MyCity » Ambulanta -> Arhiva Ambulante » Imam virusa, spyware. Komp se ledi

Imam virusa, spyware. Komp se ledi

Napisano na dan: 29.3.2008

Strana:
1
2

Imam virusa, spyware. Komp se ledi

Pagination

Prethodna strana

Odgovori

Strana:
1
2

Gad Poslao: 01 Apr 2008 11:16 Idi na vrh
offline Gad Počasni građanin Pridružio: 19 Maj 2005 Poruke: 932	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-03-27.3 - Bojan 2008-04-01 11:03:17.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.449 [GMT 2:00] Running from: C:\Documents and Settings\Bojan\My Documents\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\seekmo . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_npf ((((((((((((((((((((((((( Files Created from 2008-03-01 to 2008-04-01 ))))))))))))))))))))))))))))))) . 2008-03-29 12:07 . 2008-03-29 12:07 <DIR> d-------- C:\VundoFix Backups 2008-03-29 12:04 . 2008-03-29 12:04 <DIR> d-------- C:\Program Files\Trend Micro 2008-03-28 16:27 . 2008-03-28 16:27 7,680 --ahs---- C:\WINDOWS\Thumbs.db 2008-03-28 07:56 . 2008-03-28 07:56 <DIR> d-------- C:\Program Files\180searchassistant 2008-03-28 07:56 . 2008-03-28 07:56 <DIR> d-------- C:\Program Files\180search assistant 2008-03-27 17:38 . 2008-03-27 17:38 <DIR> d-------- C:\Program Files\180solutions 2008-03-27 17:25 . 2008-03-29 13:19 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\Web Page Maker V2 2008-03-27 17:24 . 2008-03-27 17:24 <DIR> d-------- C:\Program Files\Lavasoft 2008-03-27 17:24 . 2008-03-27 17:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-03-27 17:23 . 2008-03-27 17:23 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-03-27 00:27 . 2008-03-27 00:27 376 --a------ C:\WINDOWS\ODBC.INI 2008-03-27 00:26 . 2003-06-18 18:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll 2008-03-27 00:25 . 2008-03-27 00:25 <DIR> d-------- C:\WINDOWS\SHELLNEW 2008-03-27 00:25 . 2008-03-27 00:25 <DIR> d-------- C:\Program Files\Microsoft ActiveSync 2008-03-27 00:22 . 2008-03-27 00:22 <DIR> dr-h----- C:\MSOCache 2008-03-26 16:33 . 2008-03-26 16:33 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\IM-Names 2008-03-26 12:40 . 2008-03-26 12:40 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\Grisoft 2008-03-26 12:40 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2008-03-26 12:34 . 2008-03-26 12:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Rabio 2008-03-26 08:14 . 2008-03-26 08:14 <DIR> d-------- C:\Program Files\zango 2008-03-26 08:14 . 2008-03-26 08:14 <DIR> d-------- C:\Program Files\Sysmnt 2008-03-26 08:14 . 2008-03-26 08:14 <DIR> d-------- C:\Program Files\stc 2008-03-26 08:01 . 2008-03-26 08:01 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\Syntrillium 2008-03-26 07:59 . 2008-03-26 07:59 90,537 --a------ C:\WINDOWS\system32\sbwltbxa.exe 2008-03-24 00:38 . 2008-03-24 00:38 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared 2008-03-24 00:38 . 2008-03-24 00:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems 2008-03-24 00:37 . 2008-03-24 00:40 <DIR> d-------- C:\Program Files\Common Files\Adobe 2008-03-24 00:29 . 2008-03-31 13:06 619 --a------ C:\WINDOWS\wcx_ftp.ini 2008-03-23 23:53 . 2008-04-01 09:23 69 --a------ C:\WINDOWS\NeroDigital.ini 2008-03-23 23:51 . 2008-03-23 23:51 <DIR> d-------- C:\Program Files\Common Files\LightScribe 2008-03-23 23:49 . 2008-04-01 10:30 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\Ahead 2008-03-23 23:43 . 2008-03-23 23:43 <DIR> d-------- C:\Program Files\Nero 2008-03-23 23:43 . 2008-03-23 23:50 <DIR> d-------- C:\Program Files\Common Files\Ahead 2008-03-23 23:43 . 2008-03-23 23:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nero 2008-03-22 18:17 . 2008-03-22 18:17 <DIR> d-------- C:\WINDOWS\system32\QuickTime 2008-03-22 16:55 . 2008-03-22 18:17 <DIR> d-------- C:\Program Files\Macromedia 2008-03-22 16:55 . 2008-03-22 17:41 <DIR> d-------- C:\Program Files\Common Files\Macromedia 2008-03-22 16:54 . 2008-03-22 18:15 <DIR> d-------- C:\WINDOWS\Downloaded Installations 2008-03-22 16:52 . 2008-03-22 16:52 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\Media Player Classic 2008-03-22 16:44 . 2008-03-22 16:44 <DIR> d--h----- C:\WINDOWS\PIF 2008-03-22 13:18 . 2008-03-22 13:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2008-03-22 11:40 . 2007-12-07 04:21 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll 2008-03-22 11:40 . 2007-07-01 05:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2008-03-22 11:40 . 2007-07-01 05:36 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2008-03-22 11:40 . 2007-12-07 04:21 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll 2008-03-22 11:40 . 2007-12-07 04:21 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2008-03-22 11:40 . 2007-12-07 04:21 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll 2008-03-22 11:40 . 2007-12-07 04:21 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll 2008-03-22 11:40 . 2007-12-07 04:21 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2008-03-22 11:40 . 2007-12-06 13:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-03-22 04:05 . 2004-09-01 10:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-03-21 19:05 . 2008-03-22 13:12 <DIR> d--h----- C:\WINDOWS\$hf_mig$ 2008-03-21 19:05 . 2006-09-06 18:43 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe 2008-03-21 15:40 . 2008-03-21 15:40 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7 2008-03-21 15:40 . 2008-04-01 08:00 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\AVG7 2008-03-21 15:40 . 2008-03-21 15:40 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll 2008-03-21 15:39 . 2008-03-26 12:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2008-03-21 15:39 . 2008-03-21 15:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg7 2008-03-21 15:30 . 2004-08-04 00:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2008-03-21 15:30 . 2004-08-04 00:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys 2008-03-21 14:29 . 2008-03-21 14:29 <DIR> d-------- C:\Program Files\uTorrent 2008-03-21 14:29 . 2008-04-01 11:07 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\uTorrent 2008-03-21 14:04 . 2008-03-21 14:04 12,736 --ah----- C:\WINDOWS\system32\mlfcache.dat 2008-03-20 23:42 . 2008-03-20 23:42 38 --a------ C:\WINDOWS\avisplitter.INI 2008-03-20 23:14 . 2008-03-20 23:32 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\vlc 2008-03-20 21:22 . 2008-03-31 13:10 2,644 --a------ C:\WINDOWS\WINCMD.INI 2008-03-20 21:20 . 2008-03-20 21:22 <DIR> d-------- C:\Program Files\TotalCmd 2008-03-20 21:20 . 2008-03-31 20:24 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\skypePM 2008-03-20 21:20 . 2008-03-20 21:20 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat 2008-03-20 21:19 . 2008-03-31 22:30 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\Skype 2008-03-20 21:18 . 2008-03-20 21:19 <DIR> d-------- C:\Program Files\Skype 2008-03-20 21:18 . 2008-03-20 21:18 <DIR> d-------- C:\Program Files\Common Files\Skype 2008-03-20 21:18 . 2008-03-20 21:19 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype 2008-03-20 21:13 . 2008-03-20 21:13 <DIR> d-------- C:\Program Files\Notepad++ 2008-03-20 21:13 . 2008-03-20 23:41 <DIR> d-------- C:\Program Files\Mv2Player 2008-03-20 21:13 . 2008-03-21 14:04 <DIR> d-------- C:\Program Files\mIRC 2008-03-20 21:13 . 2008-03-24 01:05 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\Notepad++ 2008-03-20 21:13 . 2008-03-21 14:07 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\mIRC 2008-03-20 20:59 . 2008-03-20 20:59 304 --ah----- C:\sqmdata03.sqm 2008-03-20 20:59 . 2008-03-20 20:59 244 --ah----- C:\sqmnoopt03.sqm 2008-03-20 20:57 . 2008-03-20 20:57 268 --ah----- C:\sqmdata02.sqm 2008-03-20 20:57 . 2008-03-20 20:57 244 --ah----- C:\sqmnoopt02.sqm 2008-03-20 20:29 . 2008-03-20 20:29 268 --ah----- C:\sqmdata01.sqm 2008-03-20 20:29 . 2008-03-20 20:29 244 --ah----- C:\sqmnoopt01.sqm 2008-03-20 19:46 . 2008-03-20 19:46 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE 2008-03-20 19:46 . 2008-03-20 19:46 <DIR> d-------- C:\Program Files\MSN Messenger 2008-03-20 19:46 . 2008-03-26 22:44 <DIR> d-------- C:\Documents and Settings\Bojan\Contacts 2008-03-20 19:46 . 2008-03-20 19:46 268 --ah----- C:\sqmdata00.sqm 2008-03-20 19:46 . 2008-03-20 19:46 244 --ah----- C:\sqmnoopt00.sqm 2008-03-20 19:01 . 2008-03-20 19:01 <DIR> d--h----- C:\Program Files\InstallShield Installation Information 2008-03-20 19:01 . 2003-06-27 15:11 491,520 --a------ C:\WINDOWS\Au51Fun.exe 2008-03-20 19:01 . 2000-05-18 15:43 108,978 --a------ C:\WINDOWS\TTTest.wav 2008-03-20 17:46 . 2008-03-20 17:46 16 --a------ C:\WINDOWS\wininit.ini 2008-03-20 17:44 . 2008-03-20 17:44 <DIR> d-------- C:\Program Files\Yahoo! 2008-03-20 17:44 . 2008-03-20 17:44 <DIR> d-------- C:\Program Files\CCleaner 2008-03-20 17:09 . 2006-06-14 10:47 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2008-03-20 17:09 . 2006-06-14 10:47 6,400 --a--c--- C:\WINDOWS\system32\dllcache\splitter.sys 2008-03-20 17:07 . 2000-10-20 19:28 765,952 -ra------ C:\WINDOWS\system\crlds3d.dll 2008-03-20 17:06 . 2001-08-17 15:59 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2008-03-20 17:05 . 2004-08-04 00:59 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-22 14:54 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-03-20 14:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\nView_Profiles 2008-03-20 14:31 --------- d-----w C:\Program Files\Opera 2008-03-20 14:31 --------- d-----w C:\Program Files\Foxit Software 2008-03-20 14:31 --------- d-----w C:\Program Files\Ares 2008-03-20 14:30 --------- d-----w C:\Program Files\Winamp 2008-03-20 14:30 --------- d-----w C:\Program Files\VideoLAN 2008-03-20 14:30 --------- d-----w C:\Documents and Settings\Bojan\Application Data\Winamp 2008-03-20 14:28 --------- d-----w C:\Program Files\K-Lite Codec Pack 2008-03-20 14:27 --------- d-----w C:\Program Files\Java 2008-03-20 14:27 --------- d-----w C:\Program Files\Common Files\Java 2008-03-20 14:19 --------- d-----w C:\Program Files\microsoft frontpage . ((((((((((((((((((((((((((((( snapshot@2008-03-29_11.57.50.96 ))))))))))))))))))))))))))))))))))))))))) . - 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE + 2000-08-31 06:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE - 2000-08-31 07:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe + 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe - 2008-03-22 02:17:14 40,196 ----a-w C:\WINDOWS\system32\perfc009.dat + 2008-03-30 09:09:03 40,196 ----a-w C:\WINDOWS\system32\perfc009.dat - 2008-03-22 02:17:14 311,934 ----a-w C:\WINDOWS\system32\perfh009.dat + 2008-03-30 09:09:03 311,934 ----a-w C:\WINDOWS\system32\perfh009.dat - 2000-08-31 07:00:00 161,792 ----a-w C:\WINDOWS\system32\swreg.exe + 2000-08-31 06:00:00 161,792 ----a-w C:\WINDOWS\system32\swreg.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ares"="C:\Program Files\Ares\Ares.exe" [2007-07-16 23:54 961536] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 13:54 5674352] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-01 10:00 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 20:04 139264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-10-29 17:50 4620288] "nwiz"="nwiz.exe" [2004-10-29 17:50 921600 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2004-10-29 17:50 86016] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-01-16 00:54 37376] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-03-21 15:39 411648] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-03-21 15:39 145920] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Ares\\Ares.exe"= "C:\\WINDOWS\\system32\\mmc.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-01 11:08:56 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\imapi.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\rundll32.exe . ************************************************************************ . Completion time: 2008-04-01 11:12:55 - machine was rebooted ComboFix-quarantined-files.txt 2008-04-01 09:12:50 ComboFix2.txt 2008-03-29 10:58:20 Pre-Run: 10,627,829,760 bytes free Post-Run: 10,614,153,216 bytes free . 2008-03-27 15:48:32 --- E O F ---

Profil

helen1 Poslao: 02 Apr 2008 08:04 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: C:\WINDOWS\system32\sbwltbxa.exe Folder:: C:\Program Files\180searchassistant C:\Program Files\180search assistant C:\Program Files\180solutions C:\Program Files\zango C:\Program Files\stc C:\Program Files\Sysmnt` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

Gad Poslao: 02 Apr 2008 10:06 Idi na vrh
offline Gad Počasni građanin Pridružio: 19 Maj 2005 Poruke: 932	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-03-27.3 - Bojan 2008-04-02 9:53:29.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.190 [GMT 2:00] Running from: C:\Documents and Settings\Bojan\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\Bojan\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: C:\WINDOWS\system32\sbwltbxa.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Program Files\180search assistant C:\Program Files\180search assistant\180sa.exe C:\Program Files\180search assistant\sau.exe C:\Program Files\180searchassistant C:\Program Files\180searchassistant\saap.exe C:\Program Files\180searchassistant\sac.exe C:\Program Files\180solutions C:\Program Files\180solutions\sais.exe C:\Program Files\stc C:\Program Files\stc\csv5p070.exe C:\Program Files\Sysmnt C:\Program Files\Sysmnt\Ssmgr.exe C:\Program Files\zango C:\Program Files\zango\zango.exe C:\WINDOWS\recover.reg C:\WINDOWS\system32\sbwltbxa.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_npf ((((((((((((((((((((((((( Files Created from 2008-03-02 to 2008-04-02 ))))))))))))))))))))))))))))))) . 2008-04-01 19:58 . 2008-04-01 19:58 0 --a------ C:\dump_dvd.vob 2008-03-29 12:07 . 2008-03-29 12:07 <DIR> d-------- C:\VundoFix Backups 2008-03-29 12:04 . 2008-03-29 12:04 <DIR> d-------- C:\Program Files\Trend Micro 2008-03-28 16:27 . 2008-03-28 16:27 7,680 --ahs---- C:\WINDOWS\Thumbs.db 2008-03-27 17:25 . 2008-03-29 13:19 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\Web Page Maker V2 2008-03-27 17:24 . 2008-03-27 17:24 <DIR> d-------- C:\Program Files\Lavasoft 2008-03-27 17:24 . 2008-03-27 17:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-03-27 17:23 . 2008-03-27 17:23 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-03-27 00:27 . 2008-03-27 00:27 376 --a------ C:\WINDOWS\ODBC.INI 2008-03-27 00:26 . 2003-06-18 18:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll 2008-03-27 00:25 . 2008-03-27 00:25 <DIR> d-------- C:\WINDOWS\SHELLNEW 2008-03-27 00:25 . 2008-03-27 00:25 <DIR> d-------- C:\Program Files\Microsoft ActiveSync 2008-03-27 00:22 . 2008-03-27 00:22 <DIR> dr-h----- C:\MSOCache 2008-03-26 16:33 . 2008-03-26 16:33 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\IM-Names 2008-03-26 12:40 . 2008-03-26 12:40 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\Grisoft 2008-03-26 12:40 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2008-03-26 12:34 . 2008-03-26 12:34 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Rabio 2008-03-26 08:01 . 2008-03-26 08:01 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\Syntrillium 2008-03-24 00:38 . 2008-03-24 00:38 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared 2008-03-24 00:38 . 2008-03-24 00:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems 2008-03-24 00:37 . 2008-03-24 00:40 <DIR> d-------- C:\Program Files\Common Files\Adobe 2008-03-24 00:29 . 2008-04-01 16:11 619 --a------ C:\WINDOWS\wcx_ftp.ini 2008-03-23 23:53 . 2008-04-02 09:30 69 --a------ C:\WINDOWS\NeroDigital.ini 2008-03-23 23:51 . 2008-03-23 23:51 <DIR> d-------- C:\Program Files\Common Files\LightScribe 2008-03-23 23:49 . 2008-04-01 10:30 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\Ahead 2008-03-23 23:43 . 2008-03-23 23:43 <DIR> d-------- C:\Program Files\Nero 2008-03-23 23:43 . 2008-03-23 23:50 <DIR> d-------- C:\Program Files\Common Files\Ahead 2008-03-23 23:43 . 2008-03-23 23:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nero 2008-03-22 18:17 . 2008-03-22 18:17 <DIR> d-------- C:\WINDOWS\system32\QuickTime 2008-03-22 16:55 . 2008-03-22 18:17 <DIR> d-------- C:\Program Files\Macromedia 2008-03-22 16:55 . 2008-03-22 17:41 <DIR> d-------- C:\Program Files\Common Files\Macromedia 2008-03-22 16:54 . 2008-03-22 18:15 <DIR> d-------- C:\WINDOWS\Downloaded Installations 2008-03-22 16:52 . 2008-03-22 16:52 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\Media Player Classic 2008-03-22 16:44 . 2008-03-22 16:44 <DIR> d--h----- C:\WINDOWS\PIF 2008-03-22 13:18 . 2008-03-22 13:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2008-03-22 11:40 . 2007-12-07 04:21 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll 2008-03-22 11:40 . 2007-07-01 05:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2008-03-22 11:40 . 2007-07-01 05:36 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2008-03-22 11:40 . 2007-12-07 04:21 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll 2008-03-22 11:40 . 2007-12-07 04:21 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2008-03-22 11:40 . 2007-12-07 04:21 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll 2008-03-22 11:40 . 2007-12-07 04:21 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll 2008-03-22 11:40 . 2007-12-07 04:21 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2008-03-22 11:40 . 2007-12-06 13:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-03-22 04:05 . 2004-09-01 10:00 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-03-21 19:05 . 2008-03-22 13:12 <DIR> d--h----- C:\WINDOWS\$hf_mig$ 2008-03-21 19:05 . 2006-09-06 18:43 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe 2008-03-21 15:40 . 2008-03-21 15:40 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7 2008-03-21 15:40 . 2008-04-02 09:28 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\AVG7 2008-03-21 15:40 . 2008-03-21 15:40 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll 2008-03-21 15:39 . 2008-03-26 12:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2008-03-21 15:39 . 2008-03-21 15:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg7 2008-03-21 15:30 . 2004-08-04 00:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2008-03-21 15:30 . 2004-08-04 00:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys 2008-03-21 14:29 . 2008-03-21 14:29 <DIR> d-------- C:\Program Files\uTorrent 2008-03-21 14:29 . 2008-04-02 09:56 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\uTorrent 2008-03-21 14:04 . 2008-03-21 14:04 12,736 --ah----- C:\WINDOWS\system32\mlfcache.dat 2008-03-20 23:42 . 2008-03-20 23:42 38 --a------ C:\WINDOWS\avisplitter.INI 2008-03-20 23:14 . 2008-03-20 23:32 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\vlc 2008-03-20 21:22 . 2008-04-01 18:37 3,196 --a------ C:\WINDOWS\WINCMD.INI 2008-03-20 21:20 . 2008-03-20 21:22 <DIR> d-------- C:\Program Files\TotalCmd 2008-03-20 21:20 . 2008-03-31 20:24 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\skypePM 2008-03-20 21:20 . 2008-03-20 21:20 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat 2008-03-20 21:19 . 2008-03-31 22:30 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\Skype 2008-03-20 21:18 . 2008-03-20 21:19 <DIR> d-------- C:\Program Files\Skype 2008-03-20 21:18 . 2008-03-20 21:18 <DIR> d-------- C:\Program Files\Common Files\Skype 2008-03-20 21:18 . 2008-03-20 21:19 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype 2008-03-20 21:13 . 2008-03-20 21:13 <DIR> d-------- C:\Program Files\Notepad++ 2008-03-20 21:13 . 2008-03-20 23:41 <DIR> d-------- C:\Program Files\Mv2Player 2008-03-20 21:13 . 2008-03-21 14:04 <DIR> d-------- C:\Program Files\mIRC 2008-03-20 21:13 . 2008-03-24 01:05 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\Notepad++ 2008-03-20 21:13 . 2008-03-21 14:07 <DIR> d-------- C:\Documents and Settings\Bojan\Application Data\mIRC 2008-03-20 20:59 . 2008-03-20 20:59 304 --ah----- C:\sqmdata03.sqm 2008-03-20 20:59 . 2008-03-20 20:59 244 --ah----- C:\sqmnoopt03.sqm 2008-03-20 20:57 . 2008-03-20 20:57 268 --ah----- C:\sqmdata02.sqm 2008-03-20 20:57 . 2008-03-20 20:57 244 --ah----- C:\sqmnoopt02.sqm 2008-03-20 20:29 . 2008-03-20 20:29 268 --ah----- C:\sqmdata01.sqm 2008-03-20 20:29 . 2008-03-20 20:29 244 --ah----- C:\sqmnoopt01.sqm 2008-03-20 19:46 . 2008-03-20 19:46 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE 2008-03-20 19:46 . 2008-03-20 19:46 <DIR> d-------- C:\Program Files\MSN Messenger 2008-03-20 19:46 . 2008-03-26 22:44 <DIR> d-------- C:\Documents and Settings\Bojan\Contacts 2008-03-20 19:46 . 2008-03-20 19:46 268 --ah----- C:\sqmdata00.sqm 2008-03-20 19:46 . 2008-03-20 19:46 244 --ah----- C:\sqmnoopt00.sqm 2008-03-20 19:01 . 2008-03-20 19:01 <DIR> d--h----- C:\Program Files\InstallShield Installation Information 2008-03-20 19:01 . 2003-06-27 15:11 491,520 --a------ C:\WINDOWS\Au51Fun.exe 2008-03-20 19:01 . 2000-05-18 15:43 108,978 --a------ C:\WINDOWS\TTTest.wav 2008-03-20 17:46 . 2008-03-20 17:46 16 --a------ C:\WINDOWS\wininit.ini 2008-03-20 17:44 . 2008-03-20 17:44 <DIR> d-------- C:\Program Files\Yahoo! 2008-03-20 17:44 . 2008-03-20 17:44 <DIR> d-------- C:\Program Files\CCleaner 2008-03-20 17:09 . 2006-06-14 10:47 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2008-03-20 17:09 . 2006-06-14 10:47 6,400 --a--c--- C:\WINDOWS\system32\dllcache\splitter.sys 2008-03-20 17:07 . 2000-10-20 19:28 765,952 -ra------ C:\WINDOWS\system\crlds3d.dll 2008-03-20 17:06 . 2001-08-17 15:59 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2008-03-20 17:05 . 2004-08-04 00:59 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2008-03-20 17:05 . 2004-08-04 01:08 10,624 --a------ C:\WINDOWS\system32\drivers\gameenum.sys 2008-03-20 17:02 . 2008-04-01 11:12 <DIR> d-------- C:\WINDOWS\system32\CatRoot2 2008-03-20 17:02 . 2008-03-24 00:40 <DIR> dr------- C:\Documents and Settings\All Users\Documents 2008-03-20 17:01 . 2008-03-20 16:24 <DIR> d-------- C:\Documents and Settings 2008-03-20 17:00 . 2008-03-20 16:22 261 --a------ C:\WINDOWS\system32\$winnt$.inf . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-22 14:54 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-03-20 14:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\nView_Profiles 2008-03-20 14:31 --------- d-----w C:\Program Files\Opera 2008-03-20 14:31 --------- d-----w C:\Program Files\Foxit Software 2008-03-20 14:31 --------- d-----w C:\Program Files\Ares 2008-03-20 14:30 --------- d-----w C:\Program Files\Winamp 2008-03-20 14:30 --------- d-----w C:\Program Files\VideoLAN 2008-03-20 14:30 --------- d-----w C:\Documents and Settings\Bojan\Application Data\Winamp 2008-03-20 14:28 --------- d-----w C:\Program Files\K-Lite Codec Pack 2008-03-20 14:27 --------- d-----w C:\Program Files\Java 2008-03-20 14:27 --------- d-----w C:\Program Files\Common Files\Java 2008-03-20 14:19 --------- d-----w C:\Program Files\microsoft frontpage . ((((((((((((((((((((((((((((( snapshot@2008-03-29_11.57.50.96 ))))))))))))))))))))))))))))))))))))))))) . - 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE + 2000-08-31 06:00:00 163,328 ----a-w C:\WINDOWS\erdnt\Hiv-backup\ERDNT.EXE - 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE + 2000-08-31 06:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE - 2000-08-31 07:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe + 2000-08-31 06:00:00 28,160 ----a-w C:\WINDOWS\Nircmd.exe - 2008-03-22 02:17:14 40,196 ----a-w C:\WINDOWS\system32\perfc009.dat + 2008-03-30 09:09:03 40,196 ----a-w C:\WINDOWS\system32\perfc009.dat - 2008-03-22 02:17:14 311,934 ----a-w C:\WINDOWS\system32\perfh009.dat + 2008-03-30 09:09:03 311,934 ----a-w C:\WINDOWS\system32\perfh009.dat - 2000-08-31 07:00:00 161,792 ----a-w C:\WINDOWS\system32\swreg.exe + 2000-08-31 06:00:00 161,792 ----a-w C:\WINDOWS\system32\swreg.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ares"="C:\Program Files\Ares\Ares.exe" [2007-07-16 23:54 961536] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 13:54 5674352] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-01 10:00 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 20:04 139264] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-10-29 17:50 4620288] "nwiz"="nwiz.exe" [2004-10-29 17:50 921600 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2004-10-29 17:50 86016] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-01-16 00:54 37376] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-03-21 15:39 411648] "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-03-21 15:39 145920] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Ares\\Ares.exe"= "C:\\WINDOWS\\system32\\mmc.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"= "C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a7a2caf-fe3b-11dc-a6b0-000c6ec604a2}] \Shell\auto\command - N:\Knight.exe open \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open \Shell\explore\command - N:\Knight.exe open \Shell\find\command - N:\Knight.exe open \Shell\install\command - N:\Knight.exe open \Shell\open\command - N:\Knight.exe open . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-04-02 09:58:45 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\system32\imapi.exe C:\WINDOWS\system32\wscntfy.exe . ************************************************************************ . Completion time: 2008-04-02 10:03:05 - machine was rebooted ComboFix-quarantined-files.txt 2008-04-02 08:03:01 ComboFix2.txt 2008-04-01 09:12:56 ComboFix3.txt 2008-03-29 10:58:20 Pre-Run: 9,148,432,384 bytes free Post-Run: 9,266,917,376 bytes free . 2008-03-27 15:48:32 --- E O F ---

Profil

helen1 Poslao: 03 Apr 2008 10:36 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imas li sad nekih problema sa kompjuterom?

Profil

Gad Poslao: 03 Apr 2008 12:47 Idi na vrh
offline Gad Počasni građanin Pridružio: 19 Maj 2005 Poruke: 932	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nemam, mozda malo Opera steka, kad otvaram nove tabove zaledi ponekad na desnom kliknu. Ali do je vjerovatno do same Opere. Hvala jos jednom.

Profil

helen1 Poslao: 03 Apr 2008 14:49 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl:

Profil

Gad Poslao: 03 Apr 2008 19:32 Idi na vrh
offline Gad Počasni građanin Pridružio: 19 Maj 2005 Poruke: 932	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala sad je sve ok, radi kao svjetlica

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Imam virusa, spyware. Komp se ledi

Ko je trenutno na forumu

Ukupno su 1052 korisnika na forumu :: 32 registrovanih, 9 sakrivenih i 1011 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: ajo baba, bojcistv, ccoogg123, cikadeda, cinoeye, Darko8, Denaya, dolinalima, draganca, dragoljub11987, Haris, Japidson, Joja, JOntra, Konda, kunktator, kybonacci, Leonov, mercedesamg, mikrimaus, miodrag, nazgul75, novator, rodoljub, sasa87, Srle993, stegonosa, uruk, voja64, wolverined4, Wrangler, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by