problem oko komekcije na net.?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 31 Jan 2010 13:47

problem se ispoljava na sledeci nacin:
kada ukljucim net sve lepo radi,i surfujem i ok. je ali se odjenom task bar ja mislim poremeti i pobeli na pola minuta..od tog momenta nemam pristup netu,a pise da je sve ok.
taj problem, se poceo ispoljavati polovimom,ili karjem prvom meseca mog koriscenja neta( pre 4 meseca)
moj zastitni softver (ako mislis na antivirus) je avira i ceo sam harver skenirao i nista nije nasao,a dok sam koristio probnu verziju kasperskog
detektovao je 4 kriticna stanja,i 3 trojanca i 1 crva kog sam otklonio....
pokusao sam resiti problem tako sto sam se obratio vama na ovom forumu!
raspolazem tip (wan miniport pppoe) a brzina je 100mb/s
to je sve...


evo su fajlovi notepada koji su se sami pojavili nakon sto sam aktivirao
dds:

DDS (Ver_09-12-01.01) - NTFSx86
Run by fgfg at 13:23:30,28 on ned 31.01.2010
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.383.74 [GMT 1:00]

AV: Kaspersky Anti-Virus *On-access scanning disabled* (Outdated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
AV: Kaspersky Anti-Virus Personal *On-access scanning disabled* (Outdated) {816CD617-99F4-4B18-828E-80582E4B044D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\mmm.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Picasa\PicasaMediaDetector.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Dealio Toolbar\SearchSettings.exe
C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\GetRight\getright.exe
C:\Program Files\GetRight\getright.exe
C:\Program Files\Opera\opera.exe
C:\Users\fgfg\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = [Link mogu videti samo ulogovani korisnici]
mSearch Page = ${URL_SEARCHPAGE}
mSearchAssistant = [Link mogu videti samo ulogovani korisnici]
uURLSearchHooks: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\dealio toolbar\SearchSettings.dll
mWinlogon: SfcDisable=-99 (0xffffff9d)
BHO: Dealio Toolbar: {01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} - c:\program files\dealio toolbar\ie\4.0.2\dealioToolbarIE.dll
BHO: ToggleEN Toolbar: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - c:\program files\toggleen\tbTogg.dll
BHO: bho2gr Class: {31ff080d-12a3-439a-a2ef-4ba95a3148e8} - c:\program files\getright\xx2gr.dll
BHO: Free Lunch Design Toolbar: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - c:\program files\free_lunch_design\tbFree.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky anti-virus 2010\ievkbd.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - c:\program files\xfirexo\tbXfir.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: ZaMRadio Toolbar: {d761e944-2372-486a-a545-9cff5c03cd9d} - c:\program files\zamradio\tbZaMR.dll
BHO: PHPNukeEN Toolbar: {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - c:\program files\phpnukeen\tbPHPN.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\dealio toolbar\SearchSettings.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky anti-virus 2010\klwtbbho.dll
TB: Free Lunch Design Toolbar: {57cc715d-37ca-44e4-9ec2-8c2cbddb25ec} - c:\program files\free_lunch_design\tbFree.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: MSN Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn toolbar\01.01.2607.0\en-us\msntb.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: XfireXO Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - c:\program files\xfirexo\tbXfir.dll
TB: ToggleEN Toolbar: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - c:\program files\toggleen\tbTogg.dll
TB: ZaMRadio Toolbar: {d761e944-2372-486a-a545-9cff5c03cd9d} - c:\program files\zamradio\tbZaMR.dll
TB: PHPNukeEN Toolbar: {dd02a4eb-4afd-4d60-99d8-e67f964ca813} - c:\program files\phpnukeen\tbPHPN.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: Dealio Toolbar: {01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} - c:\program files\dealio toolbar\ie\4.0.2\dealioToolbarIE.dll
uRun: [TaskSwitchXP] c:\program files\taskswitchxp\TaskSwitchXP.exe
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SkyTel] SkyTel.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [PowerTweak Menu] c:\windows\system32\mmm.exe
mRun: [VistaDrive] c:\windows\vistadrive\VistaDrive.exe
mRun: [SystemTray] SysTray.Exe
mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [LifeScape Media Detector] c:\program files\picasa\PicasaMediaDetector.exe
mRun: [VVSN] c:\program files\vvsn\VVSN.exe
mRun: [CallControl 4.7] "c:\program files\faxtalk communicator\FTCtrl32.exe" /autoload
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 2010\avp.exe"
mRun: [WinampAgent] c:\program files\winamp\winampa.exe
mRun: [Corel Photo Downloader] c:\program files\corel\corel snapfire plus\Corel Photo Downloader.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [amd_dc_opt] e:\runž\amd_dc_opt.exe
mRun: [SearchSettings] c:\program files\dealio toolbar\SearchSettings.exe
mRunOnce: [WIAWizardMenu] RUNDLL32.EXE c:\windows\system32\sti_ci.dll,WiaCreateWizardMenu
dRun: [TaskSwitchXP] c:\program files\taskswitchxp\TaskSwitchXP.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [nltide_2] regsvr32 /s /n /i:U shell32
dRunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
dRunOnce: [NewUser] %SystemRoot%\System32\NewUser.cmd
StartupFolder: c:\users\alluse~1\startm~1\programs\startup\getrig~1.lnk - c:\program files\getright\getright.exe
StartupFolder: c:\users\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\users\alluse~1\startm~1\programs\startup\interv~1.lnk - c:\program files\intervideo\common\bin\WinCinemaMgr.exe
uPolicies-explorer: NoSMMyPictures = 1 (0x1)
uPolicies-explorer: NoSMHelp = 1 (0x1)
uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
mPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
mPolicies-system: SynchronousMachineGroupPolicy = 0 (0x0)
mPolicies-system: SynchronousUserGroupPolicy = 0 (0x0)
dPolicies-explorer: NoSMMyPictures = 1 (0x1)
dPolicies-explorer: NoSMHelp = 1 (0x1)
dPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky internet security 2009\SCIEPlgn.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky anti-virus 2010\klwtbbho.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky anti-virus 2010\klwtbbho.dll
TCP: {5AA170C8-C097-4E3A-AEC6-743E39E9F0EF} = 62.240.12.1 62.240.12.2
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Name-Space Handler: ftp\DLA.IEClickMon - {A5A08E80-B472-11D2-89D1-0080C8C12A3A} -
Name-Space Handler: http\DLA.IEClickMon - {A5A08E80-B472-11D2-89D1-0080C8C12A3A} -
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: NVDESK32.DLL,c:\progra~1\kasper~1\kasper~1\mzvkbd.dll,c:\progra~1\kasper~1\kasper~1\adialhk.dll,c:\progra~1\kasper~1\kasper~1\kloehk.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
IFEO: notepad.exe - c:\windows\system32\Notepad2.exe

============= SERVICES / DRIVERS ===============

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 36880]
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-1-1 11608]
R1 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2009-9-1 128016]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2009-12-1 315408]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-1-1 108289]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-1-1 185089]
R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2010-1-8 380928]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-1-1 56816]
R2 AVP;Kaspersky Anti-Virus;c:\program files\kaspersky lab\kaspersky anti-virus 2010\avp.exe [2009-10-20 340456]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-10-30 54752]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [2008-3-13 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-3-25 24592]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-10-2 19472]
S2 StarWindService;StarWind iSCSI Service;c:\program files\alcohol soft\alcohol 120\starwind\starwindservice.exe --> c:\program files\alcohol soft\alcohol 120\starwind\StarWindService.exe [?]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\firebird\firebird_2_0\bin\fbserver.exe -s --> c:\program files\firebird\firebird_2_0\bin\fbserver.exe -s [?]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 idrmkl;idrmkl;c:\windows\temp\idrmkl.sys [2007-2-5 15872]

============== File Associations ===============

inffile=c:\windows\system32\Notepad2.exe %1
inifile=c:\windows\system32\Notepad2.exe %1
regfile="regedit.exe" "%1"
txtfile=c:\windows\system32\Notepad2.exe %1

=============== Created Last 30 ================

2010-01-30 21:14:02 0 d-----w- c:\users\fgfg\applic~1\RealWorld
2010-01-30 21:13:46 0 d-----w- c:\program files\RealWorld Paint.COM
2010-01-30 21:00:40 0 d-----w- c:\program files\UP
2010-01-30 20:52:06 0 d-----w- c:\program files\Paint Express
2010-01-28 19:52:43 77 ----a-w- c:\windows\system32\asr_gbven
2010-01-28 19:51:28 77 ----a-w- c:\windows\system32\asr_wxhpg
2010-01-14 15:51:54 454109 ----a-r- C:\txtsetup.sif
2010-01-14 15:51:54 259776 ----a-r- C:\$LDR$
2010-01-14 15:51:24 0 d-----w- C:\$WIN_NT$.~BT
2010-01-13 05:33:10 0 d-----w- c:\program files\JoWooD
2010-01-13 05:09:25 0 d-----w- c:\program files\Application Updater
2010-01-13 05:09:24 0 d-----w- c:\program files\Dealio Toolbar
2010-01-04 00:38:36 0 d-----w- c:\program files\Activision Value
2010-01-02 11:50:07 34304 ----a-w- c:\windows\system32\drivers\AmdLLD.sys
2010-01-02 09:34:24 0 d-----w- c:\users\alluse~1\applic~1\GRETECH
2010-01-01 22:00:11 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-01-01 22:00:06 0 d-----w- c:\users\alluse~1\applic~1\Avira
2010-01-01 22:00:06 0 d-----w- c:\program files\Avira
2010-01-01 21:53:08 0 d-----w- c:\program files\GRETECH

==================== Find3M ====================

2009-12-29 03:29:42 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-12-15 17:39:43 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-12-15 17:35:04 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-12-15 17:34:54 107832 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-12-15 17:34:42 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-12-15 17:34:42 2250024 ----a-w- c:\windows\system32\pbsvc.exe
2009-11-30 19:33:46 41872 ----a-w- c:\windows\system32\xfcodec.dll
2009-11-27 12:32:23 2516 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-11-19 10:13:11 2780 ----a-w- c:\windows\fonts\#aaifnt.ttf
2009-02-04 19:23:20 5 ----a-w- c:\program files\RavMonLog
2009-01-28 13:43:53 544 ----a-w- c:\program files\Steam.lnk
2008-11-20 19:30:28 62 ----a-w- c:\program files\error.txt
2008-09-30 19:52:33 197143 ----a-w- c:\program files\AnalysisLog.sr0
2008-08-31 05:01:49 333026 ----a-w- c:\program files\hph_ProductContextD2300.log
2008-01-18 04:05:18 335 ----a-w- c:\program files\netfxupdate.log
2006-10-06 01:56:28 280779 ----a-w- c:\program files\vistadrive.exe
2008-01-18 04:09:33 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008011720080118\index.dat

============= FINISH: 13:24:22,34 ===============

[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Imas dva antivirusa. Odluci se za jedan

[Link mogu videti samo ulogovani korisnici]

Dalje, gde su gmer ili rootrepeal logovi?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 31 Jan 2010 15:13

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]



i znam da imam dva anti virusa,aviru i kasperski,ali mi je kasp. istekao pa sada koristim aviru,jer kaspo. ne mogu da izbrisem!

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Jel si pokusao sa deinstalerom.

Ja ti dadoh link u svojoj prethodnoj poruci

[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

jesam,deinstalirao sam kasp. sta sada?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.



Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix.
U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE:
klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.

Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 01 Feb 2010 11:34

sve je ok. ali ne kapiram kako da deaktiviram to....

Dopuna: 01 Feb 2010 11:37

sve je ok. ali ne kapiram kako da deaktiviram to....

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

sta da deaktiviras? Aviru.. Pise ti sve lepo gore na onom linku

[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 01 Feb 2010 13:03

aeee ovaj ComboFix je jako naporan! ali sam sve lepo sredio i evo ga! u notepad verziji? jel oke?

:


[Link mogu videti samo ulogovani korisnici]

Dopuna: 01 Feb 2010 13:20

sta da radim,poajviio mi se balon u dolnjem desnom uglu an monitoru!
a ja sam kliknuo tamo i pojavilo mi se svasta!

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

To je samo security centar ponovo aktiviran.. nista strasno se nece dogoditi nit je moguce da se pojavi svasta.. Idemo dalje.


Skini ovaj program na desktop startuj ga i prati uputstva..

[Link mogu videti samo ulogovani korisnici]

Zatim :

Otvoriti Notepad i iskopirati sledeci tekst:

File::
c:\windows\Temp\idrmkl.sys

Folder::
c:\program files\RavMonLog

Driver::
idrmkl

Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.