kako da se otarasim win 32:fasec [trj] ?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

ComboFix 09-02-08.02 - Korisnik 2009-02-09 18:49:41.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.589 [GMT 1:00]
Running from: c:\documents and settings\Korisnik\My Documents\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\Korisnik\LOCALS~1\Temp\install_flash_player.exe
c:\windows\system32\drivers\gaopdxcxxtpskl.sys
c:\windows\system32\drivers\gaopdxtodlrrnd.sys
c:\windows\system32\drivers\gaopdxvmpfumuy.sys
c:\windows\system32\gaopdxcounter
c:\windows\system32\gaopdxdevvimps.dll
c:\windows\system32\inf\rundll33.exe
c:\windows\system32\pthreadGC2.dll
c:\windows\system32\xcchit32.ini
c:\windows\xccwinsys.ini

.
((((((((((((((((((((((((( Files Created from 2009-01-09 to 2009-02-09 )))))))))))))))))))))))))))))))
.

2009-02-09 18:49 . 2009-02-09 18:51 <DIR> d-------- C:\ComboFix
2009-02-09 17:35 . 2009-02-09 18:51 <DIR> d-------- C:\Qoobox
2009-02-09 16:40 . 2009-02-09 16:40 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\Yahoo!
2009-02-09 16:40 . 2009-02-09 16:40 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-02-09 16:39 . 2009-02-09 16:50 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo!
2009-02-09 15:57 . 2009-02-09 16:00 <DIR> d-------- C:\USBNoRisk
2009-02-09 15:57 . 2009-02-09 16:00 <DIR> d-------- C:\USBNoRisk
2009-02-09 15:46 . 2009-02-09 15:46 <DIR> d-------- c:\program files\Trend Micro
2009-02-08 23:03 . 2008-06-19 16:24 28,544 --a------ c:\windows\system32\drivers\pavboot.sys
2009-02-08 23:02 . 2009-02-08 23:02 <DIR> d-------- c:\program files\Panda Security
2009-02-08 21:51 . 2009-02-08 21:50 102,664 --a------ c:\windows\system32\drivers\tmcomm.sys
2009-02-08 21:50 . 2009-02-08 21:55 <DIR> d-------- c:\documents and settings\Korisnik\.housecall6.6
2009-02-08 18:43 . 2009-02-08 18:43 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-08 18:43 . 2009-02-08 18:43 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\Malwarebytes
2009-02-08 18:43 . 2009-02-08 18:43 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-02-08 18:43 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-08 18:43 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-02-08 17:36 . 2009-02-08 17:36 5,120 --ahs---- c:\windows\system32\Thumbs.db
2009-02-08 02:15 . 2009-02-08 02:15 <DIR> d-------- C:\escwsa
2009-02-08 02:15 . 2009-02-08 02:15 <DIR> d-------- C:\escwsa
2009-02-07 00:49 . 2009-02-07 00:55 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-02-07 00:49 . 2009-01-18 22:30 64,160 --a------ c:\windows\system32\drivers\Lbd.sys
2009-02-05 22:40 . 2009-02-05 22:46 <DIR> d--h----- C:\$AVG8.VAULT$
2009-02-05 22:40 . 2009-02-05 22:46 <DIR> d--h----- C:\$AVG8.VAULT$
2009-02-05 21:30 . 2009-02-09 18:32 <DIR> d-------- c:\windows\system32\drivers\Avg
2009-02-05 21:30 . 2009-02-05 21:30 <DIR> d-------- c:\program files\AVG
2009-02-05 21:30 . 2009-02-09 18:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-02-05 21:30 . 2009-02-05 21:30 325,128 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-02-05 21:30 . 2009-02-05 21:30 107,272 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-02-05 21:30 . 2009-02-05 21:30 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-02-03 14:43 . 2009-02-03 14:43 <DIR> d-------- c:\program files\Filseclab
2009-02-03 14:43 . 2009-02-09 17:09 <DIR> d-------- c:\program files\Common Files\Filseclab
2009-02-02 19:02 . 2009-02-02 19:02 <DIR> d-------- c:\program files\Alwil Software
2009-02-01 16:40 . 2009-02-09 18:50 <DIR> d-------- c:\windows\system32\inf
2009-02-01 16:39 . 2009-02-02 19:02 349 --a------ C:\autorun.inf.blocked
2009-02-01 16:39 . 2009-02-02 19:02 349 --a------ C:\autorun.inf.blocked
2009-02-01 15:36 . 2009-02-01 15:36 <DIR> d-------- c:\program files\uTorrent
2009-02-01 15:36 . 2009-02-01 23:32 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\uTorrent
2009-02-01 13:35 . 2009-02-01 13:34 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-30 22:50 . 2009-01-30 22:50 <DIR> d-------- c:\program files\Opera
2009-01-25 16:49 . 2009-02-03 01:18 <DIR> d-------- c:\program files\Global Pets 2002
2009-01-25 16:49 . 2009-01-25 16:49 0 --a------ c:\windows\PROTOCOL.INI
2009-01-24 15:49 . 2009-01-24 15:49 <DIR> d-------- c:\documents and settings\All Users\Application Data\IM
2009-01-24 15:48 . 2009-01-24 15:48 <DIR> d-------- c:\documents and settings\All Users\Application Data\IncrediMail
2009-01-22 23:53 . 2009-01-22 23:53 <DIR> d-------- c:\program files\RapidTyping
2009-01-22 23:53 . 2009-01-22 23:53 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\RapidTyping
2009-01-22 19:58 . 2009-01-22 19:58 <DIR> d-------- c:\program files\IKEA HomePlanner
2009-01-22 19:57 . 2009-01-22 19:57 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-01-21 23:32 . 2009-02-02 17:30 <DIR> d-------- c:\windows\ie8updates
2009-01-21 23:28 . 2009-01-21 23:28 <DIR> d-------- c:\program files\MSXML 4.0
2009-01-21 19:47 . 2009-01-21 19:50 <DIR> d-------- c:\program files\Virtual Earth 3D
2009-01-19 22:42 . 2009-01-19 22:42 <DIR> d-------- c:\program files\Common Files\NSV
2009-01-19 19:54 . 2009-01-19 20:48 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\ForgottenRiddles2
2009-01-19 19:54 . 2009-02-06 01:05 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2009-01-19 19:53 . 2009-02-03 01:19 <DIR> d-------- c:\program files\Oberon Media
2009-01-19 19:53 . 2009-02-07 00:56 <DIR> d-------- c:\program files\MSN Games
2009-01-19 18:15 . 2009-01-19 18:15 <DIR> d-------- c:\documents and settings\All Users\Application Data\PopCap
2009-01-19 14:39 . 2009-02-07 15:59 <DIR> d-------- C:\temp
2009-01-19 14:39 . 2009-02-07 15:59 <DIR> d-------- C:\temp
2009-01-18 16:10 . 2009-02-01 13:34 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-01-17 22:37 . 2009-01-17 22:37 <DIR> d--hs---- c:\documents and settings\Korisnik\PrivacIE
2009-01-17 22:26 . 2007-08-13 18:45 78,336 --a------ c:\windows\system32\ieencode.dll
2009-01-17 22:26 . 2007-08-13 18:45 78,336 --a------ c:\windows\system32\dllcache\ieencode.dll
2009-01-16 19:33 . 2009-01-16 19:33 <DIR> d-------- c:\documents and settings\Korisnik\WINDOWS
2009-01-16 19:33 . 1998-10-01 15:22 299,520 --a------ c:\windows\uninst.exe
2009-01-16 15:09 . 2009-01-16 15:09 <DIR> d-------- c:\program files\Apple Software Update
2009-01-16 15:09 . 2009-01-16 15:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple
2009-01-16 11:08 . 2007-03-08 00:51 129,784 --------- c:\windows\system32\pxafs.dll
2009-01-16 11:08 . 2007-03-08 00:51 9,464 --------- c:\windows\system32\drivers\cdralw2k.sys
2009-01-16 11:08 . 2007-03-08 00:51 9,336 --------- c:\windows\system32\drivers\cdr4_xp.sys
2009-01-15 18:08 . 2009-01-19 15:01 <DIR> d-------- c:\program files\ffdshow
2009-01-15 18:08 . 2008-11-02 10:11 11,264 --a------ c:\windows\system32\ff_vfw.dll
2009-01-15 18:08 . 2008-11-02 10:11 547 --a------ c:\windows\system32\ff_vfw.dll.manifest
2009-01-15 17:15 . 2009-01-15 17:15 <DIR> d-------- c:\windows\system32\Nexus Radio
2009-01-15 17:15 . 2009-01-27 20:14 <DIR> d-------- c:\program files\Nexus Radio
2009-01-15 17:15 . 2009-01-20 14:48 <DIR> d-------- C:\My Saved Files
2009-01-15 17:15 . 2009-01-15 17:15 <DIR> d-------- C:\My Recorded Files
2009-01-15 17:15 . 2009-01-20 14:48 <DIR> d-------- C:\My Saved Files
2009-01-15 17:15 . 2009-01-15 17:15 <DIR> d-------- C:\My Recorded Files
2009-01-15 14:27 . 2004-06-10 15:31 135,168 -ra------ c:\windows\UNDPX2A.exe
2009-01-15 14:27 . 2004-06-10 15:34 53,693 -ra------ c:\windows\UNDPX2A.sys
2009-01-12 21:35 . 2006-10-26 19:56 32,592 --a------ c:\windows\system32\msonpmon.dll
2009-01-12 21:33 . 2009-01-12 21:33 <DIR> d-------- c:\program files\MSBuild
2009-01-12 21:33 . 2009-01-12 21:33 <DIR> d-------- c:\program files\Microsoft Works
2009-01-12 21:32 . 2009-01-12 21:32 <DIR> d-------- c:\program files\Microsoft.NET
2009-01-12 21:26 . 2009-01-12 21:26 <DIR> d-------- c:\program files\Microsoft Visual Studio 8
2009-01-12 21:25 . 2009-01-21 23:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-01-09 01:06 . 2004-08-03 23:08 31,616 --a------ c:\windows\system32\drivers\usbccgp.sys
2009-01-09 01:06 . 2004-08-03 23:08 31,616 --a--c--- c:\windows\system32\dllcache\usbccgp.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-09 16:19 --------- d-----w c:\program files\ESET
2009-02-09 15:40 --------- d-----w c:\program files\Yahoo!
2009-02-06 23:58 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-06 23:58 --------- d-----w c:\documents and settings\Korisnik\Application Data\My Games
2009-02-06 23:55 --------- d-----w c:\program files\Lavasoft
2009-02-05 23:49 --------- d-----w c:\program files\MP3 Rocket
2009-02-05 23:23 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
2009-02-05 19:34 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-02-05 19:34 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-01 12:34 --------- d-----w c:\program files\Java
2009-01-30 22:08 --------- d-----w c:\program files\StyleZone
2009-01-19 13:34 --------- d-----w c:\program files\DAP
2009-01-19 13:24 --------- d-----w c:\documents and settings\Korisnik\Application Data\MP3Rocket
2009-01-17 21:21 --------- d-----w c:\program files\Avanquest update
2009-01-16 10:09 --------- d-----w c:\program files\Winamp
2009-01-09 21:25 --------- d-----w c:\program files\Google
2009-01-04 17:53 --------- d-----w c:\documents and settings\Korisnik\Application Data\Lavasoft
2009-01-01 15:39 --------- d-----w c:\program files\Bethesda Softworks
2008-12-19 00:11 50,688 ----a-w c:\windows\system32\wbhelp2.dll
2008-12-11 11:57 333,184 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-09 23:28 --------- d-----w c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2008-12-09 23:28 --------- d-----w c:\program files\File Scanner Library (Spybot - Search & Destroy)
2008-05-04 21:56 2,401,296 ----a-w c:\program files\WLinstaller.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2007-11-20 356352]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-09 39408]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-02-14 486856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-10-28 344064]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 36975]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-10-19 286720]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"DownloadAccelerator"="c:\program files\DAP\DAP.EXE" [2008-12-19 2802688]
"nwiz"="nwiz.exe" [2007-06-28 c:\windows\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2007-09-03 c:\windows\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

c:\documents and settings\Korisnik\Start Menu\Programs\Startup\
MP3 Rocket (Minimized).lnk - c:\program files\MP3 Rocket\MP3Rocket.exe [2008-02-21 116224]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-01-19 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-05 21:30 10520 c:\windows\system32\avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Java\\jre1.5.0_06\\bin\\javaw.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager 1.0\\MediaManager.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\DAP\\DAP.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Java\\jre1.6.0_01\\bin\\javaw.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgtray.exe"=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgui.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Sports Interactive\\Football Manager 2009\\fm.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-02-07 64160]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-02-08 28544]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-02-05 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-02-05 107272]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-05 298264]
S3 usnjsvc;Usluga Messenger Sharing Folders USN Journal Reader;c:\program files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S4 Atmcock;Atmcock; [x]
.
Contents of the 'Scheduled Tasks' folder

2009-02-06 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

2009-02-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2009-02-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1202660629-682003330-1003.job
- c:\documents and settings\Korisnik\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-02 17:48]

2009-02-09 c:\windows\Tasks\User_Feed_Synchronization-{5DFC62E1-0298-45D7-95AE-1379387F5B22}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 18:36]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-nod32kui - c:\program files\Eset\nod32kui.exe
MSConfigStartUp-Comrade - c:\program files\GameSpy\Comrade\Comrade.exe


.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = [Link mogu videti samo ulogovani korisnici]
uInternet Connection Wizard,ShellNext = iexplore
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
FF - ProfilePath - c:\documents and settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\omeyncdj.default\
FF - plugin: c:\documents and settings\Korisnik\Local Settings\Application Data\Google\Update\1.2.133.37\npGoogleOneClick7.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2009-02-09 18:51:11
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(704)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-02-09 18:52:20
ComboFix-quarantined-files.txt 2009-02-09 17:52:18

Pre-Run: 50,315,366,400 bytes free
Post-Run: 51,110,764,544 bytes free

253 --- E O F --- 2009-01-21 22:35:07

Dopuna: 09 Feb 2009 19:07

Jel sad dobro?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Dobro si postavila.

Koje sve antiviruse si ti koristila. Pa pun log fajlova od antivirusa.

Javljam se kasnije sa uputstvima.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

da da sve sto sam nasla, samo sto neki nisu hteli da se instaliraju a neki da se apdejtuju

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Iskljuci Antivirus.

Otvoriti Notepad i iskopirati sledeci tekst:

Driver::
Atmcock


Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

ComboFix 09-02-08.02 - Korisnik 2009-02-09 21:14:10.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.398 [GMT 1:00]
Running from: c:\documents and settings\Korisnik\My Documents\Downloads\ComboFix.exe
Command switches used :: c:\documents and settings\Korisnik\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_Atmcock


((((((((((((((((((((((((( Files Created from 2009-01-09 to 2009-02-09 )))))))))))))))))))))))))))))))
.

2009-02-09 16:40 . 2009-02-09 16:40 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\Yahoo!
2009-02-09 16:40 . 2009-02-09 16:40 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-02-09 16:39 . 2009-02-09 16:50 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo!
2009-02-09 15:57 . 2009-02-09 16:00 <DIR> d-------- C:\USBNoRisk
2009-02-09 15:46 . 2009-02-09 15:46 <DIR> d-------- c:\program files\Trend Micro
2009-02-08 23:03 . 2008-06-19 16:24 28,544 --a------ c:\windows\system32\drivers\pavboot.sys
2009-02-08 23:02 . 2009-02-08 23:02 <DIR> d-------- c:\program files\Panda Security
2009-02-08 21:51 . 2009-02-08 21:50 102,664 --a------ c:\windows\system32\drivers\tmcomm.sys
2009-02-08 21:50 . 2009-02-08 21:55 <DIR> d-------- c:\documents and settings\Korisnik\.housecall6.6
2009-02-08 18:43 . 2009-02-08 18:43 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-02-08 18:43 . 2009-02-08 18:43 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\Malwarebytes
2009-02-08 18:43 . 2009-02-08 18:43 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-02-08 18:43 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-08 18:43 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-02-08 17:36 . 2009-02-08 17:36 5,120 --ahs---- c:\windows\system32\Thumbs.db
2009-02-08 02:15 . 2009-02-08 02:15 <DIR> d-------- C:\escwsa
2009-02-07 00:49 . 2009-02-07 00:55 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-02-07 00:49 . 2009-01-18 22:30 64,160 --a------ c:\windows\system32\drivers\Lbd.sys
2009-02-05 22:40 . 2009-02-05 22:46 <DIR> d--h----- C:\$AVG8.VAULT$
2009-02-05 21:30 . 2009-02-09 18:32 <DIR> d-------- c:\windows\system32\drivers\Avg
2009-02-05 21:30 . 2009-02-05 21:30 <DIR> d-------- c:\program files\AVG
2009-02-05 21:30 . 2009-02-09 19:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-02-05 21:30 . 2009-02-05 21:30 325,128 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-02-05 21:30 . 2009-02-05 21:30 107,272 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-02-05 21:30 . 2009-02-05 21:30 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-02-03 14:43 . 2009-02-03 14:43 <DIR> d-------- c:\program files\Filseclab
2009-02-03 14:43 . 2009-02-09 17:09 <DIR> d-------- c:\program files\Common Files\Filseclab
2009-02-02 19:02 . 2009-02-02 19:02 <DIR> d-------- c:\program files\Alwil Software
2009-02-01 16:40 . 2009-02-09 18:50 <DIR> d-------- c:\windows\system32\inf
2009-02-01 16:39 . 2009-02-02 19:02 349 --a------ C:\autorun.inf.blocked
2009-02-01 15:36 . 2009-02-01 15:36 <DIR> d-------- c:\program files\uTorrent
2009-02-01 15:36 . 2009-02-01 23:32 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\uTorrent
2009-02-01 13:35 . 2009-02-01 13:34 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-30 22:50 . 2009-01-30 22:50 <DIR> d-------- c:\program files\Opera
2009-01-25 16:49 . 2009-02-03 01:18 <DIR> d-------- c:\program files\Global Pets 2002
2009-01-25 16:49 . 2009-01-25 16:49 0 --a------ c:\windows\PROTOCOL.INI
2009-01-24 15:49 . 2009-01-24 15:49 <DIR> d-------- c:\documents and settings\All Users\Application Data\IM
2009-01-24 15:48 . 2009-01-24 15:48 <DIR> d-------- c:\documents and settings\All Users\Application Data\IncrediMail
2009-01-22 23:53 . 2009-01-22 23:53 <DIR> d-------- c:\program files\RapidTyping
2009-01-22 23:53 . 2009-01-22 23:53 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\RapidTyping
2009-01-22 19:58 . 2009-01-22 19:58 <DIR> d-------- c:\program files\IKEA HomePlanner
2009-01-22 19:57 . 2009-01-22 19:57 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-01-21 23:32 . 2009-02-02 17:30 <DIR> d-------- c:\windows\ie8updates
2009-01-21 23:28 . 2009-01-21 23:28 <DIR> d-------- c:\program files\MSXML 4.0
2009-01-21 19:47 . 2009-01-21 19:50 <DIR> d-------- c:\program files\Virtual Earth 3D
2009-01-19 22:42 . 2009-01-19 22:42 <DIR> d-------- c:\program files\Common Files\NSV
2009-01-19 19:54 . 2009-01-19 20:48 <DIR> d-------- c:\documents and settings\Korisnik\Application Data\ForgottenRiddles2
2009-01-19 19:54 . 2009-02-06 01:05 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2009-01-19 19:53 . 2009-02-03 01:19 <DIR> d-------- c:\program files\Oberon Media
2009-01-19 19:53 . 2009-02-07 00:56 <DIR> d-------- c:\program files\MSN Games
2009-01-19 18:15 . 2009-01-19 18:15 <DIR> d-------- c:\documents and settings\All Users\Application Data\PopCap
2009-01-19 14:39 . 2009-02-07 15:59 <DIR> d-------- C:\temp
2009-01-18 16:10 . 2009-02-01 13:34 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-01-17 22:37 . 2009-01-17 22:37 <DIR> d--hs---- c:\documents and settings\Korisnik\PrivacIE
2009-01-17 22:26 . 2007-08-13 18:45 78,336 --a------ c:\windows\system32\ieencode.dll
2009-01-17 22:26 . 2007-08-13 18:45 78,336 --a------ c:\windows\system32\dllcache\ieencode.dll
2009-01-16 19:33 . 2009-01-16 19:33 <DIR> d-------- c:\documents and settings\Korisnik\WINDOWS
2009-01-16 19:33 . 1998-10-01 15:22 299,520 --a------ c:\windows\uninst.exe
2009-01-16 15:09 . 2009-01-16 15:09 <DIR> d-------- c:\program files\Apple Software Update
2009-01-16 15:09 . 2009-01-16 15:09 <DIR> d-------- c:\documents and settings\All Users\Application Data\Apple
2009-01-16 11:08 . 2007-03-08 00:51 129,784 --------- c:\windows\system32\pxafs.dll
2009-01-16 11:08 . 2007-03-08 00:51 9,464 --------- c:\windows\system32\drivers\cdralw2k.sys
2009-01-16 11:08 . 2007-03-08 00:51 9,336 --------- c:\windows\system32\drivers\cdr4_xp.sys
2009-01-15 18:08 . 2009-01-19 15:01 <DIR> d-------- c:\program files\ffdshow
2009-01-15 18:08 . 2008-11-02 10:11 11,264 --a------ c:\windows\system32\ff_vfw.dll
2009-01-15 18:08 . 2008-11-02 10:11 547 --a------ c:\windows\system32\ff_vfw.dll.manifest
2009-01-15 17:15 . 2009-01-15 17:15 <DIR> d-------- c:\windows\system32\Nexus Radio
2009-01-15 17:15 . 2009-01-27 20:14 <DIR> d-------- c:\program files\Nexus Radio
2009-01-15 17:15 . 2009-01-20 14:48 <DIR> d-------- C:\My Saved Files
2009-01-15 17:15 . 2009-01-15 17:15 <DIR> d-------- C:\My Recorded Files
2009-01-15 14:27 . 2004-06-10 15:31 135,168 -ra------ c:\windows\UNDPX2A.exe
2009-01-15 14:27 . 2004-06-10 15:34 53,693 -ra------ c:\windows\UNDPX2A.sys
2009-01-12 21:35 . 2006-10-26 19:56 32,592 --a------ c:\windows\system32\msonpmon.dll
2009-01-12 21:33 . 2009-01-12 21:33 <DIR> d-------- c:\program files\MSBuild
2009-01-12 21:33 . 2009-01-12 21:33 <DIR> d-------- c:\program files\Microsoft Works
2009-01-12 21:32 . 2009-01-12 21:32 <DIR> d-------- c:\program files\Microsoft.NET
2009-01-12 21:26 . 2009-01-12 21:26 <DIR> d-------- c:\program files\Microsoft Visual Studio 8
2009-01-12 21:25 . 2009-01-21 23:35 <DIR> d-------- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-01-09 01:06 . 2004-08-03 23:08 31,616 --a------ c:\windows\system32\drivers\usbccgp.sys
2009-01-09 01:06 . 2004-08-03 23:08 31,616 --a--c--- c:\windows\system32\dllcache\usbccgp.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-09 16:19 --------- d-----w c:\program files\ESET
2009-02-09 15:40 --------- d-----w c:\program files\Yahoo!
2009-02-06 23:58 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-06 23:58 --------- d-----w c:\documents and settings\Korisnik\Application Data\My Games
2009-02-06 23:55 --------- d-----w c:\program files\Lavasoft
2009-02-05 23:49 --------- d-----w c:\program files\MP3 Rocket
2009-02-05 23:23 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller
2009-02-05 19:34 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-02-05 19:34 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-01 12:34 --------- d-----w c:\program files\Java
2009-01-30 22:08 --------- d-----w c:\program files\StyleZone
2009-01-19 13:34 --------- d-----w c:\program files\DAP
2009-01-19 13:24 --------- d-----w c:\documents and settings\Korisnik\Application Data\MP3Rocket
2009-01-17 21:21 --------- d-----w c:\program files\Avanquest update
2009-01-16 10:09 --------- d-----w c:\program files\Winamp
2009-01-09 21:25 --------- d-----w c:\program files\Google
2009-01-04 17:53 --------- d-----w c:\documents and settings\Korisnik\Application Data\Lavasoft
2009-01-01 15:39 --------- d-----w c:\program files\Bethesda Softworks
2008-12-11 11:57 333,184 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-09 23:28 --------- d-----w c:\program files\Misc. Support Library (Spybot - Search & Destroy)
2008-12-09 23:28 --------- d-----w c:\program files\File Scanner Library (Spybot - Search & Destroy)
2008-05-04 21:56 2,401,296 ----a-w c:\program files\WLinstaller.exe
.

((((((((((((((((((((((((((((( [Link mogu videti samo ulogovani korisnici] )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
+ 2009-02-09 20:16:32 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_6e4.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2007-11-20 356352]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-09 39408]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-02-14 486856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-10-28 344064]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 36975]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-10-19 286720]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"DownloadAccelerator"="c:\program files\DAP\DAP.EXE" [2008-12-19 2802688]
"nwiz"="nwiz.exe" [2007-06-28 c:\windows\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2007-09-03 c:\windows\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

c:\documents and settings\Korisnik\Start Menu\Programs\Startup\
MP3 Rocket (Minimized).lnk - c:\program files\MP3 Rocket\MP3Rocket.exe [2008-02-21 116224]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-07 101440]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-01-19 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-05 21:30 10520 c:\windows\system32\avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Java\\jre1.5.0_06\\bin\\javaw.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager 1.0\\MediaManager.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"c:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\DAP\\DAP.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Java\\jre1.6.0_01\\bin\\javaw.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgtray.exe"=
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgui.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Sports Interactive\\Football Manager 2009\\fm.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-02-07 64160]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-02-08 28544]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-02-05 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-02-05 107272]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-05 298264]
R3 usnjsvc;Usluga Messenger Sharing Folders USN Journal Reader;c:\program files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
.
Contents of the 'Scheduled Tasks' folder

2009-02-06 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

2009-02-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2009-02-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1202660629-682003330-1003.job
- c:\documents and settings\Korisnik\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-02-02 17:48]

2009-02-09 c:\windows\Tasks\User_Feed_Synchronization-{5DFC62E1-0298-45D7-95AE-1379387F5B22}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 18:36]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = [Link mogu videti samo ulogovani korisnici]{searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = [Link mogu videti samo ulogovani korisnici]
uInternet Connection Wizard,ShellNext = iexplore
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
FF - ProfilePath - c:\documents and settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\omeyncdj.default\
FF - plugin: c:\documents and settings\Korisnik\Local Settings\Application Data\Google\Update\1.2.133.37\npGoogleOneClick7.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2009-02-09 21:18:26
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(708-)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\WgaTray.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2009-02-09 21:21:24 - machine was rebooted
ComboFix-quarantined-files.txt 2009-02-09 20:21:22
ComboFix2.txt 2009-02-09 17:52:21

Pre-Run: 51.092.160.512 bytes free
Post-Run: 50,998,616,064 bytes free

255 --- E O F --- 2009-01-21 22:35:07

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Kakvo je sad stanje?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

deluje mi da se sve vratilo u normalu, jos da proverim da li system restore radi

ooogroomno hvaaaaallllllllllaaaa,

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

OK.

Uradi jos ovo:

Klikni START a zatim RUN
U liniju za unos teksta ukucaj Combofix /u i klikni OK





Sačekaj da se proces deinstalacije završi
Gornja procedura će:
Obrisati sledeće:
ComboFix i njegove file-ove i foldere
VundoFix Backups folder, ako postoji
C:\Deckard folder, ako postoji
C:\OtMoveIt folder, ako postoji
Resetovati podešavanja sata na kompjuteru
Sakriti ekstenzije file-ova, ako je potrebno
Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno
Resetovati System Restore

Pozzz

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uradila, jos jednom hvallla