MyCity » Ambulanta -> Arhiva Ambulante » Trojan personal shield pro version 2.20

Trojan personal shield pro version 2.20

Napisano na dan: 24.8.2011

Trojan personal shield pro version 2.20

Sledeća strana

Pagination

Odgovori

dexon303 Poslao: 24 Avg 2011 17:07 Idi na vrh
offline dexon303 Građanin Pridružio: 18 Avg 2006 Poruke: 37	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo ovako javio mi se malopre problem tako sto je odjednom iz cista mira poplavila slika na desktopu i poceo je sam od sebe program kojis e nodkuda stvorio da skenira i nalazi raznorazne trojance i spyware.Posle toga kada sam isao na opciju remove all uputio me je na neku stranicu gde se taj program naplacuje da bi se ocistili ti virusi.Obavestenja mi se javljaju sa desne strane dole odmah pored sata da je kompjuter inficiran i stvorila se ikonica za ovaj personal shield pro version 2.20.E sad imam problem sa tim sto ne mogu da pokrenem ni jedan jedini program,cak mi ne dozvoljava ni ove za forum da ih pokrenem.Nece ni kaspesky da se pokrene,kada hocu da pokrenem bilo koji program obavestenje je sledece:Warning!Aplication cannot be executed!This file is infected!Molim za pomoc i sta da radim?

Profil

NIx Car Poslao: 24 Avg 2011 17:36 Idi na vrh
offline NIx Car Legendarni građanin Més que un club Glavni vokal @ Harpun Pridružio: 27 Feb 2009 Poruke: 3898 Gde živiš: Novi Sad,Klisa	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav dexon303 U ovom potforumu postoje neka pravila pre otvaranja teme,te bih te zamolio da ih procitas i da postavis odgovarajuce logove. http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html NIx Car (AMF Tim)

Profil

dexon303 Poslao: 24 Avg 2011 19:53 Idi na vrh
offline dexon303 Građanin Pridružio: 18 Avg 2006 Poruke: 37	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 24 Avg 2011 18:11 Da jasna su meni bila pravila pre postavljanje poruke,problem je u tome sto ne mogu da pokrenem ni jedan moguci program da bi okacio log.Virusa mi blokira svaki program vec sam naveo i ne mogu da pokrecem programe.Ako si pazljivo procitao gore navedeno poruku onda si i shvatio da je tako... Dopuna: 24 Avg 2011 19:53 Evo uspeo sam da odradim log sa combofix programom i za divno cudo sada nemam problema i uspevam da pokrecem programe i vise mi ne izbacuje obavestenje o virusi evo log: ComboFix 11-08-24.03 - dejan 08/24/2011 19:15:47.1.1 - x86 MINIMAL Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.224.112 [GMT 2:00] Running from: c:\documents and settings\dejan\Desktop\ComboFix.exe . WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\common.data c:\documents and settings\All Users\Application Data\fF02300AkPcF02300 c:\documents and settings\All Users\Application Data\fF02300AkPcF02300\fF02300AkPcF02300 c:\documents and settings\All Users\Application Data\fF02300AkPcF02300\fF02300AkPcF02300.exe c:\documents and settings\dejan\Application Data\PriceGong c:\documents and settings\dejan\Application Data\PriceGong\Data\1.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\a.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\b.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\c.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\d.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\e.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\f.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\g.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\h.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\i.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\J.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\k.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\l.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\m.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\mru.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\n.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\o.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\p.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\q.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\r.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\s.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\t.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\u.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\v.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\w.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\x.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\y.xml c:\documents and settings\dejan\Application Data\PriceGong\Data\z.xml c:\documents and settings\dejan\WINDOWS c:\windows\system\BCBSMP35.BPL . . ((((((((((((((((((((((((( Files Created from 2011-07-24 to 2011-08-24 ))))))))))))))))))))))))))))))) . . 2011-08-23 16:17 . 2011-08-23 16:17 94208 ----a-w- c:\windows\system32\drivers\buwckuux.sys 2011-08-05 19:06 . 2011-08-24 10:18 -------- d-----w- c:\documents and settings\dejan\Application Data\Skype 2011-08-05 19:06 . 2011-08-05 19:08 -------- d-----r- c:\program files\Skype 2011-08-05 19:05 . 2011-08-05 19:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2011-07-30 18:17 . 2011-07-30 18:17 -------- d-----w- c:\documents and settings\dejan\Local Settings\Application Data\Babylon 2011-07-30 18:17 . 2011-07-30 18:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon 2011-07-30 18:17 . 2011-07-30 18:17 -------- d-----w- c:\documents and settings\dejan\Application Data\Babylon . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-04 02:00 . 2011-06-04 02:00 12521992 ----a-w- C:\Firefox Setup 4.0.1.exe 2011-06-03 16:31 . 2011-06-03 16:31 7648768 ----a-w- C:\Opera_1111_en_Setup.exe 2011-08-18 03:36 . 2011-06-04 02:01 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-07-29 17361032] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "tsnpstd3"="c:\windows\tsnpstd3.exe" [2006-06-19 262144] "snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392] "ASUS Probe"="c:\program files\ASUS\Probe\AsusProb.exe" [2002-12-06 617984] . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoThumbnailCache"= 1 (0x1) HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Probe] 2002-12-06 14:07 617984 -c--a-w- c:\program files\ASUS\Probe\AsusProb.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2010-04-16 20:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiS Tray] 2003-10-30 12:10 667648 -c--a-w- c:\windows\system32\sistray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiS Windows KeyHook] 2003-10-30 12:09 249856 -c--a-w- c:\windows\system32\Keyhook.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smapp] 2003-05-05 06:57 143360 -c--a-w- c:\program files\Analog Devices\SoundMAX\SMTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3] 2006-09-19 07:07 827392 ----a-w- c:\windows\vsnpstd3.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnpstd3] 2006-06-19 09:43 262144 ----a-w- c:\windows\tsnpstd3.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WMPNetworkSvc"=3 (0x3) "JavaQuickStarterService"=2 (0x2) . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableNotifications"= 1 (0x1) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "c:\\Program Files\\Opera\\opera.exe"= . R2 buwckuux;buwckuux; [x] . . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.babylon.com/home?AF=18322 mStart Page = hxxp://www.yahoo.com TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\dejan\Application Data\Mozilla\Firefox\Profiles\9armk4j2.default\ FF - prefs.js: browser.startup.homepage - google.com FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=toolbar2&q= . - - - - ORPHANS REMOVED - - - - . WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-POEngine5 - (no file) SafeBoot-buwckuux MSConfigStartUp-Advanced SystemCare 3 - c:\program files\IObit\Advanced SystemCare 3\AWC.exe . . . ************************************************************************ . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2011-08-24 19:39 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************ . Completion time: 2011-08-24 19:46:34 ComboFix-quarantined-files.txt 2011-08-24 17:46 . Pre-Run: 2,847,657,984 bytes free Post-Run: 2,963,140,608 bytes free . - - End Of File - - F4C77ED57FDD1DB50C5B9ECD3E49B1C0

Profil

NIx Car Poslao: 25 Avg 2011 10:58 Idi na vrh
offline NIx Car Legendarni građanin Més que un club Glavni vokal @ Harpun Pridružio: 27 Feb 2009 Poruke: 3898 Gde živiš: Novi Sad,Klisa	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\windows\system32\drivers\buwckuux.sys Driver:: buwckuux DDS:: uStart Page = hxxp://search.babylon.com/home?AF=18322 Firefox:: FF - ProfilePath - c:\documents and settings\dejan\Application Data\Mozilla\Firefox\Profiles\9armk4j2.default\ FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=toolbar2&q=` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja. NIx Car (AMF Tim)

Profil

dexon303 Poslao: 25 Avg 2011 17:29 Idi na vrh
offline dexon303 Građanin Pridružio: 18 Avg 2006 Poruke: 37	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U redu evo uradio sam tako: ComboFix 11-08-24.06 - dejan 08/25/2011 17:04:14.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.224.118 [GMT 2:00] Running from: c:\documents and settings\dejan\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\dejan\Desktop\CFScript.txt . FILE :: "c:\windows\system32\drivers\buwckuux.sys" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_BUWCKUUX -------\Service_buwckuux . . ((((((((((((((((((((((((( Files Created from 2011-07-25 to 2011-08-25 ))))))))))))))))))))))))))))))) . . 2011-08-24 18:22 . 2011-08-24 18:22 -------- d--h--w- c:\windows\$hf_mig$ 2011-08-24 18:05 . 2011-08-24 18:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files 2011-08-23 16:17 . 2011-08-23 16:17 94208 ----a-w- c:\windows\system32\drivers\buwckuux.sys 2011-08-05 19:06 . 2011-08-24 23:32 -------- d-----w- c:\documents and settings\dejan\Application Data\Skype 2011-07-30 18:17 . 2011-07-30 18:17 -------- d-----w- c:\documents and settings\dejan\Local Settings\Application Data\Babylon 2011-07-30 18:17 . 2011-07-30 18:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon 2011-07-30 18:17 . 2011-07-30 18:17 -------- d-----w- c:\documents and settings\dejan\Application Data\Babylon . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-04 02:00 . 2011-06-04 02:00 12521992 -c--a-w- C:\Firefox Setup 4.0.1.exe 2011-06-03 16:31 . 2011-06-03 16:31 7648768 ----a-w- C:\Opera_1111_en_Setup.exe 2011-08-18 03:36 . 2011-06-04 02:01 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "POEngine5"="" [BU] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "tsnpstd3"="c:\windows\tsnpstd3.exe" [2006-06-19 262144] "snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392] "ASUS Probe"="c:\program files\ASUS\Probe\AsusProb.exe" [2002-12-06 617984] . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoThumbnailCache"= 1 (0x1) HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3] c:\program files\IObit\Advanced SystemCare 3\AWC.exe [BU] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Probe] 2002-12-06 14:07 617984 -c--a-w- c:\program files\ASUS\Probe\AsusProb.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2008-04-14 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2010-04-16 20:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiS Tray] 2003-10-30 12:10 667648 -c--a-w- c:\windows\system32\sistray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiS Windows KeyHook] 2003-10-30 12:09 249856 -c--a-w- c:\windows\system32\Keyhook.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smapp] 2003-05-05 06:57 143360 -c--a-w- c:\program files\Analog Devices\SoundMAX\SMTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3] 2006-09-19 07:07 827392 ----a-w- c:\windows\vsnpstd3.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnpstd3] 2006-06-19 09:43 262144 ----a-w- c:\windows\tsnpstd3.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WMPNetworkSvc"=3 (0x3) "JavaQuickStarterService"=2 (0x2) . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableNotifications"= 1 (0x1) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "c:\\Program Files\\Opera\\opera.exe"= . . . ------- Supplementary Scan ------- . mStart Page = hxxp://www.yahoo.com TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\dejan\Application Data\Mozilla\Firefox\Profiles\9armk4j2.default\ FF - prefs.js: browser.startup.homepage - google.com . - - - - ORPHANS REMOVED - - - - . WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) . . . ************************************************************************ . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2011-08-25 17:20 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(1800) c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\wscntfy.exe c:\program files\Common Files\Java\Java Update\jucheck.exe . ************************************************************************ . Completion time: 2011-08-25 17:25:30 - machine was rebooted ComboFix-quarantined-files.txt 2011-08-25 15:25 ComboFix2.txt 2011-08-24 21:40 ComboFix3.txt 2011-08-24 17:46 . Pre-Run: 2,694,270,976 bytes free Post-Run: 2,646,601,728 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=signature(d2c0d2c0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug signature(d2c0d2c0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 0ECD330F50F0CDB64CB0C850F53F4005

Profil

NIx Car Poslao: 25 Avg 2011 22:08 Idi na vrh
offline NIx Car Legendarni građanin Més que un club Glavni vokal @ Harpun Pridružio: 27 Feb 2009 Poruke: 3898 Gde živiš: Novi Sad,Klisa	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi The Avenger na Desktop. Raspakuj arhivu u neki folder Dvoklikom pokreni avenger.exe Iskopiraj tekst koji se nalazi unutar Kod polja u (beli) prozor programa: `Files to delete: c:\windows\system32\drivers\buwckuux.sys` Klikni Execute, a zatim Yes u sledeća dva prozora koji će se otvoriti Kompjuter će se restartovati (u određenim slučajevima: dva puta) i započeti će proces čišćenja/skeniranja Kada proces bude završen, logfile C:\avenger.txt će se otvoriti u Notepad-u Iskopiraj sadržaj dobijenog loga u temu na forumu. Uploaduj mi sledeci fajl C:\avenger\backup.zip na sledecu adresu: http://www.mycity.rs/ambulanta-upload.php NIx Car (AMF Tim)

Profil

dexon303 Poslao: 26 Avg 2011 21:15 Idi na vrh
offline dexon303 Građanin Pridružio: 18 Avg 2006 Poruke: 37	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U redu,odradjeno. Logfile of The Avenger Version 2.0, (c) by Swandog46 swandog46.geekstogo.com Platform: Windows XP ***************** Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger *************** Beginning to process script file: Rootkit scan active. No rootkits found! File "c:\windows\system32\drivers\buwckuux.sys" deleted successfully. Completed script processing. ***************** Finished! Terminate.

Profil

NIx Car Poslao: 27 Avg 2011 01:51 Idi na vrh
offline NIx Car Legendarni građanin Més que un club Glavni vokal @ Harpun Pridružio: 27 Feb 2009 Poruke: 3898 Gde živiš: Novi Sad,Klisa	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Na tvom racunaru vise nemas aktivnog malware-a. Stoga ti predlazem da instaliras neki anti virus (placeni ukoliko imas licencu ili besplatni (Avast,avira,MSE,panda cloud) ako nemas licencu za placena resenja). - Preporucujem da za zastitu USB memorijskih uredjaja koristis MCShield. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja. Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan. Home Page MCShield-a: http://amf.mycity.rs/programs/mc/mcshield/ Vise o MCShield-u mozes saznati u ovoj temi: http://www.mycity.rs/Antispyware-programi/MCShield.html

Profil

dexon303 Poslao: 27 Avg 2011 18:57 Idi na vrh
offline dexon303 Građanin Pridružio: 18 Avg 2006 Poruke: 37	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala ti puno na odvojenom vremenu.Svako dobro i veliki pozdrav.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Trojan personal shield pro version 2.20

Ko je trenutno na forumu

Ukupno su 1217 korisnika na forumu :: 65 registrovanih, 6 sakrivenih i 1146 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: _Rade, Atomski čoban, babaroga, Bobrock1, Boris90, BORUTUS, cavatina, darionis, darios, darkojbn, debeli, djboj, Djokislav, doktor1964, DonRumataEstorski, Dorcolac, elenemste, flash12, FOX, ginjica, gomago, goxin, havoc995, HrcAk47, Insan, JOntra, Karla, krkalon, Kubovac, madza, maiden6657, Marko Marković, marsovac 2, mercedesamg, Metanoja, Mi lao shu, mikrimaus, milenko crazy north, Milometer, milutin134, miodrag, mnn2, opt1, pacika, Polemarchoi, randja26, raptorsi, Rogan33, royst33, S2M, samsung, Sančo, Shinobi, slonic_tonic, solic, Srle993, stankolich, Steeeefan, theNedjeljko, Vatreni Zmaj, vladaa012, W123, wizzardone, YU-UKI, zbazin

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by