MyCity » Ambulanta -> Arhiva Ambulante » Problem sa kompom molim za pomoc!!!

Problem sa kompom molim za pomoc!!!

Napisano na dan: 11.7.2011

Strana:
1
2

Problem sa kompom molim za pomoc!!!

Sledeća strana

Pagination

Odgovori

Strana:
1
2

djole24 Poslao: 11 Jul 2011 22:26 Idi na vrh
offline djole24 Građanin Pridružio: 23 Feb 2008 Poruke: 46 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Kad upalim komp pojavljuje mi 4 prozora na kom mi pokazuje neke greske a de si se da kad upalim komp zablokira mi komp i bez restarta na kucistu nemogu mu nista.evo i logova . DDS (Ver_2011-06-23.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22 Run by Djordje at 21:56:21 on 2011-07-11 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.530 [GMT 2:00] . AV: AVG Internet Security 2011 Enabled/Updated {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: COMODO Firewall Pro Enabled FW: AVG Firewall Disabled . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\COMODO\Firewall\cfp.exe C:\WINDOWS\Mixer.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\CIDD_P\lsass.exe svchost.exe C:\Program Files\AVG\AVG10\avgfws.exe C:\Program Files\COMODO\Firewall\cmdagent.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe E:\Program Files\Winamp\winamp.exe E:\Program Files\Winamp\winamp.exe C:\Documents and Settings\Djordje\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Djordje\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Djordje\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Djordje\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Djordje\Local Settings\Application Data\Google\Chrome\Application\chrome.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://google.com/ mSearchAssistant = hxxp://start.facemoods.com/?a=tweak&s={searchTerms}&f=4 uURLSearchHooks: Winamp Toolbar Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - c:\program files\winamp toolbar\winamptb.dll uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - mURLSearchHooks: Winamp Toolbar Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - c:\program files\winamp toolbar\winamptb.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File BHO: Ask Toolbar BHO: {d4027c7f-154a-4066-a1ad-4243d8127440} - Ask Toolbar BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [COMODO Firewall Pro] "c:\program files\comodo\firewall\cfp.exe" -h mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [configuration] c:\windows\configuration\configuration.exe mRun: [C-Media Mixer] Mixer.exe /startup mPolicies-system: EnableLinkedConnections = 1 (0x1) IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe LSP: e:\program files\advanced systemcare 3\SPICtrl.dll DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {2311E123-1CF1-11D8-85DE-E8A6F2801631} - hxxps://secure.24x7.rs/Volksbank/Retail/Pages/Download/CABS/DigitrustApiNetSetPlugIn.cab DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab TCP: Interfaces\{1DDD4FA1-6BF7-4428-9CC2-3078B984EE25} : NameServer = 194.106.162.2,194.106.162.3 AppInit_DLLs: c:\windows\system32\guard32.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\djordje\application data\mozilla\firefox\profiles\cp0h85d3.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.winamp.com/search/search?query={searchTerms}&invocationType=tb50-ff-winamp-chromesbox-en-us&tb_uuid=20110419181226897&tb_oid=20-04-2011&tb_mrud=20-04-2011&query= FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&invocationType=tb50-ff-winamp-ab-en-us&tb_uuid=20110419181226897&tb_oid=20-04-2011&tb_mrud=20-04-2011&query= FF - component: c:\documents and settings\djordje\application data\mozilla\firefox\profiles\cp0h85d3.default\extensions\ffxtlbr@facemoods.com\components\FFHst.dll FF - plugin: c:\documents and settings\djordje\local settings\application data\google\update\1.3.21.53\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 25680] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 26064] R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-3-7 14776] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 34384] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-9 299984] R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2011-1-15 87056] R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2011-1-15 24208] R2 avgfws;AVG zaštitni zid;c:\program files\avg\avg10\avgfws.exe [2010-11-22 3226632] R2 cmdAgent;COMODO Firewall Pro Helper Service;c:\program files\comodo\firewall\cmdagent.exe [2011-1-15 519936] R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2010-7-12 30432] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-19 123472] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-19 30288] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-19 26192] R3 Cap713x;Philips Cap713x Video Capture;c:\windows\system32\drivers\Cap713x.sys [2011-2-9 672128] S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 251728] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2010-11-23 6128208] S2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2010-10-22 265400] S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2010-7-12 30432] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2011-5-24 137600] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2011-5-24 8576] . =============== Created Last 30 ================ . 2011-07-06 13:50:35 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-07-04 13:34:13 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll 2011-07-04 13:34:12 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll 2011-06-28 07:30:17 -------- d-sh--r- c:\windows\CurrentUsers 2011-06-27 10:22:13 -------- d-sh--r- c:\windows\configuration 2011-06-27 10:22:07 -------- d-sh--r- c:\windows\CIDD_P 2011-06-15 17:48:38 105472 -c----w- c:\windows\system32\dllcache\mup.sys . ==================== Find3M ==================== . 2011-05-03 16:44:32 880 ----a-w- c:\documents and settings\djordje\desinstart.bat 2011-05-03 16:44:32 611 ----a-w- c:\documents and settings\djordje\desinst.bat 2011-05-03 16:44:32 171 ----a-w- c:\documents and settings\djordje\save_uninst.bat 2011-05-03 16:36:54 436792 ----a-w- c:\windows\system32\drivers\sptd.sys 2011-05-02 15:31:52 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 17:25:27 151552 ----a-w- c:\windows\system32\schannel.dll 2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-25 16:11:12 916480 ----a-w- c:\windows\system32\wininet.dll 2011-04-25 16:11:11 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-04-25 16:11:11 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-04-25 12:01:22 385024 ----a-w- c:\windows\system32\html.iec 2011-04-21 13:37:43 105472 ----a-w- c:\windows\system32\drivers\mup.sys 2011-04-19 18:10:23 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-04-19 18:10:23 472808 ----a-w- c:\windows\system32\deployJava1.dll . ============= FINISH: 21:57:27,17 =============== mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png

Profil

argus Poslao: 11 Jul 2011 22:55 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav. Pre svega imas dva aktivna Firewall-a na sistemu. AVG Internet Security 2011 COMODO Firewall Pro Deinstaliraj AVG a zatim preuzmi alat sa ovog linka i ocisti ostatke http://www.avg.com/ww-en/utilities Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix; u prozoru koji se otvori klikni "I Agree". U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

djole24 Poslao: 12 Jul 2011 22:58 Idi na vrh
offline djole24 Građanin Pridružio: 23 Feb 2008 Poruke: 46 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 11-07-12.09 - Djordje 12.07.2011 22:43:56.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.697 [GMT 2:00] Running from: c:\documents and settings\Djordje\My Documents\Downloads\ComboFix.exe AV: AVG Internet Security 2011 Enabled/Updated {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Firewall Disabled {8decf618-9569-4340-b34a-d78d28969b66} FW: COMODO Firewall Pro Enabled {043803A3-4F86-4ef6-AFC5-F6E02A79969B} . WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Djordje\Application Data\.# c:\documents and settings\Djordje\Application Data\facemoods.com c:\documents and settings\Djordje\Application Data\PriceGong c:\documents and settings\Djordje\Application Data\PriceGong\Data\1.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\a.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\b.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\c.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\d.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\e.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\f.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\g.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\h.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\i.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\J.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\k.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\l.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\m.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\mru.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\n.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\o.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\p.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\q.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\r.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\s.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\t.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\u.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\v.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\w.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\x.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\y.xml c:\documents and settings\Djordje\Application Data\PriceGong\Data\z.xml c:\documents and settings\Djordje\WINDOWS c:\windows\CIDD_P c:\windows\CIDD_P\446A6F72646A65\1.exe c:\windows\CIDD_P\446A6F72646A65\10.exe c:\windows\CIDD_P\446A6F72646A65\100.exe c:\windows\CIDD_P\446A6F72646A65\101.exe c:\windows\CIDD_P\446A6F72646A65\102.exe c:\windows\CIDD_P\446A6F72646A65\103.exe c:\windows\CIDD_P\446A6F72646A65\104.exe c:\windows\CIDD_P\446A6F72646A65\105.exe c:\windows\CIDD_P\446A6F72646A65\106.exe c:\windows\CIDD_P\446A6F72646A65\107.exe c:\windows\CIDD_P\446A6F72646A65\108.exe c:\windows\CIDD_P\446A6F72646A65\109.exe c:\windows\CIDD_P\446A6F72646A65\11.exe c:\windows\CIDD_P\446A6F72646A65\110.exe c:\windows\CIDD_P\446A6F72646A65\111.exe c:\windows\CIDD_P\446A6F72646A65\112.exe c:\windows\CIDD_P\446A6F72646A65\113.exe c:\windows\CIDD_P\446A6F72646A65\114.exe c:\windows\CIDD_P\446A6F72646A65\115.exe c:\windows\CIDD_P\446A6F72646A65\116.exe c:\windows\CIDD_P\446A6F72646A65\117.exe c:\windows\CIDD_P\446A6F72646A65\118.exe c:\windows\CIDD_P\446A6F72646A65\119.exe c:\windows\CIDD_P\446A6F72646A65\12.exe c:\windows\CIDD_P\446A6F72646A65\120.exe c:\windows\CIDD_P\446A6F72646A65\121.exe c:\windows\CIDD_P\446A6F72646A65\122.exe c:\windows\CIDD_P\446A6F72646A65\123.exe c:\windows\CIDD_P\446A6F72646A65\124.exe c:\windows\CIDD_P\446A6F72646A65\125.exe c:\windows\CIDD_P\446A6F72646A65\126.exe c:\windows\CIDD_P\446A6F72646A65\127.exe c:\windows\CIDD_P\446A6F72646A65\128.exe c:\windows\CIDD_P\446A6F72646A65\129.exe c:\windows\CIDD_P\446A6F72646A65\13.exe c:\windows\CIDD_P\446A6F72646A65\130.exe c:\windows\CIDD_P\446A6F72646A65\131.exe c:\windows\CIDD_P\446A6F72646A65\132.exe c:\windows\CIDD_P\446A6F72646A65\133.exe c:\windows\CIDD_P\446A6F72646A65\134.exe c:\windows\CIDD_P\446A6F72646A65\135.exe c:\windows\CIDD_P\446A6F72646A65\136.exe c:\windows\CIDD_P\446A6F72646A65\137.exe c:\windows\CIDD_P\446A6F72646A65\138.exe c:\windows\CIDD_P\446A6F72646A65\139.exe c:\windows\CIDD_P\446A6F72646A65\14.exe c:\windows\CIDD_P\446A6F72646A65\140.exe c:\windows\CIDD_P\446A6F72646A65\141.exe c:\windows\CIDD_P\446A6F72646A65\142.exe c:\windows\CIDD_P\446A6F72646A65\143.exe c:\windows\CIDD_P\446A6F72646A65\144.exe c:\windows\CIDD_P\446A6F72646A65\145.exe c:\windows\CIDD_P\446A6F72646A65\146.exe c:\windows\CIDD_P\446A6F72646A65\147.exe c:\windows\CIDD_P\446A6F72646A65\148.exe c:\windows\CIDD_P\446A6F72646A65\149.exe c:\windows\CIDD_P\446A6F72646A65\15.exe c:\windows\CIDD_P\446A6F72646A65\150.exe c:\windows\CIDD_P\446A6F72646A65\151.exe c:\windows\CIDD_P\446A6F72646A65\152.exe c:\windows\CIDD_P\446A6F72646A65\153.exe c:\windows\CIDD_P\446A6F72646A65\154.exe c:\windows\CIDD_P\446A6F72646A65\155.exe c:\windows\CIDD_P\446A6F72646A65\156.exe c:\windows\CIDD_P\446A6F72646A65\157.exe c:\windows\CIDD_P\446A6F72646A65\158.exe c:\windows\CIDD_P\446A6F72646A65\159.exe c:\windows\CIDD_P\446A6F72646A65\16.exe c:\windows\CIDD_P\446A6F72646A65\160.exe c:\windows\CIDD_P\446A6F72646A65\161.exe c:\windows\CIDD_P\446A6F72646A65\17.exe c:\windows\CIDD_P\446A6F72646A65\18.exe c:\windows\CIDD_P\446A6F72646A65\19.exe c:\windows\CIDD_P\446A6F72646A65\2.exe c:\windows\CIDD_P\446A6F72646A65\20.exe c:\windows\CIDD_P\446A6F72646A65\21.exe c:\windows\CIDD_P\446A6F72646A65\22.exe c:\windows\CIDD_P\446A6F72646A65\23.exe c:\windows\CIDD_P\446A6F72646A65\24.exe c:\windows\CIDD_P\446A6F72646A65\25.exe c:\windows\CIDD_P\446A6F72646A65\26.exe c:\windows\CIDD_P\446A6F72646A65\27.exe c:\windows\CIDD_P\446A6F72646A65\28.exe c:\windows\CIDD_P\446A6F72646A65\29.exe c:\windows\CIDD_P\446A6F72646A65\3.exe c:\windows\CIDD_P\446A6F72646A65\30.exe c:\windows\CIDD_P\446A6F72646A65\31.exe c:\windows\CIDD_P\446A6F72646A65\32.exe c:\windows\CIDD_P\446A6F72646A65\33.exe c:\windows\CIDD_P\446A6F72646A65\34.exe c:\windows\CIDD_P\446A6F72646A65\35.exe c:\windows\CIDD_P\446A6F72646A65\36.exe c:\windows\CIDD_P\446A6F72646A65\37.exe c:\windows\CIDD_P\446A6F72646A65\38.exe c:\windows\CIDD_P\446A6F72646A65\39.exe c:\windows\CIDD_P\446A6F72646A65\4.exe c:\windows\CIDD_P\446A6F72646A65\40.exe c:\windows\CIDD_P\446A6F72646A65\41.exe c:\windows\CIDD_P\446A6F72646A65\42.exe c:\windows\CIDD_P\446A6F72646A65\43.exe c:\windows\CIDD_P\446A6F72646A65\44.exe c:\windows\CIDD_P\446A6F72646A65\45.exe c:\windows\CIDD_P\446A6F72646A65\46.exe c:\windows\CIDD_P\446A6F72646A65\47.exe c:\windows\CIDD_P\446A6F72646A65\48.exe c:\windows\CIDD_P\446A6F72646A65\49.exe c:\windows\CIDD_P\446A6F72646A65\5.exe c:\windows\CIDD_P\446A6F72646A65\50.exe c:\windows\CIDD_P\446A6F72646A65\51.exe c:\windows\CIDD_P\446A6F72646A65\52.exe c:\windows\CIDD_P\446A6F72646A65\53.exe c:\windows\CIDD_P\446A6F72646A65\54.exe c:\windows\CIDD_P\446A6F72646A65\55.exe c:\windows\CIDD_P\446A6F72646A65\56.exe c:\windows\CIDD_P\446A6F72646A65\57.exe c:\windows\CIDD_P\446A6F72646A65\58.exe c:\windows\CIDD_P\446A6F72646A65\59.exe c:\windows\CIDD_P\446A6F72646A65\6.exe c:\windows\CIDD_P\446A6F72646A65\60.exe c:\windows\CIDD_P\446A6F72646A65\61.exe c:\windows\CIDD_P\446A6F72646A65\62.exe c:\windows\CIDD_P\446A6F72646A65\63.exe c:\windows\CIDD_P\446A6F72646A65\64.exe c:\windows\CIDD_P\446A6F72646A65\65.exe c:\windows\CIDD_P\446A6F72646A65\66.exe c:\windows\CIDD_P\446A6F72646A65\67.exe c:\windows\CIDD_P\446A6F72646A65\68.exe c:\windows\CIDD_P\446A6F72646A65\69.exe c:\windows\CIDD_P\446A6F72646A65\7.exe c:\windows\CIDD_P\446A6F72646A65\70.exe c:\windows\CIDD_P\446A6F72646A65\71.exe c:\windows\CIDD_P\446A6F72646A65\72.exe c:\windows\CIDD_P\446A6F72646A65\73.exe c:\windows\CIDD_P\446A6F72646A65\74.exe c:\windows\CIDD_P\446A6F72646A65\75.exe c:\windows\CIDD_P\446A6F72646A65\76.exe c:\windows\CIDD_P\446A6F72646A65\77.exe c:\windows\CIDD_P\446A6F72646A65\78.exe c:\windows\CIDD_P\446A6F72646A65\79.exe c:\windows\CIDD_P\446A6F72646A65\8.exe c:\windows\CIDD_P\446A6F72646A65\80.exe c:\windows\CIDD_P\446A6F72646A65\81.exe c:\windows\CIDD_P\446A6F72646A65\82.exe c:\windows\CIDD_P\446A6F72646A65\83.exe c:\windows\CIDD_P\446A6F72646A65\84.exe c:\windows\CIDD_P\446A6F72646A65\85.exe c:\windows\CIDD_P\446A6F72646A65\86.exe c:\windows\CIDD_P\446A6F72646A65\87.exe c:\windows\CIDD_P\446A6F72646A65\88.exe c:\windows\CIDD_P\446A6F72646A65\89.exe c:\windows\CIDD_P\446A6F72646A65\9.exe c:\windows\CIDD_P\446A6F72646A65\90.exe c:\windows\CIDD_P\446A6F72646A65\91.exe c:\windows\CIDD_P\446A6F72646A65\92.exe c:\windows\CIDD_P\446A6F72646A65\93.exe c:\windows\CIDD_P\446A6F72646A65\94.exe c:\windows\CIDD_P\446A6F72646A65\95.exe c:\windows\CIDD_P\446A6F72646A65\96.exe c:\windows\CIDD_P\446A6F72646A65\97.exe c:\windows\CIDD_P\446A6F72646A65\98.exe c:\windows\CIDD_P\446A6F72646A65\99.exe c:\windows\CIDD_P\446A6F72646A65\br.dll c:\windows\CIDD_P\446A6F72646A65\nam.dll c:\windows\CIDD_P\446A6F72646A65\stp.dll c:\windows\CIDD_P\446A6F72646A65\sys.dll c:\windows\CIDD_P\lsass.exe c:\windows\configuration c:\windows\configuration\configuration.exe c:\windows\system32\_000005_.tmp.dll c:\windows\system32\_000006_.tmp.dll c:\windows\system32\_000007_.tmp.dll c:\windows\system32\_000008_.tmp.dll c:\windows\system32\_000009_.tmp.dll c:\windows\system32\_000013_.tmp.dll c:\windows\system32\_000018_.tmp.dll c:\windows\system32\_000019_.tmp.dll c:\windows\system32\_000020_.tmp.dll . . ((((((((((((((((((((((((( Files Created from 2011-06-12 to 2011-07-12 ))))))))))))))))))))))))))))))) . . 2011-07-06 13:50 . 2011-07-06 13:50 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-07-04 13:34 . 2011-07-04 13:34 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2011-07-04 13:34 . 2011-07-04 13:34 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll 2011-06-28 07:30 . 2011-06-28 07:30 -------- d-sh--r- c:\windows\CurrentUsers 2011-06-15 17:48 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-02 14:02 . 2004-08-04 01:07 1858944 ----a-w- c:\windows\system32\win32k.sys 2011-05-03 16:44 . 2011-05-03 16:44 880 ----a-w- c:\documents and settings\Djordje\desinstart.bat 2011-05-03 16:44 . 2011-05-03 16:44 611 ----a-w- c:\documents and settings\Djordje\desinst.bat 2011-05-03 16:44 . 2011-05-03 16:44 171 ----a-w- c:\documents and settings\Djordje\save_uninst.bat 2011-05-03 16:36 . 2011-05-03 16:36 436792 ----a-w- c:\windows\system32\drivers\sptd.sys 2011-05-02 15:31 . 2010-10-10 10:27 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 17:25 . 2004-08-04 01:07 151552 ----a-w- c:\windows\system32\schannel.dll 2011-04-29 16:19 . 2004-08-04 01:07 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-26 11:07 . 2004-08-04 01:07 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-04-26 11:07 . 2004-08-04 01:07 293376 ----a-w- c:\windows\system32\winsrv.dll 2011-04-25 16:11 . 2004-08-04 01:07 916480 ----a-w- c:\windows\system32\wininet.dll 2011-04-25 16:11 . 2004-08-04 01:07 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-04-25 16:11 . 2004-08-04 01:07 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-04-25 12:01 . 2004-08-04 01:07 385024 ----a-w- c:\windows\system32\html.iec 2011-04-21 13:37 . 2004-08-04 01:07 105472 ----a-w- c:\windows\system32\drivers\mup.sys 2011-04-19 18:10 . 2011-04-19 18:09 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-04-19 18:10 . 2010-10-11 15:37 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-07-04 13:34 . 2011-03-24 18:49 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2011-03-11 1373512] . [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}] [HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "COMODO Firewall Pro"="c:\program files\COMODO\Firewall\cfp.exe" [2011-01-15 1655552] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480] "C-Media Mixer"="Mixer.exe" [2002-10-15 1818624] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\guard32.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk \0smartdefragboottime.exe . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "e:\\Program Files\\Konami\\pes11\\pes2011.exe"= "c:\\Documents and Settings\\Djordje\\Desktop\\uTorrent.exe"= "e:\\Program Files\\Konami\\pes11\\Pes JSL by JG.exe"= "e:\\Program Files\\Konami\\pes11\\JSL-2011.exe"= . R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [7.3.2011 17:58 14776] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3.5.2011 18:36 436792] R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [15.1.2011 22:23 87056] R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [15.1.2011 22:23 24208] R3 Cap713x;Philips Cap713x Video Capture;c:\windows\system32\drivers\Cap713x.sys [9.2.2011 20:46 672128] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [24.5.2011 16:24 137600] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [24.5.2011 16:24 8576] . Contents of the 'Scheduled Tasks' folder . 2011-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-842925246-854245398-1003Core.job - c:\documents and settings\Djordje\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-10 16:34] . 2011-07-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-842925246-854245398-1003UA.job - c:\documents and settings\Djordje\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-10 16:34] . 2011-07-12 c:\windows\Tasks\SmartDefrag_Startup.job - e:\program files\Smart Defrag 2\SmartDefrag.exe [2011-03-07 17:56] . 2011-07-12 c:\windows\Tasks\User_Feed_Synchronization-{811FB5AF-4180-4028-83FC-82BE75514750}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://google.com/ LSP: e:\program files\Advanced SystemCare 3\SPICtrl.dll TCP: Interfaces\{1DDD4FA1-6BF7-4428-9CC2-3078B984EE25}: NameServer = 194.106.162.2,194.106.162.3 DPF: {2311E123-1CF1-11D8-85DE-E8A6F2801631} - hxxps://secure.24x7.rs/Volksbank/Retail/Pages/Download/CABS/DigitrustApiNetSetPlugIn.cab FF - ProfilePath - c:\documents and settings\Djordje\Application Data\Mozilla\Firefox\Profiles\cp0h85d3.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.winamp.com/search/search?query={searchTerms}&invocationType=tb50-ff-winamp-chromesbox-en-us&tb_uuid=20110419181226897&tb_oid=20-04-2011&tb_mrud=20-04-2011&query= FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&invocationType=tb50-ff-winamp-ab-en-us&tb_uuid=20110419181226897&tb_oid=20-04-2011&tb_mrud=20-04-2011&query= FF - user.js: network.protocol-handler.warn-external.dnupdate - false . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file) BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKLM-Run-configuration - c:\windows\configuration\configuration.exe . . . *********************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2011-07-12 22:56 Windows 5.1.2600 Service Pack 3 NTFS . detected NTDLL code modification: ZwClose . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(748-) c:\windows\system32\guard32.dll . - - - - - - - > 'lsass.exe'(804) c:\windows\system32\guard32.dll e:\program files\Advanced SystemCare 3\SPICtrl.dll . Completion time: 2011-07-12 22:58:58 ComboFix-quarantined-files.txt 2011-07-12 20:58 . Pre-Run: 59.127.091.200 bytes free Post-Run: 59.103.973.376 bytes free . - - End Of File - - F94FB0CD5A0D5EF7C75EE5FFC3028C4F

Profil

argus Poslao: 12 Jul 2011 23:13 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Reci mi kakvo je stanje sada, imas li problema? Imamo jos nesto da odradimo, to cemo sutra. U medjuvremenu: - Preporucujem da za zastitu USB memorijskih uredjaja koristis MCShield. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja. Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan. Home Page MCShield-a: http://amf.mycity.rs/programs/mc/mcshield/ Vise o MCShield-u mozes saznati u ovoj temi: http://www.mycity.rs/Antispyware-programi/MCShield.html

Profil

djole24 Poslao: 12 Jul 2011 23:37 Idi na vrh
offline djole24 Građanin Pridružio: 23 Feb 2008 Poruke: 46 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 12 Jul 2011 23:23 ok javljam hvala puno i vidimo se sutra da odradim sta jos treba . Dopuna: 12 Jul 2011 23:37 evo restartovao sam komp da vidim sta se desava i opet mi izbacuje 4 prozora na dva pise c:\WINDOWS\CIDD_P\446A6F61\7.exe c:\WINDOWS\CIDD_P\446A6F61\8.exe a na samom prozoru pise 16bit ms dos subsystem i imam ponudjeno close ili ignore

Profil

argus Poslao: 13 Jul 2011 13:07 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	1Ovo se svidja korisniku: ThePhilosopher Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `SecCenter:: {17DDD097-36FF-435F-9E1B-52D74245D6BF} {8decf618-9569-4340-b34a-d78d28969b66} DirLook:: c:\windows\CurrentUsers` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

djole24 Poslao: 13 Jul 2011 16:39 Idi na vrh
offline djole24 Građanin Pridružio: 23 Feb 2008 Poruke: 46 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 13 Jul 2011 16:37 ComboFix 11-07-12.09 - Djordje 13.07.2011 16:29:23.3.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.577 [GMT 2:00] Running from: c:\documents and settings\Djordje\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Djordje\Desktop\CFScript.txt FW: COMODO Firewall Pro Enabled {043803A3-4F86-4ef6-AFC5-F6E02A79969B} . WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\CIDD_P c:\windows\CIDD_P\446A6F72646A65\1.exe c:\windows\CIDD_P\446A6F72646A65\2.exe c:\windows\CIDD_P\446A6F72646A65\3.exe c:\windows\CIDD_P\446A6F72646A65\4.exe c:\windows\CIDD_P\446A6F72646A65\br.dll c:\windows\CIDD_P\446A6F72646A65\nam.dll c:\windows\CIDD_P\446A6F72646A65\stp.dll c:\windows\CIDD_P\lsass.exe c:\windows\configuration c:\windows\configuration\configuration.exe . . ((((((((((((((((((((((((( Files Created from 2011-06-13 to 2011-07-13 ))))))))))))))))))))))))))))))) . . 2011-07-12 21:26 . 2011-07-13 14:28 -------- d-----w- c:\documents and settings\Djordje\Application Data\MCShield 2011-07-06 13:50 . 2011-07-06 13:50 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-07-04 13:34 . 2011-07-04 13:34 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2011-07-04 13:34 . 2011-07-04 13:34 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll 2011-06-28 07:30 . 2011-06-28 07:30 -------- d-sh--r- c:\windows\CurrentUsers 2011-06-15 17:48 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-02 14:02 . 2004-08-04 01:07 1858944 ----a-w- c:\windows\system32\win32k.sys 2011-05-03 16:44 . 2011-05-03 16:44 880 ----a-w- c:\documents and settings\Djordje\desinstart.bat 2011-05-03 16:44 . 2011-05-03 16:44 611 ----a-w- c:\documents and settings\Djordje\desinst.bat 2011-05-03 16:44 . 2011-05-03 16:44 171 ----a-w- c:\documents and settings\Djordje\save_uninst.bat 2011-05-03 16:36 . 2011-05-03 16:36 436792 ----a-w- c:\windows\system32\drivers\sptd.sys 2011-05-02 15:31 . 2010-10-10 10:27 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 17:25 . 2004-08-04 01:07 151552 ----a-w- c:\windows\system32\schannel.dll 2011-04-29 16:19 . 2004-08-04 01:07 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-26 11:07 . 2004-08-04 01:07 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-04-26 11:07 . 2004-08-04 01:07 293376 ----a-w- c:\windows\system32\winsrv.dll 2011-04-25 16:11 . 2004-08-04 01:07 916480 ----a-w- c:\windows\system32\wininet.dll 2011-04-25 16:11 . 2004-08-04 01:07 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-04-25 16:11 . 2004-08-04 01:07 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-04-25 12:01 . 2004-08-04 01:07 385024 ----a-w- c:\windows\system32\html.iec 2011-04-21 13:37 . 2004-08-04 01:07 105472 ----a-w- c:\windows\system32\drivers\mup.sys 2011-04-19 18:10 . 2011-04-19 18:09 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-04-19 18:10 . 2010-10-11 15:37 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-07-04 13:34 . 2011-03-24 18:49 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of c:\windows\CurrentUsers ---- . 2011-06-28 07:30 . 2011-06-28 07:30 34 --sha-r- c:\windows\CurrentUsers\Djordje\Desktop\winamp.dll 2011-06-28 07:30 . 2009-04-30 02:32 263905 ----a-w- c:\windows\CurrentUsers\Djordje\Desktop\winamp.exe 2011-06-28 07:30 . 2011-06-28 07:30 51 --sha-r- c:\windows\CurrentUsers\Djordje\Desktop\game.dll 2011-06-28 07:30 . 2009-04-30 02:32 263905 ----a-w- c:\windows\CurrentUsers\Djordje\Desktop\game.exe 2011-06-28 07:30 . 2011-06-28 07:30 41 --sha-r- c:\windows\CurrentUsers\Djordje\Desktop\pes2011.dll 2011-06-28 07:30 . 2009-04-30 02:32 263905 ----a-w- c:\windows\CurrentUsers\Djordje\Desktop\pes2011.exe 2011-06-28 07:30 . 2011-06-28 07:30 35 --sha-r- c:\windows\CurrentUsers\Djordje\Desktop\nero.dll 2011-06-28 07:30 . 2009-04-30 02:32 263905 ----a-w- c:\windows\CurrentUsers\Djordje\Desktop\nero.exe 2011-06-28 07:30 . 2011-06-28 07:30 47 --sha-r- c:\windows\CurrentUsers\Djordje\Desktop\iexplore.dll 2011-06-28 07:30 . 2009-04-30 02:32 263905 ----a-w- c:\windows\CurrentUsers\Djordje\Desktop\iexplore.exe 2011-06-28 07:30 . 2011-06-28 07:30 102 --sha-r- c:\windows\CurrentUsers\Djordje\Desktop\chrome.dll 2011-06-28 07:30 . 2009-04-30 02:32 263905 ----a-w- c:\windows\CurrentUsers\Djordje\Desktop\chrome.exe 2011-06-28 07:30 . 2011-06-28 07:30 38 --sha-r- c:\windows\CurrentUsers\Djordje\Desktop\CCleaner.dll 2011-06-28 07:30 . 2009-04-30 02:32 263905 ----a-w- c:\windows\CurrentUsers\Djordje\Desktop\CCleaner.exe 2011-06-28 07:30 . 2011-06-28 07:30 38 --sha-r- c:\windows\CurrentUsers\Djordje\Desktop\bsplayer.dll 2011-06-28 07:30 . 2009-04-30 02:32 263905 ----a-w- c:\windows\CurrentUsers\Djordje\Desktop\bsplayer.exe 2011-06-28 07:30 . 2011-06-28 07:30 55 --sha-r- c:\windows\CurrentUsers\Djordje\Desktop\VideoConverter.dll 2011-06-28 07:30 . 2009-04-30 02:32 263905 ----a-w- c:\windows\CurrentUsers\Djordje\Desktop\VideoConverter.exe . . ((((((((((((((((((((((((((((( SnapShot@2011-07-12_20.56.06 ))))))))))))))))))))))))))))))))))))))))) . + 2011-07-13 14:02 . 2011-07-13 14:02 16384 c:\windows\Temp\Perflib_Perfdata_c0.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2011-03-11 1373512] . [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}] [HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MCShield"="e:\program files\MCShield\MCShieldRTM.exe" [2011-03-26 262144] "MCShieldTray"="e:\program files\MCShield\MCShieldTray.exe" [2010-11-04 73728] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "COMODO Firewall Pro"="c:\program files\COMODO\Firewall\cfp.exe" [2011-01-15 1655552] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480] "C-Media Mixer"="Mixer.exe" [2002-10-15 1818624] "configuration"="c:\windows\configuration\configuration.exe" [BU] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\guard32.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk \0SmartDefragBootTime.exe . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "e:\\Program Files\\Konami\\pes11\\pes2011.exe"= "c:\\Documents and Settings\\Djordje\\Desktop\\uTorrent.exe"= "e:\\Program Files\\Konami\\pes11\\Pes JSL by JG.exe"= "e:\\Program Files\\Konami\\pes11\\JSL-2011.exe"= . R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [7.3.2011 17:58 14776] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3.5.2011 18:36 436792] R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [15.1.2011 22:23 87056] R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [15.1.2011 22:23 24208] R3 Cap713x;Philips Cap713x Video Capture;c:\windows\system32\drivers\Cap713x.sys [9.2.2011 20:46 672128] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [24.5.2011 16:24 137600] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [24.5.2011 16:24 8576] . Contents of the 'Scheduled Tasks' folder . 2011-07-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-842925246-854245398-1003Core.job - c:\documents and settings\Djordje\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-10 16:34] . 2011-07-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-842925246-854245398-1003UA.job - c:\documents and settings\Djordje\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-10 16:34] . 2011-07-13 c:\windows\Tasks\SmartDefrag_Startup.job - e:\program files\Smart Defrag 2\SmartDefrag.exe [2011-03-07 17:56] . 2011-07-13 c:\windows\Tasks\User_Feed_Synchronization-{811FB5AF-4180-4028-83FC-82BE75514750}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://google.com/ LSP: e:\program files\Advanced SystemCare 3\SPICtrl.dll TCP: Interfaces\{1DDD4FA1-6BF7-4428-9CC2-3078B984EE25}: NameServer = 194.106.162.2,194.106.162.3 DPF: {2311E123-1CF1-11D8-85DE-E8A6F2801631} - hxxps://secure.24x7.rs/Volksbank/Retail/Pages/Download/CABS/DigitrustApiNetSetPlugIn.cab FF - ProfilePath - c:\documents and settings\Djordje\Application Data\Mozilla\Firefox\Profiles\cp0h85d3.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.winamp.com/search/search?query={searchTerms}&invocationType=tb50-ff-winamp-chromesbox-en-us&tb_uuid=20110419181226897&tb_oid=20-04-2011&tb_mrud=20-04-2011&query= FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&invocationType=tb50-ff-winamp-ab-en-us&tb_uuid=20110419181226897&tb_oid=20-04-2011&tb_mrud=20-04-2011&query= FF - user.js: network.protocol-handler.warn-external.dnupdate - false . . *********************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2011-07-13 16:34 Windows 5.1.2600 Service Pack 3 NTFS . detected NTDLL code modification: ZwClose . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(752) c:\windows\system32\guard32.dll . - - - - - - - > 'lsass.exe'(808-) c:\windows\system32\guard32.dll e:\program files\Advanced SystemCare 3\SPICtrl.dll . Completion time: 2011-07-13 16:36:59 ComboFix-quarantined-files.txt 2011-07-13 14:36 . Pre-Run: 59.026.608.128 bytes free Post-Run: 59.011.584.000 bytes free . - - End Of File - - F6B86E882528B50E2F80F0C6FFC42A05 mycity.rs/must-login.png Dopuna: 13 Jul 2011 16:39 Odradjeno kao sto si rekao,cekam dalja upustva samo da napomenem da mi je opet napomenuo kad je pokrenuo combofix da mi je ukljucen avg internet secyurity 2011,pokusao sam da ga pronadjem u pretrazivacu i pokazuje mi da ga nema?

Profil

argus Poslao: 13 Jul 2011 16:45 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\windows\configuration\configuration.exe Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "configuration"=-` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

djole24 Poslao: 13 Jul 2011 23:07 Idi na vrh
offline djole24 Građanin Pridružio: 23 Feb 2008 Poruke: 46 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 13 Jul 2011 21:15 ComboFix 11-07-12.09 - Djordje 13.07.2011 16:55:40.4.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.740 [GMT 2:00] Running from: c:\documents and settings\Djordje\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Djordje\Desktop\CFScript.txt FW: COMODO Firewall Pro Enabled {043803A3-4F86-4ef6-AFC5-F6E02A79969B} . WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . FILE :: "c:\windows\configuration\configuration.exe" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\CIDD_P c:\windows\CIDD_P\446A6F72646A65\1.exe c:\windows\CIDD_P\446A6F72646A65\2.exe c:\windows\CIDD_P\446A6F72646A65\3.exe c:\windows\CIDD_P\446A6F72646A65\4.exe c:\windows\CIDD_P\446A6F72646A65\5.exe c:\windows\CIDD_P\446A6F72646A65\6.exe c:\windows\CIDD_P\446A6F72646A65\7.exe c:\windows\CIDD_P\446A6F72646A65\8.exe c:\windows\CIDD_P\446A6F72646A65\br.dll c:\windows\CIDD_P\446A6F72646A65\nam.dll c:\windows\CIDD_P\446A6F72646A65\stp.dll c:\windows\CIDD_P\lsass.exe c:\windows\configuration c:\windows\configuration\configuration.exe . . ((((((((((((((((((((((((( Files Created from 2011-06-13 to 2011-07-13 ))))))))))))))))))))))))))))))) . . 2011-07-12 21:26 . 2011-07-13 14:46 -------- d-----w- c:\documents and settings\Djordje\Application Data\MCShield 2011-07-06 13:50 . 2011-07-06 13:50 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-07-04 13:34 . 2011-07-04 13:34 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2011-07-04 13:34 . 2011-07-04 13:34 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll 2011-06-28 07:30 . 2011-06-28 07:30 -------- d-sh--r- c:\windows\CurrentUsers 2011-06-15 17:48 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-02 14:02 . 2004-08-04 01:07 1858944 ----a-w- c:\windows\system32\win32k.sys 2011-05-03 16:44 . 2011-05-03 16:44 880 ----a-w- c:\documents and settings\Djordje\desinstart.bat 2011-05-03 16:44 . 2011-05-03 16:44 611 ----a-w- c:\documents and settings\Djordje\desinst.bat 2011-05-03 16:44 . 2011-05-03 16:44 171 ----a-w- c:\documents and settings\Djordje\save_uninst.bat 2011-05-03 16:36 . 2011-05-03 16:36 436792 ----a-w- c:\windows\system32\drivers\sptd.sys 2011-05-02 15:31 . 2010-10-10 10:27 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 17:25 . 2004-08-04 01:07 151552 ----a-w- c:\windows\system32\schannel.dll 2011-04-29 16:19 . 2004-08-04 01:07 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-26 11:07 . 2004-08-04 01:07 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-04-26 11:07 . 2004-08-04 01:07 293376 ----a-w- c:\windows\system32\winsrv.dll 2011-04-25 16:11 . 2004-08-04 01:07 916480 ----a-w- c:\windows\system32\wininet.dll 2011-04-25 16:11 . 2004-08-04 01:07 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-04-25 16:11 . 2004-08-04 01:07 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-04-25 12:01 . 2004-08-04 01:07 385024 ----a-w- c:\windows\system32\html.iec 2011-04-21 13:37 . 2004-08-04 01:07 105472 ----a-w- c:\windows\system32\drivers\mup.sys 2011-04-19 18:10 . 2011-04-19 18:09 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-04-19 18:10 . 2010-10-11 15:37 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-07-04 13:34 . 2011-03-24 18:49 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-07-12_20.56.06 ))))))))))))))))))))))))))))))))))))))))) . + 2011-07-13 14:45 . 2011-07-13 14:45 16384 c:\windows\Temp\Perflib_Perfdata_228.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2011-03-11 1373512] . [HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}] [HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MCShield"="e:\program files\MCShield\MCShieldRTM.exe" [2011-03-26 262144] "MCShieldTray"="e:\program files\MCShield\MCShieldTray.exe" [2010-11-04 73728] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "COMODO Firewall Pro"="c:\program files\COMODO\Firewall\cfp.exe" [2011-01-15 1655552] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480] "C-Media Mixer"="Mixer.exe" [2002-10-15 1818624] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLinkedConnections"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\guard32.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk \0SmartDefragBootTime.exe . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "e:\\Program Files\\Konami\\pes11\\pes2011.exe"= "c:\\Documents and Settings\\Djordje\\Desktop\\uTorrent.exe"= "e:\\Program Files\\Konami\\pes11\\Pes JSL by JG.exe"= "e:\\Program Files\\Konami\\pes11\\JSL-2011.exe"= . R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [7.3.2011 17:58 14776] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3.5.2011 18:36 436792] R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [15.1.2011 22:23 87056] R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [15.1.2011 22:23 24208] R3 Cap713x;Philips Cap713x Video Capture;c:\windows\system32\drivers\Cap713x.sys [9.2.2011 20:46 672128] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [24.5.2011 16:24 137600] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [24.5.2011 16:24 8576] . Contents of the 'Scheduled Tasks' folder . 2011-07-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-842925246-854245398-1003Core.job - c:\documents and settings\Djordje\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-10 16:34] . 2011-07-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-842925246-854245398-1003UA.job - c:\documents and settings\Djordje\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-10-10 16:34] . 2011-07-13 c:\windows\Tasks\SmartDefrag_Startup.job - e:\program files\Smart Defrag 2\SmartDefrag.exe [2011-03-07 17:56] . 2011-07-13 c:\windows\Tasks\User_Feed_Synchronization-{811FB5AF-4180-4028-83FC-82BE75514750}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://google.com/ LSP: e:\program files\Advanced SystemCare 3\SPICtrl.dll TCP: Interfaces\{1DDD4FA1-6BF7-4428-9CC2-3078B984EE25}: NameServer = 194.106.162.2,194.106.162.3 DPF: {2311E123-1CF1-11D8-85DE-E8A6F2801631} - hxxps://secure.24x7.rs/Volksbank/Retail/Pages/Download/CABS/DigitrustApiNetSetPlugIn.cab FF - ProfilePath - c:\documents and settings\Djordje\Application Data\Mozilla\Firefox\Profiles\cp0h85d3.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.winamp.com/search/search?query={searchTerms}&invocationType=tb50-ff-winamp-chromesbox-en-us&tb_uuid=20110419181226897&tb_oid=20-04-2011&tb_mrud=20-04-2011&query= FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&invocationType=tb50-ff-winamp-ab-en-us&tb_uuid=20110419181226897&tb_oid=20-04-2011&tb_mrud=20-04-2011&query= FF - user.js: network.protocol-handler.warn-external.dnupdate - false . . *********************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2011-07-13 17:02 Windows 5.1.2600 Service Pack 3 NTFS . detected NTDLL code modification: ZwClose . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(752) c:\windows\system32\guard32.dll . - - - - - - - > 'lsass.exe'(808-) c:\windows\system32\guard32.dll e:\program files\Advanced SystemCare 3\SPICtrl.dll . Completion time: 2011-07-13 17:05:10 ComboFix-quarantined-files.txt 2011-07-13 15:05 ComboFix2.txt 2011-07-13 14:37 . Pre-Run: 59.019.001.856 bytes free Post-Run: 59.003.322.368 bytes free . - - End Of File - - CA4941AED1797C029B54DB25E055A830 mycity.rs/must-login.png Dopuna: 13 Jul 2011 23:07 Posle reseta sad mi pali prozore sa ovim stavkama C:\WINDOWS\CIDD_P\446A6F^1\9.exe C:\WINDOWS\CIDD_P\446A6F^1\10.exe C:\WINDOWS\CIDD_P\446A6F^1\11.exe C:\WINDOWS\CIDD_P\446A6F^1\12.exe

Profil

argus Poslao: 13 Jul 2011 23:47 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi The Avenger na Desktop. Raspakuj arhivu u neki folder Dvoklikom pokreni avenger.exe Iskopiraj tekst koji se nalazi unutar Kod polja u (beli) prozor programa: `Folders to delete: c:\windows\CIDD_P c:\windows\configuration` Klikni Execute, a zatim Yes u sledeća dva prozora koji će se otvoriti Kompjuter će se restartovati (u određenim slučajevima: dva puta) i započeti će proces čišćenja/skeniranja Kada proces bude završen, logfile C:\avenger.txt će se otvoriti u Notepad-u Iskopiraj sadržaj dobijenog loga u temu na forumu. Zatim obrisi ikonicu Combofixa, preuzmi novi, pokreni ga i postavi mi svezi log.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Problem sa kompom molim za pomoc!!!

Ko je trenutno na forumu

Ukupno su 741 korisnika na forumu :: 25 registrovanih, 2 sakrivenih i 714 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., antonije64, Boris BM, cuculo, debeli, draganca, dushan, helen1, Herman Terrance Aubrey, janbo, krkalon, Kubovac, laki_bb, Mi lao shu, MiroslavD, mkukoleca, Mlav, naki011, rodoljub, S2M, Srki94, stegonosa, vathra, vlajkox, |_MeD_|

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by