MyCity » Ambulanta -> Arhiva Ambulante » Pomoc!!!

Pomoc!!!

Napisano na dan: 12.1.2009

Pomoc!!!

Odgovori

mooky Poslao: 12 Jan 2009 13:14 Idi na vrh
offline mooky Novi MyCity građanin Pridružio: 14 Dec 2008 Poruke: 7	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav! Vec sam jednom imao problema sa racunarom pa ste mi pomogli. U pitanju je ova tema: mycity.rs/Arhiva-Ambulante/pomoc-178.html Jucer dok sam bio na internetu i otvorio jednu stranicu, pojavila mi se poruka kao ova stranica je zarazena. Nisam nista klikao, samo sam se pomocu tipke Back vratio na Google. Kad sam je drugi put pokusao otvoriti sve je bilo normalno, nikakvih poruka tog tipa. Danas sam proveo Panda security test i ispalo je da ima nekih zarazenih fajlova. Evo i loga: ;********************************************************************************************************************************************************************************* ANALYSIS: 2009-01-12 12:49:39 PROTECTIONS: 1 MALWARE: 2 SUSPECTS: 0 ;********************************************************************************************************************************************************************************* PROTECTIONS Description Version Active Updated ;=================================================================================================================================================================================== McAfee VirusScan Enterprise 7.1.0.187 No No ;=================================================================================================================================================================================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=================================================================================================================================================================================== 03738686 Generic Malware Virus/Trojan No 0 No No C:\Documents and Settings\Korisnik\Desktop\SDFix.exe[C:\Documents and Settings\Korisnik\Desktop\SDFix.exe][SDFix\catchme.exe] 03738686 Generic Malware Virus/Trojan No 0 No No C:\Documents and Settings\Korisnik\Desktop\SDFix.exe[C:\Documents and Settings\Korisnik\Desktop\SDFix.exe][SDFix\apps\Cghtme.exe] 03738686 Generic Malware Virus/Trojan No 0 No No C:\System Volume Information\_restore{DF7959D8-11FF-4203-95C5-AC5D12F6F14A}\RP72\A0023043.exe[C:\System Volume Information\_restore{DF7959D8-11FF-4203-95C5-AC5D12F6F14A}\RP72\A0023043.exe][SDFix\catchme.exe] 03738686 Generic Malware Virus/Trojan No 0 Yes No C:\SDFix\apps\Cghtme.exe 03738686 Generic Malware Virus/Trojan No 0 No No C:\System Volume Information\_restore{DF7959D8-11FF-4203-95C5-AC5D12F6F14A}\RP72\A0022961.exe[C:\System Volume Information\_restore{DF7959D8-11FF-4203-95C5-AC5D12F6F14A}\RP72\A0022961.exe][SDFix\apps\Cghtme.exe] 03738686 Generic Malware Virus/Trojan No 0 No No C:\System Volume Information\_restore{DF7959D8-11FF-4203-95C5-AC5D12F6F14A}\RP72\A0022961.exe[C:\System Volume Information\_restore{DF7959D8-11FF-4203-95C5-AC5D12F6F14A}\RP72\A0022961.exe][SDFix\catchme.exe] 03738686 Generic Malware Virus/Trojan No 0 No No C:\System Volume Information\_restore{DF7959D8-11FF-4203-95C5-AC5D12F6F14A}\RP72\A0023043.exe[C:\System Volume Information\_restore{DF7959D8-11FF-4203-95C5-AC5D12F6F14A}\RP72\A0023043.exe][SDFix\apps\Cghtme.exe] 04378881 Trj/Inject.K Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{DF7959D8-11FF-4203-95C5-AC5D12F6F14A}\RP70\A0021671.exe 04378881 Trj/Inject.K Virus/Trojan No 1 Yes No C:\SDFix\backups\backups.zip[backups/~.exe] 04378881 Trj/Inject.K Virus/Trojan No 1 Yes No C:\Documents and Settings\Korisnik\Local Settings\Temporary Internet Files\Content.IE5\4HG1UN4L\fil[1].exe 04378881 Trj/Inject.K Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{DF7959D8-11FF-4203-95C5-AC5D12F6F14A}\RP71\A0021953.exe 04378881 Trj/Inject.K Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{DF7959D8-11FF-4203-95C5-AC5D12F6F14A}\RP71\A0022827.exe 04378881 Trj/Inject.K Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{DF7959D8-11FF-4203-95C5-AC5D12F6F14A}\RP72\A0023125.exe 04378881 Trj/Inject.K Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{DF7959D8-11FF-4203-95C5-AC5D12F6F14A}\RP72\A0023131.exe ;=================================================================================================================================================================================== SUSPECTS Sent Location ;=================================================================================================================================================================================== ;====================================================================================================================================================================== Evo i novog HJT loga Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:02:07, on 12.1.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Korisnik\Desktop\tarzan\tr3.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.mcafee.com O17 - HKLM\System\CCS\Services\Tcpip\..\{BA37B3E5-ED44-40A5-8B2B-F5AED44E20B5}: NameServer = 77.78.192.10 77.78.192.20 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe -- End of file - 5865 bytes Proveo bih ponovo i ovaj SDfix ali ne znam je li to u redu, posto mi gore pise da ima virusa. Hvala unaprijed!!!

Profil

diarno Poslao: 12 Jan 2009 15:05 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nemoj pokretati SDFix i slicne programe koje mi ovde koristimo, na svoju ruku... OK? Nema SDFix viruse... vec pojedine njegove komponente AV programi vide kao maliciozne(a zapravo nisu).. zbog njihovog opsega delovanja i koda... Dalje... Log je cist a ti treba samo da isključiš a zatim ponovo uključiš System Restore: http://www.mycity.rs/Uputstva/Kako-iskljuciti-u.....Vista.html i ocisti temp fajlove : Preuzmi program ATF Cleaner i sačuvaj ga na Desktop. Štikliraj Select All i nakon toga klikni na Empty Selected. Kada se pojavi poruka Done Cleaning, zatvori program. Zatim ponovo pusti pandu i javi dal nesto prijavljuje..

Profil

mooky Poslao: 12 Jan 2009 19:21 Idi na vrh
offline mooky Novi MyCity građanin Pridružio: 14 Dec 2008 Poruke: 7	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo novog Pandinog loga: ;********************************************************************************************************************************************************************************* ANALYSIS: 2009-01-12 19:11:45 PROTECTIONS: 1 MALWARE: 2 SUSPECTS: 0 ;********************************************************************************************************************************************************************************* PROTECTIONS Description Version Active Updated ;=================================================================================================================================================================================== McAfee VirusScan Enterprise 7.1.0.187 No No ;=================================================================================================================================================================================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=================================================================================================================================================================================== 03738686 Generic Malware Virus/Trojan No 0 No No C:\Documents and Settings\Korisnik\Desktop\SDFix.exe[C:\Documents and Settings\Korisnik\Desktop\SDFix.exe][SDFix\apps\Cghtme.exe] 03738686 Generic Malware Virus/Trojan No 0 No No C:\Documents and Settings\Korisnik\Desktop\SDFix.exe[C:\Documents and Settings\Korisnik\Desktop\SDFix.exe][SDFix\catchme.exe] 04378881 Trj/Inject.K Virus/Trojan No 1 Yes No C:\SDFix\backups\backups.zip[backups/~.exe] ;=================================================================================================================================================================================== SUSPECTS Sent Location s ;=================================================================================================================================================================================== ;=================================================================================================================================================================================== VULNERABILITIES Id Severity Description s ;=================================================================================================================================================================================== 184380 MEDIUM MS08-002 s 184379 MEDIUM MS08-001 s 182048 HIGH MS07-069 s 182046 HIGH MS07-067 s 182043 HIGH MS07-064 s 179553 HIGH MS07-061 s 176382 HIGH MS07-057 s 176383 HIGH MS07-058 s 170911 HIGH MS07-050 s 170907 HIGH MS07-046 s 170906 HIGH MS07-045 s 170904 HIGH MS07-043 s 164915 HIGH MS07-035 s 164913 HIGH MS07-033 s 164911 HIGH MS07-031 s 160623 HIGH MS07-027 s 157262 HIGH MS07-022 s 157261 HIGH MS07-021 s 157260 HIGH MS07-020 s 157259 HIGH MS07-019 s 156477 HIGH MS07-017 s 150253 HIGH MS07-016 s 150249 HIGH MS07-013 s 150248 HIGH MS07-012 s 150247 HIGH MS07-011 s 150243 HIGH MS07-008 s 150242 HIGH MS07-007 s 150241 MEDIUM MS07-006 s 141034 HIGH MS06-076 s 141033 MEDIUM MS06-075 s 141030 HIGH MS06-072 s 137571 HIGH MS06-070 s 137568 HIGH MS06-067 s 133387 MEDIUM MS06-065 s 133386 MEDIUM MS06-064 s 133385 MEDIUM MS06-063 s 133379 HIGH MS06-057 s 131654 HIGH MS06-055 s 129977 MEDIUM MS06-053 s 129976 MEDIUM MS06-052 s 126093 HIGH MS06-051 s 126092 MEDIUM MS06-050 s 126087 HIGH MS06-046 s 126086 MEDIUM MS06-045 s 126083 HIGH MS06-042 s 126082 HIGH MS06-041 s 126081 HIGH MS06-040 s 123421 HIGH MS06-036 s 123420 HIGH MS06-035 s 120825 MEDIUM MS06-032 s 120823 MEDIUM MS06-030 s 120818 HIGH MS06-025 s 120815 HIGH MS06-022 s 120814 HIGH MS06-021 s 117384 MEDIUM MS06-018 s 114666 HIGH MS06-015 s 114664 HIGH MS06-013 s 108744 MEDIUM MS06-008 s 108743 MEDIUM MS06-007 s 108742 MEDIUM MS06-006 s 104567 HIGH MS06-002 s 104237 HIGH MS06-001 s 96574 HIGH MS05-053 s 93395 HIGH MS05-051 s 93394 HIGH MS05-050 s 93454 MEDIUM MS05-049 s ;=================================================================================================================================================================================== Doduse, nisam ponovo bio ukljucio System Restore prije skeniranja, ili to tek sad treba da uradim? Evo i novog HJT loga, za svaki slucaj: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:14:17, on 12.1.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Korisnik\Desktop\tarzan\tr3.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -scheduler O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.mcafee.com O17 - HKLM\System\CCS\Services\Tcpip\..\{BA37B3E5-ED44-40A5-8B2B-F5AED44E20B5}: NameServer = 77.78.192.10 77.78.192.20 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe -- End of file - 5865 bytes

Profil

diarno Poslao: 12 Jan 2009 19:38 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! OK .to je to .... Ukljuci sad System Restore i obrisi : SDFiX koji ti je na desktopu i njegov folder na C particiji. I nemoj ga koristiti osim ako ti neko ovde sledeci put ne kaze. POzz

Profil

mooky Poslao: 15 Jan 2009 12:24 Idi na vrh
offline mooky Novi MyCity građanin Pridružio: 14 Dec 2008 Poruke: 7	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! OK, hvala ti puno!!! Dopuna: 15 Jan 2009 12:24 Ej, opet sam proveo Panda scan i izlistava mi ovo: ANALYSIS: 2009-01-15 12:14:14 PROTECTIONS: 1 MALWARE: 1 SUSPECTS: 0 ;*********************************************************************************************************************************************************************************** PROTECTIONS Description Version Active Updated ;=================================================================================================================================================================================== McAfee VirusScan Enterprise 7.1.0.187 No No ;=================================================================================================================================================================================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=================================================================================================================================================================================== 03738686 Generic Malware Virus/Trojan No 0 No No C:\System Volume Information\_restore{DF7959D8-11FF-4203-95C5-AC5D12F6F14A}\RP74\A0024267.exe[C:\System Volume Information\_restore{DF7959D8-11FF-4203-95C5-AC5D12F6F14A}\RP74\A0024267.exe][SDFix\apps\Cghtme.exe] 03738686 Generic Malware Virus/Trojan No 0 No No C:\System Volume Information\_restore{DF7959D8-11FF-4203-95C5-AC5D12F6F14A}\RP74\A0024267.exe[C:\System Volume Information\_restore{DF7959D8-11FF-4203-95C5-AC5D12F6F14A}\RP74\A0024267.exe][SDFix\catchme.exe] ;=================================================================================================================================================================================== SUSPECTS Sent Location Y ;=================================================================================================================================================================================== ;=================================================================================================================================================================================== Da li da ostavim ovako kako je ili sta? Sorry, znam da sam dosadan sa svim ovim

Profil

diarno Poslao: 15 Jan 2009 23:55 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kao sto rekoh...SDFixova komponenta.... NIsta opasno niti strasno... Nisi dosadan... Samo vec sam ti rekao da oko toga ne moras da brines.... Ako ti smeta(a ne vidim razloga zasto bi ti smetalo ) ti Ponovo iskljuci i ukljuci system restore i to je to. PozZz

Profil

mooky Poslao: 16 Jan 2009 12:15 Idi na vrh
offline mooky Novi MyCity građanin Pridružio: 14 Dec 2008 Poruke: 7	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! OK je sve sada Jednostavno se nelagodno osjecam kad mi pokaze bilo sta "negativno" Hvala jos jednom, nadam se da vise necu imati nikakvih problema Puno pozdrava!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Pomoc!!!

Ko je trenutno na forumu

Ukupno su 828 korisnika na forumu :: 34 registrovanih, 8 sakrivenih i 786 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., aleksandarbl, aleksmajstor, Apok, Atomski čoban, Denaya, Dimitrije Paunovic, DonRumataEstorski, FOX, Istman, kolle.the.kid, Koridor, Kubovac, laki_bb, Lucije Kvint, mean_machine, mercedesamg, Mercury, Mi lao shu, mikrimaus, milenko crazy north, Mixelotti, mrav pesadinac, Ne doznajem se u oružje, Raso75, robertino, Srle993, tmanda323, uruk, USSVoyager, vathra, Vlad000, VP6919, zillbg

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by