao: 17 Jun 2009 18:01 Idi na vrh
offline Sofija2007 Novi MyCity građanin Pridružio: 16 Jun 2009 Poruke: 19	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 17 Jun 2009 15:01 Ponovo kad pokrenem Combofix posle par sekundi izbacujemi prozor NirCmd v2.35 Dopuna: 17 Jun 2009 18:01 pokusao sam ponovo da startujem Combofix i udspeo sam evo izvestaja. ComboFix 09-06-16.05 - miljan 17.06.2009 17:50.1 - FAT32x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.512.262 [GMT 2:00] Running from: c:\documents and settings\miljan.MILJAN-677AU8CL\Desktop\ComboFix.exe AV: avast! antivirus 4.8.1335 [VPS 090616-0] On-access scanning disabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\3361 c:\windows\system32\Cache c:\windows\system32\install.log c:\windows\system32\msaal.exe c:\windows\system32\msadbdeh.exe c:\windows\system32\msagv.exe c:\windows\system32\msaha.exe c:\windows\system32\msahnk.exe c:\windows\system32\msain.exe c:\windows\system32\msajxa.exe c:\windows\system32\msanoon.exe c:\windows\system32\msanjdg.exe c:\windows\system32\msaom.exe c:\windows\system32\msapt.exe c:\windows\system32\msasdkk.exe c:\windows\system32\msaxdq.exe c:\windows\system32\msaxeyo.exe c:\windows\system32\msaxvvn.exe c:\windows\system32\msayky.exe c:\windows\system32\msayvro.exe c:\windows\system32\msbaxyty.exe c:\windows\system32\msbbtbd.exe c:\windows\system32\msbbvwro.exe c:\windows\system32\msbdvs.exe c:\windows\system32\msbguoz.exe c:\windows\system32\msbhj.exe c:\windows\system32\msbhlcqr.exe c:\windows\system32\msbho.exe c:\windows\system32\msbjzg.exe c:\windows\system32\msbknn.exe c:\windows\system32\msbkr.exe c:\windows\system32\msblkcf.exe c:\windows\system32\msbmf.exe c:\windows\system32\msbnbvtx.exe c:\windows\system32\msbness.exe c:\windows\system32\msbpjo.exe c:\windows\system32\msbqiq.exe c:\windows\system32\msbqudz.exe c:\windows\system32\msbstda.exe c:\windows\system32\msbsu.exe c:\windows\system32\msbtolx.exe c:\windows\system32\msbtu.exe c:\windows\system32\msbvu.exe c:\windows\system32\msbwvtji.exe c:\windows\system32\msbycgi.exe c:\windows\system32\msbzdphg.exe c:\windows\system32\msbzxdtf.exe c:\windows\system32\mscajpcc.exe c:\windows\system32\mscalzo.exe c:\windows\system32\mscdgtf.exe c:\windows\system32\mscehu.exe c:\windows\system32\msceq.exe c:\windows\system32\msceqo.exe c:\windows\system32\mscfbfcc.exe c:\windows\system32\mscfneno.exe c:\windows\system32\mscfnhtc.exe c:\windows\system32\mscfzhp.exe c:\windows\system32\mscgcslz.exe c:\windows\system32\mschabla.exe c:\windows\system32\mscjnq.exe c:\windows\system32\mscjssn.exe c:\windows\system32\mscmlmcq.exe c:\windows\system32\mscmrul.exe c:\windows\system32\mscod.exe c:\windows\system32\mscoiap.exe c:\windows\system32\mscoshgr.exe c:\windows\system32\mscqltwy.exe c:\windows\system32\mscrd.exe c:\windows\system32\mscrfcu.exe c:\windows\system32\mscrrdd.exe c:\windows\system32\mscrsh.exe c:\windows\system32\mscvclas.exe c:\windows\system32\mscvjjqc.exe c:\windows\system32\mscwn.exe c:\windows\system32\mscwxd.exe c:\windows\system32\mscxmgd.exe c:\windows\system32\mscyx.exe c:\windows\system32\msczajt.exe c:\windows\system32\msczxzbh.exe c:\windows\system32\msdady.exe c:\windows\system32\msdars.exe c:\windows\system32\msdbhf.exe c:\windows\system32\msdekphi.exe c:\windows\system32\msdhgr.exe c:\windows\system32\msdivpc.exe c:\windows\system32\msdjfu.exe c:\windows\system32\msdjuwq.exe c:\windows\system32\msdjzyn.exe c:\windows\system32\msdkfj.exe c:\windows\system32\msdlfbht.exe c:\windows\system32\msdln.exe c:\windows\system32\msdlxuzo.exe c:\windows\system32\msdnl.exe c:\windows\system32\msdnxi.exe c:\windows\system32\msdomkzx.exe c:\windows\system32\msdpucm.exe c:\windows\system32\msdtgy.exe c:\windows\system32\msdtuo.exe c:\windows\system32\msdtvfao.exe c:\windows\system32\msdvqxn.exe c:\windows\system32\msdwbywo.exe c:\windows\system32\msdxzexo.exe c:\windows\system32\msdyu.exe c:\windows\system32\msdztbs.exe c:\windows\system32\mseas.exe c:\windows\system32\mseayo.exe c:\windows\system32\msecz.exe c:\windows\system32\msedgka.exe c:\windows\system32\msefk.exe c:\windows\system32\msegaotc.exe c:\windows\system32\msehdud.exe c:\windows\system32\msekfb.exe c:\windows\system32\mselou.exe c:\windows\system32\msels.exe c:\windows\system32\msema.exe c:\windows\system32\msephj.exe c:\windows\system32\msepjkv.exe c:\windows\system32\mseqgf.exe c:\windows\system32\mseshqky.exe c:\windows\system32\msetfwrb.exe c:\windows\system32\msevxnms.exe c:\windows\system32\mseyki.exe c:\windows\system32\mseym.exe c:\windows\system32\mseyopa.exe c:\windows\system32\msfbaw.exe c:\windows\system32\msfbb.exe c:\windows\system32\msfbti.exe c:\windows\system32\msfcbaj.exe c:\windows\system32\msfedzxf.exe c:\windows\system32\msfegr.exe c:\windows\system32\msfej.exe c:\windows\system32\msfek.exe c:\windows\system32\msffmqb.exe c:\windows\system32\msfgevrz.exe c:\windows\system32\msfgunq.exe c:\windows\system32\msfgwsxj.exe c:\windows\system32\msfha.exe c:\windows\system32\msfhlj.exe c:\windows\system32\msfhqp.exe c:\windows\system32\msfissba.exe c:\windows\system32\msfjj.exe c:\windows\system32\msfjlggs.exe c:\windows\system32\msfkjf.exe c:\windows\system32\msfkwu.exe c:\windows\system32\msflban.exe c:\windows\system32\msfluxj.exe c:\windows\system32\msfmefs.exe c:\windows\system32\msfmvke.exe c:\windows\system32\msfntfem.exe c:\windows\system32\msfoglq.exe c:\windows\system32\msfpquwn.exe c:\windows\system32\msfqowuv.exe c:\windows\system32\msfsgkn.exe c:\windows\system32\msftf.exe c:\windows\system32\msftkzz.exe c:\windows\system32\msfvk.exe c:\windows\system32\msfwidoq.exe c:\windows\system32\msfwkw.exe c:\windows\system32\msfxaj.exe c:\windows\system32\msfxmid.exe c:\windows\system32\msfyfnw.exe c:\windows\system32\msgab.exe c:\windows\system32\msgccrqj.exe c:\windows\system32\msgdkzn.exe c:\windows\system32\msgeagic.exe c:\windows\system32\msgeo.exe c:\windows\system32\msgfwaim.exe c:\windows\system32\msggwx.exe c:\windows\system32\msghkd.exe c:\windows\system32\msgicef.exe c:\windows\system32\msgidna.exe c:\windows\system32\msgif.exe c:\windows\system32\msgjwtb.exe c:\windows\system32\msgkcd.exe c:\windows\system32\msglu.exe c:\windows\system32\msgmlg.exe c:\windows\system32\msgmq.exe c:\windows\system32\msgohibz.exe c:\windows\system32\msgot.exe c:\windows\system32\msgppjrz.exe c:\windows\system32\msgqn.exe c:\windows\system32\msgqrk.exe c:\windows\system32\msgqyqt.exe c:\windows\system32\msgrbrso.exe c:\windows\system32\msgsul.exe c:\windows\system32\msgugjq.exe c:\windows\system32\msgulob.exe c:\windows\system32\msgvd.exe c:\windows\system32\msgveten.exe c:\windows\system32\msgvjtlz.exe c:\windows\system32\msgwg.exe c:\windows\system32\msgxgbxp.exe c:\windows\system32\msgyha.exe c:\windows\system32\msgzqppx.exe c:\windows\system32\mshbqwa.exe c:\windows\system32\mshbva.exe c:\windows\system32\mshecdiq.exe c:\windows\system32\mshezfed.exe c:\windows\system32\mshfh.exe c:\windows\system32\mshfhh.exe c:\windows\system32\mshfp.exe c:\windows\system32\mshfw.exe c:\windows\system32\mshfzi.exe c:\windows\system32\mshgmfy.exe c:\windows\system32\mshibw.exe c:\windows\system32\mshikczg.exe c:\windows\system32\mshixjfw.exe c:\windows\system32\mshmsu.exe c:\windows\system32\mshommg.exe c:\windows\system32\mshos.exe c:\windows\system32\mshoz.exe c:\windows\system32\mshpe.exe c:\windows\system32\mshrztt.exe c:\windows\system32\mshuf.exe c:\windows\system32\mshvfny.exe c:\windows\system32\mshwtu.exe c:\windows\system32\mshyfl.exe c:\windows\system32\mshykr.exe c:\windows\system32\mshyorck.exe c:\windows\system32\mshyozk.exe c:\windows\system32\mshyt.exe c:\windows\system32\msibdnxx.exe c:\windows\system32\msibkkbg.exe c:\windows\system32\msids.exe c:\windows\system32\msidtx.exe c:\windows\system32\msiecxcg.exe c:\windows\system32\msigado.exe c:\windows\system32\msigw.exe c:\windows\system32\msihggj.exe c:\windows\system32\msihluo.exe c:\windows\system32\msihzvot.exe c:\windows\system32\msiir.exe c:\windows\system32\msiisw.exe c:\windows\system32\msiker.exe c:\windows\system32\msilldg.exe c:\windows\system32\msingmwe.exe c:\windows\system32\msingze.exe c:\windows\system32\msippwh.exe c:\windows\system32\msiqi.exe c:\windows\system32\msiqxb.exe c:\windows\system32\msircve.exe c:\windows\system32\msirncxc.exe c:\windows\system32\msirrgrz.exe c:\windows\system32\msisp.exe c:\windows\system32\msitb.exe c:\windows\system32\msitho.exe c:\windows\system32\msitk.exe c:\windows\system32\msiuyl.exe c:\windows\system32\msivcz.exe c:\windows\system32\msixf.exe c:\windows\system32\msiyg.exe c:\windows\system32\msizh.exe c:\windows\system32\msizq.exe c:\windows\system32\msiztvmx.exe c:\windows\system32\msjaebd.exe c:\windows\system32\msjcmme.exe c:\windows\system32\msjdecfr.exe c:\windows\system32\msjdq.exe c:\windows\system32\msjhhg.exe c:\windows\system32\msjihoaq.exe c:\windows\system32\msjjd.exe c:\windows\system32\msjkarb.exe c:\windows\system32\msjnpmu.exe c:\windows\system32\msjnys.exe c:\windows\system32\msjpusp.exe c:\windows\system32\msjqslio.exe c:\windows\system32\msjqv.exe c:\windows\system32\msjsi.exe c:\windows\system32\msjtnu.exe c:\windows\system32\msjtxyz.exe c:\windows\system32\msjtyon.exe c:\windows\system32\msjuol.exe c:\windows\system32\msjxcws.exe c:\windows\system32\msjxt.exe c:\windows\system32\msjxtm.exe c:\windows\system32\msjylyjr.exe c:\windows\system32\msjym.exe c:\windows\system32\msjyqajw.exe c:\windows\system32\msjzylaj.exe c:\windows\system32\mskaqvr.exe c:\windows\system32\mskbm.exe c:\windows\system32\mskca.exe c:\windows\system32\mskdbvtp.exe c:\windows\system32\mskeo.exe c:\windows\system32\mskfqbx.exe c:\windows\system32\mskibcd.exe c:\windows\system32\mskik.exe c:\windows\system32\mskjs.exe c:\windows\system32\mskkijt.exe c:\windows\system32\mskkooml.exe c:\windows\system32\msklrz.exe c:\windows\system32\mskmd.exe c:\windows\system32\mskmgl.exe c:\windows\system32\mskmvnsu.exe c:\windows\system32\mskmzfm.exe c:\windows\system32\mskpo.exe c:\windows\system32\mskqh.exe c:\windows\system32\mskqlgf.exe c:\windows\system32\mskrduzm.exe c:\windows\system32\mskre.exe c:\windows\system32\mskrfl.exe c:\windows\system32\msktepm.exe c:\windows\system32\mskuhuu.exe c:\windows\system32\mskvc.exe c:\windows\system32\mskxkmh.exe c:\windows\system32\mskxuix.exe c:\windows\system32\mskykk.exe c:\windows\system32\mslabdef.exe c:\windows\system32\mslaif.exe c:\windows\system32\msldev.exe c:\windows\system32\mslej.exe c:\windows\system32\mslewq.exe c:\windows\system32\mslgfhoc.exe c:\windows\system32\msliokwh.exe c:\windows\system32\mslkyipn.exe c:\windows\system32\mslla.exe c:\windows\system32\msllb.exe c:\windows\system32\msllmfr.exe c:\windows\system32\mslnqchk.exe c:\windows\system32\mslnrssj.exe c:\windows\system32\msloabu.exe c:\windows\system32\mslobem.exe c:\windows\system32\mslogn.exe c:\windows\system32\mslsppk.exe c:\windows\system32\msltbhz.exe c:\windows\system32\msludy.exe c:\windows\system32\mslxh.exe c:\windows\system32\mslyj.exe c:\windows\system32\mslzrgpq.exe c:\windows\system32\msmadfwg.exe c:\windows\system32\msmamegd.exe c:\windows\system32\msmavh.exe c:\windows\system32\msmckv.exe c:\windows\system32\msmcrp.exe c:\windows\system32\msmdpn.exe c:\windows\system32\msmeeqx.exe c:\windows\system32\msmeqq.exe c:\windows\system32\msmfw.exe c:\windows\system32\msmgmzf.exe c:\windows\system32\msmgpmbs.exe c:\windows\system32\msmgvg.exe c:\windows\system32\msmhgcoh.exe c:\windows\system32\msmhmkw.exe c:\windows\system32\msmhn.exe c:\windows\system32\msmhpwtr.exe c:\windows\system32\msmivj.exe c:\windows\system32\msmksj.exe c:\windows\system32\msmllpr.exe c:\windows\system32\msmlrm.exe c:\windows\system32\msmmhaic.exe c:\windows\system32\msmojgl.exe c:\windows\system32\msmpiftf.exe c:\windows\system32\msmpmhzi.exe c:\windows\system32\msmqd.exe c:\windows\system32\msmqnbjk.exe c:\windows\system32\msmqqxfa.exe c:\windows\system32\msmrcz.exe c:\windows\system32\msmrtcdr.exe c:\windows\system32\msmrzwig.exe c:\windows\system32\msmsi.exe c:\windows\system32\msmspcj.exe c:\windows\system32\msmtrk.exe c:\windows\system32\msmupq.exe c:\windows\system32\msmuqpcp.exe c:\windows\system32\msmuzw.exe c:\windows\system32\msmwopto.exe c:\windows\system32\msmxr.exe c:\windows\system32\msnbm.exe c:\windows\system32\msnborq.exe c:\windows\system32\msnbvwj.exe c:\windows\system32\msncfeg.exe c:\windows\system32\msncuvzt.exe c:\windows\system32\msner.exe c:\windows\system32\msnftl.exe c:\windows\system32\msnhal.exe c:\windows\system32\msnhno.exe c:\windows\system32\msnksoq.exe c:\windows\system32\msnmu.exe c:\windows\system32\msnoq.exe c:\windows\system32\msnreior.exe c:\windows\system32\msnrjpyz.exe c:\windows\system32\msnsxst.exe c:\windows\system32\msnszqhc.exe c:\windows\system32\msntj.exe c:\windows\system32\msnuaxng.exe c:\windows\system32\msnuufx.exe c:\windows\system32\msnvav.exe c:\windows\system32\msnve.exe c:\windows\system32\msnvzbbr.exe c:\windows\system32\msnxwoyz.exe c:\windows\system32\msnylhq.exe c:\windows\system32\msnyzdhr.exe c:\windows\system32\msnjpcv.exe c:\windows\system32\msnjwyxp.exe c:\windows\system32\msoaab.exe c:\windows\system32\msocuzc.exe c:\windows\system32\msodglji.exe c:\windows\system32\msoea.exe c:\windows\system32\msoeq.exe c:\windows\system32\msoffotc.exe c:\windows\system32\msogch.exe c:\windows\system32\msogvrl.exe c:\windows\system32\msohy.exe c:\windows\system32\msojq.exe c:\windows\system32\msokty.exe c:\windows\system32\msomn.exe c:\windows\system32\msons.exe c:\windows\system32\msonunt.exe c:\windows\system32\msopeyz.exe c:\windows\system32\msormgh.exe c:\windows\system32\msoure.exe c:\windows\system32\msovki.exe c:\windows\system32\msowgx.exe c:\windows\system32\msowkem.exe c:\windows\system32\msowt.exe c:\windows\system32\msoxclu.exe c:\windows\system32\msoxibi.exe c:\windows\system32\msozfwx.exe c:\windows\system32\msoztflz.exe c:\windows\system32\mspahjd.exe c:\windows\system32\mspcxdkc.exe c:\windows\system32\mspdttd.exe c:\windows\system32\mspeqbzt.exe c:\windows\system32\mspfwq.exe c:\windows\system32\mspgeyed.exe c:\windows\system32\msphk.exe c:\windows\system32\mspjenq.exe c:\windows\system32\mspkat.exe c:\windows\system32\msplk.exe c:\windows\system32\msplo.exe c:\windows\system32\msplu.exe c:\windows\system32\mspmfsio.exe c:\windows\system32\mspmjvb.exe c:\windows\system32\mspmvabs.exe c:\windows\system32\mspplg.exe c:\windows\system32\mspribk.exe c:\windows\system32\msprql.exe c:\windows\system32\msptdk.exe c:\windows\system32\mspuj.exe c:\windows\system32\mspukn.exe c:\windows\system32\mspuxlv.exe c:\windows\system32\mspwgi.exe c:\windows\system32\mspxyoih.exe c:\windows\system32\mspylab.exe c:\windows\system32\mspymt.exe c:\windows\system32\mspyvc.exe c:\windows\system32\mspzhn.exe c:\windows\system32\mspzm.exe c:\windows\system32\msqak.exe c:\windows\system32\msqapg.exe c:\windows\system32\msqapqm.exe c:\windows\system32\msqbh.exe c:\windows\system32\msqcn.exe c:\windows\system32\msqdumu.exe c:\windows\system32\msqgg.exe c:\windows\system32\msqgvtf.exe c:\windows\system32\msqhblb.exe c:\windows\system32\msqisq.exe c:\windows\system32\msqiumed.exe c:\windows\system32\msqixz.exe c:\windows\system32\msqjocpf.exe c:\windows\system32\msqjtqq.exe c:\windows\system32\msqkz.exe c:\windows\system32\msqlpayv.exe c:\windows\system32\msqmf.exe c:\windows\system32\msqmyfpa.exe c:\windows\system32\msqopwcp.exe c:\windows\system32\msqpke.exe c:\windows\system32\msqpn.exe c:\windows\system32\msqpyb.exe c:\windows\system32\msqrpj.exe c:\windows\system32\msqsgqf.exe c:\windows\system32\msqsva.exe c:\windows\system32\msqsx.exe c:\windows\system32\msquzl.exe c:\windows\system32\msqxgwi.exe c:\windows\system32\msqyiynq.exe c:\windows\system32\msqyxzu.exe c:\windows\system32\msqyzx.exe c:\windows\system32\msqzunwn.exe c:\windows\system32\msrbmh.exe c:\windows\system32\msrbwxzr.exe c:\windows\system32\msrhni.exe c:\windows\system32\msricry.exe c:\windows\system32\msrixbuh.exe c:\windows\system32\msriyvs.exe c:\windows\system32\msrjfm.exe c:\windows\system32\msrjo.exe c:\windows\system32\msrjynm.exe c:\windows\system32\msrlbf.exe c:\windows\system32\msrlszyk.exe c:\windows\system32\msrmuo.exe c:\windows\system32\msrnycyl.exe c:\windows\system32\msrrutyl.exe c:\windows\system32\msrsl.exe c:\windows\system32\msrsnzd.exe c:\windows\system32\msrsz.exe c:\windows\system32\msrtkdr.exe c:\windows\system32\msrtre.exe c:\windows\system32\msrurawy.exe c:\windows\system32\msrurea.exe c:\windows\system32\msrwds.exe c:\windows\system32\msrwhuw.exe c:\windows\system32\msrwl.exe c:\windows\system32\msrxubk.exe c:\windows\system32\msrzawpb.exe c:\windows\system32\msrzl.exe c:\windows\system32\msrzt.exe c:\windows\system32\mssaho.exe c:\windows\system32\msscfd.exe c:\windows\system32\msscox.exe c:\windows\system32\mssdrwf.exe c:\windows\system32\mssdxg.exe c:\windows\system32\msslecz.exe c:\windows\system32\mssmjr.exe c:\windows\system32\mssmr.exe c:\windows\system32\mssngl.exe c:\windows\system32\mssofk.exe c:\windows\system32\mssot.exe c:\windows\system32\mssrk.exe c:\windows\system32\mssrl.exe c:\windows\system32\msssz.exe c:\windows\system32\mssvd.exe c:\windows\system32\mssvtzlg.exe c:\windows\system32\mssvwx.exe c:\windows\system32\mssxc.exe c:\windows\system32\mssxjp.exe c:\windows\system32\mssxr.exe c:\windows\system32\mssxuvz.exe c:\windows\system32\mssyr.exe c:\windows\system32\msszgzan.exe c:\windows\system32\msszym.exe c:\windows\system32\mstbjq.exe c:\windows\system32\mstbkfhv.exe c:\windows\system32\mstcbkec.exe c:\windows\system32\mstehlh.exe c:\windows\system32\mstffdz.exe c:\windows\system32\mstfkzb.exe c:\windows\system32\mstflne.exe c:\windows\system32\mstfn.exe c:\windows\system32\mstfrg.exe c:\windows\system32\mstfx.exe c:\windows\system32\mstglh.exe c:\windows\system32\msthurtq.exe c:\windows\system32\mstif.exe c:\windows\system32\mstjvysa.exe c:\windows\system32\mstksi.exe c:\windows\system32\mstljo.exe c:\windows\system32\mstns.exe c:\windows\system32\mstoedtk.exe c:\windows\system32\mstopxne.exe c:\windows\system32\mstpoqzv.exe c:\windows\system32\mstpuj.exe c:\windows\system32\mstrrecj.exe c:\windows\system32\mstsmz.exe c:\windows\system32\mstubshb.exe c:\windows\system32\mstuclhz.exe c:\windows\system32\mstutjy.exe c:\windows\system32\mstuz.exe c:\windows\system32\mstuzkzt.exe c:\windows\system32\mstwrv.exe c:\windows\system32\mstxbd.exe c:\windows\system32\mstxpqvm.exe c:\windows\system32\msucpo.exe c:\windows\system32\msuct.exe c:\windows\system32\msucv.exe c:\windows\system32\msudjror.exe c:\windows\system32\msuee.exe c:\windows\system32\msugujiz.exe c:\windows\system32\msuhhlq.exe c:\windows\system32\msuhunwz.exe c:\windows\system32\msuisbgi.exe c:\windows\system32\msuocrk.exe c:\windows\system32\msupo.exe c:\windows\system32\msuqoset.exe c:\windows\system32\msusmmw.exe c:\windows\system32\msutephn.exe c:\windows\system32\msutrkso.exe c:\windows\system32\msutzt.exe c:\windows\system32\msuurbze.exe c:\windows\system32\msuuuj.exe c:\windows\system32\msuvaia.exe c:\windows\system32\msuvz.exe c:\windows\system32\msuwe.exe c:\windows\system32\msuxeda.exe c:\windows\system32\msuxx.exe c:\windows\system32\msuyn.exe c:\windows\system32\msuynf.exe c:\windows\system32\msuyr.exe c:\windows\system32\msuyw.exe c:\windows\system32\msvckceo.exe c:\windows\system32\msvcyy.exe c:\windows\system32\msvdps.exe c:\windows\system32\msvekiiv.exe c:\windows\system32\msves.exe c:\windows\system32\msveyfx.exe c:\windows\system32\msvfajx.exe c:\windows\system32\msvgzfg.exe c:\windows\system32\msvhej.exe c:\windows\system32\msvhshn.exe c:\windows\system32\msviipxs.exe c:\windows\system32\msvin.exe c:\windows\system32\msvkst.exe c:\windows\system32\msvlmen.exe c:\windows\system32\msvlmz.exe c:\windows\system32\msvmxoeh.exe c:\windows\system32\msvnqm.exe c:\windows\system32\msvqwpwm.exe c:\windows\system32\msvrdqr.exe c:\windows\system32\msvsv.exe c:\windows\system32\msvszy.exe c:\windows\system32\msvtvsnz.exe c:\windows\system32\msvuku.exe c:\windows\system32\msvwq.exe c:\windows\system32\msvws.exe c:\windows\system32\msvxcf.exe c:\windows\system32\msvxl.exe c:\windows\system32\msvxvbg.exe c:\windows\system32\msvzfcu.exe c:\windows\system32\mswauh.exe c:\windows\system32\mswcg.exe c:\windows\system32\mswcgy.exe c:\windows\system32\mswemfn.exe c:\windows\system32\msweowg.exe c:\windows\system32\msweuvaw.exe c:\windows\system32\mswfjdav.exe c:\windows\system32\mswfoxo.exe c:\windows\system32\mswgcj.exe c:\windows\system32\mswhap.exe c:\windows\system32\mswhi.exe c:\windows\system32\mswhm.exe c:\windows\system32\mswkpsjr.exe c:\windows\system32\mswmioxh.exe c:\windows\system32\mswnyc.exe c:\windows\system32\mswol.exe c:\windows\system32\mswow.exe c:\windows\system32\mswpmdaq.exe c:\windows\system32\mswrhdw.exe c:\windows\system32\mswrmd.exe c:\windows\system32\mswrxw.exe c:\windows\system32\mswsgnlv.exe c:\windows\system32\mswszgw.exe c:\windows\system32\mswvkjnk.exe c:\windows\system32\mswxjf.exe c:\windows\system32\mswxjsf.exe c:\windows\system32\mswzakub.exe c:\windows\system32\mswzcekm.exe c:\windows\system32\msxbdi.exe c:\windows\system32\msxektbq.exe c:\windows\system32\msxfon.exe c:\windows\system32\msxft.exe c:\windows\system32\msxgg.exe c:\windows\system32\msxgpe.exe c:\windows\system32\msxhe.exe c:\windows\system32\msxhthx.exe c:\windows\system32\msxibtid.exe c:\windows\system32\msxio.exe c:\windows\system32\msxjuy.exe c:\windows\system32\msxlcao.exe c:\windows\system32\msxlpqyc.exe c:\windows\system32\msxlyq.exe c:\windows\system32\msxmwoi.exe c:\windows\system32\msxoh.exe c:\windows\system32\msxox.exe c:\windows\system32\msxoz.exe c:\windows\system32\msxpui.exe c:\windows\system32\msxpxg.exe c:\windows\system32\msxqdva.exe c:\windows\system32\msxqjjvi.exe c:\windows\system32\msxqr.exe c:\windows\system32\msxrqlom.exe c:\windows\system32\msxrtv.exe c:\windows\system32\msxsi.exe c:\windows\system32\msxtrct.exe c:\windows\system32\msxvl.exe c:\windows\system32\msxwim.exe c:\windows\system32\msxwjdse.exe c:\windows\system32\msxwjj.exe c:\windows\system32\msxwkubp.exe c:\windows\system32\msxwwgg.exe c:\windows\system32\msxxlk.exe c:\windows\system32\msxzk.exe c:\windows\system32\msxznfe.exe c:\windows\system32\msyarha.exe c:\windows\system32\msyavoki.exe c:\windows\system32\msyfxh.exe c:\windows\system32\msyitnc.exe c:\windows\system32\msykuzi.exe c:\windows\system32\msyokq.exe c:\windows\system32\msyqjoa.exe c:\windows\system32\msyrflok.exe c:\windows\system32\msyrmkm.exe c:\windows\system32\msyrz.exe c:\windows\system32\msysxjsv.exe c:\windows\system32\msytryjf.exe c:\windows\system32\msyuk.exe c:\windows\system32\msyuq.exe c:\windows\system32\msyvdyf.exe c:\windows\system32\msyvp.exe c:\windows\system32\msyvv.exe c:\windows\system32\msyxo.exe c:\windows\system32\msyxyinz.exe c:\windows\system32\msyynsi.exe c:\windows\system32\mszblvvh.exe c:\windows\system32\mszco.exe c:\windows\system32\mszdr.exe c:\windows\system32\mszeegx.exe c:\windows\system32\mszjnbhd.exe c:\windows\system32\mszjw.exe c:\windows\system32\mszkurl.exe c:\windows\system32\mszlhja.exe c:\windows\system32\mszlwzu.exe c:\windows\system32\mszmwf.exe c:\windows\system32\msznajdf.exe c:\windows\system32\msznid.exe c:\windows\system32\msznj.exe c:\windows\system32\mszoelqt.exe c:\windows\system32\mszoigr.exe c:\windows\system32\mszokfc.exe c:\windows\system32\mszpnv.exe c:\windows\system32\mszpyetg.exe c:\windows\system32\mszqy.exe c:\windows\system32\mszqz.exe c:\windows\system32\mszrbfub.exe c:\windows\system32\mszsn.exe c:\windows\system32\mszsoshn.exe c:\windows\system32\mszuus.exe c:\windows\system32\mszvy.exe c:\windows\system32\mszwwlzq.exe c:\windows\system32\mszyczxj.exe c:\windows\system32\winexec.dll c:\windows\system32\winres.dll c:\windows\IE4 Error Log.txt c:\windows\Install.txt c:\windows\irc.txt c:\windows\system32\3361\mlog c:\windows\system32\3361\services.exe c:\windows\system32\AutoRun.inf c:\windows\system32\calc.ifo c:\windows\system32\comsa32.sys c:\windows\system32\dncyool32.sys c:\windows\system32\drivers\bf80ce20.sys . . . . failed to delete c:\windows\system32\drivers\e6519b66.sys . . . . failed to delete c:\windows\system32\FInstall.sys c:\windows\system32\Install.txt c:\windows\system32\lsass.dll c:\windows\system32\svchost.dll c:\windows\system32\tpszxyd.sys c:\windows\system32\wtukd32.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_bf80ce20 -------\Service_e6519b66 ((((((((((((((((((((((((( Files Created from 2009-05-17 to 2009-06-17 ))))))))))))))))))))))))))))))) . 2009-06-17 08:15 . 2009-06-17 08:15 -------- d-----w- C:\_OTM 2009-06-16 15:47 . 2009-06-16 15:47 -------- d-----w- c:\program files\trend micro 2009-06-16 15:47 . 2009-06-16 15:47 -------- d-----w- C:\rsit 2009-06-16 15:23 . 2009-06-16 18:59 -------- d-----w- C:\32788R22FWJFW.0.tmp 2009-06-16 09:02 . 2009-02-05 20:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-06-16 09:02 . 2009-02-05 20:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-06-16 09:02 . 2009-02-05 20:05 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-06-16 09:02 . 2009-02-05 20:04 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-06-16 09:02 . 2009-02-05 20:08 93296 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-06-16 09:02 . 2009-02-05 20:08 94032 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-06-16 09:02 . 2009-02-05 20:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-06-16 09:02 . 2009-02-05 20:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-06-16 09:01 . 2009-02-05 20:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe 2009-06-16 09:01 . 2009-06-16 09:01 -------- d-----w- c:\program files\Alwil Software 2009-06-16 08:51 . 2009-06-16 08:52 0 ----a-w- c:\windows\nsreg.dat 2009-06-16 08:51 . 2009-06-16 08:51 -------- d-----w- c:\documents and settings\miljan.MILJAN-677AU8CL\Local Settings\Application Data\Mozilla 2009-06-16 07:49 . 2009-06-17 15:57 107724 ----a-w- c:\windows\system32\drivers\e6519b66.sys 2009-06-15 22:00 . 2009-06-17 15:57 108492 ----a-w- c:\windows\system32\drivers\bf80ce20.sys 2009-06-15 20:05 . 2008-04-21 10:02 215552 ------w- c:\windows\system32\dllcache\wordpad.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-17 13:18 . 2007-08-12 16:32 10 ----a-w- c:\windows\popcinfo.dat 2008-07-15 20:24 . 2008-07-15 20:23 5632 --sha-w- c:\program files\Thumbs.db . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208] "OM_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master\Monitor.exe" [2006-05-16 57344] "Orb"="c:\program files\Winamp Remote\bin\OrbTray.exe" [2008-01-07 495616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-03-03 4595712] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-04-01 36352] "NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-08-17 77824] "OM_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master\FirstStart.exe" [2006-05-16 40960] "OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2007-09-04 185632] "Synchronization Manager"="c:\windows\system32\mobsync.exe" [2004-08-03 143360] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2003-03-03 323584] c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP::Disabled:@xpsp2res.dll,-22009 R1 aswsp;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [16.6.2009 11:02 114768] R2 aswfsblk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [16.6.2009 11:02 20560] R3 PAC207;VideoCAM GE111;c:\windows\system32\drivers\PFC027.sys [8.4.2005 10:46 162176] . - - - - ORPHANS REMOVED - - - - Notify-WgaLogon - (no file) . ------- Supplementary Scan ------- . uStart Page = about:blank uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici]* IE: &Winamp Search - c:\documents and settings\All Users.WINDOWS\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html DPF: DirectAnimation Java Classes - [Link mogu videti samo ulogovani korisnici]\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - [Link mogu videti samo ulogovani korisnici]\windows\Java\classes\xmldso.cab FF - ProfilePath - . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2009-06-17 17:57 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bf80ce20] "ImagePath"="\SystemRoot\System32\drivers\bf80ce20.sys" -- [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\e6519b66] "ImagePath"="\SystemRoot\System32\drivers\e6519b66.sys" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(3548-) c:\program files\ScanSoft\OmniPageSE2.0\ophookSE2.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE c:\program files\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE c:\windows\SYSTEM32\BGSVCGEN.EXE c:\program files\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE c:\program files\ALWIL SOFTWARE\AVAST4\ASHDISP.EXE c:\windows\SYSTEM32\NVSVC32.EXE c:\program files\ANALOG DEVICES\SOUNDMAX\SMAGENT.EXE c:\windows\SYSTEM32\PASTISVC.EXE c:\windows\SYSTEM32\WDFMGR.EXE c:\program files\WINAMP REMOTE\BIN\ORB.EXE c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe . ************************************************************************ . Completion time: 2009-06-17 17:59 - machine was rebooted ComboFix-quarantined-files.txt 2009-06-17 15:59 Pre-Run: 2.619.342.848 bytes free Post-Run: 3.106.062.336 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn 892 --- E O F --- 2009-06-15 20:06

Profil

helen1 Poslao: 17 Jun 2009 18:11 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napredujemo: Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\windows\system32\drivers\bf80ce20.sys c:\windows\system32\drivers\e6519b66.sys` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

Sofija2007 Poslao: 17 Jun 2009 21:45 Idi na vrh
offline Sofija2007 Novi MyCity građanin Pridružio: 16 Jun 2009 Poruke: 19	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-06-16.05 - miljan 17.06.2009 21:35.2 - FAT32x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.512.246 [GMT 2:00] Running from: c:\documents and settings\miljan.MILJAN-677AU8CL\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\miljan.MILJAN-677AU8CL\Desktop\CFScript.txt AV: avast! antivirus 4.8.1335 [VPS 090616-0] On-access scanning enabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} FILE :: "c:\windows\system32\drivers\bf80ce20.sys" "c:\windows\system32\drivers\e6519b66.sys" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\drivers\bf80ce20.sys . . . . failed to delete c:\windows\system32\drivers\e6519b66.sys . . . . failed to delete . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_bf80ce20 -------\Service_e6519b66 ((((((((((((((((((((((((( Files Created from 2009-05-17 to 2009-06-17 ))))))))))))))))))))))))))))))) . 2009-06-17 08:15 . 2009-06-17 08:15 -------- d-----w- C:\_OTM 2009-06-16 15:47 . 2009-06-16 15:47 -------- d-----w- c:\program files\trend micro 2009-06-16 15:47 . 2009-06-16 15:47 -------- d-----w- C:\rsit 2009-06-16 15:23 . 2009-06-16 18:59 -------- d-----w- C:\32788R22FWJFW.0.tmp 2009-06-16 09:02 . 2009-02-05 20:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-06-16 09:02 . 2009-02-05 20:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-06-16 09:02 . 2009-02-05 20:05 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-06-16 09:02 . 2009-02-05 20:04 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-06-16 09:02 . 2009-02-05 20:08 93296 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-06-16 09:02 . 2009-02-05 20:08 94032 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-06-16 09:02 . 2009-02-05 20:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-06-16 09:02 . 2009-02-05 20:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-06-16 09:01 . 2009-02-05 20:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe 2009-06-16 09:01 . 2009-06-16 09:01 -------- d-----w- c:\program files\Alwil Software 2009-06-16 08:51 . 2009-06-16 08:52 0 ----a-w- c:\windows\nsreg.dat 2009-06-16 08:51 . 2009-06-16 08:51 -------- d-----w- c:\documents and settings\miljan.MILJAN-677AU8CL\Local Settings\Application Data\Mozilla 2009-06-16 07:49 . 2009-06-17 19:41 107724 ----a-w- c:\windows\system32\drivers\e6519b66.sys 2009-06-15 22:00 . 2009-06-17 19:41 108492 ----a-w- c:\windows\system32\drivers\bf80ce20.sys 2009-06-15 20:05 . 2008-04-21 10:02 215552 ------w- c:\windows\system32\dllcache\wordpad.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-17 13:18 . 2007-08-12 16:32 10 ----a-w- c:\windows\popcinfo.dat 2008-07-15 20:24 . 2008-07-15 20:23 5632 --sha-w- c:\program files\Thumbs.db . ((((((((((((((((((((((((((((( [Link mogu videti samo ulogovani korisnici] ))))))))))))))))))))))))))))))))))))))))) . + 2009-06-17 19:40 . 2009-06-17 19:40 16384 c:\windows\Temp\Perflib_Perfdata_628.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208] "OM_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master\Monitor.exe" [2006-05-16 57344] "Orb"="c:\program files\Winamp Remote\bin\OrbTray.exe" [2008-01-07 495616] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-03-03 4595712] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-04-01 36352] "NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-08-17 77824] "OM_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master\FirstStart.exe" [2006-05-16 40960] "OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2007-09-04 185632] "Synchronization Manager"="c:\windows\system32\mobsync.exe" [2004-08-03 143360] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2003-03-03 323584] c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Real\\RealPlayer\\realplay.exe"= "c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3389:TCP"= 3389:TCP::Disabled:@xpsp2res.dll,-22009 R1 aswsp;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [16.6.2009 11:02 114768] R2 aswfsblk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [16.6.2009 11:02 20560] R3 PAC207;VideoCAM GE111;c:\windows\system32\drivers\PFC027.sys [8.4.2005 10:46 162176] . . ------- Supplementary Scan ------- . uStart Page = about:blank uInternet Connection Wizard,ShellNext = iexplore uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici]* IE: &Winamp Search - c:\documents and settings\All Users.WINDOWS\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html DPF: DirectAnimation Java Classes - [Link mogu videti samo ulogovani korisnici]\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - [Link mogu videti samo ulogovani korisnici]\windows\Java\classes\xmldso.cab FF - ProfilePath - . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2009-06-17 21:41 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\bf80ce20] "ImagePath"="\SystemRoot\System32\drivers\bf80ce20.sys" -- [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\e6519b66] "ImagePath"="\SystemRoot\System32\drivers\e6519b66.sys" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(3104) c:\program files\ScanSoft\OmniPageSE2.0\ophookSE2.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE c:\program files\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE c:\windows\SYSTEM32\BGSVCGEN.EXE c:\program files\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE c:\windows\SYSTEM32\NVSVC32.EXE c:\program files\ANALOG DEVICES\SOUNDMAX\SMAGENT.EXE c:\program files\ALWIL SOFTWARE\AVAST4\ASHDISP.EXE c:\windows\SYSTEM32\PASTISVC.EXE c:\windows\SYSTEM32\WDFMGR.EXE c:\program files\WINAMP REMOTE\BIN\ORB.EXE c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe c:\program files\ALWIL SOFTWARE\AVAST4\SETUP\AVAST.SETUP . ************************************************************************ . Completion time: 2009-06-17 21:43 - machine was rebooted ComboFix-quarantined-files.txt 2009-06-17 19:43 ComboFix2.txt 2009-06-17 15:59 Pre-Run: 3.119.906.816 bytes free Post-Run: 3.106.160.640 bytes free 146 --- E O F --- 2009-06-15 20:06

Profil

helen1 Poslao: 17 Jun 2009 21:51 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Bas je uporan... Otvoriti Notepad i iskopirati sledeci tekst: `KILLALL:: File:: c:\windows\system32\drivers\bf80ce20.sys c:\windows\system32\drivers\e6519b66.sys` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Imam Virus pomoc!!!

Ko je trenutno na forumu

Ukupno su 1010 korisnika na forumu :: 233 registrovanih, 16 sakrivenih i 761 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: -[CoA]-, 04bokibole, 357magnum, 9191vs, Albin0, amaterSRB, Apok, Arhiv, Arni, Aska, Asparagus, Asteker, avijacija, Babilon3, Batinas, Beardonitch, beki76, blankspace, bobpp, Bobrock1, Bojan198527, bojan581, bojanM84, Boris.A, Botovac, BOXRR, Brabant, branko87, BrusLi, buducnost, bunker, BWG, ccoogg123, Chainsaw, Cicumile, cifra, cinoeye, cuvarkuca, Cvetkovic, cvrle312, DalmatinacMF, Dannyboy, darcaud, DeerHunter, dejan1972, dekan.m, dekifcrs, DENIRO, Df410, Dioniss, Djevrek od kartona, Djuza, Dogma21, Dokon Pop, Dovla, Dragacevac, draganca, dragoljub11987, Duh sa sekirom, Dukelander, dulleo, Dusko_Dugousko, Dzigy, ElGenius, Feller, FOX, Glavni Oružni, gobrad, GORDI, Goxy1, Great White, grenadir, hatman, Hitri, HogarStrashni, hyla, ikson, Ilija Grubor, istina, Ivan Campo, Ivan Germanovic, Jan, Jaxupa, Jeremiah, Jester, Joint Chief, JOntra, Još malo pa deda, K a s p e r, K-1A, kaput21, kljajajunior, koneks, krca73, Kriglord, Kubovac, lacko, lafa008, lakson001, Lance Guest, laurusri, LEK4A, Levi, lord_80, LostInSpaceandTime, M74AB3, Mae, Mamadu, mane123, Manjane, marko.markovic, marko308, Markobreee, MarkoD, markolopin, Mastrum Ridkali, max power, maxim_von_burdengate, MB120mm, mercedesamg, Mig 29, milenko crazy north, Milometer, milos.cbr, minke, Mis uz pusku, MK10, mladen.zovko, mnn2, Moldovan, nazgul75, nebkv, nelezele, Nemanja.M, Neno25, nextyamb, nightwish 01, Nikoletina Bursac, nikonema, nixos, NklJov123, nnnnnnnnnn, Nole, nsharambasa, Ognjen D., OtacMakarije, paladin71, Pantaaa, Panter, pavle_pzs, Permaldar, Pero Petković, petrovicrs, pisac12, PITT, Polemarchoi, PoolbegD02, precan, Prečanin30, prikolica, Primus17, procesor, Promising0, qurtamurta, Qvazimodo, Radoslava, rambod, raptorsi, raster12, Ray1973, Resnica, Rok A Bit, Roksi, royst33, sale755, sale76, samo_citam, samocitam, SANDRO1973, sap, Seven Of Nine, sevenino, Sevetar, Sharpshooter, shone34, Sirius, Sićko, Smiljkovich, SOVO515, Srpska zauvjek, stefan95, stegonosa, strn, styg, suponik, Szigetwar, t84dar, tamno.nebo, TheDictator, Tunguska55, Vasilije Budović, vathra, vazduh, VBoss, Velizar Laro, veljko82, vidra boy, Viktor Petrenko, Vlad000, vlad84, Vlada1389, Vlada76, vladetije, Vojkan Petrovic, Vojvoda81, Volfero, Volkhov-M, VonDrobac, VPV, Vujkeu, Vuk1919, vzd1389, x011, x9, zil10, zljubomir, Zrcalo, Zukov, zziko, |_MeD_|, Žrnov, Ćuk, 800077

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by