MyCity » Ambulanta -> Arhiva Ambulante » [helen1]Trojanci Pomoc Pomoc!!

[helen1]Trojanci Pomoc Pomoc!!

Napisano na dan: 24.9.2008

Strana:
1
2
3

[helen1]Trojanci Pomoc Pomoc!!

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

ivan.b Poslao: 24 Sep 2008 11:55 Idi na vrh
offline ivan.b Novi MyCity građanin Pridružio: 24 Sep 2008 Poruke: 11	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Molim nekoga za pomoc.Pokusao sam sve da uradim da ocistim kompjuter ali bezuspesno.Combofixom sam pokusao isto ali posle je kaspersky ipak nasao Trojance. Ovo Je Hijackthis.txt kopia: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:36:43, on 2008-09-24 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\SYSTEM32\astsrv.exe C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\Program\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program\CDBurnerXP\NMSAccessU.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe C:\WINDOWS\system32\svchost.exe C:\Program\Dell\Media Experience\DMXLauncher.exe C:\Program\Java\jre1.6.0_07\bin\jusched.exe C:\Program\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Program\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe C:\Program\CyberLink\PowerDVD\DVDLauncher.exe C:\Program\QuickTime\QTTask.exe C:\Program\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Delade filer\InstallShield\UpdateService\isuspm.exe C:\Documents and Settings\Ivan Bosnjak\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe C:\Program\Personal\bin\Personal.exe C:\Program\iPod\bin\iPodService.exe C:\WINDOWS\explorer.exe C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe C:\Program\Mozilla Firefox\firefox.exe C:\Documents and Settings\Ivan Bosnjak\Skrivbord\Ny mapp (2)\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: Länkhjälp till Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Delade filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [DMXLauncher] C:\Program\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [IAAnotif] C:\Program\Intel\Intel Matrix Storage Manager\Iaanotif.exe O4 - HKLM\..\Run: [CTSysVol] C:\Program\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [DVDLauncher] "C:\Program\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [AVP] "C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [ISUSPM] "C:\Program\Delade filer\InstallShield\UpdateService\isuspm.exe" -scheduler O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-19\..\Run: [yamebatepe] Rundll32.exe "C:\WINDOWS\system32\gepesiso.dll",s (User 'LOKAL TJÄNST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BankID säkerhetsprogram.lnk = C:\Program\Personal\bin\Personal.exe O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Encarta Search Bar - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program\Delade filer\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - support.euro.dell.com/systemprofiler/SysPro.CAB O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com/microsoftupdate/v6/V5C.....5998475654 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program\Microsoft Office\Office12\GrooveSystemServices.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AST Service (astcc) - Advanced Software Technologies - C:\WINDOWS\SYSTEM32\astsrv.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program\Bonjour\mDNSResponder.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program\iPod\bin\iPodService.exe O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Unknown owner - C:\Program\Spyware Terminator\sp_rsser.exe (file missing) -- End of file - 8404 bytes Evo sta je kaspersky nasao posle ComboFixa : 2008-09-24 11:42:57 Detected: Heur.Trojan.Generic C:\program\Trend Micro\HijackThis\backups\backup-20080924-015925-192.dll 2008-09-24 11:42:58 Untreated: Heur.Trojan.Generic C:\program\Trend Micro\HijackThis\backups\backup-20080924-015925-192.dll Postponed Molim vas za pomoc Hvala unapred

Profil

helen1 Poslao: 24 Sep 2008 12:28 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! A sta je kaspersky nasao pre skena ComboFixa (koji se inace ne preporucuje za koriscenje ne strucnim osobama, osim ukoliko nisi upoznat sa njegovim funkcijama, onda izvini)? Promeni ime HiJackThis-a u neko drugo ime, kao sto kaze uputstvo za postavljanje loga. Pa mi onda postavi novi log.

Profil

ivan.b Poslao: 24 Sep 2008 13:12 Idi na vrh
offline ivan.b Novi MyCity građanin Pridružio: 24 Sep 2008 Poruke: 11	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ja Bas nisam nekakav strucnjak ali sam citao na forumu sta su drugi radili pa sam pokusao i ja.Evo sta je kaspersky nasao prije: Full Scan: stopped 2008-09-24 02:40:15 (events: 13, objects: 3878, time: 00:02:56) Full Scan: stopped 2008-09-24 02:40:15 (events: 13, objects: 3878, time: 00:02:56) 2008-09-24 02:31:16 Task started 2008-09-24 02:31:20 Task stopped 2008-09-24 02:37:19 Task started 2008-09-24 02:37:24 Detected: Heur.Trojan.Generic C:\WINDOWS\system32\sekisahi.dll 2008-09-24 02:37:24 Untreated: Heur.Trojan.Generic C:\WINDOWS\system32\sekisahi.dll Postponed 2008-09-24 02:37:27 Detected: Heur.Trojan.Generic C:\WINDOWS\system32\gepesiso.dll 2008-09-24 02:37:27 Untreated: Heur.Trojan.Generic C:\WINDOWS\system32\gepesiso.dll Postponed 2008-09-24 02:38:49 Detected: Heur.Trojan.Generic C:\WINDOWS\system32\gepesiso.dll 2008-09-24 02:39:02 Detected: Heur.Trojan.Generic C:\WINDOWS\system32\sekisahi.dll 2008-09-24 02:39:09 Detected: Heur.Trojan.Generic C:\WINDOWS\system32\kosuyapu.dll 2008-09-24 02:39:09 Untreated: Heur.Trojan.Generic C:\WINDOWS\system32\kosuyapu.dll Postponed 2008-09-24 02:39:26 Detected: viruslist.com/en/advisories/27620 C:\program\real\realplayer\realplay.exe 2008-09-24 02:40:15 Task stopped Full Scan: stopped 2008-09-24 02:40:15 (events: 13, objects: 3878, time: 00:02:56) 2008-09-24 02:37:44 Task started 2008-09-24 02:37:45 Detected: Heur.Trojan.Generic C:\WINDOWS\system32\gepesiso.dll 2008-09-24 02:37:46 Will be deleted on system restart: Heur.Trojan.Generic C:\WINDOWS\system32\gepesiso.dll 2008-09-24 02:37:48 Disinfected: Heur.Trojan.Generic HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\yamebatepe 2008-09-24 02:37:48 Disinfected: Heur.Trojan.Generic HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\yamebatepe 2008-09-24 02:37:48 Disinfected: Heur.Trojan.Generic HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\yamebatepe 2008-09-24 02:38:00 Detected: Heur.Trojan.Generic C:\WINDOWS\system32\sekisahi.dll 2008-09-24 02:38:02 Detected: Heur.Trojan.Generic C:\WINDOWS\system32\gepesiso.dll 2008-09-24 02:38:13 Disinfected: Heur.Trojan.Generic HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs 2008-09-24 02:38:15 Will be quarantined on system restart: Heur.Trojan.Generic C:\WINDOWS\system32\sekisahi.dll 2008-09-24 02:38:27 Disinfected: Heur.Trojan.Generic HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs 2008-09-24 02:39:41 Detected: Heur.Trojan.Generic C:\WINDOWS\system32\gepesiso.dll 2008-09-24 02:39:47 Detected: Heur.Trojan.Generic C:\WINDOWS\system32\sekisahi.dll 2008-09-24 02:39:48 Detected: Heur.Trojan.Generic C:\WINDOWS\system32\kosuyapu.dll 2008-09-24 02:39:54 Disinfected: Heur.Trojan.Generic HKCR\{9911ac12-6e83-4f6e-a398-e5c2c97f385a}\InprocServer32 2008-09-24 02:39:54 Deleted: Heur.Trojan.Generic HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9911ac12-6e83-4f6e-a398-e5c2c97f385a} 2008-09-24 02:39:55 Cannot be quarantined: Heur.Trojan.Generic C:\WINDOWS\system32\kosuyapu.dll 2008-09-24 02:40:08 Task completed Full Scan: stopped 2008-09-24 02:40:15 (events: 13, objects: 3878, time: 00:02:56) 2008-09-24 02:42:00 Task started 2008-09-24 02:42:39 Detected: viruslist.com/en/advisories/27620 C:\program\real\realplayer\realplay.exe 2008-09-24 02:44:51 Task stopped 2008-09-24 02:45:27 Task started 2008-09-24 02:47:57 Detected: Trojan.Win32.Shutdowner.ate C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP574\A0137790.0xe 2008-09-24 02:47:57 Untreated: Trojan.Win32.Shutdowner.ate C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP574\A0137790.0xe Postponed 2008-09-24 02:48:46 Detected: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP580\A0141751.exe 2008-09-24 02:48:46 Untreated: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP580\A0141751.exe Postponed 2008-09-24 02:48:46 Detected: Backdoor.Win32.Frauder.hp C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP580\A0141752.exe 2008-09-24 02:48:46 Detected: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP580\A0141753.exe 2008-09-24 02:48:46 Untreated: Backdoor.Win32.Frauder.hp C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP580\A0141752.exe Postponed 2008-09-24 02:48:46 Untreated: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP580\A0141753.exe Postponed 2008-09-24 02:48:46 Detected: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP580\A0141754.exe 2008-09-24 02:48:46 Untreated: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP580\A0141754.exe Postponed 2008-09-24 02:48:46 Detected: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP580\A0141755.exe 2008-09-24 02:48:46 Untreated: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP580\A0141755.exe Postponed 2008-09-24 02:48:46 Detected: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141782.exe 2008-09-24 02:48:46 Detected: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141781.exe 2008-09-24 02:48:46 Untreated: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141782.exe Postponed 2008-09-24 02:48:46 Untreated: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141781.exe Postponed 2008-09-24 02:48:46 Detected: Backdoor.Win32.Frauder.hp C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141784.exe 2008-09-24 02:48:46 Untreated: Backdoor.Win32.Frauder.hp C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141784.exe Postponed 2008-09-24 02:48:46 Detected: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141786.exe 2008-09-24 02:48:46 Untreated: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141786.exe Postponed 2008-09-24 02:48:46 Detected: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141787.exe 2008-09-24 02:48:46 Untreated: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141787.exe Postponed 2008-09-24 02:48:46 Detected: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141789.exe 2008-09-24 02:48:46 Untreated: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141789.exe Postponed 2008-09-24 02:49:34 Detected: Backdoor.Win32.Frauder.hp C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145610.exe 2008-09-24 02:49:34 Untreated: Backdoor.Win32.Frauder.hp C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145610.exe Postponed 2008-09-24 02:49:34 Detected: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145613.dll 2008-09-24 02:49:34 Untreated: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145613.dll Postponed 2008-09-24 02:49:34 Detected: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145614.dll 2008-09-24 02:49:34 Untreated: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145614.dll Postponed 2008-09-24 02:49:34 Detected: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145615.dll 2008-09-24 02:49:34 Untreated: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145615.dll Postponed 2008-09-24 02:49:34 Detected: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145616.dll 2008-09-24 02:49:34 Untreated: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145616.dll Postponed 2008-09-24 02:49:35 Detected: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145618.dll 2008-09-24 02:49:35 Detected: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145619.dll 2008-09-24 02:49:35 Untreated: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145619.dll Postponed 2008-09-24 02:49:35 Untreated: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145618.dll Postponed 2008-09-24 02:49:35 Detected: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145621.dll 2008-09-24 02:49:35 Detected: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145620.dll 2008-09-24 02:49:35 Detected: Backdoor.Win32.Frauder.hp C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145622.exe 2008-09-24 02:49:35 Untreated: Backdoor.Win32.Frauder.hp C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145622.exe Postponed 2008-09-24 02:49:35 Untreated: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145621.dll Postponed 2008-09-24 02:49:36 Untreated: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145620.dll Postponed 2008-09-24 02:50:01 Detected: Heur.Trojan.Generic C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP593\A0145999.dll 2008-09-24 02:50:01 Untreated: Heur.Trojan.Generic C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP593\A0145999.dll Postponed 2008-09-24 02:50:01 Detected: Heur.Trojan.Generic C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP593\A0146002.dll 2008-09-24 02:50:01 Untreated: Heur.Trojan.Generic C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP593\A0146002.dll Postponed 2008-09-24 02:50:01 Detected: Heur.Trojan.Generic C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP593\A0146003.dll 2008-09-24 02:50:01 Untreated: Heur.Trojan.Generic C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP593\A0146003.dll Postponed 2008-09-24 02:55:56 Detected: viruslist.com/en/advisories/28083 C:\dell\Drivers\R131082\SYS\Flash8a.ocx 2008-09-24 03:06:44 Detected: Heur.Trojan.Generic C:\Documents and Settings\NetworkService\Lokala inställningar\Temporary Internet Files\Content.IE5\3GNOWNVH\pldr[1].htm 2008-09-24 03:06:44 Untreated: Heur.Trojan.Generic C:\Documents and Settings\NetworkService\Lokala inställningar\Temporary Internet Files\Content.IE5\3GNOWNVH\pldr[1].htm Postponed 2008-09-24 03:07:51 Detected: viruslist.com/en/advisories/31010 C:\i386\java.exe 2008-09-24 03:07:51 Detected: viruslist.com/en/advisories/31010 C:\i386\javaws.exe 2008-09-24 03:13:27 Detected: viruslist.com/en/advisories/28083 C:\program\Dell\Mouse Suite\Flash8a.ocx 2008-09-24 03:14:05 Detected: viruslist.com/en/advisories/31010 C:\program\Java\j2re1.4.2_03\bin\eula.dll 2008-09-24 03:14:09 Detected: viruslist.com/en/advisories/31010 C:\program\Java\jre1.5.0_09\bin\java.exe 2008-09-24 03:14:10 Detected: viruslist.com/en/advisories/31010 C:\program\Java\jre1.5.0_09\bin\javaws.exe 2008-09-24 03:14:15 Detected: viruslist.com/en/advisories/31010 C:\program\Java\jre1.5.0_10\bin\java.exe 2008-09-24 03:14:15 Detected: viruslist.com/en/advisories/31010 C:\program\Java\jre1.5.0_10\bin\javaws.exe 2008-09-24 03:14:20 Detected: viruslist.com/en/advisories/31010 C:\program\Java\jre1.6.0_01\bin\java.exe 2008-09-24 03:14:24 Detected: viruslist.com/en/advisories/31010 C:\program\Java\jre1.6.0_02\bin\java.exe 2008-09-24 03:14:30 Detected: viruslist.com/en/advisories/31010 C:\program\Java\jre1.6.0_03\bin\java.exe 2008-09-24 03:14:37 Detected: viruslist.com/en/advisories/31010 C:\program\Java\jre1.6.0_05\bin\java.exe 2008-09-24 03:14:43 Detected: viruslist.com/en/advisories/31010 C:\program\Java\jre1.6.0_06\bin\java.exe 2008-09-24 03:17:27 Detected: viruslist.com/en/advisories/31549 C:\program\Opera\Opera.exe 2008-09-24 03:17:58 Detected: viruslist.com/en/advisories/27620 C:\program\real\realplayer\realplay.exe 2008-09-24 03:18:28 Detected: viruslist.com/en/advisories/31010 C:\program\Sony Ericsson\Update Service\jre\bin\java.exe 2008-09-24 03:18:40 Detected: Heur.Trojan.Generic C:\program\Trend Micro\HijackThis\backups\backup-20080924-015925-192.dll 2008-09-24 03:18:40 Untreated: Heur.Trojan.Generic C:\program\Trend Micro\HijackThis\backups\backup-20080924-015925-192.dll Postponed 2008-09-24 03:20:07 Detected: viruslist.com/en/advisories/28083 C:\WINDOWS\Flash8a.ocx 2008-09-24 03:27:51 Detected: viruslist.com/en/advisories/28083 C:\WINDOWS\system32\Flash8a.ocx 2008-09-24 03:28:47 Detected: viruslist.com/en/advisories/28083 C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx 2008-09-24 03:29:02 Detected: Heur.Trojan.Generic C:\WINDOWS\Temp\TMP1A.exe 2008-09-24 03:29:02 Untreated: Heur.Trojan.Generic C:\WINDOWS\Temp\TMP1A.exe Postponed 2008-09-24 03:29:02 Detected: Heur.Trojan.Generic C:\WINDOWS\Temp\TMP3209.exe 2008-09-24 03:29:02 Untreated: Heur.Trojan.Generic C:\WINDOWS\Temp\TMP3209.exe Postponed 2008-09-24 03:29:02 Detected: Heur.Trojan.Generic C:\WINDOWS\Temp\TMPA15E.exe 2008-09-24 03:29:02 Untreated: Heur.Trojan.Generic C:\WINDOWS\Temp\TMPA15E.exe Postponed 2008-09-24 03:29:08 Detected: Heur.Trojan.Generic C:\Documents and Settings\NetworkService\Lokala inställningar\Temporary Internet Files\Content.IE5\3GNOWNVH\pldr[1].htm 2008-09-24 03:29:13 Detected: Heur.Trojan.Generic C:\program\Trend Micro\HijackThis\backups\backup-20080924-015925-192.dll 2008-09-24 03:29:13 Detected: Trojan.Win32.Shutdowner.ate C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP574\A0137790.0xe 2008-09-24 03:29:13 Deleted: Trojan.Win32.Shutdowner.ate C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP574\A0137790.0xe 2008-09-24 03:29:13 Detected: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP580\A0141751.exe 2008-09-24 03:29:13 Deleted: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP580\A0141751.exe 2008-09-24 03:29:13 Detected: Backdoor.Win32.Frauder.hp C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP580\A0141752.exe 2008-09-24 03:29:13 Deleted: Backdoor.Win32.Frauder.hp C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP580\A0141752.exe 2008-09-24 03:29:13 Detected: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP580\A0141753.exe 2008-09-24 03:29:13 Deleted: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP580\A0141753.exe 2008-09-24 03:29:13 Detected: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP580\A0141754.exe 2008-09-24 03:29:13 Deleted: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP580\A0141754.exe 2008-09-24 03:29:13 Detected: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP580\A0141755.exe 2008-09-24 03:29:13 Deleted: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP580\A0141755.exe 2008-09-24 03:29:13 Detected: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141781.exe 2008-09-24 03:29:13 Deleted: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141781.exe 2008-09-24 03:29:13 Detected: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141782.exe 2008-09-24 03:29:13 Deleted: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141782.exe 2008-09-24 03:29:13 Detected: Backdoor.Win32.Frauder.hp C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141784.exe 2008-09-24 03:29:13 Deleted: Backdoor.Win32.Frauder.hp C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141784.exe 2008-09-24 03:29:13 Detected: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141786.exe 2008-09-24 03:29:13 Deleted: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141786.exe 2008-09-24 03:29:13 Detected: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141787.exe 2008-09-24 03:29:13 Deleted: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141787.exe 2008-09-24 03:29:13 Detected: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141789.exe 2008-09-24 03:29:13 Deleted: Trojan-Downloader.Win32.Hoaxer.a C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP581\A0141789.exe 2008-09-24 03:29:13 Detected: Backdoor.Win32.Frauder.hp C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145610.exe 2008-09-24 03:29:13 Deleted: Backdoor.Win32.Frauder.hp C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145610.exe 2008-09-24 03:29:13 Detected: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145613.dll 2008-09-24 03:29:13 Deleted: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145613.dll 2008-09-24 03:29:13 Detected: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145614.dll 2008-09-24 03:29:13 Deleted: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145614.dll 2008-09-24 03:29:13 Detected: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145615.dll 2008-09-24 03:29:13 Deleted: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145615.dll 2008-09-24 03:29:13 Detected: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145616.dll 2008-09-24 03:29:13 Deleted: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145616.dll 2008-09-24 03:29:13 Detected: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145618.dll 2008-09-24 03:29:14 Deleted: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145618.dll 2008-09-24 03:29:14 Detected: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145619.dll 2008-09-24 03:29:14 Deleted: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145619.dll 2008-09-24 03:29:14 Detected: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145620.dll 2008-09-24 03:29:14 Deleted: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145620.dll 2008-09-24 03:29:14 Detected: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145621.dll 2008-09-24 03:29:14 Deleted: Trojan.Win32.Monderb.rac C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145621.dll 2008-09-24 03:29:14 Detected: Backdoor.Win32.Frauder.hp C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145622.exe 2008-09-24 03:29:14 Deleted: Backdoor.Win32.Frauder.hp C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP588\A0145622.exe 2008-09-24 03:29:14 Detected: Heur.Trojan.Generic C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP593\A0145999.dll 2008-09-24 03:29:14 Detected: Heur.Trojan.Generic C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP593\A0146002.dll 2008-09-24 03:29:14 Detected: Heur.Trojan.Generic C:\System Volume Information\_restore{619781AC-CF96-4B2F-8E58-2353903809FC}\RP593\A0146003.dll 2008-09-24 03:29:14 Detected: Heur.Trojan.Generic C:\WINDOWS\Temp\TMP1A.exe 2008-09-24 03:29:14 Detected: Heur.Trojan.Generic C:\WINDOWS\Temp\TMP3209.exe 2008-09-24 03:29:14 Detected: Heur.Trojan.Generic C:\WINDOWS\Temp\TMPA15E.exe 2008-09-24 03:29:14 Task completed Full Scan: stopped 2008-09-24 02:40:15 (events: 13, objects: 3878, time: 00:02:56) 2008-09-24 02:44:49 Task started 2008-09-24 02:45:05 Task completed Full Scan: stopped 2008-09-24 02:40:15 (events: 13, objects: 3878, time: 00:02:56) Full Scan: stopped 2008-09-24 02:40:15 (events: 13, objects: 3878, time: 00:02:56) Full Scan: stopped 2008-09-24 02:40:15 (events: 13, objects: 3878, time: 00:02:56) Full Scan: stopped 2008-09-24 02:40:15 (events: 13, objects: 3878, time: 00:02:56) Full Scan: stopped 2008-09-24 02:40:15 (events: 13, objects: 3878, time: 00:02:56) Full Scan: stopped 2008-09-24 02:40:15 (events: 13, objects: 3878, time: 00:02:56) 2008-09-24 11:29:02 Task started 2008-09-24 11:42:57 Detected: Heur.Trojan.Generic C:\program\Trend Micro\HijackThis\backups\backup-20080924-015925-192.dll 2008-09-24 11:42:58 Untreated: Heur.Trojan.Generic C:\program\Trend Micro\HijackThis\backups\backup-20080924-015925-192.dll Postponed 2008-09-24 11:56:51 Detected: Heur.Trojan.Generic C:\program\Trend Micro\HijackThis\backups\backup-20080924-015925-192.dll 2008-09-24 11:56:57 Task completed Dopuna: 24 Sep 2008 13:12 Evo ovo Je sada Kaspersky pokazao u Webb Traffic ; nadam se da ce ti pomoci jer ja neznam vise nista: Date: Future (events: 169) Web Traffic (events: 169) 2008-09-24 13:01:21 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Internet Explorer Detected: Heur.Trojan.Generic 2008-09-24 13:01:17 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 13:01:12 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 13:01:07 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 13:01:02 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 13:00:56 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 13:00:51 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 13:00:46 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 13:00:40 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 13:00:35 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 13:00:30 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 13:00:25 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 13:00:19 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 13:00:14 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 13:00:09 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 13:00:01 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Kör en DLL-fil som ett program Detected: Heur.Trojan.Generic 2008-09-24 12:39:46 Web Traffic Kaspersky Internet Security Task started 2008-09-24 12:13:05 Web Traffic Kaspersky Internet Security Task stopped 2008-09-24 12:01:18 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Internet Explorer Detected: Heur.Trojan.Generic 2008-09-24 12:01:14 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 12:01:09 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 12:01:04 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 12:00:59 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 12:00:54 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 12:00:49 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 12:00:44 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 12:00:39 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 12:00:34 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 12:00:29 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 12:00:25 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 12:00:20 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 12:00:15 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 12:00:10 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 12:00:02 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Kör en DLL-fil som ett program Detected: Heur.Trojan.Generic 2008-09-24 11:17:26 Web Traffic Kaspersky Internet Security Task started 2008-09-24 11:03:10 Web Traffic Kaspersky Internet Security Task stopped 2008-09-24 11:01:29 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Internet Explorer Detected: Heur.Trojan.Generic 2008-09-24 11:00:02 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Kör en DLL-fil som ett program Detected: Heur.Trojan.Generic 2008-09-24 10:27:16 Web Traffic Kaspersky Internet Security Task started 2008-09-24 10:01:14 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Internet Explorer Detected: Heur.Trojan.Generic 2008-09-24 10:01:12 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 10:01:07 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 10:01:02 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 10:00:57 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 10:00:52 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 10:00:47 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 10:00:42 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 10:00:37 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 10:00:32 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 10:00:27 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 10:00:22 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 10:00:17 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 10:00:12 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 10:00:08 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 10:00:01 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Kör en DLL-fil som ett program Detected: Heur.Trojan.Generic 2008-09-24 09:01:14 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Internet Explorer Detected: Heur.Trojan.Generic 2008-09-24 09:01:12 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 09:01:07 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 09:01:02 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 09:00:57 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 09:00:52 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 09:00:47 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 09:00:42 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 09:00:37 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 09:00:32 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 09:00:27 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 09:00:22 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 09:00:17 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 09:00:12 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 09:00:08 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 09:00:01 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Kör en DLL-fil som ett program Detected: Heur.Trojan.Generic 2008-09-24 08:01:14 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Internet Explorer Detected: Heur.Trojan.Generic 2008-09-24 08:01:12 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 08:01:07 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 08:01:02 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 08:00:57 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 08:00:52 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 08:00:47 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 08:00:42 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 08:00:37 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 08:00:32 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 08:00:27 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 08:00:22 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 08:00:17 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 08:00:12 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 08:00:08 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 08:00:01 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Kör en DLL-fil som ett program Detected: Heur.Trojan.Generic 2008-09-24 07:01:14 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Internet Explorer Detected: Heur.Trojan.Generic 2008-09-24 07:01:12 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 07:01:07 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 07:01:02 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 07:00:57 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 07:00:52 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 07:00:47 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 07:00:42 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 07:00:37 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 07:00:32 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 07:00:27 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 07:00:22 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 07:00:17 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 07:00:12 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 07:00:08 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 07:00:01 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Kör en DLL-fil som ett program Detected: Heur.Trojan.Generic 2008-09-24 06:01:14 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Internet Explorer Detected: Heur.Trojan.Generic 2008-09-24 06:01:12 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 06:01:07 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 06:01:02 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 06:00:57 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 06:00:52 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 06:00:47 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 06:00:42 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 06:00:37 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 06:00:32 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 06:00:27 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 06:00:22 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 06:00:17 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 06:00:13 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 06:00:08 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 06:00:01 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Kör en DLL-fil som ett program Detected: Heur.Trojan.Generic 2008-09-24 05:01:14 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Internet Explorer Detected: Heur.Trojan.Generic 2008-09-24 05:01:12 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 05:01:07 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 05:01:02 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 05:00:57 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 05:00:52 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 05:00:47 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 05:00:42 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 05:00:37 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 05:00:32 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 05:00:27 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 05:00:22 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 05:00:17 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 05:00:12 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 05:00:08 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 05:00:01 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Kör en DLL-fil som ett program Detected: Heur.Trojan.Generic 2008-09-24 04:01:16 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Internet Explorer Detected: Heur.Trojan.Generic 2008-09-24 04:01:12 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 04:01:07 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 04:01:02 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 04:00:57 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 04:00:52 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 04:00:47 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 04:00:42 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 04:00:37 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 04:00:32 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 04:00:27 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 04:00:23 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 04:00:18 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 04:00:13 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 04:00:08 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 04:00:01 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Kör en DLL-fil som ett program Detected: Heur.Trojan.Generic 2008-09-24 03:02:15 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Internet Explorer Detected: Heur.Trojan.Generic 2008-09-24 03:01:45 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 03:01:35 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 03:01:26 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 03:01:19 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 03:01:12 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 03:01:06 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 03:00:57 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 03:00:51 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 03:00:44 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 03:00:38 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 03:00:32 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 03:00:23 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 03:00:17 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Generic Host Process for Win32 Services Detected: Heur.Trojan.Generic 2008-09-24 03:00:04 http://77.74.48.101/pldr?uid=81F2621288FF11DDA8AB165739CFFFFF&guid=D422725BEC3E4851875E19566EC379A4&vi=0&ci=0 Kör en DLL-fil som ett program Detected: Heur.Trojan.Generic 2008-09-24 02:41:23 Web Traffic Kaspersky Internet Security Task started 2008-09-24 02:34:33 Web Traffic Kaspersky Internet Security Task started 2008-09-24 02:25:19 Web Traffic Kaspersky Internet Security Task started Web Traffic (events: 169) Web Traffic (events: 169) 2008-09-24 12:39:46 Files and Memory Kaspersky Internet Security Task started 2008-09-24 12:13:05 Files and Memory Kaspersky Internet Security Task stopped 2008-09-24 11:17:26 Files and Memory Kaspersky Internet Security Task started 2008-09-24 11:03:10 Files and Memory Kaspersky Internet Security Task stopped 2008-09-24 10:27:16 Files and Memory Kaspersky Internet Security Task started 2008-09-24 02:41:23 Files and Memory Kaspersky Internet Security Task started 2008-09-24 02:34:33 Files and Memory Kaspersky Internet Security Task started 2008-09-24 02:25:19 Files and Memory Kaspersky Internet Security Task started

Profil

helen1 Poslao: 24 Sep 2008 13:21 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jel imas taj ComboFix log da mi ga ovde postavis?

Profil

ivan.b Poslao: 24 Sep 2008 16:54 Idi na vrh
offline ivan.b Novi MyCity građanin Pridružio: 24 Sep 2008 Poruke: 11	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Posle svega sto sam radio prema uputstvima sa foruma izbisao sam ja sve i svasta pa vise ni sam neznam sta dalje da radim.Kada pretrazujem kompjuter sa programima za detekciju trojana nenalazi se nista, ali mi Kaspersky javlaj da sprecava programe trojanca da kontaktira internet. Neznam gde da trazim taj fil koji trazis od mene ako mi mozes pomoci bio bih zahvalan. Ivan

Profil

helen1 Poslao: 24 Sep 2008 17:04 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Taj fajl bi trebao da se nalazi na sledecoj lokaciji: C:\ComboFix.txt Ako ga ne nadjes, reci, pa da radimo dalje.

Profil

ivan.b Poslao: 24 Sep 2008 17:13 Idi na vrh
offline ivan.b Novi MyCity građanin Pridružio: 24 Sep 2008 Poruke: 11	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pokusao sam da ga nadjem ali nema ga nigde.Verovatno da sam ga izbrisao u ocaju!!!

Profil

helen1 Poslao: 24 Sep 2008 17:20 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradi onda sledece: * Klikni desnim tasterom na Kaspersky ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Pause Protection. * U prozoru koji se otvori, izaberi By User Request. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. ---------------------------------------- Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

ivan.b Poslao: 24 Sep 2008 17:29 Idi na vrh
offline ivan.b Novi MyCity građanin Pridružio: 24 Sep 2008 Poruke: 11	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo odgovora od ComboFix : ComboFix 08-09-22.06 - Ivan Bosnjak 2008-09-24 17:19:39.2 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1053.18.1500 [GMT 2:00] Running from: C:\Documents and Settings\Ivan Bosnjak\Skrivbord\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat ----- BITS: Possible infected sites ----- hxxp://77.74.48.101 . ((((((((((((((((((((((((( Files Created from 2008-08-24 to 2008-09-24 ))))))))))))))))))))))))))))))) . 2008-09-24 15:03 . 2008-09-24 15:03 <KAT> dr------- C:\Documents and Settings\LocalService\Favoriter 2008-09-24 13:10 . 2008-09-24 13:10 <KAT> d-------- C:\Program\Sunbelt Software 2008-09-24 13:10 . 2008-09-24 13:10 <KAT> d-------- C:\Documents and Settings\Ivan Bosnjak\Application Data\Sunbelt 2008-09-24 13:10 . 2008-09-24 13:10 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\Sunbelt 2008-09-24 11:11 . 2008-09-24 11:11 <KAT> d-------- C:\WINDOWS\system32\config\systemprofile\Lokala instõllningar 2008-09-24 11:11 . 2008-09-24 11:11 <KAT> d-------- C:\Documents and Settings\NetworkService\Lokala instõllningar 2008-09-24 11:11 . 2008-09-24 11:11 <KAT> d-------- C:\Documents and Settings\LocalService\Lokala instõllningar 2008-09-24 11:11 . 2008-09-24 11:11 <KAT> d-------- C:\Documents and Settings\Ivan Bosnjak\Lokala instõllningar 2008-09-24 02:22 . 2008-09-24 02:32 96,976 --a------ C:\WINDOWS\system32\drivers\klin.dat 2008-09-24 02:22 . 2008-09-24 02:22 87,855 --a------ C:\WINDOWS\system32\drivers\klick.dat 2008-09-24 02:21 . 2008-09-24 02:21 <KAT> d-------- C:\Program\Kaspersky Lab 2008-09-24 02:21 . 2008-09-24 16:32 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-09-24 02:21 . 2008-09-24 16:31 3,455,008 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-09-24 02:21 . 2008-09-24 16:31 573,472 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2008-09-24 02:21 . 2008-09-24 16:31 28,072 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2008-09-24 02:21 . 2008-09-24 16:31 3,040 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx 2008-09-24 02:03 . 2008-09-24 02:03 <KAT> d-------- C:\Program\Microsoft Windows OneCare Live 2008-09-24 01:53 . 2008-09-24 01:53 <KAT> d-------- C:\Program\Trend Micro 2008-09-24 01:44 . 2008-09-24 02:03 <KAT> d-------- C:\Program\Windows Live Safety Center 2008-09-24 01:20 . 2008-09-24 01:21 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-09-24 01:19 . 2008-09-24 01:19 <KAT> d-------- C:\Program\Delade filer\Wise Installation Wizard 2008-09-24 01:18 . 2008-09-24 01:18 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files 2008-09-23 16:48 . 2008-09-24 00:07 <KAT> d-------- C:\Program\Enigma Software Group 2008-09-23 08:05 . 2008-09-23 22:50 349,478 --ahs---- C:\WINDOWS\system32\ggjmnnpo.ini2 2008-09-23 08:05 . 2008-09-23 08:05 327,168 --a------ C:\WINDOWS\system32\opnnmjgg.VIR 2008-09-23 01:38 . 2008-09-23 01:44 2,316 --ahs---- C:\WINDOWS\system32\dJkTCcdd.ini2 2008-09-23 01:38 . 2008-09-23 01:46 2,316 --ahs---- C:\WINDOWS\system32\dJkTCcdd.ini 2008-09-23 01:33 . 2008-09-23 01:33 53,248 --ahs---- C:\WINDOWS\system32\mlJdBssq.dll 2008-09-22 15:42 . 2008-09-22 15:47 <KAT> d-------- C:\Program\Microsoft Student 2008-09-22 15:41 . 2008-09-22 15:41 <KAT> d-------- C:\Program\Learning Essentials 2008-09-22 15:41 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2008-09-16 09:43 . 2008-09-16 09:45 <KAT> d-------- C:\Documents and Settings\Ivan Bosnjak\Application Data\vlc 2008-09-11 08:22 . 2008-09-11 08:22 <KAT> d-------- C:\Program\iTunes 2008-09-11 08:22 . 2008-09-11 08:22 <KAT> d-------- C:\Program\iPod 2008-09-11 08:21 . 2008-09-22 08:05 <KAT> d-------- C:\Program\Bonjour 2008-09-06 15:09 . 2008-09-06 15:09 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx 2008-09-06 15:09 . 2008-09-06 15:09 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts 2008-09-04 11:01 . 2008-09-19 13:13 <KAT> d-------- C:\Program\Delade filer\Symantec Shared 2008-08-29 10:18 . 2008-08-29 10:18 87,336 --a------ C:\WINDOWS\system32\dns-sd.exe 2008-08-29 09:53 . 2008-08-29 09:53 61,440 --a------ C:\WINDOWS\system32\dnssd.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-24 14:55 --------- d-----w C:\Program\Mozilla Thunderbird 2008-09-24 14:29 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-09-24 10:42 --------- d-----w C:\Program\Delade filer\Real 2008-09-23 23:20 --------- d-----w C:\Program\Lavasoft 2008-09-23 22:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avg8 2008-09-23 22:10 --------- d-----w C:\Program\jouououoi 2008-09-23 22:09 --------- d--h--w C:\Program\InstallShield Installation Information 2008-09-23 00:33 --------- d-----w C:\Documents and Settings\Ivan Bosnjak\Application Data\BitTorrent 2008-09-22 23:39 --------- d-----w C:\Program\Yahoo! 2008-09-20 00:01 --------- d-----w C:\Program\BitTorrent 2008-09-16 07:45 --------- d-----w C:\Documents and Settings\Ivan Bosnjak\Application Data\vlc 2008-09-12 15:25 --------- d-----w C:\Documents and Settings\Ivan Bosnjak\Application Data\PowerChallenge 2008-09-11 06:20 --------- d-----w C:\Program\QuickTime 2008-09-11 06:20 --------- d-----w C:\Program\Delade filer\Apple 2008-09-10 14:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-09-04 09:07 --------- d-----w C:\Documents and Settings\Ivan Bosnjak\Application Data\Symantec 2008-08-23 14:42 --------- d-----w C:\Program\Java 2008-08-19 21:09 --------- d-----w C:\Program\Microsoft Silverlight 2008-08-18 21:31 --------- d-----w C:\Program\Delade filer\BitDefender 2008-08-18 21:31 --------- d-----w C:\Program\BitDefender 2008-08-18 21:29 --------- d-----w C:\Program\Comodo 2008-08-18 21:29 --------- d-----w C:\Documents and Settings\Ivan Bosnjak\Application Data\Comodo 2008-08-18 14:08 4,608 ----a-w C:\WINDOWS\system32\w95inf32.dll 2008-08-18 14:08 2,272 ----a-w C:\WINDOWS\system32\w95inf16.dll 2008-08-18 13:32 --------- d-----w C:\Program\Apple Software Update 2008-07-29 18:21 218,376 ----a-w C:\WINDOWS\system32\klogon.dll 2008-07-29 18:20 24,774 ----a-w C:\WINDOWS\system32\drivers\klopp.dat 2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll 2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll 2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe 2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe 2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll 2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll 2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll 2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll 2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll 2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll 2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll 2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll 2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll 2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll 2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll 2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll 2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll 2008-07-07 20:29 253,952 ----a-w C:\WINDOWS\system32\es.dll 2008-07-07 20:29 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll 2008-06-24 16:46 74,240 ----a-w C:\WINDOWS\system32\mscms.dll 2008-06-24 16:46 74,240 ------w C:\WINDOWS\system32\dllcache\mscms.dll 2008-06-24 16:12 295,936 ------w C:\WINDOWS\system32\wmpeffects.dll 2008-06-24 08:42 3,592,192 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360] "ccleaner"="C:\Program\CCleaner\ccleaner.exe" [2008-08-22 1234160] "ISUSPM"="C:\Program\Delade filer\InstallShield\UpdateService\isuspm.exe" [2006-09-11 218032] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DMXLauncher"="C:\Program\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 86016] "SunJavaUpdateSched"="C:\Program\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "IAAnotif"="C:\Program\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552] "CTSysVol"="C:\Program\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344] "DVDLauncher"="C:\Program\CyberLink\PowerDVD\DVDLauncher.exe" [2006-04-06 49152] "QuickTime Task"="C:\Program\QuickTime\QTTask.exe" [2008-09-06 413696] "AppleSyncNotifier"="C:\Program\Delade filer\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936] "iTunesHelper"="C:\Program\iTunes\iTunesHelper.exe" [2008-09-08 289576] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-07-09 7110656] "AVP"="C:\Program\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-07-29 206088] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="C:\Program\DELADE~1\MICROS~1\DW\dwtrig20.exe" [2007-08-24 437160] C:\Documents and Settings\All Users\Start-meny\Program\Autostart\ BankID s„kerhetsprogram.lnk - C:\Program\Personal\bin\Personal.exe [2008-06-17 910864] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program\\BitTorrent\\bittorrent.exe"= "C:\\Program\\Bonjour\\mDNSResponder.exe"= "C:\\Program\\iTunes\\iTunes.exe"= R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys [2008-01-29 32784] R1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys [2007-03-16 33920] R2 AdobeActiveFileMonitor;Adobe Active File Monitor;C:\Program\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-20 98304] R2 NMSAccessU;NMSAccessU;C:\Program\CDBurnerXP\NMSAccessU.exe [2007-10-12 71096] R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;C:\Program\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-20 118784] R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\WINDOWS\system32\DRIVERS\klfltdev.sys [2008-03-13 26640] R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2008-04-30 24592] S2 BDVEDISK;BDVEDISK;C:\Program\BitDefender\BitDefender 2009\BDVEDISK.sys [ ] S3 MEMSWEEP2;MEMSWEEP2;C:\WINDOWS\system32\135A.tmp [ ] S3 SBRE;SBRE;C:\WINDOWS\system32\drivers\SBREdrv.sys [ ] S3 tapvpn;TAP VPN Adapter;C:\WINDOWS\system32\DRIVERS\tapvpn.sys [2007-06-08 27136] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I] \Shell\AutoRun\command - I:\Autorun.exe . Contents of the 'Scheduled Tasks' folder . . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\Ivan Bosnjak\Application Data\Mozilla\Firefox\Profiles\abjmqqk1.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://di.se/ FF -: plugin - C:\Documents and Settings\Ivan Bosnjak\Lokala instÃ¤llningar\Application Data\Google\Update\1.2.131.11\npGoogleOneClick5.dll FF -: plugin - C:\Program\DivX\DivX Content Uploader\npUpload.dll FF -: plugin - C:\Program\iTunes\Mozilla Plugins\npitunes.dll FF -: plugin - C:\Program\Mozilla Firefox\plugins\npbittorrent.dll FF -: plugin - C:\Program\Mozilla Firefox\plugins\npgcplug.dll FF -: plugin - C:\Program\Mozilla Firefox\plugins\npmozax.dll FF -: plugin - C:\Program\Mozilla Firefox\plugins\npqtplugin8.dll FF -: plugin - C:\Program\Mozilla Firefox\plugins\npracplug.dll FF -: plugin - C:\Program\Personal\bin\np_prsnl.dll FF -: plugin - C:\Program\QuickTime\Plugins\npqtplugin8.dll FF -: plugin - C:\Program\Real\RealArcade\Plugins\Mozilla\npracplug.dll FF -: plugin - C:\Program\Yahoo!\Common\npyaxmpb.dll . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-09-24 17:21:34 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\system\ControlSet012\Services\MEMSWEEP2] "ImagePath"="\??\C:\WINDOWS\system32\135A.tmp" . Completion time: 2008-09-24 17:23:10 ComboFix-quarantined-files.txt 2008-09-24 15:22:28 Pre-Run: 204 683 915 264 byte ledigt Post-Run: 204,657,725,440 byte ledigt 199 --- E O F --- 2008-09-23 23:33:35

Profil

helen1 Poslao: 24 Sep 2008 18:22 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ugasi AV ponovo pa uradi sledece: Otvoriti Notepad i iskopirati sledeci tekst: `File:: C:\WINDOWS\system32\ggjmnnpo.ini2 C:\WINDOWS\system32\opnnmjgg.VIR C:\WINDOWS\system32\dJkTCcdd.ini2 C:\WINDOWS\system32\dJkTCcdd.ini C:\WINDOWS\system32\mlJdBssq.dll DirLook:: C:\Program\jouououoi` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » [helen1]Trojanci Pomoc Pomoc!!

Ko je trenutno na forumu

Ukupno su 745 korisnika na forumu :: 30 registrovanih, 5 sakrivenih i 710 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., Bobrock1, Boris BM, darkangel, Djokislav, Djole, draganca, DragoslavS, indja, janbo, Komentator, krkalon, Lazarus, loon123, Mi lao shu, Mixelotti, naki011, nenad81, nikoladim, Njemac, pein, Petar35, RecA, Srle993, Trpe Grozni, vladetije, vladulns, W123, x9, |_MeD_|

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by