Hello,

Few hours ago I encountered with zaljubljeni.exe.

The file was on one of my friend’s pen-drive, that I’m using to get some pictures, so when I inserted that pen-drive, I saw a standard error reporting dialog of MS that saying windows encountered problem running said app and report error etc.

So my question is, what is zaljubljeni.exe? and it’s impact etc…
Avast doesn’t seems detect it (no standard shield pop-up) … so am I infected?
Later scan(right-click) of the pen-drive by avast found 77 infection.( and deleted)

thanks for any advice… and info on zaljubljeni.exe…

what is zaljubljeni.exe? and it's impact etc..

http://www.prevx.com/filenames/X1010091429659273898-X1/ZALJUBLJENI.EXE.html

Avast doesn't seems detect it (no standard shield pop-up) ... so am I infected?

maybe yes so do a boot time scan,then for sure scan with dr.web cure it"express scan"if found something do full scan, scan with mbam or sas,and you know google to found the listed programs ;)

Hello superhacker,

thanks for the link.

welcome and i wish you tell us about the infections and i wish you can treat them well

I cannot update MBAM…

scanning with the old version found nothing…btw.

you dont have any analyzing tool on your system?hijack this,freefixer,autoruns,…any thing will help us to help you

Try this

Hitman Pro 3 http://www.surfright.nl/en/
How to start Hitman Pro in Force Breach mode http://www.youtube.com/watch?v=m6eRWTv2STk

Hello guys,

reporting back…
Here is what I found under event log:(after the incident):

Event Type:	Error
Event Source:	Application Error
Event Category:	None
Event ID:	1000
Date:		15-Feb-2010
Time:		7:37:51 PM
User:		N/A
Computer:	<COMPUTER_NAME>
Description:
Faulting application zaljubljeni.exe, version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x00000000.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 41 70 70 6c 69 63 61 74   Applicat
0008: 69 6f 6e 20 46 61 69 6c   ion Fail
0010: 75 72 65 20 20 7a 61 6c   ure  zal
0018: 6a 75 62 6c 6a 65 6e 69   jubljeni
0020: 2e 65 78 65 20 30 2e 30   .exe 0.0
0028: 2e 30 2e 30 20 69 6e 20   .0.0 in 
0030: 75 6e 6b 6e 6f 77 6e 20   unknown 
0038: 30 2e 30 2e 30 2e 30 20   0.0.0.0 
0040: 61 74 20 6f 66 66 73 65   at offse
0048: 74 20 30 30 30 30 30 30   t 000000
0050: 30 30 0d 0a               00..    

… anyway finally I was able to update MBAM and did a scan found nothing.
later avast boot scan and 0 infection found.
AutoRuns, HijackThis doesn’t show any suspicious entry.
I do not notice any abnormal behavior of the system…so me thinks I’m okay?

here are the screen-shots of the avast scan on the pen-drive(attached)

@superhacker: what is freefixer? I’ve never heard of it… can you please give me a link? thanks.

@Pondus: that Force Breach method seems very interesting…I’ve heard of hitman but never used it…are you using Hitman atm…is that runs light/heavy/etc. …any conflict with existing app’s like threatfire etc? thanks.

@Pondus: that Force Breach method seems very interesting....I've heard of hitman but never used it...are you using Hitman atm....is that runs light/heavy/etc. ...any conflict with existing app's like threatfire etc? thanks.

It is lightning quick to scan ( i think it only scans for activly running bugs) and have no conflicts., and runs extremly light I don`t use threat fire so don`t know, try it OBS: only register if/when it fiends infection, then you have 30 days of removal

http://forum.avast.com/index.php?topic=55583.0

it means that avast has cleaned your infected files ^^

Thanks Pondus for the infos… [thumbs up]
pity it’s only giving 30 day time-limit… cloud things should be free… but then prevx free only detect, no removal there…any thought on Panda cloud btw…

@emantoyaks: yes I hope so… avast did a good job except the said exe. thanks.