MyCity » Ambulanta -> Arhiva Ambulante » Ako moze pomoc!?

Ako moze pomoc!?

Napisano na dan: 27.7.2011

Ako moze pomoc!?

Sledeća strana

Pagination

Odgovori

smelle17 Poslao: 27 Jul 2011 22:57 Idi na vrh
offline smelle17 Novi MyCity građanin Nebojsa Mitrovic Pridružio: 27 Jul 2011 Poruke: 11 Gde živiš: Ispod Tribine!	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pozz drugovi, prije nekih 3-4 dana dosla mi je poruka "!Hi,How are you" naravno uso sam i skino sam neki adobe flesh naravno fejk,komp mi se restarotovo i otvorio se sefe mode i komp poceo da baguje (koci), i desilo se to da kad udjem na FB stranicu pise"Sorry, we are experiencing temporary technical problem, please check back later" posle skreniranja sa Malwarebytes Anti-Malware desilo mi se to kad otovrim FB strancu izbaci gresku kao da ne postoji stranica, naravno zarazen sam virusom to znam, e sad kako da ti rijesim? Usput kada sam skrenirao sa Malwarebytes Anti-Malware prosao je oko 60 nekih virusa koje sam obrisao naravno... . DDS (Ver_2011-06-23.01) - NTFSx86 Internet Explorer: 6.0.2900.2180 Run by xxx at 13:53:44 on 2011-07-27 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.512.136 [GMT 2:00] . AV: avast! Antivirus Enabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} . ============== Running Processes =============== . C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Xfire\Xfire.exe C:\Program Files\Panda USB Vaccine\USBVaccine.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2304157 BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [Smapp] c:\program files\analog devices\soundmax\SMTray.exe mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe" mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe" mRun: [tray_ico] mRun: [tray_ico1] mRun: [tray_ico2] mRun: [tray_ico3] mRun: [tray_ico4] mRun: [525197.exe] "c:\windows\temp\525197.exe" dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\xxx\startm~1\programs\startup\xfire.lnk - c:\program files\xfire\Xfire.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\viarai~1.lnk - c:\program files\via\raid\raid_tool.exe mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableSecureUIAPaths = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{C74EF380-4945-43E1-AA97-5B46B21CF06D} : DhcpNameServer = 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\xxx\application data\mozilla\firefox\profiles\u2iz6r0d.default\ FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=34274d3700000000000000112f3cd3e0&tlver=1.4.31.2&instlRef=sst&ss=1&affID=100370&q= FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll . ============= SERVICES / DRIVERS =============== . R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [2006-7-5 63352] R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [2011-6-3 77056] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-7-25 41272] . =============== Created Last 30 ================ . 2011-07-25 20:22:16 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-25 20:22:09 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-25 10:00:45 -------- d-----w- c:\windows\system32\N360_BACKUP 2011-07-25 09:53:41 -------- d-----w- c:\documents and settings\all users\application data\Norton 2011-07-25 09:51:29 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller 2011-07-24 21:08:02 -------- d-----w- c:\documents and settings\xxx\application data\Malwarebytes 2011-07-24 21:07:53 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2011-07-24 21:07:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-07-24 08:37:20 -------- d-----w- c:\windows\ufa 2011-07-24 08:37:20 -------- d-----w- c:\windows\phoenix 2011-07-24 08:34:38 -------- d--h--w- c:\windows\update.5.0 2011-07-24 08:32:48 -------- d--h--w- c:\windows\update.2 2011-07-24 08:30:05 246272 ----a-w- c:\windows\unrar.exe 2011-07-24 08:26:51 -------- d-----w- c:\windows\av_ico 2011-07-24 08:25:26 -------- d--h--w- c:\windows\update.1 2011-07-24 08:25:06 -------- d--h--w- c:\windows\update.tray-7-0-lnk 2011-07-24 08:25:06 -------- d--h--w- c:\windows\update.tray-7-0 2011-07-21 14:55:08 -------- d-----w- c:\program files\EA Games 2011-07-13 21:29:41 -------- d-----w- c:\program files\GRETECH 2011-07-13 21:29:29 -------- d-----w- c:\documents and settings\xxx\local settings\application data\Babylon 2011-07-13 21:29:29 -------- d-----w- c:\documents and settings\xxx\application data\Babylon 2011-07-13 21:29:29 -------- d-----w- c:\documents and settings\all users\application data\Babylon 2011-06-28 15:38:12 -------- d-----w- c:\program files\DExUS . ==================== Find3M ==================== . 2011-07-21 14:58:25 12400 ----a-w- c:\windows\system32\drivers\secdrv.sys 2011-06-03 15:45:23 0 ----a-w- c:\windows\ativpsrm.bin 2011-06-03 14:04:57 44 ----a-w- c:\windows\system32\msssc.dll . ============= FINISH: 13:54:10,15 =============== mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png

Profil

1l padr1n0 Poslao: 28 Jul 2011 04:58 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav smelle17! U toku resavanja slucaja, zamolio bih te da se pridrzavas sledeceg: Detaljno citati moja uputstva ( ili uputstva kolega koji ce me zamenjivati) i raditi iskljucivo po njima; Ne traziti istovremeno pomoc na drugom mestu; Nemoj koristiti druge programe za uklanjanje malware-a, osim onih za koje budes dobio uputstvo; U toku intervencije ne koristiti USB memorijske uredjaje, dok to ne budem zatrazio; Ukoliko ne odgovorim u roku od 48h, osvezi temu novim post-om; Ukoliko se ne javis u roku od 5 dana, zatvoricemo slucaj. Za vise informacija o pravilima Ambulante MyCity foruma: LINK ------------------------------------------------------------------------------------- Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix; u prozoru koji se otvori klikni "I Agree". U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku. goran9888 (AMF Tim)

Profil

smelle17 Poslao: 28 Jul 2011 10:44 Idi na vrh
offline smelle17 Novi MyCity građanin Nebojsa Mitrovic Pridružio: 27 Jul 2011 Poruke: 11 Gde živiš: Ispod Tribine!	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! CComboFix 11-07-28.01 - xxx 28.07.2011 10:33:36.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.512.149 [GMT 2:00] Running from: c:\documents and settings\xxx\Desktop\ComboFix.exe AV: avast! Antivirus Enabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\btc_client_iplist.txt c:\windows\ddh_iplist.txt c:\windows\front_ip_list.txt c:\windows\geoiplist c:\windows\geoiplist.rar c:\windows\iecheck_iplist.txt c:\windows\info1 c:\windows\iplist.txt c:\windows\loader2.exe_ok c:\windows\phoenix c:\windows\phoenix.rar c:\windows\phoenix\kernels\phatk\__init__.py c:\windows\phoenix\kernels\phatk\__init__.pyc c:\windows\phoenix\kernels\phatk\BFIPatcher.py c:\windows\phoenix\kernels\phatk\kernel.cl c:\windows\phoenix\kernels\poclbm\__init__.py c:\windows\phoenix\kernels\poclbm\__init__.pyc c:\windows\phoenix\kernels\poclbm\BFIPatcher.py c:\windows\phoenix\kernels\poclbm\kernel.cl c:\windows\phoenix\phoenix.exe c:\windows\rpcminer.rar c:\windows\system32\drivers\etc\HSTS~1 c:\windows\system32\msssc.dll c:\windows\ufa.rar c:\windows\update.1 c:\windows\update.2 c:\windows\update.5.0 c:\windows\winlog-dirs.txt c:\windows\winlog-ids.txt . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_SRVBTCCLIENT -------\Legacy_SRVIECHECK -------\Legacy_WXPDRIVERS . . ((((((((((((((((((((((((( Files Created from 2011-06-28 to 2011-07-28 ))))))))))))))))))))))))))))))) . . 2011-07-25 20:22 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-25 20:22 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-25 10:00 . 2011-07-25 10:00 -------- d-----w- c:\windows\system32\N360_BACKUP 2011-07-25 09:55 . 2011-07-26 06:34 -------- dc----w- c:\windows\system32\DRVSTORE 2011-07-25 09:53 . 2011-07-25 09:53 -------- d-----w- c:\program files\Windows Sidebar 2011-07-25 09:53 . 2011-07-26 06:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton 2011-07-24 21:21 . 2011-07-24 21:21 -------- d-----w- c:\documents and settings\All Users\Application Data\TEMP 2011-07-24 21:08 . 2011-07-24 21:08 -------- d-----w- c:\documents and settings\xxx\Application Data\Malwarebytes 2011-07-24 21:07 . 2011-07-24 21:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-07-24 21:07 . 2011-07-26 06:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-07-24 08:37 . 2011-07-24 08:37 -------- d-----w- c:\windows\ufa 2011-07-24 08:30 . 2011-07-24 08:37 246272 ----a-w- c:\windows\unrar.exe 2011-07-24 08:26 . 2011-07-24 08:26 -------- d-----w- c:\windows\av_ico 2011-07-24 08:25 . 2011-07-24 21:33 -------- d--h--w- c:\windows\update.tray-7-0-lnk 2011-07-24 08:25 . 2011-07-24 21:16 -------- d--h--w- c:\windows\update.tray-7-0 2011-07-24 08:24 . 2011-07-24 08:24 -------- d-----w- c:\documents and settings\Administrator 2011-07-21 14:55 . 2011-07-21 14:55 -------- d-----w- c:\program files\EA Games 2011-07-13 21:30 . 2011-07-13 21:30 -------- d-----w- c:\documents and settings\xxx\Application Data\GRETECH 2011-07-13 21:29 . 2011-07-13 21:29 -------- d-----w- c:\program files\GRETECH 2011-07-13 21:29 . 2011-07-13 21:29 -------- d-----w- c:\documents and settings\xxx\Local Settings\Application Data\Babylon 2011-07-13 21:29 . 2011-07-13 21:29 -------- d-----w- c:\documents and settings\xxx\Application Data\Babylon 2011-07-13 21:29 . 2011-07-13 21:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon 2011-06-28 15:38 . 2011-06-28 15:38 -------- d-----w- c:\program files\DExUS . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-21 14:58 . 2004-07-17 09:36 12400 ----a-w- c:\windows\system32\drivers\secdrv.sys 2011-06-10 13:42 . 2011-06-03 13:16 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048] "Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208] "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 49152] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] . c:\documents and settings\xxx\Start Menu\Programs\Startup\ Xfire.lnk - c:\program files\Xfire\Xfire.exe [2011-4-17 3510160] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ VIA RAID TOOL.lnk - c:\program files\VIA\RAID\raid_tool.exe [2011-6-3 565248] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableSecureUIAPaths"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000001 "DisableThumbnailCache"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"= "c:\\Program Files\\Xfire\\Xfire.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352] R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [3.6.2011 16:05 77056] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [25.7.2011 22:22 41272] . Contents of the 'Scheduled Tasks' folder . 2011-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-06-23 15:34] . 2011-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-06-23 15:34] . 2011-07-28 c:\windows\Tasks\PandaUSBVaccine.job - c:\program files\Panda USB Vaccine\RunInteractiveWin.exe [2011-06-03 14:45] . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2304157 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\xxx\Application Data\Mozilla\Firefox\Profiles\u2iz6r0d.default\ FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=34274d3700000000000000112f3cd3e0&tlver=1.4.31.2&instlRef=sst&ss=1&affID=100370&q= FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . HKLM-Run-tray_ico - (no file) HKLM-Run-tray_ico1 - (no file) HKLM-Run-tray_ico2 - (no file) HKLM-Run-tray_ico3 - (no file) HKLM-Run-tray_ico4 - (no file) . . . ************************************************************************ . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2011-07-28 10:39 Windows 5.1.2600 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(636) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'explorer.exe'(2488-) c:\program files\Xfire\xfire_toucan_44225.dll c:\windows\system32\msi.dll c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll c:\program files\Microsoft Office\OFFICE11\msohev.dll c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Panda USB Vaccine\USBVaccine.exe c:\program files\CyberLink\Shared files\RichVideo.exe c:\program files\Analog Devices\SoundMAX\SMAgent.exe c:\windows\system32\notepad.exe . ************************************************************************ . Completion time: 2011-07-28 10:43:57 - machine was rebooted ComboFix-quarantined-files.txt 2011-07-28 08:43 . Pre-Run: 29.993.390.080 bytes free Post-Run: 29.911.068.672 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=AlwaysOff /fastdetect . - - End Of File - - 6B3BA503B186BC10A51FBD2A04926000

Profil

1l padr1n0 Poslao: 28 Jul 2011 16:08 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Ukljuci Firewall: Start -> Control Panel -> Windows Firewall -> On Korak 2 Reinstaliraj Avast Anti-Virus: Download Link. Ukoliko zelis da instaliras neki drugi AV, u sledecem koraku cu ti napisati kako da uklonis ostatke Avasta sa sistema. Korak 3 Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\windows\unrar.exe Folder:: c:\windows\ufa c:\windows\av_ico c:\windows\update.tray-7-0-lnk c:\windows\update.tray-7-0 DDS:: uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2304157` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja. Korak 4 Preuzmi instalaciju za program Malwarebytes Anti-Malware sa sledećeg linka: http://www.besttechie.net/tools/mbam-setup.exe Dvoklikom pokreni instalaciju - na samom kraju procesa, proveri da su obeležene opcije: Update Malwarebytes' Anti-Malware; Launch Malwarebytes Anti-Malware; a zatim klikni Finish. Nakon završenog ažuriranja program će se pokrenuti. Izaberi opciju Perform Quick Scan i klikni Scan. Po završetku procesa klikni OK, Show Results: u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected. Po završetku procesa, logfile će se otvoriti u Notepad-u; iskopiraj ga u temu na forumu. Ukoliko program zatraži restart kako bi se završio proces čišćenja, obavezno ga dozvoliti. Napomena: ako dođe do restarta na kraju procesa čišćenja, logfile će biti dostupan na Logs kartici (obeleži ga i klikni Open). goran9888 (AMF Tim)

Profil

smelle17 Poslao: 28 Jul 2011 18:05 Idi na vrh
offline smelle17 Novi MyCity građanin Nebojsa Mitrovic Pridružio: 27 Jul 2011 Poruke: 11 Gde živiš: Ispod Tribine!	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 28 Jul 2011 18:03 Malwarebytes' Anti-Malware 1.51.1.1800 malwarebytes.org Verzija baze: 7310 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 28.7.2011 17:43:12 mbam-log-2011-07-28 (17-43-12).txt Način skeniranja: Kompletno skeniranje (C:\ Skeniranih objekata 177395 Proteklo vreme 21 minuta(e), 28 sekundi Inficirani procesi u memoriji: 0 Inficirani moduli u memoriji: 0 Inficirani ključevi u registru: 0 Inficirane vrednosti u registru: 0 Inficirani podaci u registru: 0 Inficirane fascikle: 0 Inficirane datoteke: 0 Inficirani procesi u memoriji: (Maliciozne stavke nisu pronađene) Inficirani moduli u memoriji: (Maliciozne stavke nisu pronađene) Inficirani ključevi u registru: (Maliciozne stavke nisu pronađene) Inficirane vrednosti u registru: (Maliciozne stavke nisu pronađene) Inficirani podaci u registru: (Maliciozne stavke nisu pronađene) Inficirane fascikle: (Maliciozne stavke nisu pronađene) Inficirane datoteke: (Maliciozne stavke nisu pronađene) ComboFix 11-07-28.01 - xxx 28.07.2011 17:11:44.3.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.512.292 [GMT 2:00] Running from: c:\documents and settings\xxx\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\xxx\Desktop\CFScript.txt AV: avast! Antivirus Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} . FILE :: "c:\windows\unrar.exe" . . ((((((((((((((((((((((((( Files Created from 2011-06-28 to 2011-07-28 ))))))))))))))))))))))))))))))) . . 2011-07-28 15:05 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-28 15:05 . 2011-07-28 15:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-07-28 15:05 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-28 14:40 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-07-28 14:39 . 2011-07-28 14:39 -------- d-----w- c:\program files\AVAST Software 2011-07-28 14:39 . 2011-07-28 14:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software 2011-07-25 10:00 . 2011-07-25 10:00 -------- d-----w- c:\windows\system32\N360_BACKUP 2011-07-25 09:55 . 2011-07-26 06:34 -------- dc----w- c:\windows\system32\DRVSTORE 2011-07-25 09:53 . 2011-07-25 09:53 -------- d-----w- c:\program files\Windows Sidebar 2011-07-25 09:53 . 2011-07-26 06:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton 2011-07-24 21:21 . 2011-07-24 21:21 -------- d-----w- c:\documents and settings\All Users\Application Data\TEMP 2011-07-24 21:08 . 2011-07-24 21:08 -------- d-----w- c:\documents and settings\xxx\Application Data\Malwarebytes 2011-07-24 21:07 . 2011-07-24 21:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-07-24 08:24 . 2011-07-24 08:24 -------- d-----w- c:\documents and settings\Administrator 2011-07-21 14:55 . 2011-07-21 14:55 -------- d-----w- c:\program files\EA Games 2011-07-13 21:30 . 2011-07-13 21:30 -------- d-----w- c:\documents and settings\xxx\Application Data\GRETECH 2011-07-13 21:29 . 2011-07-13 21:29 -------- d-----w- c:\program files\GRETECH 2011-07-13 21:29 . 2011-07-13 21:29 -------- d-----w- c:\documents and settings\xxx\Local Settings\Application Data\Babylon 2011-07-13 21:29 . 2011-07-13 21:29 -------- d-----w- c:\documents and settings\xxx\Application Data\Babylon 2011-07-13 21:29 . 2011-07-13 21:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon 2011-06-28 15:38 . 2011-06-28 15:38 -------- d-----w- c:\program files\DExUS . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-21 14:58 . 2004-07-17 09:36 12400 ----a-w- c:\windows\system32\drivers\secdrv.sys 2011-07-04 11:43 . 2011-06-03 13:06 40112 ----a-w- c:\windows\avastSS.scr 2011-07-04 11:43 . 2011-06-03 13:06 199304 ----a-w- c:\windows\system32\aswBoot.exe 2011-07-04 11:36 . 2011-06-03 13:07 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-07-04 11:35 . 2011-06-03 13:07 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-07-04 11:35 . 2011-06-03 13:07 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2011-07-04 11:35 . 2011-06-03 13:07 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys 2011-07-04 11:32 . 2011-06-03 13:07 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-07-04 11:32 . 2011-06-03 13:07 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-07-04 11:32 . 2011-06-03 13:07 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-06-10 13:42 . 2011-06-03 13:16 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-07-28_08.39.52 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-12 07:02 . 2009-07-12 07:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll + 2009-07-11 22:02 . 2009-07-11 22:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll - 2009-07-12 07:02 . 2009-07-12 07:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll + 2009-07-11 22:02 . 2009-07-11 22:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll - 2009-07-12 07:02 . 2009-07-12 07:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll + 2009-07-11 22:02 . 2009-07-11 22:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll - 2009-07-12 07:02 . 2009-07-12 07:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll + 2009-07-11 22:02 . 2009-07-11 22:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll + 2009-07-11 22:02 . 2009-07-11 22:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll - 2009-07-12 07:02 . 2009-07-12 07:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll + 2009-07-11 22:02 . 2009-07-11 22:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll - 2009-07-12 07:02 . 2009-07-12 07:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll - 2009-07-12 07:02 . 2009-07-12 07:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll + 2009-07-11 22:02 . 2009-07-11 22:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll - 2009-07-12 07:02 . 2009-07-12 07:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll + 2009-07-11 22:02 . 2009-07-11 22:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll + 2009-07-11 22:02 . 2009-07-11 22:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll - 2009-07-12 07:02 . 2009-07-12 07:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll + 2009-07-11 22:02 . 2009-07-11 22:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll - 2009-07-12 07:02 . 2009-07-12 07:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll - 2009-07-12 07:02 . 2009-07-12 07:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll + 2009-07-11 22:02 . 2009-07-11 22:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll - 2009-07-12 07:02 . 2009-07-12 07:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll + 2009-07-11 22:02 . 2009-07-11 22:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll - 2009-07-12 07:05 . 2009-07-12 07:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll + 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll - 2009-07-12 07:05 . 2009-07-12 07:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll + 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll - 2009-07-12 07:02 . 2009-07-12 07:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll + 2009-07-11 22:02 . 2009-07-11 22:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - 2009-07-12 07:02 . 2009-07-12 07:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll + 2009-07-11 22:02 . 2009-07-11 22:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll + 2009-07-11 22:05 . 2009-07-11 22:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll - 2009-07-12 07:05 . 2009-07-12 07:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll + 2009-07-11 22:02 . 2009-07-11 22:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll - 2009-07-12 07:02 . 2009-07-12 07:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll - 2009-07-12 07:02 . 2009-07-12 07:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll + 2009-07-11 22:02 . 2009-07-11 22:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll - 2009-07-12 07:02 . 2009-07-12 07:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll + 2009-07-11 22:02 . 2009-07-11 22:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048] "Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 143360] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-12-07 30208] "LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-04-13 49152] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] . c:\documents and settings\xxx\Start Menu\Programs\Startup\ Xfire.lnk - c:\program files\Xfire\Xfire.exe [2011-4-17 3510160] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ VIA RAID TOOL.lnk - c:\program files\VIA\RAID\raid_tool.exe [2011-6-3 565248] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableSecureUIAPaths"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000001 "DisableThumbnailCache"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"= "c:\\Program Files\\Xfire\\Xfire.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352] R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [3.6.2011 16:05 77056] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [3.6.2011 15:07 309848] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3.6.2011 15:07 19544] S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [28.7.2011 16:40 441176] . --- Other Services/Drivers In Memory --- . Deregistered - MBAMSwissArmy . Contents of the 'Scheduled Tasks' folder . 2011-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-06-23 15:34] . 2011-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-06-23 15:34] . 2011-07-28 c:\windows\Tasks\PandaUSBVaccine.job - c:\program files\Panda USB Vaccine\RunInteractiveWin.exe [2011-06-03 14:45] . . ------- Supplementary Scan ------- . IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\xxx\Application Data\Mozilla\Firefox\Profiles\u2iz6r0d.default\ FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=34274d3700000000000000112f3cd3e0&tlver=1.4.31.2&instlRef=sst&ss=1&affID=100370&q= FF - prefs.js: network.proxy.type - 0 . . ************************************************************************ . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2011-07-28 17:16 Windows 5.1.2600 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(628-) c:\windows\system32\Ati2evxx.dll . - - - - - - - > 'explorer.exe'(748-) c:\program files\Xfire\xfire_toucan_44225.dll c:\windows\system32\MSCTF.dll . Completion time: 2011-07-28 17:18:36 ComboFix-quarantined-files.txt 2011-07-28 15:18 ComboFix2.txt 2011-07-28 15:00 ComboFix3.txt 2011-07-28 08:43 . Pre-Run: 29.640.830.976 bytes free Post-Run: 29.636.997.120 bytes free . - - End Of File - - 7EC82799E18448D125667A42A6A0CCFE Dopuna: 28 Jul 2011 18:05 Evo sad je ok sa facebook-om i sve radi... Gorane hvala ti puno!!!!

Profil

1l padr1n0 Poslao: 28 Jul 2011 18:21 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Tvoj racunar je cist sto se malware-a tice. Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop. Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje. Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Dozvoli mu. Napomena: Kada zavrsis sa ciscenjem temp fajlova,program mozes obrisati ili ga sacuvati za kasniju upotrebu. --------------------------------------------------- - Preporucujem ti da instaliras Service Pack 3 za Windows XP tj. update-ujes svoj Operativni Sistem. Necu govoriti o njegovim prednostima u odnosu na Service Pack 2. Te informacije mozes naci na MS-ovom sajtu. Uglavnom, MS je 13.jula 2010 prekinuo podrsku za Service Pack 2 koji je instaliran na tvom racunaru. Sta to znaci? Pogledaj link: http://windows.microsoft.com/en-US/windows/help/what-does-end-of-support-mean; **** Ukoliko se odlucis na ovaj korak (instaliranje SP3), preporucujem ti da prethodno uradis backup svih bitnih podataka. - Preporucujem da za zastitu USB memorijskih uredjaja koristis MCShield. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja. Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan. Home Page MCShield-a: http://amf.mycity.rs/programs/mc/mcshield/ Vise o MCShield-u mozes saznati u ovoj temi: http://www.mycity.rs/Antispyware-programi/MCShield.html - Koristis Adobe Reader 8.1.0 koji je stara a ujedno i kriticna verzija ovog PDF citaca zbog propusta u sigurnosti. Svakako ti je moj predlog da instaliras najnoviju verziju (Reader X(10.1.0)) ili predjes na alternativu tipa Foxit Reader, Nitro PDF Reader, itd ...; - Poseti temu "Testirajte da li vam je pretrazivac ranjiv", procitaj i isprati link koji stoji u njoj. Bilo koji dodatak da je stare verzije, bilo bi pozeljno nadograditi ga na najnoviju. Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Ako moze pomoc!?

Ko je trenutno na forumu

Ukupno su 822 korisnika na forumu :: 53 registrovanih, 3 sakrivenih i 766 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., AleksSE, AMCXXL, Andrija357, antonije64, Brana01, BSD, CikaKURE, Dimitrise93, djboj, djo97, drimer, Excalibur13, FOX, galerija, Georgius, Griffon vulture, Hans Gajger, Instruktor 1223, Karla, Kibice, kjkszpj, Krvava Devetka, Kubovac, kybonacci, laki_bb, laurusri, Leonov, Lieutenant, Luka Blažević, mercedesamg, Metanoja, milutin134, MiroslavD, moldway, MrNo, NoOneEver Dreams, nuke92, operniki, pristinski korpus, rovac, Sirius, Smiljke, Srle993, Tas011, vladulns, Vlajman1957, wizzardone, x9, yrraf, yufighter, Zoca, |_MeD_|

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by