MyCity » Ambulanta -> Arhiva Ambulante » pomoc molim

pomoc molim

Napisano na dan: 1.5.2009

pomoc molim

Sledeća strana

Pagination

Odgovori

dzimrijica Poslao: 01 Maj 2009 13:12 Idi na vrh
offline dzimrijica Novi MyCity građanin Pridružio: 27 Jul 2008 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imam problema sa virusima. Hijackthis daje sledeci log Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:09:49 PM, on 5/1/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Trend Micro\HijackThis\HijackThis.exe F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\twext.exe, O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [Pinnacle WebUpdater] "C:\Program Files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe" -s -f=UpdateVersion.xml -url=http://cdn.pinnaclesys.com/SupportFiles O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Startup: ChkDisk.dll O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com/microsoftupdate/v6/V5C.....8000637171 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 4564 bytes Unapred hvala

Profil

dr_Bora Poslao: 01 Maj 2009 13:28 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Potrebno je privremeno isključiti zaštitni softver. Pokrenite Spybot S&D Kliknite Mode stavku u meniju Odaberite Advanced mode Na traci levo kliknite na Tools Kliknite na Resident Destiklirajte "Resident Tea-Timer" (Protection of over-all system settings) active. Zatvorite Spybot S&D Restartujte kompjuter. - Zatim skinuti program sa ovog linka na Desktop. - Pokrenuti ga dvoklikom i ispratiti uputstva. Nemojte zaboraviti da ponovo ukljucite ove opcije kada zavrsimo ciscenje. Klikni desnim tasterom na Avira ikonicu ( ) u donjem, desnom uglu ekrana i deštikliraj AntiVir Guard Enable. Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

dzimrijica Poslao: 01 Maj 2009 13:39 Idi na vrh
offline dzimrijica Novi MyCity građanin Pridružio: 27 Jul 2008 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradio sve trazeno, log sledi ComboFix 09-04-30.05 - Administrator 05/01/2009 13:33.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.959.581 [GMT 2:00] Running from: c:\documents and settings\Administrator\Desktop\popravak\ComboFix.exe AV: AVG Anti-Virus Free On-access scanning enabled (Updated) . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Administrator\Application Data\~tmp.html c:\documents and settings\Administrator\Application Data\config.cfg c:\documents and settings\Administrator\Start Menu\Programs\Startup\ChkDisk.dll c:\windows\system32\twain_32 . ((((((((((((((((((((((((( Files Created from 2009-04-01 to 2009-05-01 ))))))))))))))))))))))))))))))) . 2009-05-01 11:13 . 2009-05-01 11:13 -------- d-----w c:\program files\uTorrent 2009-05-01 11:13 . 2009-05-01 11:28 -------- d-----w c:\documents and settings\Administrator\Application Data\uTorrent 2009-05-01 11:08 . 2009-05-01 11:08 -------- d-----w c:\program files\Trend Micro 2009-05-01 09:47 . 2009-05-01 10:25 -------- d-----w c:\program files\Spybot - Search & Destroy 2009-05-01 09:47 . 2009-05-01 09:59 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-04-29 09:52 . 2005-05-26 16:48 11264 ------w c:\windows\system32\drivers\asapiW2k.sys 2009-04-29 09:52 . 2000-04-27 11:31 19456 ------w c:\windows\system32\asapi.dll 2009-04-29 09:52 . 2003-11-10 15:06 406016 ------w c:\windows\system32\PSDrvCheck.exe 2009-04-29 09:51 . 1998-11-02 18:57 57856 ------w c:\windows\system32\MASD32.DLL 2009-04-29 09:51 . 1998-11-02 18:57 138752 ------w c:\windows\system32\MASE32.DLL 2009-04-29 09:51 . 1998-11-02 18:57 196096 ------w c:\windows\system32\MACD32.DLL 2009-04-29 09:51 . 1998-11-02 18:57 136192 ------w c:\windows\system32\MAMC32.DLL 2009-04-29 09:51 . 1998-11-02 18:57 27648 ------w c:\windows\system32\MA32.DLL 2009-04-29 09:51 . 2004-06-03 10:47 385100 ------w c:\windows\system32\MSVCRTD.DLL 2009-04-29 09:51 . 2002-01-05 19:16 536576 ------w c:\windows\system32\msvcr70d.dll 2009-04-29 09:51 . 2002-01-05 19:16 737280 ------w c:\windows\system32\msvcp70d.dll 2009-04-29 09:51 . 2006-01-13 09:48 166912 ------w c:\windows\system32\lame_enc.dll 2009-04-29 09:14 . 2001-08-17 11:48 12160 -c--a-w c:\windows\system32\dllcache\mouhid.sys 2009-04-29 09:14 . 2001-08-17 11:48 12160 ----a-w c:\windows\system32\drivers\mouhid.sys 2009-04-29 09:14 . 2004-08-03 22:56 21504 -c--a-w c:\windows\system32\dllcache\hidserv.dll 2009-04-29 09:14 . 2004-08-03 22:56 21504 ----a-w c:\windows\system32\hidserv.dll 2009-04-29 09:13 . 2004-08-03 20:58 14848 -c--a-w c:\windows\system32\dllcache\kbdhid.sys 2009-04-29 09:13 . 2004-08-03 20:58 14848 ----a-w c:\windows\system32\drivers\kbdhid.sys 2009-04-29 09:12 . 2001-08-17 12:02 9600 -c--a-w c:\windows\system32\dllcache\hidusb.sys 2009-04-29 09:12 . 2001-08-17 12:02 9600 ----a-w c:\windows\system32\drivers\hidusb.sys 2009-04-29 09:12 . 2004-08-03 21:08 31616 -c--a-w c:\windows\system32\dllcache\usbccgp.sys 2009-04-29 09:12 . 2004-08-03 21:08 31616 ----a-w c:\windows\system32\drivers\usbccgp.sys 2009-04-28 17:13 . 2009-04-28 17:13 24576 ----a-w c:\documents and settings\file.exe 2009-04-27 14:22 . 2009-04-27 14:22 -------- d-----w c:\documents and settings\Administrator\Application Data\OpenOffice.org 2009-04-27 14:17 . 2009-04-27 14:17 -------- d-----w c:\program files\JRE 2009-04-27 14:16 . 2009-04-27 14:17 -------- d-----w c:\program files\OpenOffice.org 3 2009-04-27 14:16 . 2009-04-27 14:16 -------- d-----w c:\program files\Java 2009-04-27 14:16 . 2009-04-27 14:16 -------- d-----w c:\program files\Common Files\Java 2009-04-27 11:24 . 2009-05-01 09:53 -------- d--h--w C:\$AVG8.VAULT$ . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-29 09:53 . 2009-02-27 18:59 22744 ----a-w c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-04-29 09:38 . 2009-03-22 14:12 -------- d-----w c:\program files\Google 2009-03-30 17:01 . 2009-03-13 17:36 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLec.DAT 2009-03-30 17:01 . 2009-03-13 17:34 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLds.DAT 2009-03-24 18:48 . 2009-03-24 18:48 -------- d-----w c:\program files\Common Files\xing shared 2009-03-24 18:48 . 2009-03-24 18:47 -------- d-----w c:\program files\Common Files\Real 2009-03-24 18:47 . 2009-03-24 18:47 -------- d-----w c:\program files\Real 2009-03-17 18:12 . 2009-03-17 18:12 -------- d-----w c:\program files\Yahoo! 2009-03-13 17:41 . 2009-03-13 17:30 -------- d-----w c:\program files\Common Files\Nikon 2009-03-13 17:34 . 2009-02-27 18:55 -------- d--h--w c:\program files\InstallShield Installation Information 2009-03-13 17:34 . 2009-03-13 17:34 -------- d-----w c:\program files\Common Files\muvee Technologies 2009-03-13 17:34 . 2009-03-13 17:33 -------- d-----w c:\program files\Nikon 2009-03-13 17:32 . 2009-03-13 17:32 -------- d-----w c:\program files\QuickTime 2009-03-13 17:32 . 2009-02-27 18:54 -------- d-----w c:\program files\Common Files\InstallShield 2009-03-13 17:31 . 2009-03-13 17:31 -------- d-----w c:\program files\ArcSoft 2009-03-11 13:06 . 2009-03-11 13:06 107272 ----a-w c:\windows\system32\drivers\avgtdix.sys 2009-03-11 13:06 . 2009-03-11 13:06 10520 ----a-w c:\windows\system32\avgrsstx.dll 2009-03-11 13:06 . 2009-03-11 13:06 325128 ----a-w c:\windows\system32\drivers\avgldx86.sys 2009-03-10 20:41 . 2009-03-10 20:41 -------- d-----w c:\program files\Common Files\Adobe 2009-03-10 20:17 . 2009-03-10 20:17 -------- d-----w c:\program files\DivX 2009-03-10 20:16 . 2009-03-10 20:16 -------- d-----w c:\program files\MSXML 4.0 2009-03-10 20:15 . 2009-03-10 20:15 136 ----a-w c:\documents and settings\Administrator\Local Settings\Application Data\fusioncache.dat 2009-03-10 20:14 . 2009-03-10 20:14 -------- d-----w c:\program files\Pinnacle 2009-03-02 09:48 . 2009-02-27 18:39 86327 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-02-27 18:54 . 2009-02-27 18:54 315392 ----a-w c:\windows\HideWin.exe 2009-02-27 18:40 . 2004-08-04 01:07 67 --sha-w c:\windows\Fonts\desktop.ini 2009-02-27 18:37 . 2009-02-27 18:37 21640 ----a-w c:\windows\system32\emptyregdb.dat 2009-02-09 18:56 . 2009-02-27 19:06 67584 ----a-w c:\windows\system32\ff_vfw.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-11-10 406016] "PMCRemote"="c:\program files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [2006-03-28 90112] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-03-11 1601304] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-03-13 282624] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-25 8491008] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-04-10 16861184] c:\documents and settings\Administrator\Start Menu\Programs\Startup\ OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-12-15 384000] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-03-11 13:06 10520 ----a-w c:\windows\system32\avgrsstx.dll HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32 "wave1"= serwvdrv.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= R3 SetupNTGLM7X;SetupNTGLM7X; [x] S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-03-11 325128] S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-03-11 107272] S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-03-11 903960] S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-03-11 298264] S3 3xHybrid;Pinnacle PCTV 110i service;c:\windows\system32\DRIVERS\3xHybrid.sys [2005-09-01 827008] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a6117742-053d-11de-b378-806d6172696f}] \Shell\AutoRun\command - D:\Setup.exe . - - - - ORPHANS REMOVED - - - - HKLM-Run-Pinnacle WebUpdater - c:\program files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe -s -f=UpdateVersion.xml . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uSearchURL,(Default) = hxxp://www.google.com/search?q=%s . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-05-01 13:34 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,a7,12,1d,75,54, 0a,a1,d4,c8,28,51,af,b0,29,a3,98,64,2c,52,f6,0c,2c,d1,93,e2,63,26,f1,3f,c8,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "bca643cdc5c2726b20d2ecedcc62c59b"=hex:46,47,15,b0,92,4b,c7,ef,19,0e,4e,c1,09, 3d,75,4a,71,3b,04,66,8b,46,0d,96,15,d8,9e,92,73,f5,05,a2,6a,9c,d6,61,af,45,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,fa,eb,b2,cf,79, b7,4b,f1,25,da,ec,7e,55,20,c9,26,4d,c6,f4,b6,6b,8a,64,06,ff,7c,85,e0,43,d4,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,9d,27,06,42,42, f7,87,91,3e,1e,9e,e0,57,5a,93,61,e5,53,04,2b,20,2b,a7,d7,86,8c,21,01,be,91,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,d8,db,71,a1,6e, e9,1c,db,cd,44,cd,b9,a6,33,6c,cd,69,39,21,b4,4d,d9,51,ca,f5,1d,4d,73,a8,13,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,8f,bc,f4,01,93, 49,94,a6,b0,18,ed,a7,3f,8d,37,a4,a8,f9,e3,17,32,e6,8b,98,df,20,58,62,78,6b,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,5e,c5,97,09,c5, b2,8d,2c,31,77,e1,ba,b1,f8,68,02,76,6d,57,39,40,6d,7d,40,fb,a7,78,e6,12,2f,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,1a,6e,b0,84,af, 0b,fe,46,83,6c,56,8b,a0,85,96,ab,56,e9,22,dc,cd,78,72,ff,01,3a,48,fc,e8,04,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,dc,05,af,a8,f6, dd,02,af,51,fa,6e,91,28,9e,14,cc,d6,6f,75,0d,17,25,c5,e5,f6,0f,4e,58,98,5b,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,08,1e,29,3e,0e, 68,6d,ff,b1,cd,45,5a,a8,c4,f8,b9,9c,05,bd,4e,db,ae,95,63,3d,ce,ea,26,2d,45,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,0f,1f,4c,69,7d, 7a,9d,55,e3,0e,66,d5,eb,bc,2f,6b,ac,1a,0f,12,54,08,69,ce,2a,b7,cc,b5,b9,7f,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,21,f5,41,83,c8, 25,f0,72,fa,ea,66,7f,d4,3b,6b,70,19,af,69,62,15,83,d3,41,6c,43,2d,1e,aa,22,\ . Completion time: 2009-05-01 13:35 ComboFix-quarantined-files.txt 2009-05-01 11:35 Pre-Run: 7,384,961,024 bytes free Post-Run: 7,470,587,904 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 212 --- E O F --- 2009-03-10 20:49

Profil

dr_Bora Poslao: 01 Maj 2009 13:49 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\documents and settings\file.exe` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

dzimrijica Poslao: 01 Maj 2009 13:54 Idi na vrh
offline dzimrijica Novi MyCity građanin Pridružio: 27 Jul 2008 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradio trazeno, daje sledeci log ComboFix 09-04-30.05 - Administrator 05/01/2009 13:50.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.959.570 [GMT 2:00] Running from: c:\documents and settings\Administrator\Desktop\popravak\ComboFix.exe Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt AV: AVG Anti-Virus Free On-access scanning enabled (Updated) FILE :: c:\documents and settings\file.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\file.exe . ((((((((((((((((((((((((( Files Created from 2009-04-01 to 2009-05-01 ))))))))))))))))))))))))))))))) . 2009-05-01 11:13 . 2009-05-01 11:13 -------- d-----w c:\program files\uTorrent 2009-05-01 11:13 . 2009-05-01 11:28 -------- d-----w c:\documents and settings\Administrator\Application Data\uTorrent 2009-05-01 11:08 . 2009-05-01 11:08 -------- d-----w c:\program files\Trend Micro 2009-05-01 09:47 . 2009-05-01 10:25 -------- d-----w c:\program files\Spybot - Search & Destroy 2009-05-01 09:47 . 2009-05-01 09:59 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-04-29 09:52 . 2005-05-26 16:48 11264 ------w c:\windows\system32\drivers\asapiW2k.sys 2009-04-29 09:52 . 2000-04-27 11:31 19456 ------w c:\windows\system32\asapi.dll 2009-04-29 09:52 . 2003-11-10 15:06 406016 ------w c:\windows\system32\PSDrvCheck.exe 2009-04-29 09:51 . 1998-11-02 18:57 57856 ------w c:\windows\system32\MASD32.DLL 2009-04-29 09:51 . 1998-11-02 18:57 138752 ------w c:\windows\system32\MASE32.DLL 2009-04-29 09:51 . 1998-11-02 18:57 196096 ------w c:\windows\system32\MACD32.DLL 2009-04-29 09:51 . 1998-11-02 18:57 136192 ------w c:\windows\system32\MAMC32.DLL 2009-04-29 09:51 . 1998-11-02 18:57 27648 ------w c:\windows\system32\MA32.DLL 2009-04-29 09:51 . 2004-06-03 10:47 385100 ------w c:\windows\system32\MSVCRTD.DLL 2009-04-29 09:51 . 2002-01-05 19:16 536576 ------w c:\windows\system32\msvcr70d.dll 2009-04-29 09:51 . 2002-01-05 19:16 737280 ------w c:\windows\system32\msvcp70d.dll 2009-04-29 09:51 . 2006-01-13 09:48 166912 ------w c:\windows\system32\lame_enc.dll 2009-04-29 09:14 . 2001-08-17 11:48 12160 -c--a-w c:\windows\system32\dllcache\mouhid.sys 2009-04-29 09:14 . 2001-08-17 11:48 12160 ----a-w c:\windows\system32\drivers\mouhid.sys 2009-04-29 09:14 . 2004-08-03 22:56 21504 -c--a-w c:\windows\system32\dllcache\hidserv.dll 2009-04-29 09:14 . 2004-08-03 22:56 21504 ----a-w c:\windows\system32\hidserv.dll 2009-04-29 09:13 . 2004-08-03 20:58 14848 -c--a-w c:\windows\system32\dllcache\kbdhid.sys 2009-04-29 09:13 . 2004-08-03 20:58 14848 ----a-w c:\windows\system32\drivers\kbdhid.sys 2009-04-29 09:12 . 2001-08-17 12:02 9600 -c--a-w c:\windows\system32\dllcache\hidusb.sys 2009-04-29 09:12 . 2001-08-17 12:02 9600 ----a-w c:\windows\system32\drivers\hidusb.sys 2009-04-29 09:12 . 2004-08-03 21:08 31616 -c--a-w c:\windows\system32\dllcache\usbccgp.sys 2009-04-29 09:12 . 2004-08-03 21:08 31616 ----a-w c:\windows\system32\drivers\usbccgp.sys 2009-04-27 14:22 . 2009-04-27 14:22 -------- d-----w c:\documents and settings\Administrator\Application Data\OpenOffice.org 2009-04-27 14:17 . 2009-04-27 14:17 -------- d-----w c:\program files\JRE 2009-04-27 14:16 . 2009-04-27 14:17 -------- d-----w c:\program files\OpenOffice.org 3 2009-04-27 14:16 . 2009-04-27 14:16 -------- d-----w c:\program files\Java 2009-04-27 14:16 . 2009-04-27 14:16 -------- d-----w c:\program files\Common Files\Java 2009-04-27 11:24 . 2009-05-01 09:53 -------- d--h--w C:\$AVG8.VAULT$ . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-29 09:53 . 2009-02-27 18:59 22744 ----a-w c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-04-29 09:38 . 2009-03-22 14:12 -------- d-----w c:\program files\Google 2009-03-30 17:01 . 2009-03-13 17:36 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLec.DAT 2009-03-30 17:01 . 2009-03-13 17:34 20 ---h--w c:\documents and settings\All Users\Application Data\PKP_DLds.DAT 2009-03-24 18:48 . 2009-03-24 18:48 -------- d-----w c:\program files\Common Files\xing shared 2009-03-24 18:48 . 2009-03-24 18:47 -------- d-----w c:\program files\Common Files\Real 2009-03-24 18:47 . 2009-03-24 18:47 -------- d-----w c:\program files\Real 2009-03-17 18:12 . 2009-03-17 18:12 -------- d-----w c:\program files\Yahoo! 2009-03-13 17:41 . 2009-03-13 17:30 -------- d-----w c:\program files\Common Files\Nikon 2009-03-13 17:34 . 2009-02-27 18:55 -------- d--h--w c:\program files\InstallShield Installation Information 2009-03-13 17:34 . 2009-03-13 17:34 -------- d-----w c:\program files\Common Files\muvee Technologies 2009-03-13 17:34 . 2009-03-13 17:33 -------- d-----w c:\program files\Nikon 2009-03-13 17:32 . 2009-03-13 17:32 -------- d-----w c:\program files\QuickTime 2009-03-13 17:32 . 2009-02-27 18:54 -------- d-----w c:\program files\Common Files\InstallShield 2009-03-13 17:31 . 2009-03-13 17:31 -------- d-----w c:\program files\ArcSoft 2009-03-11 13:06 . 2009-03-11 13:06 107272 ----a-w c:\windows\system32\drivers\avgtdix.sys 2009-03-11 13:06 . 2009-03-11 13:06 10520 ----a-w c:\windows\system32\avgrsstx.dll 2009-03-11 13:06 . 2009-03-11 13:06 325128 ----a-w c:\windows\system32\drivers\avgldx86.sys 2009-03-10 20:41 . 2009-03-10 20:41 -------- d-----w c:\program files\Common Files\Adobe 2009-03-10 20:17 . 2009-03-10 20:17 -------- d-----w c:\program files\DivX 2009-03-10 20:16 . 2009-03-10 20:16 -------- d-----w c:\program files\MSXML 4.0 2009-03-10 20:15 . 2009-03-10 20:15 136 ----a-w c:\documents and settings\Administrator\Local Settings\Application Data\fusioncache.dat 2009-03-10 20:14 . 2009-03-10 20:14 -------- d-----w c:\program files\Pinnacle 2009-03-02 09:48 . 2009-02-27 18:39 86327 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-02-27 18:54 . 2009-02-27 18:54 315392 ----a-w c:\windows\HideWin.exe 2009-02-27 18:40 . 2004-08-04 01:07 67 --sha-w c:\windows\Fonts\desktop.ini 2009-02-27 18:37 . 2009-02-27 18:37 21640 ----a-w c:\windows\system32\emptyregdb.dat 2009-02-09 18:56 . 2009-02-27 19:06 67584 ----a-w c:\windows\system32\ff_vfw.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2003-11-10 406016] "PMCRemote"="c:\program files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [2006-03-28 90112] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-03-11 1601304] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-03-13 282624] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-25 8491008] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2008-04-10 16861184] c:\documents and settings\Administrator\Start Menu\Programs\Startup\ OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-12-15 384000] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-03-11 13:06 10520 ----a-w c:\windows\system32\avgrsstx.dll HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32 "wave1"= serwvdrv.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= R3 SetupNTGLM7X;SetupNTGLM7X; [x] S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-03-11 325128] S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-03-11 107272] S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-03-11 903960] S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-03-11 298264] S3 3xHybrid;Pinnacle PCTV 110i service;c:\windows\system32\DRIVERS\3xHybrid.sys [2005-09-01 827008] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a6117742-053d-11de-b378-806d6172696f}] \Shell\AutoRun\command - D:\Setup.exe . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uSearchURL,(Default) = hxxp://www.google.com/search?q=%s . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-05-01 13:50 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,a7,12,1d,75,54, 0a,a1,d4,c8,28,51,af,b0,29,a3,98,64,2c,52,f6,0c,2c,d1,93,e2,63,26,f1,3f,c8,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "bca643cdc5c2726b20d2ecedcc62c59b"=hex:46,47,15,b0,92,4b,c7,ef,19,0e,4e,c1,09, 3d,75,4a,71,3b,04,66,8b,46,0d,96,15,d8,9e,92,73,f5,05,a2,6a,9c,d6,61,af,45,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,fa,eb,b2,cf,79, b7,4b,f1,25,da,ec,7e,55,20,c9,26,4d,c6,f4,b6,6b,8a,64,06,ff,7c,85,e0,43,d4,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,9d,27,06,42,42, f7,87,91,3e,1e,9e,e0,57,5a,93,61,e5,53,04,2b,20,2b,a7,d7,86,8c,21,01,be,91,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,d8,db,71,a1,6e, e9,1c,db,cd,44,cd,b9,a6,33,6c,cd,69,39,21,b4,4d,d9,51,ca,f5,1d,4d,73,a8,13,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:b0,18,ed,a7,3f,8d,37,a4,8f,bc,f4,01,93, 49,94,a6,b0,18,ed,a7,3f,8d,37,a4,a8,f9,e3,17,32,e6,8b,98,df,20,58,62,78,6b,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,5e,c5,97,09,c5, b2,8d,2c,31,77,e1,ba,b1,f8,68,02,76,6d,57,39,40,6d,7d,40,fb,a7,78,e6,12,2f,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,1a,6e,b0,84,af, 0b,fe,46,83,6c,56,8b,a0,85,96,ab,56,e9,22,dc,cd,78,72,ff,01,3a,48,fc,e8,04,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,dc,05,af,a8,f6, dd,02,af,51,fa,6e,91,28,9e,14,cc,d6,6f,75,0d,17,25,c5,e5,f6,0f,4e,58,98,5b,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,08,1e,29,3e,0e, 68,6d,ff,b1,cd,45,5a,a8,c4,f8,b9,9c,05,bd,4e,db,ae,95,63,3d,ce,ea,26,2d,45,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,0f,1f,4c,69,7d, 7a,9d,55,e3,0e,66,d5,eb,bc,2f,6b,ac,1a,0f,12,54,08,69,ce,2a,b7,cc,b5,b9,7f,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,21,f5,41,83,c8, 25,f0,72,fa,ea,66,7f,d4,3b,6b,70,19,af,69,62,15,83,d3,41,6c,43,2d,1e,aa,22,\ . Completion time: 2009-05-01 13:51 ComboFix-quarantined-files.txt 2009-05-01 11:51 ComboFix2.txt 2009-05-01 11:35 Pre-Run: 7,473,836,032 bytes free Post-Run: 7,471,587,328 bytes free 203 --- E O F --- 2009-03-10 20:49

Profil

dr_Bora Poslao: 01 Maj 2009 15:46 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sada stanje?

Profil

dzimrijica Poslao: 01 Maj 2009 16:01 Idi na vrh
offline dzimrijica Novi MyCity građanin Pridružio: 27 Jul 2008 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! sada je sve uredu.HVALA!!!

Profil

dr_Bora Poslao: 01 Maj 2009 16:13 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradi sledeće: Deinstalacija ComboFix-a: Klikni START a zatim RUN. U liniju za unos teksta ukucaj (iskopiraj) sledeće: Combofix /u a zatim klikni OK. Sačekaj da se proces deinstalacije završi. To je sve... poz

Profil

MyCity » Ambulanta -> Arhiva Ambulante » pomoc molim

Ko je trenutno na forumu

Ukupno su 853 korisnika na forumu :: 29 registrovanih, 3 sakrivenih i 821 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: asdfjklc, Bane san, cincarin, cuculo, Djokislav, Dorcolac, GandorCC, gasha, jackreacher011011, JohnnyBoii, Još malo pa deda, kolle.the.kid, loon123, Magnum_956, MiG-29M2, Miki01, mikrimaus, Milija.00, naki011, nikoladim, Oscar, raptorsi, rodoljub, S2M, sabac015555m, sosko, Vatreni Zmaj, zillbg, zlatkoa987

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by