Možda tražite i:
virus preko msn???
Virus na msn-u
Msn virus
MSN Messenger hit by virus, outage

MyCity » Ambulanta -> Arhiva Ambulante » MSN virus

MSN virus

Napisano na dan: 24.1.2010

Strana:
1
2
3
4

MSN virus

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3
4

lanmi1983 Poslao: 24 Jan 2010 16:12 Idi na vrh
offline lanmi1983 Građanin Pridružio: 28 Feb 2009 Poruke: 190 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pokupio sam virus sa msn-a,koji je imao .exe oznaku. Nisam otvarao fajl ali je ipak nekako usao u komp.Kada se ulogujem na msn svim online kontaktima salje kao neku sliku.Posle par minuta mi zablokira i msn i komp. MBAM i Avast nista ne detektuju. DDS (Ver_09-12-01.01) - NTFSx86 Run by Milan at 14:39:44,21 on ned 24.01.2010 Internet Explorer: 6.0.2900.5512 Microsoft Windows XP Professional 5.1.2600.3.1250.381.1033.18.1022.337 [GMT 1:00] AV: avast! antivirus 4.8.1368 [VPS 100123-2] On-access scanning enabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\WinFast\WFDTV\DTVSchdl.exe C:\WINDOWS\PixArt\PAC7302\Monitor.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WinFast\WFDTV\WFWIZ.exe C:\WINDOWS\infocard.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\IncrediMail\bin\IncMail.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\IncrediMail\bin\IMApp.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe C:\Documents and Settings\Milan\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.gllob.com BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\rpbrowserrecordplugin.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL BHO: Windows Live pomagač za prijavljivanje: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [WinFast Schedule] c:\program files\winfast\wfdtv\WFWIZ.exe uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [IncrediMail] c:\program files\incredimail\bin\IncMail.exe /c uRun: [Google Update] "c:\documents and settings\milan\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" mRun: [WinFastDTV] c:\program files\winfast\wfdtv\DTVSchdl.exe mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [Firewall Administrating] infocard.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\milan\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\milan\applic~1\mozilla\firefox\profiles\pg7bx94v.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - component: c:\program files\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\documents and settings\milan\local settings\application data\google\update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); ============= SERVICES / DRIVERS =============== R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2010-1-15 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-1-15 20560] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2010-1-15 138680] R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2010-1-15 254040] R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2010-1-15 352920] R3 ReallusionVirtualAudio;Reallusion Virtual Audio;c:\windows\system32\drivers\RLVrtAuCbl.sys [2010-1-15 31616] =============== Created Last 30 ================ 2010-01-24 13:12:11 0 d-----w- c:\program files\AxBx 2010-01-24 12:31:48 0 d-----w- c:\windows\pss 2010-01-23 16:42:34 0 d-----w- c:\program files\Microsoft 2010-01-23 16:42:18 0 d-----w- c:\program files\Windows Live SkyDrive 2010-01-23 16:34:02 0 d-----w- c:\windows\SxsCaPendDel 2010-01-23 16:33:18 0 d-----w- c:\windows\system32\appmgmt 2010-01-23 16:00:37 123022 --sh--r- c:\windows\infocard.exe 2010-01-22 22:37:17 77824 ----a-r- c:\windows\system32\HPZIDS01.dll 2010-01-22 22:37:15 48128 ----a-w- c:\windows\system32\hpzll463.dll 2010-01-20 20:32:18 0 d-----w- c:\program files\vSoft 2010-01-18 18:45:19 0 d-----w- C:\My Web Sites 2010-01-18 18:11:12 0 d-----w- c:\program files\Free Hide Folder 2010-01-18 18:10:31 0 d-----w- c:\program files\WinHTTrack 2010-01-18 17:09:03 0 d-----w- C:\downloads 2010-01-18 17:09:03 0 d-----w- c:\docume~1\milan\applic~1\GrabPro 2010-01-18 17:04:58 0 d-----w- c:\windows\Lhsp 2010-01-18 17:04:43 0 d-----w- c:\program files\MyReader 2010-01-18 17:04:23 0 d-----w- c:\windows\speech 2010-01-18 16:58:02 0 d-----w- c:\program files\uTorrent 2010-01-18 16:56:55 0 d-----w- c:\docume~1\milan\applic~1\uTorrent 2010-01-16 12:18:14 3255 ----a-w- c:\windows\system32\wbem\Outlook_01ca96a5fa728f64.mof 2010-01-15 17:26:16 0 d-----w- c:\program files\NotePager Pro 2010-01-15 17:23:37 0 d-----w- c:\program files\Eggiz 2010-01-15 17:21:03 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2010-01-15 17:14:38 0 d-----r- c:\program files\Skype 2010-01-15 16:50:07 0 d-----w- c:\program files\IncrediMail 2010-01-15 16:50:07 0 d-----w- c:\docume~1\alluse~1\applic~1\IncrediMail 2010-01-15 16:50:07 0 d-----w- c:\docume~1\alluse~1\applic~1\IM 2010-01-15 16:47:24 0 d-----w- c:\program files\CCleaner 2010-01-15 16:46:42 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll 2010-01-15 16:46:41 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2010-01-15 16:46:41 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll 2010-01-15 16:46:37 0 d-----w- c:\windows\Logs 2010-01-15 16:46:00 0 d-----w- c:\program files\Winamp Detect 2010-01-15 16:42:02 14336 ----a-w- c:\program files\wmdmhelper.dll 2010-01-15 16:42:02 0 d-----w- c:\program files\templates 2010-01-15 16:42:01 712704 ----a-w- c:\program files\dtdr3260.dll 2010-01-15 16:42:01 651264 ----a-w- c:\program files\rjbres.dll 2010-01-15 16:42:01 36352 ----a-w- c:\program files\ierjplug.dll 2010-01-15 16:42:01 352256 ----a-w- c:\program files\rjdlg.dll 2010-01-15 16:42:01 19456 ----a-w- c:\program files\rjprog.dll 2010-01-15 16:42:01 139264 ----a-w- c:\program files\DUNZIP32.dll 2010-01-15 16:42:01 0 d-----w- c:\program files\Devices 2010-01-15 16:42:01 0 d-----w- c:\program files\CDBurning 2010-01-15 16:42:00 81920 ----a-w- c:\program files\tsasdk.dll 2010-01-15 16:42:00 6656 ----a-w- c:\program files\fixrjb.exe 2010-01-15 16:42:00 57344 ----a-w- c:\program files\tpasdk.dll 2010-01-15 16:42:00 41472 ----a-w- c:\program files\mmcdda32.dll 2010-01-15 16:42:00 19456 ----a-w- c:\program files\tnetdtct.dll 2010-01-15 16:41:59 43056 ----a-w- c:\program files\rpshellsearch.dll 2010-01-15 16:41:59 32768 ----a-w- c:\program files\rpwa3260.dll 2010-01-15 16:41:58 719360 ----a-w- c:\program files\dbghelp.dll 2010-01-15 16:41:58 65536 ----a-w- c:\program files\rjwmapln.dll 2010-01-15 16:41:58 329312 ----a-w- c:\program files\rpbrowserrecordplugin.dll 2010-01-15 16:41:58 0 d-----w- c:\program files\producer 2010-01-15 16:41:58 0 d-----w- c:\program files\browserrecord 2010-01-15 16:41:57 0 d-----w- c:\program files\plugins 2010-01-15 16:41:55 53248 ----a-w- c:\program files\rpau3260.dll 2010-01-15 16:41:55 480 ----a-w- c:\program files\keys.dat 2010-01-15 16:41:53 112168 ----a-w- c:\program files\rdsf3260.dll 2010-01-15 16:41:53 102400 ----a-w- c:\program files\HXAudioDeviceHook.dll 2010-01-15 16:41:53 0 d-----w- c:\program files\Netscape6 2010-01-15 16:41:53 0 d-----w- c:\program files\DataCache 2010-01-15 16:41:52 86016 ----a-w- c:\program files\rpplugprot.dll 2010-01-15 16:41:52 63016 ----a-w- c:\program files\rpshell.dll 2010-01-15 16:41:52 50 ----a-w- c:\program files\strs23.dat 2010-01-15 16:41:52 13 ----a-w- c:\program files\strs26.dat 2010-01-15 16:41:52 1030 ----a-w- c:\program files\autoplaylist.dat 2010-01-15 16:41:52 0 d-----w- c:\program files\library 2010-01-15 16:41:51 7168 ----a-w- c:\program files\realjbox.exe 2010-01-15 16:41:51 14888 ----a-w- c:\program files\rphelperapp.exe 2010-01-15 16:41:51 0 d-----w- c:\program files\rpplugins 2010-01-15 16:41:50 0 d-----w- c:\program files\common files\xing shared 2010-01-15 16:41:49 0 d-----w- c:\program files\converter 2010-01-15 16:41:40 222728 ----a-w- c:\program files\realplay.exe 2010-01-15 16:41:40 0 d-----w- c:\program files\Setup 2010-01-15 16:41:39 198208 ----a-w- c:\program files\RecordingManager.exe 2010-01-15 16:41:38 0 d-----w- c:\program files\common files\Real 2010-01-15 16:36:46 0 d-----w- c:\docume~1\milan\applic~1\Malwarebytes 2010-01-15 16:36:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-15 16:36:41 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-15 16:36:41 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-15 16:36:41 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2010-01-15 16:14:40 1060864 ----a-w- c:\windows\system32\MFC71.dll 2010-01-15 11:17:06 0 d-----w- c:\program files\common files\ODBC 2010-01-15 11:17:03 0 d-----w- c:\program files\common files\SpeechEngines 2010-01-15 11:16:38 0 d-----r- c:\documents and settings\all users\Documents 2010-01-15 10:31:11 0 d-sh--w- c:\documents and settings\all users\DRM 2010-01-15 10:30:54 0 d--h--w- c:\program files\WindowsUpdate 2010-01-15 10:30:24 0 d-----w- c:\program files\common files\MSSoap 2010-01-15 10:28:59 0 d-----w- c:\program files\Online Services 2010-01-15 10:28:52 0 d-----w- c:\program files\Messenger 2010-01-15 10:28:49 0 d-----w- c:\program files\MSN Gaming Zone 2010-01-15 10:28:18 0 d-----w- c:\program files\Windows NT 2010-01-15 00:34:35 0 d-----w- c:\program files\common files\Windows Live 2010-01-15 00:26:50 0 d-----w- c:\program files\Microsoft Visual Studio 8 2010-01-15 00:08:57 0 d-----w- c:\program files\Reallusion 2010-01-15 00:08:57 0 d-----w- c:\program files\common files\Reallusion 2010-01-15 00:07:32 0 d-----w- c:\program files\common files\Eye 312 2010-01-15 00:07:28 0 d-----w- c:\program files\common files\Pac7302 2010-01-14 23:48:30 0 d-----w- c:\docume~1\alluse~1\applic~1\ArcSoft 2010-01-14 23:48:23 0 d-----w- c:\program files\common files\Ulead Systems 2010-01-14 23:48:01 0 d-----w- c:\program files\WinFast 2010-01-14 23:46:14 0 d-----w- c:\program files\Leadtek Research Inc 2010-01-14 23:34:43 0 d-----w- c:\program files\My Company Name 2010-01-14 23:30:59 0 d-----w- c:\program files\common files\ATI Technologies 2010-01-14 23:27:12 0 d-----w- c:\program files\ATI Technologies 2010-01-14 23:17:15 0 d-----w- c:\program files\Realtek ==================== Find3M ==================== 2010-01-15 16:42:01 2851 ----a-w- c:\program files\cdroms.cfg 2010-01-15 10:29:19 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2010-01-15 00:54:04 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-01-14 23:23:58 15600 ----a-w- c:\windows\gdrv.sys 2010-01-14 23:17:09 315392 ----a-w- c:\windows\HideWin.exe ============= FINISH: 14:39:55,07 =============== mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png

Profil

helen1 Poslao: 24 Jan 2010 16:17 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravom Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

lanmi1983 Poslao: 24 Jan 2010 17:06 Idi na vrh
offline lanmi1983 Građanin Pridružio: 28 Feb 2009 Poruke: 190 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 24 Jan 2010 16:55 ComboFix 10-01-23.06 - Milan 24.01.2010 16:47:17.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.381.1033.18.1022.609 [GMT 1:00] Running from: c:\documents and settings\Milan\Desktop\ComboFix.exe AV: avast! antivirus 4.8.1368 [VPS 100124-0] On-access scanning disabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\Dvbpws.dll . ((((((((((((((((((((((((( Files Created from 2009-12-24 to 2010-01-24 ))))))))))))))))))))))))))))))) . 2010-01-24 15:36 . 2010-01-24 15:37 -------- d-----w- c:\program files\Windows Live Safety Center 2010-01-24 15:36 . 2010-01-24 15:36 -------- d-----w- c:\windows\LastGood 2010-01-24 13:12 . 2010-01-24 13:12 -------- d-----w- c:\program files\AxBx 2010-01-23 16:42 . 2010-01-23 16:42 -------- d-----w- c:\program files\Microsoft 2010-01-23 16:42 . 2010-01-23 16:42 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-01-23 16:34 . 2010-01-23 16:52 -------- d-----w- c:\windows\SxsCaPendDel 2010-01-23 16:00 . 2010-01-22 20:08 123022 --sh--r- c:\windows\infocard.exe 2010-01-22 23:11 . 2010-01-22 23:11 -------- d-----w- c:\documents and settings\Milan\Application Data\AdobeUM 2010-01-22 22:37 . 2006-04-05 09:17 77824 ----a-r- c:\windows\system32\HPZIDS01.dll 2010-01-22 22:37 . 2006-03-22 20:08 74240 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp463.dll 2010-01-22 22:37 . 2006-03-22 20:10 48128 ----a-w- c:\windows\system32\hpzll463.dll 2010-01-22 20:05 . 2010-01-22 20:05 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\Screamer Radio 2010-01-20 20:32 . 2010-01-20 20:32 -------- d-----w- c:\program files\vSoft 2010-01-18 18:45 . 2010-01-18 18:47 -------- d-----w- C:\My Web Sites 2010-01-18 18:11 . 2010-01-18 18:11 -------- d-----w- c:\program files\Free Hide Folder 2010-01-18 18:10 . 2010-01-18 18:10 -------- d-----w- c:\program files\WinHTTrack 2010-01-18 18:06 . 2010-01-22 22:19 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\Adobe 2010-01-18 17:09 . 2010-01-18 17:09 -------- d-----w- C:\downloads 2010-01-18 17:09 . 2010-01-18 17:09 -------- d-----w- c:\documents and settings\Milan\Application Data\GrabPro 2010-01-18 17:09 . 2010-01-20 20:23 -------- d-----w- c:\documents and settings\Milan\Application Data\Orbit 2010-01-18 17:04 . 2010-01-18 17:07 -------- d-----w- c:\windows\Lhsp 2010-01-18 17:04 . 2010-01-18 17:04 45056 ----a-r- c:\documents and settings\Milan\Application Data\Microsoft\Installer\{861C203D-5163-4BE3-BB5A-2561C61888DB}\NewShortcut2_861C203D51634BE3BB5A2561C61888DB_1.exe 2010-01-18 17:04 . 2010-01-18 17:04 45056 ----a-r- c:\documents and settings\Milan\Application Data\Microsoft\Installer\{861C203D-5163-4BE3-BB5A-2561C61888DB}\NewShortcut1_861C203D51634BE3BB5A2561C61888DB_1.exe 2010-01-18 17:04 . 2010-01-18 17:07 -------- d-----w- c:\program files\MyReader 2010-01-18 17:04 . 2010-01-18 17:04 -------- d-----w- c:\windows\speech 2010-01-18 17:00 . 2010-01-18 17:00 -------- d-----w- c:\windows\Sun 2010-01-18 16:58 . 2010-01-18 16:58 -------- d-----w- c:\program files\uTorrent 2010-01-18 16:56 . 2010-01-24 15:47 -------- d-----w- c:\documents and settings\Milan\Application Data\uTorrent 2010-01-16 06:09 . 2010-01-16 06:09 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\Eggiz 2010-01-15 17:29 . 2010-01-15 17:31 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\Temp 2010-01-15 17:29 . 2010-01-15 17:31 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\Google 2010-01-15 17:26 . 2010-01-18 16:50 -------- d-----w- c:\program files\NotePager Pro 2010-01-15 17:23 . 2010-01-15 17:23 -------- d-----w- c:\program files\Eggiz 2010-01-15 17:23 . 2010-01-15 17:23 -------- d-----w- c:\program files\7-Zip 2010-01-15 17:21 . 2010-01-15 17:21 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2010-01-15 17:21 . 2010-01-20 07:04 -------- d-----w- c:\documents and settings\Milan\Application Data\skypePM 2010-01-15 17:15 . 2010-01-20 07:51 -------- d-----w- c:\documents and settings\Milan\Application Data\Skype 2010-01-15 17:14 . 2010-01-15 17:14 -------- d-----w- c:\program files\Common Files\Skype 2010-01-15 17:14 . 2010-01-15 17:15 -------- d-----r- c:\program files\Skype 2010-01-15 17:14 . 2010-01-15 17:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2010-01-15 17:10 . 2010-01-15 17:10 -------- d-----w- c:\program files\QuickTime 2010-01-15 17:10 . 2010-01-15 17:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer 2010-01-15 17:09 . 2010-01-15 17:09 -------- d-----w- c:\program files\Common Files\Apple 2010-01-15 17:09 . 2010-01-15 17:09 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\Apple 2010-01-15 17:09 . 2010-01-15 17:09 -------- d-----w- c:\program files\Apple Software Update 2010-01-15 17:09 . 2010-01-15 17:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple 2010-01-15 17:09 . 2010-01-15 17:09 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\Apple Computer 2010-01-15 16:52 . 2010-01-15 16:52 0 ----a-w- c:\windows\nsreg.dat 2010-01-15 16:52 . 2010-01-15 16:52 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\Mozilla 2010-01-15 16:50 . 2010-01-15 17:07 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\IM 2010-01-15 16:50 . 2010-01-15 16:50 -------- d-----w- c:\documents and settings\All Users\Application Data\IM 2010-01-15 16:50 . 2010-01-15 16:50 -------- d-----w- c:\program files\IncrediMail 2010-01-15 16:50 . 2010-01-15 16:50 -------- d-----w- c:\documents and settings\All Users\Application Data\IncrediMail 2010-01-15 16:47 . 2010-01-15 16:47 -------- d-----w- c:\program files\CCleaner 2010-01-15 16:46 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll 2010-01-15 16:46 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2010-01-15 16:46 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll 2010-01-15 16:46 . 2010-01-15 16:46 -------- d-----w- c:\windows\Logs 2010-01-15 16:46 . 2010-01-15 16:46 -------- d-----w- c:\program files\Winamp Detect 2010-01-15 16:42 . 2010-01-15 16:42 14336 ----a-w- c:\program files\wmdmhelper.dll 2010-01-15 16:41 . 2010-01-15 16:41 43056 ----a-w- c:\program files\rpshellsearch.dll 2010-01-15 16:36 . 2010-01-15 16:36 -------- d-----w- c:\documents and settings\Milan\Application Data\Malwarebytes 2010-01-15 16:36 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-15 16:36 . 2010-01-15 16:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-15 16:36 . 2010-01-15 16:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-01-15 16:36 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-15 16:14 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-01-15 16:14 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-01-15 16:14 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2010-01-15 16:14 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr 2010-01-15 16:14 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2010-01-15 16:14 . 2009-11-24 23:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2010-01-15 16:14 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-01-15 16:14 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-01-15 16:14 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe 2010-01-15 16:14 . 2003-03-18 20:20 1060864 ----a-w- c:\windows\system32\MFC71.dll 2010-01-15 16:14 . 2010-01-15 16:14 -------- d-----w- c:\program files\Alwil Software . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-23 16:42 . 2010-01-15 00:41 -------- d-----w- c:\program files\Windows Live 2010-01-19 17:42 . 2010-01-14 23:36 68848 ----a-w- c:\documents and settings\Milan\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-01-18 02:38 . 2010-01-15 16:41 -------- d-----w- c:\program files\library 2010-01-16 00:18 . 2010-01-14 23:17 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-01-16 00:17 . 2010-01-14 23:48 -------- d-----w- c:\documents and settings\All Users\Application Data\ArcSoft 2010-01-15 19:30 . 2010-01-15 16:44 -------- d-----w- c:\documents and settings\Milan\Application Data\Winamp 2010-01-15 16:46 . 2010-01-15 16:44 -------- d-----w- c:\program files\Winamp 2010-01-15 16:41 . 2010-01-15 16:41 57762 ----a-w- c:\program files\howto.chm 2010-01-15 10:32 . 2010-01-15 10:32 -------- d-----w- c:\program files\microsoft frontpage 2010-01-15 10:29 . 2010-01-15 10:29 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2010-01-15 00:54 . 2010-01-15 00:54 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-01-15 00:54 . 2010-01-15 00:54 -------- d-----w- c:\program files\Java 2010-01-15 00:53 . 2010-01-15 00:53 152576 ----a-w- c:\documents and settings\Milan\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2010-01-15 00:52 . 2010-01-15 00:52 79488 ----a-w- c:\documents and settings\Milan\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2010-01-15 00:34 . 2010-01-15 00:34 -------- d-----w- c:\program files\Common Files\Windows Live 2010-01-15 00:29 . 2010-01-15 00:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-01-15 00:28 . 2010-01-15 00:28 -------- d-----w- c:\program files\Microsoft Works 2010-01-15 00:28 . 2010-01-15 00:28 -------- d-----w- c:\program files\MSBuild 2010-01-15 00:28 . 2010-01-15 00:28 -------- d-----w- c:\program files\Microsoft.NET 2010-01-15 00:26 . 2010-01-15 00:26 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2010-01-15 00:17 . 2010-01-15 10:31 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-01-15 00:14 . 2010-01-15 00:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Ulead Systems 2010-01-15 00:10 . 2010-01-15 00:10 81 --sh--r- c:\windows\CT4CET.bin 2010-01-15 00:10 . 2010-01-15 00:08 -------- d-----w- c:\program files\Reallusion 2010-01-15 00:08 . 2010-01-15 00:08 -------- d-----w- c:\program files\Common Files\Reallusion 2010-01-15 00:07 . 2010-01-15 00:07 -------- d-----w- c:\program files\Common Files\Eye 312 2010-01-15 00:07 . 2010-01-15 00:07 -------- d-----w- c:\program files\Common Files\Pac7302 2010-01-15 00:05 . 2010-01-14 23:53 -------- d-----w- c:\documents and settings\Milan\Application Data\ArcSoft 2010-01-14 23:48 . 2010-01-14 23:48 -------- d-----w- c:\program files\Common Files\ArcSoft 2010-01-14 23:48 . 2010-01-14 23:48 -------- d-----w- c:\program files\Common Files\Ulead Systems 2010-01-14 23:48 . 2010-01-14 23:48 -------- d-----w- c:\program files\WinFast 2010-01-14 23:46 . 2010-01-14 23:46 -------- d-----w- c:\program files\Leadtek Research Inc 2010-01-14 23:43 . 2010-01-14 23:43 -------- d-----w- c:\program files\Common Files\Adobe 2010-01-14 23:36 . 2010-01-14 23:36 -------- d-----w- c:\documents and settings\Milan\Application Data\ATI 2010-01-14 23:36 . 2010-01-14 23:36 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI 2010-01-14 23:36 . 2010-01-14 23:36 0 ----a-w- c:\windows\ativpsrm.bin 2010-01-14 23:34 . 2010-01-14 23:34 -------- d-----w- c:\program files\My Company Name 2010-01-14 23:33 . 2010-01-14 23:27 -------- d-----w- c:\program files\ATI Technologies 2010-01-14 23:31 . 2010-01-14 23:31 9158 ----a-r- c:\documents and settings\Milan\Application Data\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe 2010-01-14 23:30 . 2010-01-14 23:30 -------- d-----w- c:\program files\Common Files\ATI Technologies 2010-01-14 23:26 . 2010-01-14 23:17 -------- d-----w- c:\program files\Common Files\InstallShield 2010-01-14 23:23 . 2010-01-14 23:14 15600 ----a-w- c:\windows\gdrv.sys 2010-01-14 23:17 . 2010-01-14 23:17 -------- d-----w- c:\program files\Realtek 2010-01-14 23:17 . 2010-01-14 23:17 315392 ----a-w- c:\windows\HideWin.exe 2010-01-14 23:16 . 2010-01-14 23:16 -------- d-----w- c:\program files\DIFX 2010-01-14 23:16 . 2010-01-14 23:16 -------- d-----w- c:\documents and settings\Milan\Application Data\InstallShield . ------- Sigcheck ------- [-] 2008-05-05 . 9F42478360E9B053A6703DEF39B4CE33 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2008-06-20 2887680] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2010-01-15 349640] "Google Update"="c:\documents and settings\Milan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-01-15 135664] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-01-18 289584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2007-09-03 16841216] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440] "WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2008-06-20 90112] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-10-10 203264] "PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-15 149280] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-01-15 198160] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-12-21 39424] "Firewall Administrating"="infocard.exe" [2010-01-22 123022] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Milan\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\IncrediMail\\Bin\\IncMail.exe"= "c:\\Program Files\\IncrediMail\\Bin\\ImApp.exe"= "c:\\Program Files\\IncrediMail\\Bin\\ImpCnt.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [1/15/2010 5:14 PM 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1/15/2010 5:14 PM 20560] R3 ReallusionVirtualAudio;Reallusion Virtual Audio;c:\windows\system32\drivers\RLVrtAuCbl.sys [1/15/2010 1:09 AM 31616] . Contents of the 'Scheduled Tasks' folder 2010-01-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-1659004503-1801674531-1003Core.job - c:\documents and settings\Milan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-15 17:29] 2010-01-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-1659004503-1801674531-1003UA.job - c:\documents and settings\Milan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-15 17:29] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.gllob.com IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Milan\Application Data\Mozilla\Firefox\Profiles\pg7bx94v.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - component: c:\program files\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - plugin: c:\documents and settings\Milan\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2010-01-24 16:49 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(744) c:\windows\system32\Ati2evxx.dll . Completion time: 2010-01-24 16:49:53 ComboFix-quarantined-files.txt 2010-01-24 15:49 Pre-Run: 43.803.189.248 bytes free Post-Run: 43.869.503.488 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe - - End Of File - - 663EF114BE1A2CCD563C4E42A7655DDE Dopuna: 24 Jan 2010 17:06 Izvinjavam se,propustio sam da instaliram recovery consolu,pa evo sad novog Combo loga ComboFix 10-01-23.06 - Milan 24.01.2010 16:58:00.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.381.1033.18.1022.465 [GMT 1:00] Running from: c:\documents and settings\Milan\Desktop\ComboFix.exe AV: avast! antivirus 4.8.1368 [VPS 100124-0] On-access scanning disabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} . ((((((((((((((((((((((((( Files Created from 2009-12-24 to 2010-01-24 ))))))))))))))))))))))))))))))) . 2010-01-24 15:36 . 2010-01-24 15:37 -------- d-----w- c:\program files\Windows Live Safety Center 2010-01-24 15:36 . 2010-01-24 15:36 -------- d-----w- c:\windows\LastGood 2010-01-24 13:12 . 2010-01-24 13:12 -------- d-----w- c:\program files\AxBx 2010-01-23 16:42 . 2010-01-23 16:42 -------- d-----w- c:\program files\Microsoft 2010-01-23 16:42 . 2010-01-23 16:42 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-01-23 16:34 . 2010-01-23 16:52 -------- d-----w- c:\windows\SxsCaPendDel 2010-01-23 16:00 . 2010-01-22 20:08 123022 --sh--r- c:\windows\infocard.exe 2010-01-22 23:11 . 2010-01-22 23:11 -------- d-----w- c:\documents and settings\Milan\Application Data\AdobeUM 2010-01-22 22:37 . 2006-04-05 09:17 77824 ----a-r- c:\windows\system32\HPZIDS01.dll 2010-01-22 22:37 . 2006-03-22 20:08 74240 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp463.dll 2010-01-22 22:37 . 2006-03-22 20:10 48128 ----a-w- c:\windows\system32\hpzll463.dll 2010-01-22 20:05 . 2010-01-22 20:05 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\Screamer Radio 2010-01-20 20:32 . 2010-01-20 20:32 -------- d-----w- c:\program files\vSoft 2010-01-18 18:45 . 2010-01-18 18:47 -------- d-----w- C:\My Web Sites 2010-01-18 18:11 . 2010-01-18 18:11 -------- d-----w- c:\program files\Free Hide Folder 2010-01-18 18:10 . 2010-01-18 18:10 -------- d-----w- c:\program files\WinHTTrack 2010-01-18 18:06 . 2010-01-22 22:19 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\Adobe 2010-01-18 17:09 . 2010-01-18 17:09 -------- d-----w- C:\downloads 2010-01-18 17:09 . 2010-01-18 17:09 -------- d-----w- c:\documents and settings\Milan\Application Data\GrabPro 2010-01-18 17:09 . 2010-01-20 20:23 -------- d-----w- c:\documents and settings\Milan\Application Data\Orbit 2010-01-18 17:04 . 2010-01-18 17:07 -------- d-----w- c:\windows\Lhsp 2010-01-18 17:04 . 2010-01-18 17:04 45056 ----a-r- c:\documents and settings\Milan\Application Data\Microsoft\Installer\{861C203D-5163-4BE3-BB5A-2561C61888DB}\NewShortcut2_861C203D51634BE3BB5A2561C61888DB_1.exe 2010-01-18 17:04 . 2010-01-18 17:04 45056 ----a-r- c:\documents and settings\Milan\Application Data\Microsoft\Installer\{861C203D-5163-4BE3-BB5A-2561C61888DB}\NewShortcut1_861C203D51634BE3BB5A2561C61888DB_1.exe 2010-01-18 17:04 . 2010-01-18 17:07 -------- d-----w- c:\program files\MyReader 2010-01-18 17:04 . 2010-01-18 17:04 -------- d-----w- c:\windows\speech 2010-01-18 17:00 . 2010-01-18 17:00 -------- d-----w- c:\windows\Sun 2010-01-18 16:58 . 2010-01-18 16:58 -------- d-----w- c:\program files\uTorrent 2010-01-18 16:56 . 2010-01-24 15:57 -------- d-----w- c:\documents and settings\Milan\Application Data\uTorrent 2010-01-16 06:09 . 2010-01-16 06:09 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\Eggiz 2010-01-15 17:29 . 2010-01-15 17:31 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\Temp 2010-01-15 17:29 . 2010-01-15 17:31 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\Google 2010-01-15 17:26 . 2010-01-18 16:50 -------- d-----w- c:\program files\NotePager Pro 2010-01-15 17:23 . 2010-01-15 17:23 -------- d-----w- c:\program files\Eggiz 2010-01-15 17:23 . 2010-01-15 17:23 -------- d-----w- c:\program files\7-Zip 2010-01-15 17:21 . 2010-01-15 17:21 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2010-01-15 17:21 . 2010-01-20 07:04 -------- d-----w- c:\documents and settings\Milan\Application Data\skypePM 2010-01-15 17:15 . 2010-01-20 07:51 -------- d-----w- c:\documents and settings\Milan\Application Data\Skype 2010-01-15 17:14 . 2010-01-15 17:14 -------- d-----w- c:\program files\Common Files\Skype 2010-01-15 17:14 . 2010-01-15 17:15 -------- d-----r- c:\program files\Skype 2010-01-15 17:14 . 2010-01-15 17:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2010-01-15 17:10 . 2010-01-15 17:10 -------- d-----w- c:\program files\QuickTime 2010-01-15 17:10 . 2010-01-15 17:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer 2010-01-15 17:09 . 2010-01-15 17:09 -------- d-----w- c:\program files\Common Files\Apple 2010-01-15 17:09 . 2010-01-15 17:09 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\Apple 2010-01-15 17:09 . 2010-01-15 17:09 -------- d-----w- c:\program files\Apple Software Update 2010-01-15 17:09 . 2010-01-15 17:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple 2010-01-15 17:09 . 2010-01-15 17:09 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\Apple Computer 2010-01-15 16:52 . 2010-01-15 16:52 0 ----a-w- c:\windows\nsreg.dat 2010-01-15 16:52 . 2010-01-15 16:52 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\Mozilla 2010-01-15 16:50 . 2010-01-15 17:07 -------- d-----w- c:\documents and settings\Milan\Local Settings\Application Data\IM 2010-01-15 16:50 . 2010-01-15 16:50 -------- d-----w- c:\documents and settings\All Users\Application Data\IM 2010-01-15 16:50 . 2010-01-15 16:50 -------- d-----w- c:\program files\IncrediMail 2010-01-15 16:50 . 2010-01-15 16:50 -------- d-----w- c:\documents and settings\All Users\Application Data\IncrediMail 2010-01-15 16:47 . 2010-01-15 16:47 -------- d-----w- c:\program files\CCleaner 2010-01-15 16:46 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll 2010-01-15 16:46 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2010-01-15 16:46 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll 2010-01-15 16:46 . 2010-01-15 16:46 -------- d-----w- c:\windows\Logs 2010-01-15 16:46 . 2010-01-15 16:46 -------- d-----w- c:\program files\Winamp Detect 2010-01-15 16:42 . 2010-01-15 16:42 14336 ----a-w- c:\program files\wmdmhelper.dll 2010-01-15 16:41 . 2010-01-15 16:41 43056 ----a-w- c:\program files\rpshellsearch.dll 2010-01-15 16:36 . 2010-01-15 16:36 -------- d-----w- c:\documents and settings\Milan\Application Data\Malwarebytes 2010-01-15 16:36 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-15 16:36 . 2010-01-15 16:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-15 16:36 . 2010-01-15 16:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-01-15 16:36 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-01-15 16:14 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2010-01-15 16:14 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2010-01-15 16:14 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2010-01-15 16:14 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr 2010-01-15 16:14 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2010-01-15 16:14 . 2009-11-24 23:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2010-01-15 16:14 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2010-01-15 16:14 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2010-01-15 16:14 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe 2010-01-15 16:14 . 2003-03-18 20:20 1060864 ----a-w- c:\windows\system32\MFC71.dll 2010-01-15 16:14 . 2010-01-15 16:14 -------- d-----w- c:\program files\Alwil Software . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-23 16:42 . 2010-01-15 00:41 -------- d-----w- c:\program files\Windows Live 2010-01-19 17:42 . 2010-01-14 23:36 68848 ----a-w- c:\documents and settings\Milan\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-01-18 02:38 . 2010-01-15 16:41 -------- d-----w- c:\program files\library 2010-01-16 00:18 . 2010-01-14 23:17 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-01-16 00:17 . 2010-01-14 23:48 -------- d-----w- c:\documents and settings\All Users\Application Data\ArcSoft 2010-01-15 19:30 . 2010-01-15 16:44 -------- d-----w- c:\documents and settings\Milan\Application Data\Winamp 2010-01-15 16:46 . 2010-01-15 16:44 -------- d-----w- c:\program files\Winamp 2010-01-15 16:41 . 2010-01-15 16:41 57762 ----a-w- c:\program files\howto.chm 2010-01-15 10:32 . 2010-01-15 10:32 -------- d-----w- c:\program files\microsoft frontpage 2010-01-15 10:29 . 2010-01-15 10:29 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2010-01-15 00:54 . 2010-01-15 00:54 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-01-15 00:54 . 2010-01-15 00:54 -------- d-----w- c:\program files\Java 2010-01-15 00:53 . 2010-01-15 00:53 152576 ----a-w- c:\documents and settings\Milan\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2010-01-15 00:52 . 2010-01-15 00:52 79488 ----a-w- c:\documents and settings\Milan\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2010-01-15 00:34 . 2010-01-15 00:34 -------- d-----w- c:\program files\Common Files\Windows Live 2010-01-15 00:29 . 2010-01-15 00:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-01-15 00:28 . 2010-01-15 00:28 -------- d-----w- c:\program files\Microsoft Works 2010-01-15 00:28 . 2010-01-15 00:28 -------- d-----w- c:\program files\MSBuild 2010-01-15 00:28 . 2010-01-15 00:28 -------- d-----w- c:\program files\Microsoft.NET 2010-01-15 00:26 . 2010-01-15 00:26 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2010-01-15 00:17 . 2010-01-15 10:31 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-01-15 00:14 . 2010-01-15 00:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Ulead Systems 2010-01-15 00:10 . 2010-01-15 00:10 81 --sh--r- c:\windows\CT4CET.bin 2010-01-15 00:10 . 2010-01-15 00:08 -------- d-----w- c:\program files\Reallusion 2010-01-15 00:08 . 2010-01-15 00:08 -------- d-----w- c:\program files\Common Files\Reallusion 2010-01-15 00:07 . 2010-01-15 00:07 -------- d-----w- c:\program files\Common Files\Eye 312 2010-01-15 00:07 . 2010-01-15 00:07 -------- d-----w- c:\program files\Common Files\Pac7302 2010-01-15 00:05 . 2010-01-14 23:53 -------- d-----w- c:\documents and settings\Milan\Application Data\ArcSoft 2010-01-14 23:48 . 2010-01-14 23:48 -------- d-----w- c:\program files\Common Files\ArcSoft 2010-01-14 23:48 . 2010-01-14 23:48 -------- d-----w- c:\program files\Common Files\Ulead Systems 2010-01-14 23:48 . 2010-01-14 23:48 -------- d-----w- c:\program files\WinFast 2010-01-14 23:46 . 2010-01-14 23:46 -------- d-----w- c:\program files\Leadtek Research Inc 2010-01-14 23:43 . 2010-01-14 23:43 -------- d-----w- c:\program files\Common Files\Adobe 2010-01-14 23:36 . 2010-01-14 23:36 -------- d-----w- c:\documents and settings\Milan\Application Data\ATI 2010-01-14 23:36 . 2010-01-14 23:36 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI 2010-01-14 23:36 . 2010-01-14 23:36 0 ----a-w- c:\windows\ativpsrm.bin 2010-01-14 23:34 . 2010-01-14 23:34 -------- d-----w- c:\program files\My Company Name 2010-01-14 23:33 . 2010-01-14 23:27 -------- d-----w- c:\program files\ATI Technologies 2010-01-14 23:31 . 2010-01-14 23:31 9158 ----a-r- c:\documents and settings\Milan\Application Data\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe 2010-01-14 23:30 . 2010-01-14 23:30 -------- d-----w- c:\program files\Common Files\ATI Technologies 2010-01-14 23:26 . 2010-01-14 23:17 -------- d-----w- c:\program files\Common Files\InstallShield 2010-01-14 23:23 . 2010-01-14 23:14 15600 ----a-w- c:\windows\gdrv.sys 2010-01-14 23:17 . 2010-01-14 23:17 -------- d-----w- c:\program files\Realtek 2010-01-14 23:17 . 2010-01-14 23:17 315392 ----a-w- c:\windows\HideWin.exe 2010-01-14 23:16 . 2010-01-14 23:16 -------- d-----w- c:\program files\DIFX 2010-01-14 23:16 . 2010-01-14 23:16 -------- d-----w- c:\documents and settings\Milan\Application Data\InstallShield . ------- Sigcheck ------- [-] 2008-05-05 . 9F42478360E9B053A6703DEF39B4CE33 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2008-06-20 2887680] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883840] "IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2010-01-15 349640] "Google Update"="c:\documents and settings\Milan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-01-15 135664] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-01-18 289584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2007-09-03 16841216] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440] "WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2008-06-20 90112] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-10-10 203264] "PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-15 149280] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-01-15 198160] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-12-21 39424] "Firewall Administrating"="infocard.exe" [2010-01-22 123022] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\Milan\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\IncrediMail\\Bin\\IncMail.exe"= "c:\\Program Files\\IncrediMail\\Bin\\ImApp.exe"= "c:\\Program Files\\IncrediMail\\Bin\\ImpCnt.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [1/15/2010 5:14 PM 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1/15/2010 5:14 PM 20560] R3 ReallusionVirtualAudio;Reallusion Virtual Audio;c:\windows\system32\drivers\RLVrtAuCbl.sys [1/15/2010 1:09 AM 31616] . Contents of the 'Scheduled Tasks' folder 2010-01-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-1659004503-1801674531-1003Core.job - c:\documents and settings\Milan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-15 17:29] 2010-01-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-1659004503-1801674531-1003UA.job - c:\documents and settings\Milan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-15 17:29] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.gllob.com IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Milan\Application Data\Mozilla\Firefox\Profiles\pg7bx94v.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - component: c:\program files\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll FF - plugin: c:\documents and settings\Milan\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2010-01-24 16:59 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(744) c:\windows\system32\Ati2evxx.dll . Completion time: 2010-01-24 17:00:21 ComboFix-quarantined-files.txt 2010-01-24 16:00 ComboFix2.txt 2010-01-24 15:49 Pre-Run: 43.868.712.960 bytes free Post-Run: 43.856.687.104 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer - - End Of File - - 59547D4BA12C17CA2D2C3C4058BF18D0

Profil

helen1 Poslao: 24 Jan 2010 18:09 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da nisi kliktao na one fore da saznas ko te je blokirao?

Profil

lanmi1983 Poslao: 24 Jan 2010 18:14 Idi na vrh
offline lanmi1983 Građanin Pridružio: 28 Feb 2009 Poruke: 190 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ma ne...Apsolutno nista od toga. Samo mi je od rugarice na msn stigla poruka i pre nego sto sam pokusao da zatvorim prozor msn je poceo da blokira.Kad se to desi ne mogu nikom da posaljem poruku i svim kontaktima koji su mi online od mene stigne poruka sa linkom za neku fotografiju,a link sadrzi adresu msn-a npr. nesto tipa im-images.com/watch_my_nude_photo.exe Cak sam i reinstalirao msn i opet isti problem

Profil

helen1 Poslao: 24 Jan 2010 19:40 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Windows XP Klikni Start taster (u levom donjem uglu). Izaberi My Computer. Selektuj Tools meni i klikni na Folder Options. Selektuj View na vrhu, unutar Hidden files and folders grupe selektuj Show hidden files and folders. Skini kvačicu sa Hide file extensions for known types. Skini kvačicu sa Hide protected operating system files (recommended). Klikni YES. Klikni OK. Uploaduj mi: c:\windows\infocard.exe preko: http://www.mycity.rs/ambulanta-upload.php

Profil

lanmi1983 Poslao: 24 Jan 2010 19:57 Idi na vrh
offline lanmi1983 Građanin Pridružio: 28 Feb 2009 Poruke: 190 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Malopre sam skinuo MSN Virus Remover i pokrenuo ga, pisalo je da je ocistio par virusa. Jos se nisam ulogovao na msn da vidim kakvo je stanje. Medjutim ovog infocard.exe fajla mi nema u c:\windows. Medjutim primetio sam da mi se u my documents nalazi infocard.exe.back ne znam odakle se stvorio tu.Pa evo uploadovao sam njega.

Profil

helen1 Poslao: 24 Jan 2010 20:09 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\windows\infocard.exe Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Firewall Administrating"=-` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

lanmi1983 Poslao: 24 Jan 2010 21:19 Idi na vrh
offline lanmi1983 Građanin Pridružio: 28 Feb 2009 Poruke: 190 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 24 Jan 2010 20:52 Uradio sam kao sto je napisano.Medjutim pri kraju Combo je poceo da lista neke fajlove i na samom kraju je pisalo da se ne moze izvrsiti. Pri tom su mi nestale skoro sve ikone sa desktopa i neki programi koje sam imao. Sta sad? Dopuna: 24 Jan 2010 21:19 Da li da probam da uradim Sistem restore na dan ili dva pre ovog problema?

Profil

helen1 Poslao: 24 Jan 2010 21:21 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Okaci mi sledeci fajl: ComboFix-quarantined-files.txt koji se nalazi negde u folderu: c:\qoobox

Profil

MyCity » Ambulanta -> Arhiva Ambulante » MSN virus

Ko je trenutno na forumu

Ukupno su 1133 korisnika na forumu :: 12 registrovanih, 1 sakriven i 1120 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 100ka, Bane san, Kriglord, kybonacci, Majka, Mercury, milenko crazy north, novidan, sombrero, Stoilkovic, theNedjeljko, vladanan

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by