MyCity » Ambulanta -> Arhiva Ambulante » Imam Problema Molim Vas Za Pomoc

Imam Problema Molim Vas Za Pomoc

Napisano na dan: 28.12.2008

Imam Problema Molim Vas Za Pomoc

Sledeća strana

Pagination

Odgovori

Lucator Poslao: 28 Dec 2008 13:56 Idi na vrh
offline Lucator Novi MyCity građanin Pridružio: 08 Sep 2008 Poruke: 22	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovako skidao sam neki program i kad sam pokrenuo taj .exe odma mi se ukljucio i iskljucio i u system32 "stvorio" mi fajl rundll32.exe koji kad obrisem uvek se pravi opet.. Da li bi mogla pomoc...Hvala unapred..? Logfile of HijackThis v1.99.1 Scan saved at 01:49:21 nm, on 2008/12/28 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\DNA\btdna.exe C:\Documents and Settings\Luka\Application Data\gadcom\gadcom.exe c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Luka\Desktop\hijackthis\TR3.exe.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.rs/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {2e86a850-961e-431f-8075-1a5d71f0ff49} - C:\WINDOWS\system32\ddcDvtqR.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll O2 - BHO: (no name) - {6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} - C:\WINDOWS\system32\pmnoPgdA.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [w3dr.exe] C:\Warcraft III\w3dr.exe O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=010409 serial=dr12wex-1504397-kty lang=EN O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [a4d591ee] rundll32.exe "C:\WINDOWS\system32\nobvrqmd.dll",b O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Luka\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [gadcom] "C:\Documents and Settings\Luka\Application Data\gadcom\gadcom.exe" 61A847B5BBF7281337983D466188719AB689201522886B092CBD44BD8689220221DD3257 O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: Shortcut to W3DR.lnk = C:\Documents and Settings\Luka\Desktop\W3DR 1.6.1.2\W3DR.exe O4 - Global Startup: WeGame.lnk = C:\Program Files\WeGame\wegame.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{0A423E88-2A39-45B1-AA36-D8DC09370514}: NameServer = 192.168.1.2,192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{F2997010-C85E-4427-8EBD-3BCD6056891B}: NameServer = 192.168.1.2,192.168.1.1 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) O20 - Winlogon Notify: pmnoPgdA - C:\WINDOWS\SYSTEM32\pmnoPgdA.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

Profil

diarno Poslao: 28 Dec 2008 14:31 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Uradi sledece : Klikni desnim tasterom miša na avast! ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Stop OnAccess Protection. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

Lucator Poslao: 29 Dec 2008 10:50 Idi na vrh
offline Lucator Novi MyCity građanin Pridružio: 08 Sep 2008 Poruke: 22	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! e diarno sad sam na laptopu tj. ja ne mogu da startujem moj racunar (gde se nalazi ovaj virus) juce sam mogao, sad mi pokaze desktop i zakuje mi mis u sredini i ne moze da se pomera niti mogu da udjem u taskmanager...nigde plz pomoc sta da radim!? Dopuna: 29 Dec 2008 10:50 USPEO SAM NEKAKO DA UKLJUCIM KOMP IZ 10TOG PUTA...EVO LOGA: "Luka" - 2008-12-29 10:24:33 Service Pack 3 ComboFix 07-05.27.BV - Running from: "C:\Documents and Settings\Luka\Desktop\ComboFix\" (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) "C:\WINDOWS\system32\crypts.dll" ((((((((((((((((((((((((((((((( Files Created from 2008-11-28 to 2008-12-29 )))))))))))))))))))))))))))))))))) 2008-12-28 13:18 90,112 --a------ C:\WINDOWS\system32\nobvrqmd.dll 2008-12-28 13:17 291,840 --a------ C:\WINDOWS\system32\ddcDvtqR.dll 2008-12-28 13:17 123,506 --ahs---- C:\WINDOWS\system32\RqtvDcdd.ini2 2008-12-28 13:12 705 --a------ C:\oruocu.exe 2008-12-28 13:12 705 --a------ C:\alfqentw.exe 2008-12-28 13:12 58,880 --a------ C:\WINDOWS\system32\pmnoPgdA.dll 2008-12-28 13:12 45,056 --a------ C:\WINDOWS\system32\fcccbaXq.dll 2008-12-28 13:12 262,106 --a------ C:\cxhfsbpt.exe 2008-12-28 13:12 185,822 --a------ C:\eoqrvvmt.exe 2008-12-28 13:12 112,364 --a------ C:\WINDOWS\system32\drivers\bf49e6db.sys 2008-12-28 13:12 <DIR> d-------- C:\DOCUME~1\Luka\APPLIC~1\gadcom 2008-12-21 16:37 <DIR> d-------- C:\Program Files\Garena 2008-12-21 13:13 <DIR> d-------- C:\Program Files\Zeallsoft 2008-12-20 17:16 487,479 --a------ C:\WINDOWS\system32\SkinMagic.dll 2008-12-20 17:16 <DIR> d-------- C:\Program Files\Smallvideosoft 2008-12-20 17:03 <DIR> d-a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP 2008-12-20 17:02 <DIR> d-------- C:\Fraps 2008-12-20 15:38 4,608 --a------ C:\WINDOWS\system32\bbchlp.dll 2008-12-20 15:38 4,096 --a------ C:\WINDOWS\system32\drivers\bbcap.sys 2008-12-20 15:38 30,720 --a------ C:\WINDOWS\system32\bbcap.dll 2008-12-20 15:38 <DIR> d-------- C:\DOCUME~1\Luka\APPLIC~1\LogSys 2008-12-20 15:38 <DIR> d-------- C:\DOCUME~1\Luka\APPLIC~1\Blueberry 2008-12-20 15:37 <DIR> d--h-c--- C:\DOCUME~1\ALLUSE~1\APPLIC~1\{925D0C31-5256-42ED-B53A-2E541689BD38} 2008-12-20 15:37 <DIR> d-------- C:\WINDOWS\system32\ShellDD 2008-12-20 15:37 <DIR> d-------- C:\Program Files\Common Files\Blueberry Software 2008-12-20 15:37 <DIR> d-------- C:\Program Files\Blueberry Software 2008-12-20 15:37 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\LogSys 2008-12-20 15:36 <DIR> d-------- C:\DOCUME~1\Luka\APPLIC~1\WeGame 2008-12-20 15:35 488,800 --a------ C:\WINDOWS\system32\Ltkrn15u.dll 2008-12-20 15:35 390,496 --a------ C:\WINDOWS\system32\Lfcmp15u.dll 2008-12-20 15:35 185,688 --a------ C:\WINDOWS\system32\Ltfil15u.dll 2008-12-20 15:35 <DIR> d-------- C:\Program Files\WeGame 2008-12-20 15:16 <DIR> d-------- C:\Program Files\Quick Screen Capture 2008-12-20 15:16 <DIR> d-------- C:\MyCaptures 2008-12-19 18:50 <DIR> d-------- C:\Program Files\Microsoft SQL Server 2008-12-19 18:49 <DIR> d-------- C:\Program Files\Microsoft Synchronization Services 2008-12-19 18:49 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition 2008-12-19 18:45 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 9.0 2008-12-19 18:45 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help 2008-12-19 18:44 <DIR> d-------- C:\Program Files\Microsoft SDKs 2008-12-19 18:43 <DIR> d-------- C:\WINDOWS\system32\XPSViewer 2008-12-19 18:43 <DIR> d-------- C:\Program Files\Reference Assemblies 2008-12-19 18:43 <DIR> d-------- C:\Program Files\MSBuild 2008-12-19 18:42 575,488 --------- C:\WINDOWS\system32\xpsshhdr.dll 2008-12-19 18:42 117,760 --------- C:\WINDOWS\system32\prntvpt.dll 2008-12-19 18:42 1,676,288 --------- C:\WINDOWS\system32\xpssvcs.dll 2008-12-15 15:30 <DIR> d-------- C:\Program Files\My Drivers 2008-12-14 21:54 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Drivers Headquarters 2008-12-14 21:52 <DIR> d-------- C:\Program Files\PC Drivers HeadQuarters (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2008-12-29 09:29:33 -------- d-----w C:\DOCUME~1\Luka\APPLIC~1\DNA 2008-12-29 09:19:04 -------- d-----w C:\DOCUME~1\Luka\APPLIC~1\Skype 2008-12-29 09:00:17 -------- d-----w C:\DOCUME~1\Luka\APPLIC~1\skypePM 2008-12-29 08:59:25 -------- d-----w C:\Program Files\DNA 2008-12-28 12:26:19 33,280 ----a-w C:\WINDOWS\system32\rundll32.exe 2008-12-21 18:44:33 41,226 ----a-w C:\WINDOWS\War3Unin.dat 2008-12-21 16:36:55 -------- d-----w C:\DOCUME~1\Luka\APPLIC~1\BitTorrent 2008-12-21 15:37:01 -------- d--h--w C:\Program Files\InstallShield Installation Information 2008-12-20 15:19:57 139,264 ----a-w C:\WINDOWS\War3Unin.exe 2008-11-27 10:12:22 -------- d-----w C:\Program Files\World of Warcraft 2008-11-26 18:00:42 -------- d-----w C:\Program Files\Common Files\Blizzard Entertainment 2008-11-26 17:21:30 1,236,208 ----a-w C:\WINDOWS\system32\aswBoot.exe 2008-11-26 17:18:25 93,296 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys 2008-11-26 17:18:18 94,032 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2008-11-26 17:17:36 111,184 ----a-w C:\WINDOWS\system32\drivers\aswSP.sys 2008-11-26 17:17:25 20,560 ----a-w C:\WINDOWS\system32\drivers\aswFsBlk.sys 2008-11-26 17:16:38 50,864 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2008-11-26 17:16:29 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2008-11-26 17:15:35 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys 2008-11-26 17:15:10 97,480 ----a-w C:\WINDOWS\system32\AvastSS.scr 2008-11-24 09:47:40 -------- d-----w C:\Program Files\Winamp 2008-11-24 09:37:37 -------- d-----w C:\DOCUME~1\Luka\APPLIC~1\Winamp 2008-11-21 11:59:36 -------- d-----w C:\Program Files\Teamspeak2_RC2 2008-11-16 21:33:17 -------- d-----w C:\DOCUME~1\Luka\APPLIC~1\BearShare 2008-11-16 11:06:24 -------- d-----w C:\DOCUME~1\Luka\APPLIC~1\Ice Age 2 2008-11-13 17:18:46 -------- d-----w C:\Program Files\Windows Live 2008-11-13 16:54:17 -------- d-----w C:\Program Files\Common Files\Windows Live 2008-11-12 18:57:25 3 ----a-w C:\WINDOWS\system32\Boot.dll 2008-11-05 19:49:29 -------- d-----w C:\DOCUME~1\Luka\APPLIC~1\Hamachi 2008-11-05 19:44:57 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys 2008-11-05 12:12:27 -------- d-----w C:\Program Files\Messenger 2008-11-05 12:08:45 -------- d-----w C:\Program Files\MSXML 4.0 2008-11-05 10:13:39 -------- d-----w C:\Program Files\WinCustomize 2008-11-05 10:13:39 -------- d-----w C:\Program Files\Common Files\Stardock 2008-10-16 13:13:40 202,776 ----a-w C:\WINDOWS\system32\wuweb.dll 2008-10-16 13:13:40 1,809,944 ----a-w C:\WINDOWS\system32\wuaueng.dll 2008-10-16 13:12:22 323,608 ----a-w C:\WINDOWS\system32\wucltui.dll 2008-10-16 13:12:20 561,688 ----a-w C:\WINDOWS\system32\wuapi.dll 2008-10-16 13:09:44 92,696 ----a-w C:\WINDOWS\system32\cdm.dll 2008-10-16 13:09:44 51,224 ----a-w C:\WINDOWS\system32\wuauclt.exe 2008-10-16 13:09:44 43,544 ----a-w C:\WINDOWS\system32\wups2.dll 2008-10-16 13:08:58 34,328 ----a-w C:\WINDOWS\system32\wups.dll 2008-09-30 15:43:34 1,286,152 ----a-w C:\WINDOWS\system32\msxml4.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) Note empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {5C255C8A-E604-49b4-9D64-90988571CECB}=C:\Program Files\Windows Live\Messenger\wlchtc.dll [2008-09-02 21:02] {68e9008f-e8a2-4571-9592-8555bc6490d9}=C:\WINDOWS\system32\ddcDvtqR.dll [2008-12-28 13:17] {6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c}=C:\WINDOWS\system32\pmnoPgdA.dll [2008-12-28 13:12] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [2008-02-22 03:25] {9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-02-22 15:24] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 18:18] "C-Media Mixer"="Mixer.exe" [] "Share-to-Web Namespace Daemon"="C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 09:42] "w3dr.exe"="C:\Warcraft III\w3dr.exe" [2008-08-03 15:38] "CorelDRAW Graphics Suite 11b"="C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe" [2003-11-25 12:39] "googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-01 22:22] "LogonStudio"="C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" [2002-09-03 18:38] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 01:04] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 04:42] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-05-30 14:54] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2008-09-09 00:02] "Google Update"="C:\Documents and Settings\Luka\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-05 11:48] "BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-12-16 12:12] "gadcom"="C:\Documents and Settings\Luka\Application Data\gadcom\gadcom.exe" [2008-12-28 13:12] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "HideLegacyLogonScripts"=0 (0x0) "HideLogoffScripts"=0 (0x0) "RunLogonScriptSync"=1 (0x1) "RunStartupScriptSync"=0 (0x0) "HideStartupScripts"=0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "HideLegacyLogonScripts"=0 (0x0) "HideLogoffScripts"=0 (0x0) "RunLogonScriptSync"=1 (0x1) "RunStartupScriptSync"=0 (0x0) "HideStartupScripts"=0 (0x0) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"="C:\WINDOWS\system32\pmnoPgdA.dll" [2008-12-28 13:12] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy] %SystemRoot%\System32\dimsntfy.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmnoPgdA] pmnoPgdA.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Authentication Packages msv1_0 C:\WINDOWS\system32\ddcDvtqR [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] eapsvcs eaphost dot3svc dot3svc HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost netsvcs napagent Contents of the 'Scheduled Tasks' folder 2008-12-29 09:12:20 C:\WINDOWS\tasks\GoogleUpdateTaskUser.job 2008-12-29 09:00:35 C:\WINDOWS\tasks\zyhunrde.job ****************************************************************** catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, gmer.net Rootkit scan 2008-12-29 10:31:23 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... disk error: C:\WINDOWS\ please note that you need administrator rights to perform deep scan ****************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\tdssserv.sys] "imagepath"="\systemroot\system32\drivers\TDSSmqlt.sys" Completion time: 2008-12-29 10:33:56 C:\ComboFix-quarantined-files.txt ... 2008-12-29 10:33 C:\ComboFix2.txt ... 2008-09-09 18:09 --- E O F ---

Profil

diarno Poslao: 29 Dec 2008 20:38 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Dalja Uputstva ces dobiti veceras posle 18h. Nemoj da ga gasis, kako ne bi imao problema prilikom sledeceg bootvanja. Dopuna: 29 Dec 2008 20:38 Uradi sledece: Start pa Run i tu kucaj : combofix /u ova komanda ce deinstalirati combofix. Zatim skini ponovo Combofix iskljucivo sa nekog od ovih linkova: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe I okaci ovde dobijeni log.

Profil

Lucator Poslao: 30 Dec 2008 13:05 Idi na vrh
offline Lucator Novi MyCity građanin Pridružio: 08 Sep 2008 Poruke: 22	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! e ja ovo sve ukucam i kaze kao nemoze da nadje combofix sta da radim!?

Profil

diarno Poslao: 30 Dec 2008 14:10 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Onda samo skini novi combofix sa onih adresa i pusti... Ako ne mozes da skines sa onih linkova skini odavde : http://amf.mycity.rs/programs/mirrored/C-F.exe

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Imam Problema Molim Vas Za Pomoc

Ko je trenutno na forumu

Ukupno su 922 korisnika na forumu :: 45 registrovanih, 8 sakrivenih i 869 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: arton, babaroga, bladesu, bojanM84, comi_pfc, darcaud, Dimitrise93, Dorcolac, dule10savic, dzoni19, h8propaganda, havoc995, hologram, Karla, kubura91, lord sir giga, Metanoja, Mihajlo, mikrimaus, milenko crazy north, Milometer, MiroslavD, nemkea71, nenad81, nextyamb, pein, repac, robert1979, ruma, sasa87, savaskytec, ser.hill, slonic_tonic, sovanova95, Srle993, stegonosa, StepskiVuk, t84dar, theNedjeljko, TwinHeadedEagle, voja64, wolf431, zillbg, |_MeD_|, Žrnov

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by