MyCity » Ambulanta -> Arhiva Ambulante » virus sa usba

virus sa usba

Napisano na dan: 19.2.2009

Strana:
1
2

virus sa usba

Sledeća strana

Pagination

Odgovori

Strana:
1
2

nikolankl Poslao: 19 Feb 2009 00:36 Idi na vrh
offline nikolankl Novi MyCity građanin Pridružio: 19 Feb 2009 Poruke: 9	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 0:20:40, on 19.2.2009 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16386) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\IDT\WDM\sttray.exe C:\Windows\System32\WLTRAY.EXE C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\DellTPad\Apoint.exe C:\Win\lsass.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\nikola\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv0.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv0.dll O3 - Toolbar: Live TV Toolbar - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - C:\Program Files\Live_TV\tbLiv0.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [run32] C:\Win\lsass.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O13 - Gopher Prefix: O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c204e27d\aestsrv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c204e27d\STacSV.exe O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE -- End of file - 7338 bytes kopirao sam nesto sa usba i racunar je poceo cudno da se ponasa. ne rade mi shift ni caps, a kada kucam, slova se pojavljuju veoma sporo. ponekad se ponasa kao da je taster shift zaglavljen. kada skeniram nod av javlja da je sve cisto. moze pomoc?

Profil

dr_Bora Poslao: 19 Feb 2009 16:57 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Pokreni ESET Smart Security/ESET NOD32 na sledeci nacin : Start>All Programs>ESET>ESET Smart Security ili pak ESET NOD32 Antivirus(ukoliko koristis samo Antivirus resenje). * Kada ti se otvori glavni prozor programa, klikni na Setup opciju sa leve strane prozora; * Izaberi Antivirus and antispyware opciju i klikni na Temporarily disable Antivirus and antispyware protection. * Na sledece pitanje klikni Yes. Napomena: Ne zaboravi da ukljuciš ovu opciju po završetku cišcenja. ------------------------------------------------------------------------------------- Skini ComboFix sa jedne od sledecih adresa na Desktop: [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

nikolankl Poslao: 19 Feb 2009 17:25 Idi na vrh
offline nikolankl Novi MyCity građanin Pridružio: 19 Feb 2009 Poruke: 9	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! evo ga: ComboFix 09-02-18.01 - nikola 2009-02-19 17:12:56.1 - NTFSx86 Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1252.1.1033.18.2037.1101 [GMT 1:00] Running from: c:\users\nikola\Desktop\ComboFix.exe AV: ESET NOD32 Antivirus 3.0 On-access scanning disabled (Updated) * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013 c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini . ((((((((((((((((((((((((( Files Created from 2009-01-19 to 2009-02-19 ))))))))))))))))))))))))))))))) . 2009-02-19 13:54 . 2009-02-19 13:54 <DIR> d-------- c:\users\nikola\AppData\Roaming\Malwarebytes 2009-02-19 13:54 . 2009-02-19 13:54 <DIR> d-------- c:\programdata\Malwarebytes 2009-02-19 13:54 . 2009-02-19 13:54 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-02-19 13:54 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys 2009-02-19 13:54 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys 2009-02-18 23:26 . 2009-02-18 23:26 <DIR> d-------- c:\programdata\Yahoo! Companion 2009-02-18 16:50 . 2008-04-18 22:43 170,032 --a------ c:\windows\System32\drivers\Apfiltr.sys 2009-02-18 16:50 . 2008-01-19 16:53 100,546 --a------ c:\windows\System32\Vxdif.dll 2009-02-18 16:40 . 2009-02-18 16:40 2,560 --a------ c:\windows\_MSRSTRT.EXE 2009-02-17 20:36 . 2009-02-17 20:37 <DIR> dr-hs---- C:\Win 2009-02-16 12:07 . 2009-02-16 12:07 <DIR> d-------- c:\program files\URUSoft 2009-02-15 22:30 . 2009-02-19 04:03 <DIR> d-------- c:\users\nikola\AppData\Roaming\skypePM 2009-02-15 22:30 . 2009-02-15 22:30 56 --ah----- c:\windows\System32\ezsidmv.dat 2009-02-15 22:28 . 2009-02-19 04:04 <DIR> d-------- c:\users\nikola\AppData\Roaming\Skype 2009-02-15 22:28 . 2009-02-15 22:28 <DIR> d-------- c:\programdata\Skype 2009-02-15 22:28 . 2009-02-15 22:28 <DIR> dr------- c:\program files\Skype 2009-02-15 22:28 . 2009-02-15 22:28 <DIR> d-------- c:\program files\Common Files\Skype 2009-02-12 01:00 . 2009-02-12 01:01 <DIR> d-------- c:\programdata\Yahoo! 2009-02-10 19:47 . 2009-02-10 19:48 <DIR> d-------- C:\Total_Training 2009-02-10 03:25 . 2009-02-10 03:25 <DIR> d-------- c:\programdata\Adobe Systems 2009-02-10 03:19 . 2009-02-10 03:19 <DIR> d-------- c:\program files\Common Files\Adobe Systems Shared 2009-02-09 12:31 . 2009-02-10 15:06 <DIR> d-------- c:\program files\Macromedia 2009-02-09 12:31 . 2009-02-09 12:35 <DIR> d-------- c:\program files\Common Files\Macromedia 2009-01-30 18:52 . 2009-01-30 18:52 <DIR> d-------- c:\users\nikola\AppData\Roaming\vlc 2009-01-30 18:51 . 2009-01-30 18:51 <DIR> d-------- c:\program files\VideoLAN 2009-01-26 01:22 . 2009-01-26 01:41 <DIR> d-------- c:\program files\GRETECH 2009-01-24 23:47 . 2009-01-24 23:47 224,768 --a------ c:\windows\System32\drivers\usbport.sys 2009-01-24 23:47 . 2009-01-24 23:47 192,000 --a------ c:\windows\System32\drivers\usbhub.sys 2009-01-24 23:47 . 2009-01-24 23:47 73,216 --a------ c:\windows\System32\drivers\usbccgp.sys 2009-01-24 23:47 . 2009-01-24 23:47 38,912 --a------ c:\windows\System32\drivers\hidclass.sys 2009-01-24 23:47 . 2009-01-24 23:47 38,400 --a------ c:\windows\System32\drivers\usbehci.sys 2009-01-24 23:47 . 2009-01-24 23:47 25,472 --a------ c:\windows\System32\drivers\hidparse.sys 2009-01-24 23:47 . 2009-01-24 23:47 23,040 --a------ c:\windows\System32\drivers\usbuhci.sys 2009-01-24 23:47 . 2009-01-24 23:47 12,288 --a------ c:\windows\System32\drivers\hidusb.sys 2009-01-24 23:47 . 2009-01-24 23:47 8,704 --a------ c:\windows\System32\hccoin.dll 2009-01-24 23:47 . 2009-01-24 23:47 5,888 --a------ c:\windows\System32\drivers\usbd.sys 2009-01-24 23:46 . 2009-01-24 23:46 414,208 --a------ c:\windows\System32\msdri.dll 2009-01-24 23:46 . 2009-01-24 23:46 292,352 --a------ c:\windows\System32\psisdecd.dll 2009-01-24 23:46 . 2009-01-24 23:46 218,624 --a------ c:\windows\System32\psisrndr.ax 2009-01-24 23:46 . 2009-01-24 23:46 110,264 --a------ c:\windows\System32\drivers\ataport.sys 2009-01-24 23:46 . 2009-01-24 23:46 80,384 --a------ c:\windows\System32\MSNP.ax 2009-01-24 23:46 . 2009-01-24 23:46 68,608 --a------ c:\windows\System32\Mpeg2Data.ax 2009-01-24 23:46 . 2009-01-24 23:46 57,856 --a------ c:\windows\System32\MSDvbNP.ax 2009-01-24 23:46 . 2009-01-24 23:46 53,760 --a------ c:\windows\System32\drivers\hdaudbus.sys 2009-01-24 23:46 . 2009-01-24 23:46 45,240 --a------ c:\windows\System32\drivers\pciidex.sys 2009-01-24 23:46 . 2009-01-24 23:46 21,688 --a------ c:\windows\System32\drivers\atapi.sys 2009-01-24 23:46 . 2009-01-24 23:46 17,592 --a------ c:\windows\System32\drivers\intelide.sys 2009-01-24 23:45 . 2009-01-24 23:45 242,688 --a------ c:\windows\System32\drivers\rdpdr.sys 2009-01-24 23:45 . 2009-01-24 23:45 220,160 --a------ c:\windows\System32\drivers\bthport.sys 2009-01-24 23:45 . 2009-01-24 23:45 181,760 --a------ c:\windows\System32\fsquirt.exe 2009-01-24 23:45 . 2009-01-24 23:45 140,392 --a------ c:\windows\System32\drivers\pci.sys 2009-01-24 23:45 . 2009-01-24 23:45 50,792 --a------ c:\windows\System32\drivers\termdd.sys 2009-01-24 23:45 . 2009-01-24 23:45 50,280 --a------ c:\windows\System32\drivers\volmgr.sys 2009-01-24 23:45 . 2009-01-24 23:45 29,184 --a------ c:\windows\System32\drivers\BTHUSB.SYS 2009-01-24 23:45 . 2009-01-24 23:45 28,776 --a------ c:\windows\System32\drivers\mssmbios.sys 2009-01-24 23:45 . 2009-01-24 23:45 22,632 --a------ c:\windows\System32\streamci.dll 2009-01-24 23:45 . 2009-01-24 23:45 19,456 --a------ c:\windows\System32\drivers\bthenum.sys 2009-01-24 23:45 . 2009-01-24 23:45 13,928 --a------ c:\windows\System32\drivers\msisadrv.sys 2009-01-24 23:45 . 2009-01-24 23:45 12,776 --a------ c:\windows\System32\drivers\swenum.sys 2009-01-24 20:02 . 2006-11-02 11:23 <DIR> dr------- c:\users\RA Media Server\Videos 2009-01-24 20:02 . 2006-11-02 11:23 <DIR> d-------- c:\users\RA Media Server\Saved Games 2009-01-24 20:02 . 2006-11-02 11:23 <DIR> dr------- c:\users\RA Media Server\Pictures 2009-01-24 20:02 . 2006-11-02 11:23 <DIR> dr------- c:\users\RA Media Server\Music 2009-01-24 20:02 . 2006-11-02 11:23 <DIR> dr------- c:\users\RA Media Server\Links 2009-01-24 20:02 . 2006-11-02 11:23 <DIR> dr------- c:\users\RA Media Server\Downloads 2009-01-24 20:02 . 2009-01-24 20:03 <DIR> dr------- c:\users\RA Media Server\Documents 2009-01-24 20:02 . 2006-11-02 12:18 <DIR> d--h----- c:\users\RA Media Server\AppData 2009-01-24 20:02 . 2009-01-24 20:03 <DIR> d-------- c:\users\RA Media Server 2009-01-24 20:01 . 2009-01-24 23:33 <DIR> d-a------ c:\programdata\TEMP 2009-01-23 18:50 . 2009-02-05 00:08 <DIR> d-------- c:\users\Public\T.B.01.08 2009-01-20 15:45 . 2009-01-20 15:45 <DIR> d-------- c:\program files\MySQL 2009-01-20 15:01 . 2009-01-20 15:01 <DIR> d-------- c:\programdata\Apple Computer 2009-01-20 15:01 . 2009-01-20 15:01 <DIR> d-------- c:\programdata\Apple 2009-01-20 15:01 . 2009-01-20 15:02 <DIR> d-------- c:\program files\QuickTime 2009-01-20 15:01 . 2009-01-20 15:01 <DIR> d-------- c:\program files\Common Files\Apple 2009-01-20 15:01 . 2009-01-20 15:01 <DIR> d-------- c:\program files\Apple Software Update . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-19 13:57 --------- d-----w c:\program files\Live_TV 2009-02-19 03:03 --------- d-----w c:\users\nikola\AppData\Roaming\mIRC 2009-02-19 03:03 --------- d-----w c:\program files\mIRC 2009-02-19 02:15 --------- d-----w c:\users\nikola\AppData\Roaming\BitTorrent 2009-02-18 22:18 --------- d-----w c:\program files\Yahoo! 2009-02-18 15:51 --------- d-----w c:\program files\DellTPad 2009-02-18 15:41 --------- d-----w c:\program files\RADIO_USA 2009-02-18 14:15 --------- d-----w c:\programdata\Microsoft Help 2009-02-18 12:51 --------- d-----w c:\users\nikola\AppData\Roaming\DNA 2009-02-18 12:49 --------- d-----w c:\program files\DNA 2009-02-10 16:09 --------- d-----w c:\program files\Opera 2009-02-10 02:21 --------- d-----w c:\program files\Common Files\Adobe 2009-02-07 23:14 --------- d-----w c:\program files\Common Files\InstallShield 2009-02-04 01:28 197 ----a-w c:\windows\system32\drivers\stwrte.log 2009-01-24 22:44 --------- d-----w c:\program files\Dell 2009-01-24 22:34 --------- d-----w c:\programdata\Dell 2009-01-15 22:53 --------- d-----w c:\users\nikola\AppData\Roaming\Winamp 2009-01-15 13:45 --------- d-----w c:\program files\Winamp 2008-12-27 15:20 --------- d-----w c:\program files\BitTorrent 2006-11-02 12:49 174 --sha-w c:\program files\desktop.ini 2008-10-30 21:49 74 --sh--r c:\windows\CT4CET.bin . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2006-11-02 1196032] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440] "msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-02-28 442433] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-03-12 3563520] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-08-18 1447168] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-04-30 196608] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] "run32"="c:\win\lsass.exe" [2002-01-01 551669] c:\users\nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-02-08 752168] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.ACDV"= ACDV.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "MsnMsgr"="c:\program files\MSN Messenger\msnmsgr.exe" /background "CollaborationHost"=c:\windows\system32\p2phost.exe -s "BitTorrent DNA"="c:\program files\DNA\btdna.exe" "Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2 "HotKeysCmds"=c:\windows\system32\hkcmd.exe "IgfxTray"=c:\windows\system32\igfxtray.exe "Persistence"=c:\windows\system32\igfxpers.exe "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0\bin\jusched.exe" "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" "Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide "ioCentre"=c:\genius\ioCentre\gTaskBar.exe "NeroFilterCheck"=c:\windows\system32\NeroCheck.exe "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime "WinampAgent"="c:\program files\Winamp\winampa.exe" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1329787070-2645521928-1567272476-1000] "EnableNotificationsRef"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{BE7511EF-99F9-4434-9010-85435EBCBB13}"= TCP:6004\|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{94CB31F3-FCB9-4AD6-9492-0A4D8193736B}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{54F5AC86-A4AF-43CC-AB4D-B307FC2965E0}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{EBAA2C8F-4CF3-49EA-BCF0-BC45A3AB99C5}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{68855544-459D-4E3D-9F3D-FE8E26E62AD8}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{685F0990-1CF3-4318-B42C-26FCA2C75077}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone) "{E9314084-DAA7-4C20-A870-5A83909EA717}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In) "{03CB32F6-74D3-4C91-94FA-0FDCA7568B91}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In) "{902CD350-777D-4CEB-A59A-B65F37223EEE}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (TCP-In) "{AAEB9DAA-69C0-4CE2-81FC-D4EA6C5B31BA}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (UDP-In) "{D706900C-1F42-4463-A6D9-5C805014BF27}"= c:\program files\Skype\Phone\Skype.exe:Skype "{0B8C2FCC-7512-4D6C-9BA6-BA21F1AB983F}"= c:\program files\Skype\Phone\Skype.exe:Skype [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722\|UDP:%SystemRoot%\system32\svchost.exe\|Svc=DFSR:Allow inbound TCP traffic\| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe::Enabled:BitTorrent "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX8\\Yahoo!\\Messenger\\YahooMessenger.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX8\Yahoo!\Messenger\YahooMessenger.exe::Enabled:Yahoo! Messenger "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX8\\Yahoo!\\Messenger\\YServer.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX8\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX13\\Yahoo!\\Messenger\\YahooMessenger.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX13\Yahoo!\Messenger\YahooMessenger.exe::Enabled:Yahoo! Messenger "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX13\\Yahoo!\\Messenger\\YServer.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX13\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX17\\Yahoo!\\Messenger\\YahooMessenger.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX17\Yahoo!\Messenger\YahooMessenger.exe::Enabled:Yahoo! Messenger "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX17\\Yahoo!\\Messenger\\YServer.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX17\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX18\\Yahoo!\\Messenger\\YahooMessenger.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX18\Yahoo!\Messenger\YahooMessenger.exe::Enabled:Yahoo! Messenger "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX18\\Yahoo!\\Messenger\\YServer.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX18\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX21\\Yahoo!\\Messenger\\YahooMessenger.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX21\Yahoo!\Messenger\YahooMessenger.exe::Enabled:Yahoo! Messenger "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX21\\Yahoo!\\Messenger\\YServer.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX21\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX24\\Yahoo!\\Messenger\\YahooMessenger.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX24\Yahoo!\Messenger\YahooMessenger.exe::Enabled:Yahoo! Messenger "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX24\\Yahoo!\\Messenger\\YServer.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX24\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX26\\Yahoo!\\Messenger\\YahooMessenger.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX26\Yahoo!\Messenger\YahooMessenger.exe::Enabled:Yahoo! Messenger "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX26\\Yahoo!\\Messenger\\YServer.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX26\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX27\\Yahoo!\\Messenger\\YahooMessenger.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX27\Yahoo!\Messenger\YahooMessenger.exe::Enabled:Yahoo! Messenger "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX27\\Yahoo!\\Messenger\\YServer.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX27\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX29\\Yahoo!\\Messenger\\YahooMessenger.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX29\Yahoo!\Messenger\YahooMessenger.exe::Enabled:Yahoo! Messenger "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX29\\Yahoo!\\Messenger\\YServer.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX29\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX31\\Yahoo!\\Messenger\\YahooMessenger.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX31\Yahoo!\Messenger\YahooMessenger.exe::Enabled:Yahoo! Messenger "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX31\\Yahoo!\\Messenger\\YServer.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX31\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server R1 epfwtdir;epfwtdir;c:\windows\System32\drivers\epfwtdir.sys [2008-08-18 34312] R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_c204e27d\AEstSrv.exe [2008-10-30 73728] R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-08-18 468224] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [2008-10-30 29736] R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\System32\drivers\gHidPnp.sys [2008-11-17 16384] R3 gMouUsb;USB Mouse Device Drv;c:\windows\System32\drivers\gMouUsb.sys [2008-11-17 9856] R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\System32\drivers\IntcHdmi.sys [2008-10-30 111616] R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\k57nd60x.sys [2008-01-29 203264] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\drivers\mbamswissarmy.sys [2009-02-19 38496] R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\System32\drivers\OA001Ufd.sys [2008-10-30 149208] R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\System32\drivers\OA001Vid.sys [2008-10-30 277624] R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\MSN Messenger\usnsvc.exe [2007-01-19 97136] S3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\System32\drivers\gMouPS2.sys [2008-11-17 17408] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contents of the 'Scheduled Tasks' folder 2009-02-13 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 15:17] . . ------- Supplementary Scan ------- . IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm FF - ProfilePath - c:\users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\5z9t70qh.default\ FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava11.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava12.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava13.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava14.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava32.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjpi160.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npoji610.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll . *********************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2009-02-19 17:15:23 Windows 6.0.6000 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'lsass.exe'(2248-) c:\windows\system32\btmmhook.dll c:\windows\system32\btncopy.dll . Completion time: 2009-02-19 17:17:19 ComboFix-quarantined-files.txt 2009-02-19 16:17:17 Pre-Run: 88.395.337.728 bytes free Post-Run: 88,372,191,232 bytes free 259

Profil

dr_Bora Poslao: 19 Feb 2009 18:03 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `Folder:: c:\win Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "run32"=-` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

nikolankl Poslao: 19 Feb 2009 18:14 Idi na vrh
offline nikolankl Novi MyCity građanin Pridružio: 19 Feb 2009 Poruke: 9	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! evo ga: ComboFix 09-02-18.01 - nikola 2009-02-19 18:03:56.2 - NTFSx86 Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1252.1.1033.18.2037.1015 [GMT 1:00] Running from: c:\users\nikola\Desktop\ComboFix.exe Command switches used :: c:\users\nikola\Desktop\CFScript.txt AV: ESET NOD32 Antivirus 3.0 On-access scanning disabled (Updated) * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\win c:\win\1.exe c:\win\lsass.exe c:\win\names.txt . ((((((((((((((((((((((((( Files Created from 2009-01-19 to 2009-02-19 ))))))))))))))))))))))))))))))) . 2009-02-19 13:54 . 2009-02-19 13:54 <DIR> d-------- c:\users\nikola\AppData\Roaming\Malwarebytes 2009-02-19 13:54 . 2009-02-19 13:54 <DIR> d-------- c:\programdata\Malwarebytes 2009-02-19 13:54 . 2009-02-19 13:54 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-02-19 13:54 . 2009-02-11 10:19 38,496 --a------ c:\windows\System32\drivers\mbamswissarmy.sys 2009-02-19 13:54 . 2009-02-11 10:19 15,504 --a------ c:\windows\System32\drivers\mbam.sys 2009-02-18 23:26 . 2009-02-18 23:26 <DIR> d-------- c:\programdata\Yahoo! Companion 2009-02-18 16:50 . 2008-04-18 22:43 170,032 --a------ c:\windows\System32\drivers\Apfiltr.sys 2009-02-18 16:50 . 2008-01-19 16:53 100,546 --a------ c:\windows\System32\Vxdif.dll 2009-02-18 16:40 . 2009-02-18 16:40 2,560 --a------ c:\windows\_MSRSTRT.EXE 2009-02-16 12:07 . 2009-02-16 12:07 <DIR> d-------- c:\program files\URUSoft 2009-02-15 22:30 . 2009-02-19 04:03 <DIR> d-------- c:\users\nikola\AppData\Roaming\skypePM 2009-02-15 22:30 . 2009-02-15 22:30 56 --ah----- c:\windows\System32\ezsidmv.dat 2009-02-15 22:28 . 2009-02-19 04:04 <DIR> d-------- c:\users\nikola\AppData\Roaming\Skype 2009-02-15 22:28 . 2009-02-15 22:28 <DIR> d-------- c:\programdata\Skype 2009-02-15 22:28 . 2009-02-15 22:28 <DIR> dr------- c:\program files\Skype 2009-02-15 22:28 . 2009-02-15 22:28 <DIR> d-------- c:\program files\Common Files\Skype 2009-02-12 01:00 . 2009-02-12 01:01 <DIR> d-------- c:\programdata\Yahoo! 2009-02-10 19:47 . 2009-02-10 19:48 <DIR> d-------- C:\Total_Training 2009-02-10 03:25 . 2009-02-10 03:25 <DIR> d-------- c:\programdata\Adobe Systems 2009-02-10 03:19 . 2009-02-10 03:19 <DIR> d-------- c:\program files\Common Files\Adobe Systems Shared 2009-02-09 12:31 . 2009-02-10 15:06 <DIR> d-------- c:\program files\Macromedia 2009-02-09 12:31 . 2009-02-09 12:35 <DIR> d-------- c:\program files\Common Files\Macromedia 2009-01-30 18:52 . 2009-01-30 18:52 <DIR> d-------- c:\users\nikola\AppData\Roaming\vlc 2009-01-30 18:51 . 2009-01-30 18:51 <DIR> d-------- c:\program files\VideoLAN 2009-01-26 01:22 . 2009-01-26 01:41 <DIR> d-------- c:\program files\GRETECH 2009-01-24 23:47 . 2009-01-24 23:47 224,768 --a------ c:\windows\System32\drivers\usbport.sys 2009-01-24 23:47 . 2009-01-24 23:47 192,000 --a------ c:\windows\System32\drivers\usbhub.sys 2009-01-24 23:47 . 2009-01-24 23:47 73,216 --a------ c:\windows\System32\drivers\usbccgp.sys 2009-01-24 23:47 . 2009-01-24 23:47 38,912 --a------ c:\windows\System32\drivers\hidclass.sys 2009-01-24 23:47 . 2009-01-24 23:47 38,400 --a------ c:\windows\System32\drivers\usbehci.sys 2009-01-24 23:47 . 2009-01-24 23:47 25,472 --a------ c:\windows\System32\drivers\hidparse.sys 2009-01-24 23:47 . 2009-01-24 23:47 23,040 --a------ c:\windows\System32\drivers\usbuhci.sys 2009-01-24 23:47 . 2009-01-24 23:47 12,288 --a------ c:\windows\System32\drivers\hidusb.sys 2009-01-24 23:47 . 2009-01-24 23:47 8,704 --a------ c:\windows\System32\hccoin.dll 2009-01-24 23:47 . 2009-01-24 23:47 5,888 --a------ c:\windows\System32\drivers\usbd.sys 2009-01-24 23:46 . 2009-01-24 23:46 414,208 --a------ c:\windows\System32\msdri.dll 2009-01-24 23:46 . 2009-01-24 23:46 292,352 --a------ c:\windows\System32\psisdecd.dll 2009-01-24 23:46 . 2009-01-24 23:46 218,624 --a------ c:\windows\System32\psisrndr.ax 2009-01-24 23:46 . 2009-01-24 23:46 110,264 --a------ c:\windows\System32\drivers\ataport.sys 2009-01-24 23:46 . 2009-01-24 23:46 80,384 --a------ c:\windows\System32\MSNP.ax 2009-01-24 23:46 . 2009-01-24 23:46 68,608 --a------ c:\windows\System32\Mpeg2Data.ax 2009-01-24 23:46 . 2009-01-24 23:46 57,856 --a------ c:\windows\System32\MSDvbNP.ax 2009-01-24 23:46 . 2009-01-24 23:46 53,760 --a------ c:\windows\System32\drivers\hdaudbus.sys 2009-01-24 23:46 . 2009-01-24 23:46 45,240 --a------ c:\windows\System32\drivers\pciidex.sys 2009-01-24 23:46 . 2009-01-24 23:46 21,688 --a------ c:\windows\System32\drivers\atapi.sys 2009-01-24 23:46 . 2009-01-24 23:46 17,592 --a------ c:\windows\System32\drivers\intelide.sys 2009-01-24 23:45 . 2009-01-24 23:45 242,688 --a------ c:\windows\System32\drivers\rdpdr.sys 2009-01-24 23:45 . 2009-01-24 23:45 220,160 --a------ c:\windows\System32\drivers\bthport.sys 2009-01-24 23:45 . 2009-01-24 23:45 181,760 --a------ c:\windows\System32\fsquirt.exe 2009-01-24 23:45 . 2009-01-24 23:45 140,392 --a------ c:\windows\System32\drivers\pci.sys 2009-01-24 23:45 . 2009-01-24 23:45 50,792 --a------ c:\windows\System32\drivers\termdd.sys 2009-01-24 23:45 . 2009-01-24 23:45 50,280 --a------ c:\windows\System32\drivers\volmgr.sys 2009-01-24 23:45 . 2009-01-24 23:45 29,184 --a------ c:\windows\System32\drivers\BTHUSB.SYS 2009-01-24 23:45 . 2009-01-24 23:45 28,776 --a------ c:\windows\System32\drivers\mssmbios.sys 2009-01-24 23:45 . 2009-01-24 23:45 22,632 --a------ c:\windows\System32\streamci.dll 2009-01-24 23:45 . 2009-01-24 23:45 19,456 --a------ c:\windows\System32\drivers\bthenum.sys 2009-01-24 23:45 . 2009-01-24 23:45 13,928 --a------ c:\windows\System32\drivers\msisadrv.sys 2009-01-24 23:45 . 2009-01-24 23:45 12,776 --a------ c:\windows\System32\drivers\swenum.sys 2009-01-24 20:02 . 2006-11-02 11:23 <DIR> dr------- c:\users\RA Media Server\Videos 2009-01-24 20:02 . 2006-11-02 11:23 <DIR> d-------- c:\users\RA Media Server\Saved Games 2009-01-24 20:02 . 2006-11-02 11:23 <DIR> dr------- c:\users\RA Media Server\Pictures 2009-01-24 20:02 . 2006-11-02 11:23 <DIR> dr------- c:\users\RA Media Server\Music 2009-01-24 20:02 . 2006-11-02 11:23 <DIR> dr------- c:\users\RA Media Server\Links 2009-01-24 20:02 . 2006-11-02 11:23 <DIR> dr------- c:\users\RA Media Server\Downloads 2009-01-24 20:02 . 2009-01-24 20:03 <DIR> dr------- c:\users\RA Media Server\Documents 2009-01-24 20:02 . 2006-11-02 12:18 <DIR> d--h----- c:\users\RA Media Server\AppData 2009-01-24 20:02 . 2009-01-24 20:03 <DIR> d-------- c:\users\RA Media Server 2009-01-24 20:01 . 2009-01-24 23:33 <DIR> d-a------ c:\programdata\TEMP 2009-01-23 18:50 . 2009-02-05 00:08 <DIR> d-------- c:\users\Public\T.B.01.08 2009-01-20 15:45 . 2009-01-20 15:45 <DIR> d-------- c:\program files\MySQL 2009-01-20 15:01 . 2009-01-20 15:01 <DIR> d-------- c:\programdata\Apple Computer 2009-01-20 15:01 . 2009-01-20 15:01 <DIR> d-------- c:\programdata\Apple 2009-01-20 15:01 . 2009-01-20 15:02 <DIR> d-------- c:\program files\QuickTime 2009-01-20 15:01 . 2009-01-20 15:01 <DIR> d-------- c:\program files\Common Files\Apple 2009-01-20 15:01 . 2009-01-20 15:01 <DIR> d-------- c:\program files\Apple Software Update . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-19 13:57 --------- d-----w c:\program files\Live_TV 2009-02-19 03:03 --------- d-----w c:\users\nikola\AppData\Roaming\mIRC 2009-02-19 03:03 --------- d-----w c:\program files\mIRC 2009-02-19 02:15 --------- d-----w c:\users\nikola\AppData\Roaming\BitTorrent 2009-02-18 22:18 --------- d-----w c:\program files\Yahoo! 2009-02-18 15:51 --------- d-----w c:\program files\DellTPad 2009-02-18 15:41 --------- d-----w c:\program files\RADIO_USA 2009-02-18 14:15 --------- d-----w c:\programdata\Microsoft Help 2009-02-18 12:51 --------- d-----w c:\users\nikola\AppData\Roaming\DNA 2009-02-18 12:49 --------- d-----w c:\program files\DNA 2009-02-10 16:09 --------- d-----w c:\program files\Opera 2009-02-10 02:21 --------- d-----w c:\program files\Common Files\Adobe 2009-02-07 23:14 --------- d-----w c:\program files\Common Files\InstallShield 2009-02-04 01:28 197 ----a-w c:\windows\system32\drivers\stwrte.log 2009-01-24 22:44 --------- d-----w c:\program files\Dell 2009-01-24 22:34 --------- d-----w c:\programdata\Dell 2009-01-15 22:53 --------- d-----w c:\users\nikola\AppData\Roaming\Winamp 2009-01-15 13:45 --------- d-----w c:\program files\Winamp 2008-12-27 15:20 --------- d-----w c:\program files\BitTorrent 2006-11-02 12:49 174 --sha-w c:\program files\desktop.ini 2008-10-30 21:49 74 --sh--r c:\windows\CT4CET.bin . ((((((((((((((((((((((((((((( [Link mogu videti samo ulogovani korisnici],32 ))))))))))))))))))))))))))))))))))))))))) . - 2009-02-19 15:09:10 262,144 ----a-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT + 2009-02-19 16:15:29 262,144 ----a-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2006-11-02 1196032] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440] "msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-02-28 442433] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-03-12 3563520] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-08-18 1447168] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-04-30 196608] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792] c:\users\nikola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-02-08 752168] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.ACDV"= ACDV.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "MsnMsgr"="c:\program files\MSN Messenger\msnmsgr.exe" /background "CollaborationHost"=c:\windows\system32\p2phost.exe -s "BitTorrent DNA"="c:\program files\DNA\btdna.exe" "Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2 "HotKeysCmds"=c:\windows\system32\hkcmd.exe "IgfxTray"=c:\windows\system32\igfxtray.exe "Persistence"=c:\windows\system32\igfxpers.exe "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0\bin\jusched.exe" "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" "Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide "ioCentre"=c:\genius\ioCentre\gTaskBar.exe "NeroFilterCheck"=c:\windows\system32\NeroCheck.exe "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime "WinampAgent"="c:\program files\Winamp\winampa.exe" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1329787070-2645521928-1567272476-1000] "EnableNotificationsRef"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{BE7511EF-99F9-4434-9010-85435EBCBB13}"= TCP:6004\|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{94CB31F3-FCB9-4AD6-9492-0A4D8193736B}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{54F5AC86-A4AF-43CC-AB4D-B307FC2965E0}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{EBAA2C8F-4CF3-49EA-BCF0-BC45A3AB99C5}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{68855544-459D-4E3D-9F3D-FE8E26E62AD8}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{685F0990-1CF3-4318-B42C-26FCA2C75077}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone) "{E9314084-DAA7-4C20-A870-5A83909EA717}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In) "{03CB32F6-74D3-4C91-94FA-0FDCA7568B91}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In) "{902CD350-777D-4CEB-A59A-B65F37223EEE}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (TCP-In) "{AAEB9DAA-69C0-4CE2-81FC-D4EA6C5B31BA}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (UDP-In) "{D706900C-1F42-4463-A6D9-5C805014BF27}"= c:\program files\Skype\Phone\Skype.exe:Skype "{0B8C2FCC-7512-4D6C-9BA6-BA21F1AB983F}"= c:\program files\Skype\Phone\Skype.exe:Skype [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722\|UDP:%SystemRoot%\system32\svchost.exe\|Svc=DFSR:Allow inbound TCP traffic\| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe::Enabled:BitTorrent "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX8\\Yahoo!\\Messenger\\YahooMessenger.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX8\Yahoo!\Messenger\YahooMessenger.exe::Enabled:Yahoo! Messenger "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX8\\Yahoo!\\Messenger\\YServer.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX8\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX13\\Yahoo!\\Messenger\\YahooMessenger.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX13\Yahoo!\Messenger\YahooMessenger.exe::Enabled:Yahoo! Messenger "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX13\\Yahoo!\\Messenger\\YServer.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX13\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX17\\Yahoo!\\Messenger\\YahooMessenger.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX17\Yahoo!\Messenger\YahooMessenger.exe::Enabled:Yahoo! Messenger "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX17\\Yahoo!\\Messenger\\YServer.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX17\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX18\\Yahoo!\\Messenger\\YahooMessenger.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX18\Yahoo!\Messenger\YahooMessenger.exe::Enabled:Yahoo! Messenger "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX18\\Yahoo!\\Messenger\\YServer.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX18\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX21\\Yahoo!\\Messenger\\YahooMessenger.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX21\Yahoo!\Messenger\YahooMessenger.exe::Enabled:Yahoo! Messenger "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX21\\Yahoo!\\Messenger\\YServer.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX21\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX24\\Yahoo!\\Messenger\\YahooMessenger.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX24\Yahoo!\Messenger\YahooMessenger.exe::Enabled:Yahoo! Messenger "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX24\\Yahoo!\\Messenger\\YServer.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX24\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX26\\Yahoo!\\Messenger\\YahooMessenger.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX26\Yahoo!\Messenger\YahooMessenger.exe::Enabled:Yahoo! Messenger "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX26\\Yahoo!\\Messenger\\YServer.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX26\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX27\\Yahoo!\\Messenger\\YahooMessenger.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX27\Yahoo!\Messenger\YahooMessenger.exe::Enabled:Yahoo! Messenger "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX27\\Yahoo!\\Messenger\\YServer.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX27\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX29\\Yahoo!\\Messenger\\YahooMessenger.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX29\Yahoo!\Messenger\YahooMessenger.exe::Enabled:Yahoo! Messenger "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX29\\Yahoo!\\Messenger\\YServer.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX29\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX31\\Yahoo!\\Messenger\\YahooMessenger.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX31\Yahoo!\Messenger\YahooMessenger.exe::Enabled:Yahoo! Messenger "c:\\Users\\nikola\\AppData\\Local\\Temp\\RarSFX31\\Yahoo!\\Messenger\\YServer.exe"= c:\users\nikola\AppData\Local\Temp\RarSFX31\Yahoo!\Messenger\YServer.exe::Enabled:Yahoo! FT Server R1 epfwtdir;epfwtdir;c:\windows\System32\drivers\epfwtdir.sys [2008-08-18 34312] R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_c204e27d\AEstSrv.exe [2008-10-30 73728] R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-08-18 468224] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [2008-10-30 29736] R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\System32\drivers\gHidPnp.sys [2008-11-17 16384] R3 gMouUsb;USB Mouse Device Drv;c:\windows\System32\drivers\gMouUsb.sys [2008-11-17 9856] R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\System32\drivers\IntcHdmi.sys [2008-10-30 111616] R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\k57nd60x.sys [2008-01-29 203264] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\drivers\mbamswissarmy.sys [2009-02-19 38496] R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\System32\drivers\OA001Ufd.sys [2008-10-30 149208] R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\System32\drivers\OA001Vid.sys [2008-10-30 277624] R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\MSN Messenger\usnsvc.exe [2007-01-19 97136] S3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\System32\drivers\gMouPS2.sys [2008-11-17 17408] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Contents of the 'Scheduled Tasks' folder 2009-02-13 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 15:17] . . ------- Supplementary Scan ------- . IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm FF - ProfilePath - c:\users\nikola\AppData\Roaming\Mozilla\Firefox\Profiles\5z9t70qh.default\ FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava11.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava12.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava13.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava14.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjava32.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npjpi160.dll FF - plugin: c:\program files\Java\jre1.6.0\bin\npoji610.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll . *********************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2009-02-19 18:05:40 Windows 6.0.6000 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2009-02-19 18:07:35 ComboFix-quarantined-files.txt 2009-02-19 17:07:33 ComboFix2.txt 2009-02-19 16:17:20 Pre-Run: 87.887.003.648 bytes free Post-Run: 87,858,851,840 bytes free 261

Profil

dr_Bora Poslao: 19 Feb 2009 18:49 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Upakuj u zip/rar kompletan folder: C:\qoobox\quarantine i upload-uj tu arhivu preko ovog linka: [Link mogu videti samo ulogovani korisnici] ------------------------------------------------------------------------------------- Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa. - Sacekaj koji sekund dok program izvrsi inicijalno skeniranje. - Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi. - Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak - Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum. Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd.

Profil

nikolankl Poslao: 19 Feb 2009 18:56 Idi na vrh
offline nikolankl Novi MyCity građanin Pridružio: 19 Feb 2009 Poruke: 9	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! upload-ovao. nemam taj usb kod sebe, a takodje ne posedujem ni licni usb, tako da ne znam da li treba da skidam ovaj USBNoRisk?

Profil

dr_Bora Poslao: 19 Feb 2009 19:18 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nema potrebe... Kakvo je trenutno stanje?

Profil

nikolankl Poslao: 19 Feb 2009 19:20 Idi na vrh
offline nikolankl Novi MyCity građanin Pridružio: 19 Feb 2009 Poruke: 9	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! radi bez problema, cini mi se...obicno se problem javljao posle prijavljivanja na FB, ali sad sam prijavljen, i sve funkcionise ok. jel to sad gotovo?

Profil

dr_Bora Poslao: 19 Feb 2009 19:23 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imao si jednog crva - to je obrisano. Sudeći po logovima, PC je sada čist. Preostaje da uradiš sledeće: Klikni START a zatim RUN U liniju za unos teksta ukucaj Combofix /u i klikni OK Sačekaj da se proces deinstalacije završi Gornja procedura će: Obrisati sledeće: ComboFix i njegove file-ove i foldere VundoFix Backups folder, ako postoji C:\Deckard folder, ako postoji C:\OtMoveIt folder, ako postoji Resetovati podešavanja sata na kompjuteru Sakriti ekstenzije file-ova, ako je potrebno Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno Resetovati System Restore To je sve.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » virus sa usba

Ko je trenutno na forumu

Ukupno su 748 korisnika na forumu :: 17 registrovanih, 1 sakriven i 730 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 20624 - dana 04 Apr 2026 04:18

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: draganl, Dragon Order, Dusko_Dugousko, Ezbuck, Karla, Komanca, opt1, Robin, Romibrat, Sharpshooter, stalja, SUPERTUKANO, tachinni, tooooom, VJ, VPV, zhuki8

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by