MyCity » Ambulanta -> Arhiva Ambulante » Molio bih pomoc

Molio bih pomoc

Napisano na dan: 4.1.2009

Molio bih pomoc

Sledeća strana

Pagination

Odgovori

nebojsa77ns Poslao: 04 Jan 2009 04:43 Idi na vrh
offline nebojsa77ns Građanin Pridružio: 04 Jan 2009 Poruke: 141 Gde živiš: SRBIJA	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 04:28:35, on 04-Jan-09 Platform: Windows XP SP3, v.3311 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.3311) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\wscript.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Documents and Settings\POPA\Desktop\Gotov je\got.exe.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google,rs/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {1E6CC2F9-A924-4A22-9D98-646734D906A2} - (no file) O2 - BHO: (no name) - {2521D1DE-70C0-4B43-ABBE-258A8C9D0221} - C:\WINDOWS\system32\tuvSkJAr.dll O2 - BHO: (no name) - {2AE6A28C-3466-4B50-8D9D-DE05EB0E56B4} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {545DF286-FC8F-4017-870F-CFC493025DCC} - (no file) O2 - BHO: (no name) - {5CAB59B4-55A3-4737-9FD5-B93C6430BF77} - C:\WINDOWS\system32\uhlspywq.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {85DD4E0D-2B01-4D4D-9E66-3A165AB6EDA4} - C:\WINDOWS\system32\cbXNHAtu.dll O2 - BHO: (no name) - {B674EFDA-4BD4-406E-B4F3-4886B2B4D7A9} - (no file) O2 - BHO: (no name) - {D74AB87D-CBEE-43C1-A0AC-3FB195EBDC61} - (no file) O2 - BHO: (no name) - {EE376D8F-1119-4490-8F63-C7FA4F66C0E6} - (no file) O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Prevedi sa Di recnikom - C:\Program Files\Di recnik\diie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - go.microsoft.com/fwlink/?linkid=58813 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O20 - Winlogon Notify: cbXNHAtu - C:\WINDOWS\SYSTEM32\cbXNHAtu.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 5959 bytes I jos kad ubacim kao sto je sad bio slucaj MP4 Player pojavi se Windows - No Disk Exception Processing Message c0000013 Parameters 75b6bf7c 4 75b6bf7c 75b6bf7c

Profil

nebojsa77ns Poslao: 04 Jan 2009 04:51 Idi na vrh
offline nebojsa77ns Građanin Pridružio: 04 Jan 2009 Poruke: 141 Gde živiš: SRBIJA	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Izvinjavam se nije stalo sve pa kacim fajl. Unapred se zahvaljujem na pomoci. mycity.rs/must-login.png

Profil

helen1 Poslao: 04 Jan 2009 10:01 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, Pokrenite Spybot S&D Kliknite Mode stavku u meniju Odaberite Advance Mode Na traci levo kliknite na Tools Kliknite na Resident Destiklirajte Resident Tea-Timer Zatvorite Spybot S&D Restartujte kompjuter. - Zatim skinuti program sa ovog linka na Desktop. - Pokrenuti ga dvoklikom i ispratiti uputstva. Nemojte zaboraviti da ponovo ukljucite ove opcije kada zavrsimo ciscenje. ------------------------------------------ * Otvori Nod32 Control Center (Klik na njegovu tray ikonicu ( ) u donjem desnom uglu ekrana). * Izaberi AMON iz Threat Protection grupe opcija. * Na desnom panelu deštikliraj opciju File system monitor (AMON) enabled. * Gašenje ove opcije pokazaće se kroz promenu boje Control Center-a iz zelene u crvenu. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. ------------------------------------------- Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

nebojsa77ns Poslao: 04 Jan 2009 12:50 Idi na vrh
offline nebojsa77ns Građanin Pridružio: 04 Jan 2009 Poruke: 141 Gde živiš: SRBIJA	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jedini problem imam sto ne mogu da nadjem AMON u Nod 32! jel moze malo detaljnije kako da dodjem do njega? Dopuna: 04 Jan 2009 11:52 imam opciju Disable antivirus and antispyware protection tako mi pocrveni ikonica Dopuna: 04 Jan 2009 12:50 A evo i log: ComboFix 09-01-02.01 - POPA 2009-01-04 12:30:54.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.243 [GMT 1:00] Running from: c:\documents and settings\POPA\Desktop\ComboFix.exe AV: ESET NOD32 Antivirus 3.0 On-access scanning disabled (Updated) * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\adkvqfxs.ini c:\windows\system32\aijjweec.ini c:\windows\system32\anypfxpb.dll c:\windows\system32\bpxfpyna.ini c:\windows\system32\cbXNHAtu.dll c:\windows\system32\chmbfsqa.ini c:\windows\system32\dbqpdfsp.ini c:\windows\system32\dhmduhvv.ini c:\windows\system32\dybkotgq.ini c:\windows\system32\ejgplndh.ini c:\windows\system32\emmbyesl.ini c:\windows\system32\etxhqlbi.ini c:\windows\system32\feirnmkg.ini c:\windows\system32\fhjkcopd.ini c:\windows\system32\fsswcbih.ini c:\windows\system32\gbycrxmj.ini c:\windows\system32\gdkahson.ini c:\windows\system32\gugmdooe.ini c:\windows\system32\hcvigasl.ini c:\windows\system32\hibcwssf.dll c:\windows\system32\hsmsmwta.ini c:\windows\system32\ieupdates.exe.tmp c:\windows\system32\indnpfls.ini c:\windows\system32\inprmxhq.ini c:\windows\system32\iolveqwa.ini c:\windows\system32\ipgmxyur.ini c:\windows\system32\ivuexkys.ini c:\windows\system32\jinbmmrc.ini c:\windows\system32\juichbxa.ini c:\windows\system32\jvtashyq.ini c:\windows\system32\kaarjgfr.ini c:\windows\system32\kkhuwkfb.ini c:\windows\system32\kpmcjbuo.ini c:\windows\system32\kpsvndld.ini c:\windows\system32\kshkmvbl.dll c:\windows\system32\lbvmkhsk.ini c:\windows\system32\lcdghaws.ini c:\windows\system32\liuimdte.ini c:\windows\system32\logfdbkv.ini c:\windows\system32\lrwbscmk.ini c:\windows\system32\lsagivch.dll c:\windows\system32\lsydxmdq.dll c:\windows\system32\ltdwcmcd.ini c:\windows\system32\mikdakus.ini c:\windows\system32\moxgfpuy.dll c:\windows\system32\nemcqxvm.dll c:\windows\system32\ngxschck.ini c:\windows\system32\nuslfutp.dll c:\windows\system32\nxddxwoc.ini c:\windows\system32\okdulllf.dll c:\windows\system32\oksrnbwi.ini c:\windows\system32\oojbudul.ini c:\windows\system32\osvugrln.ini c:\windows\system32\oypjtfwr.ini c:\windows\system32\pciuorco.ini c:\windows\system32\ptotsclx.ini c:\windows\system32\ptuflsun.ini c:\windows\system32\puqangqt.ini c:\windows\system32\pxwnmvda.ini c:\windows\system32\pytvhldy.ini c:\windows\system32\qcqhqjix.ini c:\windows\system32\qdmxdysl.ini c:\windows\system32\qphmlvkt.ini c:\windows\system32\rAJkSvut.ini c:\windows\system32\rAJkSvut.ini2 c:\windows\system32\rlkllqce.ini c:\windows\system32\rtifnwbx.ini c:\windows\system32\rupyurtp.ini c:\windows\system32\sehstrsa.ini c:\windows\system32\snhvuvhw.ini c:\windows\system32\soefidba.ini c:\windows\system32\sotnrrcc.ini c:\windows\system32\sslhvwsm.ini c:\windows\system32\sukadkim.dll c:\windows\system32\svepfhur.ini c:\windows\system32\sxfqvkda.dll c:\windows\system32\sykxeuvi.dll c:\windows\system32\tcwvlxeu.ini c:\windows\system32\tuvSkJAr.dll c:\windows\system32\uhlspywq.dll c:\windows\system32\vamhwnwg.ini c:\windows\system32\vigeqfyp.ini c:\windows\system32\vldggjdy.ini c:\windows\system32\vvhudmhd.dll c:\windows\system32\vyardstu.ini c:\windows\system32\wgmkkcxh.ini c:\windows\system32\wjrlxfxv.ini c:\windows\system32\wpbpyfmy.ini c:\windows\system32\wsojrcvh.ini c:\windows\system32\wvddpvmx.ini c:\windows\system32\xagfnyli.ini c:\windows\system32\xkjvovvd.ini c:\windows\system32\xuchmcvw.ini c:\windows\system32\xvfanuty.ini c:\windows\system32\xvwmtnxk.ini c:\windows\system32\xxvuiwhf.ini c:\windows\system32\yahvxiat.ini c:\windows\system32\yqtjrlis.ini c:\windows\system32\yupfgxom.ini M:\autorun.inf M:\Knight.exe N:\autorun.inf . ((((((((((((((((((((((((( Files Created from 2008-12-04 to 2009-01-04 ))))))))))))))))))))))))))))))) . 2009-01-04 03:58 . 2009-01-04 03:58 <DIR> d-------- c:\program files\Trend Micro 2009-01-04 02:35 . 2009-01-04 02:35 <DIR> d-------- c:\program files\ESET 2009-01-04 02:35 . 2009-01-04 02:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\ESET 2008-12-28 18:46 . 2008-12-28 18:46 <DIR> d-------- c:\program files\aSkola 2008-12-28 18:46 . 2008-12-28 18:46 <DIR> d-------- C:\askola 2008-12-28 17:42 . 2008-12-28 17:42 <DIR> d-------- c:\program files\Otpor 2008-12-16 17:36 . 2008-12-16 17:36 <DIR> d-------- c:\program files\Runtime Software 2008-12-15 18:43 . 2008-12-15 18:43 <DIR> d-------- c:\program files\Gear Ratio Calculator 2008-12-14 17:30 . 2008-12-14 17:30 964,714 --a------ c:\windows\kingbright.exe 2008-12-14 17:30 . 2008-12-14 17:30 677,986 --a------ c:\windows\kingbright.prv 2008-12-14 17:30 . 2008-12-14 17:30 108,456 --a------ c:\windows\kingbright.scr 2008-12-13 18:13 . 2008-02-12 03:20 10,880 --a------ c:\windows\system32\drivers\NdisIP.sys 2008-12-13 18:13 . 2008-02-12 03:20 10,880 --a--c--- c:\windows\system32\dllcache\ndisip.sys 2008-12-13 18:13 . 2008-02-12 03:12 5,504 --a------ c:\windows\system32\drivers\MSTEE.sys 2008-12-13 18:13 . 2008-02-12 03:12 5,504 --a--c--- c:\windows\system32\dllcache\mstee.sys 2008-12-13 18:11 . 2008-02-12 03:20 48,128 --a------ c:\windows\system32\drivers\61883.sys 2008-12-13 18:11 . 2008-02-12 03:20 48,128 --a--c--- c:\windows\system32\dllcache\61883.sys 2008-12-06 04:08 . 2008-12-06 04:08 <DIR> d-------- c:\program files\EAGLE-4.09r2 2008-12-06 04:07 . 1997-04-08 20:08 299,520 --a------ c:\windows\uninst.exe 2008-12-06 02:44 . 2008-12-06 02:46 <DIR> d-------- c:\program files\POV-Ray for Windows v3.6 2008-12-05 16:28 . 2008-12-05 16:34 12 --a------ c:\windows\dirsaver.ini 2008-12-05 16:21 . 2008-12-05 16:21 28,672 --a------ c:\windows\gscr.dll 2008-12-05 16:06 . 2008-12-06 03:54 <DIR> d-------- c:\program files\EWB512 2008-12-05 16:06 . 2008-12-05 16:06 216,064 --a------ c:\windows\iun3405.exe 2008-12-04 18:26 . 2008-12-04 18:26 151 --a------ c:\windows\PhotoSnapViewer.INI . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-04 03:04 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2008-12-29 16:54 --------- d-----w c:\program files\Pure Sudoku 2008-12-28 19:06 --------- d-----w c:\documents and settings\POPA\Application Data\BSplayer PRO 2008-12-18 17:42 --------- d-----w c:\program files\Di recnik 2008-12-13 20:14 --------- d-----w c:\documents and settings\POPA\Application Data\Ahead 2008-12-13 17:24 --------- d-----w c:\program files\Total Video Converter 2008-12-02 08:42 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-12-02 00:53 --------- d-----w c:\program files\Spybot - Search & Destroy 2008-11-27 22:30 --------- d-----w c:\program files\PDF 2 Word 2 2008-11-24 22:48 116,224 ----a-w c:\windows\system32\qpwfrwoe.dll 2008-11-24 18:46 33,792 ----a-w c:\windows\system32\qoMeEWnn.dll 2008-11-24 18:46 33,792 ----a-w c:\windows\system32\iiffCRiF.dll 2008-11-24 18:45 33,792 ----a-w c:\windows\system32\nnnmlLBT.dll 2008-11-23 17:21 --------- d-----w c:\documents and settings\All Users\Application Data\NFS Underground 2008-11-23 16:10 --------- d-----w c:\program files\Common Files\DirectX 2008-11-18 15:39 --------- d-----w c:\program files\Common Files\Adobe 2008-11-18 15:39 --------- d-----w c:\documents and settings\POPA\Application Data\InterTrust 2008-11-18 15:22 --------- d-----w c:\documents and settings\All Users\Application Data\Office Genuine Advantage 2008-11-18 15:16 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2008-11-18 15:10 --------- d-----w c:\program files\MSBuild 2008-11-18 15:10 --------- d-----w c:\program files\Microsoft Works 2008-11-18 14:44 --------- d-----w c:\documents and settings\POPA\Application Data\Ulead Systems 2008-11-18 14:39 --------- d--h--w c:\program files\InstallShield Installation Information 2008-11-17 15:33 72,192 ----a-w c:\windows\cadkasdeinst01e.exe 2008-11-17 15:27 --------- d-----w c:\program files\Common Files\Vbox 2008-11-17 14:27 --------- d-----w c:\documents and settings\POPA\Application Data\DivX 2008-11-17 00:22 --------- d-----w c:\program files\ABBYY PDF Transformer 2.0 2008-11-16 14:44 --------- d-----w c:\documents and settings\POPA\Application Data\CyberLink 2008-11-16 09:39 --------- d-----w c:\program files\JetAudio 2008-11-16 09:39 --------- d-----w c:\documents and settings\POPA\Application Data\COWON 2008-11-16 09:38 --------- d-----w c:\program files\DivX 2008-11-16 09:33 --------- d-----w c:\program files\AC3Filter 2008-11-14 00:36 --------- d-----w c:\documents and settings\POPA\Application Data\GRETECH 2008-11-13 23:34 --------- d-----w c:\documents and settings\All Users\Application Data\Ulead Systems 2008-11-13 22:17 --------- d-----w c:\program files\VirtualDub1.8.6 2008-11-13 22:15 --------- d-----w c:\program files\Windows Media Components 2008-11-13 22:15 --------- d-----w c:\program files\Common Files\Ulead Systems 2008-11-13 22:15 --------- d-----w c:\program files\Common Files\InterVideo 2008-11-13 22:15 --------- d-----w c:\documents and settings\POPA\Application Data\InstallShield 2008-11-13 22:15 --------- d-----w c:\documents and settings\All Users\Application Data\InterVideo 2008-11-13 22:14 --------- d-----w c:\program files\Ulead Systems 2008-11-13 22:11 --------- d-----w c:\program files\URUSoft 2008-11-13 22:10 43,602 ----a-w c:\windows\system32\xvid-uninstall.exe 2008-11-13 22:10 --------- d-----w c:\program files\Gabest 2008-11-13 22:10 --------- d-----w c:\program files\AviSynth 2.5 2008-11-13 22:10 --------- d-----w c:\program files\AutoGK 2008-11-13 22:08 --------- d-----w c:\documents and settings\All Users\Application Data\CyberLink 2008-11-13 22:07 --------- d-----w c:\program files\CyberLink 2008-11-13 22:06 --------- d-----w c:\program files\Common Files\COWON 2008-11-13 22:04 --------- d-----w c:\program files\GRETECH 2008-11-13 21:58 --------- d-----w c:\program files\Common Files\Ahead 2008-11-13 21:57 --------- d-----w c:\program files\Nero 2008-11-13 21:57 --------- d-----w c:\documents and settings\All Users\Application Data\Nero 2008-11-13 21:45 --------- d-----w c:\program files\DAEMON Tools 2008-11-13 21:43 685,816 ----a-w c:\windows\system32\drivers\sptd.sys 2008-11-13 21:42 --------- d-----w c:\program files\Opera 2008-11-13 21:35 --------- d-----w c:\program files\Symantec 2008-11-13 21:33 --------- d-----w c:\program files\Common Files\InstallShield 2008-11-13 21:29 --------- d-----w c:\program files\Your Uninstaller 2008 2008-11-13 21:28 --------- d-----w c:\documents and settings\POPA\Application Data\URSoft 2008-11-13 21:25 --------- d-----w c:\program files\Webteh 2008-11-13 21:20 --------- d-----w c:\program files\Java 2008-11-13 21:20 --------- d-----w c:\program files\Common Files\Java 2008-11-13 17:38 --------- d-----w c:\program files\MultiRes 2008-11-13 17:37 451,072 ------w c:\windows\Radeon Omega Drivers v3.8.252 Uninstall.exe 2008-11-13 17:37 --------- d-----w c:\program files\Radeon Omega Drivers 2008-11-13 17:36 --------- d-----w c:\program files\AvRack 2008-11-13 17:35 --------- d-----w c:\program files\Realtek AC97 2008-11-13 17:01 --------- d-----w c:\program files\microsoft frontpage . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-02-12 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2006-08-03 c:\windows\soundman.exe] "AtiPTA"="atiptaxx.exe" [2006-02-22 c:\windows\system32\atiptaxx.exe] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-02-12 c:\windows\system32\bthprops.cpl] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-02-12 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.divxa32"= msaud32_divx.acm "msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm "msacm.MPEGacm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm "msacm.ulmp3acm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm "msacm.ac3filter"= ac3filter.acm [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Opera\\opera.exe"= "d:\\Igre\\Live for Speed S2\\LFS.exe"= R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-10-24 34824] R4 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-10-24 468224] S3 ATICDSDr;ATICDSDr;\??\c:\docume~1\POPA\LOCALS~1\Temp\ATICDSDr.sys --> c:\docume~1\POPA\LOCALS~1\Temp\ATICDSDr.sys [?] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7d10f140-b4b3-11dd-811e-000a94165c79}] \Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs . Contents of the 'Scheduled Tasks' folder 2008-12-02 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job - c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2008-07-07 09:42] . - - - - ORPHANS REMOVED - - - - BHO-{1E6CC2F9-A924-4A22-9D98-646734D906A2} - (no file) BHO-{2AE6A28C-3466-4B50-8D9D-DE05EB0E56B4} - (no file) BHO-{545DF286-FC8F-4017-870F-CFC493025DCC} - (no file) BHO-{A4B22E59-E64E-40CF-B445-954660EFC84E} - c:\windows\system32\tuvSkJAr.dll BHO-{B674EFDA-4BD4-406E-B4F3-4886B2B4D7A9} - (no file) BHO-{D74AB87D-CBEE-43C1-A0AC-3FB195EBDC61} - (no file) BHO-{EE376D8F-1119-4490-8F63-C7FA4F66C0E6} - (no file) . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google,rs/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Prevedi sa Di recnikom - c:\program files\Di recnik\diie.htm IE: Translate with Di dictionary - TCP: {58034173-1A1E-465B-BCC7-1CA39748133D} = 80.74.160.38 80.74.160.12 . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-01-04 12:37:29 Windows 5.1.2600 Service Pack 3, v.3311 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info] @Denied: (3) (LocalSystem) "AppDataDir"="c:\\Documents and Settings\\All Users\\Application Data\\ESET\\ESET NOD32 Antivirus\\" "DataDir"="ESET\\ESET NOD32 Antivirus\\" "EditionName"="Student Edition" "InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\" "LanguageId"=dword:00000409 "ProductBase"=dword:00000000 "ProductCode"="{4EAE8F8E-0C2E-4814-9A04-635AFB9050AA}" "ProductName"="ESET NOD32 Antivirus" "ProductType"="eav" "ProductVersion"="3.0.684.0" "UniqueId"="012E6219496012AF" "ScannerBuild"=dword:00000ed0 "ScannerVersionId"=dword:00000de1 "ScannerVersion"="" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(640) c:\windows\system32\Ati2evxx.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\ati2evxx.exe c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe c:\windows\system32\wdfmgr.exe c:\windows\system32\rundll32.exe c:\program files\ESET\ESET NOD32 Antivirus\egui.exe . ************************************************************************ . Completion time: 2009-01-04 12:39:40 - machine was rebooted ComboFix-quarantined-files.txt 2009-01-04 11:39:36 Pre-Run: 8,637,149,184 bytes free Post-Run: 9,088,700,416 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=signature(b9a0b99)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons signature(b9a0b99)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 324

Profil

helen1 Poslao: 04 Jan 2009 16:37 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! E, to. Ta opcija. Dobro si postavio. Javljam se kasnije.... Dopuna: 04 Jan 2009 16:37 Ponovo iskljuci i Spybot i Antivirus. Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\windows\system32\qpwfrwoe.dll c:\windows\system32\qoMeEWnn.dll c:\windows\system32\iiffCRiF.dll c:\windows\system32\nnnmlLBT.dll Registry:: [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7d10f140-b4b3-11dd-811e-000a94165c79}]` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

nebojsa77ns Poslao: 04 Jan 2009 18:35 Idi na vrh
offline nebojsa77ns Građanin Pridružio: 04 Jan 2009 Poruke: 141 Gde živiš: SRBIJA	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo me stigo sam ComboFix 09-01-02.01 - POPA 2009-01-04 18:22:15.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.231 [GMT 1:00] Running from: c:\documents and settings\POPA\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\POPA\Desktop\CFScript.txt AV: ESET NOD32 Antivirus 3.0 On-access scanning disabled (Updated) * Created a new restore point FILE :: c:\windows\system32\iiffCRiF.dll c:\windows\system32\nnnmlLBT.dll c:\windows\system32\qoMeEWnn.dll c:\windows\system32\qpwfrwoe.dll . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\iiffCRiF.dll c:\windows\system32\nnnmlLBT.dll c:\windows\system32\qoMeEWnn.dll c:\windows\system32\qpwfrwoe.dll . ((((((((((((((((((((((((( Files Created from 2008-12-04 to 2009-01-04 ))))))))))))))))))))))))))))))) . 2009-01-04 03:58 . 2009-01-04 03:58 <DIR> d-------- c:\program files\Trend Micro 2009-01-04 02:35 . 2009-01-04 02:35 <DIR> d-------- c:\program files\ESET 2009-01-04 02:35 . 2009-01-04 02:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\ESET 2008-12-28 18:46 . 2008-12-28 18:46 <DIR> d-------- c:\program files\aSkola 2008-12-28 18:46 . 2008-12-28 18:46 <DIR> d-------- C:\askola 2008-12-28 17:42 . 2008-12-28 17:42 <DIR> d-------- c:\program files\Otpor 2008-12-16 17:36 . 2008-12-16 17:36 <DIR> d-------- c:\program files\Runtime Software 2008-12-15 18:43 . 2008-12-15 18:43 <DIR> d-------- c:\program files\Gear Ratio Calculator 2008-12-14 17:30 . 2008-12-14 17:30 964,714 --a------ c:\windows\kingbright.exe 2008-12-14 17:30 . 2008-12-14 17:30 677,986 --a------ c:\windows\kingbright.prv 2008-12-14 17:30 . 2008-12-14 17:30 108,456 --a------ c:\windows\kingbright.scr 2008-12-13 18:13 . 2008-02-12 03:20 10,880 --a------ c:\windows\system32\drivers\NdisIP.sys 2008-12-13 18:13 . 2008-02-12 03:20 10,880 --a--c--- c:\windows\system32\dllcache\ndisip.sys 2008-12-13 18:13 . 2008-02-12 03:12 5,504 --a------ c:\windows\system32\drivers\MSTEE.sys 2008-12-13 18:13 . 2008-02-12 03:12 5,504 --a--c--- c:\windows\system32\dllcache\mstee.sys 2008-12-13 18:11 . 2008-02-12 03:20 48,128 --a------ c:\windows\system32\drivers\61883.sys 2008-12-13 18:11 . 2008-02-12 03:20 48,128 --a--c--- c:\windows\system32\dllcache\61883.sys 2008-12-06 04:08 . 2008-12-06 04:08 <DIR> d-------- c:\program files\EAGLE-4.09r2 2008-12-06 04:07 . 1997-04-08 20:08 299,520 --a------ c:\windows\uninst.exe 2008-12-06 02:44 . 2008-12-06 02:46 <DIR> d-------- c:\program files\POV-Ray for Windows v3.6 2008-12-05 16:28 . 2008-12-05 16:34 12 --a------ c:\windows\dirsaver.ini 2008-12-05 16:21 . 2008-12-05 16:21 28,672 --a------ c:\windows\gscr.dll 2008-12-05 16:06 . 2008-12-06 03:54 <DIR> d-------- c:\program files\EWB512 2008-12-05 16:06 . 2008-12-05 16:06 216,064 --a------ c:\windows\iun3405.exe 2008-12-04 18:26 . 2008-12-04 18:26 151 --a------ c:\windows\PhotoSnapViewer.INI . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-04 03:04 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2008-12-29 16:54 --------- d-----w c:\program files\Pure Sudoku 2008-12-28 19:06 --------- d-----w c:\documents and settings\POPA\Application Data\BSplayer PRO 2008-12-18 17:42 --------- d-----w c:\program files\Di recnik 2008-12-13 20:14 --------- d-----w c:\documents and settings\POPA\Application Data\Ahead 2008-12-13 17:24 --------- d-----w c:\program files\Total Video Converter 2008-12-02 08:42 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2008-12-02 00:53 --------- d-----w c:\program files\Spybot - Search & Destroy 2008-11-27 22:30 --------- d-----w c:\program files\PDF 2 Word 2 2008-11-23 17:21 --------- d-----w c:\documents and settings\All Users\Application Data\NFS Underground 2008-11-23 16:10 --------- d-----w c:\program files\Common Files\DirectX 2008-11-18 15:39 --------- d-----w c:\program files\Common Files\Adobe 2008-11-18 15:39 --------- d-----w c:\documents and settings\POPA\Application Data\InterTrust 2008-11-18 15:22 --------- d-----w c:\documents and settings\All Users\Application Data\Office Genuine Advantage 2008-11-18 15:16 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2008-11-18 15:10 --------- d-----w c:\program files\MSBuild 2008-11-18 15:10 --------- d-----w c:\program files\Microsoft Works 2008-11-18 14:44 --------- d-----w c:\documents and settings\POPA\Application Data\Ulead Systems 2008-11-18 14:39 --------- d--h--w c:\program files\InstallShield Installation Information 2008-11-17 15:33 72,192 ----a-w c:\windows\cadkasdeinst01e.exe 2008-11-17 15:27 --------- d-----w c:\program files\Common Files\Vbox 2008-11-17 14:27 --------- d-----w c:\documents and settings\POPA\Application Data\DivX 2008-11-17 00:22 --------- d-----w c:\program files\ABBYY PDF Transformer 2.0 2008-11-16 14:44 --------- d-----w c:\documents and settings\POPA\Application Data\CyberLink 2008-11-16 09:39 --------- d-----w c:\program files\JetAudio 2008-11-16 09:39 --------- d-----w c:\documents and settings\POPA\Application Data\COWON 2008-11-16 09:38 --------- d-----w c:\program files\DivX 2008-11-16 09:33 --------- d-----w c:\program files\AC3Filter 2008-11-14 00:36 --------- d-----w c:\documents and settings\POPA\Application Data\GRETECH 2008-11-13 23:34 --------- d-----w c:\documents and settings\All Users\Application Data\Ulead Systems 2008-11-13 22:17 --------- d-----w c:\program files\VirtualDub1.8.6 2008-11-13 22:15 --------- d-----w c:\program files\Windows Media Components 2008-11-13 22:15 --------- d-----w c:\program files\Common Files\Ulead Systems 2008-11-13 22:15 --------- d-----w c:\program files\Common Files\InterVideo 2008-11-13 22:15 --------- d-----w c:\documents and settings\POPA\Application Data\InstallShield 2008-11-13 22:15 --------- d-----w c:\documents and settings\All Users\Application Data\InterVideo 2008-11-13 22:14 --------- d-----w c:\program files\Ulead Systems 2008-11-13 22:11 --------- d-----w c:\program files\URUSoft 2008-11-13 22:10 43,602 ----a-w c:\windows\system32\xvid-uninstall.exe 2008-11-13 22:10 --------- d-----w c:\program files\Gabest 2008-11-13 22:10 --------- d-----w c:\program files\AviSynth 2.5 2008-11-13 22:10 --------- d-----w c:\program files\AutoGK 2008-11-13 22:08 --------- d-----w c:\documents and settings\All Users\Application Data\CyberLink 2008-11-13 22:07 --------- d-----w c:\program files\CyberLink 2008-11-13 22:06 --------- d-----w c:\program files\Common Files\COWON 2008-11-13 22:04 --------- d-----w c:\program files\GRETECH 2008-11-13 21:58 --------- d-----w c:\program files\Common Files\Ahead 2008-11-13 21:57 --------- d-----w c:\program files\Nero 2008-11-13 21:57 --------- d-----w c:\documents and settings\All Users\Application Data\Nero 2008-11-13 21:45 --------- d-----w c:\program files\DAEMON Tools 2008-11-13 21:43 685,816 ----a-w c:\windows\system32\drivers\sptd.sys 2008-11-13 21:42 --------- d-----w c:\program files\Opera 2008-11-13 21:35 --------- d-----w c:\program files\Symantec 2008-11-13 21:33 --------- d-----w c:\program files\Common Files\InstallShield 2008-11-13 21:29 --------- d-----w c:\program files\Your Uninstaller 2008 2008-11-13 21:28 --------- d-----w c:\documents and settings\POPA\Application Data\URSoft 2008-11-13 21:25 --------- d-----w c:\program files\Webteh 2008-11-13 21:20 --------- d-----w c:\program files\Java 2008-11-13 21:20 --------- d-----w c:\program files\Common Files\Java 2008-11-13 17:38 --------- d-----w c:\program files\MultiRes 2008-11-13 17:37 451,072 ------w c:\windows\Radeon Omega Drivers v3.8.252 Uninstall.exe 2008-11-13 17:37 --------- d-----w c:\program files\Radeon Omega Drivers 2008-11-13 17:36 --------- d-----w c:\program files\AvRack 2008-11-13 17:35 --------- d-----w c:\program files\Realtek AC97 2008-11-13 17:01 --------- d-----w c:\program files\microsoft frontpage . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-02-12 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2006-08-03 c:\windows\soundman.exe] "AtiPTA"="atiptaxx.exe" [2006-02-22 c:\windows\system32\atiptaxx.exe] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-02-12 c:\windows\system32\bthprops.cpl] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-02-12 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.divxa32"= msaud32_divx.acm "msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm "msacm.MPEGacm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm "msacm.ulmp3acm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm "msacm.ac3filter"= ac3filter.acm [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Opera\\opera.exe"= "d:\\Igre\\Live for Speed S2\\LFS.exe"= R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-10-24 34824] R4 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-10-24 468224] S3 ATICDSDr;ATICDSDr;\??\c:\docume~1\POPA\LOCALS~1\Temp\ATICDSDr.sys --> c:\docume~1\POPA\LOCALS~1\Temp\ATICDSDr.sys [?] . Contents of the 'Scheduled Tasks' folder 2008-12-02 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job - c:\program files\Spybot - Search & Destroy\SpybotSD.exe [2008-07-07 09:42] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google,rs/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Prevedi sa Di recnikom - c:\program files\Di recnik\diie.htm IE: Translate with Di dictionary - TCP: {58034173-1A1E-465B-BCC7-1CA39748133D} = 80.74.160.38 80.74.160.12 . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-01-04 18:23:26 Windows 5.1.2600 Service Pack 3, v.3311 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(640) c:\windows\system32\Ati2evxx.dll . Completion time: 2009-01-04 18:24:34 ComboFix-quarantined-files.txt 2009-01-04 17:24:16 ComboFix2.txt 2009-01-04 11:39:42 Pre-Run: 9,089,531,904 bytes free Post-Run: 9,079,504,896 bytes free 182 Dopuna: 04 Jan 2009 18:35 imao sam usput i problema sa nekim wirtualom koji je javljao Spybot ovih dana a primetio sam ga i na flesevima ako to nesto znaci. Inace su non stoop od prvog posta ukljuceni u ceo ovaj proces ciscenja.

Profil

helen1 Poslao: 04 Jan 2009 18:39 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Mozes da primetis na pocetku prvog ComboFix loga gomilu obrisanih fajlova. To je taj Vundo sto ga je Spybot nalazio. Kakvo je sad stanje, trebalo bi da je OK?

Profil

nebojsa77ns Poslao: 04 Jan 2009 20:20 Idi na vrh
offline nebojsa77ns Građanin Pridružio: 04 Jan 2009 Poruke: 141 Gde živiš: SRBIJA	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! za sada je sve u redu radim update nod-a i spybota pa cu da se javim. Ali inace nema vise prozora od spybota. Hvala puno na pomoci pravi ste. Dopuna: 04 Jan 2009 20:20 Sve je u redu hvala puno.

Profil

helen1 Poslao: 04 Jan 2009 22:52 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradi jos ovo: Klikni START a zatim RUN U liniju za unos teksta ukucaj Combofix /u i klikni OK Sačekaj da se proces deinstalacije završi Gornja procedura će: Obrisati sledeće: ComboFix i njegove file-ove i foldere VundoFix Backups folder, ako postoji C:\Deckard folder, ako postoji C:\OtMoveIt folder, ako postoji Resetovati podešavanja sata na kompjuteru Sakriti ekstenzije file-ova, ako je potrebno Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno Resetovati System Restore Ako bude problema, javi se....

Profil

nebojsa77ns Poslao: 05 Jan 2009 00:58 Idi na vrh
offline nebojsa77ns Građanin Pridružio: 04 Jan 2009 Poruke: 141 Gde živiš: SRBIJA	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala puno gotovo je.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Molio bih pomoc

Ko je trenutno na forumu

Ukupno su 1086 korisnika na forumu :: 35 registrovanih, 5 sakrivenih i 1046 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: anbeast, Apok, bladesu, bokisha253, Darko8, debeli, DejanSt, DonRumataEstorski, dule10savic, FileFinder, GandorCC, Georgius, HrcAk47, Ilija Cvorovic, krkalon, lord sir giga, Metanoja, Milos ZA, milos.cbr, milutin134, nenad81, Nikolaa11, NoOneEver Dreams, raptorsi, Shinobi, Srki94, Srle993, tubular, vathra, vladetije, vukdra, ZetaMan, zixmix, |_MeD_|, žeks62

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by