moze pomoć?

1

moze pomoć?

offline
  • Pridružio: 23 Dec 2008
  • Poruke: 30
  • Gde živiš: RS

koristim avast i zadnjim skeniranjem je nasao trojan-gen (other), prebacila sam te datoteke u kovceg i sad trazim pomoć. nisam neki expert, pa nemam pojma sta da brisem, a sta ne! procitala sam vasa uputstva, skinula ovaj programcic i svLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:36:54, on 23.12.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\B7MuJWX2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PROGRA~1\DAP\DAP.EXE
C:\Documents and Settings\Tajka\Desktop\tr3.exe\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (file missing)
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\Program Files\DAP\DAPBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\PROGRA~1\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live pomagač za prijavljivanje - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll (file missing)
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: MP3 Dancer.lnk = D:\Internet skidanja\MP3Dancer\MP3Dancer.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\PROGRA~1\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com/microsoftupdate/v6.....2521418484
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com/microsoftupdate/v6.....2521307515
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - l.yimg.com/jh/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

--
End of file - 7983 bytes
e uradila kako ste rekli, pa....

PS. Imam sp3, ne posjecujem navedene sajtove, te vas molim za pomoć!
unaprijed hvala

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Skini ComboFix sa jedne od sledecih adresa na Desktop:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

offline
  • Pridružio: 23 Dec 2008
  • Poruke: 30
  • Gde živiš: RS

ComboFix 08-12-23.01 - Tajka 2008-12-23 19:39:33.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.1.1033.18.223.75 [GMT 1:00]
Running from: d:\internet skidanja\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-11-23 to 2008-12-23 )))))))))))))))))))))))))))))))
.

2008-12-16 14:28 . 2008-12-22 20:50 <DIR> d-------- c:\documents and settings\Tajka\Application Data\uTorrent
2008-12-02 21:12 . 2001-08-17 13:48 12,160 --a------ c:\windows\system32\drivers\mouhid.sys
2008-12-02 21:12 . 2001-08-17 13:48 12,160 --a--c--- c:\windows\system32\dllcache\mouhid.sys
2008-12-02 21:09 . 2008-04-13 19:45 10,368 --a------ c:\windows\system32\drivers\hidusb.sys
2008-12-02 21:09 . 2008-04-13 19:45 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-23 14:10 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater
2008-12-20 21:00 --------- d-----w c:\documents and settings\Tajka\Application Data\Skype
2008-12-01 23:50 --------- d-----w c:\documents and settings\Tajka\Application Data\Lavasoft
2008-12-01 23:36 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-01 23:36 --------- d-----w c:\documents and settings\Tajka\Application Data\Samsung
2008-11-18 19:39 --------- d-----w c:\documents and settings\Tajka\Application Data\URSE Games
2008-11-18 19:38 --------- d-----w c:\program files\GameTop.com
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2004-07-16 13:30 3,858 ----a-w c:\program files\directx redist.txt
2004-07-09 03:08 472,576 ----a-w c:\program files\dxsetup.exe
2004-07-09 03:08 2,242,560 ----a-w c:\program files\dsetup32.dll
2004-07-09 02:03 62,976 ----a-w c:\program files\DSETUP.dll
.

((((((((((((((((((((((((((((( snapshot@2008-12-23_19.25.24.61 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-12-23 18:34:52 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_618.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-03 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"snpstd"="c:\windows\vsnpstd.exe" [2004-05-10 286720]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2007-03-11 185896]
"WinampAgent"="d:\program files\Winamp\winampa.exe" [2003-12-13 33792]
"nwiz"="nwiz.exe" [2002-05-24 c:\windows\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 c:\windows\system32\narrator.exe]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [5/3/2004 6:52:33 PM 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= DivXa32.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"=
"c:\\Program Files\\DAP\\DAP.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"d:\\Igrice\\dfbhdlc.exe"=
"d:\\Igrice\\UPDATE.EXE"=
"d:\\Program Files\\uTorrent.exe"=
"d:\\Program Files\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"17479:UDP"= 17479:UDP:Black Hawk Down

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [6/7/2008 7:57:26 PM 78416]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [6/7/2008 7:57:26 PM 20560]
R3 ham50;Intel V92 HaM Data Fax Voice;c:\windows\system32\DRIVERS\IntelH51.sys [5/3/2004 6:40:09 PM 454815]
S2 spupdsvc;Windows Service Pack Installer update service;c:\windows\system32\spupdsvc.exe [12/12/2004 10:08:10 PM 26488]
S3 usnjsvc;Usluga Messenger Sharing Folders USN Journal Reader;"c:\program files\Windows Live\Messenger\usnsvc.exe" [10/18/2007 10:31:54 AM 98328]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c0beae5e-f6bc-11dc-ab8d-00055d639d16}]
\Shell\Auto\command - Autorun.exe
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Autorun.exe
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Download with &DAP - c:\progra~1\DAP\dapextie.htm
IE: Download &all with DAP - c:\progra~1\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: HTTPS\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2008-12-23 19:42:42
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-12-23 19:47:02
ComboFix-quarantined-files.txt 2008-12-23 18:45:48
ComboFix2.txt 2008-12-23 18:27:44

Pre-Run: 5.327.671.296 bytes free
Post-Run: 5,318,914,048 bytes free

112 --- E O F --- 2008-11-18 01:06:16

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Ne vidim nista sporno u logovima.
Mozes li mi tacno reci u kom fajlu je Avast nasao trojanca?

offline
  • Pridružio: 23 Dec 2008
  • Poruke: 30
  • Gde živiš: RS

C:/ System Volume information/_restore
C:/ Windows/system32 (vise puta)
C:/Docume-1/Tajka/LOCALS-1/temp
C:/Documents and Settings/Tajka/Local Settings/Temp

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Fajl, ne folder.

Kazi mi kada se obicno desava da Avast naidje na trojanca? Dok surfujes netom ili bez da ista radis na kompu?

offline
  • Pridružio: 23 Dec 2008
  • Poruke: 30
  • Gde živiš: RS

danas je poceo da mi se gasi explorer (desilo se par puta), pa sam uradila skeniranje i on je izbacio ovo gore sto sam napisala. sinoc sam ostavila komp da radi, skidala sam sestricu neki crtac, jutros ga ugasila, kad sam ga upalila pocelo je to s explorerom...

Dopuna: 23 Dec 2008 21:07

da dodam... otkad je te datoteke prebacio u kovceg izbacio je jos jednom kasnije poruku da ga je pronasao, nista radila nisam u tom trenutku

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Vidi, ja ne mogu da pogadjam sta se desilo ili sta se desava.
Ukoliko je Avast nesto obrisao, onda je to obrisano i o tome nemamo vise sta da brinemo.
Ono sto mene interesuje jeste da vidim o kojoj infekciji se radi.
Ili ces mi reci tacna imena infekcija, onako kako ih je Avast detektovao, ili ces mi reci imena fajlova koje je Avast nasao da su maliciozni.
To se trenutno jedine informacije od kojih ja mogu da pocnem bilo sta da razmisljam.
Ukoliko nemas te informacije za mene, i nemas nikakvih uzbuna trenutno od strane Avasta, onda ja ne mogu puno da pomognem.

offline
  • Pridružio: 23 Dec 2008
  • Poruke: 30
  • Gde živiš: RS

A0205611.exe C:/ System Volume information/_restore
A0205610.exe C:/ System Volume information/_restore
A0205584.exe C:/ System Volume information/_restore
trz4.tmp C:/ Windows/system32
B7MuJWX2.exe C:/ Windows/system32
D40wlYA8.dlll C:/ Windows/system32
Hc8RK32b.exe C:/ Windows/system32
F22Jl762.exe C:/Docume-1/Tajka/LOCALS-1/temp
uPT602Ta.exe C:/Documents and Settings/Tajka/Local Settings/Temp


kad otvorim avast-ov kovceg to pise, rekla sam vec da nisam neki poznavalac tih stvari (bolje receno laik sam), pa se izvinjavam

Dopuna: 23 Dec 2008 21:31

i evo upravo sad avast izbaci opet poruku da je nasao uPT602Ta.exe C:/Documents and Settings/Tajka/Local Settings/Temp

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

OK.
Rekao bih da je Avast dobro obavio posao.
Za svaki slucaj, uradicemo jos jednu proveru:

Preuzmi gmer.zip sa ovog linka i sačuvaj na Desktopu.
Raspakuj ga u neki folder.

Dupli klik na gmer.exe za početak: Izaberi Rootkit/Malware Tab na vrhu.
Klikni na Scan.
Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati rezultate skeniranja u Clipboard.
Iskoristi opciju Paste u Notepad-u da bi to prebacio u tekst. Snimi taj tekst iz Notepada kao file1.txt.
Ponovi ovo isto sa Autostart Tab-om. Snimi taj tekst iz Notepada kao file2.txt.


Iskoristi opciju Prikači fajl ispod polja za pisanje poruke na forumu, i prikači nam ovde ta dva fajla koja smo malopre snimili

Dopuna: 23 Dec 2008 21:33

tas_ha :: i evo upravo sad avast izbaci opet poruku da je nasao uPT602Ta.exe C:/Documents and Settings/Tajka/Local Settings/Temp

Koji su ti sve sajtovi upravo otvoreni u IE-u?

Ko je trenutno na forumu
 

Ukupno su 864 korisnika na forumu :: 45 registrovanih, 5 sakrivenih i 814 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Alibaba1981, Apok, b_z_b, black venom, blackjack, Bobrock1, chica, cikadeda, darkangel, Dimitrise93, djboj, djox00, doklevise, ds69, FOX, Frunze, galerija, goxin, haris1913, hyla, kayvan6079, laki_bb, MB120mm, mercedesamg, Milan A. Nikolic, opt1, pceklic, Pyrqe, Regrut Boskica, Ripanjac, samsung, sasa87, Singidunumac, Skywhaler, slonic_tonic, stokssone, Toper, vathra, VJ, Vlada1389, VladaNS1978, ZetaMan, zmajbre, Zoca, 223223