MyCity » Ambulanta -> Arhiva Ambulante » Pomoc!!!

Pomoc!!!

Napisano na dan: 17.12.2007

Strana:
1
2

Pomoc!!!

Sledeća strana

Pagination

Odgovori

Strana:
1
2

TheMeet Poslao: 17 Dec 2007 12:22 Idi na vrh
offline TheMeet Novi MyCity građanin Pridružio: 03 Dec 2007 Poruke: 26	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da li je ovaj log ok, sta bi trebalo izbrisati?? Pomoc ljudi ne razumem se.. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:18:27, on 17.12.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\WgaTray.exe D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe D:\WINDOWS\system32\wuauclt.exe D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe D:\Program Files\QuickTime\QTTask.exe D:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe D:\WINDOWS\system32\wnpmcs.exe D:\WINDOWS\system32\ctfmon.exe D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe D:\Program Files\MSN Messenger\MsnMsgr.Exe D:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe D:\Program Files\Common Files\Teleca Shared\Generic.exe D:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe D:\WINDOWS\explorer.exe D:\Program Files\MSN Messenger\usnsvc.exe D:\Program Files\WinRAR\WinRAR.exe D:\Program Files\Trend Micro\HijackThis\HijackThis.exe D:\Program Files\Opera\Opera.exe O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Windows Remote Launcher] wnpmcs.exe O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [70cd0bbb] rundll32.exe "D:\WINDOWS\system32\fkoqcxvh.dll",b O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O8 - Extra context menu item: &Search - [Link mogu videti samo ulogovani korisnici] O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {E72CFC93-BAE3-8D60-85D1-129993AAC8B9} (UImageUploader Class) - [Link mogu videti samo ulogovani korisnici] O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: DomainService - Unknown owner - D:\WINDOWS\system32\peipvplf.exe (file missing) O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- End of file - 4831 bytes

Profil

dr_Bora Poslao: 17 Dec 2007 13:50 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pročitaj: [Link mogu videti samo ulogovani korisnici] Isprati uputstvo - koristi HijackThis linkovan u temi sa gornjeg linka, preimenuj file iz ''hijackthis.exe'' u ''tr3.exe'' i onda postavi novi log.

Profil

TheMeet Poslao: 17 Dec 2007 13:54 Idi na vrh
offline TheMeet Novi MyCity građanin Pridružio: 03 Dec 2007 Poruke: 26	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imam problema sa virusom koji je usao preko msn messengera, virus se stalno prosledjuje drugim ljudima u mojim kontaktima i kad god se to desi messenger vise ne moze normalno da radi, moram ga restartovati! Da li gornji log moze pomoci u resavanju mog problema?

Profil

dr_Bora Poslao: 17 Dec 2007 13:58 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Vidljivi su tragovi više infekcija. Ukoliko želiš da to rešavamo, isprati uputstvo koje si dobio.

Profil

TheMeet Poslao: 17 Dec 2007 14:02 Idi na vrh
offline TheMeet Novi MyCity građanin Pridružio: 03 Dec 2007 Poruke: 26	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of HijackThis v1.99.1 Scan saved at 13:57:16, on 17.12.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\WgaTray.exe D:\WINDOWS\system32\wuauclt.exe D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe D:\Program Files\QuickTime\QTTask.exe D:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe D:\WINDOWS\system32\wnpmcs.exe D:\WINDOWS\system32\ctfmon.exe D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe D:\Program Files\MSN Messenger\MsnMsgr.Exe D:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe D:\Program Files\Opera\Opera.exe D:\Program Files\Common Files\Teleca Shared\Generic.exe D:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe D:\WINDOWS\explorer.exe D:\Documents and Settings\dmitko\My Documents\Programi\tr3.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: {c2e75ab3-4a74-518b-9994-5e367e520925} - {529025e7-63e5-4999-b815-47a43ba57e2c} - D:\WINDOWS\system32\iqapjyno.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {A68D6C76-7CD8-4D95-97F5-9705223560A2} - D:\WINDOWS\system32\nnlij.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: (no name) - {B285004D-6D02-4212-91FC-B8F47B68C254} - D:\WINDOWS\system32\iiffecb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Windows Remote Launcher] wnpmcs.exe O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [70cd0bbb] rundll32.exe "D:\WINDOWS\system32\gpqqpjpp.dll",b O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O8 - Extra context menu item: &Search - [Link mogu videti samo ulogovani korisnici] O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {E72CFC93-BAE3-8D60-85D1-129993AAC8B9} (UImageUploader Class) - [Link mogu videti samo ulogovani korisnici] O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: iiffecb - D:\WINDOWS\SYSTEM32\iiffecb.dll O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: DomainService - Unknown owner - D:\WINDOWS\system32\peipvplf.exe (file missing) O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe Gore sam naveo problem zbog kojeg se obracam..

Profil

dr_Bora Poslao: 17 Dec 2007 14:14 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Upload-uj mi sledeći file: D:\WINDOWS\system32\wnpmcs.exe preko ove forme: [Link mogu videti samo ulogovani korisnici] ------------------------------------------------------------------------------------- Skini VundoFix: [Link mogu videti samo ulogovani korisnici] * Dvoklikom se startuje fajl VundoFix.exe. * Izabere opcija Scan for Vundo. * Posle završenog skeniranja i pojave poruke Done Searching for files klikne se na OK. * Sada, kada je skeniranje obavljeno potrebno je kliknuti na opciju Remove Vundo. * Po pojavljivanju upita o uklanjaju Vundo fajlova klikne se na Yes. * Pokretanje ove opcije učiniće Desktop privremeno praznim u cilju pripreme sistema za uklanjanje Vundo-a. * Po završetku, pojaviće se obaveštenje o gašnjenju računara, klikne se OK. * Uključi se računar i podigne sistem iznova. * Iskopira se sadržaj loga sa putanje D:\vundofix.txt i novi HiJackThis log u poruku na forumu.

Profil

TheMeet Poslao: 17 Dec 2007 15:20 Idi na vrh
offline TheMeet Novi MyCity građanin Pridružio: 03 Dec 2007 Poruke: 26	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! File uploadovan, jos uvek nisam skenirao programom vundo, uskoro cu i to zavrsiti. Dopuna: 17 Dec 2007 15:18 ev loga iz Vundo-a: VundoFix V6.7.7 Checking Java version... Scan started at 14:37:48 17.12.2007 Listing files found while scanning.... D:\WINDOWS\system32\abbynskx.exe D:\WINDOWS\system32\aehrqyeq.exe D:\WINDOWS\system32\ahssnqle.exe D:\WINDOWS\system32\arceeere.dll D:\WINDOWS\system32\bbdidyxh.ini2 D:\WINDOWS\system32\bbdidyxh.tmp D:\WINDOWS\system32\bjaonylj.exe D:\WINDOWS\system32\bmvsapmx.dll D:\WINDOWS\system32\bsugnjph.dll D:\WINDOWS\system32\bufdeknk.dll D:\WINDOWS\system32\buftrrer.exe D:\WINDOWS\system32\bulforpk.exe D:\WINDOWS\system32\byxvstt.dll D:\WINDOWS\system32\byxxyax.dll D:\WINDOWS\system32\cgqkivdm.dll D:\WINDOWS\system32\ctfewxlr.exe D:\WINDOWS\system32\cvfmgdts.dll D:\WINDOWS\system32\ddcaaxw.dll D:\WINDOWS\system32\ddcbcyw.dll D:\WINDOWS\system32\dftujuvw.exe D:\WINDOWS\system32\dhqjtcot.dll D:\WINDOWS\system32\diptaqkx.exe D:\WINDOWS\system32\dksinswl.dll D:\WINDOWS\system32\dlvfdhxj.exe D:\WINDOWS\system32\durmitva.exe D:\WINDOWS\system32\efccdbx.dll D:\WINDOWS\system32\efryokfn.exe D:\WINDOWS\system32\elcantrj.exe D:\WINDOWS\system32\eltdyxsl.exe D:\WINDOWS\system32\eljqahac.exe D:\WINDOWS\system32\erladjul.dll D:\WINDOWS\system32\erqccepe.dll D:\WINDOWS\system32\etcmiyeq.exe D:\WINDOWS\system32\eujwmpdq.dll D:\WINDOWS\system32\euohfcua.exe D:\WINDOWS\system32\fhcbkmom.dll D:\WINDOWS\system32\fkoqcxvh.dll D:\WINDOWS\system32\flatoklk.dll D:\WINDOWS\system32\fodlrbli.exe D:\WINDOWS\system32\fojmrqkd.dll D:\WINDOWS\system32\fqcthuge.exe D:\WINDOWS\system32\frhtxhin.dll D:\WINDOWS\system32\ftrlkotl.exe D:\WINDOWS\system32\fymkyajy.exe D:\WINDOWS\system32\gcibaevb.exe D:\WINDOWS\system32\gekubmfl.dll D:\WINDOWS\system32\ghexibvp.exe D:\WINDOWS\system32\gpqqpjpp.dll D:\WINDOWS\system32\grfxqbes.dll D:\WINDOWS\system32\gwxvgxvr.dll D:\WINDOWS\system32\haftkuhh.exe D:\WINDOWS\system32\hggddeb.dll D:\WINDOWS\system32\hgghecb.dll D:\WINDOWS\system32\hkjecvmw.exe D:\WINDOWS\system32\hnxojvop.exe D:\WINDOWS\system32\hsjqqsfn.dll D:\WINDOWS\system32\hvxcqokf.ini D:\WINDOWS\system32\hxydidbb.dll D:\WINDOWS\system32\iesprpac.exe D:\WINDOWS\system32\iifcddb.dll D:\WINDOWS\system32\iifdedb.dll D:\WINDOWS\system32\iiffecb.dll D:\WINDOWS\system32\ilqmclid.exe D:\WINDOWS\system32\iqapjyno.dll D:\WINDOWS\system32\iqbcmmvv.dll D:\WINDOWS\system32\ivhhkdtj.exe D:\WINDOWS\system32\jgaoiwuw.exe D:\WINDOWS\system32\jgevafpt.exe D:\WINDOWS\system32\jgiedtye.exe D:\WINDOWS\system32\jlmsluhp.exe D:\WINDOWS\system32\jmscciwu.dll D:\WINDOWS\system32\jqbgnjmc.exe D:\WINDOWS\system32\jrxtyjed.exe D:\WINDOWS\system32\jswocnvd.exe D:\WINDOWS\system32\jxmilhaq.exe D:\WINDOWS\system32\jyannjiu.dll D:\WINDOWS\system32\kacibvun.dll D:\WINDOWS\system32\khfdeff.dll D:\WINDOWS\system32\kiljhtxt.exe D:\WINDOWS\system32\kniwiiym.dll D:\WINDOWS\system32\knyncmie.exe D:\WINDOWS\system32\ktpjotqd.exe D:\WINDOWS\system32\lhcaswkq.exe D:\WINDOWS\system32\lnebdilm.dll D:\WINDOWS\system32\lujdalre.ini D:\WINDOWS\system32\luosnwol.exe D:\WINDOWS\system32\maqyasru.exe D:\WINDOWS\system32\mlnfjdxd.dll D:\WINDOWS\system32\morceksk.dll D:\WINDOWS\system32\nnlij.dll D:\WINDOWS\system32\nnlljih.dll D:\WINDOWS\system32\nrsuudld.dll D:\WINDOWS\system32\nucsmgoj.exe D:\WINDOWS\system32\nwqufjch.dll D:\WINDOWS\system32\nyqebdlm.exe D:\WINDOWS\system32\ofngmepc.exe D:\WINDOWS\system32\oohqkvpe.exe D:\WINDOWS\system32\opnkkhf.dll D:\WINDOWS\system32\oqwusfsj.exe D:\WINDOWS\system32\ountstka.exe D:\WINDOWS\system32\ovinhwly.dll D:\WINDOWS\system32\owfyyqlg.dll D:\WINDOWS\system32\paclxvvk.exe D:\WINDOWS\system32\paecpirv.exe D:\WINDOWS\system32\pjyryfie.exe D:\WINDOWS\system32\pmnnmmn.dll D:\WINDOWS\system32\pnvwnkov.exe D:\WINDOWS\system32\pocpywpw.exe D:\WINDOWS\system32\poghddco.exe D:\WINDOWS\system32\ppjpqqpg.ini D:\WINDOWS\system32\pqngtnah.exe D:\WINDOWS\system32\pqpjqrpf.exe D:\WINDOWS\system32\prpppraj.exe D:\WINDOWS\system32\qbugqwjl.dll D:\WINDOWS\system32\qcavotex.exe D:\WINDOWS\system32\qcqqpqmj.exe D:\WINDOWS\system32\qsipmaxt.exe D:\WINDOWS\system32\rayxxhvp.exe D:\WINDOWS\system32\rstbtrnh.dll D:\WINDOWS\system32\ruvqcaqk.dll D:\WINDOWS\system32\rwghixnj.exe D:\WINDOWS\system32\rymyxppx.exe D:\WINDOWS\system32\sebqxfrg.ini D:\WINDOWS\system32\sfmjlnsc.exe D:\WINDOWS\system32\sfumsefo.exe D:\WINDOWS\system32\sokrutwv.dll D:\WINDOWS\system32\ssqnnmn.dll D:\WINDOWS\system32\ssqpqqo.dll D:\WINDOWS\system32\stxistig.exe D:\WINDOWS\system32\sxmgullq.dll D:\WINDOWS\system32\tcayvlcg.exe D:\WINDOWS\system32\tchjwwlj.exe D:\WINDOWS\system32\tkehyadc.exe D:\WINDOWS\system32\toctjqhd.ini D:\WINDOWS\system32\twosmwwf.dll D:\WINDOWS\system32\tyfgwdck.exe D:\WINDOWS\system32\uamvbvkf.exe D:\WINDOWS\system32\ujxuxleh.dll D:\WINDOWS\system32\ukgromba.dll D:\WINDOWS\system32\ukiwwwch.exe D:\WINDOWS\system32\umibhbsc.dll D:\WINDOWS\system32\uoslmyex.dll D:\WINDOWS\system32\urqnoom.dll D:\WINDOWS\system32\urqpqrq.dll D:\WINDOWS\system32\ursqrqp.dll D:\WINDOWS\system32\uslmrqyj.exe D:\WINDOWS\system32\uwnoeqdi.exe D:\WINDOWS\system32\uxiiwgkf.dll D:\WINDOWS\system32\viryuhes.exe D:\WINDOWS\system32\vtusppn.dll D:\WINDOWS\system32\vvunlsps.dll D:\WINDOWS\system32\vwapncsc.dll D:\WINDOWS\system32\wdympjlw.exe D:\WINDOWS\system32\wersdjxt.dll D:\WINDOWS\system32\wjimegvv.exe D:\WINDOWS\system32\wjkyrraa.exe D:\WINDOWS\system32\woqbboxp.exe D:\WINDOWS\system32\wqweafdy.dll D:\WINDOWS\system32\wrsgcjjl.exe D:\WINDOWS\system32\wuojjmby.exe D:\WINDOWS\system32\wwbussty.exe D:\WINDOWS\system32\xaogpkkx.exe D:\WINDOWS\system32\xiirlsoe.dll D:\WINDOWS\system32\xxuqnwbc.dll D:\WINDOWS\system32\yglbtpmv.exe D:\WINDOWS\system32\yhssauue.exe D:\WINDOWS\system32\yjhgkrbg.dll D:\WINDOWS\system32\yofemrkp.dll D:\WINDOWS\system32\yohyvqor.exe D:\WINDOWS\system32\ypvyudbm.exe D:\WINDOWS\system32\ytvgekmy.dll D:\WINDOWS\system32\yuceaacd.exe D:\WINDOWS\system32\yvafauni.dll D:\WINDOWS\system32\yvmkxdsn.exe Beginning removal... Attempting to delete D:\WINDOWS\system32\abbynskx.exe D:\WINDOWS\system32\abbynskx.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\aehrqyeq.exe D:\WINDOWS\system32\aehrqyeq.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\ahssnqle.exe D:\WINDOWS\system32\ahssnqle.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\arceeere.dll D:\WINDOWS\system32\arceeere.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\bbdidyxh.ini2 D:\WINDOWS\system32\bbdidyxh.ini2 Has been deleted! Attempting to delete D:\WINDOWS\system32\bbdidyxh.tmp D:\WINDOWS\system32\bbdidyxh.tmp Has been deleted! Attempting to delete D:\WINDOWS\system32\bjaonylj.exe D:\WINDOWS\system32\bjaonylj.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\bmvsapmx.dll D:\WINDOWS\system32\bmvsapmx.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\bsugnjph.dll D:\WINDOWS\system32\bsugnjph.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\bufdeknk.dll D:\WINDOWS\system32\bufdeknk.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\buftrrer.exe D:\WINDOWS\system32\buftrrer.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\bulforpk.exe D:\WINDOWS\system32\bulforpk.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\byxvstt.dll D:\WINDOWS\system32\byxvstt.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\byxxyax.dll D:\WINDOWS\system32\byxxyax.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\cgqkivdm.dll D:\WINDOWS\system32\cgqkivdm.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\ctfewxlr.exe D:\WINDOWS\system32\ctfewxlr.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\cvfmgdts.dll D:\WINDOWS\system32\cvfmgdts.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\ddcaaxw.dll D:\WINDOWS\system32\ddcaaxw.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\ddcbcyw.dll D:\WINDOWS\system32\ddcbcyw.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\dftujuvw.exe D:\WINDOWS\system32\dftujuvw.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\dhqjtcot.dll D:\WINDOWS\system32\dhqjtcot.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\diptaqkx.exe D:\WINDOWS\system32\diptaqkx.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\dksinswl.dll D:\WINDOWS\system32\dksinswl.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\dlvfdhxj.exe D:\WINDOWS\system32\dlvfdhxj.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\durmitva.exe D:\WINDOWS\system32\durmitva.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\efccdbx.dll D:\WINDOWS\system32\efccdbx.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\efryokfn.exe D:\WINDOWS\system32\efryokfn.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\elcantrj.exe D:\WINDOWS\system32\elcantrj.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\eltdyxsl.exe D:\WINDOWS\system32\eltdyxsl.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\eljqahac.exe D:\WINDOWS\system32\eljqahac.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\erladjul.dll D:\WINDOWS\system32\erladjul.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\erqccepe.dll D:\WINDOWS\system32\erqccepe.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\etcmiyeq.exe D:\WINDOWS\system32\etcmiyeq.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\eujwmpdq.dll D:\WINDOWS\system32\eujwmpdq.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\euohfcua.exe D:\WINDOWS\system32\euohfcua.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\fhcbkmom.dll D:\WINDOWS\system32\fhcbkmom.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\fkoqcxvh.dll D:\WINDOWS\system32\fkoqcxvh.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\flatoklk.dll D:\WINDOWS\system32\flatoklk.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\fodlrbli.exe D:\WINDOWS\system32\fodlrbli.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\fojmrqkd.dll D:\WINDOWS\system32\fojmrqkd.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\fqcthuge.exe D:\WINDOWS\system32\fqcthuge.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\frhtxhin.dll D:\WINDOWS\system32\frhtxhin.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\ftrlkotl.exe D:\WINDOWS\system32\ftrlkotl.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\fymkyajy.exe D:\WINDOWS\system32\fymkyajy.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\gcibaevb.exe D:\WINDOWS\system32\gcibaevb.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\gekubmfl.dll D:\WINDOWS\system32\gekubmfl.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\ghexibvp.exe D:\WINDOWS\system32\ghexibvp.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\gpqqpjpp.dll D:\WINDOWS\system32\gpqqpjpp.dll Could not be deleted. Attempting to delete D:\WINDOWS\system32\grfxqbes.dll D:\WINDOWS\system32\grfxqbes.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\gwxvgxvr.dll D:\WINDOWS\system32\gwxvgxvr.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\haftkuhh.exe D:\WINDOWS\system32\haftkuhh.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\hggddeb.dll D:\WINDOWS\system32\hggddeb.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\hgghecb.dll D:\WINDOWS\system32\hgghecb.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\hkjecvmw.exe D:\WINDOWS\system32\hkjecvmw.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\hnxojvop.exe D:\WINDOWS\system32\hnxojvop.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\hsjqqsfn.dll D:\WINDOWS\system32\hsjqqsfn.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\hvxcqokf.ini D:\WINDOWS\system32\hvxcqokf.ini Has been deleted! Attempting to delete D:\WINDOWS\system32\hxydidbb.dll D:\WINDOWS\system32\hxydidbb.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\iesprpac.exe D:\WINDOWS\system32\iesprpac.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\iifcddb.dll D:\WINDOWS\system32\iifcddb.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\iifdedb.dll D:\WINDOWS\system32\iifdedb.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\iiffecb.dll D:\WINDOWS\system32\iiffecb.dll Could not be deleted. Attempting to delete D:\WINDOWS\system32\ilqmclid.exe D:\WINDOWS\system32\ilqmclid.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\iqapjyno.dll D:\WINDOWS\system32\iqapjyno.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\iqbcmmvv.dll D:\WINDOWS\system32\iqbcmmvv.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\ivhhkdtj.exe D:\WINDOWS\system32\ivhhkdtj.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\jgaoiwuw.exe D:\WINDOWS\system32\jgaoiwuw.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\jgevafpt.exe D:\WINDOWS\system32\jgevafpt.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\jgiedtye.exe D:\WINDOWS\system32\jgiedtye.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\jlmsluhp.exe D:\WINDOWS\system32\jlmsluhp.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\jmscciwu.dll D:\WINDOWS\system32\jmscciwu.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\jqbgnjmc.exe D:\WINDOWS\system32\jqbgnjmc.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\jrxtyjed.exe D:\WINDOWS\system32\jrxtyjed.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\jswocnvd.exe D:\WINDOWS\system32\jswocnvd.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\jxmilhaq.exe D:\WINDOWS\system32\jxmilhaq.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\jyannjiu.dll D:\WINDOWS\system32\jyannjiu.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\kacibvun.dll D:\WINDOWS\system32\kacibvun.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\khfdeff.dll D:\WINDOWS\system32\khfdeff.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\kiljhtxt.exe D:\WINDOWS\system32\kiljhtxt.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\kniwiiym.dll D:\WINDOWS\system32\kniwiiym.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\knyncmie.exe D:\WINDOWS\system32\knyncmie.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\ktpjotqd.exe D:\WINDOWS\system32\ktpjotqd.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\lhcaswkq.exe D:\WINDOWS\system32\lhcaswkq.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\lnebdilm.dll D:\WINDOWS\system32\lnebdilm.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\lujdalre.ini D:\WINDOWS\system32\lujdalre.ini Has been deleted! Attempting to delete D:\WINDOWS\system32\luosnwol.exe D:\WINDOWS\system32\luosnwol.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\maqyasru.exe D:\WINDOWS\system32\maqyasru.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\mlnfjdxd.dll D:\WINDOWS\system32\mlnfjdxd.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\morceksk.dll D:\WINDOWS\system32\morceksk.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\nnlij.dll D:\WINDOWS\system32\nnlij.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\nnlljih.dll D:\WINDOWS\system32\nnlljih.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\nrsuudld.dll D:\WINDOWS\system32\nrsuudld.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\nucsmgoj.exe D:\WINDOWS\system32\nucsmgoj.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\nwqufjch.dll D:\WINDOWS\system32\nwqufjch.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\nyqebdlm.exe D:\WINDOWS\system32\nyqebdlm.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\ofngmepc.exe D:\WINDOWS\system32\ofngmepc.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\oohqkvpe.exe D:\WINDOWS\system32\oohqkvpe.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\opnkkhf.dll D:\WINDOWS\system32\opnkkhf.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\oqwusfsj.exe D:\WINDOWS\system32\oqwusfsj.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\ountstka.exe D:\WINDOWS\system32\ountstka.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\ovinhwly.dll D:\WINDOWS\system32\ovinhwly.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\owfyyqlg.dll D:\WINDOWS\system32\owfyyqlg.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\paclxvvk.exe D:\WINDOWS\system32\paclxvvk.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\paecpirv.exe D:\WINDOWS\system32\paecpirv.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\pjyryfie.exe D:\WINDOWS\system32\pjyryfie.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\pmnnmmn.dll D:\WINDOWS\system32\pmnnmmn.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\pnvwnkov.exe D:\WINDOWS\system32\pnvwnkov.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\pocpywpw.exe D:\WINDOWS\system32\pocpywpw.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\poghddco.exe D:\WINDOWS\system32\poghddco.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\ppjpqqpg.ini D:\WINDOWS\system32\ppjpqqpg.ini Has been deleted! Attempting to delete D:\WINDOWS\system32\pqngtnah.exe D:\WINDOWS\system32\pqngtnah.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\pqpjqrpf.exe D:\WINDOWS\system32\pqpjqrpf.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\prpppraj.exe D:\WINDOWS\system32\prpppraj.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\qbugqwjl.dll D:\WINDOWS\system32\qbugqwjl.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\qcavotex.exe D:\WINDOWS\system32\qcavotex.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\qcqqpqmj.exe D:\WINDOWS\system32\qcqqpqmj.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\qsipmaxt.exe D:\WINDOWS\system32\qsipmaxt.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\rayxxhvp.exe D:\WINDOWS\system32\rayxxhvp.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\rstbtrnh.dll D:\WINDOWS\system32\rstbtrnh.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\ruvqcaqk.dll D:\WINDOWS\system32\ruvqcaqk.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\rwghixnj.exe D:\WINDOWS\system32\rwghixnj.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\rymyxppx.exe D:\WINDOWS\system32\rymyxppx.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\sebqxfrg.ini D:\WINDOWS\system32\sebqxfrg.ini Has been deleted! Attempting to delete D:\WINDOWS\system32\sfmjlnsc.exe D:\WINDOWS\system32\sfmjlnsc.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\sfumsefo.exe D:\WINDOWS\system32\sfumsefo.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\sokrutwv.dll D:\WINDOWS\system32\sokrutwv.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\ssqnnmn.dll D:\WINDOWS\system32\ssqnnmn.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\ssqpqqo.dll D:\WINDOWS\system32\ssqpqqo.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\stxistig.exe D:\WINDOWS\system32\stxistig.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\sxmgullq.dll D:\WINDOWS\system32\sxmgullq.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\tcayvlcg.exe D:\WINDOWS\system32\tcayvlcg.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\tchjwwlj.exe D:\WINDOWS\system32\tchjwwlj.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\tkehyadc.exe D:\WINDOWS\system32\tkehyadc.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\toctjqhd.ini D:\WINDOWS\system32\toctjqhd.ini Has been deleted! Attempting to delete D:\WINDOWS\system32\twosmwwf.dll D:\WINDOWS\system32\twosmwwf.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\tyfgwdck.exe D:\WINDOWS\system32\tyfgwdck.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\uamvbvkf.exe D:\WINDOWS\system32\uamvbvkf.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\ujxuxleh.dll D:\WINDOWS\system32\ujxuxleh.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\ukgromba.dll D:\WINDOWS\system32\ukgromba.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\ukiwwwch.exe D:\WINDOWS\system32\ukiwwwch.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\umibhbsc.dll D:\WINDOWS\system32\umibhbsc.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\uoslmyex.dll D:\WINDOWS\system32\uoslmyex.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\urqnoom.dll D:\WINDOWS\system32\urqnoom.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\urqpqrq.dll D:\WINDOWS\system32\urqpqrq.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\ursqrqp.dll D:\WINDOWS\system32\ursqrqp.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\uslmrqyj.exe D:\WINDOWS\system32\uslmrqyj.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\uwnoeqdi.exe D:\WINDOWS\system32\uwnoeqdi.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\uxiiwgkf.dll D:\WINDOWS\system32\uxiiwgkf.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\viryuhes.exe D:\WINDOWS\system32\viryuhes.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\vtusppn.dll D:\WINDOWS\system32\vtusppn.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\vvunlsps.dll D:\WINDOWS\system32\vvunlsps.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\vwapncsc.dll D:\WINDOWS\system32\vwapncsc.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\wdympjlw.exe D:\WINDOWS\system32\wdympjlw.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\wersdjxt.dll D:\WINDOWS\system32\wersdjxt.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\wjimegvv.exe D:\WINDOWS\system32\wjimegvv.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\wjkyrraa.exe D:\WINDOWS\system32\wjkyrraa.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\woqbboxp.exe D:\WINDOWS\system32\woqbboxp.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\wqweafdy.dll D:\WINDOWS\system32\wqweafdy.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\wrsgcjjl.exe D:\WINDOWS\system32\wrsgcjjl.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\wuojjmby.exe D:\WINDOWS\system32\wuojjmby.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\wwbussty.exe D:\WINDOWS\system32\wwbussty.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\xaogpkkx.exe D:\WINDOWS\system32\xaogpkkx.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\xiirlsoe.dll D:\WINDOWS\system32\xiirlsoe.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\xxuqnwbc.dll D:\WINDOWS\system32\xxuqnwbc.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\yglbtpmv.exe D:\WINDOWS\system32\yglbtpmv.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\yhssauue.exe D:\WINDOWS\system32\yhssauue.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\yjhgkrbg.dll D:\WINDOWS\system32\yjhgkrbg.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\yofemrkp.dll D:\WINDOWS\system32\yofemrkp.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\yohyvqor.exe D:\WINDOWS\system32\yohyvqor.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\ypvyudbm.exe D:\WINDOWS\system32\ypvyudbm.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\ytvgekmy.dll D:\WINDOWS\system32\ytvgekmy.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\yuceaacd.exe D:\WINDOWS\system32\yuceaacd.exe Has been deleted! Attempting to delete D:\WINDOWS\system32\yvafauni.dll D:\WINDOWS\system32\yvafauni.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\yvmkxdsn.exe D:\WINDOWS\system32\yvmkxdsn.exe Has been deleted! Performing Repairs to the registry. Done! Beginning removal... Attempting to delete D:\WINDOWS\system32\gpqqpjpp.dll D:\WINDOWS\system32\gpqqpjpp.dll Has been deleted! Attempting to delete D:\WINDOWS\system32\iiffecb.dll D:\WINDOWS\system32\iiffecb.dll Has been deleted! Performing Repairs to the registry. Done! Dopuna: 17 Dec 2007 15:20 a evo loga iz hijackthis-a: Logfile of HijackThis v1.99.1 Scan saved at 15:10:49, on 17.12.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\system32\WgaTray.exe D:\WINDOWS\Explorer.EXE D:\WINDOWS\system32\wuauclt.exe D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe D:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe D:\WINDOWS\system32\wnpmcs.exe D:\WINDOWS\system32\ctfmon.exe D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe D:\WINDOWS\system32\svchost.exe D:\Program Files\Common Files\Teleca Shared\Generic.exe D:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe D:\WINDOWS\system32\NOTEPAD.EXE D:\Program Files\Opera\Opera.exe D:\Documents and Settings\dmitko\My Documents\Programi\tr3.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: {c2e75ab3-4a74-518b-9994-5e367e520925} - {529025e7-63e5-4999-b815-47a43ba57e2c} - D:\WINDOWS\system32\iqapjyno.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {A68D6C76-7CD8-4D95-97F5-9705223560A2} - D:\WINDOWS\system32\nnlij.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Windows Remote Launcher] wnpmcs.exe O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [70cd0bbb] rundll32.exe "D:\WINDOWS\system32\gpqqpjpp.dll",b O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O8 - Extra context menu item: &Search - [Link mogu videti samo ulogovani korisnici] O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - [Link mogu videti samo ulogovani korisnici] O16 - DPF: {E72CFC93-BAE3-8D60-85D1-129993AAC8B9} (UImageUploader Class) - [Link mogu videti samo ulogovani korisnici] O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: DomainService - Unknown owner - D:\WINDOWS\system32\peipvplf.exe (file missing) O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

Profil

dr_Bora Poslao: 17 Dec 2007 15:51 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skini ComboFix sa jedne od sledecih adresa: [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log koji ces nam ovde iskopirati.

Profil

TheMeet Poslao: 22 Dec 2007 02:56 Idi na vrh
offline TheMeet Novi MyCity građanin Pridružio: 03 Dec 2007 Poruke: 26	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 07-12-21.4 - dmitko 2007-12-22 2:17:16.1 - NTFSx86 Running from: D:\Documents and Settings\dmitko\My Documents\Programi\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . D:\Documents and Settings\dmitko\ravmonlog D:\WINDOWS\cookies.ini D:\WINDOWS\system32\9_exception.nls D:\WINDOWS\system32\awtrqom.dll D:\WINDOWS\system32\byxyyvt.dll D:\WINDOWS\system32\cbxwxyx.dll D:\WINDOWS\system32\drivers\ip6fw.sys D:\WINDOWS\system32\drivers\Qxe85.sys D:\WINDOWS\system32\drivers\sfsync02.sys D:\WINDOWS\system32\fjtncady.exe D:\WINDOWS\system32\gebabay.dll D:\WINDOWS\system32\hvdbuhal.dll D:\WINDOWS\system32\iifdbxw.dll D:\WINDOWS\system32\intbddun.ini D:\WINDOWS\system32\jilnn.bak1 D:\WINDOWS\system32\jilnn.bak2 D:\WINDOWS\system32\jilnn.ini D:\WINDOWS\system32\jilnn.tmp D:\WINDOWS\system32\lktcftvf.exe D:\WINDOWS\system32\lmmoq.bak1 D:\WINDOWS\system32\lmmoq.bak2 D:\WINDOWS\system32\lmmoq.ini D:\WINDOWS\system32\mljgfde.dll D:\WINDOWS\system32\nnnollj.dll D:\WINDOWS\system32\nuddbtni.dll D:\WINDOWS\system32\odkwgrmy.dll D:\WINDOWS\system32\opnkihe.dll D:\WINDOWS\system32\pkycukwd.exe D:\WINDOWS\system32\qomml.dll D:\WINDOWS\system32\qqtrmrxv.exe D:\WINDOWS\system32\qymeapii.dll D:\WINDOWS\system32\rqrrqol.dll D:\WINDOWS\system32\ssqropn.dll D:\WINDOWS\system32\ubvkadux.dll D:\WINDOWS\system32\vturssq.dll D:\WINDOWS\system32\wvuustr.dll D:\WINDOWS\system32\xnyonwxd.dllbox D:\WINDOWS\system32\xudakvbu.ini D:\WINDOWS\system32\xxyyxyw.dll D:\WINDOWS\system32\yayxxvu.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_DOMAINSERVICE -------\LEGACY_POWERMANAGER -------\LEGACY_QXE85 -------\LEGACY_RUNTIME -------\LEGACY_SFSYNC02 -------\DomainService -------\Qxe85 -------\runtime -------\sfsync02 ((((((((((((((((((((((((( Files Created from 2007-11-22 to 2007-12-22 ))))))))))))))))))))))))))))))) . 2007-12-22 02:04 . 2007-12-22 02:04 7,168 --a------ D:\WINDOWS\system32\windows 2007-12-20 23:18 . 2007-12-20 23:18 165,472 --a------ D:\WINDOWS\system32\xnyonwxd.dll 2007-12-20 23:18 . 2007-12-20 23:18 165,472 --a------ D:\WINDOWS\system32\rjnnwcen.dll 2007-12-20 03:50 . 2007-12-22 02:39 21,760 --a------ D:\WINDOWS\Qxe85.sys 2007-12-19 16:31 . 2007-12-20 23:17 987,881 --ahs---- D:\WINDOWS\system32\jqsiaarq.ini 2007-12-18 22:41 . 2007-12-18 22:41 54,156 --ah----- D:\WINDOWS\QTFont.qfn 2007-12-18 22:41 . 2007-12-18 22:41 1,409 --a------ D:\WINDOWS\QTFont.for 2007-12-18 18:05 . 2007-12-18 18:05 39,936 --a------ D:\WINDOWS\system32\yaywwwv.dll 2007-12-18 00:37 . 1999-11-12 21:49 294,912 --a------ D:\WINDOWS\system32\iviaudio.ax 2007-12-18 00:37 . 2000-05-07 22:08 34,816 --a------ D:\WINDOWS\system32\mpgaudio.ax 2007-12-18 00:37 . 2002-05-21 17:14 4,286 --a------ D:\WINDOWS\system32\divx.ico 2007-12-18 00:33 . 2007-12-18 00:33 <DIR> d-------- D:\Program Files\The Playa 2007-12-18 00:33 . 2007-12-18 00:33 <DIR> d-------- D:\Program Files\DivXCodec 2007-12-18 00:10 . 2007-12-18 00:15 <DIR> d-------- D:\Program Files\ACE Mega CoDecS Pack 2007-12-17 14:37 . 2007-12-17 15:02 <DIR> d-------- D:\VundoFix Backups 2007-12-17 13:46 . 2007-12-17 13:53 89,608 --ahs---- D:\WINDOWS\system32\jilnn.tmp2 2007-12-17 12:09 . 2007-12-17 12:09 <DIR> d-------- D:\Program Files\Trend Micro 2007-12-17 08:28 . 2007-12-17 10:56 970,374 --ahs---- D:\WINDOWS\system32\dlduusrn.ini 2007-12-16 20:08 . 2007-12-17 08:24 970,374 --ahs---- D:\WINDOWS\system32\ymkegvty.ini 2007-12-16 19:48 . 2007-12-18 22:40 <DIR> d-------- D:\Program Files\MicroDVD 2007-12-16 19:47 . 2001-01-24 03:28 412,160 -ra------ D:\WINDOWS\system32\DivXc32.dll 2007-12-16 19:47 . 2000-12-21 15:40 300,544 -ra------ D:\WINDOWS\system32\l3codeca.acm 2007-12-16 19:47 . 2000-12-29 13:58 287,744 -ra------ D:\WINDOWS\system32\DivXa32.acm 2007-12-16 19:47 . 2000-12-21 15:34 239,616 -ra------ D:\WINDOWS\system32\DivX_c32.ax 2007-12-16 19:47 . 2001-01-24 03:05 121,856 -ra------ D:\WINDOWS\system32\Mp3cnfg.cpl 2007-12-16 19:47 . 2001-01-24 03:12 19,456 -ra------ D:\WINDOWS\system32\Mp3cnfg.exe 2007-12-16 19:40 . 2007-12-16 19:57 970,374 --ahs---- D:\WINDOWS\system32\hnrtbtsr.ini 2007-12-16 12:37 . 2007-12-16 15:39 970,494 --ahs---- D:\WINDOWS\system32\inuafavy.ini 2007-12-16 01:31 . 2007-12-16 12:27 354 --ahs---- D:\WINDOWS\system32\wihstsha.ini 2007-12-16 01:10 . 2007-12-16 01:10 970,494 --ahs---- D:\WINDOWS\system32\hcjfuqwn.ini 2007-12-16 00:09 . 2007-12-16 01:11 970,434 --ahs---- D:\WINDOWS\system32\saehnvgj.ini 2007-12-15 21:54 . 2007-12-16 00:00 970,434 --ahs---- D:\WINDOWS\system32\abmorgku.ini 2007-12-15 21:46 . 2007-12-15 21:46 294 --ahs---- D:\WINDOWS\system32\tixvkalc.ini 2007-12-15 20:49 . 2007-12-15 20:49 970,314 --ahs---- D:\WINDOWS\system32\xeymlsou.ini 2007-12-15 18:25 . 2007-12-15 20:38 970,374 --ahs---- D:\WINDOWS\system32\ylwhnivo.ini 2007-12-15 18:16 . 2007-12-15 18:16 294 --ahs---- D:\WINDOWS\system32\csbhbimu.ini 2007-12-15 16:55 . 2007-12-15 18:04 959,812 --ahs---- D:\WINDOWS\system32\cbwnquxx.ini 2007-12-15 02:17 . 2007-12-15 16:42 952,503 --ahs---- D:\WINDOWS\system32\gbrkghjy.ini 2007-12-15 01:56 . 2007-12-15 02:12 952,383 --ahs---- D:\WINDOWS\system32\nuynrsnd.ini 2007-12-15 01:35 . 2007-12-15 01:47 952,263 --ahs---- D:\WINDOWS\system32\vbwbrohq.ini 2007-12-15 01:30 . 2007-12-14 17:12 57,662 --a------ D:\WINDOWS\system32\fx.exe 2007-12-15 01:30 . 2004-03-05 07:01 31,232 --a------ D:\WINDOWS\system32\pv.exe 2007-12-15 01:19 . 2007-12-15 01:19 23,392 --a------ D:\WINDOWS\system32\nscompat.tlb 2007-12-15 01:19 . 2007-12-15 01:19 16,832 --a------ D:\WINDOWS\system32\amcompat.tlb 2007-12-14 02:00 . 2007-12-14 20:24 952,443 --ahs---- D:\WINDOWS\system32\odecsmfb.ini 2007-12-13 21:59 . 2007-12-13 21:59 934,158 --ahs---- D:\WINDOWS\system32\ljwqgubq.ini 2007-12-13 21:43 . 2007-12-13 21:43 934,158 --ahs---- D:\WINDOWS\system32\fkgwiixu.ini 2007-12-13 21:15 . 2007-12-14 20:31 <DIR> d-------- D:\Program Files\eMule 2007-12-13 21:02 . 2007-12-13 21:02 <DIR> d-------- D:\Documents and Settings\All Users\Application Data\Avira 2007-12-13 18:25 . 2007-12-18 22:21 <DIR> d-------- D:\Program Files\SuperCleaner 2007-12-13 15:39 . 2007-12-13 15:39 932,547 --ahs---- D:\WINDOWS\system32\nuvbicak.ini 2007-12-13 13:49 . 2007-12-13 15:39 933,602 --ahs---- D:\WINDOWS\system32\jfrscxqi.ini 2007-12-13 00:41 . 2007-03-08 00:51 9,336 --------- D:\WINDOWS\system32\drivers\cdr4_xp.sys 2007-12-13 00:40 . 2007-03-08 00:51 129,784 --a------ D:\WINDOWS\system32\pxafs.dll 2007-12-13 00:40 . 2007-03-08 00:51 9,464 --------- D:\WINDOWS\system32\drivers\cdralw2k.sys 2007-12-12 23:46 . 2007-12-13 13:43 917,073 --ahs---- D:\WINDOWS\system32\eagxbwne.ini 2007-12-12 20:35 . 2007-12-12 23:40 916,953 --ahs---- D:\WINDOWS\system32\ybpktavb.ini 2007-12-12 19:08 . 2007-12-12 19:08 922,721 --ahs---- D:\WINDOWS\system32\eoslriix.ini 2007-12-12 15:45 . 2007-12-12 19:08 917,073 --ahs---- D:\WINDOWS\system32\sakmbjhk.ini 2007-12-12 01:18 . 2007-12-12 01:18 <DIR> d-------- D:\Program Files\Windows Live 2007-12-12 01:18 . 2007-12-12 20:33 <DIR> d-------- D:\Program Files\MessengerDiscovery 2007-12-12 01:18 . 2004-03-09 00:00 212,240 --a------ D:\WINDOWS\system32\richtx32.OCX 2007-12-12 01:18 . 2004-03-09 00:00 124,688 --a------ D:\WINDOWS\system32\MSWINSCK.ocx 2007-12-11 18:06 . 2007-12-12 15:39 913,022 --ahs---- D:\WINDOWS\system32\gbghqqcb.ini 2007-12-11 00:08 . 2007-12-13 18:34 <DIR> d-------- D:\Program Files\Engineering Power Tools - v1.9.6 2007-12-11 00:08 . 1997-01-16 00:00 958,224 --a------ D:\WINDOWS\system32\MSCHART.OCX 2007-12-11 00:08 . 2004-03-09 00:00 609,824 --a------ D:\WINDOWS\system32\COMCTL32.ocx 2007-12-11 00:08 . 1997-01-14 00:00 519,680 --a------ D:\WINDOWS\system32\DBGRID32.OCX 2007-12-11 00:08 . 1998-06-24 00:00 164,144 --a------ D:\WINDOWS\system32\COMCT232.OCX 2007-12-11 00:08 . 1997-01-16 00:00 71,680 --a------ D:\WINDOWS\ST5UNST.EXE 2007-12-11 00:08 . 1997-01-16 00:00 29,696 --a------ D:\WINDOWS\system32\VB5StKit.dll 2007-12-10 12:54 . 2007-12-10 19:46 858,884 --ahs---- D:\WINDOWS\system32\nfenxfdj.ini 2007-12-06 18:39 . 2007-12-21 21:37 <DIR> d-------- D:\Documents and Settings\dmitko\Application Data\U3 2007-12-05 00:08 . 2007-12-04 23:06 46,592 -rahs---- D:\WINDOWS\system32\wnpmcs.exe 2007-12-03 16:19 . 2007-12-14 20:28 <DIR> d-------- D:\Program Files\Windows Media Connect 2 2007-12-03 16:16 . 2007-12-03 16:16 <DIR> d-------- D:\WINDOWS\system32\LogFiles 2007-12-03 16:16 . 2007-12-03 16:18 <DIR> d-------- D:\WINDOWS\system32\drivers\UMDF 2007-12-02 23:42 . 2007-12-07 11:26 <DIR> d-------- D:\Program Files\Macrogaming 2007-12-02 20:36 . 2001-11-30 19:05 131,072 --a------ D:\WINDOWS\system32\dzip32.dll 2007-12-02 20:36 . 2001-11-30 19:05 110,592 --a------ D:\WINDOWS\system32\dunzip32.dll 2007-12-02 20:35 . 2007-12-02 20:36 <DIR> d-------- D:\Program Files\Windows Media Bonus Pack for Windows XP 2007-11-24 20:48 . 2007-12-05 00:16 <DIR> d-------- D:\Program Files\MySpace 2007-11-24 20:48 . 2007-11-24 20:48 <DIR> d-------- D:\Documents and Settings\dmitko\Application Data\MySpace Dopuna: 22 Dec 2007 2:56 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-17 23:20 98,304 ----a-w D:\WINDOWS\system32\qttask.exe 2007-12-17 23:19 --------- d-----w D:\Program Files\QuickTime 2007-12-17 22:58 --------- d-----w D:\Documents and Settings\All Users\Application Data\DVD Shrink 2007-12-16 18:42 91,136 ----a-w D:\WINDOWS\system32\mp4fil32.dll 2007-12-16 18:42 --------- d-----w D:\Program Files\DivX 2007-12-13 17:34 --------- d-----w D:\Documents and Settings\dmitko\Application Data\Azureus 2007-12-13 16:51 --------- d-----w D:\Program Files\MSN Messenger 2007-12-13 14:47 --------- d-----w D:\Program Files\Windows Live Toolbar 2007-12-13 14:46 --------- d-----w D:\Program Files\Winamp 2007-12-02 22:37 --------- d-----w D:\Program Files\Opera 2007-11-19 13:50 --------- d-----w D:\Program Files\Common Files\Adobe 2007-11-18 19:53 --------- d-----w D:\Documents and Settings\All Users\Application Data\Barbie Fashion Show 2007-11-14 23:28 --------- d-----w D:\Documents and Settings\dmitko\Application Data\Apple Computer 2007-11-14 17:22 --------- d-----w D:\Documents and Settings\All Users\Application Data\Apple Computer 2007-11-14 17:21 --------- d-----w D:\Program Files\Apple Software Update 2007-11-14 17:21 --------- d-----w D:\Documents and Settings\All Users\Application Data\Apple 2007-11-13 10:25 20,480 ----a-w D:\WINDOWS\system32\drivers\secdrv.sys 2007-11-09 00:37 --------- d-----w D:\Documents and Settings\All Users\Application Data\ESET 2007-11-08 19:57 --------- d-----w D:\Program Files\MT882 2007-11-08 19:51 155,995 ----a-w D:\WINDOWS\java\Packages\KFLNLFDR.ZIP 2007-11-08 19:31 --------- d-----w D:\Program Files\Kaspersky Lab 2007-11-08 18:20 --------- d-----w D:\Program Files\CCleaner 2007-11-05 11:06 30,728 ----a-w D:\WINDOWS\system32\drivers\epfwtdir.sys 2007-11-05 11:04 33,800 ----a-w D:\WINDOWS\system32\drivers\eamon.sys 2007-11-05 11:04 27,656 ----a-w D:\WINDOWS\system32\drivers\easdrv.sys 2007-10-31 18:03 --------- d-----w D:\Program Files\MSXML 4.0 2007-10-31 15:52 45,056 ----a-w D:\WINDOWS\NCUNINST.EXE 2007-10-30 19:36 --------- d-----w D:\Program Files\Microsoft CAPICOM 2.1.0.2 2007-10-30 18:03 --------- d-----w D:\Documents and Settings\All Users\Application Data\Windows Live Toolbar 2007-10-30 15:18 --------- d-----w D:\Documents and Settings\dmitko\Application Data\SumatraPDF 2007-10-29 22:43 1,287,680 ----a-w D:\WINDOWS\system32\quartz.dll 2007-10-27 16:40 222,720 ----a-w D:\WINDOWS\system32\wmasf.dll 2001-11-23 04:08 712,704 ----a-w D:\WINDOWS\inf\OTHER\AUDIO3D.DLL . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A68D6C76-7CD8-4D95-97F5-9705223560A2}] D:\WINDOWS\system32\nnlij.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}] 2007-12-20 23:18 165472 --a------ D:\WINDOWS\system32\xnyonwxd.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="D:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56] "swg"="D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-04 00:54] "MsnMsgr"="D:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:54] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="D:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50] "Sony Ericsson PC Suite"="D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 16:17] "SunJavaUpdateSched"="D:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 03:00] "Adobe Reader Speed Launcher"="D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51] "Windows Remote Launcher"="wnpmcs.exe" [2007-12-04 23:06 D:\WINDOWS\system32\wnpmcs.exe] "egui"="D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-11-05 12:05] "QuickTime Task"="D:\WINDOWS\system32\qttask.exe" [2007-12-18 00:20] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\xnyonwxd] xnyonwxd.dll 2007-12-20 23:18 165472 D:\WINDOWS\system32\xnyonwxd.dll R1 easdrv;easdrv;D:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-11-05 12:04] R1 epfwtdir;epfwtdir;D:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-11-05 12:06] R2 eamon;EAMON;D:\WINDOWS\system32\DRIVERS\eamon.sys [2007-11-05 12:04] R2 ekrn;Eset Service;"D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe" [2007-11-05 12:05] R3 iadusb;MT882;D:\WINDOWS\system32\DRIVERS\glauiad.sys [2006-03-20 08:32] S3 EhttpSrv;Eset HTTP Server;"D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe" [2007-11-05 12:07] S3 k510bus;Sony Ericsson K510 Driver driver (WDM);D:\WINDOWS\system32\DRIVERS\k510bus.sys [2006-02-17 20:34] S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;D:\WINDOWS\system32\DRIVERS\k510mdfl.sys [2006-11-25 12:29] S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;D:\WINDOWS\system32\DRIVERS\k510mdm.sys [2006-11-25 12:29] S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);D:\WINDOWS\system32\DRIVERS\k510mgmt.sys [2006-11-25 12:29] S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;D:\WINDOWS\system32\DRIVERS\k510obex.sys [2006-11-25 12:29] S3 NtApm;NT Apm/Legacy Interface Driver;D:\WINDOWS\system32\DRIVERS\NtApm.sys [2001-08-17 14:47] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;"D:\Program Files\MSN Messenger\usnsvc.exe" [2007-01-19 12:54] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H] \Shell\AutoRun\command - H:\LaunchU3.exe -a . Contents of the 'Scheduled Tasks' folder "2007-12-07 16:46:05 D:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - D:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************ catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2007-12-22 02:42:00 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: D:\WINDOWS\system32\winlogon.exe -> D:\WINDOWS\system32\xnyonwxd.dll PROCESS: D:\WINDOWS\Explorer.EXE [6.00.2900.3156] -> D:\WINDOWS\system32\xnyonwxd.dll . Completion time: 2007-12-22 2:46:06 - machine was rebooted . 2007-12-20 02:07:06 --- E O F ---

Profil

dr_Bora Poslao: 22 Dec 2007 11:12 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi program Flash_Disinfector. program se pokreće dvoklikom na Flash_Disinfector.exe kada se pojavi poruka sa obaveštenjem, potrebno je priključiti inficirane USB flash drive-ove (pri tome držati pritisnut taster Shift kako bi se izbegao autoplay) kliknuti na OK i sačekati da se proces završi kada se pojavi poruka Done !!, kliknuti na OK. ------------------------------------------------------------------------------------- Otvoriti Notepad i iskopirati sledeci tekst: File:: D:\WINDOWS\system32\xnyonwxd.dll D:\WINDOWS\system32\rjnnwcen.dll D:\WINDOWS\Qxe85.sys D:\WINDOWS\system32\jqsiaarq.ini D:\WINDOWS\system32\yaywwwv.dll D:\WINDOWS\system32\jilnn.tmp2 D:\WINDOWS\system32\dlduusrn.ini D:\WINDOWS\system32\ymkegvty.ini D:\WINDOWS\system32\hnrtbtsr.ini D:\WINDOWS\system32\inuafavy.ini D:\WINDOWS\system32\wihstsha.ini D:\WINDOWS\system32\hcjfuqwn.ini D:\WINDOWS\system32\saehnvgj.ini D:\WINDOWS\system32\abmorgku.ini D:\WINDOWS\system32\tixvkalc.ini D:\WINDOWS\system32\xeymlsou.ini D:\WINDOWS\system32\ylwhnivo.ini D:\WINDOWS\system32\csbhbimu.ini D:\WINDOWS\system32\cbwnquxx.ini D:\WINDOWS\system32\gbrkghjy.ini D:\WINDOWS\system32\nuynrsnd.ini D:\WINDOWS\system32\vbwbrohq.ini D:\WINDOWS\system32\odecsmfb.ini D:\WINDOWS\system32\ljwqgubq.ini D:\WINDOWS\system32\fkgwiixu.ini D:\WINDOWS\system32\nuvbicak.ini D:\WINDOWS\system32\jfrscxqi.ini D:\WINDOWS\system32\eagxbwne.ini D:\WINDOWS\system32\ybpktavb.ini D:\WINDOWS\system32\eoslriix.ini D:\WINDOWS\system32\sakmbjhk.ini D:\WINDOWS\system32\gbghqqcb.ini D:\WINDOWS\system32\nfenxfdj.ini D:\WINDOWS\system32\wnpmcs.exe D:\WINDOWS\system32\nnlij.dll D:\WINDOWS\system32\xnyonwxd.dll Folder:: D:\VundoFix Backups Filelook:: D:\WINDOWS\system32\fx.exe D:\WINDOWS\system32\pv.exe Registry:: [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A68D6C76-7CD8-4D95-97F5-9705223560A2}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Remote Launcher"=- [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\xnyonwxd] Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Pomoc!!!

Ko je trenutno na forumu

Ukupno su 680 korisnika na forumu :: 138 registrovanih, 13 sakrivenih i 529 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 33 bren, 9191vs, A.R.Chafee.Jr., Ageofloneliness, aleksjevt, amaterSRB, Anunakiii, Arsenije, Bbbggg1979, Bobrock1, boj.an, Bojan198527, Boroš, boskelazo, Botovac, bozo13, bpop, brandža84, Bubili, cifra, CikaKURE, Citalac, Clouseau, cojapop, CrazyDiablo, dekan.m, Demi87, Denaya, Dimitrise93, dolinalima, Dovla, draganca, draganl, Drugsparrow, Dukelander, dulleo, dusanobr, Džekson, Feller, FilipSRB, Georgius, Geran136, gost321, Great White, hajduk1911, Hans Gajger, HogarStrashni, Ice, Ivan Germanovic, ivran064, Jakonjveliki, jalos, Jeremiah, Jester, JK, K a s p e r, Kajzer Soze, kalens021, Kanader, kibihrchak, Kobalt01, konstruktor, Kubovac, kybonacci, Levi, littlebunny, ljubo70, M74AB3, Malahit, Malik, mango, medaTT, Medojed, mercedesamg, Mi lao shu, MIKI63, Milan 84, Miler88, miljannis, MiljanXD, Milos1389, Mrav Obrad, MrG, N.e.m.a.nj.a., nebojsag, Nemanja.M, nenaddz, nenooo, neutrino, nmalis, nnovakis, Panter, Papadubi, Pero Petković, Perudin_92, Pewac21, pfc74, PlayerOne, precan, promajauglavi, raptorsi, Rebel Frank, royst33, sap, sarma, sickmouse, Smiljkovich, Solunac na steroidima, SOVO515, stingD, Strasni JA, Szigetwar, Tastatura ratnik, Timočka Divizija, tmanda323, tuja, Tunguska55, UAV operator, ujke, Underdog9, urosbg, US_Rank_0, vathra, veljko82, vespa nikola, Vica1958, vidra1, Vrač, Wepp, Wrangler, x011, xAlex2, yrraf, YU-UKI, Yugol33, Zastava, Zavulon, Zvrk

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by