MyCity » Ambulanta -> Arhiva Ambulante » Virus

Virus

Napisano na dan: 12.5.2009

Virus
Sledeća strana Pagination

Idi na vrh

Poslao: 12 Maj 2009 11:55
Idi na vrh
offline
  • Pridružio: 26 Dec 2008
  • Poruke: 440

Imam jedan virus koji nod32 ne moze da obrise evo logoa

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:49:56 AM, on 5/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
c:\windows\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lxctcoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Conexant\Adsl\dslstat.exe
C:\Program Files\Conexant\Adsl\dslagent.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\MEDIAK~1\MagicKey.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\MSI\3D!Turbo Experience\3D!Turbo.exe
C:\Program Files\Zone Labs\ZoneAlarm\MailFrontier\mantispm.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
D:\net\hijack this\sindja.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = [Link mogu videti samo ulogovani korisnici]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [DSLSTATEXE] "C:\Program Files\Conexant\Adsl\dslstat.exe" icon
O4 - HKLM\..\Run: [DSLAGENTEXE] "C:\Program Files\Conexant\Adsl\dslagent.exe"
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVCLOCK] Rundll32 nvclock.dll,fnNvclock
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MagicKey] C:\PROGRA~1\MEDIAK~1\MagicKey.exe
O4 - HKLM\..\Run: [LXCTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: 3D!Turbo Experience.lnk = C:\Program Files\MSI\3D!Turbo Experience\3D!Turbo.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - [Link mogu videti samo ulogovani korisnici]
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - [Link mogu videti samo ulogovani korisnici]
O17 - HKLM\System\CCS\Services\Tcpip\..\{B929C3F5-083A-4945-87E8-1012C73CFDFD}: NameServer = 77.105.0.18 77.105.0.19
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxct_device - - C:\WINDOWS\system32\lxctcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O24 - Desktop Component 0: Item created by Ulead GIF Animator - C:\Documents and Settings\Sindja32\Application Data\Ulead Systems\Ulead GIF Animator\5.05\ULEAD.DAT\gaadi001.gif

--
End of file - 7679 bytes



Poslao: 12 Maj 2009 14:52
Idi na vrh
offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Citat:3. Ukoliko je vas slucaj takav da je vas antivirus prepoznao neku infekciju, ali ne uspeva da je skloni, obavezno zapisite puno ime infekcije, kao i punu putanju do fajla u kome je infekcija nadjena. Molimo vas da imena infekcija zapisujete tacno, svaki znak i slovo su bitni.



Poslao: 12 Maj 2009 15:01
Idi na vrh
offline
  • Pridružio: 26 Dec 2008
  • Poruke: 440

5/9/2009 3:46:27 PM Startup scanner operating memory Operating memory Win32/Rootkit.Agent.ODG trojan unable to clean

Poslao: 12 Maj 2009 15:09
Idi na vrh
offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Eto .. sad je sve jasnije..

* Pokreni ESET Smart Security/ESET NOD32 na sledeci nacin :
Start>All Programs>ESET>ESET Smart Security ili pak ESET NOD32 Antivirus(ukoliko koristis samo Antivirus resenje).

* Kada ti se otvori glavni prozor programa, klikni na Setup opciju sa leve strane prozora;
* Izaberi Antivirus and antispyware opciju i klikni na Temporarily disable Antivirus and antispyware protection.
* Na sledece pitanje klikni Yes.

Napomena: Ne zaboravi da ukljuciš ovu opciju po završetku cišcenja.

Skini ComboFix sa jedne od sledecih adresa na Desktop:
[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]
[Link mogu videti samo ulogovani korisnici]

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Poslao: 12 Maj 2009 15:32
Idi na vrh
offline
  • Pridružio: 26 Dec 2008
  • Poruke: 440

ComboFix 09-05-11.08 - Sindja32 05/12/2009 15:17.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.767.455 [GMT 2:00]
Running from: c:\documents and settings\Sindja32\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated)
AV: ZoneAlarm Security Suite Antivirus *On-access scanning disabled* (Outdated)
FW: ZoneAlarm Security Suite Firewall *enabled*
* Resident AV is active


WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Sindja32\Application Data\.#
c:\documents and settings\Sindja32\Application Data\.#\MBX@1530@3C3790.###
c:\documents and settings\Sindja32\Application Data\.#\MBX@1530@3C37A0.###
c:\windows\system32\drivers\msqpdxtqqemkmh.sys
c:\windows\system32\drivers\ovfsthxjbogkvtl.sys
c:\windows\system32\msqpdxcdhgerls.dll
c:\windows\system32\ovfsthxinsbomlx.dll
c:\windows\system32\ovfsthxnbmqpkhl.dat
c:\windows\system32\ovfsthxopjxjixb.dll
c:\windows\system32\ovfsthxouegamte.dll
c:\windows\system32\ovfsthxqtgelnan.dat
c:\windows\system32\Plugins
c:\windows\system32\Plugins\Hoster\aCallbackMethods.dll
c:\windows\system32\Plugins\Hoster\archivto.dll
c:\windows\system32\Plugins\Hoster\bluehostto.dll
c:\windows\system32\Plugins\Hoster\dataupde.dll
c:\windows\system32\Plugins\Hoster\fastloadnet.dll
c:\windows\system32\Plugins\Hoster\fastshareorg.dll
c:\windows\system32\Plugins\Hoster\fileuploadnet.dll
c:\windows\system32\Plugins\Hoster\megauploadcom.dll
c:\windows\system32\Plugins\Hoster\meinuploadcom.dll
c:\windows\system32\Plugins\Hoster\moosharede.dll
c:\windows\system32\Plugins\Hoster\myvideode.dll
c:\windows\system32\Plugins\Hoster\netloadin.dll
c:\windows\system32\Plugins\Hoster\PluginSettings.ini
c:\windows\system32\Plugins\Hoster\qsharecom.dll
c:\windows\system32\Plugins\Hoster\rapidsharecom.dll
c:\windows\system32\Plugins\Hoster\shareonlinebiz.dll
c:\windows\system32\Plugins\Hoster\shareplacecom.dll
c:\windows\system32\Plugins\Hoster\silofilescom.dll
c:\windows\system32\Plugins\Hoster\speedysharecom.dll
c:\windows\system32\Plugins\Hoster\uploadedto.dll
c:\windows\system32\Plugins\Hoster\yourfilesbiz.dll
c:\windows\system32\Plugins\Hoster\youtubecom.dll
c:\windows\system32\Plugins\YouCrypt\callbackmethods.dll
c:\windows\system32\Plugins\YouCrypt\captcha.dll
c:\windows\system32\Plugins\YouCrypt\cineto.dll
c:\windows\system32\Plugins\YouCrypt\datenbankorg.dll
c:\windows\system32\Plugins\YouCrypt\datenschleuder.dll
c:\windows\system32\Plugins\YouCrypt\ddlscene.dll
c:\windows\system32\Plugins\YouCrypt\ddl(zabranjeno).dll
c:\windows\system32\Plugins\YouCrypt\dreidl.dll
c:\windows\system32\Plugins\YouCrypt\dxpdivxvidorg.dll
c:\windows\system32\Plugins\YouCrypt\gameblog.dll
c:\windows\system32\Plugins\YouCrypt\gamezam.dll
c:\windows\system32\Plugins\YouCrypt\gapping.dll
c:\windows\system32\Plugins\YouCrypt\g(zabranjeno).dll
c:\windows\system32\Plugins\YouCrypt\linkbank.dll
c:\windows\system32\Plugins\YouCrypt\linksafe.dll
c:\windows\system32\Plugins\YouCrypt\LinkSave.dll
c:\windows\system32\Plugins\YouCrypt\lix.dll
c:\windows\system32\Plugins\YouCrypt\mirrorit.dll
c:\windows\system32\Plugins\YouCrypt\netfolderin.dll
c:\windows\system32\Plugins\YouCrypt\onekh.dll
c:\windows\system32\Plugins\YouCrypt\rapidfolder.dll
c:\windows\system32\Plugins\YouCrypt\rapidlayer.dll
c:\windows\system32\Plugins\YouCrypt\rapidsafede.dll
c:\windows\system32\Plugins\YouCrypt\rapidsafenet.dll
c:\windows\system32\Plugins\YouCrypt\relinkus.dll
c:\windows\system32\Plugins\YouCrypt\RScomLinkList.dll
c:\windows\system32\Plugins\YouCrypt\rslayer.dll
c:\windows\system32\Plugins\YouCrypt\saveraidrush.dll
c:\windows\system32\Plugins\YouCrypt\secured.dll
c:\windows\system32\Plugins\YouCrypt\securnet.dll
c:\windows\system32\Plugins\YouCrypt\serienjunkies.dll
c:\windows\system32\Plugins\YouCrypt\shareonall.dll
c:\windows\system32\Plugins\YouCrypt\shareprotect.dll
c:\windows\system32\Plugins\YouCrypt\stealth.dll
c:\windows\system32\Plugins\YouCrypt\tinyurl.dll
c:\windows\system32\Plugins\YouCrypt\UndergroundCMS.dll
c:\windows\system32\Plugins\YouCrypt\uppicoasis.dll
c:\windows\system32\Plugins\YouCrypt\urlcash.dll
c:\windows\system32\Plugins\YouCrypt\usercashcom.dll
c:\windows\system32\Plugins\YouCrypt\xlinkin.dll
D:\resycled
d:\resycled\boot.com

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_ovfsthxyrdltkmx
-------\Service_MSQPDXSERV.SYS


((((((((((((((((((((((((( Files Created from 2009-04-12 to 2009-05-12 )))))))))))))))))))))))))))))))
.

2009-05-09 18:44 . 2009-05-09 18:44 -------- d-----w c:\documents and settings\Sindja32\Application Data\Ventrilo
2009-05-04 17:12 . 2009-05-04 17:12 -------- d-----w c:\program files\JoWooD
2009-05-04 14:23 . 2009-05-11 19:04 -------- d-----w c:\program files\Valve
2009-05-04 09:00 . 2009-03-09 13:27 1846632 ----a-w c:\windows\system32\D3DCompiler_41.dll
2009-05-04 09:00 . 2009-03-09 13:27 453456 ----a-w c:\windows\system32\d3dx10_41.dll
2009-05-04 09:00 . 2009-03-09 13:27 4178264 ----a-w c:\windows\system32\D3DX9_41.dll
2009-05-04 09:00 . 2009-03-16 12:18 69448 ----a-w c:\windows\system32\XAPOFX1_3.dll
2009-05-04 09:00 . 2009-03-16 12:18 517448 ----a-w c:\windows\system32\XAudio2_4.dll
2009-05-04 09:00 . 2009-03-16 12:18 235352 ----a-w c:\windows\system32\xactengine3_4.dll
2009-05-04 09:00 . 2009-03-16 12:18 22360 ----a-w c:\windows\system32\X3DAudio1_6.dll
2009-05-02 13:35 . 2009-05-02 13:35 -------- d-----w c:\documents and settings\Sindja32\Application Data\Microsoft Games
2009-05-01 12:13 . 2009-05-03 18:46 -------- d-----w c:\program files\Chess
2009-04-30 16:14 . 2009-04-30 16:15 -------- d-----w C:\AOM
2009-04-24 11:38 . 2008-01-26 22:35 -------- d-----w c:\windows\EasyBind
2009-04-24 11:35 . 2009-04-24 11:35 -------- d-----w C:\cygwin
2009-04-23 09:51 . 2009-04-23 09:51 -------- d--h--w c:\documents and settings\All Users\Application Data\sacache
2009-04-22 09:54 . 2009-04-22 09:54 -------- d-----w c:\program files\tony hawk
2009-04-21 17:15 . 2009-04-21 17:15 -------- d-----w c:\documents and settings\Sindja32\Application Data\Thinstall
2009-04-21 10:37 . 2009-04-21 10:37 -------- d-----w c:\documents and settings\All Users\Application Data\DAEMON Tools Pro
2009-04-21 10:37 . 2009-04-22 15:20 -------- d-----w c:\program files\DAEMON Tools Pro
2009-04-20 18:17 . 2009-04-20 18:18 -------- d-----w c:\program files\Hamachi
2009-04-20 15:31 . 2009-04-20 15:31 4096 ----a-w c:\windows\system32\drivers\nocashio.sys
2009-04-20 13:42 . 2009-05-02 16:00 -------- d-----w c:\program files\Sven Bomwollen
2009-04-20 12:25 . 2009-04-20 12:25 -------- d-----w c:\program files\ReflexiveArcade
2009-04-15 07:38 . 2008-05-03 11:55 2560 ------w c:\windows\system32\xpsp4res.dll
2009-04-15 07:38 . 2008-04-21 12:08 215552 -c----w c:\windows\system32\dllcache\wordpad.exe
2009-04-15 07:34 . 2009-03-06 14:22 284160 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-15 07:33 . 2009-02-09 12:10 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-15 07:33 . 2009-02-06 11:11 110592 -c----w c:\windows\system32\dllcache\services.exe
2009-04-15 07:33 . 2009-02-09 12:10 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-15 07:33 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-15 07:33 . 2009-02-09 12:10 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-15 07:33 . 2009-02-09 12:10 729088 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-15 07:33 . 2009-02-09 12:10 617472 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-15 07:33 . 2009-02-09 12:10 714752 -c----w c:\windows\system32\dllcache\ntdll.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-12 13:14 . 2009-03-10 09:20 4998957 ----a-w c:\windows\Internet Logs\tvDebug.Zip
2009-05-11 17:03 . 2009-03-10 22:36 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-05-11 16:00 . 2009-05-11 16:01 3311616 ----a-w c:\windows\Internet Logs\xDB42.tmp
2009-05-11 16:00 . 2009-05-11 16:01 1571328 ----a-w c:\windows\Internet Logs\xDB41.tmp
2009-05-08 23:10 . 2009-05-09 09:01 3301376 ----a-w c:\windows\Internet Logs\xDB40.tmp
2009-05-08 08:23 . 2008-12-25 12:12 -------- d-----w c:\program files\Professional §©®ÎÞt v.4 White
2009-05-05 12:17 . 2009-05-05 12:27 3275264 ----a-w c:\windows\Internet Logs\xDB3F.tmp
2009-05-05 12:17 . 2009-05-05 12:27 173568 ----a-w c:\windows\Internet Logs\xDB3E.tmp
2009-05-05 11:09 . 2009-05-05 11:09 187904 ----a-w c:\windows\Internet Logs\xDB3D.tmp
2009-05-05 08:39 . 2009-05-05 08:35 738304 ----a-w c:\windows\Internet Logs\xDB3C.tmp
2009-05-04 15:06 . 2008-07-07 17:03 -------- d-----w c:\program files\lx_cats
2009-05-04 12:49 . 2009-05-04 12:49 1357312 ----a-w c:\windows\Internet Logs\xDB3B.tmp
2009-05-04 10:24 . 2009-05-04 10:25 3257856 ----a-w c:\windows\Internet Logs\xDB3A.tmp
2009-05-02 18:03 . 2009-05-02 18:04 88576 ----a-w c:\windows\Internet Logs\xDB38.tmp
2009-05-02 18:03 . 2009-05-02 18:04 3220480 ----a-w c:\windows\Internet Logs\xDB39.tmp
2009-05-02 14:29 . 2009-05-02 14:30 317952 ----a-w c:\windows\Internet Logs\xDB36.tmp
2009-05-02 14:29 . 2009-05-02 14:30 3211264 ----a-w c:\windows\Internet Logs\xDB37.tmp
2009-05-02 11:30 . 2009-05-02 11:29 3194880 ----a-w c:\windows\Internet Logs\xDB35.tmp
2009-05-01 20:47 . 2009-05-01 20:48 2821120 ----a-w c:\windows\Internet Logs\xDB33.tmp
2009-05-01 20:47 . 2009-05-01 20:48 3196928 ----a-w c:\windows\Internet Logs\xDB34.tmp
2009-05-01 14:37 . 2008-07-05 19:15 76888 ----a-w c:\documents and settings\Sindja32\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-30 08:52 . 2009-04-30 08:53 3121664 ----a-w c:\windows\Internet Logs\xDB32.tmp
2009-04-30 08:48 . 2009-04-30 08:49 3125248 ----a-w c:\windows\Internet Logs\xDB31.tmp
2009-04-29 15:10 . 2009-04-29 15:11 3111936 ----a-w c:\windows\Internet Logs\xDB30.tmp
2009-04-29 15:05 . 2009-04-29 15:05 3111424 ----a-w c:\windows\Internet Logs\xDB2F.tmp
2009-04-27 12:47 . 2009-04-27 12:48 349184 ----a-w c:\windows\Internet Logs\xDB2E.tmp
2009-04-26 08:44 . 2009-04-26 08:44 26333521 ----a-w c:\windows\Internet Logs\vsmon_on_demand_crt_term_2009_04_26_00_53_10_full.dmp.zip
2009-04-26 08:44 . 2009-04-26 08:44 143718 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_04_26_00_53_08_small.dmp.zip
2009-04-25 22:53 . 2009-04-26 08:39 116224 ----a-w c:\windows\Internet Logs\xDB2C.tmp
2009-04-25 22:53 . 2009-04-26 08:39 3080192 ----a-w c:\windows\Internet Logs\xDB2D.tmp
2009-04-25 18:33 . 2009-04-25 18:34 2944000 ----a-w c:\windows\Internet Logs\xDB2A.tmp
2009-04-25 18:33 . 2009-04-25 18:34 3073024 ----a-w c:\windows\Internet Logs\xDB2B.tmp
2009-04-25 18:29 . 2008-07-05 22:21 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-24 23:17 . 2009-04-25 08:59 2646528 ----a-w c:\windows\Internet Logs\xDB28.tmp
2009-04-24 23:16 . 2009-04-25 08:59 3061760 ----a-w c:\windows\Internet Logs\xDB29.tmp
2009-04-24 20:04 . 2009-04-24 20:04 2769408 ----a-w c:\windows\Internet Logs\xDB27.tmp
2009-04-23 22:33 . 2009-04-24 09:01 3037696 ----a-w c:\windows\Internet Logs\xDB26.tmp
2009-04-22 22:40 . 2009-04-23 08:26 3022848 ----a-w c:\windows\Internet Logs\xDB25.tmp
2009-04-22 19:26 . 2009-04-22 19:27 110080 ----a-w c:\windows\Internet Logs\xDB24.tmp
2009-04-22 17:59 . 2009-04-22 18:00 3018240 ----a-w c:\windows\Internet Logs\xDB23.tmp
2009-04-22 17:59 . 2009-04-22 18:00 555008 ----a-w c:\windows\Internet Logs\xDB22.tmp
2009-04-22 15:42 . 2009-04-22 15:43 165888 ----a-w c:\windows\Internet Logs\xDB20.tmp
2009-04-22 15:42 . 2009-04-22 15:43 3021312 ----a-w c:\windows\Internet Logs\xDB21.tmp
2009-04-22 15:17 . 2009-04-22 15:18 3023872 ----a-w c:\windows\Internet Logs\xDB1F.tmp
2009-04-22 15:17 . 2009-04-22 15:18 1881088 ----a-w c:\windows\Internet Logs\xDB1E.tmp
2009-04-22 15:15 . 2008-09-16 08:42 721904 ----a-w c:\windows\system32\drivers\sptd.sys
2009-04-21 18:36 . 2009-04-21 18:37 1165312 ----a-w c:\windows\Internet Logs\xDB1C.tmp
2009-04-21 18:36 . 2009-04-21 18:37 2995200 ----a-w c:\windows\Internet Logs\xDB1D.tmp
2009-04-21 18:32 . 2008-11-06 10:28 1420 ----a-w c:\windows\eReg.dat
2009-04-21 12:11 . 2009-01-12 02:32 4212 ---ha-w c:\windows\system32\zllictbl.dat
2009-04-21 12:07 . 2009-04-21 12:08 2926592 ----a-w c:\windows\Internet Logs\xDB1B.tmp
2009-04-21 12:07 . 2009-04-21 12:08 2621440 ----a-w c:\windows\Internet Logs\xDB1A.tmp
2009-04-21 12:05 . 2009-03-08 12:02 1138710560 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-04-20 18:17 . 2008-09-14 15:12 25280 ----a-w c:\windows\system32\drivers\hamachi.sys
2009-04-19 21:16 . 2009-03-08 12:02 12995048 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-04-19 20:22 . 2009-01-28 11:13 -------- d-s---w c:\program files\HLSW
2009-04-19 20:19 . 2009-04-07 15:12 -------- d-----w c:\program files\JLC's Software
2009-04-16 11:00 . 2009-04-16 10:58 25887236 ----a-w c:\windows\Internet Logs\vsmon_on_demand_crt_term_2009_04_16_12_34_27_full.dmp.zip
2009-04-16 10:58 . 2009-04-16 10:58 141645 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_04_16_12_34_25_small.dmp.zip
2009-04-15 13:34 . 2009-03-08 11:08 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-11 23:08 . 2009-04-12 09:12 3350016 ----a-w c:\windows\Internet Logs\xDB19.tmp
2009-04-11 15:40 . 2008-07-07 16:59 -------- d-----w c:\program files\Lexmark 5400 Series
2009-04-07 16:22 . 2009-04-07 16:22 -------- d-----w c:\program files\GiPo@Utilities
2009-04-07 16:20 . 2009-01-10 17:35 -------- d-----w c:\program files\ESET
2009-04-06 13:32 . 2009-03-08 11:08 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 13:32 . 2009-03-08 11:08 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-04 15:36 . 2009-04-04 17:08 313344 ----a-w c:\windows\Internet Logs\xDB18.tmp
2009-04-02 21:28 . 2009-04-03 07:38 408064 ----a-w c:\windows\Internet Logs\xDB17.tmp
2009-04-01 21:09 . 2009-04-02 07:54 278016 ----a-w c:\windows\Internet Logs\xDB16.tmp
2009-04-01 15:35 . 2008-07-21 10:34 -------- d-----w c:\program files\Java
2009-04-01 10:58 . 2009-04-01 15:25 2427392 ----a-w c:\windows\Internet Logs\xDB14.tmp
2009-04-01 10:58 . 2009-04-01 15:25 2721280 ----a-w c:\windows\Internet Logs\xDB15.tmp
2009-03-31 21:43 . 2009-04-01 07:10 2716672 ----a-w c:\windows\Internet Logs\xDB13.tmp
2009-03-31 17:20 . 2009-02-07 09:00 72584 ----a-w c:\windows\zllsputility.exe
2009-03-31 17:20 . 2009-02-07 09:00 1221512 ----a-w c:\windows\system32\zpeng25.dll
2009-03-31 05:58 . 2009-03-31 08:06 51200 ----a-w c:\windows\Internet Logs\xDB12.tmp
2009-03-30 22:02 . 2009-03-31 05:13 798720 ----a-w c:\windows\Internet Logs\xDB11.tmp
2009-03-30 12:12 . 2008-07-05 19:46 -------- d-----w c:\program files\Winamp
2009-03-29 10:01 . 2009-03-29 10:02 843264 ----a-w c:\windows\Internet Logs\xDB10.tmp
2009-03-27 22:55 . 2009-03-28 09:08 566272 ----a-w c:\windows\Internet Logs\xDBF.tmp
2009-03-25 22:17 . 2009-03-26 08:27 403968 ----a-w c:\windows\Internet Logs\xDBE.tmp
2009-03-25 13:29 . 2009-03-25 14:57 2817024 ----a-w c:\windows\Internet Logs\xDBD.tmp
2009-03-23 14:24 . 2009-03-23 17:03 2599936 ----a-w c:\windows\Internet Logs\xDBC.tmp
2009-03-19 12:50 . 2009-03-19 13:06 55640 ----a-w c:\windows\system32\drivers\avgntflt.sys
2009-03-19 09:45 . 2009-03-19 09:45 93848 ----a-w c:\windows\system32\drivers\epfwtdir.sys
2009-03-19 09:44 . 2009-03-19 09:44 107256 ----a-w c:\windows\system32\drivers\ehdrv.sys
2009-03-19 09:41 . 2009-03-19 09:41 113960 ----a-w c:\windows\system32\drivers\eamon.sys
2009-03-19 08:26 . 2009-03-19 09:32 69632 ----a-w c:\windows\Internet Logs\xDBA.tmp
2009-03-19 08:26 . 2009-03-19 09:32 2534400 ----a-w c:\windows\Internet Logs\xDBB.tmp
2009-03-18 22:59 . 2009-03-19 07:07 132096 ----a-w c:\windows\Internet Logs\xDB8.tmp
2009-03-18 22:59 . 2009-03-19 07:07 2533888 ----a-w c:\windows\Internet Logs\xDB9.tmp
2009-03-17 23:20 . 2009-03-18 08:21 2488832 ----a-w c:\windows\Internet Logs\xDB7.tmp
2009-03-16 23:43 . 2009-03-17 07:19 393728 ----a-w c:\windows\Internet Logs\xDB6.tmp
2009-03-16 00:54 . 2009-03-16 08:42 598016 ----a-w c:\windows\Internet Logs\xDB5.tmp
2009-03-15 21:46 . 2008-08-13 14:26 -------- d-----w c:\program files\Common Files\Adobe
2009-03-15 19:20 . 2008-07-06 09:01 -------- d-----w c:\program files\Opera
2009-03-15 18:41 . 2009-03-15 18:42 312832 ----a-w c:\windows\Internet Logs\xDB3.tmp
2009-03-15 18:41 . 2009-03-15 18:42 2491904 ----a-w c:\windows\Internet Logs\xDB4.tmp
2009-03-15 12:34 . 2009-03-15 12:34 2485248 ----a-w c:\windows\Internet Logs\xDB2.tmp
2009-03-15 12:34 . 2009-03-15 12:34 119296 ----a-w c:\windows\Internet Logs\xDB1.tmp
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTProAgent.exe" [2009-04-09 228808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DSLSTATEXE"="c:\program files\Conexant\Adsl\dslstat.exe" [2005-08-25 344064]
"DSLAGENTEXE"="c:\program files\Conexant\Adsl\dslagent.exe" [2005-08-25 65536]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-09-30 4603904]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-09-30 86016]
"MagicKey"="c:\progra~1\MEDIAK~1\MagicKey.exe" [2007-01-09 167936]
"LXCTCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll" [2006-06-07 106496]
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-06-03 131072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-03-31 982408]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-03-19 2029640]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2004-09-30 921600]
"NVCLOCK"="nvclock.dll" - c:\windows\system32\nvclock.dll [2003-04-14 81920]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2007-04-16 577536]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
3D!Turbo Experience.lnk - c:\program files\MSI\3D!Turbo Experience\3D!Turbo.exe [2008-7-5 94208]

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source= c:\documents and settings\Sindja32\Application Data\Ulead Systems\Ulead GIF Animator\5.05\ULEAD.DAT\gaadi001.gif
FriendlyName= Item created by Ulead GIF Animator

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\windows\system32\logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-03-11 12:33 356352 ----a-w c:\program files\SUPERAntiSpyware\SASWINLO.DLL

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32
"wave1"= serwvdrv.dll

[HKLM\~\startupfolder\C:^Documents and Settings^Sindja32^Start Menu^Programs^Startup^Stardock ObjectDock.lnk]
path=c:\documents and settings\Sindja32\Start Menu\Programs\Startup\Stardock ObjectDock.lnk
backup=c:\windows\pss\Stardock ObjectDock.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"d:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"135:TCP"= 135:TCP:TCP Port 135
"5000:TCP"= 5000:TCP:TCP Port 5000
"5001:TCP"= 5001:TCP:TCP Port 5001
"5002:TCP"= 5002:TCP:TCP Port 5002
"5003:TCP"= 5003:TCP:TCP Port 5003
"5004:TCP"= 5004:TCP:TCP Port 5004
"5005:TCP"= 5005:TCP:TCP Port 5005
"5006:TCP"= 5006:TCP:TCP Port 5006
"5007:TCP"= 5007:TCP:TCP Port 5007
"5008:TCP"= 5008:TCP:TCP Port 5008
"5009:TCP"= 5009:TCP:TCP Port 5009
"5010:TCP"= 5010:TCP:TCP Port 5010
"5011:TCP"= 5011:TCP:TCP Port 5011
"5012:TCP"= 5012:TCP:TCP Port 5012
"5013:TCP"= 5013:TCP:TCP Port 5013
"5014:TCP"= 5014:TCP:TCP Port 5014
"5015:TCP"= 5015:TCP:TCP Port 5015
"5016:TCP"= 5016:TCP:TCP Port 5016
"5017:TCP"= 5017:TCP:TCP Port 5017
"5018:TCP"= 5018:TCP:TCP Port 5018
"5019:TCP"= 5019:TCP:TCP Port 5019
"5020:TCP"= 5020:TCP:TCP Port 5020
"27015:TCP"= 27015:TCP:cs
"27105:UDP"= 27105:UDP:cs

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [3/19/2009 11:44 AM 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [3/19/2009 11:45 AM 93848]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [8/20/2008 12:34 AM 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [8/20/2008 12:34 AM 55024]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [1/13/2009 3:55 PM 141312]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [3/19/2009 11:44 AM 731840]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [1/15/2009 5:32 PM 603904]
S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys --> c:\windows\system32\DRIVERS\avfwim.sys [?]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [4/23/2007 1:54 PM 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [4/23/2007 1:54 PM 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [4/23/2007 1:54 PM 108680]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [8/20/2008 12:34 AM 7408]
S3 SBRE;SBRE;\??\c:\windows\system32\drivers\SBREdrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0d0320d3-e005-11dd-a47e-00064f300101}]
\Shell\AutoRun\command - E:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5648c82f-2da6-11de-b115-00064f300101}]
\Shell\AutoRun\command - H:\autorun.exe
.
Contents of the 'Scheduled Tasks' folder

2009-05-12 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)


.
------- Supplementary Scan -------
.
mStart Page = [Link mogu videti samo ulogovani korisnici]
uInternet Connection Wizard,ShellNext = iexplore
FF - ProfilePath - c:\documents and settings\Sindja32\Application Data\Mozilla\Firefox\Profiles\j19glzk6.default\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2009-05-12 15:23
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXCTCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCTtime.dll,_RunDLLEntry@16???

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(860)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
Completion time: 2009-05-12 15:26
ComboFix-quarantined-files.txt 2009-05-12 13:26

Pre-Run: 2,619,314,176 bytes free
Post-Run: 2,662,653,952 bytes free

370 --- E O F --- 2009-04-29 16:24

Poslao: 12 Maj 2009 18:06
Idi na vrh
offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Ukljuci prikaz skrivenih fajlova [Link mogu videti samo ulogovani korisnici]

i obrisi sledeci folder


c:\documents and settings\All Users\Application Data\sacache

Kakov je sad stanje?

Poslao: 12 Maj 2009 18:14
Idi na vrh
offline
  • Pridružio: 26 Dec 2008
  • Poruke: 440

Sad je ok.

Hvala

Poslao: 13 Maj 2009 18:57
Idi na vrh
offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

zaboravih

Deinstalacija ComboFix-a:
Klikni START a zatim RUN.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

Combofix /u



a zatim klikni OK.

Sačekaj da se proces deinstalacije završi.

MyCity » Ambulanta -> Arhiva Ambulante » Virus

Ko je trenutno na forumu
 

Ukupno su 1095 korisnika na forumu :: 82 registrovanih, 9 sakrivenih i 1004 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 6018 - dana 19 Dec 2025 13:41

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, Andrija357, antonije64, babaroga, Baždaranac, bb929, Betty25, blatruc82, bojcistv, Bokiboks, boromir, Bosnjo, cojapop, Comyymoc, Crazzer, Daba75, DalmatinacMF, Darth Malak, DavidA, dendrit86, Dexlex, djuradj, draganca, DrFlyFisherman, ElGenius, FOX, grega2s, halkin gol, Joint Chief, Jovan1983, Kalem, Kazablankasrb, Koser, kovacicbozo, ladro, laurusri, lima, ljuba, Ljusa, mat, Mcdado, mercedesamg, MIKI63, mikrimaus, milbos, milos.cbr, miodrag, Mićko, mkukoleca, Mrav Obrad, neko iz mase, Nemanja.M, nemkea71, nevjerna beba, nikolapetkovic, Nole, Parker, pavle_pzs, Pero Petković, PO1974, predragc, radoznao, raso76, Sirius, skvara, sluga, Sone01, stalja, synergia, Szigetwar, tomo2, umpah-pah, user24, vathra, VBoss, vidra1, Vlado82, Volkhov-M, Vrač, VX1, zeo, zzeljko