MyCity » Ambulanta -> Arhiva Ambulante » Win32.Vitro kako da ga se reshim ?

Win32.Vitro kako da ga se reshim ?

Napisano na dan: 16.9.2009

Strana:
1
2

Win32.Vitro kako da ga se reshim ?

Sledeća strana

Pagination

Odgovori

Strana:
1
2

ROCKAMKD Poslao: 16 Sep 2009 13:33 Idi na vrh
offline ROCKAMKD Počasni građanin Pridružio: 07 Jan 2006 Poruke: 968 Gde živiš: Skopje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovako.... PC sam nashao u ocajnom stanju, spor, lud.... znate vec, nije bilo pomoci, morao se reinstalirati. Formatirao sam C, instalirao XP, drajvere, neke osnovne programe, pa sam skinut Kasperski Virus Scan da sve to lepo proveri, jer, D i E particije nisu formatirane, tamo se nalaze vazni podatci firme. Evo sta sam video: dalje ....... Nisam zachuvao zadnji screen shot, bilo je preko 6 000 infekcija. Instalirao sasm Avast, na navodno "ocishchen" sistem, al mi se josh uvek javljaju virisi, posebno ovaj jedan, dosadam win32.Vitro Iskjucio sam i obrisao sistem restore, ali je ovaj jos tu, sta dalje ? Imate li neku ideju ?

Profil

helen1 Poslao: 16 Sep 2009 14:39 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Znamo se covece, ovo uvek radis kad otvaras temu: http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Profil

ROCKAMKD Poslao: 16 Sep 2009 14:48 Idi na vrh
offline ROCKAMKD Počasni građanin Pridružio: 07 Jan 2006 Poruke: 968 Gde živiš: Skopje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sta je tu ne jasno? Potrazio sam dali vec ima tema na za ovaj virus, nema. Pitanje je jasno: "how to remove win32.vitro ?"

Profil

helen1 Poslao: 16 Sep 2009 14:49 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! http://www.mycity.rs/Ambulanta/Pravila-ovog-dela-foruma.html

Profil

ROCKAMKD Poslao: 16 Sep 2009 15:35 Idi na vrh
offline ROCKAMKD Počasni građanin Pridružio: 07 Jan 2006 Poruke: 968 Gde živiš: Skopje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: OK boss Here it is : DSS DDS (Ver_09-07-30.01) - NTFSx86 Run by NEO at 14:49:36,20 on 16.09.2009 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_16 Microsoft Windows XP Professional 5.1.2600.3.1251.389.1033.18.1023.329 [GMT 4,5:30] AV: avast! antivirus 4.8.1351 [VPS 090915-0] On-access scanning enabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch C:\WINDOWS\system32\svchost -k rpcss C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\IObit\IObit Security 360\IS360srv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\System32\TUProgSt.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Everything\Everything.exe C:\Program Files\IObit\IObit Security 360\IS360tray.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\IObit\IObit Security 360\is360.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\BORGChat\BORGChat.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\msiexec.exe C:\Documents and Settings\NEO\Desktop\dds.pif C:\WINDOWS\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.plusnetwork.com BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe mRun: [Everything] "c:\program files\everything\Everything.exe" -startup mRun: [IObit Security 360] c:\program files\iobit\iobit security 360\IS360tray.exe mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 StartupFolder: c:\docume~1\neo\startm~1\programs\startup\borgchat.lnk - c:\program files\borgchat\BORGChat.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\neo\applic~1\mozilla\firefox\profiles\gw5vk63c.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - component: c:\documents and settings\neo\application data\mozilla\firefox\profiles\gw5vk63c.default\extensions\{1a36a50b-4575-4ab6-ae15-a9bbbad6952f}\components\FFExternalAlert.dll FF - component: c:\documents and settings\neo\application data\mozilla\firefox\profiles\gw5vk63c.default\extensions\lazarus@interclue.com\platform\winnt_x86-msvc\components\WeaveCrypto.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- FF - user.js: yahoo.homepage.dontask - true FF - user.js: network.http.max-connections-per-server - 6 FF - user.js: network.http.max-persistent-connections-per-server - 3 FF - user.js: nglayout.initialpaint.delay - 750 FF - user.js: content.notify.interval - 750000 FF - user.js: content.max.tokenizing.time - 2250000 c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess"); c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); ============= SERVICES / DRIVERS =============== R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [2009-9-1 77056] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-9-3 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-9-3 20560] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-9-3 138680] R2 IS360service;IS360service;c:\program files\iobit\iobit security 360\is360srv.exe [2009-9-3 305936] R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-9-1 603904] R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-9-3 254040] R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-9-3 352920] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-9-16 38224] =============== Created Last 30 ================ 2009-09-16 14:08 <DIR> --d----- c:\program files\BORGChat 2009-09-16 13:47 <DIR> --d----- c:\program files\NetChat 2009-09-16 13:41 0 a------- c:\documents and settings\neo\settings.dat 2009-09-16 13:40 <DIR> --d----- c:\docume~1\neo\applic~1\Malwarebytes 2009-09-16 13:40 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-16 13:40 19,160 a------- c:\windows\system32\drivers\mbam.sys 2009-09-16 13:40 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-09-16 13:40 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2009-09-14 17:04 1,374 a------- c:\windows\imsins.BAK 2009-09-14 14:53 <DIR> --d----- c:\windows\system32\NtmsData 2009-09-14 10:56 3,244 a------- c:\windows\system32\wbem\Outlook_01ca35043de18894.mof 2009-09-14 10:22 <DIR> --d----- c:\program files\common files\AntiGA 2.0 Addon Tools 2009-09-14 09:58 <DIR> --dsh--- c:\documents and settings\neo\IETldCache 2009-09-14 09:28 100,352 -c------ c:\windows\system32\dllcache\iecompat.dll 2009-09-14 09:28 <DIR> --d----- c:\windows\ie8updates 2009-09-14 09:27 12,800 -c------ c:\windows\system32\dllcache\xpshims.dll 2009-09-14 09:27 246,272 -c------ c:\windows\system32\dllcache\ieproxy.dll 2009-09-14 09:25 <DIR> -cd-h--- c:\windows\ie8 2009-09-14 09:08 <DIR> --d----- c:\windows\SxsCaPendDel 2009-09-14 08:49 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Messenger Plus! 2009-09-12 15:39 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Corel 2009-09-12 12:02 <DIR> --d----- c:\documents and settings\neo\Contacts 2009-09-12 11:20 <DIR> --d----- C:\INSTALLDIR 2009-09-12 10:32 65 a------- C:\LiveXP.bat 2009-09-12 10:30 <DIR> --d----- C:\winxp_ws USB LIVE 2009-09-12 10:09 49 a------- c:\windows\NeroDigital.ini 2009-09-12 10:07 266,360 a------- c:\windows\system32\TweakUI.exe 2009-09-12 10:07 160,217 a------- c:\windows\system32\PowerToysLicense.rtf 2009-09-11 17:53 <DIR> --d----- c:\windows\system32\KB905474 2009-09-11 16:47 29,732 a------- c:\windows\system\HYENA.TTF 2009-09-11 16:47 1,306 a------- c:\windows\system\HYENA.FOT 2009-09-11 16:47 429 a------- c:\windows\7thlevel.ini 2009-09-11 16:47 <DIR> --d----- C:\DISNEY 2009-09-09 18:12 221,184 a------- c:\windows\system32\wmpns.dll 2009-09-09 18:09 <DIR> --d----- c:\program files\MSXML 4.0 2009-09-09 10:49 <DIR> --d----- c:\windows\system32\SoftwareDistribution 2009-09-03 17:22 32,592 a------- c:\windows\system32\msonpmon.dll 2009-09-03 17:04 <DIR> --d----- c:\program files\Microsoft Visual Studio 8 2009-09-03 17:01 <DIR> --d----- c:\windows\SHELLNEW 2009-09-03 16:41 <DIR> --d-h--- c:\windows\PIF 2009-09-03 12:02 <DIR> --d----- c:\program files\MSECache 2009-09-03 10:43 <DIR> --d----- c:\docume~1\neo\applic~1\FastStone 2009-09-03 10:42 <DIR> --d----- c:\program files\FastStone Image Viewer 2009-09-03 09:20 <DIR> --d----- c:\docume~1\alluse~1\applic~1\IObit 2009-09-03 09:20 <DIR> --d----- c:\program files\IObit 2009-09-02 15:25 <DIR> --d----- c:\program files\FastStone Screen Capture 2009-09-02 14:08 <DIR> --d----- c:\program files\Everything 2009-09-02 11:54 11,661,344 a--sh--- c:\windows\system32\drivers\fidbox.dat 2009-09-02 11:54 139,820 a--sh--- c:\windows\system32\drivers\fidbox.idx 2009-09-02 11:52 <DIR> --d----- c:\windows\system32\appmgmt 2009-09-01 22:45 <DIR> --d----- c:\windows\system32\Adobe 2009-09-01 22:43 77,056 a----r-- c:\windows\system32\drivers\viasraid.sys 2009-09-01 22:43 <DIR> --d----- c:\program files\VIA 2009-09-01 22:42 40,960 a----r-- c:\windows\system32\drivers\fetnd5b.sys 2009-09-01 22:42 6,016 a----r-- c:\windows\system32\ntsim.sys 2009-09-01 22:42 27,904 a------- c:\windows\system32\drivers\VIAAGP1.SYS 2009-09-01 22:41 <DIR> --d----- c:\windows\system32\ReinstallBackups 2009-09-01 22:41 <DIR> --d----- c:\documents and settings\neo\WINDOWS 2009-09-01 22:40 <DIR> --d----- c:\program files\VIA Technologies, Inc 2009-09-01 22:38 <DIR> --d----- c:\program files\Lavalys 2009-09-01 22:35 <DIR> --d----- c:\documents and settings\NEO 2009-09-01 22:33 <DIR> --ds---- c:\windows\system32\Microsoft 2009-09-01 22:33 8,192 a------- c:\windows\REGLOCS.OLD 2009-09-01 22:30 7,680 ac------ c:\windows\system32\dllcache\migregdb.exe 2009-09-01 22:29 218,112 ac------ c:\windows\system32\dllcache\c_g18030.dll 2009-09-01 22:28 26,144 a------- c:\windows\system32\spupdsvc.exe 2009-09-01 22:28 <DIR> --d----- c:\windows\system32\PreInstall 2009-09-01 22:28 <DIR> --d-h--- c:\windows\$hf_mig$ 2009-09-01 22:28 2,626 a------- c:\windows\system32\CONFIG.NT 2009-09-01 22:28 0 a------- c:\windows\control.ini 2009-09-01 22:28 23,392 a------- c:\windows\system32\nscompat.tlb 2009-09-01 22:28 16,832 a------- c:\windows\system32\amcompat.tlb 2009-09-01 22:28 316,640 a------- c:\windows\WMSysPr9.prx 2009-09-01 22:27 <DIR> --dsh--- c:\documents and settings\all users\DRM 2009-09-01 22:26 <DIR> --d-h--- c:\program files\WindowsUpdate 2009-09-01 22:25 <DIR> --d----- c:\program files\common files\MSSoap 2009-09-01 22:23 <DIR> --d----- c:\program files\Online Services 2009-09-01 22:23 <DIR> --d----- c:\program files\Windows Media Connect 2 2009-09-01 22:23 <DIR> --d----- c:\program files\Messenger 2009-09-01 22:23 <DIR> --d----- c:\program files\MSN Gaming Zone 2009-09-01 22:22 <DIR> --d----- c:\program files\Windows NT 2009-09-01 16:12 <DIR> --d----- c:\documents and settings\neo\DoctorWeb 2009-09-01 16:11 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Doctor Web 2009-09-01 16:11 <DIR> --d----- c:\program files\DrWeb 2009-09-01 15:53 <DIR> --d----- c:\program files\AutoCAD R14 2009-09-01 15:44 <DIR> --d----- c:\program files\Ask Search Assistant 2009-09-01 15:44 <DIR> --d----- c:\program files\Messenger Plus! Live 2009-09-01 15:39 <DIR> --d----- c:\docume~1\neo\applic~1\TuneUp Software 2009-09-01 15:37 <DIR> --d----- c:\docume~1\alluse~1\applic~1\TuneUp Software 2009-09-01 15:37 <DIR> --d----- c:\program files\TuneUp Utilities 2009 2009-09-01 15:37 <DIR> --dsh--- c:\docume~1\alluse~1\applic~1\{55A29068-F2CE-456C-9148-C869879E2357} 2009-09-01 15:30 <DIR> --d----- c:\program files\common files\Corel 2009-09-01 15:29 <DIR> --d----- c:\program files\Corel 2009-09-01 15:11 <DIR> --d----- c:\docume~1\alluse~1\applic~1\DAEMON Tools Lite 2009-09-01 15:11 <DIR> --d----- c:\program files\common files\ODBC 2009-09-01 15:11 <DIR> --d----- c:\program files\common files\SpeechEngines 2009-09-01 15:11 <DIR> --d----- c:\program files\DAEMON Tools Toolbar 2009-09-01 15:11 <DIR> --d----- c:\program files\DAEMON Tools Lite 2009-09-01 15:11 <DIR> --d--r-- c:\documents and settings\all users\Documents 2009-09-01 15:10 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Nero 2009-09-01 15:10 <DIR> --d----- c:\program files\Nero 2009-09-01 14:59 <DIR> --d----- c:\docume~1\neo\applic~1\DAEMON Tools Lite 2009-09-01 14:45 <DIR> --d----- c:\program files\MSN Messenger 2009-09-01 14:30 <DIR> --d----- c:\program files\K-Lite Codec Pack 2009-09-01 14:21 <DIR> --d----- c:\program files\Skype 2009-09-01 14:10 <DIR> --d----- c:\program files\ATI Technologies 2009-09-01 14:08 <DIR> --d----- c:\program files\Canon 2009-09-01 13:58 <DIR> --d----- c:\program files\CCleaner ==================== Find3M ==================== 2009-09-01 22:24 21,640 a------- c:\windows\system32\emptyregdb.dat 2009-09-01 15:43 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat 2009-09-01 15:39 603,904 a------- c:\windows\system32\TUProgSt.exe 2009-09-01 15:39 360,192 a------- c:\windows\system32\TuneUpDefragService.exe 2009-09-01 14:59 721,904 a------- c:\windows\system32\drivers\sptd.sys 2009-09-01 13:50 411,368 a------- c:\windows\system32\deploytk.dll 2009-08-05 13:31 204,800 a------- c:\windows\system32\mswebdvd.dll 2009-07-29 09:07 119,808 a------- c:\windows\system32\t2embed.dll 2009-07-29 09:07 81,920 a------- c:\windows\system32\fontsub.dll 2009-07-21 11:22 499,712 a------- c:\windows\system32\msvcp71.dll 2009-07-21 11:22 348,160 a------- c:\windows\system32\msvcr71.dll 2009-07-17 23:31 58,880 a------- c:\windows\system32\atl.dll 2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll 2009-07-03 21:39 915,456 a------- c:\windows\system32\wininet.dll ============= FINISH: 14:52:39,54 =============== [url=https://www.mycity.rs/must-login.png Attach[/url] Evo ovo, a sad che i GMER, samo da zavrshi, to cudo satima skenira :S

Profil

helen1 Poslao: 16 Sep 2009 15:44 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! A, jel ima tu multi boot windows? Vise Windowsa na tom kompu?

Profil

ROCKAMKD Poslao: 16 Sep 2009 15:56 Idi na vrh
offline ROCKAMKD Počasni građanin Pridružio: 07 Jan 2006 Poruke: 968 Gde živiš: Skopje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! NEma, samo ovaj jedan, instaliro sam ga pre 5-6 dana.

Profil

helen1 Poslao: 16 Sep 2009 16:00 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Na ovim drugim particijama imas gadan virus. Imas li cele logove od antivirusa da mi okacis?

Profil

ROCKAMKD Poslao: 16 Sep 2009 16:54 Idi na vrh
offline ROCKAMKD Počasni građanin Pridružio: 07 Jan 2006 Poruke: 968 Gde živiš: Skopje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 16 Sep 2009 16:13 Imam od Dr.Web, zaboravio sam da sam i sa njim skenirao. Ostala su neka 4 raporta, evo ih: https://www.mycity.rs/must-login.png Avast je nashao 140 infekcija pre malo, da vidim dal negde pastira logove pa chu da okachim i to. Sad skeniram sa malwarebites, ako mi on da log, postavi cu ga. I ovaj GMER josh uvek skenira .... Dopuna: 16 Sep 2009 16:15 Full Scan: stopped 01.11.2008 14:42:39 (events: 9, objects: , time: 00:00:00) 01.11.2008 11:52:24 Untreated: Trojan.Win32.Delf.bon F:\System Volume Information\_restore{123BE19E-7DBC-45F9-B753-511BBB560A2C}\RP115\A0048662.exe/# Postponed 01.11.2008 14:42:39 Task stopped 01.11.2008 11:31:16 Task started 01.11.2008 11:52:24 Detected: Trojan.Win32.Delf.bon F:\System Volume Information\_restore{123BE19E-7DBC-45F9-B753-511BBB560A2C}\RP115\A0048662.exe/# 01.11.2008 11:51:38 Detected: Suspicious.Packer F:\System Volume Information\_restore{123BE19E-7DBC-45F9-B753-511BBB560A2C}\RP112\A0048206.exe/PE_Patch.Morphine/Morphine 01.11.2008 11:51:39 Detected: Suspicious.Packer F:\System Volume Information\_restore{123BE19E-7DBC-45F9-B753-511BBB560A2C}\RP112\A0048206.exe/PE_Patch.Morphine 01.11.2008 11:52:29 Detected: Heur.Trojan.Generic F:\System Volume Information\_restore{123BE19E-7DBC-45F9-B753-511BBB560A2C}\RP115\A0048662.exe Full Scan: stopped 01.11.2008 14:42:39 (events: 9, objects: , time: 00:00:00) 01.11.2008 11:05:09 Task completed 01.11.2008 11:02:39 Task started Ovo sam izvadio iz kante, txt file pod imenom KAS Dopuna: 16 Sep 2009 16:24 Avast Chest : ------------------------------------------------------------------------------------------ Program will try to load all Chest files from the following server: (null) FileID: 0000000001 Original file name: C:\WINDOWS\system32\kernel32.dll File category: 0 FileID: 0000000002 Original file name: C:\WINDOWS\system32\winsock.dll File category: 0 FileID: 0000000003 Original file name: C:\WINDOWS\system32\wsock32.dll File category: 0 FileID: 0000000004 Original file name: D:\Instalacioni prog\UTILITY\install.exe File category: 1 ------------------------------------------------------------------------------------------ Action was completed successfully! Dopuna: 16 Sep 2009 16:54 Ovo sam nasao u awast folderu: https://www.mycity.rs/must-login.png Evo i GMER1, ne znam dal je kompletan, jer se program je "Not Responding" , al je ipak napravio save. https://www.mycity.rs/must-login.png ... i ondak se srushio windows ..... za danas mi je dosata .

Profil

helen1 Poslao: 16 Sep 2009 23:32 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ajmo da probamo ovako za pocetak: Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Win32.Vitro kako da ga se reshim ?

Ko je trenutno na forumu

Ukupno su 1075 korisnika na forumu :: 30 registrovanih, 5 sakrivenih i 1040 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: ajo baba, Apok, ArchaBasha, bojan_t, bojcistv, bokisha253, debeli, DonRumataEstorski, HrcAk47, ILGromovnik, kokodakalo, Kriglord, Kubovac, kybonacci, Leonov, lord sir giga, Marko Marković, milutin134, mnn2, moldway, nemkea71, nikolaus112, radoznao, raso76, repac, royst33, rradovan, sasa87, vathra, Zanim98

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by