MyCity » Ambulanta -> Arhiva Ambulante » crv <studentski glasnik>

crv <studentski glasnik>

Napisano na dan: 15.6.2008

Strana:
1
2

crv <studentski glasnik>

Sledeća strana

Pagination

Odgovori

Strana:
1
2

nestor91028 Poslao: 15 Jun 2008 22:31 Idi na vrh
offline nestor91028 Građanin Pridružio: 04 Mar 2008 Poruke: 147 Gde živiš: Leposavić	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of HijackThis v1.99.1 Scan saved at 22:10:23, on 15.6.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\SysMetrix\SysMetrix.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\iolo\System Mechanic 6\SMSystemAnalyzer.exe C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\Nikola\Desktop\nestor\TR3.exe.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.rs/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = comtradegroup.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Corel Graphics Suite 1117] C:\Program Files\Corel Graphics 11\Register\registration.exe /title="Corel Graphics Suite 11" /date=100707 serial=DR11CRD-0012082-DGW O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=062708 serial=DR12WEX-1504397-KTY lang=EN O4 - HKLM\..\Run: [SysMetrix] C:\Program Files\SysMetrix\SysMetrix.exe O4 - HKLM\..\Run: [Ulead Quick-Drop] "C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 4.0 Disc Creator TBYB\Ulead Quick-Drop 1.0\Quick-Drop.exe" WINDOWCALL O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [webHancer Agent] "C:\Program Files\webHancer\Programs\whAgent.exe" O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [Sys32] c:\WINDOWS\Sys32.exe O4 - HKLM\..\Run: [HService] c:\WINDOWS\msservice.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [BPMInit] BpmInit.exe C:\PROGRA~1\ALCATech\BPM-ST~1 O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic 6\SMSystemAnalyzer.exe" O4 - HKCU\..\Run: [System Mechanic Popup Blocker] "C:\Program Files\iolo\System Mechanic 6\PopupBlocker.exe" O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" O4 - Startup: Undelete 5 Professional Edition Registration.lnk = C:\Program Files\Executive Software\Undelete\ESIRegister.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.comtradegroup.com O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5F76380A-AEB6-4D06-A64F-D8379877C7AF}: NameServer = 212.62.32.1 O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: SQL Server (MSSMLBIZ) (MSSQL$MSSMLBIZ) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ (file missing) O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\pavsrv51.exe Ovaj crv pojavljuje mi se u obliku reklame za Studentski glasnik koja na svakih pola sata iskače na desktop, a zatim posle tri sekunde nestaje, njime sam se zarazio preko USB flesa.Imam Kaspersky 6.0 ali on ne moze nista da nadje, kazu da ne moze nijedan antivirus da ga pronadje, crv se automatski kopira kada ubacite zaraženi USB u mašinu.Probao sam format USB-a ali to ne pomaže, opet se pojavljuje folder configure.U poslednje vreme je počeo da me zaista nervira igram igricu, a on je jednostavno minimizira. ....... Ako je neko imao slican problem, molio bih ga da se javi!

Profil

DEMIAN Poslao: 15 Jun 2008 23:52 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Obrisaću ti onu staru a identičnu temu koju si otvorio u Ambulanti. Dalje instrukcije kako da očištiš tog crva dobijaćeš ovde. Za početak poteraj ComboFix i njime preskeniraj/pročisti malo sistem. Uputstvo za korišćenje ti je ispod.. ------------ Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati. ------------------------------ Ono što ne bude automatski detektovano i obrisano sredićemo sutra posle analize tog loga koji nam budeš postavio. Pozz

Profil

nestor91028 Poslao: 16 Jun 2008 10:55 Idi na vrh
offline nestor91028 Građanin Pridružio: 04 Mar 2008 Poruke: 147 Gde živiš: Leposavić	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-06-15.4 - Nikola 2008-06-16 10:20:34.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1251.1.1033.18.134 [GMT 2:00] Running from: C:\Documents and Settings\Nikola\Desktop\ComboFix.exe * Created a new restore point * Resident AV is active WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Nikola\My Documents\NATASA\8 RAZRED\generacija `93 sve\Slike Skola\Desktop_.ini C:\Documents and Settings\Nikola\My Documents\NATASA\8 RAZRED\generacija `93 sve\SPOMENAR\Slike Skola\Desktop_.ini C:\Documents and Settings\Nikola\ravmonlog C:\Program Files\webhancer C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML C:\WINDOWS\system32\drivers\HXFSetup.exe C:\WINDOWS\system32\drivers\sm56hlpr.exe C:\WINDOWS\system32\drivers\sm56unst.exe C:\WINDOWS\system32\mdm.exe C:\WINDOWS\system32\nsinet.exe . ((((((((((((((((((((((((( Files Created from 2008-05-16 to 2008-06-16 ))))))))))))))))))))))))))))))) . 2008-06-15 19:12 . 2008-06-15 19:12 0 --a------ C:\WINDOWS\iPlayer.INI 2008-06-15 19:03 . 2008-06-15 19:12 <DIR> d-------- C:\Program Files\InterActual 2008-06-15 18:53 . 2008-06-15 18:59 <DIR> d-------- C:\Program Files\Ultra Cleaner 2008-06-15 18:36 . 2008-06-15 18:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ACD Systems 2008-06-15 18:34 . 2008-06-15 18:51 <DIR> d-------- C:\Program Files\ACD Systems 2008-06-15 18:34 . 2008-06-15 18:34 0 --a------ C:\WINDOWS\ROBOEN~1.INI 2008-06-05 18:42 . 2008-06-05 18:42 262,144 --a------ C:\WINDOWS\system32\wrap_oal.dll 2008-06-05 18:42 . 2008-06-05 18:42 86,016 --a------ C:\WINDOWS\system32\OpenAL32.dll 2008-06-05 18:29 . 2008-06-05 18:29 <DIR> d-------- C:\Program Files\Encore 2008-06-04 22:09 . 2008-06-04 22:14 <DIR> d-------- C:\Program Files\Return to Castle Wolfenstein 2008-06-04 22:08 . 2008-06-09 11:30 810 --a------ C:\WINDOWS\Rtcw.INI 2008-05-31 13:48 . 2008-06-03 20:56 <DIR> d-------- C:\Program Files\EA GAMES 2008-05-31 12:46 . 2008-05-31 12:46 <DIR> d-------- C:\WINDOWS\NV38364012.TMP 2008-05-31 12:21 . 2001-11-14 03:04 7,298 -ra------ C:\WINDOWS\system32\VGAMap9X.vxd 2008-05-31 12:21 . 2003-05-30 13:04 4,764 -ra------ C:\WINDOWS\system32\drivers\GAGPDrv.sys 2008-05-31 10:41 . 2008-05-31 10:41 <DIR> d-------- C:\Program Files\Common Files\NVIDIA Shared 2008-05-31 09:59 . 2005-10-31 12:17 135,168 -r------- C:\WINDOWS\system32\RtlCPAPI.dll 2008-05-31 09:57 . 2005-05-03 12:43 69,632 -r------- C:\WINDOWS\Alcmtr.exe 2008-05-31 09:56 . 2008-05-31 09:56 4,501 --a------ C:\WINDOWS\gdrv.sys 2008-05-31 09:00 . 2008-05-31 09:00 <DIR> d-------- C:\WINDOWS\NV13923852.TMP 2008-05-30 22:52 . 2008-05-30 22:52 <DIR> d-------- C:\WINDOWS\NV37203728.TMP 2008-05-29 22:55 . 2008-05-29 22:55 <DIR> d-------- C:\WINDOWS\system32\QuickTime 2008-05-28 11:11 . 2008-01-24 20:29 572,928 --ah----- C:\WINDOWS\Sys32.exe 2008-05-28 11:11 . 2008-05-28 11:11 572,928 --ah----- C:\WINDOWS\backup.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-16 08:33 11,377,440 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat 2008-06-16 08:32 713,248 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat 2008-06-16 07:59 --------- d-----w C:\Program Files\SysMetrix 2008-06-15 23:01 70,832 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx 2008-06-15 23:01 154,952 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2008-06-15 17:13 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-06-15 17:13 --------- d-----w C:\Program Files\InterVideo 2008-06-15 17:12 --------- d-----w C:\Program Files\Common Files\InterVideo 2008-06-15 17:02 --------- d-----w C:\Program Files\Google 2008-06-15 16:51 --------- d-----w C:\Program Files\Common Files\ACD Systems 2008-06-15 16:38 --------- d-----w C:\Documents and Settings\Nikola\Application Data\ACD Systems 2008-06-12 16:47 --------- d-----w C:\Program Files\Kaspersky Lab 2008-06-09 09:43 --------- d-----w C:\Program Files\CDex_150 2008-06-07 09:43 --------- d-----w C:\Program Files\ATI Technologies 2008-06-03 18:53 --------- d-----w C:\Program Files\GameSpy Arcade 2008-06-01 09:29 --------- d-----w C:\Program Files\vanBasco's Karaoke Player 2008-05-31 07:57 --------- d-----w C:\Program Files\Realtek 2008-05-30 09:40 --------- d-----w C:\Program Files\Winamp 2008-05-15 19:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-05-15 19:20 --------- d-----w C:\Program Files\Electronic Arts 2008-05-07 17:34 --------- d-----w C:\Program Files\Common Files\Adobe 2008-05-06 20:18 --------- d-----w C:\Documents and Settings\Nikola\Application Data\AdobeUM 2008-05-06 20:08 --------- d-----w C:\Program Files\Disc2Phone 2008-05-06 20:00 --------- d-----w C:\Documents and Settings\Nikola\Application Data\Teleca 2008-05-06 19:56 --------- d-----w C:\Program Files\Sony Ericsson 2008-05-06 19:56 --------- d-----w C:\Program Files\Common Files\Teleca Shared 2008-05-06 19:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Teleca 2008-05-06 19:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Ericsson 2008-05-06 15:28 --------- d-----w C:\Program Files\Recnik20 2008-04-24 18:51 --------- d-----w C:\Program Files\Tuning Car Studio 2008-04-24 18:13 --------- d-----w C:\Program Files\hkSFV . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 21:35 90112] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 14:00 15360] "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-06-02 16:03 1957888] "BPMInit"="BpmInit.exe" [2000-10-10 12:16 57344 C:\WINDOWS\system32\bpminit.exe] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-12 21:54 68856] "Active Desktop Calendar"="C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe" [ ] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [ ] "SMSystemAnalyzer"="C:\Program Files\iolo\System Mechanic 6\SMSystemAnalyzer.exe" [2006-02-02 19:42 578048] "System Mechanic Popup Blocker"="C:\Program Files\iolo\System Mechanic 6\PopupBlocker.exe" [2006-02-02 19:42 867328] "OM2_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-09-04 14:52 95536] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SkyTel"="SkyTel.EXE" [2006-05-16 12:04 2879488 C:\WINDOWS\SkyTel.exe] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648] "Corel Graphics Suite 1117"="C:\Program Files\Corel Graphics 11\Register\registration.exe" [ ] "CorelDRAW Graphics Suite 11b"="C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe" [2003-11-25 13:39 729088] "SysMetrix"="C:\Program Files\SysMetrix\SysMetrix.exe" [2006-02-25 22:09 2637824] "Ulead Quick-Drop"="C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 4.0 Disc Creator TBYB\Ulead Quick-Drop 1.0\Quick-Drop.exe" [ ] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 21:24 32768] "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 18:41 45056] "APVXDWIN"="C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\APVXDWIN.exe" [ ] "kav"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [2006-03-24 20:09 139367] "OM2_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2007-09-04 14:52 54576] "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 16:17 159744] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-10-25 07:37 35328] "Sys32"="c:\WINDOWS\Sys32.exe" [2008-01-24 20:29 572928] "HService"="c:\WINDOWS\msservice.exe" [ ] "RTHDCPL"="RTHDCPL.EXE" [2006-05-27 04:47 16208384 C:\WINDOWS\RTHDCPL.exe] "NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [ ] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-02-28 14:00 15360] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 10:48:20 40048] Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 09:01:50 734872] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] avldr.dll 2005-08-03 16:02 49152 C:\WINDOWS\system32\avldr.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.XVID"= xvid.dll "msacm.ac3filter"= ac3filter.acm "vidc.DIV3"= DivXc32.dll "vidc.DIV4"= DivXc32f.dll "msacm.divxa32"= msaud32_divx.acm [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "D:\\Program Files\\Valve\\hl.exe"= "D:\\Program Files\\Valve\\hlds.exe"= "D:\\Program Files\\Valve\\hltv.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= "C:\\Program Files\\Codemasters\\OperationFlashpoint\\FLASHPOINTRESISTANCE.EXE"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "15669:TCP"= 15669:TCP:NortonAV "15032:TCP"= 15032:TCP:NortonAV "16238:TCP"= 16238:TCP:NortonAV "14098:TCP"= 14098:TCP:NortonAV "13732:TCP"= 13732:TCP:NortonAV "14577:TCP"= 14577:TCP:NortonAV "13559:TCP"= 13559:TCP:NortonAV "13116:TCP"= 13116:TCP:NortonAV "15719:TCP"= 15719:TCP:NortonAV "17241:TCP"= 17241:TCP:NortonAV "16520:TCP"= 16520:TCP:NortonAV "15962:TCP"= 15962:TCP:NortonAV "18026:TCP"= 18026:TCP:NortonAV "16598:TCP"= 16598:TCP:NortonAV "14198:TCP"= 14198:TCP:NortonAV "18622:TCP"= 18622:TCP:NortonAV "16783:TCP"= 16783:TCP:NortonAV "18094:TCP"= 18094:TCP:NortonAV "15334:TCP"= 15334:TCP:NortonAV R2 MarxDev1;MarxDev1;C:\WINDOWS\system32\drivers\MarxDev1.sys [2001-05-28 16:30] R2 MarxDev2;MarxDev2;C:\WINDOWS\system32\drivers\MarxDev2.sys [2001-05-28 16:30] R2 MarxDev3;MarxDev3;C:\WINDOWS\system32\drivers\MarxDev3.sys [2001-05-28 16:30] R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ [] S3 GAGPDrv;GAGPDrv;C:\WINDOWS\system32\drivers\GAGPDrv.sys [2003-05-30 13:04] S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2008-05-31 09:56] Newly Created Service - CATCHME [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static] msiexec /fums {3CBBEE47-C8F4-316A-92FF-ED7E3DFAE41E} /qb . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-06-16 10:32:50 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-06-16 10:37:57 ComboFix-quarantined-files.txt 2008-06-16 08:37:52 Pre-Run: 7,909,048,320 bytes free Post-Run: 10,591,719,424 bytes free 184 Evo brate uradio sam sve kao što si mi rekao.

Profil

DEMIAN Poslao: 16 Jun 2008 18:19 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: C:\WINDOWS\Sys32.exe C:\WINDOWS\backup.dll c:\WINDOWS\msservice.exe Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BPMInit"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sys32"=- "HService"=- DirLook:: C:\WINDOWS\NV13923852.TMP C:\WINDOWS\NV37203728.TMP` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja. Zatim pronađi ova (dole) dva fajla po putanji, zipuj i pošlji mi ih preko ove forme > http://www.mycity.rs/ambulanta-upload.php C:\WINDOWS\system32\drivers\GAGPDrv.sys C:\WINDOWS\system32\bpminit.exe

Profil

nestor91028 Poslao: 16 Jun 2008 22:31 Idi na vrh
offline nestor91028 Građanin Pridružio: 04 Mar 2008 Poruke: 147 Gde živiš: Leposavić	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Šaljem ti log ali za ona dva fajla nisam siguran da sam ih lepo zipovao. Uzgred da te pitam zašto mi neradi autorun, to sam primetio jutros kada sam prvi put skenirao sistem, da li je iskljucen ili da li neradi? ComboFix 08-06-15.4 - Nikola 2008-06-16 22:14:35.3 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1251.1.1033.18.97 [GMT 2:00] Running from: C:\Documents and Settings\Nikola\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\Nikola\Desktop\CFScript_used_2008-06-16@21.06.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: C:\WINDOWS\backup.dll c:\WINDOWS\msservice.exe C:\WINDOWS\Sys32.exe . ((((((((((((((((((((((((( Files Created from 2008-05-16 to 2008-06-16 ))))))))))))))))))))))))))))))) . 2008-06-16 19:58 . 2008-06-16 19:58 99,965 --a------ C:\WINDOWS\UninstallFirefox.exe 2008-06-16 19:58 . 2008-06-16 19:58 2,654 --a------ C:\WINDOWS\mozver.dat 2008-06-16 19:58 . 2008-06-16 19:58 0 --a------ C:\WINDOWS\nsreg.dat 2008-06-16 19:40 . 2008-06-16 19:41 <DIR> d-------- C:\WINDOWS\system32\NtmsData 2008-06-16 15:17 . 2008-06-16 15:17 287 --a------ C:\WINDOWS\game.ini 2008-06-15 19:12 . 2008-06-15 19:12 0 --a------ C:\WINDOWS\iPlayer.INI 2008-06-15 19:03 . 2008-06-15 19:12 <DIR> d-------- C:\Program Files\InterActual 2008-06-15 18:53 . 2008-06-15 18:59 <DIR> d-------- C:\Program Files\Ultra Cleaner 2008-06-15 18:36 . 2008-06-15 18:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ACD Systems 2008-06-15 18:34 . 2008-06-15 18:51 <DIR> d-------- C:\Program Files\ACD Systems 2008-06-15 18:34 . 2008-06-15 18:34 0 --a------ C:\WINDOWS\ROBOEN~1.INI 2008-06-05 18:42 . 2008-06-05 18:42 262,144 --a------ C:\WINDOWS\system32\wrap_oal.dll 2008-06-05 18:42 . 2008-06-05 18:42 86,016 --a------ C:\WINDOWS\system32\OpenAL32.dll 2008-06-05 18:29 . 2008-06-05 18:29 <DIR> d-------- C:\Program Files\Encore 2008-06-04 22:09 . 2008-06-04 22:14 <DIR> d-------- C:\Program Files\Return to Castle Wolfenstein 2008-06-04 22:08 . 2008-06-09 11:30 810 --a------ C:\WINDOWS\Rtcw.INI 2008-05-31 13:48 . 2008-06-03 20:56 <DIR> d-------- C:\Program Files\EA GAMES 2008-05-31 12:46 . 2008-05-31 12:46 <DIR> d-------- C:\WINDOWS\NV38364012.TMP 2008-05-31 12:21 . 2001-11-14 03:04 7,298 -ra------ C:\WINDOWS\system32\VGAMap9X.vxd 2008-05-31 12:21 . 2003-05-30 13:04 4,764 -ra------ C:\WINDOWS\system32\drivers\GAGPDrv.sys 2008-05-31 10:41 . 2008-05-31 10:41 <DIR> d-------- C:\Program Files\Common Files\NVIDIA Shared 2008-05-31 09:59 . 2005-10-31 12:17 135,168 -r------- C:\WINDOWS\system32\RtlCPAPI.dll 2008-05-31 09:57 . 2005-05-03 12:43 69,632 -r------- C:\WINDOWS\Alcmtr.exe 2008-05-31 09:56 . 2008-05-31 09:56 4,501 --a------ C:\WINDOWS\gdrv.sys 2008-05-31 09:00 . 2008-05-31 09:00 <DIR> d-------- C:\WINDOWS\NV13923852.TMP 2008-05-30 22:52 . 2008-05-30 22:52 <DIR> d-------- C:\WINDOWS\NV37203728.TMP 2008-05-29 22:55 . 2008-05-29 22:55 <DIR> d-------- C:\WINDOWS\system32\QuickTime . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-16 20:18 11,685,664 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat 2008-06-16 19:08 --------- d-----w C:\Program Files\Kaspersky Lab 2008-06-16 16:50 --------- d-----w C:\Program Files\SysMetrix 2008-06-16 13:17 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-06-16 12:57 --------- d-----w C:\Program Files\Activision 2008-06-16 11:51 729,632 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat 2008-06-16 08:40 71,096 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx 2008-06-16 08:40 157,040 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2008-06-15 17:13 --------- d-----w C:\Program Files\InterVideo 2008-06-15 17:12 --------- d-----w C:\Program Files\Common Files\InterVideo 2008-06-15 17:02 --------- d-----w C:\Program Files\Google 2008-06-15 16:51 --------- d-----w C:\Program Files\Common Files\ACD Systems 2008-06-15 16:38 --------- d-----w C:\Documents and Settings\Nikola\Application Data\ACD Systems 2008-06-09 09:43 --------- d-----w C:\Program Files\CDex_150 2008-06-07 09:43 --------- d-----w C:\Program Files\ATI Technologies 2008-06-03 18:53 --------- d-----w C:\Program Files\GameSpy Arcade 2008-06-01 09:29 --------- d-----w C:\Program Files\vanBasco's Karaoke Player 2008-05-31 07:57 --------- d-----w C:\Program Files\Realtek 2008-05-30 09:40 --------- d-----w C:\Program Files\Winamp 2008-05-15 19:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-05-15 19:20 --------- d-----w C:\Program Files\Electronic Arts 2008-05-07 17:34 --------- d-----w C:\Program Files\Common Files\Adobe 2008-05-06 20:18 --------- d-----w C:\Documents and Settings\Nikola\Application Data\AdobeUM 2008-05-06 20:08 --------- d-----w C:\Program Files\Disc2Phone 2008-05-06 20:00 --------- d-----w C:\Documents and Settings\Nikola\Application Data\Teleca 2008-05-06 19:56 --------- d-----w C:\Program Files\Sony Ericsson 2008-05-06 19:56 --------- d-----w C:\Program Files\Common Files\Teleca Shared 2008-05-06 19:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Teleca 2008-05-06 19:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Ericsson 2008-05-06 15:28 --------- d-----w C:\Program Files\Recnik20 2008-04-24 18:51 --------- d-----w C:\Program Files\Tuning Car Studio 2008-04-24 18:13 --------- d-----w C:\Program Files\hkSFV . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of C:\WINDOWS\NV13923852.TMP ---- 2006-03-22 08:23 109568 -ra------ C:\WINDOWS\NV13923852.TMP\nvtcp.sys ---- Directory of C:\WINDOWS\NV37203728.TMP ---- 2006-03-22 08:23 109568 -ra------ C:\WINDOWS\NV37203728.TMP\nvtcp.sys ((((((((((((((((((((((((((((( snapshot@2008-06-16_10.37.25,45 ))))))))))))))))))))))))))))))))))))))))) . - 2008-06-16 07:59:01 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-06-16 12:01:43 2,048 --s-a-w C:\WINDOWS\bootstat.dat + 2008-06-16 13:17:17 14,366 ----a-r C:\WINDOWS\Installer\{D0A05794-48C2-4424-A15A-9F20FCFDD374}\ARPPRODUCTICON.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 21:35 90112] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-02-28 14:00 15360] "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-06-02 16:03 1957888] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-12 21:54 68856] "Active Desktop Calendar"="C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe" [ ] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [ ] "SMSystemAnalyzer"="C:\Program Files\iolo\System Mechanic 6\SMSystemAnalyzer.exe" [2006-02-02 19:42 578048] "System Mechanic Popup Blocker"="C:\Program Files\iolo\System Mechanic 6\PopupBlocker.exe" [2006-02-02 19:42 867328] "OM2_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-09-04 14:52 95536] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SkyTel"="SkyTel.EXE" [2006-05-16 12:04 2879488 C:\WINDOWS\SkyTel.exe] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648] "Corel Graphics Suite 1117"="C:\Program Files\Corel Graphics 11\Register\registration.exe" [ ] "CorelDRAW Graphics Suite 11b"="C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe" [2003-11-25 13:39 729088] "SysMetrix"="C:\Program Files\SysMetrix\SysMetrix.exe" [2006-02-25 22:09 2637824] "Ulead Quick-Drop"="C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 4.0 Disc Creator TBYB\Ulead Quick-Drop 1.0\Quick-Drop.exe" [ ] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 21:24 32768] "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 18:41 45056] "APVXDWIN"="C:\Program Files\Panda Software\Panda Titanium 2006 Antivirus + Antispyware\APVXDWIN.exe" [ ] "kav"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [2006-03-24 20:09 139367] "OM2_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2007-09-04 14:52 54576] "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 16:17 159744] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-10-25 07:37 35328] "RTHDCPL"="RTHDCPL.EXE" [2006-05-27 04:47 16208384 C:\WINDOWS\RTHDCPL.exe] "NVMixerTray"="C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [ ] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-02-28 14:00 15360] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 10:48:20 40048] Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 09:01:50 734872] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr] avldr.dll 2005-08-03 16:02 49152 C:\WINDOWS\system32\avldr.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.XVID"= xvid.dll "msacm.ac3filter"= ac3filter.acm "vidc.DIV3"= DivXc32.dll "vidc.DIV4"= DivXc32f.dll "msacm.divxa32"= msaud32_divx.acm [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "D:\\Program Files\\Valve\\hl.exe"= "D:\\Program Files\\Valve\\hlds.exe"= "D:\\Program Files\\Valve\\hltv.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= "C:\\Program Files\\Codemasters\\OperationFlashpoint\\FLASHPOINTRESISTANCE.EXE"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "15669:TCP"= 15669:TCP:NortonAV "15032:TCP"= 15032:TCP:NortonAV "16238:TCP"= 16238:TCP:NortonAV "14098:TCP"= 14098:TCP:NortonAV "13732:TCP"= 13732:TCP:NortonAV "14577:TCP"= 14577:TCP:NortonAV "13559:TCP"= 13559:TCP:NortonAV "13116:TCP"= 13116:TCP:NortonAV "15719:TCP"= 15719:TCP:NortonAV "17241:TCP"= 17241:TCP:NortonAV "16520:TCP"= 16520:TCP:NortonAV "15962:TCP"= 15962:TCP:NortonAV "18026:TCP"= 18026:TCP:NortonAV "16598:TCP"= 16598:TCP:NortonAV "14198:TCP"= 14198:TCP:NortonAV "18622:TCP"= 18622:TCP:NortonAV "16783:TCP"= 16783:TCP:NortonAV "18094:TCP"= 18094:TCP:NortonAV "15334:TCP"= 15334:TCP:NortonAV R2 MarxDev1;MarxDev1;C:\WINDOWS\system32\drivers\MarxDev1.sys [2001-05-28 16:30] R2 MarxDev2;MarxDev2;C:\WINDOWS\system32\drivers\MarxDev2.sys [2001-05-28 16:30] R2 MarxDev3;MarxDev3;C:\WINDOWS\system32\drivers\MarxDev3.sys [2001-05-28 16:30] R2 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSMLBIZ [] S3 GAGPDrv;GAGPDrv;C:\WINDOWS\system32\drivers\GAGPDrv.sys [2003-05-30 13:04] S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2008-05-31 09:56] Newly Created Service - NTMSSVC [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static] msiexec /fums {3CBBEE47-C8F4-316A-92FF-ED7E3DFAE41E} /qb . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-06-16 22:18:08 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-06-16 22:21:48 ComboFix-quarantined-files.txt 2008-06-16 20:21:42 ComboFix2.txt 2008-06-16 19:14:36 ComboFix3.txt 2008-06-16 08:37:59 Pre-Run: 7,173,312,512 bytes free Post-Run: 7,160,799,232 bytes free 190

Profil

DEMIAN Poslao: 16 Jun 2008 23:28 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Upravo gledam, fajlovi nisu uploadovani. Što se autoplay opcije ne znam šta je tačan uzrok toga. Možda novi ComboFix automatski to radi. Proveriću.. btw. Nemoj da gledaš na to kao na hendikep jer si se upravo pomoću te opcije automatski i zarazio Očisti flash disk u međuvremenu dok mi ne upoladuješ te fajlove koje sam ti tražio.. ---------- Preuzmi program Flash_Disinfector. program se pokreće dvoklikom na Flash_Disinfector.exe kada se pojavi poruka sa obaveštenjem, potrebno je priključiti inficirane USB flash drive-ove (pri tome držati pritisnut taster Shift kako bi se izbegao autoplay) kliknuti na OK i sačekati da se proces završi kada se pojavi poruka Done !!, kliknuti na OK.

Profil

nestor91028 Poslao: 17 Jun 2008 22:35 Idi na vrh
offline nestor91028 Građanin Pridružio: 04 Mar 2008 Poruke: 147 Gde živiš: Leposavić	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uploadovao sam uspešno fajlove, izvini ako malo kasnim sa odgovorima veza mi se kida na svakih 5 minuta, a brzina je max 45,2 kb/s tako je to kod mene od kada sam se prvi put prikačio na web, podneo sam zahtev za ADSL ali na to moram da prićekam bar mesec dana.Fleš sam oćistio ali nisam baš siguran da crv više nije unutra , takođe sam primetio da se folder config posle brisanja ponovo javlja nakon 3 sekunde, zato odmah moram da izvučem fleš iz mašine kako se crv ne bih klonirao, posle one dezinfekcije nisam ga više gurao u komp, imam još dva fleša bojim se da su i oni zaraženi. Autoplay mi i dalje ne radi mislio sam da je isključen ali nije, uglavnom bolje je da neko vreme ne radi.Što se tiče one dosadne reklame nisam je primetio u poslednje vreme, ali to ne znači da je crv izbrisan barem ne sasvim. Pozzz..

Profil

DEMIAN Poslao: 17 Jun 2008 22:48 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! I ja sam upravo sada došao na forum. Sačekaj da proverim o čemu se radi pa ti se javim sa daljim uputstvima.

Profil

nestor91028 Poslao: 17 Jun 2008 23:30 Idi na vrh
offline nestor91028 Građanin Pridružio: 04 Mar 2008 Poruke: 147 Gde živiš: Leposavić	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U redu je sačekaću....

Profil

DEMIAN Poslao: 17 Jun 2008 23:41 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Onaj drajver je ok a bpminit.exe je sumnjiv. Jel' poznato tebi to možda? Podizao se uz start up.. Da nije deo nekog skoro instaliranog programa možda? Skloni ga negde sa strane (cut/paste npr na desktop) pa vidi da li će ponovo da se kreira ili da li neka aplikacija brlja/pojavi grešku zato jer ga nema. Na koji tačno config folder misliš? Reci mi njegovu putanju.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » crv <studentski glasnik>

Ko je trenutno na forumu

Ukupno su 783 korisnika na forumu :: 3 registrovanih, 0 sakrivenih i 780 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Bobrock1, Dorcolac, voja64

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by