MyCity » Ambulanta -> Arhiva Ambulante » Pomoc

Pomoc

Napisano na dan: 27.2.2008

Strana:
1
2

Pomoc

Pagination

Prethodna strana

Odgovori

Strana:
1
2

branko123 Poslao: 29 Feb 2008 17:39 Idi na vrh
offline branko123 Novi MyCity građanin Pridružio: 21 Feb 2008 Poruke: 16	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Postavljen je sadrzaj tog foldera na upload

Profil

bobby Poslao: 29 Feb 2008 17:55 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Bio sam u pravu, i ovo je malware. Slobodno obrisi taj folder. Napravi mi svez ComboFix log, da vidim ima li jos cega.

Profil

branko123 Poslao: 29 Feb 2008 18:04 Idi na vrh
offline branko123 Novi MyCity građanin Pridružio: 21 Feb 2008 Poruke: 16	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-02-25.3 - Sasa 2008-02-29 17:59:13.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.181 [GMT 1:00] Running from: C:\Documents and Settings\Sasa\Desktop\cccc\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-01-28 to 2008-02-29 ))))))))))))))))))))))))))))))) . 2008-02-28 17:56 . 2008-02-28 17:56 <DIR> d-------- C:\Program Files\Alwil Software 2008-02-28 17:56 . 2003-03-18 21:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2008-02-28 17:56 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe 2008-02-28 17:56 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx 2008-02-28 17:56 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2008-02-28 17:56 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2008-02-28 17:56 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2008-02-28 17:56 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2008-02-28 17:56 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2008-02-28 17:56 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2008-02-28 16:03 . 2008-02-28 16:03 289,280 --a------ C:\WINDOWS\system32\vtstr.dll.vir 2008-02-28 01:04 . 2008-02-28 01:04 <DIR> d-------- C:\Documents and Settings\Sasa\Application Data\Thinstall 2008-02-27 22:54 . 2008-02-27 22:54 85,056 --a------ C:\WINDOWS\system32\jkagtpna.dll.vir 2008-02-27 22:53 . 2008-02-27 22:53 91,712 --a------ C:\WINDOWS\system32\yrdnpntp.dll.vir 2008-02-27 20:00 . 2008-02-27 20:00 289,280 --a------ C:\WINDOWS\system32\awtqq.dll.vir 2008-02-27 19:57 . 2008-02-28 16:11 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-02-27 19:40 . 2008-02-27 19:40 36,004 --ah----- C:\WINDOWS\system32\mlfcache.dat 2008-02-27 18:16 . 2008-02-27 18:16 85,056 --a------ C:\WINDOWS\system32\xrenbspi.dll.vir 2008-02-27 18:15 . 2008-02-28 01:26 99,139 --a------ C:\WINDOWS\BM9bf0db13.xml 2008-02-27 18:15 . 2008-02-28 16:53 22 --a------ C:\WINDOWS\pskt.ini 2008-02-27 18:14 . 2008-02-27 18:14 91,712 --a------ C:\WINDOWS\system32\wvdkljwu.dll.vir 2008-02-27 17:57 . 2008-02-27 17:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! 2008-02-27 16:57 . 2008-02-27 16:57 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-02-27 16:57 . 2008-02-27 16:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-02-27 16:53 . 2008-02-27 16:53 <DIR> d-------- C:\Program Files\CCleaner 2008-02-26 13:45 . 2007-12-07 03:21 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll 2008-02-26 13:45 . 2007-04-17 10:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2008-02-26 13:45 . 2007-03-08 06:10 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2008-02-26 13:45 . 2007-12-07 03:21 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll 2008-02-26 13:45 . 2007-12-07 03:21 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2008-02-26 13:45 . 2007-12-07 03:21 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll 2008-02-26 13:45 . 2007-12-07 03:21 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll 2008-02-26 13:45 . 2007-12-07 03:21 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2008-02-26 13:45 . 2007-12-06 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-02-25 20:57 . 2003-02-28 18:26 139,536 --a------ C:\WINDOWS\system32\javaee.dll 2008-02-25 13:56 . 2008-02-25 22:02 <DIR> d-------- C:\Program Files\MalwareAlarm 2008-02-24 21:48 . 2008-02-24 21:48 37,888 --a------ C:\WINDOWS\system32\wvuvsqq.dll.vir 2008-02-24 03:55 . 2008-02-24 03:55 <DIR> d-------- C:\Program Files\MSXML 6.0 2008-02-24 03:10 . 2008-02-24 03:22 <DIR> d-------- C:\Program Files\AdvancedCleaner Free 2008-02-24 03:07 . 2004-08-03 23:56 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-02-24 02:23 . 2008-02-24 03:31 <DIR> d-------- C:\Documents and Settings\Sasa\Application Data\AntiSpywareSuite 2008-02-23 23:14 . 2007-02-28 10:55 2,182,144 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe 2008-02-23 23:14 . 2007-02-28 10:53 2,137,600 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe 2008-02-23 23:14 . 2007-02-28 10:15 2,017,280 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe 2008-02-23 20:38 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-02-23 20:38 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-02-23 20:37 . 2007-07-30 19:18 34,136 --a------ C:\WINDOWS\system32\wucltui.dll.mui 2008-02-23 20:37 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui 2008-02-23 20:37 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuapi.dll.mui 2008-02-23 20:37 . 2007-07-30 19:18 20,312 --a------ C:\WINDOWS\system32\wuaueng.dll.mui 2008-02-22 16:28 . 2008-02-22 16:29 1,255,317 --ahs---- C:\WINDOWS\system32\sbhckldm.tmp 2008-02-20 22:11 . 2008-02-20 22:11 552 --a------ C:\WINDOWS\system32\d3d8caps.dat 2008-02-20 21:38 . 2008-02-20 21:38 <DIR> dr------- C:\Documents and Settings\All Users\Application Data\SalesMon 2008-02-20 21:37 . 2001-03-08 18:30 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll 2008-02-20 21:27 . 2008-02-24 02:51 192,544 --a------ C:\Documents and Settings\Sasa\Application Data\antivirusinstallfreenm_en[1].exe 2008-02-18 18:52 . 2008-02-18 18:52 268 --ah----- C:\sqmdata06.sqm 2008-02-18 18:52 . 2008-02-18 18:52 244 --ah----- C:\sqmnoopt06.sqm 2008-02-18 18:44 . 2008-02-18 18:44 244 --ah----- C:\sqmnoopt05.sqm 2008-02-18 18:44 . 2008-02-18 18:44 232 --ah----- C:\sqmdata05.sqm 2008-02-16 23:07 . 2008-02-16 23:07 <DIR> d-------- C:\WINDOWS\system32\LogFiles 2008-02-16 22:52 . 2008-02-16 21:50 83,968 --a------ C:\WINDOWS\system32\wbcsvc.exe.vir 2008-02-09 17:37 . 2008-02-09 17:37 632 --a------ C:\WINDOWS\CoD.INI 2008-02-09 16:16 . 2008-02-09 16:16 618 --a------ C:\WINDOWS\EReg515.dat 2008-02-09 15:41 . 2001-05-16 17:54 309,616 --a------ C:\WINDOWS\system32\wmv8dmod.dll 2008-02-09 15:41 . 2001-03-26 04:41 245,760 --a------ C:\WINDOWS\system32\mp4sds32.ax 2008-02-09 15:37 . 2008-02-09 15:37 217,088 --a------ C:\WINDOWS\system32\srkey.exe 2008-02-09 15:26 . 2008-02-09 15:26 137,344 --a------ C:\WINDOWS\system32\drivers\hwpsgt.sys 2008-02-09 15:26 . 2008-02-09 15:26 9,472 --a------ C:\WINDOWS\system32\drivers\lemsgt.sys 2008-02-03 21:56 . 2008-02-03 21:56 244 --ah----- C:\sqmnoopt04.sqm 2008-02-03 21:56 . 2008-02-03 21:56 232 --ah----- C:\sqmdata04.sqm 2008-02-03 21:18 . 2008-02-25 22:00 <DIR> d-------- C:\Online 2008-02-03 13:40 . 2008-02-03 14:07 <DIR> d-------- C:\Program Files\Achilles-Script 3.7 2008-02-03 12:22 . 2008-02-03 12:22 33 --a------ C:\WINDOWS\Multimedia manager.INI 2008-02-02 16:06 . 2008-02-02 16:06 <DIR> d-------- C:\WINDOWS\Cache . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-28 19:32 --------- d-----w C:\Program Files\Picasa2 2008-02-28 18:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-02-28 18:13 --------- d-----w C:\Program Files\Lavasoft 2008-02-28 18:13 --------- d-----w C:\Documents and Settings\Sasa\Application Data\Lavasoft 2008-02-28 15:23 --------- d-----w C:\Documents and Settings\Sasa\Application Data\Skype 2008-02-28 15:22 --------- d-----w C:\Program Files\Yahoo! 2008-02-28 15:22 --------- d-----w C:\Program Files\BearShare Applications 2008-02-28 13:57 --------- d-----w C:\Documents and Settings\Sasa\Application Data\AVG7 2008-02-27 16:49 --------- d--h--r C:\Documents and Settings\Sasa\Application Data\yahoo! 2008-02-27 16:28 --------- d-----w C:\Program Files\Google 2008-02-24 19:46 --------- d-----w C:\Program Files\Common Files\Teleca Shared 2008-02-23 19:58 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-20 20:22 --------- d-----w C:\Documents and Settings\Sasa\Application Data\BearShare 2008-02-06 20:32 --------- d-----w C:\Documents and Settings\Sasa\Application Data\TransRender 2008-02-03 13:15 --------- d-----w C:\Documents and Settings\Sasa\Application Data\mIRC 2008-02-03 12:05 --------- d-----w C:\Program Files\Alien Stars 2008-01-26 23:22 --------- d-----w C:\Program Files\XviD 2008-01-26 23:20 --------- d-----w C:\Program Files\DivXCodec 2008-01-26 23:17 --------- d-----w C:\Program Files\AC3Filter 2008-01-26 20:57 --------- d-----w C:\Program Files\Common Files\Adobe 2008-01-17 15:30 --------- d-----w C:\Documents and Settings\Sasa\Application Data\Temporary 2008-01-04 01:27 --------- d-----w C:\Documents and Settings\Sasa\Application Data\ConvertTemp 2007-12-07 02:21 824,832 ----a-w C:\WINDOWS\system32\wininet.dll 2007-12-04 18:38 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll 2007-09-19 17:27 579 ----a-w C:\Documents and Settings\Sasa\Application Data\dcpini.dat 2007-09-06 11:59 56 --sh--r C:\WINDOWS\system32\2A85166AD3.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 15360] "MapEDC"="C:\Program Files\MapEDC\MapEDC.exe" [ ] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2005-05-31 00:04 1415824] "Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2006-09-13 13:17 4621816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2005-12-14 17:06 577536 C:\WINDOWS\soundman.exe] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-01 16:22 7618560] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-06-01 16:22 86016] "CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" [2005-05-19 14:47 57344] "DiskeeperSystray"="C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-04-19 14:48 319488] "CoolSwitch"="C:\WINDOWS\system32\taskswitch.exe" [2002-03-19 16:30 45632] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe" [2006-07-26 02:03 49263] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50 155648] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:56 15360] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-01-14 18:19 77870] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-11-16 16:29:56 1183744] PowerMenu.lnk - C:\Program Files\PowerMenu\PowerMenu.exe [2006-10-16 17:46:02 57344] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"= "C:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2006-10-16 16:53] S3 k510bus;Sony Ericsson K510 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\k510bus.sys [2007-06-16 16:11] S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k510mdfl.sys [2007-06-16 16:11] S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\k510mdm.sys [2007-06-16 16:11] S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\k510mgmt.sys [2007-06-16 16:11] S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\k510obex.sys [2007-06-16 16:11] S3 mpr_freader;MPR FileReader Driver;C:\Program Files\Multi Password Recovery\mpr_freader.sys [] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 17:57] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 17:59] . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-02-29 18:01:50 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ************************************************************************ . Completion time: 2008-02-29 18:03:53 . 2008-02-26 13:29:36 --- E O F ---

Profil

bobby Poslao: 29 Feb 2008 18:24 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: File:: C:\WINDOWS\system32\jkagtpna.dll.vir C:\WINDOWS\system32\yrdnpntp.dll.vir C:\WINDOWS\system32\awtqq.dll.vir C:\WINDOWS\system32\xrenbspi.dll.vir C:\WINDOWS\system32\wvdkljwu.dll.vir C:\WINDOWS\system32\wvuvsqq.dll.vir C:\Documents and Settings\Sasa\Application Data\antivirusinstallfreenm_en[1].exe Folder:: C:\Program Files\AdvancedCleaner Free C:\Documents and Settings\Sasa\Application Data\AntiSpywareSuite C:\Documents and Settings\All Users\Application Data\SalesMon C:\Program Files\MalwareAlarm Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MapEDC"=- Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

branko123 Poslao: 29 Feb 2008 18:45 Idi na vrh
offline branko123 Novi MyCity građanin Pridružio: 21 Feb 2008 Poruke: 16	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-02-25.3 - Sasa 2008-02-29 18:36:29.4 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.184 [GMT 1:00] Running from: C:\Documents and Settings\Sasa\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\Sasa\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: C:\Documents and Settings\Sasa\Application Data\antivirusinstallfreenm_en[1].exe C:\WINDOWS\system32\awtqq.dll.vir C:\WINDOWS\system32\jkagtpna.dll.vir C:\WINDOWS\system32\wvdkljwu.dll.vir C:\WINDOWS\system32\wvuvsqq.dll.vir C:\WINDOWS\system32\xrenbspi.dll.vir C:\WINDOWS\system32\yrdnpntp.dll.vir . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\All Users\Application Data\SalesMon C:\Documents and Settings\Sasa\Application Data\AntiSpywareSuite C:\Documents and Settings\Sasa\Application Data\AntiSpywareSuite\Logs\threats.log C:\Documents and Settings\Sasa\Application Data\AntiSpywareSuite\Logs\update.log C:\Documents and Settings\Sasa\Application Data\AntiSpywareSuite\PGE.dat C:\Documents and Settings\Sasa\Application Data\antivirusinstallfreenm_en[1].exe C:\Program Files\AdvancedCleaner Free C:\Program Files\AdvancedCleaner Free\unins000.exe C:\Program Files\MalwareAlarm C:\Program Files\MalwareAlarm\MalwareAlarm.lic C:\Program Files\MalwareAlarm\Uninstall.exe C:\WINDOWS\system32\awtqq.dll.vir C:\WINDOWS\system32\jkagtpna.dll.vir C:\WINDOWS\system32\wvdkljwu.dll.vir C:\WINDOWS\system32\wvuvsqq.dll.vir C:\WINDOWS\system32\xrenbspi.dll.vir C:\WINDOWS\system32\yrdnpntp.dll.vir . ((((((((((((((((((((((((( Files Created from 2008-01-28 to 2008-02-29 ))))))))))))))))))))))))))))))) . 2008-02-28 17:56 . 2008-02-28 17:56 <DIR> d-------- C:\Program Files\Alwil Software 2008-02-28 17:56 . 2003-03-18 21:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll 2008-02-28 17:56 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe 2008-02-28 17:56 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx 2008-02-28 17:56 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr 2008-02-28 17:56 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2008-02-28 17:56 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2008-02-28 17:56 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2008-02-28 17:56 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2008-02-28 17:56 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2008-02-28 16:03 . 2008-02-28 16:03 289,280 --a------ C:\WINDOWS\system32\vtstr.dll.vir 2008-02-28 01:04 . 2008-02-28 01:04 <DIR> d-------- C:\Documents and Settings\Sasa\Application Data\Thinstall 2008-02-27 19:57 . 2008-02-28 16:11 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-02-27 19:40 . 2008-02-27 19:40 36,004 --ah----- C:\WINDOWS\system32\mlfcache.dat 2008-02-27 18:15 . 2008-02-28 01:26 99,139 --a------ C:\WINDOWS\BM9bf0db13.xml 2008-02-27 18:15 . 2008-02-28 16:53 22 --a------ C:\WINDOWS\pskt.ini 2008-02-27 17:57 . 2008-02-27 17:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! 2008-02-27 16:57 . 2008-02-27 16:57 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-02-27 16:57 . 2008-02-27 16:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-02-27 16:53 . 2008-02-27 16:53 <DIR> d-------- C:\Program Files\CCleaner 2008-02-26 13:45 . 2007-12-07 03:21 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll 2008-02-26 13:45 . 2007-04-17 10:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2008-02-26 13:45 . 2007-03-08 06:10 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2008-02-26 13:45 . 2007-12-07 03:21 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll 2008-02-26 13:45 . 2007-12-07 03:21 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2008-02-26 13:45 . 2007-12-07 03:21 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll 2008-02-26 13:45 . 2007-12-07 03:21 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll 2008-02-26 13:45 . 2007-12-07 03:21 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2008-02-26 13:45 . 2007-12-06 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-02-25 20:57 . 2003-02-28 18:26 139,536 --a------ C:\WINDOWS\system32\javaee.dll 2008-02-24 03:55 . 2008-02-24 03:55 <DIR> d-------- C:\Program Files\MSXML 6.0 2008-02-24 03:07 . 2004-08-03 23:56 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-02-23 23:14 . 2007-02-28 10:55 2,182,144 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe 2008-02-23 23:14 . 2007-02-28 10:53 2,137,600 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe 2008-02-23 23:14 . 2007-02-28 10:15 2,017,280 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe 2008-02-23 20:38 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-02-23 20:38 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-02-23 20:37 . 2007-07-30 19:18 34,136 --a------ C:\WINDOWS\system32\wucltui.dll.mui 2008-02-23 20:37 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui 2008-02-23 20:37 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuapi.dll.mui 2008-02-23 20:37 . 2007-07-30 19:18 20,312 --a------ C:\WINDOWS\system32\wuaueng.dll.mui 2008-02-22 16:28 . 2008-02-22 16:29 1,255,317 --ahs---- C:\WINDOWS\system32\sbhckldm.tmp 2008-02-20 22:11 . 2008-02-20 22:11 552 --a------ C:\WINDOWS\system32\d3d8caps.dat 2008-02-20 21:37 . 2001-03-08 18:30 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll 2008-02-18 18:52 . 2008-02-18 18:52 268 --ah----- C:\sqmdata06.sqm 2008-02-18 18:52 . 2008-02-18 18:52 244 --ah----- C:\sqmnoopt06.sqm 2008-02-18 18:44 . 2008-02-18 18:44 244 --ah----- C:\sqmnoopt05.sqm 2008-02-18 18:44 . 2008-02-18 18:44 232 --ah----- C:\sqmdata05.sqm 2008-02-16 23:07 . 2008-02-16 23:07 <DIR> d-------- C:\WINDOWS\system32\LogFiles 2008-02-16 22:52 . 2008-02-16 21:50 83,968 --a------ C:\WINDOWS\system32\wbcsvc.exe.vir 2008-02-09 17:37 . 2008-02-09 17:37 632 --a------ C:\WINDOWS\CoD.INI 2008-02-09 16:16 . 2008-02-09 16:16 618 --a------ C:\WINDOWS\EReg515.dat 2008-02-09 15:41 . 2001-05-16 17:54 309,616 --a------ C:\WINDOWS\system32\wmv8dmod.dll 2008-02-09 15:41 . 2001-03-26 04:41 245,760 --a------ C:\WINDOWS\system32\mp4sds32.ax 2008-02-09 15:37 . 2008-02-09 15:37 217,088 --a------ C:\WINDOWS\system32\srkey.exe 2008-02-09 15:26 . 2008-02-09 15:26 137,344 --a------ C:\WINDOWS\system32\drivers\hwpsgt.sys 2008-02-09 15:26 . 2008-02-09 15:26 9,472 --a------ C:\WINDOWS\system32\drivers\lemsgt.sys 2008-02-03 21:56 . 2008-02-03 21:56 244 --ah----- C:\sqmnoopt04.sqm 2008-02-03 21:56 . 2008-02-03 21:56 232 --ah----- C:\sqmdata04.sqm 2008-02-03 21:18 . 2008-02-25 22:00 <DIR> d-------- C:\Online 2008-02-03 13:40 . 2008-02-03 14:07 <DIR> d-------- C:\Program Files\Achilles-Script 3.7 2008-02-03 12:22 . 2008-02-03 12:22 33 --a------ C:\WINDOWS\Multimedia manager.INI 2008-02-02 16:06 . 2008-02-02 16:06 <DIR> d-------- C:\WINDOWS\Cache . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-28 19:32 --------- d-----w C:\Program Files\Picasa2 2008-02-28 18:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-02-28 18:13 --------- d-----w C:\Program Files\Lavasoft 2008-02-28 18:13 --------- d-----w C:\Documents and Settings\Sasa\Application Data\Lavasoft 2008-02-28 15:23 --------- d-----w C:\Documents and Settings\Sasa\Application Data\Skype 2008-02-28 15:22 --------- d-----w C:\Program Files\Yahoo! 2008-02-28 15:22 --------- d-----w C:\Program Files\BearShare Applications 2008-02-28 13:57 --------- d-----w C:\Documents and Settings\Sasa\Application Data\AVG7 2008-02-27 16:49 --------- d--h--r C:\Documents and Settings\Sasa\Application Data\yahoo! 2008-02-27 16:28 --------- d-----w C:\Program Files\Google 2008-02-24 19:46 --------- d-----w C:\Program Files\Common Files\Teleca Shared 2008-02-23 19:58 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-02-20 20:22 --------- d-----w C:\Documents and Settings\Sasa\Application Data\BearShare 2008-02-06 20:32 --------- d-----w C:\Documents and Settings\Sasa\Application Data\TransRender 2008-02-03 13:15 --------- d-----w C:\Documents and Settings\Sasa\Application Data\mIRC 2008-02-03 12:05 --------- d-----w C:\Program Files\Alien Stars 2008-01-26 23:22 --------- d-----w C:\Program Files\XviD 2008-01-26 23:20 --------- d-----w C:\Program Files\DivXCodec 2008-01-26 23:17 --------- d-----w C:\Program Files\AC3Filter 2008-01-26 20:57 --------- d-----w C:\Program Files\Common Files\Adobe 2008-01-17 15:30 --------- d-----w C:\Documents and Settings\Sasa\Application Data\Temporary 2008-01-04 01:27 --------- d-----w C:\Documents and Settings\Sasa\Application Data\ConvertTemp 2007-12-07 02:21 824,832 ----a-w C:\WINDOWS\system32\wininet.dll 2007-12-04 18:38 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll 2007-09-19 17:27 579 ----a-w C:\Documents and Settings\Sasa\Application Data\dcpini.dat 2007-09-06 11:59 56 --sh--r C:\WINDOWS\system32\2A85166AD3.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 15360] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2005-05-31 00:04 1415824] "Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2006-09-13 13:17 4621816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2005-12-14 17:06 577536 C:\WINDOWS\soundman.exe] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-01 16:22 7618560] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-06-01 16:22 86016] "CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" [2005-05-19 14:47 57344] "DiskeeperSystray"="C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-04-19 14:48 319488] "CoolSwitch"="C:\WINDOWS\system32\taskswitch.exe" [2002-03-19 16:30 45632] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe" [2006-07-26 02:03 49263] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50 155648] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:56 15360] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-01-14 18:19 77870] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-11-16 16:29:56 1183744] PowerMenu.lnk - C:\Program Files\PowerMenu\PowerMenu.exe [2006-10-16 17:46:02 57344] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"= "C:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2006-10-16 16:53] S3 k510bus;Sony Ericsson K510 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\k510bus.sys [2007-06-16 16:11] S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k510mdfl.sys [2007-06-16 16:11] S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\k510mdm.sys [2007-06-16 16:11] S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\k510mgmt.sys [2007-06-16 16:11] S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\k510obex.sys [2007-06-16 16:11] S3 mpr_freader;MPR FileReader Driver;C:\Program Files\Multi Password Recovery\mpr_freader.sys [] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 17:57] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 17:59] . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-02-29 18:38:21 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ************************************************************************ . Completion time: 2008-02-29 18:40:05 ComboFix-quarantined-files.txt 2008-02-29 17:39:12 ComboFix2.txt 2008-02-29 17:03:54 . 2008-02-26 13:29:36 --- E O F ---

Profil

bobby Poslao: 29 Feb 2008 19:40 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Izvini, zaboravio sam na jedan fajl Mozes ga obrisati i rucno. Fajl je C:\WINDOWS\system32\vtstr.dll.vir Ja ne vidim nista vise sporno u logu. Kako se tebi cini, jel komp sada OK?

Profil

branko123 Poslao: 01 Mar 2008 07:32 Idi na vrh
offline branko123 Novi MyCity građanin Pridružio: 21 Feb 2008 Poruke: 16	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Obrisao sam fajl i cini mi se da sada racunar radi normalno Hvala na pomoci.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Pomoc

Ko je trenutno na forumu

Ukupno su 874 korisnika na forumu :: 38 registrovanih, 7 sakrivenih i 829 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., Apok, Bobrock1, ccoogg123, ds69, Georgius, gomago, hologram, JOntra, Kandrbandrdzilo, Karla, Kibice, ladro, laganini123, Lošmi, madza, MB120mm, mercedesamg, mile23, Misirac, muaddib, NikolaGTR, NoOneEver Dreams, nuke92, panzerwaffe, pein, raptorsi, RJ, robert1979, royst33, Srky Boy, stegonosa, styg, vladulns, |_MeD_|, šumar bk2, žeks62, 1107

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by