Vesti

Goradisic · Putnik u prolazu

Pozdrav! Potrebna mi je pomoc!
Naime...Od pre 2-3 dana kompijuter mi je toliko spor da me to strahovito nervira, razmišljao i o kupovini drugog... Ali na sreću "iskopah" Vas!!
Iz čista mira mi je počeo sporo raditi tako da ni web stranicu ne može da učita ili barm veoma, veoma sporo. Koristi ADSL(1024/256) . Pokazuje mi da je CPU 100% zauzet, a ja ništa ne radim na njemu??? GUZ - Glavom U Zid

Ja sam laik, komp stari....Pomagajte....

http://www.mycity.rs/Uploads/184562_424654215_DDS.txt

DDS (Ver_09-12-01.01) - NTFSx86
Run by Korisnik at 10:39:26.03 on Sun 01/24/2010
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.767.384 [GMT 1:00]

AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Korisnik\Desktop\dds.scr
C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = about:blank
uInternet Connection Wizard,ShellNext = iexplore
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {6F4F95AF-1647-4B72-A632-055405455423} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
StartupFolder: c:\documents and settings\korisnik\start menu\programs\startup\wwwpos32.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: {E37EDD28-20F5-4C76-8B61-E828105E1631} = 212.200.191.166,212.200.190.166
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Hosts: 127.0.0.1 www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\korisnik\applic~1\mozilla\firefox\profiles\3sukci1z.default\
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-9-29 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-9-29 96408]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2009-9-29 735960]
R3 netflx3;Compaq NetFlex-3/Netelligent Adapter Driver;c:\windows\system32\drivers\NetFlx3.sys [2009-8-22 65278]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-8-22 133104]

=============== Created Last 30 ================

2010-01-24 08:42:00 0 d-----w- c:\windows\pss
2010-01-21 19:08:46 545 ----a-w- c:\windows\UC.PIF
2010-01-21 19:08:46 545 ----a-w- c:\windows\RAR.PIF
2010-01-21 19:08:45 545 ----a-w- c:\windows\PKZIP.PIF
2010-01-21 19:08:45 545 ----a-w- c:\windows\PKUNZIP.PIF
2010-01-21 19:08:45 545 ----a-w- c:\windows\NOCLOSE.PIF
2010-01-21 19:08:45 545 ----a-w- c:\windows\LHA.PIF
2010-01-21 19:08:45 545 ----a-w- c:\windows\ARJ.PIF
2010-01-21 19:08:45 0 d-----w- C:\totalcmd
2010-01-21 19:08:45 0 d-----w- c:\docume~1\korisnik\applic~1\GHISLER
2010-01-21 16:26:27 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2010-01-21 16:26:27 34688 ----a-w- c:\windows\system32\drivers\lbrtfdc.sys
2010-01-21 16:26:07 8192 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys
2010-01-21 16:26:07 8192 ----a-w- c:\windows\system32\drivers\i2omgmt.sys
2010-01-21 16:25:38 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-01-21 16:25:38 8192 ----a-w- c:\windows\system32\drivers\Changer.sys
2010-01-21 16:09:52 4 ----a-w- c:\docume~1\korisnik\applic~1\avdrn.dat
2010-01-18 14:55:03 0 d-----w- c:\documents and settings\korisnik\Programs
2010-01-16 08:00:16 0 d-----w- c:\program files\TimeAdjuster
2010-01-15 23:01:40 0 d-----w- c:\program files\aod
2010-01-15 23:01:00 0 d-----w- c:\program files\common files\Real
2010-01-11 14:11:01 0 d-----w- c:\program files\DreamQuest
2010-01-11 13:54:00 0 d-----w- c:\docume~1\korisnik\applic~1\Chessmaster Challenge
2010-01-10 21:17:25 9067744 ----a-w- c:\program files\Firefox Setup 3.5.7.exe
2010-01-07 23:45:59 0 d-----w- c:\docume~1\korisnik\applic~1\cald3
2010-01-06 08:31:08 3762464 ----a-w- c:\program files\recuvasetup134.exe
2010-01-06 07:18:40 736 ----a-w- c:\windows\SamsungMaster.INI
2010-01-05 19:31:37 77824 ----a-w- c:\windows\system32\xvid.ax
2010-01-05 19:31:37 765952 ----a-w- c:\windows\system32\xvidcore.dll
2010-01-05 19:31:37 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2010-01-05 19:31:36 8704 ----a-w- c:\windows\system32\vidccleaner.exe
2009-12-27 08:41:13 5632 ----a-w- c:\windows\system32\ptpusb.dll
2009-12-27 08:40:43 159232 ----a-w- c:\windows\system32\ptpusd.dll
2009-12-27 08:40:23 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-12-27 08:40:23 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys

==================== Find3M ====================

2010-01-24 08:30:25 1632 ----a-w- c:\windows\system32\d3d8caps.dat
2010-01-13 11:04:39 1744 ----a-w- c:\windows\system32\d3d9caps.dat
2010-01-07 15:07:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07:04 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-20 16:12:44 31604224 ----a-w- c:\program files\eav_nt32_enu.msi
2009-10-05 12:57:08 1615732 ----a-w- c:\program files\ProcessExplorer.zip
2009-10-02 06:08:52 289072 ----a-w- c:\program files\utorrent.exe
2009-09-19 06:56:42 2025768 ----a-w- c:\program files\SkypeSetup.exe
2009-08-26 13:06:20 12754672 ----a-w- c:\program files\MP10Setup.exe
2009-08-25 19:33:15 10277728 ----a-w- c:\program files\winamp556_full_emusic-7plus_en-us.exe

============= FINISH: 10:43:33.67 ===============

http://www.mycity.rs/Uploads/184562_462763825_Attach.txt

http://www.mycity.rs/Uploads/184562_296199406_Gmer1.log

http://www.mycity.rs/Uploads/184562_1786499068_Gmer2.log

http://www.mycity.rs/Uploads/184562_1210740601_Gmer3.txt
Hvala unapred za svaku pomoć!!

diarno · Anti Malware Fighter Rank 1

Pozdrav i Dobrodosao na Forum Smile

Imas ovde malware-a (aktivan rootkit)

Pazljivo ispostuj sledecu proceduru :

Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:

Bleeping Computer

Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.

Kada preuzimanje programa bude završeno:

deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix.

U toku rada, ComboFix će:

proveriti postoji li novija verzija programa:
- klikni Yes ako bude ponuđeno preuzimanje iste.
prikazati DISCLAIMER OF WARRANTY ON SOFTWARE:
- klikni Yes kako bi proces bio nastavljen.
ako Recovery Console nije instalirana, ponuditi instalaciju:
- obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
- prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:

klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.

Napomena:

Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Goradisic · Putnik u prolazu

Hvala tigre najlepse...Evo ga radi samo tako....Hvala veliko!!

ComboFix 10-01-23.05 - Korisnik 01/24/2010 14:48:44.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.767.345 [GMT 1:00]
Running from: c:\documents and settings\Korisnik\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Korisnik\Application Data\avdrn.dat
c:\documents and settings\Korisnik\Start Menu\Programs\Startup\wwwpos32.exe
C:\LOG.TXT

.
((((((((((((((((((((((((( Files Created from 2009-12-24 to 2010-01-24 )))))))))))))))))))))))))))))))
.

2010-01-21 19:12 . 2010-01-21 19:12 -------- d-----w- c:\documents and settings\Korisnik\Local Settings\Application Data\GHISLER
2010-01-21 19:08 . 2009-09-24 06:50 545 ----a-w- c:\windows\UC.PIF
2010-01-21 19:08 . 2009-09-24 06:50 545 ----a-w- c:\windows\RAR.PIF
2010-01-21 19:08 . 2010-01-22 18:47 -------- d-----w- C:\totalcmd
2010-01-21 19:08 . 2010-01-21 19:08 -------- d-----w- c:\documents and settings\Korisnik\Application Data\GHISLER
2010-01-21 19:08 . 2009-09-24 06:50 545 ----a-w- c:\windows\PKZIP.PIF
2010-01-21 19:08 . 2009-09-24 06:50 545 ----a-w- c:\windows\PKUNZIP.PIF
2010-01-21 19:08 . 2009-09-24 06:50 545 ----a-w- c:\windows\NOCLOSE.PIF
2010-01-21 19:08 . 2009-09-24 06:50 545 ----a-w- c:\windows\LHA.PIF
2010-01-21 19:08 . 2009-09-24 06:50 545 ----a-w- c:\windows\ARJ.PIF
2010-01-21 16:57 . 2010-01-21 16:57 -------- d-----w- c:\documents and settings\Korisnik\Local Settings\Application Data\Ares
2010-01-21 16:26 . 2004-08-03 21:59 34688 -c--a-w- c:\windows\system32\dllcache\lbrtfdc.sys
2010-01-21 16:26 . 2004-08-03 21:59 34688 ----a-w- c:\windows\system32\drivers\lbrtfdc.sys
2010-01-21 16:26 . 2004-08-03 22:00 8192 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys
2010-01-21 16:26 . 2004-08-03 22:00 8192 ----a-w- c:\windows\system32\drivers\i2omgmt.sys
2010-01-21 16:25 . 2004-08-03 22:00 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2010-01-21 16:25 . 2004-08-03 22:00 8192 ----a-w- c:\windows\system32\drivers\Changer.sys
2010-01-18 14:55 . 2010-01-18 14:55 -------- d-----w- c:\documents and settings\Korisnik\Programs
2010-01-16 08:00 . 2010-01-16 08:00 -------- d-----w- c:\program files\TimeAdjuster
2010-01-15 23:01 . 2010-01-15 23:01 -------- d-----w- c:\program files\aod
2010-01-15 23:01 . 2010-01-16 07:18 -------- d-----w- c:\program files\Common Files\Real
2010-01-11 14:11 . 2010-01-12 16:03 -------- d-----w- c:\program files\DreamQuest
2010-01-11 13:54 . 2010-01-11 13:57 -------- d-----w- c:\documents and settings\Korisnik\Application Data\Chessmaster Challenge
2010-01-11 13:53 . 2010-01-11 13:53 249856 ----a-w- c:\documents and settings\All Users\Application Data\PlayFirst\Games\components\pfMultiplayer.dll
2010-01-11 13:53 . 2010-01-11 13:53 466944 ----a-w- c:\documents and settings\All Users\Application Data\PlayFirst\Games\pfHarness\pfHarness.dll
2010-01-11 13:51 . 2010-01-11 13:51 -------- d-----w- c:\documents and settings\All Users\Application Data\PlayFirst
2010-01-11 13:51 . 2009-07-13 12:38 139264 ----a-w- c:\documents and settings\All Users\Application Data\PlayFirst\Games\PlayFirst.EXE
2010-01-10 21:19 . 2010-01-10 21:19 0 ----a-w- c:\windows\nsreg.dat
2010-01-10 21:19 . 2010-01-10 21:19 -------- d-----w- c:\documents and settings\Korisnik\Local Settings\Application Data\Mozilla
2010-01-10 21:17 . 2010-01-10 21:17 9067744 ----a-w- c:\program files\Firefox Setup 3.5.7.exe
2010-01-08 10:59 . 2010-01-08 10:59 -------- d-----w- c:\program files\Recuva
2010-01-07 23:46 . 2010-01-07 23:46 -------- d-----w- c:\documents and settings\Korisnik\Local Settings\Application Data\cald3
2010-01-07 23:45 . 2010-01-07 23:46 -------- d-----w- c:\documents and settings\Korisnik\Application Data\cald3
2010-01-06 08:31 . 2010-01-06 08:31 3762464 ----a-w- c:\program files\recuvasetup134.exe
2010-01-05 19:31 . 2006-11-01 14:54 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2010-01-05 19:31 . 2006-11-01 14:52 765952 ----a-w- c:\windows\system32\xvidcore.dll
2010-01-05 19:31 . 2004-03-09 10:39 8704 ----a-w- c:\windows\system32\vidccleaner.exe
2009-12-27 08:41 . 2001-08-17 21:36 5632 ----a-w- c:\windows\system32\ptpusb.dll
2009-12-27 08:40 . 2004-08-03 23:56 159232 ----a-w- c:\windows\system32\ptpusd.dll
2009-12-27 08:40 . 2004-08-03 21:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-12-27 08:40 . 2004-08-03 21:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-24 14:00 . 2009-10-05 12:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-24 12:49 . 2009-08-22 15:11 1632 ----a-w- c:\windows\system32\d3d8caps.dat
2010-01-24 11:49 . 2009-08-22 11:19 -------- d-----w- c:\documents and settings\Korisnik\Application Data\Skype
2010-01-24 11:43 . 2009-08-22 15:35 10 ----a-w- c:\windows\popcinfo.dat
2010-01-24 11:03 . 2009-09-19 07:01 -------- d-----w- c:\documents and settings\Korisnik\Application Data\skypePM
2010-01-22 18:45 . 2009-10-05 18:55 -------- d-----w- c:\program files\LG USB Drive 2.9
2010-01-21 18:56 . 2010-01-21 18:56 16 ----a-w- c:\documents and settings\LocalService\Application Data\anvkgp.dat
2010-01-21 17:39 . 2009-10-02 06:57 -------- d-----w- c:\documents and settings\Korisnik\Application Data\uTorrent
2010-01-21 16:10 . 2010-01-21 16:09 16 ----a-w- c:\documents and settings\NetworkService\Application Data\anvkgp.dat
2010-01-16 07:20 . 2008-03-22 13:06 -------- d-----w- c:\program files\QuickTime
2010-01-15 11:40 . 2009-10-05 13:06 -------- d-----w- c:\program files\uTorrent
2010-01-13 11:04 . 2009-08-22 18:40 1744 ----a-w- c:\windows\system32\d3d9caps.dat
2010-01-05 19:30 . 2008-03-22 12:33 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-11 20:37 . 2009-08-22 15:11 40 ----a-w- c:\windows\RSoftInfo.dat
2009-12-11 11:44 . 2009-12-11 11:44 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-12-09 13:21 . 2009-12-08 14:57 -------- d-----w- c:\documents and settings\Korisnik\Application Data\The Bat!
2009-11-20 16:12 . 2009-11-20 16:12 31604224 ----a-w- c:\program files\eav_nt32_enu.msi
2009-10-05 12:57 . 2009-10-05 12:57 1615732 ----a-w- c:\program files\ProcessExplorer.zip
2009-10-02 06:08 . 2009-10-02 06:08 289072 ----a-w- c:\program files\utorrent.exe
2009-09-19 06:56 . 2009-11-02 09:13 2025768 ----a-w- c:\program files\SkypeSetup.exe
2009-08-26 13:06 . 2009-11-02 09:13 12754672 ----a-w- c:\program files\MP10Setup.exe
2009-08-25 19:33 . 2009-11-02 09:13 10277728 ----a-w- c:\program files\winamp556_full_emusic-7plus_en-us.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-10-29 4620288]
"nwiz"="nwiz.exe" [2004-10-29 921600]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-10-29 86016]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-03-22 98304]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-29 2054360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [9/29/2009 1:02 PM 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [9/29/2009 1:05 PM 96408]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [9/29/2009 1:03 PM 735960]
R3 netflx3;Compaq NetFlex-3/Netelligent Adapter Driver;c:\windows\system32\drivers\NetFlx3.sys [8/22/2009 11:55 AM 65278]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3/22/2008 1:51 PM 682232]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8/22/2009 7:41 PM 133104]
.
Contents of the 'Scheduled Tasks' folder

2010-01-22 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2004\SystemOptimizer.exe [2004-03-31 16:00]

2010-01-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 18:41]

2010-01-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-22 18:41]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {E37EDD28-20F5-4C76-8B61-E828105E1631} = 212.200.191.166,212.200.190.166
FF - ProfilePath - c:\documents and settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\3sukci1z.default\
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-TS - c:\program files\TS\tsc.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-24 15:01
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
.
**************************************************************************
.
Completion time: 2010-01-24 15:18:31 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-24 14:18

Pre-Run: 9,903,046,656 bytes free
Post-Run: 10,383,499,264 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 2E060B500E3BFB5D48FF0E08232D58E9

diarno · Anti Malware Fighter Rank 1

OK.. log sad deluje ok

Potrebno je deinstalirati ComboFix:

klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.
U liniju za unos teksta ukucaj (iskopiraj) sledeće:
ComboFix /Uninstall

Primeti da postoji razmak između "ComboFix" i "/Uninstall".
a zatim klikni OK (ili pritisni Enter).

Sačekaj da se proces deinstalacije završi.

Vesti

Usporen, usporen racunar :(