MyCity » Ambulanta -> Arhiva Ambulante » Facebook virus?

Facebook virus?

Napisano na dan: 21.8.2011

Strana:
1
2

Facebook virus?

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Orhideja 55 Poslao: 21 Avg 2011 13:42 Idi na vrh
offline Orhideja 55 Novi MyCity građanin Pridružio: 21 Avg 2011 Poruke: 6	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 21 Avg 2011 13:40 ja imam slican problem, da li je potrebno da dobijem nova uputstva ili mogu da pratim ova vec objavljena? Dopuna: 21 Avg 2011 13:42 ne radi mi anti virus, a na face-u ulazim samo na blog...

Profil

helen1 Poslao: 21 Avg 2011 14:03 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, potrebno je da ispratis uputstvo sa sledeceg linka: http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Profil

Orhideja 55 Poslao: 21 Avg 2011 14:58 Idi na vrh
offline Orhideja 55 Novi MyCity građanin Pridružio: 21 Avg 2011 Poruke: 6	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 21 Avg 2011 14:54 i meni je juce neko poslao link na facebooku, kliknula sam i trebalo je da instaliram flash player , koji mi je inace jos uvek u downloads folderu..onda mi se restartovao kompjuter i posle sam nekako promenila sifru za logovanje na face-u , ali sad mogu da udjem samo na blog i da koristim chat. Anti virusAvira mi vise ne radi! Dopuna: 21 Avg 2011 14:54 imam 32-bitni windows i adsl internet Dopuna: 21 Avg 2011 14:58 DDS (Ver_2011-06-23.01) - NTFSx86 Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_03 Run by User at 14:49:32 on 2011-08-21 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.959.255 [GMT 2:00] . AV: AntiVir Desktop Enabled/Outdated {AD166499-45F9-482A-A743-FDD3350758C7} . ============== Running Processes =============== . C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Real\RealPlayer\update\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe "C:\WINDOWS\update.tray-8-0\svchost.exe" C:\WINDOWS\l1rezerv.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Program Files\MSI Multimedia\Digital@nywhere ATSC Utilities\HMP3XCtl.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\update.7.1\svchostdriver.exe C:\WINDOWS\update.5.0\svchost.exe srv C:\WINDOWS\update.2\svchost.exe srv "C:\WINDOWS\update.5.0\svchost.exe" stand C:\WINDOWS\sysdriver32.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\update.1\svchost.exe srv "C:\WINDOWS\update.2\svchost.exe" stand C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe C:\WINDOWS\ufa\ufa.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\AutoCAD 2007\acad.exe C:\Program Files\Common Files\Autodesk Shared\WSCommCntr1.exe C:\WINDOWS\update.7.1\svchostdriver.exe C:\Program Files\Google\Chrome\Application\chrome.exe . ============== Pseudo HJT Report =============== . uSearch Page = hxxp://www.google.com uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=14bebe82000000000000001a4d854100&tlver=1.4.19.19&affID=19949 uSearch Bar = hxxp://www.google.com/ie uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s mSearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=14bebe82000000000000001a4d854100&tlver=1.4.19.19&affID=19949 mWinlogon: SfcDisable=-99 (0xffffff9d) BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: CescrtHlpr Object: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.4.19.19\bh\BabylonToolbar.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: EWPBrowseObject Class: {68f9551e-0411-48e4-9aaf-4bc42a6a46be} - c:\program files\canon\easy-webprint\EWPBrowseLoader.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_03\bin\ssv.dll TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.4.19.19\BabylonToolbarTlbr.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [nwiz] nwiz.exe /installquiet mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [RTHDCPL] RTHDCPL.EXE mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot mRun: [OpwareSE4] "c:\program files\scansoft\omnipagese4.0\OpwareSE4.exe" mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_03\bin\jusched.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot mRun: [BabylonToolbar] "c:\program files\babylontoolbar\babylontoolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [wxpdrv] c:\windows\services32.exe mRun: [tray_ico] mRun: [tray_ico0] c:\windows\update.tray-8-0\svchost.exe mRun: [tray_ico1] mRun: [tray_ico2] mRun: [tray_ico3] mRun: [tray_ico4] mRun: [7360599.exe] "c:\docume~1\user\locals~1\temp\7360599.exe" mRun: [sysdriver32.exe] "c:\windows\sysdriver32.exe" rezerv mRun: [sysdriver32_.exe] "c:\windows\sysdriver32_.exe" rezerv mRun: [818348.exe] "c:\windows\temp\818348.exe" mRun: [2489155.exe] "c:\windows\temp\2489155.exe" mRun: [94902391-loader2.exe] "c:\windows\temp\94902391-loader2.exe" mRun: [3790020.exe] "c:\windows\temp\3790020.exe" mRun: [l1rezerv.exe] "c:\windows\l1rezerv.exe" dRunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\autoca~1.lnk - c:\program files\common files\autodesk shared\acstart17.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dslmon.lnk - c:\program files\sagem\sagem f@st 800-840\dslmon.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\tvremo~1.lnk - c:\program files\msi multimedia\digital@nywhere atsc utilities\HMP3XCtl.exe mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableSecureUIAPaths = 0 (0x0) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office11\EXCEL.EXE/3000 IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Toolband.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Toolband.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Toolband.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Toolband.dll/RC_Print.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_03\bin\ssv.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office11\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{89C4D7A7-CF5F-463C-8578-75BCEB2BD5BC} : DhcpNameServer = 192.168.1.1 SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\cslssnt5.default\ FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon) FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=14bebe82000000000000001a4d854100&tlver=1.4.19.19&affID=19949 FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=14bebe82000000000000001a4d854100&tlver=1.4.19.19&instlRef=sst&affID=19949&q= FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll FF - component: c:\documents and settings\user\application data\mozilla\firefox\profiles\cslssnt5.default\extensions\ffxtlbr@babylon.com\components\FFHst.dll FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\Ext . ============= SERVICES / DRIVERS =============== . R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-3-4 66616] R2 CX88XBAR;MSI 8606 Crossbar;c:\windows\system32\drivers\CX88XBar.SYS [2011-5-8 9159] R2 ddservice;ddservice;c:\windows\update.7.1\svchostdriver.exe srv --> c:\windows\update.7.1\svchostdriver.exe srv [?] R2 srvbtcclient;srvbtcclient;c:\windows\update.5.0\svchost.exe srv --> c:\windows\update.5.0\svchost.exe srv [?] R2 srviecheck;srviecheck;c:\windows\update.2\svchost.exe srv --> c:\windows\update.2\svchost.exe srv [?] R2 srvsysdriver32;srvsysdriver32;c:\windows\sysdriver32.exe srv --> c:\windows\sysdriver32.exe srv [?] R2 wxpdrivers;wxpdrivers;c:\windows\update.1\svchost.exe srv --> c:\windows\update.1\svchost.exe srv [?] S1 avgio;avgio;\??\c:\program files\avira\antivir desktop\avgio.sys --> c:\program files\avira\antivir desktop\avgio.sys [?] S2 AntiVirSchedulerService;Avira AntiVir Scheduler;"c:\program files\avira\antivir desktop\sched.exe" --> c:\program files\avira\antivir desktop\sched.exe [?] S2 AntiVirService;Avira AntiVir Guard;"c:\program files\avira\antivir desktop\avguard.exe" --> c:\program files\avira\antivir desktop\avguard.exe [?] S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [2011-3-5 69656] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-7-7 136176] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2011-3-4 1691480] S3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [2011-3-5 104344] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-7-7 136176] S3 MPCSYS;MPCSYS;c:\windows\system32\drivers\mpcsys.SYS [2011-5-8 15360] . =============== File Associations =============== . .scr=AutoCADScriptFile . =============== Created Last 30 ================ . 2011-08-20 10:24:27 -------- d-----w- c:\windows\ufa 2011-08-20 10:24:27 -------- d-----w- c:\windows\rpcminer 2011-08-20 10:24:27 -------- d-----w- c:\windows\phoenix 2011-08-20 10:19:39 232960 ----a-w- c:\windows\l1rezerv.exe 2011-08-20 10:18:37 -------- d--h--w- c:\windows\update.5.0 2011-08-20 10:15:29 246272 ----a-w- c:\windows\unrar.exe 2011-08-20 10:15:27 -------- d--h--w- c:\windows\update.2 2011-08-20 10:14:33 258048 ----a-w- c:\windows\sysdriver32_.exe 2011-08-20 10:14:32 -------- d--h--w- c:\windows\update.7.1 2011-08-20 10:14:18 258048 ----a-w- c:\windows\sysdriver32.exe 2011-08-20 10:12:39 -------- d-----w- c:\windows\av_ico 2011-08-20 10:11:20 -------- d--h--w- c:\windows\update.1 2011-08-20 10:07:06 -------- d--h--w- c:\windows\update.tray-8-0-lnk 2011-08-20 10:07:06 -------- d--h--w- c:\windows\update.tray-8-0 2011-08-20 09:52:34 1182208 ----a-w- c:\windows\services32.exe 2011-07-27 20:19:06 -------- d-----w- c:\documents and settings\user\local settings\application data\WMTools Downloaded Files 2011-07-25 14:00:35 -------- d-----w- c:\program files\common files\NSV . ==================== Find3M ==================== . 2011-08-21 10:36:51 15360 ----a-w- c:\windows\system32\drivers\mpcsys.SYS 2011-07-07 12:11:28 499712 ----a-w- c:\windows\system32\msvcp71.dll 2011-07-07 12:11:28 348160 ----a-w- c:\windows\system32\msvcr71.dll 2011-07-05 13:32:19 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-30 13:24:36 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys . ============= FINISH: 14:49:59.54 =============== mycity.rs/must-login.png

Profil

helen1 Poslao: 21 Avg 2011 15:18 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix; u prozoru koji se otvori klikni "I Agree". U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

Orhideja 55 Poslao: 21 Avg 2011 18:13 Idi na vrh
offline Orhideja 55 Novi MyCity građanin Pridružio: 21 Avg 2011 Poruke: 6	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 21 Avg 2011 16:04 ComboFix 11-08-21.01 - User 08/21/2011 15:53:57.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.959.528 [GMT 2:00] Running from: c:\documents and settings\User\My Documents\Downloads\ComboFix.exe AV: AntiVir Desktop Enabled/Outdated {AD166499-45F9-482A-A743-FDD3350758C7} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\docume~1\User\LOCALS~1\Temp\7360599.exe c:\documents and settings\User\WINDOWS c:\windows\btc_client_iplist.txt c:\windows\front_ip_list.txt c:\windows\geoiplist c:\windows\geoiplist.rar c:\windows\iecheck_iplist.txt c:\windows\info1 c:\windows\iplist.txt c:\windows\l1rezerv.exe c:\windows\loader2.exe_ok c:\windows\phoenix c:\windows\phoenix.rar c:\windows\phoenix\kernels\phatk\__init__.py c:\windows\phoenix\kernels\phatk\__init__.pyc c:\windows\phoenix\kernels\phatk\BFIPatcher.py c:\windows\phoenix\kernels\phatk\kernel.cl c:\windows\phoenix\kernels\poclbm\__init__.py c:\windows\phoenix\kernels\poclbm\__init__.pyc c:\windows\phoenix\kernels\poclbm\BFIPatcher.py c:\windows\phoenix\kernels\poclbm\kernel.cl c:\windows\phoenix\phoenix.exe c:\windows\proc_list1.log c:\windows\rpcminer c:\windows\rpcminer.rar c:\windows\rpcminer\bitcoinminercuda_10.cubin c:\windows\rpcminer\bitcoinminercuda_11.cubin c:\windows\rpcminer\bitcoinminercuda_20.cubin c:\windows\rpcminer\bitcoinmineropencl.cl c:\windows\rpcminer\cudart32_32_16.dll c:\windows\rpcminer\curllib.dll c:\windows\rpcminer\libeay32.dll c:\windows\rpcminer\libsasl.dll c:\windows\rpcminer\openldap.dll c:\windows\rpcminer\rpcminer-4way.exe c:\windows\rpcminer\rpcminer-cpu.exe c:\windows\rpcminer\rpcminer-cuda.exe c:\windows\rpcminer\rpcminer-opencl.exe c:\windows\rpcminer\ssleay32.dll c:\windows\services32.exe c:\windows\sysdriver32.exe c:\windows\sysdriver32_.exe c:\windows\system32\drivers\etc\HSTS~1 c:\windows\TEMP\3790020.exe c:\windows\TEMP\818348.exe c:\windows\TEMP\94902391-loader2.exe c:\windows\ufa.rar c:\windows\update.1 c:\windows\update.1\svchost.exe c:\windows\update.2 c:\windows\update.2\svchost.exe c:\windows\update.5.0 c:\windows\update.5.0\svchost.exe c:\windows\update.tray-8-0\svchost.exe c:\windows\winlog-dirs.txt c:\windows\winlog-ids.txt c:\windows\winsetupapi.log . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_SRVBTCCLIENT -------\Legacy_SRVIECHECK -------\Legacy_SRVSYSDRIVER32 -------\Legacy_WXPDRIVERS -------\Service_srvbtcclient -------\Service_srviecheck -------\Service_srvsysdriver32 -------\Service_wxpdrivers . . ((((((((((((((((((((((((( Files Created from 2011-07-21 to 2011-08-21 ))))))))))))))))))))))))))))))) . . 2011-08-21 14:00 . 2011-08-21 14:00 -------- d-----w- c:\windows\system32\xircom 2011-08-21 14:00 . 2011-08-21 14:00 -------- d-----w- c:\windows\system32\wbem\snmp 2011-08-21 14:00 . 2011-08-21 14:00 -------- d-----w- c:\program files\microsoft frontpage 2011-08-20 10:24 . 2011-08-20 10:24 -------- d-----w- c:\windows\ufa 2011-08-20 10:15 . 2011-08-20 10:24 246272 ----a-w- c:\windows\unrar.exe 2011-08-20 10:14 . 2011-08-20 10:14 -------- d--h--w- c:\windows\update.7.1 2011-08-20 10:12 . 2011-08-20 10:12 -------- d-----w- c:\windows\av_ico 2011-08-20 10:07 . 2011-08-21 13:58 -------- d--h--w- c:\windows\update.tray-8-0 2011-08-20 10:07 . 2011-08-20 10:07 -------- d--h--w- c:\windows\update.tray-8-0-lnk 2011-07-27 20:19 . 2011-07-27 20:19 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\WMTools Downloaded Files 2011-07-25 14:00 . 2011-07-25 14:00 -------- d-----w- c:\program files\Common Files\NSV . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-21 10:36 . 2011-05-08 19:02 15360 ----a-w- c:\windows\system32\drivers\mpcsys.SYS 2011-07-07 12:11 . 2011-03-18 22:33 499712 ----a-w- c:\windows\system32\msvcp71.dll 2011-07-07 12:11 . 2011-03-18 22:33 348160 ----a-w- c:\windows\system32\msvcr71.dll 2011-07-05 13:32 . 2011-07-05 13:32 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-30 13:24 . 2011-03-04 12:57 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-06-30 13:24 . 2011-03-04 12:57 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2009-01-08 . 5AE1C2695F6523AD98B948F2887D8C5E . 361600 . . [5.1.2600.5649] . . c:\windows\system32\drivers\tcpip.sys . [-] 2009-01-08 . 362BC5AF8EAF712832C58CC13AE05750 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-03-16 110696] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-03-16 13670504] "RTHDCPL"="RTHDCPL.EXE" [2010-04-30 19523616] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896] "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-07-07 273544] "BabylonToolbar"="c:\program files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" [2010-11-07 286720] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_2"="shell32" [X] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000] DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2011-3-5 1205840] TV Remote Control.lnk - c:\program files\MSI Multimedia\Digital@nywhere ATSC Utilities\HMP3XCtl.exe [2011-3-4 77824] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableSecureUIAPaths"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 "DisableThumbnailCache"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Winamp\\winamp.exe"= "c:\\Program Files\\Graphisoft\\ArchiCAD 12\\ArchiCAD.exe"= "c:\\Program Files\\Download Manager\\fdm.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Documents and Settings\\User\\My Documents\\Downloads\\Flash-Player.exe"= . R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?] R2 CX88XBAR;MSI 8606 Crossbar;c:\windows\system32\drivers\CX88XBar.SYS [5/8/2011 8:41 PM 9159] R2 ddservice;ddservice;c:\windows\update.7.1\svchostdriver.exe srv --> c:\windows\update.7.1\svchostdriver.exe srv [?] S2 AntiVirSchedulerService;Avira AntiVir Scheduler;"c:\program files\Avira\AntiVir Desktop\sched.exe" --> c:\program files\Avira\AntiVir Desktop\sched.exe [?] S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [3/5/2011 1:48 PM 69656] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/7/2011 2:10 PM 136176] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3/4/2011 3:47 PM 1691480] S3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [3/5/2011 1:48 PM 104344] S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7/7/2011 2:10 PM 136176] S3 MPCSYS;MPCSYS;c:\windows\system32\drivers\mpcsys.SYS [5/8/2011 9:02 PM 15360] . Contents of the 'Scheduled Tasks' folder . 2011-08-08 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57] . 2011-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-07-07 12:09] . 2011-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-07-07 12:09] . 2011-08-21 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1606980848-790525478-1801674531-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47] . 2011-08-21 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1606980848-790525478-1801674531-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47] . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=14bebe82000000000000001a4d854100&tlver=1.4.19.19&affID=19949 uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = .local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\cslssnt5.default\ FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon) FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=14bebe82000000000000001a4d854100&tlver=1.4.19.19&affID=19949 FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=14bebe82000000000000001a4d854100&tlver=1.4.19.19&instlRef=sst&affID=19949&q= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext . . ------- File Associations ------- . .scr=AutoCADScriptFile . - - - - ORPHANS REMOVED - - - - . HKLM-Run-avgnt - c:\program files\Avira\AntiVir Desktop\avgnt.exe HKLM-Run-nwiz - nwiz.exe HKLM-Run-wxpdrv - c:\windows\services32.exe HKLM-Run-tray_ico - (no file) HKLM-Run-tray_ico0 - c:\windows\update.tray-8-0\svchost.exe HKLM-Run-tray_ico1 - (no file) HKLM-Run-tray_ico2 - (no file) HKLM-Run-tray_ico3 - (no file) HKLM-Run-tray_ico4 - (no file) HKLM-Run-l1rezerv.exe - c:\windows\l1rezerv.exe AddRemove-Avira AntiVir Desktop - c:\program files\Avira\AntiVir Desktop\setup.exe AddRemove-Download-Manager - c:\program files\Download Manager\uninstall.exe . . . *********************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2011-08-21 16:00 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(484) c:\program files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll c:\windows\system32\msi.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvsvc32.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\update.7.1\svchostdriver.exe c:\windows\system32\RUNDLL32.EXE c:\windows\RTHDCPL.EXE c:\windows\update.7.1\svchostdriver.exe c:\program files\iPod\bin\iPodService.exe c:\windows\system32\wscntfy.exe c:\windows\update.tray-8-0-lnk\svchost.exe c:\windows\system32\control.exe c:\windows\system32\control.exe c:\windows\system32\rundll32.exe . ************************************************************************ . Completion time: 2011-08-21 16:03:15 - machine was rebooted ComboFix-quarantined-files.txt 2011-08-21 14:03 . Pre-Run: 30,516,027,392 bytes free Post-Run: 30,688,313,344 bytes free . - - End Of File - - D67864995CE2BDA616B165CFA365B6CE Dopuna: 21 Avg 2011 16:07 to je to, imala sam malo problema da iskljucim avira antivirus, ali trebalo bi da je odradio Dopuna: 21 Avg 2011 18:13 jel treba jos nesto da se uradi?

Profil

helen1 Poslao: 21 Avg 2011 19:23 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `Folder:: c:\windows\ufa c:\windows\update.7.1 c:\windows\av_ico c:\windows\update.tray-8-0 c:\windows\update.tray-8-0-lnk File:: c:\windows\unrar.exe c:\Documents and Settings\User\My Documents\Downloads\Flash-Player.exe Driver:: ddservice Registry:: [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Documents and Settings\\User\\My Documents\\Downloads\\Flash-Player.exe"=-` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

Orhideja 55 Poslao: 22 Avg 2011 11:01 Idi na vrh
offline Orhideja 55 Novi MyCity građanin Pridružio: 21 Avg 2011 Poruke: 6	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 22 Avg 2011 10:19 nisam sacuvala notepad Da pustim ponovo combo fix da odradi, da bi dobila notepad? jel cete morati drugi tekst da mi posaljete da iskopiram? Dopuna: 22 Avg 2011 10:57 ComboFix 11-08-22.02 - User 08/22/2011 10:45:59.3.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.959.508 [GMT 2:00] Running from: c:\documents and settings\User\My Documents\Downloads\ComboFix.exe AV: AntiVir Desktop Enabled/Outdated {AD166499-45F9-482A-A743-FDD3350758C7} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\proc_list1.log c:\windows\update.1 c:\windows\update.1\svchost.exe c:\windows\winsetupapi.log . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_wxpdrivers . . ((((((((((((((((((((((((( Files Created from 2011-07-22 to 2011-08-22 ))))))))))))))))))))))))))))))) . . 2011-08-21 14:42 . 2011-08-21 14:42 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\BabylonToolbar 2011-08-21 14:00 . 2011-08-21 14:00 -------- d-----w- c:\windows\system32\xircom 2011-08-21 14:00 . 2011-08-21 14:00 -------- d-----w- c:\windows\system32\wbem\snmp 2011-08-21 14:00 . 2011-08-21 14:00 -------- d-----w- c:\program files\microsoft frontpage 2011-08-20 10:24 . 2011-08-20 10:24 -------- d-----w- c:\windows\ufa 2011-08-20 10:15 . 2011-08-20 10:24 246272 ----a-w- c:\windows\unrar.exe 2011-08-20 10:14 . 2011-08-20 10:14 -------- d--h--w- c:\windows\update.7.1 2011-08-20 10:12 . 2011-08-20 10:12 -------- d-----w- c:\windows\av_ico 2011-08-20 10:07 . 2011-08-21 13:58 -------- d--h--w- c:\windows\update.tray-8-0 2011-08-20 10:07 . 2011-08-20 10:07 -------- d--h--w- c:\windows\update.tray-8-0-lnk 2011-07-27 20:19 . 2011-07-27 20:19 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\WMTools Downloaded Files 2011-07-25 14:00 . 2011-07-25 14:00 -------- d-----w- c:\program files\Common Files\NSV . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-22 08:17 . 2011-05-08 19:02 15360 ----a-w- c:\windows\system32\drivers\mpcsys.SYS 2011-07-07 12:11 . 2011-03-18 22:33 499712 ----a-w- c:\windows\system32\msvcp71.dll 2011-07-07 12:11 . 2011-03-18 22:33 348160 ----a-w- c:\windows\system32\msvcr71.dll 2011-07-05 13:32 . 2011-07-05 13:32 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-30 13:24 . 2011-03-04 12:57 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-06-30 13:24 . 2011-03-04 12:57 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2009-01-08 . 5AE1C2695F6523AD98B948F2887D8C5E . 361600 . . [5.1.2600.5649] . . c:\windows\system32\drivers\tcpip.sys . [-] 2009-01-08 . 362BC5AF8EAF712832C58CC13AE05750 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((( SnapShot@2011-08-21_14.00.53 ))))))))))))))))))))))))))))))))))))))))) . + 2011-03-04 12:48 . 2011-08-21 14:43 65536 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2011-08-21 14:42 . 2011-08-21 14:42 78924 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat + 2011-08-21 14:42 . 2011-08-21 14:42 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011082120110822\index.dat + 2011-03-04 12:48 . 2011-08-21 14:42 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat - 2011-03-04 12:48 . 2011-03-04 12:48 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat + 2011-08-21 14:42 . 2011-08-21 14:42 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-03-16 110696] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-03-16 13670504] "RTHDCPL"="RTHDCPL.EXE" [2010-04-30 19523616] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896] "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-07-07 273544] "BabylonToolbar"="c:\program files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" [2010-11-07 286720] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160] "wxpdrv"="c:\windows\services32.exe" [BU] "tray_ico"="" [BU] "tray_ico0"="" [BU] "tray_ico1"="" [BU] "tray_ico2"="" [BU] "tray_ico3"="" [BU] "tray_ico4"="" [BU] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_2"="shell32" [X] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000] DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2011-3-5 1205840] TV Remote Control.lnk - c:\program files\MSI Multimedia\Digital@nywhere ATSC Utilities\HMP3XCtl.exe [2011-3-4 77824] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableSecureUIAPaths"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 "DisableThumbnailCache"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Winamp\\winamp.exe"= "c:\\Program Files\\Graphisoft\\ArchiCAD 12\\ArchiCAD.exe"= "c:\\Program Files\\Download Manager\\fdm.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Documents and Settings\\User\\My Documents\\Downloads\\Flash-Player.exe"= "c:\\WINDOWS\\update.tray-8-0-lnk\\svchost.exe"= . R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?] R2 CX88XBAR;MSI 8606 Crossbar;c:\windows\system32\drivers\CX88XBar.SYS [5/8/2011 8:41 PM 9159] R2 ddservice;ddservice;c:\windows\update.7.1\svchostdriver.exe srv --> c:\windows\update.7.1\svchostdriver.exe srv [?] S2 AntiVirSchedulerService;Avira AntiVir Scheduler;"c:\program files\Avira\AntiVir Desktop\sched.exe" --> c:\program files\Avira\AntiVir Desktop\sched.exe [?] S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [3/5/2011 1:48 PM 69656] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/7/2011 2:10 PM 136176] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3/4/2011 3:47 PM 1691480] S3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [3/5/2011 1:48 PM 104344] S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7/7/2011 2:10 PM 136176] S3 MPCSYS;MPCSYS;c:\windows\system32\drivers\mpcsys.SYS [5/8/2011 9:02 PM 15360] . Contents of the 'Scheduled Tasks' folder . 2011-08-08 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57] . 2011-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-07-07 12:09] . 2011-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-07-07 12:09] . 2011-08-22 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1606980848-790525478-1801674531-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47] . 2011-08-22 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1606980848-790525478-1801674531-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47] . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=14bebe82000000000000001a4d854100&tlver=1.4.19.19&affID=19949 uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = .local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\cslssnt5.default\ FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon) FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=14bebe82000000000000001a4d854100&tlver=1.4.19.19&affID=19949 FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=14bebe82000000000000001a4d854100&tlver=1.4.19.19&instlRef=sst&affID=19949&q= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext . . ------- File Associations ------- . .scr=AutoCADScriptFile . . *********************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2011-08-22 10:52 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(1928-) c:\program files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll c:\windows\system32\msi.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvsvc32.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\RUNDLL32.EXE c:\windows\update.7.1\svchostdriver.exe c:\windows\RTHDCPL.EXE c:\windows\update.7.1\svchostdriver.exe c:\windows\system32\wscntfy.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************ . Completion time: 2011-08-22 10:54:28 - machine was rebooted ComboFix-quarantined-files.txt 2011-08-22 08:54 ComboFix2.txt 2011-08-21 14:03 . Pre-Run: 30,640,230,400 bytes free Post-Run: 30,629,883,904 bytes free . - - End Of File - - 3D34D9AF212007AFDA76E4C375D492A7 Dopuna: 22 Avg 2011 11:01 OVO JE IZVESTAJ KOJI SAM PONOVO DOBILA

Profil

helen1 Poslao: 22 Avg 2011 12:01 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradi sledece: Otvoriti Notepad i iskopirati sledeci tekst: Folder:: c:\windows\ufa c:\windows\update.7.1 c:\windows\av_ico c:\windows\update.tray-8-0 c:\windows\update.tray-8-0-lnk File:: c:\windows\unrar.exe c:\Documents and Settings\User\My Documents\Downloads\Flash-Player.exe c:\windows\services32.exe Driver:: ddservice Registry:: [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Documents and Settings\\User\\My Documents\\Downloads\\Flash-Player.exe"=- "c:\\WINDOWS\\update.tray-8-0-lnk\\svchost.exe"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "tray_ico"=- "tray_ico0"=- "tray_ico1"=- "tray_ico2"=- "tray_ico3"=- "tray_ico4"=- "wxpdrv"=- Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

Orhideja 55 Poslao: 22 Avg 2011 12:57 Idi na vrh
offline Orhideja 55 Novi MyCity građanin Pridružio: 21 Avg 2011 Poruke: 6	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 22 Avg 2011 12:20 ComboFix 11-08-22.02 - User 08/22/2011 12:11:23.4.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.959.409 [GMT 2:00] Running from: c:\documents and settings\User\My Documents\Downloads\ComboFix.exe Command switches used :: c:\documents and settings\User\Desktop\CFScript.txt AV: AntiVir Desktop Enabled/Outdated {AD166499-45F9-482A-A743-FDD3350758C7} . FILE :: "c:\documents and settings\User\My Documents\Downloads\Flash-Player.exe" "c:\windows\services32.exe" "c:\windows\unrar.exe" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\User\My Documents\Downloads\Flash-Player.exe c:\windows\av_ico c:\windows\av_ico\ico_avira_start.ico c:\windows\ufa c:\windows\ufa\ufa.exe c:\windows\unrar.exe c:\windows\update.7.1 c:\windows\update.7.1\svchostdriver.exe c:\windows\update.tray-8-0-lnk c:\windows\update.tray-8-0-lnk\svchost.exe c:\windows\update.tray-8-0 . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_DDSERVICE -------\Service_ddservice . . ((((((((((((((((((((((((( Files Created from 2011-07-22 to 2011-08-22 ))))))))))))))))))))))))))))))) . . 2011-08-21 14:42 . 2011-08-21 14:42 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\BabylonToolbar 2011-08-21 14:00 . 2011-08-21 14:00 -------- d-----w- c:\windows\system32\xircom 2011-08-21 14:00 . 2011-08-21 14:00 -------- d-----w- c:\windows\system32\wbem\snmp 2011-08-21 14:00 . 2011-08-21 14:00 -------- d-----w- c:\program files\microsoft frontpage 2011-07-27 20:19 . 2011-07-27 20:19 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\WMTools Downloaded Files 2011-07-25 14:00 . 2011-07-25 14:00 -------- d-----w- c:\program files\Common Files\NSV . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-22 09:12 . 2011-05-08 19:02 15360 ----a-w- c:\windows\system32\drivers\mpcsys.SYS 2011-07-07 12:11 . 2011-03-18 22:33 499712 ----a-w- c:\windows\system32\msvcp71.dll 2011-07-07 12:11 . 2011-03-18 22:33 348160 ----a-w- c:\windows\system32\msvcr71.dll 2011-07-05 13:32 . 2011-07-05 13:32 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-30 13:24 . 2011-03-04 12:57 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2011-06-30 13:24 . 2011-03-04 12:57 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2009-01-08 . 5AE1C2695F6523AD98B948F2887D8C5E . 361600 . . [5.1.2600.5649] . . c:\windows\system32\drivers\tcpip.sys . [-] 2009-01-08 . 362BC5AF8EAF712832C58CC13AE05750 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((( SnapShot@2011-08-21_14.00.53 ))))))))))))))))))))))))))))))))))))))))) . + 2011-03-04 12:48 . 2011-08-21 14:43 65536 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2011-08-21 14:42 . 2011-08-21 14:42 78924 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat + 2011-08-21 14:42 . 2011-08-21 14:42 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012011082120110822\index.dat + 2011-03-04 12:48 . 2011-08-21 14:42 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat - 2011-03-04 12:48 . 2011-03-04 12:48 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-03-16 110696] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-03-16 13670504] "RTHDCPL"="RTHDCPL.EXE" [2010-04-30 19523616] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896] "OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 132496] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2011-07-07 273544] "BabylonToolbar"="c:\program files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" [2010-11-07 286720] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_2"="shell32" [X] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ AutoCAD Startup Accelerator.lnk - c:\program files\Common Files\Autodesk Shared\acstart17.exe [2006-3-5 11000] DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2011-3-5 1205840] TV Remote Control.lnk - c:\program files\MSI Multimedia\Digital@nywhere ATSC Utilities\HMP3XCtl.exe [2011-3-4 77824] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableSecureUIAPaths"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 "DisableThumbnailCache"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Winamp\\winamp.exe"= "c:\\Program Files\\Graphisoft\\ArchiCAD 12\\ArchiCAD.exe"= "c:\\Program Files\\Download Manager\\fdm.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= . R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?] R2 CX88XBAR;MSI 8606 Crossbar;c:\windows\system32\drivers\CX88XBar.SYS [5/8/2011 8:41 PM 9159] S2 AntiVirSchedulerService;Avira AntiVir Scheduler;"c:\program files\Avira\AntiVir Desktop\sched.exe" --> c:\program files\Avira\AntiVir Desktop\sched.exe [?] S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [3/5/2011 1:48 PM 69656] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/7/2011 2:10 PM 136176] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3/4/2011 3:47 PM 1691480] S3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [3/5/2011 1:48 PM 104344] S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7/7/2011 2:10 PM 136176] S3 MPCSYS;MPCSYS;c:\windows\system32\drivers\mpcsys.SYS [5/8/2011 9:02 PM 15360] . Contents of the 'Scheduled Tasks' folder . 2011-08-08 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57] . 2011-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-07-07 12:09] . 2011-08-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-07-07 12:09] . 2011-08-22 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1606980848-790525478-1801674531-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47] . 2011-08-22 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1606980848-790525478-1801674531-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47] . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=14bebe82000000000000001a4d854100&tlver=1.4.19.19&affID=19949 uDefault_Search_URL = hxxp://www.google.com/ie uInternet Settings,ProxyOverride = .local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\cslssnt5.default\ FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon) FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?babsrc=HP_ss&mntrId=14bebe82000000000000001a4d854100&tlver=1.4.19.19&affID=19949 FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=14bebe82000000000000001a4d854100&tlver=1.4.19.19&instlRef=sst&affID=19949&q= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext . . *********************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2011-08-22 12:18 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(3528-) c:\program files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll c:\windows\system32\msi.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvsvc32.exe c:\windows\system32\RUNDLL32.EXE c:\windows\RTHDCPL.EXE c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\iPod\bin\iPodService.exe c:\windows\system32\wscntfy.exe . ************************************************************************ . Completion time: 2011-08-22 12:20:07 - machine was rebooted ComboFix-quarantined-files.txt 2011-08-22 10:20 ComboFix2.txt 2011-08-22 08:54 ComboFix3.txt 2011-08-21 14:03 . Pre-Run: 30,615,396,352 bytes free Post-Run: 30,601,416,704 bytes free . - - End Of File - - 4CC80AC014AC0669C2B5EE98CF884ED4 Dopuna: 22 Avg 2011 12:57 da li da sada deinstaliram combo fix?

Profil

helen1 Poslao: 22 Avg 2011 20:57 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Predlazem ti da uninstaliras Aviru i da nabavis neki drugi Antivirusni program. ---- Da li ima jos nekih problema?

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Facebook virus?

Ko je trenutno na forumu

Ukupno su 833 korisnika na forumu :: 34 registrovanih, 5 sakrivenih i 794 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: _Rade, A.R.Chafee.Jr., Amigdala, babaroga, bigfoot, bojank, Boris90, DonRumataEstorski, esx66, jackreacher011011, Još malo pa deda, Krvava Devetka, Kubovac, laurusri, Leonov, Lucije Kvint, MB120mm, mercedesamg, Mixelotti, mrav pesadinac, nenad81, nuke92, pein, rajkoplje, sap, slonic_tonic, stegonosa, Tvrtko I, Vlad000, Vlada1389, vladulns, voja64, zbazin, zlaya011

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by