MyCity » Ambulanta -> Arhiva Ambulante » Avira prijavljuje trojanca

Avira prijavljuje trojanca

Napisano na dan: 9.3.2010

Avira prijavljuje trojanca

Sledeća strana

Pagination

Odgovori

darksdam Poslao: 09 Mar 2010 05:27 Idi na vrh
offline darksdam Novi MyCity građanin Pridružio: 10 Okt 2007 Poruke: 26	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Od 05 marta prilikom pokretanja windowsa XP32 sp2, avira mi prijavljuje: Virus or unwanted program 'TR/Autoit.734273 [trojan]' detected in file 'C:\WINDOWS\system32\csrcs.exe. Action performed: Deny access zatim: Virus or unwanted program 'TR/Autoit.734273 [trojan]' detected in file 'M:\zrqgqi.exe. Action performed: Deny access Pokušao sam da ga ubijem, ali avira kaže: Error detected in AntiVir Guard. Error message: Action failed for file: C:\WINDOWS\system32\csrcs.exe Error code: [0x00000005 - Access is denied.]. Pa onda i : Virus or unwanted program 'APPL/NirCmd.2 [program]' detected in file 'C:\Documents and Settings\Darko\Local Settings\Temp\nircmd.exe. Action performed: Move file to quarantine To je prijavio ali i ponovo: Virus or unwanted program 'APPL/NirCmd.2 [program]' detected in file 'C:\Documents and Settings\Darko\Desktop\nircmd.exe. Action performed: Deny access I od tada mnogo puta: Error detected in AntiVir Guard. Error message: Action failed for file: C:\WINDOWS\system32\csrcs.exe Error code: [0x00000005 - Access is denied.]. i onda: Virus or unwanted program 'TR/Autoit.734273 [trojan]' detected in file 'C:\WINDOWS\system32\csrcs.exe. Action performed: Deny access Dakle ne usuđujem se da ništa više pokušavam, već molim za pomoć.! [Link mogu videti samo ulogovani korisnici] 014443-FC836D8A.LOG DDS (Ver_09-12-01.01) - NTFSx86 Run by Darko at 3:01:19.43 on 09-Mar-10 Internet Explorer: 6.0.2900.2180 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.498 [GMT 1:00] AV: AntiVir Desktop On-access scanning enabled (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\Ati2evxx.exe svchost.exe svchost.exe C:\WINDOWS\Explorer.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\svchost.exe -k imgsvc C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\system32\kxmixer.exe C:\Program Files\WinFast\WFDTV\DTVSchdl.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\PixArt\PAP7501\GUCI_AVS.exe C:\WINDOWS\PixArt\PAP7501\PACTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\WinFast\WFDTV\WFWIZ.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Documents and Settings\Darko\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Darko\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Darko\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Darko\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Darko\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Darko\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = [Link mogu videti samo ulogovani korisnici] uSearch Page = [Link mogu videti samo ulogovani korisnici] uSearch Bar = [Link mogu videti samo ulogovani korisnici] mDefault_Search_URL = [Link mogu videti samo ulogovani korisnici] uSearchAssistant = [Link mogu videti samo ulogovani korisnici] uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici] mSearchAssistant = [Link mogu videti samo ulogovani korisnici] mWinlogon: Shell=Explorer.exe csrcs.exe BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File EB: {182EC0BE-5110-49C8-A062-BEB1D02A220B} - No File EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 52\axcmd.exe" /automount uRun: [WinFast Schedule] c:\program files\winfast\wfdtv\WFWIZ.exe uRun: [Google Update] "c:\documents and settings\darko\local settings\application data\google\update\GoogleUpdate.exe" /c mRun: [kX Mixer] kxmixer --startup mRun: [USBFW] c:\program files\net studio\usb firewall\USB FireWall.exe mRun: [WinFastDTV] c:\program files\winfast\wfdtv\DTVSchdl.exe mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [GUCI_AVS] c:\windows\pixart\pap7501\GUCI_AVS.exe mRun: [PACTray] c:\windows\pixart\pap7501\PACTray.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE mExplorerRun: [csrcs] c:\windows\system32\csrcs.exe StartupFolder: c:\docume~1\darko\startm~1\programs\startup\thoosj~1.lnk - c:\program files\thoosje vista sidebar\Thoosje Sidebar.exe mPolicies-explorer: hx-1 = 1 mPolicies-explorer: hx-2 = 2 IE: Convert link target to Adobe PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert to existing PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_5F1A57F0B9B89E2E.dll/cmsidewiki.html IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: DirectAnimation Java Classes - [Link mogu videti samo ulogovani korisnici]\windows\java\classes\dajava.cab DPF: Microsoft XML Parser for Java - [Link mogu videti samo ulogovani korisnici]\windows\java\classes\xmldso.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll ============= SERVICES / DRIVERS =============== R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-1-12 11608] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-1-12 108289] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-1-12 185089] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-1-12 56816] R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [2010-1-12 1594944] R3 kxwdmdrv;kX WDM Driver Service;c:\windows\system32\drivers\kx.sys [2004-2-16 571776] R3 WFLR6654;WinFast TV2000 XP Expert (FM1216MK3);c:\windows\system32\drivers\wfeaglxt.sys [2008-12-25 433792] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-13 135664] S2 xykkebzsl;Security Shell;c:\windows\system32\svchost.exe -k netsvcs [2001-8-23 14336] S3 DigiPnp;DigiPnp;c:\windows\system32\drivers\Digipnp.sys [2004-9-27 6146] S3 DVcam;DVCam Capture;c:\windows\system32\drivers\DVcam.sys [2005-9-29 42511] S3 G400RT2K;G400RT2K;c:\windows\system32\drivers\g400RT2Km.sys [2004-9-27 325627] S3 GUCI_AVS;USB2.0 VGA Video Device;c:\windows\system32\drivers\GUCI_AVS.sys [2010-2-26 581120] S3 MtxVxd;MtxVxd;c:\windows\system32\drivers\MTXVXD.SYS [2005-3-27 5604] S3 Ndisusb;GeneLink Network Driver;c:\windows\system32\drivers\genelan.sys --> c:\windows\system32\drivers\genelan.sys [?] S3 RTPP2K;RTPP2K;c:\windows\system32\drivers\rtpp2k.sys [2001-4-29 87374] S3 USBHSB;GeneLink USB Driver;c:\windows\system32\drivers\glkusb.sys [2005-10-31 10752] S3 Usblink;Usblink Driver;c:\windows\system32\drivers\ulink.sys [2005-10-31 37616] S3 VNic;ULan Network Driver Module;c:\windows\system32\drivers\vnic.sys --> c:\windows\system32\drivers\VNic.sys [?] S4 Nerc2ibp;Nerc2ibp; [x] S4 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 52\starwind\StarWindServiceAE.exe [2007-5-28 275968] =============== Created Last 30 ================ 2010-03-06 20:46:22 421 --sha-r- c:\windows\system32\autorun.inf 2010-03-05 11:28:52 0 d-sha-r- C:\autorun.inf 2010-02-28 23:57:02 0 d-----w- c:\program files\common files\DivX Shared 2010-02-26 22:28:45 230436 ----a-w- C:\PAP7501.dat 2010-02-26 10:57:32 0 d-----w- c:\program files\Video Power 2010-02-26 10:49:28 7168 ----a-w- c:\windows\system32\COINST_080603.dll 2010-02-26 10:49:28 581120 ----a-w- c:\windows\system32\drivers\GUCI_AVS.sys 2010-02-26 10:49:23 2057 ----a-w- c:\windows\system32\GUCI_AVS.ini 2010-02-26 10:49:22 114688 ----a-w- c:\windows\system32\PixArt.ax 2010-02-26 10:49:19 0 d-----w- c:\windows\PixArt 2010-02-26 10:49:18 14336 ----a-w- c:\windows\system32\GUCI_AVS.dll 2010-02-26 10:49:17 165376 ----a-w- c:\windows\system32\GUCI_AVS.ax 2010-02-26 10:49:17 0 d-----w- c:\program files\common files\PAP7501 2010-02-26 10:48:50 59264 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys 2010-02-26 10:48:50 59264 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys 2010-02-26 10:43:32 20992 -c--a-w- c:\windows\system32\dllcache\dshowext.ax 2010-02-26 10:43:32 20992 ----a-w- c:\windows\system32\dshowext.ax 2010-02-26 10:43:26 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys 2010-02-26 10:43:26 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2010-02-14 09:43:58 612454 ----a-w- c:\windows\system32\XPRTV.exe 2010-02-12 10:21:37 0 --sha-r- C:\khq 2010-02-10 11:16:09 0 d--h--w- c:\windows\PIF 2010-02-09 21:24:42 0 d-----w- c:\program files\LEGO Island ==================== Find3M ==================== 2010-01-15 01:59:44 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-01-14 10:32:57 499712 ----a-w- c:\windows\system32\msvcp71.dll 2010-01-13 20:07:26 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2004-11-26 14:21:58 8 -csh--r- c:\windows\system32\252C124488.sys 2005-02-07 12:11:19 152 -csh--r- c:\windows\system32\B415CD33AB.sys 2006-05-03 10:06:54 163328 --sh--r- c:\windows\system32\flvDX.dll 2006-12-29 16:52:44 10434 --sha-w- c:\windows\system32\KGyGaAvL.sys 2007-02-21 11:47:16 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 13:30:52 216064 --sh--r- c:\windows\system32\nbDX.dll ============= FINISH: 3:01:48.79 =============== [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici]

Profil

helen1 Poslao: 09 Mar 2010 07:34 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

darksdam Poslao: 09 Mar 2010 11:44 Idi na vrh
offline darksdam Novi MyCity građanin Pridružio: 10 Okt 2007 Poruke: 26	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, uradio po uputstvu. ComboFix 10-03-08.02 - Darko 09-Mar-10 11:32:00.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.705 [GMT 1:00] Running from: c:\documents and settings\Darko\Desktop\ComboFix.exe AV: AntiVir Desktop On-access scanning disabled (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\docume~1\Darko\LOCALS~1\Temp\install_flash_player.exe c:\documents and settings\Darko\Local Settings\Temporary Internet Files\udRemove.exe C:\khq c:\windows\system32\AutoRun.inf c:\windows\system32\Dvbpws.dll c:\windows\system32\SIntf16.dll F:\khq G:\khq . ((((((((((((((((((((((((( Files Created from 2010-02-09 to 2010-03-09 ))))))))))))))))))))))))))))))) . 2010-02-28 23:57 . 2010-02-28 23:57 -------- d-----w- c:\program files\Common Files\DivX Shared 2010-02-26 22:28 . 2010-02-26 22:38 230436 ----a-w- C:\PAP7501.dat 2010-02-26 10:57 . 2010-02-26 10:57 -------- d-----w- c:\program files\Video Power 2010-02-26 10:49 . 2008-12-23 19:54 581120 ----a-w- c:\windows\system32\drivers\GUCI_AVS.sys 2010-02-26 10:49 . 2008-06-03 15:59 7168 ----a-w- c:\windows\system32\COINST_080603.dll 2010-02-26 10:49 . 2010-02-26 10:49 -------- d-----w- c:\windows\PixArt 2010-02-26 10:49 . 2006-10-12 10:57 14336 ----a-w- c:\windows\system32\GUCI_AVS.dll 2010-02-26 10:49 . 2010-02-26 10:49 -------- d-----w- c:\program files\Common Files\PAP7501 2010-02-26 10:48 . 2004-08-03 22:07 59264 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys 2010-02-26 10:48 . 2004-08-03 22:07 59264 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys 2010-02-26 10:43 . 2004-08-03 22:08 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys 2010-02-26 10:43 . 2004-08-03 22:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2010-02-14 09:43 . 2010-02-14 09:43 612454 ----a-w- c:\windows\system32\XPRTV.exe 2010-02-10 11:16 . 2010-02-10 11:16 -------- d--h--w- c:\windows\PIF 2010-02-09 21:24 . 2010-02-09 21:25 -------- d-----w- c:\program files\LEGO Island . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-08 23:30 . 2010-01-15 02:00 -------- d-----w- c:\program files\JDownloader 2010-03-05 12:02 . 2010-01-13 09:30 -------- d-----w- c:\documents and settings\Darko\Application Data\Skype 2010-03-05 12:01 . 2010-01-13 09:36 -------- d-----w- c:\documents and settings\Darko\Application Data\skypePM 2010-03-05 02:19 . 2010-01-15 01:56 -------- d-----w- c:\documents and settings\Darko\Application Data\Azureus 2010-03-05 02:11 . 2010-01-15 01:55 -------- d-----w- c:\program files\Vuze 2010-02-28 23:57 . 2005-01-23 15:54 -------- d-----w- c:\program files\DivX 2010-02-26 10:49 . 2004-09-27 20:17 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-02-18 20:46 . 2010-01-22 10:45 -------- d-----w- c:\program files\Common Files\Adobe 2010-02-05 10:10 . 2010-02-02 21:21 80896 ----a-w- c:\documents and settings\Darko\Application Data\Seven Zip\Codecs\LZMA.dll 2010-02-05 10:10 . 2010-02-02 21:21 5632 ----a-w- c:\documents and settings\Darko\Application Data\Seven Zip\Codecs\Swap.dll 2010-02-05 10:10 . 2010-02-02 21:21 5120 ----a-w- c:\documents and settings\Darko\Application Data\Seven Zip\Codecs\Copy.dll 2010-02-05 10:10 . 2010-02-02 21:21 32256 ----a-w- c:\documents and settings\Darko\Application Data\Seven Zip\Codecs\Aes.dll 2010-02-05 10:10 . 2010-02-02 21:21 18944 ----a-w- c:\documents and settings\Darko\Application Data\Seven Zip\Codecs\Branch.dll 2010-02-05 10:10 . 2010-02-02 21:21 13824 ----a-w- c:\documents and settings\Darko\Application Data\Seven Zip\Codecs\7zAes.dll 2010-02-05 10:10 . 2010-02-02 21:21 129024 ----a-w- c:\documents and settings\Darko\Application Data\Seven Zip\Formats\7z.dll 2010-02-02 21:21 . 2010-02-02 21:21 -------- d-----w- c:\documents and settings\Darko\Application Data\Seven Zip 2010-01-29 09:34 . 2010-01-13 00:08 -------- d-----w- c:\program files\Google 2010-01-29 01:36 . 2010-01-14 00:50 -------- d-----w- c:\program files\Thoosje Vista Sidebar 2010-01-25 23:10 . 2010-01-25 23:10 -------- d-----w- c:\program files\URUSoft 2010-01-25 12:32 . 2010-01-25 12:32 -------- d-----w- c:\documents and settings\All Users\Application Data\FileCure 2010-01-25 02:33 . 2010-01-25 02:33 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI 2010-01-25 02:24 . 2009-09-08 10:00 -------- d-----w- c:\program files\ATI Technologies 2010-01-21 10:30 . 2004-09-29 21:23 -------- d-----w- c:\program files\InterVideo 2010-01-21 09:59 . 2005-09-13 10:42 -------- d-----w- c:\program files\Common Files\InterVideo 2010-01-20 18:48 . 2010-01-20 18:48 -------- d-----w- c:\program files\AviSynth 2.5 2010-01-20 18:24 . 2010-01-20 18:24 -------- d-----w- c:\program files\eRightSoft 2010-01-18 17:39 . 2009-09-09 10:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-18 17:37 . 2010-01-18 17:37 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2010-01-18 00:35 . 2010-01-18 00:32 -------- d-----w- c:\program files\The KMPlayer 2010-01-15 01:59 . 2010-01-15 02:00 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-01-15 01:59 . 2010-01-15 01:59 -------- d-----w- c:\program files\Java 2010-01-15 01:58 . 2010-01-15 01:58 152576 ----a-w- c:\documents and settings\Darko\Application Data\Sun\Java\jre1.6.0_15\lzma.dll 2010-01-15 01:56 . 2010-01-15 01:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Azureus 2010-01-15 01:55 . 2010-01-15 01:55 -------- d-----w- c:\program files\Common Files\i4j_jres 2010-01-14 17:28 . 2010-01-14 17:28 -------- d-----w- c:\documents and settings\Darko\Application Data\Wildlife Zoo - Marine World 2010-01-14 10:33 . 2010-01-14 10:32 -------- d-----w- c:\program files\Common Files\Real 2010-01-14 10:32 . 2003-03-18 18:14 499712 ----a-w- c:\windows\system32\msvcp71.dll 2010-01-14 10:32 . 2010-01-14 10:32 -------- d-----w- c:\program files\Real 2010-01-13 22:04 . 2010-01-13 22:04 -------- d-----w- c:\program files\Common Files\DirectX 2010-01-13 22:04 . 2010-01-13 22:04 -------- d-----w- c:\documents and settings\Darko\Application Data\Wildlife Zoo 2010-01-13 20:07 . 2010-01-12 20:06 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-01-13 19:24 . 2010-01-13 19:24 -------- d-----w- c:\program files\DREAMCATCHER INTERACTIVE 2010-01-13 10:01 . 2010-01-13 10:01 -------- d-----w- c:\program files\Microsoft Silverlight 2010-01-13 09:36 . 2010-01-13 09:36 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2010-01-13 09:30 . 2010-01-13 09:30 -------- d-----r- c:\program files\Skype 2010-01-13 09:30 . 2010-01-13 09:30 -------- d-----w- c:\program files\Common Files\Skype 2010-01-13 09:30 . 2010-01-13 09:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2010-01-12 20:30 . 2010-01-08 14:19 -------- d-----w- c:\program files\Common Files\ArcSoft 2010-01-12 20:05 . 2010-01-12 20:05 -------- d-----w- c:\program files\Avira 2010-01-12 20:05 . 2008-04-22 22:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2010-01-12 19:03 . 2010-01-12 19:03 -------- d-----w- c:\documents and settings\All Users\Application Data\TP-LINK 2010-01-12 17:46 . 2010-01-12 17:46 -------- d-----w- c:\program files\viewsonic 2010-01-11 19:49 . 2005-01-16 12:31 366320 -c--a-w- c:\documents and settings\Darko\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-01-10 22:18 . 2010-01-10 22:18 -------- d-----w- c:\documents and settings\Darko\Application Data\GRETECH 2010-01-10 22:16 . 2010-01-10 22:16 -------- d-----w- c:\program files\GRETECH 2010-01-10 00:18 . 2010-01-10 00:17 -------- d-----w- c:\program files\WinFast 2010-01-10 00:17 . 2010-01-10 00:17 -------- d-----w- c:\program files\Windows Sidebar 2010-01-08 17:33 . 2010-01-08 14:20 -------- d-----w- c:\documents and settings\Darko\Application Data\ArcSoft 2010-01-08 14:20 . 2010-01-08 14:19 -------- d-----w- c:\documents and settings\All Users\Application Data\ArcSoft 2010-01-08 14:18 . 2010-01-08 14:18 -------- d-----w- c:\program files\Common Files\Ulead Systems 2010-01-07 15:07 . 2009-09-09 10:35 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 15:07 . 2009-09-09 10:34 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2004-11-26 14:21 . 2004-11-26 14:21 8 -csh--r- c:\windows\system32\252C124488.sys 2005-02-07 12:11 . 2004-12-17 20:10 152 -csh--r- c:\windows\system32\B415CD33AB.sys 2006-05-03 10:06 . 2010-01-20 18:25 163328 --sh--r- c:\windows\system32\flvDX.dll 2006-12-29 16:52 . 2004-12-17 20:10 10434 --sha-w- c:\windows\system32\KGyGaAvL.sys 2007-02-21 11:47 . 2010-01-20 18:25 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 13:30 . 2010-01-20 18:25 216064 --sh--r- c:\windows\system32\nbDX.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 52\axcmd.exe" [2009-02-23 203416] "WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2009-03-11 2912256] "Google Update"="c:\documents and settings\Darko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-01-13 135664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "kX Mixer"="kxmixer --startup" [X] "USBFW"="c:\program files\Net Studio\USB FireWall\USB FireWall.exe" [2008-09-01 1330688] "WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2009-10-02 90112] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-10-10 203264] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-01-14 198160] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440] "GUCI_AVS"="c:\windows\PixArt\PAP7501\GUCI_AVS.exe" [2007-12-10 323584] "PACTray"="c:\windows\PixArt\PAP7501\PACTray.exe" [2008-11-14 319488] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-03 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "StarWindServiceAE"=2 (0x2) "idsvc"=3 (0x3) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Documents and Settings\\Darko\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"= "c:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe"= "c:\\Program Files\\JDownloader\\JDownloader.exe"= "c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= "c:\\Program Files\\WinFast\\WFDTV\\DVBTAP.exe"= "c:\\Program Files\\Alcohol Soft\\Alcohol 52\\ACID.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1542:TCP"= 1542:TCP:jdtjxoup [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundMaskRequest"= 1 (0x1) "AllowInboundRouterRequest"= 1 (0x1) R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [12-Jan-10 21:05 108289] R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [12-Jan-10 20:06 1594944] R3 kxwdmdrv;kX WDM Driver Service;c:\windows\system32\drivers\kx.sys [16-Feb-04 23:19 571776] R3 WFLR6654;WinFast TV2000 XP Expert (FM1216MK3);c:\windows\system32\drivers\wfeaglxt.sys [25-Dec-08 8:56 433792] S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14-Mar-09 18:24 717296] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [13-Jan-10 1:08 135664] S2 xykkebzsl;Security Shell;c:\windows\system32\svchost.exe -k netsvcs [23-Aug-01 12:00 14336] S3 DigiPnp;DigiPnp;c:\windows\system32\drivers\Digipnp.sys [27-Sep-04 21:15 6146] S3 DVcam;DVCam Capture;c:\windows\system32\drivers\DVcam.sys [29-Sep-05 23:15 42511] S3 G400RT2K;G400RT2K;c:\windows\system32\drivers\g400RT2Km.sys [27-Sep-04 20:50 325627] S3 GUCI_AVS;USB2.0 VGA Video Device;c:\windows\system32\drivers\GUCI_AVS.sys [26-Feb-10 11:49 581120] S3 MtxVxd;MtxVxd;c:\windows\system32\drivers\MTXVXD.SYS [27-Mar-05 16:50 5604] S3 Ndisusb;GeneLink Network Driver;c:\windows\system32\DRIVERS\genelan.sys --> c:\windows\system32\DRIVERS\genelan.sys [?] S3 RTPP2K;RTPP2K;c:\windows\system32\drivers\rtpp2k.sys [29-Apr-01 23:54 87374] S3 USBHSB;GeneLink USB Driver;c:\windows\system32\drivers\glkusb.sys [31-Oct-05 17:34 10752] S3 Usblink;Usblink Driver;c:\windows\system32\drivers\ulink.sys [31-Oct-05 17:28 37616] S3 VNic;ULan Network Driver Module;c:\windows\system32\DRIVERS\VNic.sys --> c:\windows\system32\DRIVERS\VNic.sys [?] S4 Nerc2ibp;Nerc2ibp; [x] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs xykkebzsl . Contents of the 'Scheduled Tasks' folder 2010-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-13 00:08] 2010-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-13 00:08] 2010-03-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-651377827-682003330-1003Core.job - c:\documents and settings\Darko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-13 00:08] 2010-03-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-651377827-682003330-1003UA.job - c:\documents and settings\Darko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-13 00:08] . . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] uSearchAssistant = [Link mogu videti samo ulogovani korisnici] uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici] IE: Convert link target to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_5F1A57F0B9B89E2E.dll/cmsidewiki.html DPF: DirectAnimation Java Classes - [Link mogu videti samo ulogovani korisnici]\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - [Link mogu videti samo ulogovani korisnici]\windows\Java\classes\xmldso.cab . - - - - ORPHANS REMOVED - - - - AddRemove-Half-Life - c:\sierra\Half-Life\Uninst.isu AddRemove-MicrosoftCinemania97 - h:\cinemania\cinmania.exe ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2010-03-09 11:37 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\xykkebzsl] "ServiceDll"="c:\windows\system32\fsyfv.dll" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-515967899-651377827-682003330-1003\Software\Microsoft\SystemCertificates\AddressBook] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) [HKEY_LOCAL_MACHINE\software\GenArts\Sapphire AE\Install-{4E41A485-04D4-CF7C-6CE3-27F7BEAE7048}\Data] @DACL= "CTE_32 Name"="459544:{C3B8A1BC-8B18-94D5-AD04-2B3354994626}" [HKEY_LOCAL_MACHINE\software\GenArts\Sapphire AE\Install-{EC3F6705-85EF-4FB1-4E30-80781324E273}\Data] @DACL= "DefaultSettings"="99:{C6DDA450-F687-55DF-CA23-1A5083308C5D}" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\Current Version\{8AC25C6A-D4B3-FF2F-2A61-C75CA1DB6116}\InstallLoc\VxDs] @DACL= "CTE_32 Name"="2453773:{301564B2-67A6-1A66-9C4E-A1FE91DE9752}" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\InstallLoc\xga-1-{9616EE07-4AAF-494D-0789-CBC01BCBF7B6}\Version 1.1] @DACL= "dat"="806585365:{D518752D-0C5B-3B8A-43F0-199D3C970E8B}" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\z\{{05FF8CB8-4942-FCF6-301D-6930181DE865}}] @DACL= "DefaultSettings"="2453794:{37C8840C-72FD-B1F6-4FC1-23A6EF5B6255}" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\{3A118380-006B-D9D7-2CA8-D0A784756F32}\InstallLoc\xga-1\dat] @DACL= "default"="516232500:{AA5E4DB0-32A9-5792-6C08-AC4B692DCFE1}" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows Install VBX\CurrentVersion\InstallLoc\xga-1-{9616EE07-4AAF-494D-0789-CBC01BCBF7B6}\Version 3.x] @DACL= "dat"="1767914624:{8E3D43F3-1ADB-A105-6F38-F1686A8DA622}" [HKEY_LOCAL_MACHINE\software\Microsoft\WinXGA\Providers\{D41D8CD9-8F00-B204-E980-0998ECF8427E}\CurrentSet\xga-1\ver] @DACL= "KnownSvcs"="923714507:{6A539712-46C7-4E56-B112-C5268FCDD102}" [HKEY_LOCAL_MACHINE\software\XBMga\UUIDs\{57E5ADC1-B6F2-E550-86DB-E6F1E0F8A300}\xga-1\InstallLoc] @DACL= "{19620715-0001-1211-574574-30001}"="234521119:{54115072-223B-3D3D-71C9-06759296E623}" [HKEY_LOCAL_MACHINE\software\xGenArts\Sapphire AE\DLL ver*\{A6D90D08-68DD-2B46-E2AC-5782669B2696}] @DACL= "CTE_32 Name"="9:{19C42D30-D844-8A07-12A4-E783E7D228F7}" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(712) c:\windows\system32\Ati2evxx.dll . Completion time: 2010-03-09 11:39:57 ComboFix-quarantined-files.txt 2010-03-09 10:39 Pre-Run: 2,716,639,232 bytes free Post-Run: 5,349,212,160 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - B9DF3A4DB9BAEF12670012B1A0BBA26C

Profil

helen1 Poslao: 09 Mar 2010 21:22 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\windows\system32\XPRTV.exe c:\windows\system32\fsyfv.dll Registry:: [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1542:TCP"=- NetSvc:: xykkebzsl Driver:: xykkebzsl Nerc2ibp` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

darksdam Poslao: 09 Mar 2010 23:55 Idi na vrh
offline darksdam Novi MyCity građanin Pridružio: 10 Okt 2007 Poruke: 26	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo i drugog log-a ComboFix-a: ComboFix 10-03-08.02 - Darko 09-Mar-10 23:15:19.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.727 [GMT 1:00] Running from: c:\documents and settings\Darko\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Darko\Desktop\CFScript.txt AV: AntiVir Desktop On-access scanning disabled (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} FILE :: "c:\windows\system32\fsyfv.dll" "c:\windows\system32\XPRTV.exe" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\XPRTV.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_XYKKEBZSL -------\Service_Nerc2ibp -------\Service_xykkebzsl ((((((((((((((((((((((((( Files Created from 2010-02-09 to 2010-03-09 ))))))))))))))))))))))))))))))) . 2010-02-28 23:57 . 2010-02-28 23:57 -------- d-----w- c:\program files\Common Files\DivX Shared 2010-02-26 22:28 . 2010-02-26 22:38 230436 ----a-w- C:\PAP7501.dat 2010-02-26 10:57 . 2010-02-26 10:57 -------- d-----w- c:\program files\Video Power 2010-02-26 10:49 . 2008-12-23 19:54 581120 ----a-w- c:\windows\system32\drivers\GUCI_AVS.sys 2010-02-26 10:49 . 2008-06-03 15:59 7168 ----a-w- c:\windows\system32\COINST_080603.dll 2010-02-26 10:49 . 2010-02-26 10:49 -------- d-----w- c:\windows\PixArt 2010-02-26 10:49 . 2006-10-12 10:57 14336 ----a-w- c:\windows\system32\GUCI_AVS.dll 2010-02-26 10:49 . 2010-02-26 10:49 -------- d-----w- c:\program files\Common Files\PAP7501 2010-02-26 10:48 . 2004-08-03 22:07 59264 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys 2010-02-26 10:48 . 2004-08-03 22:07 59264 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys 2010-02-26 10:43 . 2004-08-03 22:08 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys 2010-02-26 10:43 . 2004-08-03 22:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2010-02-10 11:16 . 2010-02-10 11:16 -------- d--h--w- c:\windows\PIF 2010-02-09 21:24 . 2010-02-09 21:25 -------- d-----w- c:\program files\LEGO Island . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-09 22:05 . 2010-01-15 02:00 -------- d-----w- c:\program files\JDownloader 2010-03-05 12:02 . 2010-01-13 09:30 -------- d-----w- c:\documents and settings\Darko\Application Data\Skype 2010-03-05 12:01 . 2010-01-13 09:36 -------- d-----w- c:\documents and settings\Darko\Application Data\skypePM 2010-03-05 02:19 . 2010-01-15 01:56 -------- d-----w- c:\documents and settings\Darko\Application Data\Azureus 2010-03-05 02:11 . 2010-01-15 01:55 -------- d-----w- c:\program files\Vuze 2010-02-28 23:57 . 2005-01-23 15:54 -------- d-----w- c:\program files\DivX 2010-02-26 10:49 . 2004-09-27 20:17 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-02-18 20:46 . 2010-01-22 10:45 -------- d-----w- c:\program files\Common Files\Adobe 2010-02-05 10:10 . 2010-02-02 21:21 80896 ----a-w- c:\documents and settings\Darko\Application Data\Seven Zip\Codecs\LZMA.dll 2010-02-05 10:10 . 2010-02-02 21:21 5632 ----a-w- c:\documents and settings\Darko\Application Data\Seven Zip\Codecs\Swap.dll 2010-02-05 10:10 . 2010-02-02 21:21 5120 ----a-w- c:\documents and settings\Darko\Application Data\Seven Zip\Codecs\Copy.dll 2010-02-05 10:10 . 2010-02-02 21:21 32256 ----a-w- c:\documents and settings\Darko\Application Data\Seven Zip\Codecs\Aes.dll 2010-02-05 10:10 . 2010-02-02 21:21 18944 ----a-w- c:\documents and settings\Darko\Application Data\Seven Zip\Codecs\Branch.dll 2010-02-05 10:10 . 2010-02-02 21:21 13824 ----a-w- c:\documents and settings\Darko\Application Data\Seven Zip\Codecs\7zAes.dll 2010-02-05 10:10 . 2010-02-02 21:21 129024 ----a-w- c:\documents and settings\Darko\Application Data\Seven Zip\Formats\7z.dll 2010-02-02 21:21 . 2010-02-02 21:21 -------- d-----w- c:\documents and settings\Darko\Application Data\Seven Zip 2010-01-29 09:34 . 2010-01-13 00:08 -------- d-----w- c:\program files\Google 2010-01-29 01:36 . 2010-01-14 00:50 -------- d-----w- c:\program files\Thoosje Vista Sidebar 2010-01-25 23:10 . 2010-01-25 23:10 -------- d-----w- c:\program files\URUSoft 2010-01-25 12:32 . 2010-01-25 12:32 -------- d-----w- c:\documents and settings\All Users\Application Data\FileCure 2010-01-25 02:33 . 2010-01-25 02:33 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI 2010-01-25 02:24 . 2009-09-08 10:00 -------- d-----w- c:\program files\ATI Technologies 2010-01-21 10:30 . 2004-09-29 21:23 -------- d-----w- c:\program files\InterVideo 2010-01-21 09:59 . 2005-09-13 10:42 -------- d-----w- c:\program files\Common Files\InterVideo 2010-01-20 18:48 . 2010-01-20 18:48 -------- d-----w- c:\program files\AviSynth 2.5 2010-01-20 18:24 . 2010-01-20 18:24 -------- d-----w- c:\program files\eRightSoft 2010-01-18 17:39 . 2009-09-09 10:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-18 17:37 . 2010-01-18 17:37 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe 2010-01-18 00:35 . 2010-01-18 00:32 -------- d-----w- c:\program files\The KMPlayer 2010-01-15 01:59 . 2010-01-15 02:00 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-01-15 01:59 . 2010-01-15 01:59 -------- d-----w- c:\program files\Java 2010-01-15 01:58 . 2010-01-15 01:58 152576 ----a-w- c:\documents and settings\Darko\Application Data\Sun\Java\jre1.6.0_15\lzma.dll 2010-01-15 01:56 . 2010-01-15 01:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Azureus 2010-01-15 01:55 . 2010-01-15 01:55 -------- d-----w- c:\program files\Common Files\i4j_jres 2010-01-14 17:28 . 2010-01-14 17:28 -------- d-----w- c:\documents and settings\Darko\Application Data\Wildlife Zoo - Marine World 2010-01-14 10:33 . 2010-01-14 10:32 -------- d-----w- c:\program files\Common Files\Real 2010-01-14 10:32 . 2003-03-18 18:14 499712 ----a-w- c:\windows\system32\msvcp71.dll 2010-01-14 10:32 . 2010-01-14 10:32 -------- d-----w- c:\program files\Real 2010-01-13 22:04 . 2010-01-13 22:04 -------- d-----w- c:\program files\Common Files\DirectX 2010-01-13 22:04 . 2010-01-13 22:04 -------- d-----w- c:\documents and settings\Darko\Application Data\Wildlife Zoo 2010-01-13 20:07 . 2010-01-12 20:06 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-01-13 19:24 . 2010-01-13 19:24 -------- d-----w- c:\program files\DREAMCATCHER INTERACTIVE 2010-01-13 10:01 . 2010-01-13 10:01 -------- d-----w- c:\program files\Microsoft Silverlight 2010-01-13 09:36 . 2010-01-13 09:36 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2010-01-13 09:30 . 2010-01-13 09:30 -------- d-----r- c:\program files\Skype 2010-01-13 09:30 . 2010-01-13 09:30 -------- d-----w- c:\program files\Common Files\Skype 2010-01-13 09:30 . 2010-01-13 09:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2010-01-12 20:30 . 2010-01-08 14:19 -------- d-----w- c:\program files\Common Files\ArcSoft 2010-01-12 20:05 . 2010-01-12 20:05 -------- d-----w- c:\program files\Avira 2010-01-12 20:05 . 2008-04-22 22:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2010-01-12 19:03 . 2010-01-12 19:03 -------- d-----w- c:\documents and settings\All Users\Application Data\TP-LINK 2010-01-12 17:46 . 2010-01-12 17:46 -------- d-----w- c:\program files\viewsonic 2010-01-11 19:49 . 2005-01-16 12:31 366320 -c--a-w- c:\documents and settings\Darko\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-01-10 22:18 . 2010-01-10 22:18 -------- d-----w- c:\documents and settings\Darko\Application Data\GRETECH 2010-01-10 22:16 . 2010-01-10 22:16 -------- d-----w- c:\program files\GRETECH 2010-01-10 00:18 . 2010-01-10 00:17 -------- d-----w- c:\program files\WinFast 2010-01-10 00:17 . 2010-01-10 00:17 -------- d-----w- c:\program files\Windows Sidebar 2010-01-07 15:07 . 2009-09-09 10:35 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-01-07 15:07 . 2009-09-09 10:34 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2004-11-26 14:21 . 2004-11-26 14:21 8 -csh--r- c:\windows\system32\252C124488.sys 2005-02-07 12:11 . 2004-12-17 20:10 152 -csh--r- c:\windows\system32\B415CD33AB.sys 2006-05-03 10:06 . 2010-01-20 18:25 163328 --sh--r- c:\windows\system32\flvDX.dll 2006-12-29 16:52 . 2004-12-17 20:10 10434 --sha-w- c:\windows\system32\KGyGaAvL.sys 2007-02-21 11:47 . 2010-01-20 18:25 31232 --sh--r- c:\windows\system32\msfDX.dll 2008-03-16 13:30 . 2010-01-20 18:25 216064 --sh--r- c:\windows\system32\nbDX.dll . ((((((((((((((((((((((((((((( [Link mogu videti samo ulogovani korisnici] ))))))))))))))))))))))))))))))))))))))))) . + 2010-03-09 22:24 . 2010-03-09 22:24 16384 c:\windows\Temp\Perflib_Perfdata_380.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 52\axcmd.exe" [2009-02-23 203416] "WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2009-03-11 2912256] "Google Update"="c:\documents and settings\Darko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-01-13 135664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "kX Mixer"="kxmixer --startup" [X] "USBFW"="c:\program files\Net Studio\USB FireWall\USB FireWall.exe" [2008-09-01 1330688] "WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2009-10-02 90112] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-10-10 203264] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-01-14 198160] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440] "GUCI_AVS"="c:\windows\PixArt\PAP7501\GUCI_AVS.exe" [2007-12-10 323584] "PACTray"="c:\windows\PixArt\PAP7501\PACTray.exe" [2008-11-14 319488] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-03 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "StarWindServiceAE"=2 (0x2) "idsvc"=3 (0x3) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Documents and Settings\\Darko\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"= "c:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe"= "c:\\Program Files\\JDownloader\\JDownloader.exe"= "c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= "c:\\Program Files\\WinFast\\WFDTV\\DVBTAP.exe"= "c:\\Program Files\\Alcohol Soft\\Alcohol 52\\ACID.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundMaskRequest"= 1 (0x1) "AllowInboundRouterRequest"= 1 (0x1) R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14-Mar-09 18:24 717296] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [12-Jan-10 21:05 108289] R3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [12-Jan-10 20:06 1594944] R3 kxwdmdrv;kX WDM Driver Service;c:\windows\system32\drivers\kx.sys [16-Feb-04 23:19 571776] R3 WFLR6654;WinFast TV2000 XP Expert (FM1216MK3);c:\windows\system32\drivers\wfeaglxt.sys [25-Dec-08 8:56 433792] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [13-Jan-10 1:08 135664] S3 DigiPnp;DigiPnp;c:\windows\system32\drivers\Digipnp.sys [27-Sep-04 21:15 6146] S3 DVcam;DVCam Capture;c:\windows\system32\drivers\DVcam.sys [29-Sep-05 23:15 42511] S3 G400RT2K;G400RT2K;c:\windows\system32\drivers\g400RT2Km.sys [27-Sep-04 20:50 325627] S3 GUCI_AVS;USB2.0 VGA Video Device;c:\windows\system32\drivers\GUCI_AVS.sys [26-Feb-10 11:49 581120] S3 MtxVxd;MtxVxd;c:\windows\system32\drivers\MTXVXD.SYS [27-Mar-05 16:50 5604] S3 Ndisusb;GeneLink Network Driver;c:\windows\system32\DRIVERS\genelan.sys --> c:\windows\system32\DRIVERS\genelan.sys [?] S3 RTPP2K;RTPP2K;c:\windows\system32\drivers\rtpp2k.sys [29-Apr-01 23:54 87374] S3 USBHSB;GeneLink USB Driver;c:\windows\system32\drivers\glkusb.sys [31-Oct-05 17:34 10752] S3 Usblink;Usblink Driver;c:\windows\system32\drivers\ulink.sys [31-Oct-05 17:28 37616] S3 VNic;ULan Network Driver Module;c:\windows\system32\DRIVERS\VNic.sys --> c:\windows\system32\DRIVERS\VNic.sys [?] . Contents of the 'Scheduled Tasks' folder 2010-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-13 00:08] 2010-03-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-01-13 00:08] 2010-03-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-651377827-682003330-1003Core.job - c:\documents and settings\Darko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-13 00:08] 2010-03-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-651377827-682003330-1003UA.job - c:\documents and settings\Darko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-13 00:08] . . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] uSearchAssistant = [Link mogu videti samo ulogovani korisnici] uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici] IE: Convert link target to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_5F1A57F0B9B89E2E.dll/cmsidewiki.html DPF: DirectAnimation Java Classes - [Link mogu videti samo ulogovani korisnici]\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - [Link mogu videti samo ulogovani korisnici]\windows\Java\classes\xmldso.cab . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2010-03-09 23:25 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, [Link mogu videti samo ulogovani korisnici] device: opened successfully user: MBR read successfully called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8736C1F8]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xf7617fc3 \Driver\ACPI -> ACPI.sys @ 0xf7422cb8 \Driver\atapi -> 0x8736c1f8 IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a1afe ParseProcedure -> ntoskrnl.exe @ 0x80570a6e \Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a1afe ParseProcedure -> ntoskrnl.exe @ 0x80570a6e NDIS: -> SendCompleteHandler -> 0x0 PacketIndicateHandler -> 0x0 SendHandler -> 0x0 Warning: possible MBR rootkit infection ! user & kernel MBR OK ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-515967899-651377827-682003330-1003\Software\Microsoft\SystemCertificates\AddressBook] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) [HKEY_LOCAL_MACHINE\software\GenArts\Sapphire AE\Install-{4E41A485-04D4-CF7C-6CE3-27F7BEAE7048}\Data] @DACL= "CTE_32 Name"="459544:{C3B8A1BC-8B18-94D5-AD04-2B3354994626}" [HKEY_LOCAL_MACHINE\software\GenArts\Sapphire AE\Install-{EC3F6705-85EF-4FB1-4E30-80781324E273}\Data] @DACL= "DefaultSettings"="99:{C6DDA450-F687-55DF-CA23-1A5083308C5D}" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\Current Version\{8AC25C6A-D4B3-FF2F-2A61-C75CA1DB6116}\InstallLoc\VxDs] @DACL= "CTE_32 Name"="2453773:{301564B2-67A6-1A66-9C4E-A1FE91DE9752}" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\InstallLoc\xga-1-{9616EE07-4AAF-494D-0789-CBC01BCBF7B6}\Version 1.1] @DACL= "dat"="806585365:{D518752D-0C5B-3B8A-43F0-199D3C970E8B}" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\z\{{05FF8CB8-4942-FCF6-301D-6930181DE865}}] @DACL= "DefaultSettings"="2453794:{37C8840C-72FD-B1F6-4FC1-23A6EF5B6255}" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\{3A118380-006B-D9D7-2CA8-D0A784756F32}\InstallLoc\xga-1\dat] @DACL= "default"="516232500:{AA5E4DB0-32A9-5792-6C08-AC4B692DCFE1}" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows Install VBX\CurrentVersion\InstallLoc\xga-1-{9616EE07-4AAF-494D-0789-CBC01BCBF7B6}\Version 3.x] @DACL= "dat"="1767914624:{8E3D43F3-1ADB-A105-6F38-F1686A8DA622}" [HKEY_LOCAL_MACHINE\software\Microsoft\WinXGA\Providers\{D41D8CD9-8F00-B204-E980-0998ECF8427E}\CurrentSet\xga-1\ver] @DACL= "KnownSvcs"="923714507:{6A539712-46C7-4E56-B112-C5268FCDD102}" [HKEY_LOCAL_MACHINE\software\XBMga\UUIDs\{57E5ADC1-B6F2-E550-86DB-E6F1E0F8A300}\xga-1\InstallLoc] @DACL= "{19620715-0001-1211-574574-30001}"="234521119:{54115072-223B-3D3D-71C9-06759296E623}" [HKEY_LOCAL_MACHINE\software\xGenArts\Sapphire AE\DLL ver\{A6D90D08-68DD-2B46-E2AC-5782669B2696}] @DACL= "CTE_32 Name"="9:{19C42D30-D844-8A07-12A4-E783E7D228F7}" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(564) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(1152) c:\windows\system32\msi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\windows\system32\crypserv.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\windows\System32\wdfmgr.exe c:\windows\system32\kxmixer.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\windows\system32\wscntfy.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe . ************************************************************************* . Completion time: 2010-03-09 23:30:53 - machine was rebooted ComboFix-quarantined-files.txt 2010-03-09 22:30 ComboFix2.txt 2010-03-09 10:39 Pre-Run: 5,364,940,800 bytes free Post-Run: 5,240,074,240 bytes free Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - 728B78C445E19ADAE6F6DF37A375F2EC

Profil

helen1 Poslao: 10 Mar 2010 10:12 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sad stanje?

Profil

darksdam Poslao: 10 Mar 2010 11:10 Idi na vrh
offline darksdam Novi MyCity građanin Pridružio: 10 Okt 2007 Poruke: 26	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Deluje da je sve u redu. Ništa ne prijavljuje i sve radi... Jedino mi je language bar nestao sa taskbara, nije bitno, koristiću altshift...Koliko mogu za sad da primetim deluje zdravo. Veliko HVALA doktore.!

Profil

helen1 Poslao: 10 Mar 2010 11:14 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jos ovo: Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi.

Profil

darksdam Poslao: 10 Mar 2010 12:33 Idi na vrh
offline darksdam Novi MyCity građanin Pridružio: 10 Okt 2007 Poruke: 26	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Deinstaliran ComboFix, restartovan WinXP... Sve izgleda OK, verovatno treba da obrišem Gmer i DDS logove...

Profil

helen1 Poslao: 10 Mar 2010 15:44 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! darksdam ::Deinstaliran ComboFix, restartovan WinXP... Sve izgleda OK, verovatno treba da obrišem Gmer i DDS logove... Da, obrisi slobodno.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Avira prijavljuje trojanca

Ko je trenutno na forumu

Ukupno su 1229 korisnika na forumu :: 125 registrovanih, 9 sakrivenih i 1095 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 20624 - dana 04 Apr 2026 04:18

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Adaminho1985, amaterSRB, amonsrb, amstel, Arahne, Asteker, Automaticar, awathorn, bakos022, Banovo Brdo, BasCelik, bbogdan, Bo96, bobrothers, Bojke549, Bosnjo, bpvl, celt, cenejac111, Cicumile, croato, dejan1972, Deki Duga Devetka, Denaya, DezurniOperativni, Dimitrije Paunovic, DJUNTA, dok80, dolinalima, Dorcolac, Dzambas, gaga23, Gall, GazdaDjoka, Giro77, Giskard, Goksi95, Hans Gajger, havoc995, howyesno, Igor Antonic, ILGromovnik, Ilija84, IpMan, IQ116, istina, Ivoo, Jaxupa, Joint Chief, Jomini, Jose, K a s p e r, Kajzer Soze, Kakarotsvc, king011, kirucar, Koca Popovic, komenski, krkalon, kybonacci, Limeni91, lord sir giga, Lucky 6, Makarid, Miletić Zoran, milivoje_vatrogasac, milos97, Naum T, nazgul75, nebidrag, neko iz mase, nelezele, Neutral-M, neutrino, nextyamb, niksa517, Nole, novator, orfanel, pceklic, picknick, pisac12, Plavi Jadran, PlayerOne, Posmatrac77OKB, proka1ng, Radoslava, raso76, Ray1973, RiV, rodoljub, rovac, samocitam, saputnik plavetnila, sevenino, Shilok, SK66, Smiljkovich, Smor, SR-3m, Srle993, stefanmpurtic, t.e.m.p.l.a.r., Tandrkalo, Tas011, The trojkaaa, The_new_Statesman, tomigun, Troja, vaci, vasing6, Vaske8990, vathra, vdeki, Velizar Laro, Vladko, wexy, x011, zastavnik, zemljanin, ziggga, zil10, zoran77, zubri, zziko

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by