MyCity » Ambulanta -> Arhiva Ambulante » Win32 TratBHO(trj) problem

Win32 TratBHO(trj) problem

Napisano na dan: 2.2.2008

Strana:
1
2
3

Win32 TratBHO(trj) problem

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

Karapandza Poslao: 02 Feb 2008 22:06 Idi na vrh
offline Karapandza Novi MyCity građanin Pridružio: 02 Feb 2008 Poruke: 18	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Avast mi je prepoznao ovaj trojanac i nije mogao da ga obrise inace cistio sam racunar sa Ad-aware,cclenerom,spaybootom,Vundo Fix koji nije mogao da obrise jedan dll fajl i sa Trojan removerom.Posle svega saljem log fajl jer neznam da li sam uspeo da ocistim racunar ili ne. Logfile of HijackThis v1.99.1 Scan saved at 21:59:18, on 2.2.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16544) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\SearchTran Demo\SearchTran.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\cmd.exe C:\Program Files\SearchTran Demo\SearchTran.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\RunDll32.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\VOX-II\RemoteControl.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE C:\Program Files\Siemens\Common\S7ubtoox\s7ubtstx.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\Siemens\Common\Sqlany\dbsrv7.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\totalcmd\TOTALCMD.EXE C:\!!!!!!hijacksssssssssssssss\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {65D413E9-DA2A-457B-B815-27232695EBFF} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {9AA57522-2ECD-47DF-BD38-20E7E577A464} - C:\WINDOWS\system32\khfeedc.dll O2 - BHO: SearchTran - {C3A6061D-1CF6-488a-86C9-B89423F1E64B} - C:\Program Files\SearchTran Demo\SearchTran_IE_bar.dll O3 - Toolbar: SearchTran - {C3A6061D-1CF6-488a-86C9-B89423F1E64B} - C:\Program Files\SearchTran Demo\SearchTran_IE_bar.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [DTVRemote] "C:\Program Files\VOX-II\RemoteControl.exe" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE O4 - HKLM\..\Run: [RealTray] C:\Program Files\K-Lite Codec Pack\Real\mpclauncher.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [S7UB Start] "C:\Program Files\Siemens\Common\S7ubtoox\s7ubtstx.exe" -StartDB O4 - HKLM\..\RunOnce: [VundoFix] "C:\!!!!!!hijacksssssssssssssss\vundofix.exe" O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: BORGChat.lnk = C:\Program Files\BORGChat\BORGChat.exe O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O8 - Extra context menu item: &Sample Toolband Serach - res://bla/MENUSEARCH.HTM O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com/microsoftupdate/v6.....2481796000 O16 - DPF: {EF58E341-49C3-4156-A3C4-5FFCA7C1EAB7} (EURAS_Portal.Gateway) - wwx.euras.com/euras/EIS/plugin/euras.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SearchTran Translation System (SearchTran) - Unknown owner - C:\Program Files\SearchTran Demo\SearchTran.exe

Profil

helen1 Poslao: 02 Feb 2008 22:24 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Resetuj racunar pa uradi sledece: Skini ComboFix sa jedne od sledecih adresa na Desktop: http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

Karapandza Poslao: 02 Feb 2008 22:51 Idi na vrh
offline Karapandza Novi MyCity građanin Pridružio: 02 Feb 2008 Poruke: 18	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-02.03.1 - Stevica 2008-02-02 22:35:36.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.236 [GMT 1:00] Running from: C:\Documents and Settings\Stevica\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat C:\WINDOWS\system32\khfeedc.dll ----- BITS: Possible infected sites ----- hxxp://www.download.windowsupdate.com . ((((((((((((((((((((((((( Files Created from 2008-01-02 to 2008-02-02 ))))))))))))))))))))))))))))))) . 2008-02-02 21:36 . 2008-01-10 15:57 2,421,312 --a------ C:\Documents and Settings\Administrator\Application Data.exe 2008-02-02 21:15 . 2008-02-02 22:32 <DIR> d-------- C:\VundoFix Backups 2008-02-02 20:26 . 2008-02-02 20:26 45 --a------ C:\WINDOWS\dll_execution.bak 2008-02-02 20:13 . 2008-02-02 20:14 41,644 --a------ C:\cc_20080202_2013.reg 2008-02-02 19:09 . 2008-02-02 19:09 327,680 --a------ C:\WINDOWS\system32\gebyw.dll.vir 2008-02-02 19:06 . 2008-02-02 19:07 <DIR> d-------- C:\Program Files\Trojan Remover 2008-02-02 19:06 . 2008-02-02 19:06 <DIR> d-------- C:\Documents and Settings\Stevica\Application Data\Simply Super Software 2008-02-02 19:06 . 2008-02-02 19:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software 2008-02-02 19:06 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll 2008-02-02 19:06 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll 2008-02-02 19:06 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll 2008-02-02 19:06 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll 2008-02-02 17:37 . 2008-02-02 19:10 217,858 --ahs---- C:\WINDOWS\system32\wybeg.ini2.vir 2008-02-02 17:37 . 2008-02-02 19:13 217,858 --ahs---- C:\WINDOWS\system32\wybeg.ini.vir 2008-02-02 17:33 . 2008-02-02 17:33 <DIR> d-------- C:\Program Files\Radmin 2008-02-02 15:50 . 2008-02-02 15:50 <DIR> d-------- C:\Documents and Settings\Stevica\Application Data\Mikrotik 2008-02-01 19:36 . 2008-02-01 20:14 17,269 --a------ C:\steva.map 2008-02-01 19:36 . 2008-02-01 20:14 863 --a------ C:\steva.obj 2008-02-01 19:36 . 2008-02-01 20:14 509 --a------ C:\steva.hex 2008-01-31 21:04 . 2008-02-01 20:14 1,269 --a------ C:\labels.tmp 2008-01-31 15:01 . 2008-01-31 15:01 191 --a------ C:\avrfreaks.aws 2008-01-31 14:57 . 2008-01-31 15:01 17,380 --a------ C:\avrfreaks.map 2008-01-31 14:57 . 2008-01-31 15:01 751 --a------ C:\avrfreaks.obj 2008-01-31 14:57 . 2008-01-31 15:01 431 --a------ C:\avrfreaks.hex 2008-01-31 14:56 . 2008-01-31 14:56 2,552 --a------ C:\avrfreaks.aps 2008-01-31 14:56 . 2008-01-31 15:01 2,143 --a------ C:\avrfreaks.asm 2008-01-30 19:27 . 2008-01-30 19:27 106 --a------ C:\josjedanpokusaj.aws 2008-01-30 19:23 . 2008-01-30 19:23 17,358 --a------ C:\josjedanpokusaj.map 2008-01-30 19:23 . 2008-01-30 19:23 1,197 --a------ C:\josjedanpokusaj.obj 2008-01-30 19:23 . 2008-01-30 19:23 705 --a------ C:\josjedanpokusaj.hex 2008-01-30 19:04 . 2008-01-30 19:23 4,523 --a------ C:\josjedanpokusaj.asm 2008-01-30 19:04 . 2008-01-30 19:27 2,628 --a------ C:\josjedanpokusaj.aps 2008-01-29 19:25 . 2008-01-29 19:27 <DIR> d-------- C:\Program Files\ELECTRONIC ASSEMBLY LCD Tools 2008-01-27 22:01 . 2008-01-27 22:01 0 --a------ C:\WINDOWS\CorelDrw.INI 2008-01-26 20:41 . 2008-01-26 20:41 <DIR> d-------- C:\Documents and Settings\Stevica\Application Data\Datarescue 2008-01-26 20:37 . 2008-01-26 20:39 <DIR> d-------- C:\Program Files\IDA 2008-01-26 19:53 . 2008-01-26 19:53 <DIR> d-------- C:\Documents and Settings\Stevica\Application Data\IDMComp 2008-01-26 19:51 . 2008-01-26 19:51 <DIR> d-------- C:\Program Files\IDM Computer Solutions 2008-01-26 19:31 . 2008-01-26 19:31 19 --a------ C:\WINDOWS\popcinfo.dat 2008-01-23 18:07 . 2008-02-01 21:18 203 --a------ C:\steva.aws 2008-01-23 17:13 . 2008-02-01 20:14 4,323 --a------ C:\steva.asm 2008-01-23 17:13 . 2008-02-01 17:47 2,834 --a------ C:\steva.aps 2008-01-23 17:13 . 2008-02-01 20:14 189 --a------ C:\AvrBuild.bat 2008-01-17 16:20 . 2008-01-17 16:20 <DIR> d-------- C:\Program Files\Resistor Color Coder 2008-01-16 16:08 . 2008-01-16 16:11 1,526 --a------ C:\WINDOWS\ECLCDE~1.INI 2008-01-14 23:36 . 2008-01-14 23:36 <DIR> d-------- C:\Program Files\Delay AVR 2008-01-14 23:36 . 2008-01-17 21:39 290,816 --------- C:\WINDOWS\Setup1.exe 2008-01-14 23:36 . 2008-01-17 21:39 74,240 --a------ C:\WINDOWS\ST6UNST.EXE 2008-01-13 21:55 . 2008-02-02 21:41 0 --a------ C:\WINDOWS\system32\execution.bak 2008-01-13 21:54 . 2006-03-08 10:23 282,624 --a------ C:\WINDOWS\UnInstall01.exe 2008-01-13 21:52 . 2008-01-29 09:18 <DIR> d-------- C:\Program Files\Word Translator Demo 2008-01-13 21:49 . 2008-01-13 21:54 <DIR> d-------- C:\Program Files\KnowledgeSearch 2008-01-13 21:47 . 2008-01-14 19:29 <DIR> d-------- C:\Program Files\HumanTran 2008-01-13 21:43 . 2008-01-13 21:54 <DIR> d-------- C:\Program Files\PocketTran Demo 2008-01-13 21:42 . 2008-01-13 21:54 <DIR> d-------- C:\Program Files\PalmTran Demo 2008-01-13 21:40 . 2008-01-13 21:54 <DIR> d-------- C:\Program Files\LetterTran Demo 2008-01-13 21:38 . 2008-02-02 22:32 <DIR> d-------- C:\Program Files\SearchTran Demo 2008-01-13 21:21 . 2008-01-13 22:34 <DIR> d-------- C:\Program Files\NeuroTran 2008-01-13 21:20 . 2008-01-13 21:55 <DIR> d-------- C:\temp 2008-01-11 17:04 . 2008-01-11 17:04 <DIR> d-------- C:\Appnotes 2008-01-10 23:58 . 2008-01-10 23:58 <DIR> d-------- C:\AX NF ZZ 2008-01-10 22:53 . 2002-11-19 15:39 67,221 --------- C:\WINDOWS\system32\VSNL2ADA.VXD 2008-01-10 22:52 . 2008-01-10 22:52 0 --a------ C:\WINDOWS\s7alibxx.INI 2008-01-10 22:42 . 2002-10-07 15:47 196,671 --a------ C:\WINDOWS\system32\gsdectrl.dll 2008-01-10 22:39 . 2002-08-28 12:26 495,669 --a------ C:\WINDOWS\system32\S7OINTFX.dll 2008-01-10 22:39 . 2002-08-28 12:20 110,645 --a------ C:\WINDOWS\system32\s7wcaotx.dll 2008-01-10 22:39 . 2002-08-28 12:22 69,685 --a------ C:\WINDOWS\system32\S7OTBLEX.dll 2008-01-10 22:39 . 2000-02-09 13:08 40,960 --a------ C:\WINDOWS\system32\MelbReg.dll 2008-01-10 22:39 . 1999-11-05 14:27 33,280 --a------ C:\WINDOWS\system32\s7erwlcx.dll 2008-01-10 22:28 . 2002-10-24 15:30 492,599 --a------ C:\WINDOWS\system32\drivers\s7otranx.sys 2008-01-10 21:28 . 2008-01-10 21:49 <DIR> d-------- C:\SEME 2008-01-10 21:02 . 2008-01-10 21:05 <DIR> d-------- C:\Program Files\WhereIsIt 2008-01-10 20:53 . 2008-01-10 22:27 <DIR> d-------- C:\STEP5 2008-01-10 20:53 . 2008-01-10 22:27 <DIR> d-------- C:\S5_INFO 2008-01-10 20:53 . 2001-11-21 07:20 894,464 --------- C:\WINDOWS\system32\MFC40D.DLL 2008-01-10 20:53 . 2001-11-21 07:20 444,928 --------- C:\WINDOWS\system32\MSVCR40D.DLL 2008-01-10 20:53 . 2002-05-08 09:20 188,416 --a------ C:\WINDOWS\system32\drivers\S5MCD.SYS 2008-01-10 20:53 . 2002-10-24 15:25 135,223 --a------ C:\WINDOWS\system32\S7onlinx.dll 2008-01-10 20:53 . 2002-05-08 09:20 77,312 --a------ C:\WINDOWS\system32\S5_VDD.DLL 2008-01-10 20:53 . 2002-05-08 09:20 15,360 --------- C:\WINDOWS\system32\drivers\S5AS511.SYS 2008-01-10 20:10 . 2008-01-10 20:10 <DIR> d-------- C:\Program Files\FasTrak SoftWorks, Inc 2008-01-10 20:09 . 2008-01-10 20:09 <DIR> d-------- C:\Program Files\Rainbow Technologies 2008-01-10 20:05 . 2008-01-10 20:07 <DIR> d-------- C:\WINDOWS\system32\URTTemp 2008-01-09 20:48 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2008-01-09 20:48 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2008-01-09 20:48 . 2007-12-20 23:11 81,920 --a------ C:\WINDOWS\system32\IEDFix.exe 2008-01-09 20:48 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe 2008-01-09 20:48 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2008-01-09 20:48 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2008-01-09 16:55 . 1996-12-03 10:45 766 -ra------ C:\WINDOWS\S7BOOK.ICO 2008-01-09 16:01 . 2008-01-10 22:50 <DIR> d-------- C:\WINDOWS\Setup 2008-01-09 16:01 . 2008-01-10 22:35 <DIR> d-------- C:\Program Files\SIEMENS 2008-01-09 16:01 . 2008-01-09 16:01 <DIR> d-------- C:\Program Files\Notes 2008-01-09 16:01 . 2001-08-10 09:05 217,088 --a------ C:\WINDOWS\system32\s7esetdx.dll 2008-01-09 16:01 . 2008-01-10 22:53 4,520 --a------ C:\WINDOWS\Citamis.str 2008-01-06 14:37 . 2008-01-06 14:38 <DIR> d-------- C:\igrice 2008-01-05 22:23 . 2007-07-16 17:32 39,424 --a------ C:\WINDOWS\system32\drivers\USB18PRG.sys 2008-01-05 22:22 . 2008-01-05 22:23 <DIR> d-------- C:\Program Files\Mikroelektronika 2008-01-05 21:28 . 2008-01-05 21:28 <DIR> d-------- C:\Program Files\Algorithm Builder 2008-01-04 20:10 . 2008-01-04 20:10 <DIR> d-------- C:\Program Files\LizardTech . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-02-02 20:54 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-02-02 14:28 --------- d-----w C:\Documents and Settings\Stevica\Application Data\Skype 2008-01-27 21:00 4,182 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys 2008-01-27 20:54 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-01-25 18:55 --------- d-----w C:\Documents and Settings\Stevica\Application Data\AdobeUM 2008-01-17 21:31 --------- d-----w C:\Program Files\Unit Conversion Tool 2008-01-10 19:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-01-09 17:47 --------- d-----w C:\Documents and Settings\Stevica\Application Data\Lavasoft 2008-01-06 13:45 --------- d-----w C:\Program Files\GameHouse 2008-01-04 18:57 --------- d---a-w C:\Program Files\SymptomCure 2007-12-27 18:40 --------- d-----w C:\Program Files\bin 2007-12-27 18:39 8,416 ----a-w C:\Program Files\irunin.lng 2007-12-27 18:39 62,221 ----a-w C:\Program Files\irunin.dat 2007-12-27 18:39 286,720 ----a-w C:\WINDOWS\iun506.exe 2007-12-27 18:39 2,926 ----a-w C:\Program Files\irunin.ini 2007-12-27 18:39 --------- d-----w C:\Program Files\libsrc.avr 2007-12-27 18:39 --------- d-----w C:\Program Files\lib 2007-12-27 18:39 --------- d-----w C:\Program Files\include 2007-12-27 18:39 --------- d-----w C:\Program Files\Help 2007-12-27 18:39 --------- d-----w C:\Program Files\examples.avr 2007-12-27 18:39 --------- d-----w C:\Program Files\drivers 2007-12-20 12:17 27,500 ----a-w C:\Program Files\readmeAVR.txt 2007-12-18 15:28 --------- d-----w C:\Program Files\Winamp 2007-12-16 20:08 --------- d-----w C:\Program Files\LittleEdit 2007-12-10 22:39 --------- d-----w C:\Program Files\vPlug Files Center 2007-12-07 18:42 --------- d-----w C:\Program Files\ImenikZR 2007-12-05 04:11 --------- d-----w C:\Program Files\Atmel 2007-12-05 04:11 --------- d-----w C:\Documents and Settings\Stevica\Application Data\InstallShield 2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr 2007-11-22 20:41 283,120 ----a-w C:\Kenwood otkljucaj.zip 2007-11-22 20:16 283,120 ----a-w C:\Kenwood.zip 2007-11-09 02:16 154,884 ----a-w C:\Program Files\latest_mfsavr.7z 2007-10-17 21:15 1,149 ----a-w C:\Program Files\MapFileSummy.readme.txt 2006-02-09 11:49 29,696 ----a-w C:\Program Files\readme_avrkit.doc 2006-02-08 04:12 30,720 ----a-w C:\Program Files\iccnetwork.doc 2005-06-22 16:50 20,311 ----a-w C:\Program Files\nv4_disp.cat 2005-06-15 15:20 878 ----a-w C:\Program Files\setup.ini 2005-06-15 15:20 861,999 ----a-w C:\Program Files\nvwdmcpl.dl_ 2005-06-15 15:20 86,193 ----a-w C:\Program Files\NvColor.ex_ 2005-06-15 15:20 80,680 ----a-w C:\Program Files\NVEPClnt.ex_ 2005-06-15 15:20 8,428 ----a-w C:\Program Files\NvwsApps.xm_ 2005-06-15 15:20 79,536 ----a-w C:\Program Files\modes.txt 2005-06-15 15:20 74,770 ----a-w C:\Program Files\nvsvc32.ex_ 2005-06-15 15:20 68,593 ----a-w C:\Program Files\setup.skin 2005-06-15 15:20 649,192 ----a-w C:\Program Files\nview.dl_ 2005-06-15 15:20 643,489 ----a-w C:\Program Files\nwiz.ex_ 2005-06-15 15:20 6,170 ----a-w C:\Program Files\NvApps.xm_ 2005-06-15 15:20 6,144 ----a-w C:\Program Files\Finance.tv_ 2005-06-15 15:20 6,101 ----a-w C:\Program Files\Advanced.tv_ 2005-06-15 15:20 512 ----a-w C:\Program Files\data2.cab 2005-06-15 15:20 510 ----a-w C:\Program Files\layout.bin 2005-06-15 15:20 5,857 ----a-w C:\Program Files\DCC.tv_ 2005-06-15 15:20 5,661 ----a-w C:\Program Files\CAD.tv_ 2005-06-15 15:20 48,454 ----a-w C:\Program Files\nvwddi.dl_ 2005-06-15 15:20 468,522 ----a-w C:\Program Files\nvdspsch.ex_ 2005-06-15 15:20 459,544 ----a-w C:\Program Files\engine32.cab 2005-06-15 15:20 44,069 ----a-w C:\Program Files\NvMCTray.dl_ 2005-06-15 15:20 435,969 ----a-w C:\Program Files\setup.ibt 2005-06-15 15:20 431 ----a-w C:\Program Files\setup.iss 2005-06-15 15:20 40,473 ----a-w C:\Program Files\nv4_disp.inf 2005-06-15 15:20 4,981 ----a-w C:\Program Files\Readme.txt 2005-06-15 15:20 4,821,705 ----a-w C:\Program Files\data1.cab 2005-06-15 15:20 4,516,220 ----a-w C:\Program Files\NvCpl.dl_ 2005-06-15 15:20 37,359 ----a-w C:\Program Files\nvwcplen.hl_ 2005-06-15 15:20 35,238 ----a-w C:\Program Files\nvtuicpl.cp_ 2005-06-15 15:20 336,369 ----a-w C:\Program Files\nvwimg.dl_ 2005-06-15 15:20 29,096 ----a-w C:\Program Files\data1.hdr 2005-06-15 15:20 27,629 ----a-w C:\Program Files\HPQVDISP.dl_ 2005-06-15 15:20 25,848 ----a-w C:\Program Files\nvsysrot.dl_ 2005-06-15 15:20 23,918 ----a-w C:\Program Files\nviewx.dl_ 2005-06-15 15:20 225,747 ----a-w C:\Program Files\setup.inx 2005-06-15 15:20 21,819 ----a-w C:\Program Files\nvcod.dl_ 2005-06-15 15:20 204,576 ----a-w C:\Program Files\nvappbar.ex_ 2005-06-15 15:20 2,625,781 ----a-w C:\Program Files\nvoglnt.dl_ 2005-06-15 15:20 2,260 ----a-w C:\Program Files\TOSGFX.dl_ 2005-06-15 15:20 2,224 ----a-w C:\Program Files\NVGFX.dl_ 2005-06-15 15:20 2,131,593 ----a-w C:\Program Files\nv4_disp.dl_ 2005-06-15 15:20 199,840 ----a-w C:\Program Files\nvshell.dl_ 2005-06-15 15:20 198,757 ----a-w C:\Program Files\keystone.ex_ 2005-06-15 15:20 176,760 ----a-w C:\Program Files\setup.bmp 2005-06-15 15:20 176,128 ----a-w C:\Program Files\nvudisp.exe 2005-06-15 15:20 155,657 ----a-w C:\Program Files\nvnt4cpl.dl_ 2005-06-15 15:20 146,450 ----a-w C:\Program Files\NVCPL.HL_ 2005-06-15 15:20 14,757 ----a-w C:\Program Files\NVDisp.nvu 2005-06-15 15:20 134,516 ----a-w C:\Program Files\nvhwvid.dl_ 2005-06-15 15:20 116,880 ----a-w C:\Program Files\setup.exe 2005-06-15 15:20 10,796 ----a-w C:\Program Files\tablet.tv_ 2005-06-15 15:20 10,222 ----a-w C:\Program Files\default.tv_ 2005-06-15 15:20 1,717,469 ----a-w C:\Program Files\nv4_mini.sy_ 2001-11-23 04:08 712,704 ----a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL 2007-10-15 20:03 16,384 --sha-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat 2007-10-15 20:03 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat 2007-10-15 20:03 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012007101520071016\index.dat 2007-10-15 20:03 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C3A6061D-1CF6-488a-86C9-B89423F1E64B}] 2008-01-13 22:33 720896 --a------ C:\Program Files\SearchTran Demo\SearchTran_IE_bar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {C3A6061D-1CF6-488A-86C9-B89423F1E64B} [HKEY_CLASSES_ROOT\clsid\{c3a6061d-1cf6-488a-86c9-b89423f1e64b}] [HKEY_CLASSES_ROOT\TranExp.TranExpBand.1] [HKEY_CLASSES_ROOT\TypeLib\{37686C62-D497-42E3-BAAB-78D89A74E151}] [HKEY_CLASSES_ROOT\TranExp.TranExpBand] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 15:46 1460560] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2005-06-14 13:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Cmaudio"="cmicnfg.cpl" [] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-06-15 16:20 6803456] "nwiz"="nwiz.exe" [2005-06-15 16:20 1519616 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-06-15 16:20 86016] "OrderReminder"="C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe" [2006-01-30 10:00 98304] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496] "DTVRemote"="C:\Program Files\VOX-II\RemoteControl.exe" [2006-04-04 10:09 65536] "BluetoothAuthenticationAgent"="bthprops.cpl" [2005-06-14 13:00 110592 C:\WINDOWS\system32\bthprops.cpl] "DiskeeperSystray"="C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-10-04 11:38 163840] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 23:47 31016] "LVCOMS"="C:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE" [2003-09-04 10:45 135214] "RealTray"="C:\Program Files\K-Lite Codec Pack\Real\mpclauncher.exe" [2007-08-17 13:44 675328] "S7UB Start"="C:\Program Files\Siemens\Common\S7ubtoox\s7ubtstx.exe" [2002-11-18 20:01 110645] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "VundoFix"="C:\!!!!!!hijacksssssssssssssss\vundofix.exe" [2008-02-02 21:15 132608] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2005-06-14 13:00 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="regsvr32 /s /n /i:u shell32" [] R2 Dpmtrcdd;Dpmtrcdd;C:\WINDOWS\system32\DRIVERS\dpmtrcdd.sys [2002-09-30 11:45] R2 s7osmcax;s7osmcax;C:\WINDOWS\system32\Drivers\s7osmcax.sys [2002-10-24 15:29] R2 s7otranx;s7otranx;C:\WINDOWS\system32\Drivers\s7otranx.sys [2002-10-24 15:30] R2 SearchTran;SearchTran Translation System;C:\Program Files\SearchTran Demo\SearchTran.exe [2004-07-15 11:32] R3 axvbusx;axvbusx;C:\WINDOWS\system32\DRIVERS\axvbusx.sys [2002-12-27 19:14] R3 axvscsi;axvscsi;C:\WINDOWS\system32\DRIVERS\axvscsi.sys [2002-12-27 19:14] R3 PID_0920;Logitech QuickCam Express(PID_0920);C:\WINDOWS\system32\DRIVERS\LV532AV.SYS [2003-09-04 10:38] R3 SKYNET;TechniSat DVB-PC TV Star PCI;C:\WINDOWS\system32\DRIVERS\SkyNET.SYS [2007-10-01 19:54] S3 DLPortIO;DriverLINX Port I/O Driver;C:\WINDOWS\system32\DRIVERS\DLPortIO.SYS [2006-02-09 12:46] S3 S5AS511;S5AS511;C:\WINDOWS\system32\drivers\S5AS511.sys [2002-05-08 09:20] S3 S5MCD;S5MCD;C:\WINDOWS\system32\drivers\S5MCD.sys [2002-05-08 09:20] S3 s7oefs_x;SIMATIC MPI/EFS Driver;C:\WINDOWS\system32\drivers\s7oefs_x.sys [2002-10-18 01:34] S3 SkyNetBDA;TechniSat DVB-PC TV Star PCI (BDA);C:\WINDOWS\system32\DRIVERS\SkyNetBDA.sys [2007-10-01 19:55] S3 TridDev;Trident Device;C:\WINDOWS\system32\DRIVERS\Triddev.sys [2005-04-26 08:01] S3 TridVid;Trident Analog plus Digital Video;C:\WINDOWS\system32\DRIVERS\TridVid.sys [2007-10-19 21:27] S3 USB18PRG;mikroElektronika USB18F Device (x86 Platform);C:\WINDOWS\system32\Drivers\USB18PRG.sys [2007-07-16 17:32] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;"C:\Program Files\MSN Messenger\usnsvc.exe" [2007-01-19 12:54] . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-02-02 22:39:07 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-02-02 22:39:57 ComboFix-quarantined-files.txt 2008-02-02 21:39:42 . 2007-10-22 17:52:21 --- E O F ---

Profil

helen1 Poslao: 02 Feb 2008 23:23 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da li si resetovao kompjuter kao sto sam ti rekao?

Profil

Karapandza Poslao: 02 Feb 2008 23:29 Idi na vrh
offline Karapandza Novi MyCity građanin Pridružio: 02 Feb 2008 Poruke: 18	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da resetovao sam ga i onda skenirao

Profil

helen1 Poslao: 02 Feb 2008 23:38 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da li si obrisao Vundofix pre reseta? Iz nekog razloga VundoFix nije zavrsio svoj posao, i nas interesuje zasto. Trebao je nakon restarta da obrise jos par fajlova.

Profil

Karapandza Poslao: 02 Feb 2008 23:40 Idi na vrh
offline Karapandza Novi MyCity građanin Pridružio: 02 Feb 2008 Poruke: 18	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nisam.I posle svakog ukljucenja pojavljuje se on i trazi da skenira sistem.

Profil

bobby Poslao: 02 Feb 2008 23:41 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! I dozvolio si mu da skenira ili ne?

Profil

Karapandza Poslao: 02 Feb 2008 23:45 Idi na vrh
offline Karapandza Novi MyCity građanin Pridružio: 02 Feb 2008 Poruke: 18	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pa sad zadnji put nisam jer sam pokrenuo Combofix ali pre toga jesam i uvek je pronalazio neki k...dll fajl i nije mogao da ga obrise vec je trazio restart i onda opet isto.

Profil

bobby Poslao: 02 Feb 2008 23:47 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Restartuj i pusti VundoFix da zavrsi skeniranje do kraja. Kada zavrsi skeniranje na ekranu ces dobiti log koji ces nam ovde iskopirati.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Win32 TratBHO(trj) problem

Ko je trenutno na forumu

Ukupno su 636 korisnika na forumu :: 20 registrovanih, 3 sakrivenih i 613 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: anbeast, bojank, Djokislav, djordje92sm, DonRumataEstorski, dragoljub11987, Georgius, hyla, Kenanjoz, Koridor, kripo, krkalon, kybonacci, milenko crazy north, Mixelotti, Panonsky, pein, Romibrat, wolverined4, yrraf

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by