MyCity » Ambulanta -> Arhiva Ambulante » trojanci unistavaju os non stop

trojanci unistavaju os non stop

Napisano na dan: 10.2.2011

trojanci unistavaju os non stop

Sledeća strana

Pagination

Odgovori

elizabeta1 Poslao: 10 Feb 2011 16:15 Idi na vrh
offline elizabeta1 Građanin Pridružio: 10 Jul 2009 Poruke: 100 Gde živiš: paris	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! vec sam pre par dana trazio pomoc,goran 888 se javio ali nisam nista mogao da prebacim od logova niti sta pa sam digao nov sistem,ali evo opet mrsi grafika kao i svasta drugo sve zivo zeza,i prosli put i ovaj ni anti virusi ni anti trojani nista nedetektuje ali kad pustim spybot on nadje dva trojanca koja nemoze da obrise opacki ru. (SBI&9E90BA5A)autorun settings-podesavanje autostarta HKEY-LOC AL-MACHINE-SOFTVARE......... i jos jedan takav trojan isti koji jedino detektuje spy bot i nemoze ih obrisati i kad sam digao nov OS opet su tu

Profil

1l padr1n0 Poslao: 10 Feb 2011 16:25 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav elizabeta1! Da bi smo mogli da ti pomognemo, potrebno je da otvoris temu po Uputstvu. Ukoliko nesto nije najjasnije, pregledaj prethodne teme u Ambulanti, da bi video kako su ostali clanovi otvarali svoje teme i iznosili svoje probleme vezane za malware. Uputstvo se nalazi ovde: http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html detaljno procitaj, isprati korake, postavi potrebne log-ove dijagnostickih alata i screenshot-ove detekcija goran9888 (AMF Tim)

Profil

elizabeta1 Poslao: 10 Feb 2011 17:09 Idi na vrh
offline elizabeta1 Građanin Pridružio: 10 Jul 2009 Poruke: 100 Gde živiš: paris	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 10 Feb 2011 16:39 DDS (Ver_10-12-12.02) - NTFSx86 Run by kiki at 16:20:23,63 on 10/02/2011 Internet Explorer: 9.0.7930.16406 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.33.1033.18.3583.2005 [GMT 1:00] AV: avast! antivirus Enabled/Updated {C37D8F93-0602-E43C-40AA-47DAD597F308} SP: avast! antivirus Enabled/Updated {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5} SP: Windows Defender Enabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\nvvsvc.exe C:\Windows\Explorer.EXE C:\Windows\system32\Dwm.exe C:\Windows\system32\FBAgent.exe C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Program Files\MCShield\MCShieldRTM.exe C:\Program Files\MCShield\MCShieldTray.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe C:\Windows\system32\taskhost.exe C:\Users\kiki\AppData\Local\Temp\ieudinit.exe C:\Windows\system32\taskeng.exe C:\Program Files\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files\ASUS\ASUS Live Update\ALU.exe C:\Program Files\ASUS\Wireless Console 3\wcourier.exe C:\Program Files\ASUS\SmartLogon\sensorsrv.exe C:\Program Files\P4G\BatteryLife.exe C:\Program Files\ASUS\Net4Switch\Net4Switch.exe C:\Program Files\ASUS\Splendid\ACMON.exe C:\Windows\System32\ACEngSvr.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Windows\system32\DllHost.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe C:\Windows\AsScrPro.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe C:\Windows\system32\Macromed\Flash\FlashUtil10m_ActiveX.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\kiki\Desktop\dds.scr C:\Windows\system32\conhost.exe ============== Pseudo HJT Report =============== uStart Page = hxxp://www.google.fr/ uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [MCShield] c:\program files\mcshield\MCShieldRTM.exe uRun: [MCShieldTray] c:\program files\mcshield\MCShieldTray.exe uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe uRunOnce: [ieudinit] c:\users\kiki\appdata\local\temp\ieudinit.vbs mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [ATKOSD2] c:\program files\asus\atk package\atkosd2\ATKOSD2.exe mRun: [ATKMEDIA] c:\program files\asus\atk package\atk media\DMedia.exe mRun: [HControlUser] c:\program files\asus\atk package\atk hotkey\HControlUser.exe mRun: [ETDWare] c:\program files\elantech\ETDCtrl.exe mRun: [AmIcoSinglun] c:\program files\amicosinglun\AmIcoSinglun.exe mRun: [avast!] "c:\program files\alwil software\avast4\ashDisp.exe" mRun: [TrojanScanner] c:\program files\trojan remover\Trjscan.exe /boot mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\fancys~1.lnk - c:\windows\installer\{f0df4513-3c4c-4eb8-8012-2c5f70af3988}\_A1DDD39913A1970387B7B3.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\srspre~1.lnk - c:\windows\installer\{e5cf6b9c-3abe-43c9-9413-ad5ffc98f049}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll LSA: Notification Packages = scecli c:\program files\asus\asus data security manager\ASPWDFLT ============= SERVICES / DRIVERS =============== R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2011-2-7 114768] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128] R2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-2-7 283264] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-2-7 20560] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-2-7 53328] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2011-2-7 138680] R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2010-2-28 821664] R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2009-12-2 483688] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-1-7 378984] R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2011-2-7 254040] R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2011-2-7 352920] R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2011-2-7 94208] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-2-10 122984] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-6-23 275048] R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2009-12-2 550760] R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2009-12-2 195944] R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2009-12-2 21864] R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2009-12-2 19304] R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2009-12-2 209768] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2011-2-7 39272] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-2-7 1343400] S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040] =============== Created Last 30 ================ 2011-02-10 14:50:17 -------- d-----w- c:\program files\Spybot - Search & Destroy 2011-02-10 14:50:17 -------- d-----w- c:\progra~2\Spybot - Search & Destroy 2011-02-10 14:28:46 -------- d-----w- c:\program files\NVIDIA Corporation 2011-02-10 14:28:14 -------- d-----w- C:\NVIDIA 2011-02-10 14:08:59 -------- d-----w- c:\users\kiki\appdata\local\SoftGrid Client 2011-02-10 14:04:36 -------- d-----w- c:\users\kiki\appdata\roaming\SoftGrid Client 2011-02-10 14:02:29 139333896 ----a-w- c:\users\kiki\266.58_notebook_winvista_win7_32bit_international_whql.exe 2011-02-10 14:02:11 -------- d-----w- c:\program files\Microsoft Application Virtualization Client 2011-02-10 14:00:49 -------- d-----w- c:\users\kiki\appdata\roaming\TP 2011-02-10 14:00:45 1628560 ----a-w- C:\X16-57061_FCMHT-YGMJK-QYBM8-94466-JT32B.exe 2011-02-10 09:12:25 -------- d-----w- c:\users\kiki\appdata\local\{6C8898E3-AD69-492B-9095-7311A95943DF} 2011-02-10 09:12:25 -------- d-----w- c:\users\kiki\appdata\local\{29E2F247-D3EE-4D49-B826-54E0C072FE74} 2011-02-10 03:34:56 -------- d-----w- c:\users\kiki\appdata\roaming\MCShield 2011-02-10 03:34:54 -------- d-----w- c:\program files\MCShield 2011-02-10 00:33:22 -------- d-----w- c:\program files\MSXML 4.0 2011-02-10 00:06:26 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\backup\mpengine.dll 2011-02-10 00:06:24 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{bd28cdeb-2f1b-46b0-926f-9ac239d349cc}\mpengine.dll 2011-02-09 22:51:23 -------- d-----w- c:\users\kiki\appdata\local\Microsoft Help 2011-02-09 21:10:21 -------- d-----w- c:\users\kiki\appdata\local\{8A82CCA4-7429-41AE-8778-228B9C17D7EA} 2011-02-09 14:54:43 -------- d-----w- c:\program files\DAEMON Tools Toolbar 2011-02-09 14:54:13 -------- d-----w- c:\users\kiki\appdata\roaming\DAEMON Tools Lite 2011-02-09 14:54:13 -------- d-----w- c:\progra~2\DAEMON Tools Lite 2011-02-09 14:34:49 2381824 ----a-w- c:\windows\system32\mshtml.tlb 2011-02-09 14:34:48 1448448 ----a-w- c:\windows\system32\inetcpl.cpl 2011-02-09 14:31:33 -------- d-----w- c:\program files\Microsoft IntelliPoint 2011-02-09 14:06:41 -------- d-----w- c:\progra~2\WEBREG 2011-02-09 14:05:07 315392 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpfpp083.dll 2011-02-09 14:03:24 -------- d-----w- c:\program files\Yahoo! 2011-02-09 14:02:22 -------- d-----w- c:\users\kiki\appdata\roaming\HpUpdate 2011-02-09 13:59:20 -------- d-----w- c:\program files\common files\HP 2011-02-09 13:58:09 -------- d-----w- c:\program files\common files\Hewlett-Packard 2011-02-09 13:57:21 271704 ----a-w- c:\windows\system32\hpzids01.dll 2011-02-09 13:57:12 121344 ----a-w- c:\windows\system32\hpf3l083.dll 2011-02-09 13:57:08 974848 ----a-w- c:\windows\system32\hpost_p02b.dll 2011-02-09 13:57:08 737280 ----a-w- c:\windows\system32\hposwia_p02b.dll 2011-02-09 13:57:07 307200 ----a-w- c:\windows\system32\hposc_p02a.dll 2011-02-09 13:56:23 -------- d-----w- c:\program files\HP 2011-02-09 10:06:45 77312 ----a-w- c:\windows\system32\ztvunace26.dll 2011-02-09 10:06:45 75264 ----a-w- c:\windows\system32\unacev2.dll 2011-02-09 10:06:45 69632 ----a-w- c:\windows\system32\ztvcabinet.dll 2011-02-09 10:06:45 162304 ----a-w- c:\windows\system32\ztvunrar36.dll 2011-02-09 10:06:45 153088 ----a-w- c:\windows\system32\UNRAR3.dll 2011-02-09 10:06:24 -------- d-----w- c:\users\kiki\appdata\roaming\Simply Super Software 2011-02-09 10:06:24 -------- d-----w- c:\program files\Trojan Remover 2011-02-09 10:06:24 -------- d-----w- c:\progra~2\Simply Super Software 2011-02-09 10:05:58 9399608 ----a-w- C:\trjsetup681.exe 2011-02-09 09:09:56 -------- d-----w- c:\users\kiki\appdata\local\{6BE3AEB7-36B2-45C5-A4E6-96B6B31788A0} 2011-02-08 21:09:44 -------- d-----w- c:\users\kiki\appdata\local\{2121CD93-A823-44C3-9CF3-420DB3415B19} 2011-02-08 08:50:04 -------- d-----w- c:\users\kiki\appdata\local\{34BA7BDF-5944-4726-95F7-4E34FB42871E} 2011-02-07 21:22:40 -------- d-----w- c:\users\kiki\appdata\local\Adobe 2011-02-07 19:15:15 -------- d-----w- c:\windows\Panther 2011-02-07 17:06:25 -------- d-----w- c:\users\kiki\appdata\local\{BE6AC83A-6911-4D25-9F01-6C9EF9E4FD10} 2011-02-07 17:06:11 -------- d-----w- c:\users\kiki\Tracing 2011-02-07 15:29:23 -------- d-----w- c:\windows\sr-latn-cs 2011-02-07 15:25:57 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2011-02-07 15:23:10 -------- d-----w- c:\windows\en 2011-02-07 15:20:34 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2011-02-07 15:15:08 -------- d-----w- c:\windows\PCHEALTH 2011-02-07 15:14:03 -------- d-----w- c:\program files\Microsoft 2011-02-07 15:13:37 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2011-02-07 15:13:37 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2011-02-07 15:13:37 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2011-02-07 15:12:59 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2011-02-07 15:12:14 469256 ----a-w- c:\program files\common files\windows live\.cache\64e341681cbc6d907\InstallManager_WLE_WLE.exe 2011-02-07 15:11:45 15712 ----a-w- c:\program files\common files\windows live\.cache\546931301cbc6d906\MeshBetaRemover.exe 2011-02-07 15:11:38 94040 ----a-w- c:\program files\common files\windows live\.cache\50df95401cbc6d905\DSETUP.dll 2011-02-07 15:11:38 525656 ----a-w- c:\program files\common files\windows live\.cache\50df95401cbc6d905\DXSETUP.exe 2011-02-07 15:11:38 1691480 ----a-w- c:\program files\common files\windows live\.cache\50df95401cbc6d905\dsetup32.dll 2011-02-07 15:11:28 94040 ----a-w- c:\program files\common files\windows live\.cache\49edef201cbc6d904\DSETUP.dll 2011-02-07 15:11:28 525656 ----a-w- c:\program files\common files\windows live\.cache\49edef201cbc6d904\DXSETUP.exe 2011-02-07 15:11:28 1691480 ----a-w- c:\program files\common files\windows live\.cache\49edef201cbc6d904\dsetup32.dll 2011-02-07 15:11:17 2983424 ----a-w- c:\windows\system32\UIRibbon.dll 2011-02-07 15:11:16 6260088 ----a-w- c:\program files\common files\windows live\.cache\406ec8201cbc6d903\Silverlight.4.0.exe 2011-02-07 15:11:16 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll 2011-02-07 15:10:04 -------- d-----w- c:\users\kiki\appdata\local\Windows Live 2011-02-07 15:10:02 -------- d-----w- c:\program files\common files\Windows Live 2011-02-07 12:59:50 240008 ----a-w- c:\windows\system32\drivers\netio.sys 2011-02-07 12:50:42 -------- d-----w- c:\windows\system32\Wat 2011-02-07 12:12:47 196608 ----a-w- c:\windows\system32\mfreadwrite.dll 2011-02-07 12:12:46 3181568 ----a-w- c:\windows\system32\mf.dll 2011-02-07 12:12:46 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL 2011-02-07 12:10:59 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll 2011-02-07 11:11:17 -------- d-----w- c:\users\kiki\appdata\local\lUNA 2011-02-07 11:01:39 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-02-07 11:01:39 499712 ----a-w- c:\windows\system32\MSVCP71.dll 2011-02-07 11:01:39 348160 ----a-w- c:\windows\system32\MSVCR71.dll 2011-02-07 11:01:39 1060864 ----a-w- c:\windows\system32\MFC71.dll 2011-02-07 10:57:50 257024 ----a-w- c:\windows\system32\msv1_0.dll 2011-02-07 10:56:52 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2011-02-07 10:56:52 49472 ----a-w- c:\windows\system32\netfxperf.dll 2011-02-07 10:56:52 297808 ----a-w- c:\windows\system32\mscoree.dll 2011-02-07 10:56:52 295264 ----a-w- c:\windows\system32\PresentationHost.exe 2011-02-07 10:56:52 1130824 ----a-w- c:\windows\system32\dfshim.dll 2011-02-07 10:53:50 -------- d-----w- C:\eSupport 2011-02-07 10:53:46 53248 ----a-w- c:\windows\system32\LogonStart.dll 2011-02-07 10:53:35 283264 ----a-w- c:\windows\system32\FBAgent.exe 2011-02-07 10:53:28 -------- d-----w- c:\program files\common files\ControlDeck 2011-02-07 10:53:19 520192 ----a-w- c:\windows\system32\ASUS_Screensaver.scr 2011-02-07 10:53:19 -------- d-----w- c:\windows\system32\ASUS_Screensaver dir 2011-02-07 10:52:43 3054136 ----a-w- c:\windows\AsScrPro.exe 2011-02-07 10:52:08 -------- d-----w- c:\progra~2\ASUS 2011-02-07 10:52:02 -------- d--h--w- C:\ASUS.DAT 2011-02-07 10:51:51 293376 ----a-w- c:\windows\system32\browserchoice.exe 2011-02-07 10:51:45 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-02-07 10:51:20 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll 2011-02-07 10:51:20 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll 2011-02-07 10:51:20 225280 ----a-w- c:\program files\common files\installshield\iscript\iscript.dll 2011-02-07 10:51:20 176128 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll 2011-02-07 10:50:54 30264 ----a-w- c:\windows\system32\drivers\AsDsm.sys 2011-02-07 10:50:35 155648 ----a-w- c:\windows\system32\ACEngSvr.exe 2011-02-07 10:50:22 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys 2011-02-07 10:50:12 190976 ----a-w- c:\windows\system32\drivers\ks.sys 2011-02-07 10:50:12 146304 ----a-w- c:\windows\system32\drivers\usbvideo.sys 2011-02-07 10:49:35 -------- d-----w- c:\program files\Feedback Tool 2011-02-07 10:49:11 -------- d-----w- c:\program files\P4G 2011-02-07 10:49:11 -------- d-----w- c:\progra~2\P4G 2011-02-07 10:48:47 -------- d-----w- c:\progra~2\AmUStor 2011-02-07 10:48:46 -------- d-----w- c:\program files\AmIcoSingLun 2011-02-07 10:48:23 194488 ----a-w- c:\windows\system32\drivers\fvevol.sys 2011-02-07 10:48:06 507568 ----a-w- c:\windows\system32\winload.exe 2011-02-07 10:48:06 1320960 ----a-w- c:\windows\system32\CertEnroll.dll 2011-02-07 10:48:05 442920 ----a-w- c:\windows\system32\winresume.exe 2011-02-07 10:48:05 -------- d-----w- c:\program files\Elantech 2011-02-07 10:48:01 94208 ----a-w- c:\windows\system32\drivers\ETD.sys 2011-02-07 10:48:01 4517376 ----a-w- c:\windows\system32\ETDUI.cpl 2011-02-07 10:46:49 516096 ----a-w- c:\program files\windows mail\wab.exe 2011-02-07 10:45:59 310784 ----a-w- c:\windows\system32\drivers\srv.sys 2011-02-07 10:44:50 551456 ----a-w- c:\windows\system32\RTSndMgr.cpl 2011-02-07 10:40:07 -------- d-----w- c:\program files\ASUS 2011-02-07 10:39:27 485920 ----a-w- c:\windows\system32\nvuhda.exe 2011-02-07 10:39:27 155648 ----a-w- c:\windows\system32\nvcohda.dll 2011-02-07 10:37:55 584296 ----a-w- c:\windows\system32\nvudisp.exe 2011-02-07 10:31:05 129784 ------w- c:\windows\system32\pxafs.dll 2011-02-07 10:29:19 -------- d-sh--w- c:\windows\Installer 2011-02-07 10:24:55 -------- d-----w- c:\windows\system32\wbem\Performance 2011-02-07 10:23:48 172032 ----a-w- c:\windows\system32\wintrust.dll 2011-02-07 10:23:43 132608 ----a-w- c:\windows\system32\cabview.dll ==================== Find3M ==================== 2011-01-08 03:27:00 941160 ----a-w- c:\windows\system32\nvdispco322090.dll 2011-01-08 03:27:00 837736 ----a-w- c:\windows\system32\nvgenco322040.dll 2011-01-08 03:27:00 57960 ----a-w- c:\windows\system32\OpenCL.dll 2011-01-08 03:27:00 5653096 ----a-w- c:\windows\system32\nvwgf2um.dll 2011-01-08 03:27:00 4941928 ----a-w- c:\windows\system32\nvcuda.dll 2011-01-08 03:27:00 2895976 ----a-w- c:\windows\system32\nvcuvid.dll 2011-01-08 03:27:00 2251368 ----a-w- c:\windows\system32\nvcuvenc.dll 2011-01-08 03:27:00 1965672 ----a-w- c:\windows\system32\nvapi.dll 2011-01-08 03:27:00 15047272 ----a-w- c:\windows\system32\nvoglv32.dll 2011-01-08 03:27:00 13011560 ----a-w- c:\windows\system32\nvcompiler.dll 2011-01-08 03:27:00 10078312 ----a-w- c:\windows\system32\nvd3dum.dll 2011-01-07 20:06:28 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll 2011-01-07 20:06:22 3597416 ----a-w- c:\windows\system32\nvcpl.dll 2011-01-07 20:06:14 2620520 ----a-w- c:\windows\system32\nvsvc.dll 2011-01-07 20:06:08 608872 ----a-w- c:\windows\system32\nvvsvc.exe 2011-01-07 20:06:08 288872 ----a-w- c:\windows\system32\nvhotkey.dll 2011-01-07 20:06:08 2558568 ----a-w- c:\windows\system32\nvsvcr.dll 2011-01-07 20:06:08 111208 ----a-w- c:\windows\system32\nvmctray.dll 2011-01-07 07:27:11 34304 ----a-w- c:\windows\system32\atmlib.dll 2011-01-07 05:33:11 294400 ----a-w- c:\windows\system32\atmfd.dll 2011-01-05 03:37:38 2329088 ----a-w- c:\windows\system32\win32k.sys 2010-12-21 05:38:24 73728 ----a-w- c:\windows\system32\wscsvc.dll 2010-12-21 05:38:24 51200 ----a-w- c:\windows\system32\wscapi.dll 2010-12-21 05:38:22 350720 ----a-w- c:\windows\system32\winhttp.dll 2010-12-21 05:38:21 204800 ----a-w- c:\windows\system32\WebClnt.dll 2010-12-21 05:38:19 204288 ----a-w- c:\windows\system32\upnp.dll 2010-12-21 05:38:16 14336 ----a-w- c:\windows\system32\slwga.dll 2010-12-21 05:36:17 1389568 ----a-w- c:\windows\system32\msxml6.dll 2010-12-21 05:36:16 1236992 ----a-w- c:\windows\system32\msxml3.dll 2010-12-21 05:34:12 80384 ----a-w- c:\windows\system32\davclnt.dll 2010-12-18 05:29:31 541184 ----a-w- c:\windows\system32\kerberos.dll 2010-12-02 09:12:06 837224 ----a-w- c:\windows\system32\nvgenco32hda.dll ============= FINISH: 16:20:58,28 =============== mycity.rs/must-login.png mycity.rs/must-login.png evo prvih rezultata a gmer se oduzio....... Dopuna: 10 Feb 2011 17:09 mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png evo konacno

Profil

1l padr1n0 Poslao: 10 Feb 2011 17:59 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U toku resavanja slucaja, zamolio bih te da se pridrzavas sledeceg: Detaljno citati moja uputstva (ili uputstva kolega koji ce me zamenjivati) i raditi iskljucivo po njima; Ne traziti istovremeno pomoc na drugom mestu; Nemoj koristiti druge programe za uklanjanje malware-a, osim onih za koje budes dobio uputstvo; U toku intervencije ne koristiti USB memorijske uredjaje, dok to ne budem zatrazio; Ukoliko ne odgovorim u roku od 48h, osvezi temu novim post-om; Ukoliko se ne javis u roku od 5 dana, zatvoricemo slucaj. Za vise informacija o pravilima Ambulante MyCity foruma: LINK ------------------------------------------------------------------------------------- Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku. goran9888 (AMF Tim)

Profil

elizabeta1 Poslao: 10 Feb 2011 18:54 Idi na vrh
offline elizabeta1 Građanin Pridružio: 10 Jul 2009 Poruke: 100 Gde živiš: paris	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 10 Feb 2011 18:24 mycity.rs/must-login.png Dopuna: 10 Feb 2011 18:54 treba li da deinstaliram combo fix

Profil

1l padr1n0 Poslao: 10 Feb 2011 21:16 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nigde ne zurimo. Samo polako ... Ovde problem nije do malware-a. Otvori novu temu u potforumu Windows: http://www.mycity.rs/Windows/ Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. Instaliraj Anti-Virus. Moja preporuka ti je da instaliras (samo) jedan od besplatnih varijanti tipa: Avast, Avira, AVG, Panda Cloud, Microsoft Security Essentials, itd ... Koristio si staru verziju Avast-a, pa je pozeljno da ako vec koristis neki AV, skines najnoviju verziju sa oficijelnog sajta (dovoljno je da ukucas naziv AV-a u Google pretragu).

Profil

elizabeta1 Poslao: 10 Feb 2011 22:48 Idi na vrh
offline elizabeta1 Građanin Pridružio: 10 Jul 2009 Poruke: 100 Gde živiš: paris	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 10 Feb 2011 22:37 nemogu da ga uklonim kad ukucam ovo u run on mi nudi da opet instaliram ili izbaci ovo YOU APPEAR HAVE A CORRUPT DOWNLOAD DA INSTALIRAM NOVU VERZIJU COMBO FIKSA I DA GA MOGU ZATVORITI U DESNOM UGLU Dopuna: 10 Feb 2011 22:48 uspeo sam))))

Profil

MyCity » Ambulanta -> Arhiva Ambulante » trojanci unistavaju os non stop

Ko je trenutno na forumu

Ukupno su 864 korisnika na forumu :: 10 registrovanih, 1 sakriven i 853 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: comi_pfc, Darko_X, draggan, havoc995, pein, prle122, Shilok, stalja, zlaya011, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by