MyCity » Ambulanta -> Arhiva Ambulante » TR/Crypt.XPACK.Gen [trojan]

TR/Crypt.XPACK.Gen [trojan]

Napisano na dan: 29.12.2009
1

TR/Crypt.XPACK.Gen [trojan]
Sledeća strana Pagination

Idi na vrh

Poslao: 29 Dec 2009 13:14
Idi na vrh
offline
  • Pridružio: 24 Jan 2009
  • Poruke: 87

Napisano: 29 Dec 2009 13:02

Koristim Aviru av i cesto mi iskace prozor da sam zarazen sa TR/Crypt.XPACK.Gen [trojan] iako ga brisem to se iznova ponavlja.Takodje malo cudno sto program trojan remover ne prijavljuje nista pri skeniranju.Inace pri pokusaju skeniranja Gmer-om restartuje mi se racunar i pojavljuje se Bsod.
[Link mogu videti samo ulogovani korisnici]


DDS (Ver_09-12-01.01) - NTFSx86
Run by Milos at 12:46:03.64 on Tue 12/29/2009
Internet Explorer: 8.0.6001.18241
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1199 [GMT 1:00]

AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: avast! antivirus 4.8.1368 [VPS 091229-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\IObit\IObit Security 360\IS360tray.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\IObit\IObit Security 360\IS360srv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Documents and Settings\Milos\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Documents and Settings\Milos\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milos\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milos\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milos\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milos\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milos\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milos\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milos\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milos\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Milos\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Milos\My Documents\Downloads\dds.scr
C:\Program Files\IObit\IObit Security 360\is360.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = [Link mogu videti samo ulogovani korisnici]
uInternet Connection Wizard,ShellNext = [Link mogu videti samo ulogovani korisnici]
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [Google Update] "c:\documents and settings\milos\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [IObit Security 360] c:\program files\iobit\iobit security 360\IS360tray.exe
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [TrojanScanner] c:\program files\trojan remover\Trjscan.exe /boot
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici]
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - [Link mogu videti samo ulogovani korisnici]
TCP: {02D9B42E-BBD0-4519-A112-BA051E2C1930} = 87.116.152.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-12-29 114768]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2009-12-16 11608]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2009-12-16 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2009-12-16 185089]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-12-29 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-12-29 138680]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-12-16 56816]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-12-18 54752]
R2 IS360service;IS360service;c:\program files\iobit\iobit security 360\is360srv.exe [2009-12-19 305936]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-12-29 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-12-29 352920]
S2 ATE_PROCMON;ATE_PROCMON;\??\c:\program files\anti trojan elite\atepmon.sys --> c:\program files\anti trojan elite\ATEPMon.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-12-14 1684736]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2009-12-27 8704]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2009-12-27 3072]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]

=============== Created Last 30 ================

2009-12-29 10:13:45 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2009-12-29 10:13:45 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2009-12-29 10:13:44 75264 ----a-w- c:\windows\system32\unacev2.dll
2009-12-29 10:13:44 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2009-12-29 10:13:44 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2009-12-29 10:13:42 0 d-----w- c:\program files\Trojan Remover
2009-12-29 10:13:42 0 d-----w- c:\docume~1\milos\applic~1\Simply Super Software
2009-12-29 10:13:42 0 d-----w- c:\docume~1\alluse~1\applic~1\Simply Super Software
2009-12-29 05:48:37 0 d-----w- c:\program files\Empire Interactive
2009-12-28 23:32:27 0 d-----w- c:\program files\common files\NSV
2009-12-28 13:39:29 0 d-----w- c:\program files\WMA-MP3.com
2009-12-27 16:51:58 573440 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2009-12-27 16:51:58 286720 ----a-w- c:\windows\system32\NCTWMAFile2.dll
2009-12-27 16:51:58 168448 ----a-w- c:\windows\system32\NCTAudioPlayer.dll
2009-12-27 16:51:58 143872 ----a-w- c:\windows\system32\NCTWMAFile.dll
2009-12-27 16:51:57 491520 ----a-w- c:\windows\system32\NCTAudioFile.dll
2009-12-27 16:51:57 120832 ----a-w- c:\windows\system32\lame_enc.dll
2009-12-27 16:51:56 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-12-27 15:12:18 0 d-----w- c:\docume~1\milos\applic~1\AIMP
2009-12-27 07:17:39 0 d-----w- c:\program files\EASEUS
2009-12-27 07:12:53 0 d-----w- c:\docume~1\milos\applic~1\SuperMP3Download
2009-12-27 07:12:53 0 d-----w- c:\docume~1\alluse~1\applic~1\SuperMP3Download
2009-12-27 07:12:49 0 d-----w- c:\program files\SuperMp3Download
2009-12-26 20:45:47 805400 ----a-r- c:\windows\system32\tmp4CA.tmp
2009-12-26 12:55:00 6250745 ----a-w- c:\docume~1\milos\applic~1\rtesetupML.exe
2009-12-26 07:49:10 0 d-----w- c:\docume~1\alluse~1\applic~1\Codemasters
2009-12-26 07:48:56 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-12-26 07:48:38 805400 ----a-r- c:\windows\system32\tmp1A7.tmp
2009-12-26 07:48:38 805400 ----a-r- c:\windows\system32\tmp1A6.tmp
2009-12-25 19:44:20 0 d-----w- c:\docume~1\milos\applic~1\FUEL
2009-12-25 19:35:20 0 d-----w- c:\program files\Codemasters
2009-12-25 16:52:05 3247 ----a-w- c:\windows\system32\wbem\Outlook_01ca8582969204b8.mof
2009-12-24 07:54:09 805400 ----a-r- c:\windows\system32\tmp693.tmp
2009-12-24 07:54:08 805400 ----a-r- c:\windows\system32\tmp692.tmp
2009-12-23 12:10:19 0 d-----w- c:\program files\CAPCOM
2009-12-23 12:09:47 0 d-----w- c:\windows\system32\xlive
2009-12-23 12:09:46 0 d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-12-22 22:25:43 0 d-----w- c:\docume~1\milos\applic~1\2K Sports
2009-12-22 08:12:31 0 d-----w- c:\program files\2K Sports
2009-12-22 08:11:22 0 d-----w- c:\windows\system32\URTTEMP
2009-12-22 07:50:19 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2009-12-22 07:50:19 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2009-12-22 07:50:19 0 d-----w- c:\program files\OpenAL
2009-12-22 07:50:18 805400 ----a-r- c:\windows\system32\tmp42E.tmp
2009-12-22 07:50:18 805400 ----a-r- c:\windows\system32\tmp42D.tmp
2009-12-21 22:10:01 0 d-----w- c:\docume~1\milos\applic~1\Capcom
2009-12-21 18:24:36 13 ---ha-r- C:\~State.INI
2009-12-21 18:24:12 810 ----a-w- c:\windows\CDMaster.ini
2009-12-21 18:24:00 45056 ----a-w- c:\windows\system32\WNASPI32.DLL
2009-12-21 18:24:00 16512 ----a-w- c:\windows\system32\drivers\ASPI32.SYS
2009-12-21 18:23:59 5600 ----a-w- c:\windows\system\winaspi.dll
2009-12-21 18:23:59 4672 ----a-w- c:\windows\system\wowpost.exe
2009-12-21 09:18:28 0 d-----w- C:\Temp
2009-12-20 22:32:06 737280 ----a-w- c:\windows\iun6002.exe
2009-12-20 18:33:04 0 d-----w- c:\program files\DkZ Update
2009-12-20 18:31:17 0 d-----w- c:\program files\DkZ Studio
2009-12-19 18:40:18 0 d-----w- c:\docume~1\alluse~1\applic~1\KONAMI
2009-12-19 18:36:41 0 d-----w- c:\windows\system32\appmgmt
2009-12-19 17:12:07 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-12-19 17:12:07 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-12-19 17:12:07 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-12-19 17:12:06 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-12-19 17:12:06 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-12-19 17:12:05 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-12-19 17:12:05 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2009-12-19 17:10:02 0 d-----w- c:\program files\DIRECTX
2009-12-19 13:56:44 0 d-----w- c:\docume~1\alluse~1\applic~1\Axara
2009-12-19 13:56:13 24576 ----a-w- c:\windows\system32\msxml3a.dll
2009-12-19 13:56:13 0 d-----w- c:\program files\common files\Axara
2009-12-19 13:39:00 0 d-----w- c:\docume~1\alluse~1\applic~1\Trymedia
2009-12-19 13:35:25 0 d-----w- c:\program files\Atari
2009-12-19 10:29:32 0 d-----w- c:\program files\Uniblue
2009-12-19 10:29:32 0 d-----w- c:\docume~1\milos\applic~1\Uniblue
2009-12-19 10:29:32 0 d-----w- c:\docume~1\alluse~1\applic~1\DriverScanner
2009-12-19 10:24:39 0 d-----w- c:\docume~1\alluse~1\applic~1\IObit
2009-12-19 09:06:17 0 ----a-w- c:\windows\msicpl.ini
2009-12-19 09:01:38 506560 ----a-w- c:\windows\system32\autorun.inf
2009-12-19 07:36:07 0 d-----w- c:\docume~1\milos\applic~1\HpUpdate
2009-12-19 07:36:06 0 d-----w- c:\windows\Hewlett-Packard
2009-12-18 22:14:14 0 d-----w- c:\documents and settings\milos\Tracing
2009-12-18 22:13:27 0 d-----w- c:\program files\Microsoft Office Outlook Connector
2009-12-18 22:13:14 54752 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys
2009-12-18 22:12:09 0 d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-12-18 22:11:18 0 d-----w- c:\program files\Microsoft
2009-12-18 22:11:03 0 d-----w- c:\program files\Windows Live SkyDrive
2009-12-18 22:07:36 0 d-----w- c:\docume~1\alluse~1\applic~1\NVIDIA Corporation
2009-12-18 22:07:30 0 d-----w- c:\program files\NVIDIA Corporation
2009-12-18 22:06:48 8743 ----a-w- c:\windows\system32\nvinfo.pb
2009-12-18 22:06:48 69632 ----a-w- c:\windows\system32\OpenCL.dll
2009-12-18 22:06:48 182888 ----a-w- c:\windows\system32\SET34C.tmp
2009-12-18 22:06:48 11374592 ----a-w- c:\windows\system32\nvcompiler.dll
2009-12-18 22:06:48 1056768 ----a-w- c:\windows\system32\SET33C.tmp
2009-12-18 22:06:45 6282752 ----a-w- c:\windows\system32\SET33A.tmp
2009-12-18 22:06:43 0 d-----w- C:\NVIDIA
2009-12-18 22:00:16 0 d-----w- c:\program files\common files\Windows Live
2009-12-18 21:35:53 0 d-----w- c:\windows\system32\XPSViewer
2009-12-18 21:35:31 14048 ------w- c:\windows\system32\spmsg2.dll
2009-12-18 21:21:27 41 ----a-w- c:\windows\Filzip.ini
2009-12-18 21:12:19 73728 ----a-w- c:\windows\system32\javacpl.cpl
2009-12-18 21:12:19 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-18 07:17:01 0 d-----w- c:\program files\Rockstar Games
2009-12-18 07:09:10 0 d-sh--w- c:\windows\ftpcache
2009-12-18 07:08:46 319 ----a-w- c:\windows\game.ini
2009-12-18 07:02:35 0 d-----w- c:\program files\Activision
2009-12-18 06:58:09 0 d-----w- c:\docume~1\alluse~1\applic~1\Sports Interactive
2009-12-18 06:57:47 0 d-----w- c:\docume~1\milos\applic~1\Sports Interactive
2009-12-18 06:55:09 0 d--h--w- c:\program files\Zero G Registry
2009-12-18 06:55:09 0 d-----w- c:\program files\Sports Interactive
2009-12-18 06:54:53 0 d--h--w- c:\documents and settings\milos\InstallAnywhere
2009-12-18 06:51:58 0 d-----w- c:\program files\DAEMON Tools Lite

2009-12-18 06:28:03 716272 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-12-17 23:31:21 2000 ------w- c:\windows\hpomdl14.dat.temp
2009-12-17 23:31:21 140692 ------w- c:\windows\hpoins14.dat.temp
2009-12-17 22:29:48 22486 ----a-r- c:\windows\system32\UnInstall_Driver.ico
2009-12-17 22:29:06 0 d-----w- c:\windows\system32\Samsung_USB_Drivers
2009-12-17 22:29:03 766 ----a-w- c:\windows\system32\Uninstall.ico
2009-12-17 22:29:02 0 d-----w- c:\windows\system32\Samsung PC Studio Codecs
2009-12-17 22:28:49 77824 ----a-w- c:\windows\system32\fun_mp4_dec.dll
2009-12-17 22:28:49 684032 ----a-w- c:\windows\system32\fun_mp4_enc.dll
2009-12-17 22:28:49 0 d-----w- c:\program files\Samsung
2009-12-17 22:28:48 532480 ----a-w- c:\windows\system32\FunEncFilter.ax
2009-12-17 22:28:48 2729472 ----a-w- c:\windows\system32\fun_avcodec.dll
2009-12-17 22:28:47 671744 ----a-w- c:\windows\system32\FunDecFilter.ax
2009-12-17 22:25:47 0 d-----w- c:\docume~1\alluse~1\applic~1\WEBREG
2009-12-17 22:22:46 0 d-----w- c:\program files\common files\HP
2009-12-17 22:22:05 0 d-----w- c:\program files\common files\Hewlett-Packard
2009-12-17 22:21:19 16496 ----a-r- c:\windows\system32\drivers\HPZipr12.sys
2009-12-17 22:21:15 49920 ----a-r- c:\windows\system32\drivers\HPZid412.sys
2009-12-17 22:21:12 21568 ----a-r- c:\windows\system32\drivers\HPZius12.sys
2009-12-17 22:20:54 267864 ----a-r- c:\windows\system32\hpzids01.dll
2009-12-17 22:20:52 117760 ----a-w- c:\windows\system32\hpzll5ha.dll
2009-12-17 22:20:43 675840 ----a-r- c:\windows\system32\hpowiax3.dll
2009-12-17 22:20:43 569344 ----a-r- c:\windows\system32\hpotscl3.dll
2009-12-17 22:20:43 364544 ----a-r- c:\windows\system32\hppldcoi.dll
2009-12-17 22:20:43 309760 ----a-r- c:\windows\system32\difxapi.dll
2009-12-17 22:20:43 303104 ----a-r- c:\windows\system32\hpovst10.dll
2009-12-17 22:20:42 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-12-17 22:20:42 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-12-17 22:19:36 0 d-----w- c:\program files\HP
2009-12-17 22:18:19 141084 ----a-w- c:\windows\hpoins14.dat
2009-12-17 22:18:18 2000 ------w- c:\windows\hpomdl14.dat
2009-12-17 22:16:35 53248 ------w- c:\windows\system32\monitusb.exe
2009-12-17 22:12:15 0 d-----w- c:\program files\Jufsoft
2009-12-17 22:08:05 0 d-----w- c:\program files\Screamer Radio
2009-12-17 22:07:02 603904 ----a-w- c:\windows\system32\TUProgSt.exe
2009-12-17 22:07:01 27904 ----a-w- c:\windows\system32\uxtuneup.dll
2009-12-17 22:07:00 360192 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-12-17 22:06:58 0 d-----w- c:\docume~1\milos\applic~1\TuneUp Software
2009-12-17 22:06:40 0 d-----w- c:\program files\TuneUp Utilities 2009
2009-12-17 22:06:40 0 d-----w- c:\docume~1\alluse~1\applic~1\TuneUp Software
2009-12-17 20:06:00 0 d-sh--w- c:\docume~1\alluse~1\applic~1\{55A29068-F2CE-456C-9148-C869879E2357}
2009-12-17 20:05:10 0 d-----w- c:\program files\Audacity
2009-12-17 20:04:31 0 d-----w- c:\program files\YouTube Downloader
2009-12-17 20:04:11 0 d-----w- c:\program files\BFAFS
2009-12-17 20:02:58 0 d-----w- c:\program files\KONAMI
2009-12-17 19:57:45 0 d-----w- c:\program files\NCH Software
2009-12-17 19:57:43 0 d-----w- c:\program files\NCH Swift Sound
2009-12-17 19:57:23 0 d-----w- c:\program files\Foxit Software
2009-12-17 19:57:04 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2009-12-17 19:56:33 0 d-----w- c:\program files\IObit
2009-12-17 19:56:02 0 d-----w- c:\program files\ApexDC++
2009-12-17 19:47:45 0 d-----w- c:\program files\TimeAdjuster
2009-12-17 19:43:53 0 d-----w- c:\program files\The KMPlayer
2009-12-17 19:43:42 0 d-----w- c:\docume~1\alluse~1\applic~1\GRETECH
2009-12-17 19:43:30 0 d-----w- c:\program files\GRETECH
2009-12-17 19:42:13 0 d-----w- c:\program files\Yahoo!
2009-12-17 19:42:07 0 d-----w- c:\program files\CCleaner
2009-12-17 19:41:29 0 d-----w- c:\docume~1\milos\applic~1\Desktopicon
2009-12-17 19:41:28 0 d-----w- c:\program files\Unlocker
2009-12-17 19:40:28 0 d-----w- c:\program files\Pravoslavac
2009-12-17 19:31:33 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-12-17 19:31:33 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-12-17 19:31:25 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys
2009-12-17 19:31:25 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-12-17 19:30:19 10368 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2009-12-17 19:30:19 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-12-17 19:30:15 32128 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2009-12-17 19:30:15 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-12-17 12:10:14 41984 ----a-r- c:\windows\system32\drivers\dlkfet5b.sys
2009-12-16 14:02:11 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-16 14:02:10 0 d-----w- c:\program files\Avira
2009-12-16 14:02:10 0 d-----w- c:\docume~1\alluse~1\applic~1\Avira
2009-12-15 10:31:15 0 d-----w- c:\docume~1\milos\applic~1\BSplayer Pro
2009-12-15 10:26:31 0 d-----w- c:\windows\pss
2009-12-15 09:27:34 0 d-----w- c:\program files\Spybot - Search & Destroy
2009-12-15 09:27:34 0 d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-12-15 09:26:35 0 d-----w- c:\docume~1\milos\applic~1\Malwarebytes
2009-12-15 09:26:34 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-15 09:26:31 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-15 09:26:30 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-15 09:26:30 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-12-14 15:19:20 0 d-sh--w- c:\documents and settings\milos\PrivacIE
2009-12-14 15:15:44 0 dc-h--w- c:\windows\ie8
2009-12-14 15:07:24 0 d-----w- c:\windows\ServicePackFiles
2009-12-14 15:05:07 19569 ----a-w- c:\windows\002878_.tmp
2009-12-14 14:50:13 0 d-----w- c:\program files\Windows Media Connect 2
2009-12-14 14:49:30 0 d-----w- c:\program files\common files\ODBC
2009-12-14 14:49:28 0 d-----w- c:\program files\common files\SpeechEngines
2009-12-14 14:49:01 0 d-----r- c:\documents and settings\all users\Documents
2009-12-14 14:45:20 0 d-----w- c:\program files\DivX
2009-12-14 14:45:16 0 d-----w- c:\program files\common files\DivX Shared
2009-12-14 14:44:22 0 d-----w- c:\docume~1\alluse~1\applic~1\Nero
2009-12-14 14:44:21 0 d-----w- c:\program files\Nero
2009-12-14 14:31:10 0 d-----w- c:\program files\common files\Wise Installation Wizard
2009-12-14 14:20:43 0 d-----w- c:\program files\Realtek
2009-12-14 13:57:37 0 d-sh--w- c:\documents and settings\all users\DRM
2009-12-14 13:57:24 0 d--h--w- c:\program files\WindowsUpdate
2009-12-14 13:56:32 0 d-----w- c:\program files\common files\MSSoap
2009-12-14 13:55:25 0 d-----w- c:\program files\Online Services
2009-12-14 13:55:19 0 d-----w- c:\program files\Messenger
2009-12-14 13:55:14 0 d-----w- c:\program files\MSN Gaming Zone
2009-12-14 13:54:29 0 d-----w- c:\program files\Windows NT

==================== Find3M ====================

2009-12-14 13:55:43 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-21 02:34:54 6282752 ----a-w- c:\windows\system32\nv4_disp.dll
2009-11-21 02:34:54 592488 ----a-w- c:\windows\system32\nvudisp.exe
2009-11-21 02:34:54 4038656 ----a-w- c:\windows\system32\nvcuda.dll
2009-11-21 02:34:54 2293286 ----a-w- c:\windows\system32\nvdata.bin
2009-11-21 02:34:54 2259560 ----a-w- c:\windows\system32\nvcuvid.dll
2009-11-21 02:34:54 1989224 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-11-21 02:34:54 182888 ----a-w- c:\windows\system32\nvcodins.dll
2009-11-21 02:34:54 182888 ----a-w- c:\windows\system32\nvcod.dll
2009-11-21 02:34:54 13602816 ----a-w- c:\windows\system32\nvoglnt.dll
2009-11-21 02:34:54 1056768 ----a-w- c:\windows\system32\nvapi.dll
2009-11-21 02:34:54 10235968 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-11-19 20:42:56 592488 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-11-14 00:47:32 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-11-14 00:47:28 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-11-14 00:47:28 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2009-11-14 00:47:28 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-11-14 00:47:28 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2009-11-14 00:47:28 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2009-11-14 00:47:28 696320 ----a-w- c:\windows\system32\DivX.dll

============= FINISH: 12:46:27.99 ===============







[Link mogu videti samo ulogovani korisnici]

Dopuna: 29 Dec 2009 13:14

[Link mogu videti samo ulogovani korisnici]



Poslao: 29 Dec 2009 13:57
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Deinstaliraj jedan od Antivirusa, odluci sam koji ces.

[Link mogu videti samo ulogovani korisnici]

Preuzmi DeFogger sa ovog linka na Desktop .


Dvoklikom pokreni DeFogger;

Pojaviće se MsgBox na kome ćeš kliknuti na taster Disable;

Ponovo će se pojaviti MsgBox na kome ćeš kliknuti na Yes;
Sačekaj da se procesuiranje programa DeFogger izvrši pa nastavi prema sledećem uputstvu.

Napomena:Na kraju postupka ce biti potrebno ponovno pokretanje Windows-a.
Ovim postupkom će biti deaktivirani CD/DVD emulatori i omogućen neometan rad programa koje koristimo.

Posle ovoga pokusaj ponovo da pokrenes Gmer
Takodje ponovo pokreni DDS i postavi nove logove.



Poslao: 29 Dec 2009 14:18
Idi na vrh
offline
  • Pridružio: 24 Jan 2009
  • Poruke: 87

Napisano: 29 Dec 2009 14:09

Kao prvo da objasnim aviru imam,ali posto nije mogla da obrise virus resih da skinem avast i instaliram kao da bi on obrisao,izgleda da sam dosta pogresio?I ako mozes samo da mi kazes jel sam uspeo lepo da obrisem avast ako se to vidi?
[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

Dopuna: 29 Dec 2009 14:18

gmer nece pokusao sam 2 puta,oba puta mi se pojavio plavi ekran i restart racunara...

Poslao: 29 Dec 2009 14:33
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Dobro je, deinstalirao si ga.

Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.



Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix.
U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE:
klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.

Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Poslao: 29 Dec 2009 14:43
Idi na vrh
offline
  • Pridružio: 24 Jan 2009
  • Poruke: 87

ComboFix 09-12-28.05 - Milos 12/29/2009 14:36:41.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1420 [GMT 1:00]
Running from: c:\documents and settings\Milos\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Milos\Application Data\Desktopicon
c:\windows\system32\AutoRun.inf
c:\windows\system32\NCTAudioInformation2.dll

.
((((((((((((((((((((((((( Files Created from 2009-11-28 to 2009-12-29 )))))))))))))))))))))))))))))))
.

2009-12-29 10:18 . 2009-12-11 17:05 3613560 ----a-w- c:\documents and settings\Milos\Application Data\Simply Super Software\Trojan Remover\lco5E0.exe
2009-12-29 10:13 . 2006-05-25 14:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2009-12-29 10:13 . 2005-08-26 00:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2009-12-29 10:13 . 2006-06-19 12:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2009-12-29 10:13 . 2003-02-02 19:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll
2009-12-29 10:13 . 2002-03-06 00:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2009-12-29 10:13 . 2009-12-29 10:16 -------- d-----w- c:\program files\Trojan Remover
2009-12-29 10:13 . 2009-12-29 10:13 -------- d-----w- c:\documents and settings\Milos\Application Data\Simply Super Software
2009-12-29 10:13 . 2009-12-29 10:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Simply Super Software
2009-12-29 09:53 . 2009-12-29 11:51 -------- d-----w- c:\program files\Alwil Software
2009-12-29 05:51 . 2009-12-29 05:51 8854 ----a-r- c:\documents and settings\Milos\Application Data\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\Uninstall_FlatOut2_C884B05AF5D94AE49D84E6BD9F6E7890.exe
2009-12-29 05:51 . 2009-12-29 05:51 53248 ----a-r- c:\documents and settings\Milos\Application Data\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\FlatOut2.exe1_C884B05AF5D94AE49D84E6BD9F6E7890.exe
2009-12-29 05:51 . 2009-12-29 05:51 53248 ----a-r- c:\documents and settings\Milos\Application Data\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\FlatOut2.exe_C884B05AF5D94AE49D84E6BD9F6E7890.exe
2009-12-29 05:51 . 2009-12-29 05:51 15086 ----a-r- c:\documents and settings\Milos\Application Data\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\NewShortcut5_C884B05AF5D94AE49D84E6BD9F6E7890.exe
2009-12-29 05:51 . 2009-12-29 05:51 11502 ----a-r- c:\documents and settings\Milos\Application Data\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\ARPPRODUCTICON.exe
2009-12-29 05:48 . 2009-12-29 05:48 -------- d-----w- c:\program files\Empire Interactive
2009-12-28 23:32 . 2009-12-28 23:32 -------- d-----w- c:\program files\Common Files\NSV
2009-12-28 13:40 . 2009-12-28 13:40 -------- d-----w- c:\documents and settings\Milos\Local Settings\Application Data\WMA-MP3.com
2009-12-28 13:39 . 2009-12-28 13:39 -------- d-----w- c:\program files\WMA-MP3.com
2009-12-27 17:09 . 2009-12-28 13:39 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-12-27 16:51 . 2003-03-25 14:08 286720 ----a-w- c:\windows\system32\NCTWMAFile2.dll
2009-12-27 16:51 . 2002-12-03 02:11 143872 ----a-w- c:\windows\system32\NCTWMAFile.dll
2009-12-27 16:51 . 2002-12-03 02:07 168448 ----a-w- c:\windows\system32\NCTAudioPlayer.dll
2009-12-27 16:51 . 2002-12-03 02:02 491520 ----a-w- c:\windows\system32\NCTAudioFile.dll
2009-12-27 16:51 . 2002-03-19 06:18 120832 ----a-w- c:\windows\system32\lame_enc.dll
2009-12-27 16:51 . 2002-01-05 06:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-12-27 15:12 . 2009-12-27 16:23 -------- d-----w- c:\documents and settings\Milos\Application Data\AIMP
2009-12-27 07:12 . 2009-12-29 06:03 -------- d-----w- c:\documents and settings\All Users\Application Data\SuperMP3Download
2009-12-27 07:12 . 2009-12-27 07:12 -------- d-----w- c:\documents and settings\Milos\Application Data\SuperMP3Download
2009-12-27 07:12 . 2009-12-27 07:12 -------- d-----w- c:\program files\SuperMp3Download
2009-12-26 12:55 . 2009-12-26 12:55 6250745 ----a-w- c:\documents and settings\Milos\Application Data\rtesetupML.exe
2009-12-26 07:49 . 2009-12-26 20:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Codemasters
2009-12-22 07:50 . 2009-12-22 07:50 -------- d-----w- c:\program files\OpenAL
2009-12-21 22:10 . 2009-12-21 22:10 -------- d-----w- c:\documents and settings\Milos\Application Data\Capcom
2009-12-21 18:24 . 2009-12-21 18:24 -------- d-----w- c:\documents and settings\Milos\Local Settings\Application Data\Help
2009-12-21 18:24 . 2002-07-17 09:03 45056 ----a-w- c:\windows\system32\WNASPI32.DLL
2009-12-21 18:24 . 2002-07-17 08:05 16512 ----a-w- c:\windows\system32\drivers\ASPI32.SYS
2009-12-21 18:23 . 2002-07-17 15:22 4672 ----a-w- c:\windows\system\wowpost.exe
2009-12-21 18:23 . 2002-07-17 15:22 5600 ----a-w- c:\windows\system\winaspi.dll
2009-12-21 09:18 . 2009-12-27 07:16 -------- d-----w- C:\Temp
2009-12-20 22:32 . 2009-12-20 22:31 737280 ----a-w- c:\windows\iun6002.exe
2009-12-20 18:33 . 2009-12-20 18:33 -------- d-----w- c:\program files\DkZ Update
2009-12-20 18:31 . 2009-12-22 08:36 -------- d-----w- c:\program files\DkZ Studio
2009-12-19 18:40 . 2009-12-19 18:40 -------- d-----w- c:\documents and settings\All Users\Application Data\KONAMI
2009-12-19 17:12 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-12-19 17:12 . 2009-09-04 16:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-12-19 17:12 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-12-19 17:12 . 2009-09-04 16:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-12-19 17:12 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-12-19 17:12 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-12-19 17:12 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2009-12-19 17:10 . 2009-12-19 17:10 -------- d-----w- c:\program files\DIRECTX
2009-12-19 14:32 . 2009-12-19 14:32 0 ----a-w- c:\windows\nsreg.dat
2009-12-19 14:32 . 2009-12-19 14:32 -------- d-----w- c:\documents and settings\Milos\Local Settings\Application Data\Mozilla
2009-12-19 13:56 . 2009-12-19 13:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Axara
2009-12-19 13:56 . 2009-12-19 14:00 -------- d-----w- c:\program files\Common Files\Axara
2009-12-19 13:56 . 2003-05-21 22:50 24576 ----a-w- c:\windows\system32\msxml3a.dll
2009-12-19 13:39 . 2009-12-19 13:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia
2009-12-19 13:35 . 2009-12-19 13:35 -------- d-----w- c:\program files\Atari
2009-12-19 10:28 . 2006-12-01 23:26 57856 -c--a-w- c:\documents and settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}\Windows\winsxs\7z1v718o.6n8\mfcm80u.dll
2009-12-19 10:24 . 2009-12-19 10:24 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit
2009-12-19 07:36 . 2009-12-19 07:36 -------- d-----w- c:\documents and settings\Milos\Application Data\HpUpdate
2009-12-19 07:36 . 2009-12-19 07:36 -------- d-----w- c:\windows\Hewlett-Packard
2009-12-18 22:14 . 2009-12-29 13:14 -------- d-----w- c:\documents and settings\Milos\Tracing
2009-12-18 22:13 . 2009-12-18 22:13 -------- d-----w- c:\program files\Microsoft Silverlight
2009-12-18 22:13 . 2009-12-18 22:13 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
2009-12-18 22:13 . 2009-08-05 21:48 54752 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys
2009-12-18 22:12 . 2009-12-18 22:12 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-12-18 22:12 . 2009-12-18 22:12 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-12-18 22:11 . 2009-12-18 22:13 -------- d-----w- c:\program files\Microsoft
2009-12-18 22:11 . 2009-12-18 22:11 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-12-18 22:10 . 2009-12-18 22:13 -------- d-----w- c:\program files\Windows Live
2009-12-18 22:07 . 2009-12-18 22:07 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2009-12-18 22:07 . 2009-12-18 22:08 -------- d-----w- c:\program files\NVIDIA Corporation
2009-12-18 22:06 . 2009-11-21 02:34 69632 ----a-w- c:\windows\system32\OpenCL.dll
2009-12-18 22:06 . 2009-11-21 02:34 11374592 ----a-w- c:\windows\system32\nvcompiler.dll
2009-12-18 22:06 . 2009-12-18 22:06 -------- d-----w- C:\NVIDIA
2009-12-18 22:00 . 2009-12-18 22:00 -------- d-----w- c:\program files\Common Files\Windows Live
2009-12-18 21:36 . 2009-12-18 21:36 158528 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-12-18 21:35 . 2009-12-18 21:35 -------- d-----w- c:\windows\system32\XPSViewer
2009-12-18 21:35 . 2009-12-18 21:35 -------- d-----w- c:\program files\Reference Assemblies
2009-12-18 21:35 . 2007-03-22 19:24 28160 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2009-12-18 21:35 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-12-18 21:12 . 2009-12-18 21:12 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-18 21:12 . 2009-12-18 21:12 -------- d-----w- c:\program files\Java
2009-12-18 21:11 . 2009-12-18 21:11 152576 ----a-w- c:\documents and settings\Milos\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-12-18 21:04 . 2009-12-18 21:09 -------- d-----w- c:\documents and settings\Milos\Local Settings\Application Data\Temp
2009-12-18 07:17 . 2009-12-18 07:17 -------- d-----w- c:\program files\Rockstar Games
2009-12-18 07:09 . 2009-12-18 07:09 -------- d-sh--w- c:\windows\ftpcache
2009-12-18 07:02 . 2009-12-18 07:02 -------- d-----w- c:\program files\Activision
2009-12-18 06:58 . 2009-12-18 06:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Sports Interactive
2009-12-18 06:55 . 2009-12-18 06:56 -------- d--h--w- c:\program files\Zero G Registry
2009-12-18 06:55 . 2009-12-18 06:55 -------- d-----w- c:\program files\Sports Interactive
2009-12-18 06:54 . 2009-12-18 06:54 -------- d--h--w- c:\documents and settings\Milos\InstallAnywhere
2009-12-18 06:51 . 2009-12-18 06:52 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-12-18 06:28 . 2009-12-18 06:28 716272 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-12-18 06:28 . 2009-12-18 06:28 -------- d-----w- c:\documents and settings\Milos\Application Data\DAEMON Tools
2009-12-18 06:16 . 2009-12-18 06:16 -------- d-----w- c:\program files\Ubisoft
2009-12-17 22:37 . 2009-12-17 22:37 -------- d-----w- c:\documents and settings\Milos\Application Data\HP
2009-12-17 22:34 . 2009-12-17 22:34 -------- d-----w- c:\documents and settings\Milos\Local Settings\Application Data\HP
2009-12-17 22:29 . 2009-12-17 22:29 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2009-12-17 22:29 . 2009-12-17 22:29 -------- d-----w- c:\windows\system32\Samsung PC Studio Codecs
2009-12-17 22:28 . 2009-12-17 22:28 -------- d-----w- c:\program files\Samsung
2009-12-17 22:28 . 2006-04-18 15:32 684032 ----a-w- c:\windows\system32\fun_mp4_enc.dll
2009-12-17 22:28 . 2006-04-06 10:28 77824 ----a-w- c:\windows\system32\fun_mp4_dec.dll
2009-12-17 22:28 . 2006-03-21 14:49 2729472 ----a-w- c:\windows\system32\fun_avcodec.dll
2009-12-17 22:25 . 2009-12-17 22:25 -------- d-----w- c:\documents and settings\All Users\Application Data\WEBREG
2009-12-17 22:24 . 2009-12-17 22:24 -------- d-----w- c:\documents and settings\All Users\Application Data\HPSSUPPLY
2009-12-17 22:23 . 2009-12-17 22:23 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2009-12-17 22:23 . 2009-12-17 22:23 -------- d-----w- c:\documents and settings\All Users\Application Data\HP
2009-12-17 22:22 . 2009-12-17 22:22 -------- d-----w- c:\program files\Common Files\HP
2009-12-17 22:22 . 2009-12-17 22:22 -------- d-----w- c:\program files\Hewlett-Packard
2009-12-17 22:22 . 2009-12-17 22:22 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2009-12-17 22:21 . 2007-03-08 04:20 16496 ----a-r- c:\windows\system32\drivers\HPZipr12.sys
2009-12-17 22:21 . 2007-03-08 04:20 49920 ----a-r- c:\windows\system32\drivers\HPZid412.sys
2009-12-17 22:21 . 2007-03-08 04:20 21568 ----a-r- c:\windows\system32\drivers\HPZius12.sys
2009-12-17 22:21 . 2009-12-17 22:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Hewlett-Packard
2009-12-17 22:20 . 2007-03-30 15:07 267864 ----a-r- c:\windows\system32\hpzids01.dll
2009-12-17 22:20 . 2007-03-28 13:01 117760 ----a-w- c:\windows\system32\hpzll5ha.dll
2009-12-17 22:20 . 2007-03-28 12:57 274944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp5ha.dll
2009-12-17 22:20 . 2007-03-17 16:11 675840 ----a-r- c:\windows\system32\hpowiax3.dll
2009-12-17 22:20 . 2007-03-17 16:11 303104 ----a-r- c:\windows\system32\hpovst10.dll
2009-12-17 22:20 . 2007-03-17 16:11 569344 ----a-r- c:\windows\system32\hpotscl3.dll
2009-12-17 22:20 . 2007-03-08 04:20 364544 ----a-r- c:\windows\system32\hppldcoi.dll
2009-12-17 22:20 . 2007-03-08 04:20 309760 ----a-r- c:\windows\system32\difxapi.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-28 23:33 . 2009-12-14 14:36 -------- d-----w- c:\program files\Winamp
2009-12-27 07:17 . 2009-12-27 07:17 -------- d-----w- c:\program files\EASEUS
2009-12-26 20:44 . 2009-12-25 19:35 -------- d-----w- c:\program files\Codemasters
2009-12-26 20:44 . 2009-12-14 14:20 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-26 07:48 . 2009-12-26 07:48 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-12-26 07:48 . 2009-12-22 07:50 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2009-12-26 07:48 . 2009-12-22 07:50 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2009-12-25 19:44 . 2009-12-25 19:44 -------- d-----w- c:\documents and settings\Milos\Application Data\FUEL
2009-12-24 21:04 . 2009-12-19 10:29 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverScanner
2009-12-23 12:10 . 2009-12-23 12:10 -------- d-----w- c:\program files\CAPCOM
2009-12-23 12:09 . 2009-12-23 12:09 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-12-22 22:25 . 2009-12-22 22:25 -------- d-----w- c:\documents and settings\Milos\Application Data\2K Sports
2009-12-22 08:12 . 2009-12-22 08:12 -------- d-----w- c:\program files\2K Sports
2009-12-19 10:29 . 2009-12-19 10:29 -------- d-----w- c:\program files\Uniblue
2009-12-19 10:29 . 2009-12-19 10:29 -------- d-----w- c:\documents and settings\Milos\Application Data\Uniblue
2009-12-18 22:00 . 2009-12-14 14:10 69232 ----a-w- c:\documents and settings\Milos\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-18 21:35 . 2009-12-14 14:50 -------- d-----w- c:\program files\MSBuild
2009-12-18 06:57 . 2009-12-18 06:57 -------- d-----w- c:\documents and settings\Milos\Application Data\Sports Interactive
2009-12-18 06:14 . 2009-12-14 14:20 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-14 15:10 . 2009-12-14 13:57 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-14 14:52 . 2009-12-14 14:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-12-14 14:50 . 2009-12-14 14:50 -------- d-----w- c:\program files\Microsoft Works
2009-12-14 14:50 . 2009-12-14 14:50 -------- d-----w- c:\program files\Windows Media Connect 2
2009-12-14 14:47 . 2009-12-14 14:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-12-14 14:45 . 2009-12-14 14:45 -------- d-----w- c:\documents and settings\Milos\Application Data\Ahead
2009-12-14 14:45 . 2009-12-14 14:45 -------- d-----w- c:\program files\DivX
2009-12-14 14:45 . 2009-12-14 14:45 -------- d-----w- c:\documents and settings\Milos\Application Data\DivX
2009-12-14 14:45 . 2009-12-14 14:45 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-12-14 14:45 . 2009-12-14 14:44 -------- d-----w- c:\program files\Common Files\Ahead
2009-12-14 14:44 . 2009-12-14 14:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-12-14 14:44 . 2009-12-14 14:21 -------- d-----w- c:\program files\Intel
2009-12-14 14:44 . 2009-12-14 14:44 -------- d-----w- c:\program files\Nero
2009-12-14 14:44 . 2009-12-14 14:44 -------- d-----w- c:\documents and settings\Milos\Application Data\InstallShield
2009-12-14 14:42 . 2009-12-14 14:41 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-14 14:37 . 2009-12-14 14:37 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-12-14 14:37 . 2009-12-14 14:37 -------- d-----w- c:\program files\CyberLink
2009-12-14 14:36 . 2009-12-14 14:36 -------- d-----w- c:\program files\Google
2009-12-14 14:33 . 2009-12-14 14:33 -------- d-----w- c:\program files\AGEIA Technologies
2009-12-14 14:31 . 2009-12-14 14:31 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-14 14:20 . 2009-12-14 14:20 -------- d-----w- c:\program files\Realtek
2009-12-14 13:58 . 2009-12-14 13:58 -------- d-----w- c:\program files\microsoft frontpage
2009-12-14 13:55 . 2009-12-14 13:55 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-20 19:32 . 2009-11-20 19:32 278120 ----a-w- c:\windows\system32\nvmccs.dll
2009-11-19 20:42 . 2009-12-14 14:30 592488 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-11-14 00:47 . 2009-11-14 00:47 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-11-14 00:47 . 2009-11-14 00:47 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-11-14 00:47 . 2009-11-14 00:47 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2009-11-14 00:47 . 2009-11-14 00:47 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-11-14 00:47 . 2009-11-14 00:47 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2009-11-14 00:47 . 2009-11-14 00:47 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2009-11-14 00:47 . 2009-11-14 00:47 696320 ----a-w- c:\windows\system32\DivX.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 147456]
"Google Update"="c:\documents and settings\Milos\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-12-18 133104]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-07-20 18670592]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-18 149280]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-20 110184]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-20 12669544]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Milos^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\documents and settings\Milos\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Milos^Start Menu^Programs^Startup^Pravoslavac 2009.lnk]
path=c:\documents and settings\Milos\Start Menu\Programs\Startup\Pravoslavac 2009.lnk
backup=c:\windows\pss\Pravoslavac 2009.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 03:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-02-13 23:09 486856 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Security 360]
2009-09-02 14:42 1216272 ----a-w- c:\program files\IObit\IObit Security 360\is360tray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-11-20 19:32 12669544 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2003-10-31 18:42 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner]
2009-12-29 10:16 1070984 ----a-w- c:\program files\Trojan Remover\Trjscan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant]
2008-05-02 04:15 15872 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2010\\pes2010.exe"=
"c:\\Program Files\\Sports Interactive\\Football Manager 2010\\fm.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\CAPCOM\\STREETFIGHTERIV\\StreetFighterIV.exe"=
"c:\\Program Files\\Codemasters\\FUEL\\FUEL.exe"=

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [12/16/2009 3:02 PM 108289]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [12/18/2009 11:13 PM 54752]
R2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [12/19/2009 11:24 AM 305936]
S2 ATE_PROCMON;ATE_PROCMON;\??\c:\program files\Anti Trojan Elite\ATEPMon.sys --> c:\program files\Anti Trojan Elite\ATEPMon.sys [?]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [12/14/2009 3:20 PM 1684736]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [12/27/2009 8:17 AM 8704]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [12/27/2009 8:17 AM 3072]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\Windows Live\Family Safety\fsssvc.exe [8/5/2009 10:48 PM 704864]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12/18/2009 7:28 AM 716272]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Supplementary Scan -------
.
uStart Page = [Link mogu videti samo ulogovani korisnici]
uInternet Connection Wizard,ShellNext = [Link mogu videti samo ulogovani korisnici]
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {02D9B42E-BBD0-4519-A112-BA051E2C1930} = 87.116.152.1
.
- - - - ORPHANS REMOVED - - - -

Notify-WgaLogon - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2009-12-29 14:38
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-12-29 14:39:38
ComboFix-quarantined-files.txt 2009-12-29 13:39

Pre-Run: 57,924,505,600 bytes free
Post-Run: 57,940,660,224 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 2D79BE1B20915883AF92E1BB50C297F7

Poslao: 29 Dec 2009 17:27
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Napisano: 29 Dec 2009 17:21

Kazi mi kakva je situacija sada.

Dopuna: 29 Dec 2009 17:27

Ne moras da me cimas na pp, mozda imam privatna posla i trenutno sam zauzet. Malo strpljenja nije na odmet.

Poslao: 29 Dec 2009 17:44
Idi na vrh
offline
  • Pridružio: 24 Jan 2009
  • Poruke: 87

za sad ne prijavljuje nista avira...

Poslao: 29 Dec 2009 17:54
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Otvoriti Notepad i iskopirati sledeci tekst:

DEQUARANTINE::
C:\Qoobox\Quarantine\C\windows\system32\NCTAudioInformation2.dll.vir
QUIT::

Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Poslao: 29 Dec 2009 18:05
Idi na vrh
offline
  • Pridružio: 24 Jan 2009
  • Poruke: 87

Napisano: 29 Dec 2009 18:04

C:\Qoobox\Quarantine\C\windows\system32\NCTAudioInformation2.dll.vir -> C:\windows\system32\NCTAudioInformation2.dll ( 573440 bytes )

Dopuna: 29 Dec 2009 18:05

samo to je izaslo

Poslao: 29 Dec 2009 18:51
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Javicu se malo kasnije imam neka posla. Ostalo je jos nesto malo da se odradi. Mislim da je komp sada u redu.
Ukoliko primetis u medjuvremenu nesto javi.

MyCity » Ambulanta -> Arhiva Ambulante » TR/Crypt.XPACK.Gen [trojan]

Ko je trenutno na forumu
 

Ukupno su 1298 korisnika na forumu :: 105 registrovanih, 4 sakrivenih i 1189 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 100ka, Adaminho1985, Andrija357, Andy, Asteker, bavar357, Ben Roj, Bob.Rock, Borej, Boris BM, Borkanović, boro975, Boroš, brundo65, cemix, comi_pfc, dozorni, draganca, Draganeli, Drakce65, dukajov, E_Kurir, EXIT78, FileFinder, Fog of War, FOX, gasazem, ILGromovnik, Istman, janezek67, Jeremiah, jimi_agf, JimmyNapoli, jmsk, jodzula, Joja, Jozo74, kaisarevic1, kendzo-andzo-boni-fju, kenny74, kokodakalo, Korle, Krusarac, Kubovac, kybonacci, littlebunny, loon123, lucko1, luka35, Macalone, Malahit, mantrox, markolopin, Metanoja, mikrimaus, Milos1389, Mskok, mux, nebojsag, Neutral-M, nikoladim, niksa517, Nmr, nnnnnnnnnn, novator, Oblički, oldtimer, Pantelejmon, pceklic, pein, Pero, pfc74, Povratak1912, randja26, Raso75, Regrut Boskica, Rothmans, Rusmir, sabros, samo opusteno, Sančo, sap, Silvertooth, Singidunumac, Sićko, Srki94, StalniPromatrač, stegonosa, Stoilkovic, Strasni JA, tamno.nebo, tanakadzo, Toper, TRZH92, Vlad000, vlad4, Vrač, vukovi, vuksa72, wizzardone, yrraf, zauzet, zeo, zombicar153, Zrcalo