Problem so msn !

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Imam jedan mali problem bar mislim da je mali imao sam 8,5 mesenger i ponekad mi se sam isklucuvao bez nista i saljio poruke na ljudi sta imam na msn moji prijatelji poruke su bili ovakve Airo ha scritto (14.3:
2009.awesomeofferz.com potom sam isbrisao taj i instaliraon novi msn ali ipak nista se nije smenilo opet isti problem jel moze neka pomos hvala unapred Pozdrav

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Probaj za pocetak da promenis password za tvoj MSN nalog.

Da nisi slucajno probao da ides na one sajtove koji ti kazu da li te neko blokirao na listi?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Jesam jedan put jel mzoe da bude do to ???

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Moze. Te stranice su ciste prevare.
Da bi saznali da li te navodno neko blokirao, traze od tebe da unses svoju MSN adresu i password. To onda iskoriste da se uloguju na tvoj nalog i da salju te spam poruke.

Hajmo da proverimo da li kojim slucajem nemas nekog trojanca koji sa tvog kompjutera salje te poruke:

Skini ComboFix sa jedne od sledecih adresa na Desktop:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Okej evo sada cu

Dopuna: 07 Jan 2009 19:32

ComboFix 09-01-07.01 - DES24 2009-01-07 19.19.10.1 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.1.1033.18.3070.1966 [GMT 1:00]
Eseguito da: c:\users\DES24\Desktop\ComboFix.exe
* Creato nuovo punto di ripristino
.

((((((((((((((((((((((((( Files Creati Da 2008-12-07 al 2009-01-07 )))))))))))))))))))))))))))))))))))
.

2009-01-05 12:21 . 2009-01-05 12:21 <DIR> d-------- c:\users\All Users\Creative
2009-01-05 12:21 . 2009-01-05 12:21 <DIR> d-------- c:\programdata\Creative
2009-01-04 15:22 . 2003-06-12 23:25 7,062 --a------ c:\windows\System32\audiopid.vxd
2009-01-04 15:21 . 2006-10-06 07:17 53,248 --------- c:\windows\Ctregrun.exe
2009-01-04 15:17 . 2009-01-04 15:17 <DIR> d-------- c:\program files\muvee Technologies
2009-01-04 15:17 . 2009-01-04 15:17 <DIR> d-------- c:\program files\Common Files\muvee Technologies
2009-01-04 15:17 . 2006-08-30 07:10 158,456 --------- c:\windows\System32\pxwma.dll
2009-01-04 15:17 . 2006-05-16 11:54 57,344 --a------ c:\windows\System32\Mfc42loc.dll
2009-01-04 15:17 . 2006-08-30 07:10 36,528 --------- c:\windows\System32\drivers\PxHelp20.sys
2009-01-04 15:17 . 2006-08-30 07:10 2,560 --------- c:\windows\System32\drivers\cdralw2k.sys
2009-01-04 15:17 . 2006-08-30 07:10 2,432 --------- c:\windows\System32\drivers\cdr4_xp.sys
2009-01-04 15:16 . 2009-01-04 15:16 <DIR> d-------- c:\users\DES24\AppData\Roaming\InstallShield
2009-01-04 15:16 . 2009-01-04 15:16 <DIR> d-------- c:\users\All Users\muvee Technologies
2009-01-04 15:16 . 2009-01-04 15:16 <DIR> d-------- c:\programdata\muvee Technologies
2009-01-04 15:15 . 2009-01-04 15:15 <DIR> d-------- c:\program files\SightSpeed
2009-01-04 15:07 . 2009-01-04 15:22 <DIR> d--h----- c:\program files\InstallShield Installation Information
2009-01-04 15:07 . 2009-01-04 15:21 <DIR> d-------- c:\program files\Creative
2009-01-02 23:29 . 2009-01-07 17:36 <DIR> d-------- c:\users\DES24\Tracing
2009-01-02 23:25 . 2009-01-02 23:25 <DIR> d-------- c:\program files\Microsoft Silverlight
2009-01-02 23:25 . 2008-12-08 17:01 55,264 --a------ c:\windows\System32\drivers\fssfltr.sys
2009-01-02 23:24 . 2009-01-02 23:24 <DIR> d-------- c:\program files\Microsoft Sync Framework
2009-01-02 23:20 . 2009-01-02 23:20 <DIR> d-------- c:\program files\Windows Live SkyDrive
2009-01-02 23:20 . 2009-01-02 23:20 <DIR> d-------- c:\program files\Microsoft
2009-01-02 23:09 . 2009-01-02 23:11 <DIR> d-------- c:\windows\System32\Adobe
2009-01-02 22:19 . 2009-01-02 22:19 <DIR> d-------- c:\program files\Common Files\Windows Live
2009-01-02 12:59 . 2008-01-30 08:05 812,544 --a------ c:\windows\System32\drivers\ti21sony.sys
2009-01-01 00:30 . 2009-01-01 00:30 <DIR> d-------- c:\users\DES24\AppData\Roaming\Nero
2008-12-31 17:29 . 2008-05-10 04:35 885,248 --a------ c:\windows\System32\RacEngn.dll
2008-12-31 17:29 . 2008-09-03 04:59 468,992 --a------ c:\windows\System32\newdev.dll
2008-12-31 17:29 . 2008-09-03 04:58 74,752 --a------ c:\windows\System32\newdev.exe
2008-12-31 17:29 . 2008-05-09 23:22 9,127 --a------ c:\windows\System32\RacUR.xml
2008-12-31 17:29 . 2008-05-09 23:22 153 --a------ c:\windows\System32\RacUREx.xml
2008-12-31 04:18 . 2008-12-31 04:18 <DIR> d-------- C:\G-RAP-IT_SHARE_1.0by_waxe
2008-12-31 00:16 . 2008-12-31 00:16 <DIR> d-------- c:\program files\MSXML 4.0
2008-12-30 07:19 . 2008-12-30 07:19 <DIR> d-------- c:\program files\AskTBar
2008-12-30 07:11 . 2008-12-30 07:12 <DIR> d-------- c:\program files\Vista Optimizer
2008-12-30 07:11 . 2004-03-09 00:00 1,081,616 --a------ c:\windows\System32\mscomctl.ocx
2008-12-30 07:11 . 2004-03-09 00:00 662,288 --a------ c:\windows\System32\mscomct2.ocx
2008-12-30 07:11 . 2004-03-09 00:00 609,824 --a------ c:\windows\System32\comctl32.ocx
2008-12-30 07:11 . 2007-04-11 15:56 440,352 --a------ c:\windows\System32\mshflxgd.ocx
2008-12-30 07:11 . 2007-04-11 15:56 224,016 --a------ c:\windows\System32\tabctl32.ocx
2008-12-30 07:11 . 2007-04-11 15:56 212,240 --a------ c:\windows\System32\richtx32.ocx
2008-12-30 07:11 . 2004-03-09 00:00 152,848 --a------ c:\windows\System32\comdlg32.ocx
2008-12-30 07:11 . 2007-03-19 13:25 18,728 --a------ c:\windows\System32\ishf_Ex.TLB
2008-12-30 07:11 . 2007-03-19 13:25 7,752 --a------ c:\windows\System32\shelllink.TLB
2008-12-30 07:04 . 2008-12-30 07:19 <DIR> d-------- c:\program files\Nero
2008-12-30 07:03 . 2008-12-30 07:11 <DIR> d-------- c:\users\All Users\Nero
2008-12-30 07:03 . 2008-12-30 07:11 <DIR> d-------- c:\programdata\Nero
2008-12-30 07:03 . 2008-12-30 07:33 <DIR> d-------- c:\program files\Common Files\Nero
2008-12-30 03:01 . 2008-12-30 03:01 <DIR> d-------- c:\program files\Java
2008-12-30 03:01 . 2008-12-30 03:01 410,984 --a------ c:\windows\System32\deploytk.dll
2008-12-30 02:35 . 2008-12-30 02:34 171,136 -rahs---- C:\grldr
2008-12-30 01:59 . 2009-01-07 19:21 <DIR> d-------- c:\users\DES24\AppData\Roaming\uTorrent
2008-12-30 01:59 . 2008-12-30 01:59 <DIR> d-------- c:\program files\uTorrent
2008-12-29 20:53 . 2009-01-05 00:32 27,335 --a------ c:\users\DES24\AppData\Roaming\nvModes.dat
2008-12-29 05:02 . 2008-12-29 05:02 <DIR> d-------- c:\users\DES24\AppData\Roaming\Media Player Classic
2008-12-29 02:33 . 2008-12-29 02:33 <DIR> d-------- c:\users\DES24\AppData\Roaming\Winamp
2008-12-29 02:33 . 2008-12-30 02:39 <DIR> d-------- c:\program files\Winamp
2008-12-29 02:33 . 2007-03-08 00:51 129,784 --------- c:\windows\System32\pxafs.dll
2008-12-29 02:31 . 2008-12-29 02:31 <DIR> d-------- c:\users\All Users\Real
2008-12-29 02:31 . 2008-12-29 02:31 <DIR> d-------- c:\program files\K-Lite Codec Pack
2008-12-29 02:11 . 2009-01-01 15:52 <DIR> d-------- c:\users\DES24\AppData\Roaming\Skype
2008-12-29 00:47 . 2009-01-03 03:19 <DIR> d-------- c:\users\DES24\AppData\Roaming\mIRC
2008-12-29 00:47 . 2008-12-29 00:47 <DIR> d-------- c:\program files\mIRC
2008-12-29 00:36 . 2008-12-29 00:36 <DIR> d-------- c:\users\All Users\Skype
2008-12-29 00:36 . 2008-12-29 00:36 <DIR> d-------- c:\programdata\Skype
2008-12-29 00:36 . 2008-12-29 00:36 <DIR> d-------- c:\program files\Skype
2008-12-29 00:36 . 2008-12-29 00:36 <DIR> d-------- c:\program files\Common Files\Skype
2008-12-29 00:30 . 2008-12-29 00:30 <DIR> d-------- c:\program files\IObit
2008-12-29 00:29 . 2008-12-29 00:29 0 --a------ c:\windows\nsreg.dat
2008-12-29 00:20 . 2009-01-02 23:25 <DIR> d----c--- c:\windows\System32\DRVSTORE
2008-12-29 00:10 . 2008-12-29 02:11 <DIR> d-------- c:\users\All Users\NVIDIA
2008-12-29 00:10 . 2008-12-29 02:11 <DIR> d-------- c:\programdata\NVIDIA
2008-12-29 00:08 . 2008-02-14 09:22 1,073,152 --a------ c:\windows\System32\nvcpluir.dll
2008-12-29 00:08 . 2008-02-14 09:22 753,664 --a------ c:\windows\System32\nvcplui.exe
2008-12-29 00:08 . 2008-02-14 09:22 413,696 --a------ c:\windows\System32\nvcpl.cpl
2008-12-29 00:08 . 2008-02-14 09:24 307,200 --a------ c:\windows\System32\nvexpbar.dll
2008-12-29 00:07 . 2009-01-04 15:18 <DIR> d-------- c:\program files\Common Files\InstallShield
2008-12-29 00:07 . 2008-02-14 09:21 3,629,056 --a------ c:\windows\System32\nvvitvsr.dll
2008-12-29 00:07 . 2008-02-14 09:27 2,441,216 --a------ c:\windows\System32\nvwssr.dll
2008-12-29 00:07 . 2008-02-14 09:27 2,363,392 --a------ c:\windows\System32\nvwss.dll
2008-12-29 00:07 . 2008-02-14 09:27 1,500,160 --a------ c:\windows\System32\nvwgf2um.dll
2008-12-29 00:07 . 2007-09-19 21:24 356,352 --a------ c:\windows\System32\NVUNINST.EXE
2008-12-29 00:07 . 2008-02-14 09:15 17,331 --a------ c:\windows\System32\nvwsapps.xml
2008-12-28 22:46 . 2008-12-28 22:46 268 --ah----- C:\sqmdata00.sqm
2008-12-28 22:46 . 2008-12-28 22:46 244 --ah----- C:\sqmnoopt00.sqm
2008-12-28 22:45 . 2008-12-28 23:09 96,976 --a------ c:\windows\System32\drivers\klin.dat
2008-12-28 22:45 . 2008-12-28 22:45 87,855 --a------ c:\windows\System32\drivers\klick.dat
2008-12-28 22:44 . 2009-01-07 19:19 <DIR> d-------- c:\users\All Users\Kaspersky Lab
2008-12-28 22:44 . 2009-01-07 19:19 <DIR> d-------- c:\programdata\Kaspersky Lab
2008-12-28 22:44 . 2008-12-28 22:44 <DIR> d-------- c:\program files\Kaspersky Lab
2008-12-28 22:44 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\System32\d3dx9_32.dll
2008-12-28 22:44 . 2009-01-07 17:35 2,594,848 --ahs---- c:\windows\System32\drivers\fidbox.dat
2008-12-28 22:44 . 2009-01-07 17:35 376,864 --ahs---- c:\windows\System32\drivers\fidbox2.dat
2008-12-28 22:44 . 2009-01-07 17:35 21,352 --ahs---- c:\windows\System32\drivers\fidbox.idx
2008-12-28 22:44 . 2009-01-07 19:16 2,368 --ahs---- c:\windows\System32\drivers\fidbox2.idx
2008-12-28 22:43 . 2008-12-28 22:43 <DIR> d-------- c:\program files\Microsoft SQL Server Compact Edition
2008-12-28 22:19 . 2009-01-02 22:12 <DIR> d-------- c:\program files\Windows Live Toolbar
2008-12-28 22:17 . 2008-12-28 22:17 <DIR> d-------- c:\windows\PCHEALTH
2008-12-28 22:12 . 2008-12-28 22:12 <DIR> d-------- c:\windows\System32\Macromed
2008-12-28 22:04 . 2009-01-02 23:25 <DIR> d-------- c:\program files\Windows Live
2008-12-28 22:04 . 2008-12-28 22:17 <DIR> d--hsc--- c:\program files\Common Files\WindowsLiveInstaller
2008-12-28 22:03 . 2009-01-06 06:13 <DIR> d--hs---- c:\windows\Installer
2008-12-28 22:03 . 2008-12-29 00:19 <DIR> d-------- c:\users\All Users\WLInstaller
2008-12-28 22:03 . 2008-12-29 00:19 <DIR> d-------- c:\programdata\WLInstaller
2008-12-28 21:53 . 2008-12-28 21:53 <DIR> d-------- c:\users\All Users\Kaspersky Lab Setup Files
2008-12-28 21:53 . 2008-12-28 21:53 <DIR> d-------- c:\programdata\Kaspersky Lab Setup Files
2008-12-28 21:47 . 2008-12-28 21:47 0 --ah----- c:\windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-12-28 20:32 . 2008-04-26 09:26 891,448 --a------ c:\windows\System32\drivers\tcpip.sys
2008-12-28 20:21 . 2008-12-28 20:21 <DIR> d-------- C:\PerfLogs
2008-12-28 20:03 . 2008-01-19 07:06 8,147,456 --a------ c:\windows\System32\wmploc.DLL
2008-12-28 20:02 . 2008-01-19 08:34 305,152 --a------ c:\windows\System32\msdelta.dll
2008-12-28 20:02 . 2008-01-19 08:34 258,560 --a------ c:\windows\System32\dpx.dll
2008-12-28 20:02 . 2008-01-19 08:34 246,784 --a------ c:\windows\System32\drvstore.dll
2008-12-28 20:02 . 2008-01-19 08:36 218,624 --a------ c:\windows\System32\wdscore.dll
2008-12-28 20:02 . 2008-01-19 08:33 130,560 --a------ c:\windows\System32\PkgMgr.exe
2008-12-28 20:02 . 2008-01-19 08:35 35,328 --a------ c:\windows\System32\mspatcha.dll
2008-12-28 17:06 . 2008-12-28 15:42 <DIR> d-------- c:\windows\Panther
2008-12-28 17:06 . 2008-12-28 15:24 <DIR> d-------- c:\windows\Debug
2008-12-28 17:03 . 2008-12-28 17:03 269,312 --a------ c:\windows\System32\es.dll
2008-12-28 17:01 . 2008-12-28 17:01 988,216 --a------ c:\windows\System32\winload.exe
2008-12-28 17:01 . 2008-12-28 17:01 927,288 --a------ c:\windows\System32\winresume.exe
2008-12-28 17:01 . 2008-12-28 17:01 615,992 --a------ c:\windows\System32\ci.dll
2008-12-28 17:01 . 2008-12-28 17:01 378,368 --a------ c:\windows\System32\srcore.dll
2008-12-28 17:01 . 2008-12-28 17:01 318,464 --a------ c:\windows\System32\rstrui.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-28 19:28 174 --sha-w c:\program files\desktop.ini
2008-12-28 19:21 --------- d-----w c:\program files\Windows Sidebar
2008-12-28 19:21 --------- d-----w c:\program files\Windows Photo Gallery
2008-12-28 19:21 --------- d-----w c:\program files\Windows Mail
2008-12-28 19:21 --------- d-----w c:\program files\Windows Journal
2008-12-28 19:21 --------- d-----w c:\program files\Windows Defender
2008-12-28 19:21 --------- d-----w c:\program files\Windows Collaboration
2008-12-28 19:21 --------- d-----w c:\program files\Windows Calendar
2008-12-28 19:11 82,432 ----a-w c:\windows\System32\axaltocm.dll
2008-12-28 19:11 101,888 ----a-w c:\windows\System32\ifxcardm.dll
2008-12-28 15:43 --------- d-----w c:\program files\Microsoft Games
2008-12-28 14:21 541,696 ----a-w c:\windows\AppPatch\AcLayers.dll
2008-12-28 14:21 52,736 ----a-w c:\windows\AppPatch\iebrshim.dll
2008-12-28 14:21 460,288 ----a-w c:\windows\AppPatch\AcSpecfc.dll
2008-12-28 14:21 2,560 ----a-w c:\windows\AppPatch\AcRes.dll
2008-12-28 14:21 2,154,496 ----a-w c:\windows\AppPatch\AcGenral.dll
2008-12-28 14:21 173,056 ----a-w c:\windows\AppPatch\AcXtrnal.dll
2008-12-08 11:53 57,344 ----a-w c:\windows\System32\ff_vfw.dll
2008-12-07 18:08 795,648 ----a-w c:\windows\System32\xvidcore.dll
2008-12-07 18:08 130,048 ----a-w c:\windows\System32\xvidvfw.dll
2008-12-04 23:38 308,072 ----a-w c:\windows\WLXPGSS.SCR
2008-12-02 21:37 49,480 ----a-w c:\windows\System32\sirenacm.dll
2008-10-28 22:35 684,032 ----a-w c:\windows\System32\divx.dll
.

((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2008-12-02 3882312]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"Creative Live! Cam Manager"="c:\program files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2007-05-02 151552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-07-29 206088]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2008-02-14 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-14 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-02-14 81920]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-30 136600]
"V0470Mon.exe"="c:\windows\V0470Mon.exe" [2007-04-11 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkbd.dll,c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll,c:\progra~1\KASPER~1\KASPER~1\adialhk.dll,c:\progra~1\KASPER~1\KASPER~1\kloehk.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{C546FCCD-8EDD-416A-B9BA-7E0FA7A95C31}c:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\english\\setup.exe"= UDP:c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup
"UDP Query User{9215F4CE-6905-4517-930F-C37259F27C1C}c:\\programdata\\kaspersky lab setup files\\kaspersky internet security 2009\\english\\setup.exe"= TCP:c:\programdata\kaspersky lab setup files\kaspersky internet security 2009\english\setup.exe:Kaspersky Internet Security 2009 Setup
"{71014FB5-C2D4-4021-B24F-A829DD11E686}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{C56370BC-B5A2-4611-802F-15F0DC1446F7}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{7E2E5BB4-78EC-4207-8AFF-8826CD6C11CB}"= UDP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{62D9BE2E-0532-40B4-A2D9-717A0F887FF9}"= TCP:c:\program files\Winamp Remote\bin\Orb.exe:Orb
"{38404E52-DDFE-42C8-91A1-4FA43C345764}"= UDP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{0DA01582-D6AA-45F8-A673-97AC23747C40}"= TCP:c:\program files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{7678AFCB-6994-4911-B508-A88982CE9B70}"= UDP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{6163C770-91AF-42E2-A6A2-9B528146E3D8}"= TCP:c:\program files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{8C3FAEFF-6BFC-4512-A8A7-08A7A76BA0AB}"= UDP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{576344D5-9E7C-457C-ACE3-F81983EFF034}"= TCP:c:\program files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{00D5E914-3315-4003-9004-0D9643670C4B}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{E5BFEC33-8D93-4205-B4CF-C69D858D4723}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{F4D1A596-B666-4A1A-AED2-B18A59ABE72B}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [2008-01-29 32784]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [2008-07-09 20496]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\System32\drivers\klfltdev.sys [2008-03-13 26640]
R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [2009-01-02 812544]
R4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-11-25 935208]
R4 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [2009-01-02 55264]
S3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 VF0470Vid;Live! Cam Notebook (VF0470);c:\windows\System32\drivers\V0470Vid.sys [2009-01-04 146368]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7892da84-d518-11dd-8cab-001a80fa42bc}]
\shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL g:\resycled\boot.com d:
\shell\Open\command - "re

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
%SystemRoot%\system32\soundschemes.exe /AddRegistration

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
%SystemRoot%\system32\soundschemes2.exe /AddRegistration
.
.
------- Supplementare di scansione -------
.
uStart Page = hxxp://www.google.com/
IE: Add to Banner Ad Blocker - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
FF - ProfilePath - c:\users\DES24\AppData\Roaming\Mozilla\Firefox\Profiles\9j81j6zv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\users\DES24\AppData\Roaming\Mozilla\Firefox\Profiles\9j81j6zv.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-01-07 19:22:45
Windows 6.0.6001 Service Pack 1 NTFS

scansione processi nascosti ...

scansione entrate autostart nascoste ...

Scansione files nascosti ...

Scansione completata con successo
Files nascosti: 0

**************************************************************************
.
Ora fine scansione: 2009-01-07 19.25.12
ComboFix-quarantined-files.txt 2009-01-07 18:25:03

Pre-Run: 176.794.722.304 bytes free
Post-Run: 176,809,185,280 bytes free

Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
249 --- E O F --- 2009-01-06 00:35:09

Dopuna: 07 Jan 2009 19:32

Dali je ovo to ????????

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Log je cist.
Vidi se jedino da si nekada na komp imao prikljucen neki USB stick koji je bio zarazen.

Probaj da li ce da funkcionise ono sto sam ti predlozio - da promenis password za MSN.
Javi da li se nakon toga jos javlja problem sa onim porukama, pa da deinstaliramo ComboFix sa tvog kompjutera ukoliko sve bude u redu.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Okej hvala sada cu i to da uradim

Dopuna: 07 Jan 2009 20:14

Promenio sam Pasword nadam se da je sada sve okej jel da deinstaliramo ComboFix sada ?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Mislio sam da ComboFix ostavimo dok ne budes potpuno siguran da je bilo do passworda.

U svakom slucaju, ComboFix se deinstalira ovako:

Klikni START a zatim RUN
U liniju za unos teksta ukucaj Combofix /u i klikni OK





Sačekaj da se proces deinstalacije završi
Gornja procedura će:
Obrisati sledeće:
ComboFix i njegove file-ove i foldere
VundoFix Backups folder, ako postoji
C:\Deckard folder, ako postoji
C:\OtMoveIt folder, ako postoji
Resetovati podešavanja sata na kompjuteru
Sakriti ekstenzije file-ova, ako je potrebno
Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno
Resetovati System Restore

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Aha Okej samo jos da te pitam sta je ovo Combofix posto moj antivirus dosta je strajkovao ???

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

To je alat posebno napravljen za ciscenje racunara ovako preko foruma.
AV se buni posto ComboFix sadrzi funkcije koje AV programi smatraju opasnim.
Veruj mi na rec da je ComboFix legitiman, i da nemas razloga za brigu.