Možda tražite i:
mbam i sas nasli viruse dali su to stvarno virusi?
virus,virusi ili....

MyCity » Ambulanta -> Arhiva Ambulante » ubise me virusi

ubise me virusi

Napisano na dan: 30.6.2008

ubise me virusi

Sledeća strana

Pagination

Odgovori

bigi_jan Poslao: 30 Jun 2008 23:17 Idi na vrh
offline bigi_jan Novi MyCity građanin Pridružio: 29 Jun 2008 Poruke: 5	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! pun mi je kompjuter virusa a kasperski anti virus 7.0 ih ne prepoznaje instaliro sam antivirus 2008 i 2009, ali mi trazi registrcioni kljuc koji ja nemam zamolio biuh sve koji mogu nesto da urade povodom ovog mog problema ili da me uputi kako da se rjesim ovih virusa unaprijed se zahvaljujem

Profil

nikoola Poslao: 30 Jun 2008 23:27 Idi na vrh
offline nikoola Legendarni građanin Pridružio: 12 Jan 2004 Poruke: 9661 Gde živiš: Čačak	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ispostuj ova pravila za otvaranje teme u Ambulanti. http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Profil

bigi_jan Poslao: 01 Jul 2008 00:00 Idi na vrh
offline bigi_jan Novi MyCity građanin Pridružio: 29 Jun 2008 Poruke: 5	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of HijackThis v1.99.1 Scan saved at 23:54: VIRUS ALERT!, on 30.6.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre1.6.0_06\bin\javaw.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\DEJAN\Desktop\janko\TR3.exe..exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2 O2 - BHO: &Research - {037C7B8A-151A-49E6-BAED-CC05FCB50328} - C:\WINDOWS\system32\winsrc.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O2 - BHO: QXK Olive - {F327577A-E97C-40D6-810A-2B2223087314} - C:\WINDOWS\gfetqaxsbop.dll O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: gxvpsafm - {4E015B1B-BE52-49BD-9434-A3CB37B71A29} - C:\WINDOWS\gxvpsafm.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe O4 - HKLM\..\Run: [SpyHunter Security Suite] C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [antivirus-2008pro.exe] C:\Program Files\Antivirus 2008 PRO\antivirus-2008pro.exe O4 - HKCU\..\Run: [57439406475775771786947133300387] C:\Program Files\Antivirus 2009\av2009.exe O4 - HKCU\..\Run: [ieupdate] "C:\WINDOWS\system32\ieupdates.exe" O4 - Startup: MP3 Rocket (Minimized).lnk = C:\Program Files\MP3 Rocket\MP3Rocket.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{B0C55B2B-4FF1-4B91-8E0F-0727C1FC7B09}: NameServer = 87.250.98.250 208.67.222.222 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing) O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

Profil

helen1 Poslao: 01 Jul 2008 07:15 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, * Klikni desnim tasterom na Kaspersky ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Pause Protection. * U prozoru koji se otvori, izaberi By User Request. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. 1) Preuzmi program SmitFraudFix sa ovog linka. 2.) Restartuj računar i podigni sistem u Safe Mode-u. [ Safe Mode info link ] 3.) Pronađi i dvoklikom pokreni fajl Smitfraudfix.exe. Kada se alat za uklanjanje prvi put startuje pokazaće ti se ekran za odobrenje. Jednostavno pritisni bilo koje dugme na tastaturi za prelazak na sledeći korak. 4.) 5.) Program će početi sa čišćenjem kompjutera. Posle završenog čišćenja SmitfraudFix-om pokrenuće ti se Windows-ov program Disk Cleanup. 6.) Biće ti postavljeno pitanje: "Registry cleaning - Do you want to clean the registry ?" odgovori "Yes" kucajući Y (i potvrdi sa Enter) 7.) Program će takođe proveriti da li je wininet.dll inficiran. Ukoliko jeste, bićeš upitan(a) oko zamene wininet.dll. Odgovori "Yes" na pitanje "Replace infected file ?" kucajući Y (i potvrdi sa Enter) Nakon što SmitFraudFix završi svoj posao, postavi nam ovde log koji se nalazi na C:\rapport.txt i svež HJT log.

Profil

bigi_jan Poslao: 02 Jul 2008 19:06 Idi na vrh
offline bigi_jan Novi MyCity građanin Pridružio: 29 Jun 2008 Poruke: 5	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! SmitFraudFix v2.328 Scan done at 23:44:02.90, Tue 07/01/2008 Run from C:\Documents and Settings\DEJAN\Desktop\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT The filesystem type is NTFS Fix run in safe mode »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» VACFix VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files »»»»»»»»»»»»»»»»»»»»»»»» IEDFix IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: D-Link AirPlus G DWL-G510 Wireless PCI Adapter(rev.C) - Packet Scheduler Miniport DNS Server Search Order: 10.0.0.2 HKLM\SYSTEM\CCS\Services\Tcpip\..\{544746AD-315F-4A21-81E3-E0783F33E49B}: DhcpNameServer=10.0.0.2 HKLM\SYSTEM\CCS\Services\Tcpip\..\{B0C55B2B-4FF1-4B91-8E0F-0727C1FC7B09}: NameServer=87.250.98.250 208.67.222.222 HKLM\SYSTEM\CS1\Services\Tcpip\..\{544746AD-315F-4A21-81E3-E0783F33E49B}: DhcpNameServer=10.0.0.2 HKLM\SYSTEM\CS1\Services\Tcpip\..\{B0C55B2B-4FF1-4B91-8E0F-0727C1FC7B09}: NameServer=87.250.98.250 208.67.222.222 HKLM\SYSTEM\CS2\Services\Tcpip\..\{544746AD-315F-4A21-81E3-E0783F33E49B}: DhcpNameServer=10.0.0.2 HKLM\SYSTEM\CS2\Services\Tcpip\..\{B0C55B2B-4FF1-4B91-8E0F-0727C1FC7B09}: NameServer=87.250.98.250 208.67.222.222 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.2 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.2 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.2 »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning Registry Cleaning done. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» End Dopuna: 02 Jul 2008 0:23 Logfile of HijackThis v1.99.1 Scan saved at 00:22: VIRUS ALERT!, on 2.7.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\Program Files\D-Link\AirPlus G\AirGCFG.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\WINDOWS\PixArt\PAC207\Monitor.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Antivirus 2008 PRO\antivirus-2008pro.exe C:\Program Files\Antivirus 2009\av2009.exe C:\WINDOWS\system32\ieupdates.exe C:\Program Files\Java\jre1.6.0_06\bin\javaw.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\DEJAN\Desktop\janko\TR3.exe..exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2 O2 - BHO: &Research - {037C7B8A-151A-49E6-BAED-CC05FCB50328} - C:\WINDOWS\system32\winsrc.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O2 - BHO: QXK Olive - {F327577A-E97C-40D6-810A-2B2223087314} - C:\WINDOWS\gfetqaxsbop.dll (file missing) O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: gxvpsafm - {4E015B1B-BE52-49BD-9434-A3CB37B71A29} - C:\WINDOWS\gxvpsafm.dll (file missing) O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC207\Monitor.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [antivirus-2008pro.exe] C:\Program Files\Antivirus 2008 PRO\antivirus-2008pro.exe O4 - HKCU\..\Run: [57439406475775771786947133300387] C:\Program Files\Antivirus 2009\av2009.exe O4 - HKCU\..\Run: [ieupdate] "C:\WINDOWS\system32\ieupdates.exe" O4 - Startup: MP3 Rocket (Minimized).lnk = C:\Program Files\MP3 Rocket\MP3Rocket.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{B0C55B2B-4FF1-4B91-8E0F-0727C1FC7B09}: NameServer = 87.250.98.250 208.67.222.222 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing) O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: ThreatFire - Unknown owner - C:\Program Files\ThreatFire\TFService.exe (file missing) Dopuna: 02 Jul 2008 0:32 pozdrav, jos uvijek sam pun virusa Dopuna: 02 Jul 2008 6:54 obriso sam neke anti virus programe i instaliro sam free avg kompjuter radi ali jos uvjek mi prikazuje viruse Dopuna: 02 Jul 2008 19:06 molim za dalja upustva zahvalan unaprijed

Profil

helen1 Poslao: 02 Jul 2008 19:14 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! * Klikni desnim tasterom na Kaspersky ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Pause Protection. * U prozoru koji se otvori, izaberi By User Request. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. --------------------- Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

bigi_jan Poslao: 04 Jul 2008 19:21 Idi na vrh
offline bigi_jan Novi MyCity građanin Pridružio: 29 Jun 2008 Poruke: 5	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-07-03.5 - DEJAN 2008-07-04 18:52:21.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.197 [GMT 2:00] Running from: C:\Documents and Settings\DEJAN\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\DEJAN\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus-2008pro.lnk C:\Documents and Settings\DEJAN\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus 2009.lnk C:\Documents and Settings\DEJAN\Desktop\antivirus-2008pro.lnk C:\Documents and Settings\DEJAN\Desktop\Antivirus 2009.lnk C:\Documents and Settings\DEJAN\Desktop\Error Cleaner.url C:\Documents and Settings\DEJAN\Desktop\Privacy Protector.url C:\Documents and Settings\DEJAN\Favorites\Error Cleaner.url C:\Documents and Settings\DEJAN\Favorites\Privacy Protector.url C:\Documents and Settings\DEJAN\Favorites\Spyware&Malware Protection.url C:\Documents and Settings\DEJAN\Start Menu\Antivirus 2009 C:\Documents and Settings\DEJAN\Start Menu\Antivirus 2009\Antivirus 2009.lnk C:\Documents and Settings\DEJAN\Start Menu\Antivirus 2009\Uninstall Antivirus 2009.lnk C:\Documents and Settings\DEJAN\Start Menu\Programs\Antivirus 2008 PRO C:\Documents and Settings\DEJAN\Start Menu\Programs\Antivirus 2008 PRO\antivirus-2008pro.lnk . ((((((((((((((((((((((((( Files Created from 2008-06-04 to 2008-07-04 ))))))))))))))))))))))))))))))) . 2008-07-04 07:28 . 2008-07-04 07:28 <DIR> d-------- C:\WINDOWS\LastGood 2008-07-02 12:22 . 2008-07-03 15:15 <DIR> d-------- C:\Documents and Settings\DEJAN\Application Data\Skype 2008-07-02 12:21 . 2008-07-02 12:21 <DIR> d-------- C:\Program Files\Skype 2008-07-02 12:21 . 2008-07-02 12:21 <DIR> d-------- C:\Program Files\Common Files\Skype 2008-07-02 12:09 . 2001-08-17 13:56 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS 2008-07-02 12:09 . 2001-08-17 13:56 7,552 --a--c--- C:\WINDOWS\system32\dllcache\sonypvu1.sys 2008-07-02 01:18 . 2008-07-04 12:51 <DIR> d--h----- C:\$AVG8.VAULT$ 2008-07-02 01:12 . 2008-07-03 23:56 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg 2008-07-02 01:12 . 2008-07-02 01:12 <DIR> d-------- C:\Program Files\AVG 2008-07-02 01:12 . 2008-07-03 21:03 <DIR> d-------- C:\Documents and Settings\DEJAN\Application Data\AVGTOOLBAR 2008-07-02 01:12 . 2008-07-02 01:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8 2008-07-02 01:12 . 2008-07-02 01:12 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys 2008-07-02 01:12 . 2008-07-02 01:12 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys 2008-07-02 01:12 . 2008-07-02 01:12 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll 2008-07-02 00:03 . 2008-07-02 01:12 <DIR> d-------- C:\Documents and Settings\Administrator.BUVARA-1CC075E0.000 2008-07-01 23:41 . 2008-07-01 23:44 2,124 --a------ C:\WINDOWS\system32\tmp.reg 2008-07-01 23:39 . 2008-07-01 23:39 <DIR> d-------- C:\Documents and Settings\Administrator.BUVARA-1CC075E0 2008-07-01 23:19 . 2008-07-01 23:19 <DIR> d-------- C:\Documents and Settings\Administrator 2008-07-01 07:03 . 2008-07-02 00:02 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-07-01 07:02 . 2008-07-01 07:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Tools 2008-07-01 07:02 . 2008-04-24 16:52 12,608 --a------ C:\WINDOWS\system32\drivers\TfKbMon.sys 2008-07-01 01:47 . 2008-07-02 14:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-06-30 23:32 . 2008-06-30 23:32 <DIR> d-------- C:\Program Files\Common Files\Adobe 2008-06-30 22:28 . 2008-07-02 00:09 <DIR> d-------- C:\Program Files\Enigma Software Group 2008-06-29 22:15 . 2008-06-29 22:15 <DIR> d-------- C:\Documents and Settings\DEJAN\Application Data\skypePM 2008-06-29 22:15 . 2008-06-29 22:15 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat 2008-06-29 22:10 . 2008-07-02 12:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype 2008-06-29 08:45 . 2008-06-29 08:45 <DIR> d--h----- C:\WINDOWS\PIF 2008-06-28 07:11 . 2008-06-28 07:11 <DIR> d-------- C:\Documents and Settings\DEJAN\Application Data\Reallusion 2008-06-28 07:02 . 2007-04-17 00:05 5,632,000 --a------ C:\WINDOWS\system32\RLVirtualCamera.ocx 2008-06-28 07:02 . 2007-03-19 16:00 31,616 --a------ C:\WINDOWS\system32\drivers\RLVrtAuCbl.sys 2008-06-28 06:57 . 2008-06-28 06:57 75 -r-hs---- C:\WINDOWS\CT4CET.bin 2008-06-28 06:56 . 2008-06-28 07:02 <DIR> d-------- C:\Program Files\Reallusion 2008-06-28 06:56 . 2008-06-28 06:56 <DIR> d-------- C:\Program Files\Common Files\Reallusion 2008-06-28 06:48 . 2008-06-28 06:48 <DIR> d-------- C:\WINDOWS\PixArt 2008-06-28 06:48 . 2008-06-28 06:48 <DIR> d-------- C:\WINDOWS\Downloaded Installations 2008-06-28 06:48 . 2008-06-28 06:48 <DIR> d-------- C:\Program Files\Common Files\PAC207 2008-06-28 06:48 . 2006-11-03 10:59 48,128 --a------ C:\WINDOWS\system32\Remove.exe 2008-06-28 06:48 . 2007-05-09 14:20 284 --a------ C:\WINDOWS\system32\Remover.ini 2008-06-28 06:47 . 2005-04-03 20:56 1,060,864 --a------ C:\WINDOWS\system32\mfc71.dll 2008-06-28 06:47 . 2005-01-28 14:15 7,064 --a------ C:\WINDOWS\system32\WMVCORE.lib 2008-06-28 06:46 . 2008-06-28 17:46 <DIR> d-------- C:\WINDOWS\Album 2008-06-28 06:46 . 2008-06-28 06:46 <DIR> d-------- C:\Program Files\KYE 2008-06-28 06:45 . 2008-06-28 06:45 <DIR> d-------- C:\Documents and Settings\DEJAN\Application Data\InstallShield 2008-06-25 20:21 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-06-25 20:21 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll 2008-06-25 20:21 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-06-25 14:14 . 2008-06-25 14:14 <DIR> d---s---- C:\Documents and Settings\DEJAN\UserData 2008-06-25 12:26 . 2008-06-25 12:26 <DIR> d-------- C:\Program Files\Windows Live 2008-06-25 12:26 . 2008-06-25 12:49 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2008-06-25 12:26 . 2008-06-25 21:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-06-24 22:24 . 2008-06-24 22:24 <DIR> d-------- C:\Program Files\Common Files\NSV 2008-06-24 19:35 . 2008-06-24 19:35 <DIR> d-------- C:\Program Files\ANI 2008-06-24 19:33 . 2008-06-30 23:30 <DIR> d-------- C:\Documents and Settings\DEJAN\Application Data\AdobeUM 2008-06-24 19:31 . 2008-06-24 19:31 <DIR> d-------- C:\WINDOWS\Cache 2008-06-23 17:50 . 2008-06-23 17:50 <DIR> d--hs---- C:\WINDOWS\ftpcache 2008-06-23 17:49 . 2008-06-23 17:49 33 --a------ C:\WINDOWS\SYMGAMES.INI 2008-06-23 17:30 . 2008-06-23 17:30 <DIR> d-------- C:\Documents and Settings\DEJAN\WINDOWS 2008-06-19 01:07 . 2008-07-04 07:23 <DIR> d-------- C:\Documents and Settings\DEJAN\Shared 2008-06-19 01:07 . 2008-07-04 13:12 <DIR> d-------- C:\Documents and Settings\DEJAN\Incomplete 2008-06-19 00:57 . 2008-06-29 23:06 <DIR> d-------- C:\Documents and Settings\DEJAN\Application Data\MP3Rocket 2008-06-19 00:56 . 2008-07-04 12:20 <DIR> d-------- C:\Program Files\MP3 Rocket 2008-06-19 00:56 . 2008-06-19 00:56 <DIR> d-------- C:\Program Files\AskSBar 2008-06-17 12:42 . 2008-06-17 12:42 <DIR> d-------- C:\WINDOWS\Sun 2008-06-17 12:36 . 2008-06-17 12:36 <DIR> d-------- C:\Program Files\Sun 2008-06-17 12:34 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-06-17 12:33 . 2008-06-17 12:34 <DIR> d-------- C:\Program Files\Java 2008-06-17 12:20 . 2008-06-17 12:20 <DIR> d-------- C:\Program Files\Common Files\Java 2008-06-17 03:02 . 2008-06-17 03:02 <DIR> d-------- C:\Program Files\MSXML 4.0 2008-06-16 12:14 . 2008-06-13 15:10 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys 2008-06-16 12:14 . 2008-06-13 15:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-06-16 08:05 . 2008-06-21 03:00 <DIR> d--h----- C:\WINDOWS\$hf_mig$ 2008-06-16 08:05 . 2005-06-28 10:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe 2008-06-15 19:47 . 2008-06-28 10:00 <DIR> d-------- C:\Documents and Settings\DEJAN\Contacts 2008-06-15 19:40 . 2008-06-15 19:40 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE 2008-06-15 19:40 . 2008-06-15 19:40 <DIR> d-------- C:\Program Files\MSN Messenger 2008-06-15 19:40 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys 2008-06-15 19:28 . 2008-06-15 19:28 <DIR> d-------- C:\Program Files\Kaspersky Lab 2008-06-15 19:28 . 2008-07-04 07:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-06-15 19:28 . 2008-07-04 18:55 9,393,696 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-06-15 19:28 . 2008-07-04 18:54 235,296 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2008-06-15 19:28 . 2008-07-04 00:23 118,208 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2008-06-15 19:28 . 2008-06-15 20:51 96,966 --a------ C:\WINDOWS\system32\drivers\klin.dat 2008-06-15 19:28 . 2008-06-15 20:51 88,774 --a------ C:\WINDOWS\system32\drivers\klick.dat 2008-06-15 19:28 . 2008-07-04 00:23 24,620 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx 2008-06-15 19:27 . 2008-06-15 19:27 <DIR> d-------- C:\kav 2008-06-15 19:09 . 2008-06-15 19:09 <DIR> d-------- C:\Documents and Settings\DEJAN\Application Data\Media Player Classic 2008-06-15 19:09 . 2008-07-04 15:05 69 --a------ C:\WINDOWS\NeroDigital.ini 2008-06-15 18:52 . 2008-06-15 18:52 <DIR> d-------- C:\Documents and Settings\DEJAN\Application Data\Nero 2008-06-15 18:50 . 2008-06-15 18:50 <DIR> d-------- C:\Program Files\Nero 2008-06-15 18:50 . 2008-06-15 18:51 <DIR> d-------- C:\Program Files\Common Files\Nero 2008-06-15 18:50 . 2008-06-15 18:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nero 2008-06-15 18:41 . 2008-06-15 18:41 <DIR> d-------- C:\Program Files\YouTube Downloader 2008-06-15 18:39 . 2008-06-15 20:27 <DIR> d-------- C:\Program Files\mIRC 2008-06-15 18:39 . 2008-06-15 21:12 <DIR> d-------- C:\Documents and Settings\DEJAN\Application Data\mIRC 2008-06-15 18:03 . 2008-06-15 18:03 <DIR> d-------- C:\Program Files\CCleaner 2008-06-15 16:47 . 2005-09-14 21:05 516,096 --------- C:\WINDOWS\system32\ati2sgag.exe 2008-06-15 16:46 . 2008-06-15 16:47 <DIR> d-------- C:\Program Files\ATI Technologies 2008-06-15 16:46 . 2008-06-15 16:46 <DIR> d-------- C:\ATI 2008-06-15 16:44 . 2002-07-17 09:20 45,056 --a------ C:\WINDOWS\system32\WNASPI32.DLL 2008-06-15 16:44 . 2002-07-17 08:53 16,877 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS 2008-06-15 16:44 . 2002-07-17 16:22 5,600 --a------ C:\WINDOWS\system\WINASPI.DLL 2008-06-15 16:44 . 2002-07-17 16:22 4,672 --a------ C:\WINDOWS\system\WOWPOST.EXE 2008-06-15 16:43 . 2005-12-15 19:31 <DIR> d-------- C:\adaptec 2008-06-15 16:28 . 2008-06-15 16:28 99,965 --a------ C:\WINDOWS\UninstallFirefox.exe 2008-06-15 16:28 . 2008-06-15 16:28 3,255 --a------ C:\WINDOWS\mozver.dat 2008-06-15 16:28 . 2008-06-15 16:28 0 --a------ C:\WINDOWS\nsreg.dat 2008-06-15 16:21 . 2008-06-23 18:08 3,284 --a------ C:\WINDOWS\system32\ANIWZCS{85367743-3776-450A-8412-71399AC2C0AF} . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-28 05:02 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-06-15 18:51 112,144 ----a-w C:\WINDOWS\system32\drivers\kl1.sys 2008-06-15 15:55 --------- d-----w C:\Program Files\K-Lite Codec Pack 2008-06-15 15:55 --------- d-----w C:\Documents and Settings\DEJAN\Application Data\CyberLink 2008-06-15 15:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-06-15 15:52 --------- d-----w C:\Program Files\Webteh 2008-06-15 15:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink 2008-06-15 15:50 --------- d-----w C:\Program Files\CyberLink 2008-06-15 15:39 --------- d-----w C:\Program Files\Winamp 2008-06-15 15:39 --------- d-----w C:\Documents and Settings\DEJAN\Application Data\Winamp 2008-06-15 14:11 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-06-15 13:51 --------- d-----w C:\Program Files\C-Media 3D Audio 2008-06-15 13:48 --------- d-----w C:\Program Files\D-Link 2008-06-15 13:39 --------- d-----w C:\Program Files\microsoft frontpage 2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys 2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll 2008-04-21 07:04 659,456 ----a-w C:\WINDOWS\system32\wininet.dll 2001-11-23 04:08 712,704 ----a-r C:\WINDOWS\inf\OTHER\AUDIO3D.DLL 2006-06-15 18:33 233,472 ----a-w C:\Program Files\mozilla firefox\plugins\CrazyTalk4Native.dll 2006-05-25 16:43 204,895 ----a-w C:\Program Files\mozilla firefox\plugins\ctdomemhelper.dll 2005-09-29 12:41 77,824 ----a-w C:\Program Files\mozilla firefox\plugins\ctframeplayerobject.dll 2006-06-19 11:10 426,081 ----a-w C:\Program Files\mozilla firefox\plugins\ctplayerobject.dll 2005-02-02 10:19 458,752 ----a-w C:\Program Files\mozilla firefox\plugins\imagickrt.dll 2006-04-10 16:35 139,264 ----a-w C:\Program Files\mozilla firefox\plugins\rlcontentclass.dll 2005-11-09 09:10 204,800 ----a-w C:\Program Files\mozilla firefox\plugins\RLMusicPacker.dll 2005-11-09 09:42 106,496 ----a-w C:\Program Files\mozilla firefox\plugins\RLMusicUnpacker.dll 2006-01-04 09:22 212,992 ----a-w C:\Program Files\mozilla firefox\plugins\RLVoicePacker.dll 2006-01-04 09:21 167,936 ----a-w C:\Program Files\mozilla firefox\plugins\RLVoiceUnpacker.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:56 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-23 14:18 202024] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:54 5674352] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-05-30 15:54 21718312] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-09-14 21:05 344064] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-04-01 20:49 36352] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 20:24 32768] "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 08:51 1836328] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784] "D-Link AirPlus G"="C:\Program Files\D-Link\AirPlus G\AirGCFG.exe" [2005-07-22 10:42 1519616] "ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2004-12-16 17:49 49152] "Monitor"="C:\WINDOWS\PixArt\PAC207\Monitor.exe" [2006-11-03 11:01 319488] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-07-02 01:12 1177368] C:\Documents and Settings\DEJAN\Start Menu\Programs\Startup\ MP3 Rocket (Minimized).lnk - C:\Program Files\MP3 Rocket\MP3Rocket.exe [2007-11-13 19:27:06 116224] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 03:38:16 29696] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.DIV3"= C:\PROGRA~1\K-LITE~1\codecs\DivXc32.dll "VIDC.DIV4"= C:\PROGRA~1\K-LITE~1\codecs\DivXc32f.dll "VIDC.3iv2"= C:\PROGRA~1\K-LITE~1\codecs\3IVXVF~1.DLL "VIDC.HFYU"= C:\PROGRA~1\K-LITE~1\codecs\huffyuv.dll "vidc.i263"= i263_32.drv "VIDC.VP60"= C:\PROGRA~1\K-LITE~1\codecs\vp6vfw.dll "VIDC.VP61"= C:\PROGRA~1\K-LITE~1\codecs\vp6vfw.dll "VIDC.VP62"= C:\PROGRA~1\K-LITE~1\codecs\vp6vfw.dll "VIDC.VP70"= C:\PROGRA~1\K-LITE~1\codecs\vp7vfw.dll "VIDC.VP31"= C:\PROGRA~1\K-LITE~1\codecs\vp31vfw.dll "VIDC.MPG4"= C:\PROGRA~1\K-LITE~1\codecs\Mpg4c32.dll "VIDC.MP42"= C:\PROGRA~1\K-LITE~1\codecs\Mpg4c32.dll "VIDC.MP43"= C:\PROGRA~1\K-LITE~1\codecs\Mpg4c32.dll "VIDC.FFDS"= C:\PROGRA~1\K-LITE~1\ffdshow\ff_vfw.dll "msacm.ac3acm"= C:\PROGRA~1\K-LITE~1\codecs\ac3acm.acm "msacm.lameacm"= C:\PROGRA~1\K-LITE~1\codecs\lameACM.acm "msacm.l3fhg"= C:\PROGRA~1\K-LITE~1\codecs\l3codecp.acm "msacm.divxa32"= C:\PROGRA~1\K-LITE~1\codecs\divxa32.acm "msacm.imc"= imc32.acm [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Java\\jre1.6.0_06\\bin\\javaw.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\Mozilla Firefox\\firefox.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"= "C:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "C:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-07-02 01:12] R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-07-02 01:12] R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-07-02 01:12] R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-07-02 01:12] R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 14:58] R3 PAC207;Eye 110;C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2006-12-05 11:34] R3 ReallusionVirtualAudio;Reallusion Virtual Audio;C:\WINDOWS\system32\DRIVERS\RLVrtAuCbl.sys [2007-03-19 16:00] S2 ThreatFire;ThreatFire;C:\Program Files\ThreatFire\TFService.exe service [] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;"C:\Program Files\MSN Messenger\usnsvc.exe" [2007-01-19 12:54] Newly Created Service - CATCHME . - - - - ORPHANS REMOVED - - - - BHO-{037C7B8A-151A-49E6-BAED-CC05FCB50328} - C:\WINDOWS\system32\winsrc.dll BHO-{F327577A-E97C-40D6-810A-2B2223087314} - C:\WINDOWS\gfetqaxsbop.dll Toolbar-{4E015B1B-BE52-49BD-9434-A3CB37B71A29} - C:\WINDOWS\gxvpsafm.dll HKLM-Run-Cmaudio - cmicnfg.cpl Notify-WgaLogon - (no file) ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-07-04 18:55:04 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-07-04 18:56:04 ComboFix-quarantined-files.txt 2008-07-04 16:56:00 Pre-Run: 22,045,134,848 bytes free Post-Run: 22,406,066,176 bytes free 258 --- E O F --- 2008-07-04 05:28:20 Dopuna: 04 Jul 2008 19:21 uradio sam kako ste mi rekli vise mi nepise u donjem desnom uglu od monitora VIRUS ALERT i vratile su mi se ikonice u start meniju

Profil

helen1 Poslao: 04 Jul 2008 23:33 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sad tek primetih da imas dva antivirusa istovremeno instalirana Odluci se za jedan od njih, drugi uninstaliraj. Pa mi postavi novi ComboFix log.

Profil

bigi_jan Poslao: 05 Jul 2008 20:16 Idi na vrh
offline bigi_jan Novi MyCity građanin Pridružio: 29 Jun 2008 Poruke: 5	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-07-04.6 - DEJAN 2008-07-05 19:53:29.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.229 [GMT 2:00] Running from: C:\Documents and Settings\DEJAN\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-06-05 to 2008-07-05 ))))))))))))))))))))))))))))))) . 2008-07-04 23:40 . 2008-07-04 23:40 57,632 --a------ C:\PA207.DAT 2008-07-02 12:22 . 2008-07-05 19:49 <DIR> d-------- C:\Documents and Settings\DEJAN\Application Data\Skype 2008-07-02 12:21 . 2008-07-02 12:21 <DIR> d-------- C:\Program Files\Skype 2008-07-02 12:21 . 2008-07-02 12:21 <DIR> d-------- C:\Program Files\Common Files\Skype 2008-07-02 12:09 . 2001-08-17 13:56 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS 2008-07-02 12:09 . 2001-08-17 13:56 7,552 --a--c--- C:\WINDOWS\system32\dllcache\sonypvu1.sys 2008-07-02 01:12 . 2008-07-02 01:12 <DIR> d-------- C:\Program Files\AVG 2008-07-02 01:12 . 2008-07-03 21:03 <DIR> d-------- C:\Documents and Settings\DEJAN\Application Data\AVGTOOLBAR 2008-07-02 01:12 . 2008-07-05 17:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8 2008-07-02 00:03 . 2008-07-05 17:41 <DIR> d-------- C:\Documents and Settings\Administrator.BUVARA-1CC075E0.000 2008-07-01 23:41 . 2008-07-01 23:44 2,124 --a------ C:\WINDOWS\system32\tmp.reg 2008-07-01 23:39 . 2008-07-01 23:39 <DIR> d-------- C:\Documents and Settings\Administrator.BUVARA-1CC075E0 2008-07-01 23:19 . 2008-07-01 23:19 <DIR> d-------- C:\Documents and Settings\Administrator 2008-07-01 07:03 . 2008-07-02 00:02 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-07-01 07:02 . 2008-07-01 07:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Tools 2008-07-01 07:02 . 2008-04-24 16:52 12,608 --a------ C:\WINDOWS\system32\drivers\TfKbMon.sys 2008-07-01 01:47 . 2008-07-02 14:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-06-30 23:32 . 2008-06-30 23:32 <DIR> d-------- C:\Program Files\Common Files\Adobe 2008-06-30 22:28 . 2008-07-02 00:09 <DIR> d-------- C:\Program Files\Enigma Software Group 2008-06-29 22:15 . 2008-07-05 17:34 <DIR> d-------- C:\Documents and Settings\DEJAN\Application Data\skypePM 2008-06-29 22:15 . 2008-06-29 22:15 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat 2008-06-29 22:10 . 2008-07-02 12:21 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype 2008-06-29 08:45 . 2008-06-29 08:45 <DIR> d--h----- C:\WINDOWS\PIF 2008-06-28 07:11 . 2008-06-28 07:11 <DIR> d-------- C:\Documents and Settings\DEJAN\Application Data\Reallusion 2008-06-28 07:02 . 2007-04-17 00:05 5,632,000 --a------ C:\WINDOWS\system32\RLVirtualCamera.ocx 2008-06-28 07:02 . 2007-03-19 16:00 31,616 --a------ C:\WINDOWS\system32\drivers\RLVrtAuCbl.sys 2008-06-28 06:57 . 2008-06-28 06:57 75 -r-hs---- C:\WINDOWS\CT4CET.bin 2008-06-28 06:56 . 2008-06-28 07:02 <DIR> d-------- C:\Program Files\Reallusion 2008-06-28 06:56 . 2008-06-28 06:56 <DIR> d-------- C:\Program Files\Common Files\Reallusion 2008-06-28 06:48 . 2008-06-28 06:48 <DIR> d-------- C:\WINDOWS\PixArt 2008-06-28 06:48 . 2008-06-28 06:48 <DIR> d-------- C:\WINDOWS\Downloaded Installations 2008-06-28 06:48 . 2008-06-28 06:48 <DIR> d-------- C:\Program Files\Common Files\PAC207 2008-06-28 06:48 . 2006-11-03 10:59 48,128 --a------ C:\WINDOWS\system32\Remove.exe 2008-06-28 06:48 . 2007-05-09 14:20 284 --a------ C:\WINDOWS\system32\Remover.ini 2008-06-28 06:47 . 2005-04-03 20:56 1,060,864 --a------ C:\WINDOWS\system32\mfc71.dll 2008-06-28 06:47 . 2005-01-28 14:15 7,064 --a------ C:\WINDOWS\system32\WMVCORE.lib 2008-06-28 06:46 . 2008-06-28 17:46 <DIR> d-------- C:\WINDOWS\Album 2008-06-28 06:46 . 2008-06-28 06:46 <DIR> d-------- C:\Program Files\KYE 2008-06-28 06:45 . 2008-06-28 06:45 <DIR> d-------- C:\Documents and Settings\DEJAN\Application Data\InstallShield 2008-06-25 20:21 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-06-25 20:21 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll 2008-06-25 20:21 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-06-25 14:14 . 2008-06-25 14:14 <DIR> d---s---- C:\Documents and Settings\DEJAN\UserData 2008-06-25 12:26 . 2008-06-25 12:26 <DIR> d-------- C:\Program Files\Windows Live 2008-06-25 12:26 . 2008-06-25 12:49 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2008-06-25 12:26 . 2008-06-25 21:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-06-24 22:24 . 2008-06-24 22:24 <DIR> d-------- C:\Program Files\Common Files\NSV 2008-06-24 19:35 . 2008-06-24 19:35 <DIR> d-------- C:\Program Files\ANI 2008-06-24 19:33 . 2008-06-30 23:30 <DIR> d-------- C:\Documents and Settings\DEJAN\Application Data\AdobeUM 2008-06-24 19:31 . 2008-06-24 19:31 <DIR> d-------- C:\WINDOWS\Cache 2008-06-23 17:50 . 2008-06-23 17:50 <DIR> d--hs---- C:\WINDOWS\ftpcache 2008-06-23 17:49 . 2008-06-23 17:49 33 --a------ C:\WINDOWS\SYMGAMES.INI 2008-06-23 17:30 . 2008-06-23 17:30 <DIR> d-------- C:\Documents and Settings\DEJAN\WINDOWS 2008-06-19 01:07 . 2008-07-05 17:43 <DIR> d-------- C:\Documents and Settings\DEJAN\Shared 2008-06-19 01:07 . 2008-07-05 17:48 <DIR> d-------- C:\Documents and Settings\DEJAN\Incomplete 2008-06-19 00:57 . 2008-06-29 23:06 <DIR> d-------- C:\Documents and Settings\DEJAN\Application Data\MP3Rocket 2008-06-19 00:56 . 2008-07-04 12:20 <DIR> d-------- C:\Program Files\MP3 Rocket 2008-06-19 00:56 . 2008-06-19 00:56 <DIR> d-------- C:\Program Files\AskSBar 2008-06-17 12:42 . 2008-06-17 12:42 <DIR> d-------- C:\WINDOWS\Sun 2008-06-17 12:36 . 2008-06-17 12:36 <DIR> d-------- C:\Program Files\Sun 2008-06-17 12:34 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-06-17 12:33 . 2008-06-17 12:34 <DIR> d-------- C:\Program Files\Java 2008-06-17 12:20 . 2008-06-17 12:20 <DIR> d-------- C:\Program Files\Common Files\Java 2008-06-17 03:02 . 2008-06-17 03:02 <DIR> d-------- C:\Program Files\MSXML 4.0 2008-06-16 12:14 . 2008-06-13 15:10 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys 2008-06-16 12:14 . 2008-06-13 15:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-06-16 08:05 . 2008-06-21 03:00 <DIR> d--h----- C:\WINDOWS\$hf_mig$ 2008-06-16 08:05 . 2005-06-28 10:21 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe 2008-06-15 19:47 . 2008-06-28 10:00 <DIR> d-------- C:\Documents and Settings\DEJAN\Contacts 2008-06-15 19:40 . 2008-06-15 19:40 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE 2008-06-15 19:40 . 2008-06-15 19:40 <DIR> d-------- C:\Program Files\MSN Messenger 2008-06-15 19:40 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys 2008-06-15 19:28 . 2008-06-15 19:28 <DIR> d-------- C:\Program Files\Kaspersky Lab 2008-06-15 19:28 . 2008-07-05 17:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-06-15 19:28 . 2008-07-05 19:57 10,436,640 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2008-06-15 19:28 . 2008-07-05 19:57 250,912 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2008-06-15 19:28 . 2008-07-05 17:42 145,088 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx 2008-06-15 19:28 . 2008-06-15 20:51 96,966 --a------ C:\WINDOWS\system32\drivers\klin.dat 2008-06-15 19:28 . 2008-06-15 20:51 88,774 --a------ C:\WINDOWS\system32\drivers\klick.dat 2008-06-15 19:28 . 2008-07-05 17:42 26,396 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx 2008-06-15 19:27 . 2008-06-15 19:27 <DIR> d-------- C:\kav 2008-06-15 19:09 . 2008-06-15 19:09 <DIR> d-------- C:\Documents and Settings\DEJAN\Application Data\Media Player Classic 2008-06-15 19:09 . 2008-07-05 07:19 69 --a------ C:\WINDOWS\NeroDigital.ini 2008-06-15 18:52 . 2008-06-15 18:52 <DIR> d-------- C:\Documents and Settings\DEJAN\Application Data\Nero 2008-06-15 18:50 . 2008-06-15 18:50 <DIR> d-------- C:\Program Files\Nero 2008-06-15 18:50 . 2008-06-15 18:51 <DIR> d-------- C:\Program Files\Common Files\Nero 2008-06-15 18:50 . 2008-06-15 18:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nero 2008-06-15 18:41 . 2008-06-15 18:41 <DIR> d-------- C:\Program Files\YouTube Downloader 2008-06-15 18:39 . 2008-06-15 20:27 <DIR> d-------- C:\Program Files\mIRC 2008-06-15 18:39 . 2008-06-15 21:12 <DIR> d-------- C:\Documents and Settings\DEJAN\Application Data\mIRC 2008-06-15 18:03 . 2008-06-15 18:03 <DIR> d-------- C:\Program Files\CCleaner 2008-06-15 16:47 . 2005-09-14 21:05 516,096 --------- C:\WINDOWS\system32\ati2sgag.exe 2008-06-15 16:46 . 2008-06-15 16:47 <DIR> d-------- C:\Program Files\ATI Technologies 2008-06-15 16:46 . 2008-06-15 16:46 <DIR> d-------- C:\ATI 2008-06-15 16:44 . 2002-07-17 09:20 45,056 --a------ C:\WINDOWS\system32\WNASPI32.DLL 2008-06-15 16:44 . 2002-07-17 08:53 16,877 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS 2008-06-15 16:44 . 2002-07-17 16:22 5,600 --a------ C:\WINDOWS\system\WINASPI.DLL 2008-06-15 16:44 . 2002-07-17 16:22 4,672 --a------ C:\WINDOWS\system\WOWPOST.EXE 2008-06-15 16:43 . 2005-12-15 19:31 <DIR> d-------- C:\adaptec 2008-06-15 16:28 . 2008-06-15 16:28 99,965 --a------ C:\WINDOWS\UninstallFirefox.exe 2008-06-15 16:28 . 2008-06-15 16:28 3,255 --a------ C:\WINDOWS\mozver.dat 2008-06-15 16:28 . 2008-06-15 16:28 0 --a------ C:\WINDOWS\nsreg.dat 2008-06-15 16:21 . 2008-06-23 18:08 3,284 --a------ C:\WINDOWS\system32\ANIWZCS{85367743-3776-450A-8412-71399AC2C0AF} . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-28 05:02 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-06-15 18:51 112,144 ----a-w C:\WINDOWS\system32\drivers\kl1.sys 2008-06-15 15:55 --------- d-----w C:\Program Files\K-Lite Codec Pack 2008-06-15 15:55 --------- d-----w C:\Documents and Settings\DEJAN\Application Data\CyberLink 2008-06-15 15:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-06-15 15:52 --------- d-----w C:\Program Files\Webteh 2008-06-15 15:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink 2008-06-15 15:50 --------- d-----w C:\Program Files\CyberLink 2008-06-15 15:39 --------- d-----w C:\Program Files\Winamp 2008-06-15 15:39 --------- d-----w C:\Documents and Settings\DEJAN\Application Data\Winamp 2008-06-15 14:11 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-06-15 13:51 --------- d-----w C:\Program Files\C-Media 3D Audio 2008-06-15 13:48 --------- d-----w C:\Program Files\D-Link 2008-06-15 13:39 --------- d-----w C:\Program Files\microsoft frontpage 2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys 2008-05-07 05:18 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll 2008-04-21 07:04 659,456 ----a-w C:\WINDOWS\system32\wininet.dll 2001-11-23 04:08 712,704 ----a-r C:\WINDOWS\inf\OTHER\AUDIO3D.DLL 2006-06-15 18:33 233,472 ----a-w C:\Program Files\mozilla firefox\plugins\CrazyTalk4Native.dll 2006-05-25 16:43 204,895 ----a-w C:\Program Files\mozilla firefox\plugins\ctdomemhelper.dll 2005-09-29 12:41 77,824 ----a-w C:\Program Files\mozilla firefox\plugins\ctframeplayerobject.dll 2006-06-19 11:10 426,081 ----a-w C:\Program Files\mozilla firefox\plugins\ctplayerobject.dll 2005-02-02 10:19 458,752 ----a-w C:\Program Files\mozilla firefox\plugins\imagickrt.dll 2006-04-10 16:35 139,264 ----a-w C:\Program Files\mozilla firefox\plugins\rlcontentclass.dll 2005-11-09 09:10 204,800 ----a-w C:\Program Files\mozilla firefox\plugins\RLMusicPacker.dll 2005-11-09 09:42 106,496 ----a-w C:\Program Files\mozilla firefox\plugins\RLMusicUnpacker.dll 2006-01-04 09:22 212,992 ----a-w C:\Program Files\mozilla firefox\plugins\RLVoicePacker.dll 2006-01-04 09:21 167,936 ----a-w C:\Program Files\mozilla firefox\plugins\RLVoiceUnpacker.dll . ((((((((((((((((((((((((((((( snapshot@2008-07-04_18.55.35,76 ))))))))))))))))))))))))))))))))))))))))) . - 2008-07-04 05:22:54 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-07-05 15:43:34 2,048 --s-a-w C:\WINDOWS\bootstat.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:56 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-23 14:18 202024] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:54 5674352] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-05-30 15:54 21718312] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-09-14 21:05 344064] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-04-01 20:49 36352] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 20:24 32768] "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 08:51 1836328] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784] "D-Link AirPlus G"="C:\Program Files\D-Link\AirPlus G\AirGCFG.exe" [2005-07-22 10:42 1519616] "ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2004-12-16 17:49 49152] "Monitor"="C:\WINDOWS\PixArt\PAC207\Monitor.exe" [2006-11-03 11:01 319488] C:\Documents and Settings\DEJAN\Start Menu\Programs\Startup\ MP3 Rocket (Minimized).lnk - C:\Program Files\MP3 Rocket\MP3Rocket.exe [2007-11-13 19:27:06 116224] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 03:38:16 29696] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.DIV3"= C:\PROGRA~1\K-LITE~1\codecs\DivXc32.dll "VIDC.DIV4"= C:\PROGRA~1\K-LITE~1\codecs\DivXc32f.dll "VIDC.3iv2"= C:\PROGRA~1\K-LITE~1\codecs\3IVXVF~1.DLL "VIDC.HFYU"= C:\PROGRA~1\K-LITE~1\codecs\huffyuv.dll "vidc.i263"= i263_32.drv "VIDC.VP60"= C:\PROGRA~1\K-LITE~1\codecs\vp6vfw.dll "VIDC.VP61"= C:\PROGRA~1\K-LITE~1\codecs\vp6vfw.dll "VIDC.VP62"= C:\PROGRA~1\K-LITE~1\codecs\vp6vfw.dll "VIDC.VP70"= C:\PROGRA~1\K-LITE~1\codecs\vp7vfw.dll "VIDC.VP31"= C:\PROGRA~1\K-LITE~1\codecs\vp31vfw.dll "VIDC.MPG4"= C:\PROGRA~1\K-LITE~1\codecs\Mpg4c32.dll "VIDC.MP42"= C:\PROGRA~1\K-LITE~1\codecs\Mpg4c32.dll "VIDC.MP43"= C:\PROGRA~1\K-LITE~1\codecs\Mpg4c32.dll "VIDC.FFDS"= C:\PROGRA~1\K-LITE~1\ffdshow\ff_vfw.dll "msacm.ac3acm"= C:\PROGRA~1\K-LITE~1\codecs\ac3acm.acm "msacm.lameacm"= C:\PROGRA~1\K-LITE~1\codecs\lameACM.acm "msacm.l3fhg"= C:\PROGRA~1\K-LITE~1\codecs\l3codecp.acm "msacm.divxa32"= C:\PROGRA~1\K-LITE~1\codecs\divxa32.acm "msacm.imc"= imc32.acm [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Java\\jre1.6.0_06\\bin\\javaw.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\Mozilla Firefox\\firefox.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 14:58] R3 PAC207;Eye 110;C:\WINDOWS\system32\DRIVERS\PFC027.SYS [2006-12-05 11:34] R3 ReallusionVirtualAudio;Reallusion Virtual Audio;C:\WINDOWS\system32\DRIVERS\RLVrtAuCbl.sys [2007-03-19 16:00] S2 ThreatFire;ThreatFire;C:\Program Files\ThreatFire\TFService.exe service [] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 12:54] . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-07-05 19:57:31 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-07-05 19:58:26 ComboFix-quarantined-files.txt 2008-07-05 17:58:21 ComboFix2.txt 2008-07-04 16:56:05 Pre-Run: 22,465,462,272 bytes free Post-Run: 22,458,011,648 bytes free 226 --- E O F --- 2008-07-04 05:28:20 Dopuna: 05 Jul 2008 20:16 izbriso sam avg a ostavio kasperski uradio sam kako ste mi rekli ako ima jos sta da se uradi samo recite unaprijed zahvalan

Profil

helen1 Poslao: 09 Jul 2008 00:48 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl:

Profil

MyCity » Ambulanta -> Arhiva Ambulante » ubise me virusi

Ko je trenutno na forumu

Ukupno su 852 korisnika na forumu :: 9 registrovanih, 1 sakriven i 842 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., Istman, ladro, marsovac 2, Mi lao shu, Mixelotti, nebkv, Oscar2, stegonosa

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by