[abz]

Uvijek kad sam nešto google i klikni na to mi je potrebno da se neki random mjestu, to se obično događa 2. put sam google, ali ponekad to dogodi prvi put, a ja moram copy / paste link do stranice.

I ran korake o uklanjanju svih zlonamjernih programa koji / trojans / etcs. Dok sam bio događaj ove korake, moj browser držati na 'učitavanje' slučajnih lokacijama na dnu, ali ništa ikada promijenilo.

Superantispyware mi dali nešto 1. vremena, ali nisam ga spasiti i računalo resetira, I ran to ponovo i dobio sam ništa ovaj put.

MBAM:

Malwarebytes' Anti-zaštita od zlonamjernih programa 1,37
Database Version: 2271
5/1/2600 Windows Service Pack 3

6/13/2009 7:31:29 AM
mbam-log-2009-06-13 (07-31-29). txt

Scan type: Quick Scan
Objekti skenirane: 84130
Proteklo vrijeme: 3 minute (s), 54 Drugi (a / e)

Memory Processes zaraženih: 0
Memorijske module zaraženih: 0
Ključevi registra zaraženih: 1
Registry Values zaraženih: 0
Registry Data Items zaraženih: 0
Mape zaraženih: 0
Zaraženih datoteka: 1

Memory Processes zaraženih:
(Nema stavki otkrivenih zlonamjernih)

Memorijske module zaraženih:
(Nema stavki otkrivenih zlonamjernih)

Ključevi registra zaraženih:
HKEY_CURRENT_USER \ Software \ AvScan (Malware.Trace) -> karanteni i uspješno izbrisan.

Registry Values zaraženih:
(Nema stavki otkrivenih zlonamjernih)

Registry Data Items zaraženih:
(Nema stavki otkrivenih zlonamjernih)

Mape zaraženih:
(Nema stavki otkrivenih zlonamjernih)

Zaražene datoteke:
C: \ Documents and Settings \ postelji \ Application Data \ asd.bat (Rogue.WinPCDefender) -> karanteni i uspješno izbrisan.


HJT:

Logfile of Trend Micro HijackThis v2.0.2
Scan spremljena u 7:37:26 Na 6/13/2009
Platforma: Windows XP SP3 (Winnt 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal

Pokretanje procesa:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ explorer.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ system32 \ CTHELPER.EXE
C: \ WINDOWS \ system32 \ kmw_run.exe
C: \ Program Files \ Java \ jre1.6.0_04 \ bin \ jusched.exe
C: \ Program Files \ McAfee.com \ Agent \ mcagent.exe
C: \ Program Files \ Messenger \ MSMSGS.EXE
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Logitech \ SetPoint \ SetPoint.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ programa ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
C: \ Program Files \ Common Files \ Logishrd \ KHAL2 \ KHALMNPR.EXE
c: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ McAfee \ mna \ mcnasvc.exe
c: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ McAfee \ mcproxy \ mcproxy.exe
C: \ programa ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ Program Files \ McAfee \ MPF \ MPFSrv.exe
C: \ Program Files \ McAfee \ MSK \ MskSrver.exe
C: \ Program Files \ Alcohol Soft \ Alcohol 120 \ StarWind \ StarWindServiceAE.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ glediąta \ Common \ ViewpointService.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ programa ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
C: \ Program Files \ Trend Micro \ HijackThis \ juice.exe.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.wcreplays.com/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://search.yahoo.com/search?fr=mcafee&p =% s
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Postavke, ProxyServer =: 0
R3 - URLSearchHook: AIM Toolbar Search Class - (03402f96-3dc7-4285-bc50-9e81fefafe43) - C: \ Program Files \ AIM Toolbar \ aimtb.dll
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - (27B4851A-3207-45A2-B947-BE8AFE6163AB) - c: \ programa ~ 1 \ McAfee \ MSK \ mskapbho.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_04 \ bin \ ssv.dll
O2 - BHO: scriptproxy - (7DB2D5A0-7241-4E79-B68D-6309F01C5231) - c: \ programa ~ 1 \ McAfee \ VIRUSS ~ 1 \ scriptsn.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - C: \ Program Files \ Google \ Google Toolbar \ GoogleToolbar.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 5.1.1309.3572 \ s wg.dll (file missing)
O2 - BHO: AIM Toolbar Loader - (b0cda128-b425-4eef-a174-61a11ac5dbf8) - C: \ Program Files \ AIM Toolbar \ aimtb.dll
O2 - BHO: Google rječnik sdch Kompresija - (C84D72FE-E17D-4195-BB24-76C02E2E7C4E) - C: \ Program Files \ Google \ Google Toolbar \ Komponenta \ fastsearch_219B3E1547538286.dll (file missing)
O3 - Toolbar: AIM Toolbar - (61539ecd-cc67-4437-a03c-9aaccbd14326) - C: \ Program Files \ AIM Toolbar \ aimtb.dll
O3 - Toolbar: & Google Toolbar - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ Google Toolbar \ GoogleToolbar.dll (file missing)
O4 - HKLM \ .. \ Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM \ .. \ Run: [kmw_run.exe] kmw_run.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_04 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8,0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [mcagent_exe] "C: \ Program Files \ McAfee.com \ Agent \ mcagent.exe" / runkey
O4 - HKLM \ .. \ Run: [PWRISOVM.EXE] C: \ Program Files \ PowerISO \ PWRISOVM.EXE
O4 - HKLM \ .. \ Run: [HTV agentu] C: \ Documents and Settings \ postelji \ Desktop \ HTV \ HTV.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Program Files \ Winamp \ winampa.exe"
O4 - HKLM \ .. \ Run: [Kernel i sloj apstrakcije hardvera] KHALMNPR.EXE
O4 - HKCU \ .. \ Run: [swg] C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ MSMSGS.EXE" / background
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [Parna] "C: \ Program Files \ Parna \ Steam.exe" Nečujno -
O4 - HKCU \ .. \ Run: [Octoshape Streaming Services] "C: \ Program Files \ Octoshape Streaming Services \ postelji \ OctoshapeClient.exe"-inv: bootrun
O4 - HKCU \ .. \ Run: [AlcoholAutomount] "C: \ Program Files \ Alcohol Soft \ Alcohol 120 \ axcmd.exe" / automount
O4 - HKCU \ .. \ Run: [demon Lite Tools] "C: \ Program Files \ demon Tools Lite \ daemon.exe"-autorun
O4 - HKCU \ .. \ Run: [ProxyFirewall] C: \ Program Files \ ProxyFirewall \ ProxyFirewall.exe
O4 - HKCU \ .. \ Run: [Vidalia] "C: \ Program Files \ Vidalia Snop \ Vidalia \ vidalia.exe"
O4 - HKCU \ .. \ Run: [NudgeMania] C: \ Program Files \ NudgeMania \ NudgeMania.exe
O4 - HKCU \ .. \ Run: [rundll32] C: \ WINDOWS \ system32 \ Rundll32.exe
O4 - HKCU \ .. \ Run: [EasyLinkAdvisor] "C: \ Program Files \ Linksys EasyLink Savjetnik \ LinksysAgent.exe" / pokretanja
O4 - Startup: Might Magic i VIII.lnk = C: \ Program Files \ 3DO \ Might Magic i VIII \ Registracija \ Remind32.exe
O4 - Global Startup: Logitech SetPoint.lnk = C: \ Program Files \ Logitech \ SetPoint \ SetPoint.exe
O8 - Extra kontekst meni stavka: & AIM Toolbar Search - C: \ Documents and Settings \ All Users \ Application Data \ AIM Toolbar \ ieToolbar \ resurse \ en-us \ Local \ search.html
O8 - Extra kontekst meni stavka: E & zvezi u Microsoft Excel - res: / / C: \ programa ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: AIM Toolbar - (0b83c99c-1efa-4259-858f-bcb33e007a5b) - C: \ Program Files \ AIM Toolbar \ aimtb.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ programa ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: PPLive - (95B3F550-91C4-4627-BCC4-521288C52977) - C: \ Program Files \ PPLive \ PPLive.exe (file missing)
O9 - Extra 'Tools' MENUITEM: PPLive - (95B3F550-91C4-4627-BCC4-521288C52977) - C: \ Program Files \ PPLive \ PPLive.exe (file missing)
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (0E5F0222-96B9-11D3-8997-00104BD12D94) (PCPitstop Utility) -- http://support.gateway.com/support/p.../PCPitStop.CAB
O16 - DPF: (20A60F0D-9AFA-4515-A0FD-83BD84642501) (dame Class) -- http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: (25365FF3-2746-4230-9DA7-163CCA318309) (Automatic Driver Installation Control) -- http://inst.c-wss.com/m010g/EN/install/gtdownlr.cab
O16 - DPF: (428088E0-96DB-4960-99D5-3C809C5A7D74) (GamOnUpdate Control) -- http://www.wcgzone.com/GamOnUpdate.cab
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://update.microsoft.com/windowsu...?1200786505725
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/micr...?1200790722984
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
O20 - Winlogon Obavijesti:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: Id_String1.6844F930_1628_4223_B5CC_5BB94B879762 # # # # (Bonjour Service) - Apple Computer, Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Program Files \ Common Files \ Macrovision Shared \ FLEXnet Izdavač \ FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c9bbee86597ef4) (gupdate1c9bbee86597ef4) - Unknown vlasnika - C: \ Program Files \ Google \ Update \ GoogleUpdate.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Unknown vlasnika - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc - C: \ Program Files \ Common Files \ Logishrd \ Bluetooth \ LBTServ.exe
O23 - Service: McAfee Usluge (mcmscsvc) - McAfee, Inc - C: \ programa ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc - c: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ McAfee \ mna \ mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc - C: \ programa ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc - c: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ McAfee \ mcproxy \ mcproxy.exe
O23 - Service: McAfee stvarnom vremenu Scanner (McShield) - McAfee, Inc - C: \ programa ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc - C: \ programa ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc - C: \ Program Files \ McAfee \ MPF \ MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc - C: \ Program Files \ McAfee \ MSK \ MskSrver.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown vlasnika - C: \ WINDOWS \ system32 \ GameMon.des.exe (file missing)
O23 - Service: Remote Packet bilježenja Protokol v.0 (eksperimentalno) (rpcapd) - Unknown vlasnika - C: \ Program Files \ WinPcap \ rpcapd.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C: \ Program Files \ Alcohol Soft \ Alcohol 120 \ StarWind \ StarWindServiceAE.exe
O23 - Service: glediąta Manager Service - vidikovac Corporation - C: \ Program Files \ glediąta \ Common \ ViewpointService.exe

--
End of file - 10412 bytes

Koristim Firefox kao moj preglednik, najnoviju inačicu.

Hvala.

[sjb007]

Zdravo i welcome to postoji Računalna soka

I'm Steve i ja ću vam pomoći da se thoughout ovo popraviti.

Prije početka popraviti, pročitajte ovaj post u potpunosti. Ako postoji nešto što ne razumijete, ljubazno molimo vaša pitanja prije nastavka. Važno je da ne propustite jedan korak. Molimo obaviti sve što je u ispravan poredak / sequence.

Mi ćemo početi sa ComboFix.exe. Molimo, posjetite ovu web stranicu za download linkovi i upute za pokretanje alata:

http://www.bleepingcomputer.com/comb...o-use-combofix

Bili sigurni da imate onemogućene sve protu-virus i anti štetnih sadržaja programa, tako da ne ometati vođenje ComboFix.

Molimo uključite C: \ ComboFix.txt u sljedećoj odgovor na daljnje razmatranje.

=====================================

Idi na Početni izbornik > Odaberi Pokrenuti i copy / paste u sljedećim Trčanje kutija i klik U redu:

C: \ Qoobox \ Add-Remove Programs.txt

Tekstualnu datoteku trebali otvoriti. Molimo post sadržaja tu datoteku u vaš sljedeći odgovor.

[abz]

ComboFix 09-06-13.03 - postelji 06/13/2009 16:26.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.655 [GMT -5:00]
Running from: C: \ Documents and Settings \ postelji \ Desktop \ ComboFix.exe
AV: McAfee VirusScan * U * onemogućen pristup skeniranje (Promjena) (84B5EE75-6421-4CDE-A33A-DD43BA9FAD83)
FW: McAfee Personal Firewall * * onemogućen (94894B63-8C7F-4050-BDA4-813CA00DA3E8)
.

Ostali ((((((((((((((((((((((((((((((((((((((( brisanja ))))))))) ))))))))))))))))))))))))))))))))))))))))
.

c: \ windows \ system32 \ drivers \ npf.sys
c: \ windows \ system32 \ drivers \ SKYNETalqsmvof.sys
c: \ windows \ system32 \ Packet.dll
c: \ windows \ system32 \ pthreadVC.dll
c: \ windows \ system32 \ SKYNETaodacfou.dat
c: \ windows \ system32 \ SKYNETbfvkilue.dat
c: \ windows \ system32 \ SKYNETneibmfar.dll
c: \ windows \ system32 \ SKYNETwfesrblu.dll
c: \ windows \ system32 \ UACrqskmlldkvrcvvr.log
c: \ windows \ system32 \ UACxpdrxfrkwdfmyby.dat
c: \ windows \ system32 \ WanPacket.dll
c: \ windows \ system32 \ wpcap.dll
c: \ windows \ system32 \ drivers \ SKYNETalqsmvof.sys
c: \ windows \ system32 \ SKYNETaodacfou.dat
c: \ windows \ system32 \ SKYNETbfvkilue.dat
c: \ windows \ system32 \ SKYNETneibmfar.dll
c: \ windows \ system32 \ SKYNETwfesrblu.dll

.
((((((((((((((((((((((((((((((((((((((( Driveri / Usluge )))))))) )))))))))))))))))))))))))))))))))))))))))
.

------- \ Service_SKYNETrlnwtbdk
------- \ Legacy_NPF
------- \ Service_NPF


((((((((((((((((((((((((( Files Created from 2009/05/13 da 2009/06/13 ))))))))))) ))))))))))))))))))))
.

2009-06-13 12:39. 2009-06-13 12:39 410984 ---- AW-c: \ windows \ system32 \ deploytk.dll
2009-06-13 12:38. 2009-06-13 12:38 152576 ---- AW-c: \ Documents and Settings \ postelji \ Application Data \ nedjelja \ Java \ jre1.6.0_14 \ lzma.dll
2009-06-13 12:36. 2009-06-13 12:36 -------- d ----- w-C: \ Program Files \ Trend Micro
2009-06-13 12:26. 2009-06-13 12:26 -------- d ----- w-c: \ Documents and Settings \ postelji \ Application Data \ Malwarebytes
2009-06-13 12:26. 2009-05-26 18:20 40160 ---- AW-c: \ windows \ system32 \ drivers \ mbamswissarmy.sys
2009-06-13 12:26. 2009-06-13 12:26 -------- d ----- w-C: \ Program Files \ Malwarebytes' Anti-zaštita od zlonamjernih programa
2009-06-13 12:26. 2009-06-13 12:26 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2009-06-13 12:26. 2009-05-26 18:19 19096 ---- AW-c: \ windows \ system32 \ drivers \ mbam.sys
2009-06-13 10:58. 2009-06-13 12:47 117760 ---- AW-c: \ Documents and Settings \ postelji \ Application Data \ SUPERAntiSpyware.com \ SUPERAntiSpyware \ SDDLLS \ UIREPAIR.DLL
2009-06-13 10:57. 2009-06-13 10:57 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ SUPERAntiSpyware.com
2009-06-13 10:57. 2009-06-13 10:57 -------- d ----- w-C: \ Program Files \ SUPERAntiSpyware
2009-06-13 10:57. 2009-06-13 10:57 -------- d ----- w-c: \ Documents and Settings \ postelji \ Application Data \ SUPERAntiSpyware.com
2009-06-13 10:49. 2009-06-13 10:49 -------- d ----- w-C: \ Program Files \ CCleaner
2009-06-12 09:42. 2009-06-12 09:42 541696 ---- AW-c: \ Documents and Settings \ postelji \ Application Data \ Macromedia \ Flash Player \http://www.macromedia.com \ bin \ octosh ... 011-0-main.dll
2009-06-08 04:12. 2009-06-08 04:12 -------- d ----- w-c: \ Documents and Settings \ postelji \ Local Settings \ Application Data \ Mećava Zabava
2009-06-06 12:55. 2009-06-06 12:55 -------- d ----- w-c: \ Documents and Settings \ postelji \ Application Data \ GRETECH
2009-06-06 12:54. 2009-06-06 12:54 -------- d ----- w-c: \ program files \ GRETECH
2009-06-06 01:32. 2001-08-18 03:36 5632 ---- AW-c: \ windows \ system32 \ ptpusb.dll
2009-06-06 01:32. 2008-04-13 17:45 15104-c - AW-c: \ windows \ system32 \ dllcache \ usbscan.sys
2009-06-06 01:32. 2008-04-13 17:45 15104 ---- AW-c: \ windows \ system32 \ drivers \ usbscan.sys
2009-06-06 01:32. 2008-04-13 23:12 159232 ---- AW-c: \ windows \ system32 \ ptpusd.dll
2009-05-20 21:24. 2009-05-20 21:24 -------- d ----- w-c: \ windows \ system32 \ wbem \ Spremište
2009-05-17 00:59. 2009-05-17 00:59 -------- d ----- w-c: \ Documents and Settings \ postelji \ Application Data \ Logitech
2009-05-17 00:58. 2009-05-17 00:58 -------- d ----- w-c: \ Documents and Settings \ postelji \ Application Data \ Leadertech
2009-05-17 00:58. 2009-05-17 00:58 53248 ---- ar-c: \ Documents and Settings \ postelji \ Application Data \ Microsoft \ Installer \ (3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C) \ ARPPRODUCTICON.exe
2009-05-17 00:54. 2007-11-15 15:06 301656 ---- AW-c: \ windows \ system32 \ BtCoreIf.dll
2009-05-17 00:54. 2007-11-15 15:07 76304 ---- AW-c: \ windows \ system32 \ KemXML.dll
2009-05-17 00:54. 2007-11-15 15:07 117264 ---- AW-c: \ windows \ system32 \ KemWnd.dll
2009-05-17 00:54. 2007-11-15 15:07 141840 ---- AW-c: \ windows \ system32 \ KemUtil.dll
2009-05-17 00:54. 2007-11-15 15:07 170512 ---- AW-c: \ windows \ system32 \ kemutb.dll
2009-05-17 00:53. 2009-05-17 00:53 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ Logitech
2009-05-17 00:53. 2009-05-17 00:58 -------- d ----- w-C: \ Program Files \ Common Files \ Logishrd
2009-05-17 00:53. 2009-05-17 00:53 -------- d ----- w-C: \ Program Files \ Logitech
2009-05-17 00:52. 2009-05-17 00:52 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ LogiShrd

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-13 21:35. 2008-04-01 23:08 -------- d ----- w-c: \ program files \ Parna
2009-06-13 21:31. 2008-01-20 01:58 24 ---- AW-c: \ windows \ system32 \ DVCStateBkp-00000002-00000000-00000001-00001102-00000004-00581102 (). Dat
2009-06-13 21:31. 2008-01-20 01:58 24 ---- AW-c: \ windows \ system32 \ DVCState-00000002-00000000-00000001-00001102-00000004-00581102 (). Dat
2009-06-13 21:08. 2008-05-08 21:26 -------- d ----- w-C: \ Program Files \ MSN 1
2009-06-13 12:42. 2008-01-24 03:09 -------- d ----- w-C: \ Program Files \ Java
2009-06-13 10:55. 2008-12-05 22:58 -------- d ----- w-C: \ Program Files \ Common Files \ Wise Installation Wizard
2009-06-13 09:40. 2008-01-19 23:46 -------- d ----- w-C: \ Program Files \ Warcraft III
2009-06-13 03:31. 2009-01-16 02:19 -------- d ----- w-C: \ Program Files \ Garena
2009-06-10 11:30. 2008-01-26 13:05 -------- d ----- w-c: \ Documents and Settings \ postelji \ Application Data \ Mirc
2009-06-10 11:28. 2008-01-26 13:05 -------- d ----- w-c: \ program files \ Mirc
2009-06-09 10:49. 2008-01-21 06:02 -------- d ----- w-C: \ Program Files \ World of Warcraft
2009-06-04 06:09. 2008-06-12 23:41 -------- d ----- w-c: \ program files \ Diablo II
2009-05-30 18:04. 2008-03-04 23:15 -------- d ----- w-c: \ Documents and Settings \ postelji \ Application Data \ uTorrent
2009-05-17 00:56. 2009-05-17 00:56 0 --- ha-w-c: \ windows \ system32 \ drivers \ Msft_Kernel_LMouFilt_0 1005.Wdf
2009-05-17 00:56. 2009-05-17 00:56 0 --- ha-w-c: \ windows \ system32 \ drivers \ Msft_Kernel_LUsbFilt_0 1005.Wdf
2009-05-17 00:56. 2009-05-17 00:56 0 --- ha-w-c: \ windows \ system32 \ drivers \ MsftWdf_Kernel_01005_C oinstaller_Critical.Wdf
2009-05-17 00:53. 2008-01-20 00:01 -------- d - h - w-C: \ Program Files \ InstallShield Installation Information
2009-05-13 20:47. 2009-05-13 13:50 -------- d ----- w-c: \ Documents and Settings \ postelji \ Application Data \ Winamp
2009-05-13 13:51. 2009-05-13 13:50 -------- d ----- w-C: \ Program Files \ Winamp
2009-05-07 15:32. 2002-09-03 13:00 345600 ---- AW-c: \ windows \ system32 \ Localspl.dll
2009-05-03 18:08. 2009-05-03 18:08 -------- d ----- w-c: \ Documents and Settings \ postelji \ Application Data \ Talkback
2009-05-01 01:15. 2009-05-01 01:15 -------- d ----- w-C: \ Program Files \ Common Files \ Inca Dijeljeno
2009-05-01 00:27. 2009-05-01 00:25 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ PMB Files
2009-05-01 00:25. 2009-05-01 00:25 -------- d ----- w-c: \ program files \ Pando Mreše
2009-04-26 17:55. 2009-04-26 17:55 488960 ---- AW-c: \ Documents and Settings \ postelji \ Application Data \ Macromedia \ Flash Player \http://www.macromedia.com \ bin \ octosh ... 240-0-main.dll
2009-04-26 17:55. 2009-04-26 17:55 319488 ---- AW-c: \ Documents and Settings \ postelji \ Application Data \ Macromedia \ Flash Player \www.macromedia.com \ bin \ octoshape \ octoshape.exe
2009-04-26 17:54. 2009-04-26 17:54 1878984 ---- AW-c: \ Documents and Settings \ postelji \ Application Data \ Macromedia \ Flash Player \www.macromedia.com \ bin \ fpupdatepl \ fpupdatepl.exe
2009-04-20 14:40. 2008-01-19 23:47 -------- d ----- w-C: \ Program Files \ McAfee
2009-04-20 14:39. 2009-01-31 00:40 -------- d ----- w-C: \ Program Files \ Xfire
2009-04-18 08:31. 2009-01-31 00:40 -------- d ----- w-c: \ Documents and Settings \ postelji \ Application Data \ Xfire
2009-04-18 07:45. 2009-04-18 07:45 -------- d ----- w-c: \ Documents and Settings \ NetworkService \ Application Data \ Xfire
2009-04-17 12:26. 2002-09-03 13:00 1847168 ---- AW-c: \ windows \ system32 \ Win32k.sys
2009-04-15 14:51. 2004-03-06 02:16 585216 ---- AW-c: \ windows \ system32 \ rpcrt4.dll
2009-04-14 18:17. 2009-04-14 18:17 41808 ---- AW-c: \ windows \ system32 \ xfcodec.dll
2009-03-25 16:06. 2008-01-19 23:48 40552 ---- AW-c: \ windows \ system32 \ drivers \ mfesmfk.sys
2009-03-25 16:06. 2008-01-19 23:48 35272 ---- AW-c: \ windows \ system32 \ drivers \ mfebopk.sys
2009-03-25 16:06. 2008-01-19 23:48 79880 ---- AW-c: \ windows \ system32 \ drivers \ mfeavfk.sys
2009-03-25 16:06. 2008-01-19 23:48 214024 ---- AW-c: \ windows \ system32 \ drivers \ mfehidk.sys
2009-03-25 16:05. 2008-01-19 23:48 34216 ---- AW-c: \ windows \ system32 \ drivers \ mferkdk.sys
2009-03-20 04:38. 2008-01-19 23:51 93207 ---- AW-c: \ windows \ War3Unin.dat
2009-03-19 15:42. 2009-04-07 01:26 217088 ---- AW-c: \ Documents and Settings \ postelji \ Application Data \ Mozilla \ Firefox \ Profiles \ zj2wd98u.default \ ext ensions \ NPDyyno@dyyno.com \ Plugins \ npDyyno. dll
2008-02-04 22:08. 2008-02-04 22:08 13123836 ---- AW-c: \ program files \ GGClient_setup.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Note * empty entries & čitljiv default unose se ne prikazuju
REGEDIT4

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
"MSMSGS" = "C: \ Program Files \ Messenger \ MSMSGS.EXE" [2008-04-14 1695232]
"Ctfmon.exe" = "c: \ windows \ system32 \ Ctfmon.exe" [2008-04-14 15360]
"Pare" = "C: \ Program Files \ Parna \ Steam.exe" [2009-06-13 1217784]
"Octoshape Streaming Services" = "C: \ Program Files \ Octoshape Streaming Services \ postelji \ OctoshapeClient.exe" [2006-02-13 214648]
"AlcoholAutomount" = "C: \ Program Files \ Alcohol Soft \ Alcohol 120 \ axcmd.exe" [2008-03-20 217544]
"Demon Tools Lite" = "C: \ Program Files \ demon Tools Lite \ daemon.exe" [2008-04-01 486856]
"Rundll32" = "c: \ windows \ system32 \ Rundll32.exe" [2008-04-14 33280]
"EasyLinkAdvisor" = "C: \ Program Files \ Linksys EasyLink Savjetnik \ LinksysAgent.exe" [2007-03-15 454784]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"SunJavaUpdateSched" = "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe" [2009-06-13 148888]
"Adobe Reader Speed Launcher" = "C: \ Program Files \ Adobe \ Reader 8,0 \ Reader \ Reader_sl.exe" [2008-01-12 39792]
"mcagent_exe" = "C: \ Program Files \ McAfee.com \ Agent \ mcagent.exe" [2009-01-09 645328]
"PWRISOVM.EXE" = "C: \ Program Files \ PowerISO \ PWRISOVM.EXE" [2008-03-14 233472]
"QuickTime Task" = "C: \ Program Files \ QuickTime \ QTTask.exe" [2008-09-06 413696]
"WinampAgent" = "C: \ Program Files \ Winamp \ winampa.exe" [2009-04-10 37888]
"WINDVDPatch" = "CTHELPER.EXE" - c: \ windows \ system32 \ CTHELPER.EXE [2002-02-08 40960]
"kmw_run.exe" = "kmw_run.exe" - c: \ windows \ system32 \ kmw_run.exe [2002-12-23 102400]
"Kernel i sloj apstrakcije hardvera" = "KHALMNPR.EXE" - c: \ windows \ KHALMNPR.Exe [2007-09-21 55824]

C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup \
Logitech SetPoint.lnk - C: \ Program Files \ Logitech \ SetPoint \ SetPoint.exe [2009-5-16 784912]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entversion \ Explorer \ ShellExecuteHooks]
"(5AE067D3-9AFB-48E0-853A-EBB7F4A000DA)" = "C: \ Program Files \ SUPERAntiSpyware \ SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ winlogon \ obavijestiti \! SASWinLogon]
2008-12-22 17:05 356352 ---- AW-C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ winlogon \ obavijestiti \ LBTWlgn]
2007-11-15 15:10 72208 ---- AW-C: \ Program Files \ Common Files \ Logishrd \ Bluetooth \ LBTWLgn.dll

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro l \ SafeBoot \ Minimal \ mcmscsvc]
@ = ""

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro l \ SafeBoot \ Minimal \ MCODS]
@ = ""

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro l \ SafeBoot \ Minimal \ WdfLoadGroup]
@ = ""

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ sigurnosni centar]
"AntiVirusOverride" = dword: 00000001

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ sigurnosni centar \ Praćenje \ McAfeeAntiVirus]
"DisableMonitoring" = dword: 00000001

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ sigurnosni centar \ Praćenje \ McAfeeFirewall]
"DisableMonitoring" = dword: 00000001

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ AuthorizedApplications \ List]
"% windir% \ \ system32 \ \ sessmgr.exe" =
"% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" =
"c: \ \ WINDOWS \ \ system32 \ \ dpvsetup.exe" =
"c: \ \ Program Files \ \ Mirc \ \ mirc.exe" =
"c: \ \ Program Files \ \ Parna \ \ steamapps \ \ inatrance2 \ \ protuinformacije sstrajk \ \ hl.exe" =
"c: \ \ Program Files \ \ AIM6 \ \ aim6.exe" =
"c: \ \ Program Files \ \ uTorrent \ \ uTorrent.exe" =
"c: \ \ Program Files \ \ Bonjour \ \ mDNSResponder.exe" =
"c: \ \ Program Files \ \ Octoshape Streaming Services \ \ postelji \ \ OctoshapeClient.exe" =
"c: \ \ Program Files \ \ Warcraft III \ \ Warcraft III.exe" =
"c: \ \ Program Files \ \ Warcraft III \ \ Frozen Throne.exe" =
"c: \ \ Program Files \ \ Starcraft \ \ StarCraft.exe" =
"c: \ \ Documents and Settings \ \ postelji \ \ Local Settings \ \ Application Data \ \ Dyyno Receiver \ \ DPPM.exe" =
"c: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" =
"c: \ \ Program Files \ \ Parna \ \ steamapps \ \ inatrance2 \ \ protuinformacije sstrajk izvor \ \ hl2.exe" =
"c: \ \ Program Files \ \ Messenger \ \ msnmsgr.exe" =
"c: \ \ Program Files \ \ Messenger \ \ livecall.exe" =
"c: \ \ WINDOWS \ \ system32 \ \ rtcshare.exe" =
"c: \ \ Program Files \ \ NetMeeting \ \ conf.exe" =
"c: \ \ Program Files \ \ Ventrilo \ \ Ventrilo.exe" =
"c: \ \ Program Files \ \ Tortun \ \ gui.exe" =
"c: \ \ Program Files \ \ Garena \ \ Garena.exe" =
"c: \ \ Program Files \ \ Xfire \ \ Xfire.exe" =
"c: \ \ Program Files \ \ Common Files \ \ McAfee \ \ MNA \ \ McNASvc.exe" =
"c: \ \ Documents and Settings \ \ postelji \ \ Desktop \ \ wtvClient.exe" =
"c: \ \ Program Files \ \ Xfire \ \ dppm_source.exe" =
"c: \ \ Program Files \ \ World of Warcraft \ \ Launcher.exe" =
"c: \ \ Documents and Settings \ \ postelji \ \ Application Data \ \ Macromedia \ \ Flash Player \ \ www.macromedia.com \ \ bin \ \ octoshape \ \ octosh ape.exe" =
"c: \ \ Program Files \ \ Pando Mreše \ \ Media pobuđivač \ \ PMB.exe" =
"c: \ \ Program Files \ \ Warcraft III \ \ pickup.listchecker.exe" =
"c: \ \ Program Files \ \ World of Warcraft \ \ WOW-3.0.9.9551-to-3.1.0.9767-enUS-downloader.exe" =
"c: \ \ Program Files \ \ World of Warcraft \ \ WOW-3.1.0.9767-to-3.1.1.9806-enUS-downloader.exe" =
"c: \ \ Program Files \ \ World of Warcraft \ \ WOW-3.1.1.9806-to-3.1.1.9835-enUS-downloader.exe" =

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ GloballyOpenPorts \ List]
"58121: TCP" = 58121: TCP: Pando Mediji pobuđivač
"58121: UDP" = 58121: UDP: Pando Mediji pobuđivač
"3724: TCP" = 3724: TCP: Mećava Downloader: 3724

R1 SASDIFSV; SASDIFSV; C: \ Program Files \ SUPERAntiSpyware \ sasdifsv.sys [5/26/2009 10:05 AM 9968]
R1 SASKUTIL; SASKUTIL; C: \ Program Files \ SUPERAntiSpyware \ SASKUTIL.SYS [5/26/2009 10:05 AM 72944]
R2 glediąta Manager Service; glediąta Manager Service; c: \ program files \ glediąta \ Common \ ViewpointService.exe [2/6/2009 8:44 PM 24652]
S2 gupdate1c9bbee86597ef4; Google Update Service (gupdate1c9bbee86597ef4); "C: \ Program Files \ Google \ Update \ GoogleUpdate.exe" / svc -> C: \ Program Files \ Google \ Update \ GoogleUpdate.exe [?]
S3 iscFlash; iscFlash; \? \ C: \ Windows \ System32 \ Drivers \ iscflash.sys -> c: \ Windows \ System32 \ Drivers \ iscflash.sys [?]
S3 mcdevice; mcdevice; c: \ windows \ system32 \ drivers \ mcde vice.sys [8/16/2008 3:17 PM 323584]
S3 npggsvc; nProtect GameGuard Service; c: \ windows \ system32 \ GameMon.des-service -> c: \ windows \ system32 \ GameMon.des-service [?]
S3 SASENUM; SASENUM; C: \ Program Files \ SUPERAntiSpyware \ SASENUM.SYS [5/26/2009 10:05 AM 7408]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ aktivnih setup \ instalirane komponente \> (60B49E34-C7CC-11D0-8953-00A0C90347FF)]
"c: \ windows \ system32 \ rundll32.exe" C: \ Windows \ system32 \ iedkcs32.dll ", BrandIEActiveSe ovan Signup
.
Sadržaj je 'Scheduled Tasks' folder

2009/05/15 C: \ Windows \ Tasks \ McDefragTask.job
- C: \ programa ~ 1 \ McAfee \ mqc \ QcConsol.exe [2008-01-19 15:53]

2009/06/01 C: \ Windows \ Tasks \ McQcTask.job
- C: \ programa ~ 1 \ McAfee \ mqc \ QcConsol.exe [2008-01-19 15:53]
.
- - - - Orphans Odstranjena - - - --

HKCU-Run-swg - C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
HKCU-Run-ProxyFirewall - C: \ Program Files \ ProxyFirewall \ ProxyFirewall.exe
HKCU-Run-Vidalia - C: \ Program Files \ Vidalia Snop \ Vidalia \ vidalia.exe
HKCU-Run-NudgeMania - C: \ Program Files \ NudgeMania \ NudgeMania.exe
HKCU-Run-Aim6 - (no file)
HKLM-Run-HTV Agent - C: \ Documents and Settings \ postelji \ Desktop \ HTV \ HTV.exe
HKLM-Run-MSWheel - (no file)


.
------- Supplementary Scan -------
.
Page uStart = hxxp: / / www.wcreplays.com/
uSearchMigratedDefaultURL = hxxp: / / www.google.com/search?q = () searchTerms & sourceid = IE7 & rls = com.micros čest: en-US & ie = UTF8 & OE = UTF8
uSearchURL, (Default) = hxxp: / / search.yahoo.com / search? McAfee fr = & p =% s
IE: & AIM Toolbar Search - C: \ Documents and Settings \ All Users \ Application Data \ AIM Toolbar \ ieToolbar \ resurse \ en-us \ Local \ search.html
IE: E & zvezi u Microsoft Excel - C: \ programa ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file: / / c: \ windows \ Java \ Classes \ dajava.cab
DPF: Microsoft XML parser za Java - file: / / c: \ windows \ Java \ Classes \ xmldso.cab
DPF: (428088E0-96DB-4960-99D5-3C809C5A7D74) - hxxp: / / www.wcgzone.com / GamOnUpdate.cab
FF - ProfilePath --
.

************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit / potaja detector by Gmer zlonamjernih programa, http://www.gmer.net
Rootkit scan 2009-06-13 16:33
5/1/2600 Windows Service Pack 3 NTFS

skeniranja skrivenih procesa ...

skeniranja skrivenih autostart entries ...

skeniranja skrivenih datoteka ...

scan uspješno završena
skrivenih datoteka: 0

************************************************** ************************

[HKEY_LOCAL_MACHINE \ System \ ControlSet001 \ Services \ n pggsvc]
"ImagePath" = "c: \ windows \ system32 \ GameMon.des-service"
.
--------------------- --------------------- Zaključana registarske ključeve

[HKEY_USERS \ S-1-5-21-682003330-583907252-839522115-1004 \ Software \ Microsoft \ SystemCertificates \ Address Book *]
@ Dozvoljen: (Read) (RestrictedCode)
@ Dozvoljen: (Read) (RestrictedCode)
.
--------------------- Loaded DLL datoteke koje Under Running Processes ---------------------

- - - - - - -> 'Winlogon.exe' (600)
C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
C: \ Program Files \ zajedničke datoteke \ logishrd \ Bluetooth \ LBTWlgn.dll
C: \ Program Files \ zajedničke datoteke \ logishrd \ Bluetooth \ LBTServ.dll

- - - - - - -> "Explorer.exe" (1876)
C: \ Program Files \ Logitech \ SetPoint \ GameHook.dll
C: \ Program Files \ Logitech \ SetPoint \ lgscroll.dll
c: \ windows \ system32 \ ieframe.dll
c: \ windows \ system32 \ OneX.DLL
c: \ windows \ system32 \ eappprxy.dll
c: \ windows \ system32 \ webcheck.dll
.
------------------------ Other Running Processes ----------------------- --
.
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
C: \ Program Files \ Common Files \ Logishrd \ KHAL2 \ KHALMNPR.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ Program Files \ Alcohol Soft \ Alcohol 120 \ StarWind \ StarWindServiceAE.exe
c: \ windows \ system32 \ wdfmgr.exe
c: \ programa ~ 1 \ LINKSY ~ 1 \ LinksysAdvisor.exe
.
************************************************** ************************
.
Completion time: 2009-06-13 16:38 - stroj je ponovno podizanje sustava
ComboFix-u karanteni-files.txt 2009-06-13 21:38

Pre-Run: 23767912448 bytes free
Post-Run: 23702818816 bytes free

WindowsXP-KB310994-SP2-Home-Bootdisk-enu.exe
[boot loader]
timeout = 2
default = multi (0) disk (0) rdisk (0) partition (1) \ WINDOW S
[operating systems]
c: \ cmdcons \ BOOTSECT.DAT = "Microsoft Windows Recovery Console" / cmdcons
multi (0) disk (0) rdisk (0) partition (1) \ WINDOWS = "Micro soft Windows XP Home Edition" / fastdetect / noexecute = OptIn

288 --- EOF --- 2009-06-10 10:09




μTorrent
Adobe CS3 Anchor Service
Adobe CS3 imovinom Usluge
Adobe Bridge CS3
Adobe Bridge Početni sastanak
Adobe Camera Raw 4,0
Adobe CMaps
Adobe Color - Photoshop Specific
Common Settings Adobe Color
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Preporučeni Postavke
Adobe CS3 zadani jezik
Adobe Device Central CS3
Adobe Dreamweaver CS3
Toolkit 2 Adobe ExtendScript
Adobe CS3 Extension Manager
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Fontovi Svi
Adobe CS3 Viewer Pomoć
Adobe CS3 lingvistiku
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader 8.1.2
Adobe Setup
Adobe Shockwave Player 11
Adobe Stock Photos CS3
Adobe Type Podrška
Adobe CS3 Update Manager
Adobe CS3 Client Version fila
Adobe WinSoft lingvistiku Plugin
Adobe XMP Paneli CS3
AIM 6
Apple Software Update
Smjelost 1.2.6
Canon S820D
CCleaner (ukloni samo)
CDDRV_Installer
CoffeeCup Free FTP
Counter-Strike
Counter-Strike: Source
DefilerPak 1,22 (ukloni only)
Diablo II
Disc2Phone
Download Updater (AOL LLC)
Instalacija drivera za Linksys Easylink Savjetnik
DVD
DyynoPlayer 0.8.6f.2
erLT
Fraps
FreeCap verziju 3,18
Game Cam 2,1
Garena
GOM Player
Google Toolbar za Internet Explorer
Google Update Helper
Hero Editor V0.90
Heroes of Might Magic V i Collector Edition
HijackThis 2.0.2
Hotfix za Windows Internet Explorer 7 (KB947864)
Hotfix za Windows XP (KB952287)
ICCup Launcher
ijji FireFox Launcher 1,0
IrfanView (ukloniti samo)
Java (tm) 6 Update 14
Kensington MouseWorks
Keycraft (ukloni samo)
KhalInstallWrapper
LimeWire 4.16.3
Linksys EasyLink Advisor 1.6 (0032)
Logitech SetPoint
Macromedia Extension Manager
Macromedia Flash 8
Macromedia Flash 8 Video kodiranje
Macromedia Flash Player 8
Malwarebytes' Anti-zaštita od zlonamjernih programa
McAfee SecurityCenter
Microsoft. NET Framework 2.0 Service Pack 1
Microsoft. NET Framework 3.0 Service Pack 1
Microsoft Internationalized Domain Names ublažavanja API
Microsoft Kernel Mode Driver Framework-Feature Pack 1,5
Microsoftov National Language Support Downlevel API
Microsoft Office Professional Edition 2003
Microsoft Visual C + + 2005 Redistributable
Možda i ® Magic VIII: Day od destroyer (TM)
Mirc
Mozilla Firefox (3.0.11)
MSXML 6.0 parser (KB933579)
Octoshape dodati-in za Adobe Flash Player
Octoshape Streaming Services
Pando Mediji pobuđivač
PDF Postavke
PowerISO
PPLive 1,9
QuickTime
SA31xx Device Manager & Media Converter
Sci-Fi Voice Pack
Sigurnosno ažuriranje za Windows Internet Explorer 7 (KB938127)
Sigurnosno ažuriranje za Windows Internet Explorer 7 (KB942615)
Sigurnosno ažuriranje za Windows Internet Explorer 7 (KB944533)
Sigurnosno ažuriranje za Windows Internet Explorer 7 (KB950759)
Sigurnosno ažuriranje za Windows Internet Explorer 7 (KB953838)
Sigurnosno ažuriranje za Windows Internet Explorer 7 (KB956390)
Sigurnosno ažuriranje za Windows Internet Explorer 7 (KB958215)
Sigurnosno ažuriranje za Windows Internet Explorer 7 (KB960714)
Sigurnosno ažuriranje za Windows Media Player (KB911564)
Sigurnosno ažuriranje za Windows Media Player (KB952069)
Sigurnosno ažuriranje za Windows Media Player 6,4 (KB925398)
Sigurnosno ažuriranje za Windows Media Player-8 (KB917734)
Sigurnosno ažuriranje za Windows Media Player 9 (KB936782)
Sigurnosno ažuriranje za Windows XP (KB923561)
Sigurnosno ažuriranje za Windows XP (KB923689)
Sigurnosno ažuriranje za Windows XP (KB938464-v2)
Sigurnosno ažuriranje za Windows XP (KB938464)
Sigurnosno ažuriranje za Windows XP (KB941569)
Sigurnosno ažuriranje za Windows XP (KB946648)
Sigurnosno ažuriranje za Windows XP (KB950760)
Sigurnosno ažuriranje za Windows XP (KB950762)
Sigurnosno ažuriranje za Windows XP (KB950974)
Sigurnosno ažuriranje za Windows XP (KB951066)
Sigurnosno ažuriranje za Windows XP (KB951376-v2)
Sigurnosno ažuriranje za Windows XP (KB951376)
Sigurnosno ažuriranje za Windows XP (KB951698)
Sigurnosno ažuriranje za Windows XP (KB951748)
Sigurnosno ažuriranje za Windows XP (KB952004)
Sigurnosno ažuriranje za Windows XP (KB952954)
Sigurnosno ažuriranje za Windows XP (KB953839)
Sigurnosno ažuriranje za Windows XP (KB954211)
Sigurnosno ažuriranje za Windows XP (KB954459)
Sigurnosno ažuriranje za Windows XP (KB954600)
Sigurnosno ažuriranje za Windows XP (KB955069)
Sigurnosno ažuriranje za Windows XP (KB956391)
Sigurnosno ažuriranje za Windows XP (KB956572)
Sigurnosno ažuriranje za Windows XP (KB956802)
Sigurnosno ažuriranje za Windows XP (KB956803)
Sigurnosno ažuriranje za Windows XP (KB956841)
Sigurnosno ažuriranje za Windows XP (KB957095)
Sigurnosno ažuriranje za Windows XP (KB957097)
Sigurnosno ažuriranje za Windows XP (KB958644)
Sigurnosno ažuriranje za Windows XP (KB958687)
Sigurnosno ažuriranje za Windows XP (KB958690)
Sigurnosno ažuriranje za Windows XP (KB959426)
Sigurnosno ažuriranje za Windows XP (KB960225)
Sigurnosno ažuriranje za Windows XP (KB960715)
Sigurnosno ažuriranje za Windows XP (KB960803)
Sigurnosno ažuriranje za Windows XP (KB961373)
Sigurnosno ažuriranje za Windows XP (KB961501)
Sigurnosno ažuriranje za Windows XP (KB968537)
Sigurnosno ažuriranje za Windows XP (KB969898)
Sigurnosno ažuriranje za Windows XP (KB970238)
StarCraft
StealthBot v2.6 Revision 3 (ukloniti samo)
Parna
SUPERAntiSpyware Free Edition
Synacast Plug-in 1.3.15
Tor 0.2.0.32
Tortun 0,8
TubeHunter Ultra
Uštinuti UI
Ažuriranje za Windows Internet Explorer 8 (KB961813)
Ažuriranje za Windows XP (KB951072-v2)
Ažuriranje za Windows XP (KB951978)
Ažuriranje za Windows XP (KB955839)
Ažuriranje za Windows XP (KB967715)
Ventrilo Client
Glediąta Media Player
Warcraft III: Svi proizvodi
WebFldrs XP
Winamp
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8 Izdanje Kandidat 1
Windows Live Messenger
Windows Media Format Runtime
Windows XP Service Pack 3
WinPcap 4.0.2
WinRAR archiver
Wireshark 1.0.2
World of Warcraft
Xfire (ukloniti samo)
XML Paper Specification Shared Components Pack 1,0

[sjb007]

Hi there

Stvari su puno bolje, već još malo posla za napraviti ali ipak.

Vidim imate instaliran vidikovac. Molimo Vas da pročitate ovaj članak: http://www.clickz.com/news/article.php/3561546
Osim ako ne koristite AOL kao ISP Ja bih preporučio uklanjanje ga. Možete preuzeti ubojica iz vizure na link ispod i slijedite upute.
http://www.prprogramsstudios.us.tc//

Combofix

1. Zatvori bilo koji otvoreni preglednicima.

2.Bili sigurni da imate onemogućene sve protu-virus i anti štetnih sadržaja programa, tako da ne ometati vođenje ComboFix.

3. Otvorite notepad i copy / paste tekst u nastavku quotebox u nju:

Code:

Skipfix:: RegLock:: [HKEY_USERS \ S-1-5-21-682003330-583907252-839522115-1004 \ Software \ Microsoft \ SystemCertificates \ Address Book *]

Spremi kao CFScript.txt, Na istom mjestu kao ComboFix.exe



Osvrchuchi se na slici gore, povucite CFScript u ComboFix.exe

Kada završite, on će proizvesti prijava za Vas C: \ ComboFix.txt koju ću zatražiti kod Vašeg sljedećeg odgovorite

Molimo download ATF čistiju by Atribune.
Ovaj program je za XP i Windows 2000, samo

Dvokliknite ATF-Cleaner.exe za pokretanje programa.
Pod Glavni odaberite: Odaberi Sve
Kliknite Prazan Izdvojeno gumb.

Ako koristite Firefox preglednik
Kliknite Firefox na vrhu i odaberite: Odaberi Sve
Kliknite Prazan Izdvojeno gumb.
NAPOMENA: Ako želite zadržati svoje spremljene lozinke, molimo Vas kliknite Ne na redak.

Ako koristite Opera browser
Kliknite Opera na vrhu i odaberite: Odaberi Sve
Kliknite Prazan Izdvojeno gumb.
NAPOMENA: Ako želite zadržati svoje spremljene lozinke, molimo Vas kliknite Ne na redak.

Kliknite Izlaz na glavnom izborniku za zatvaranje programa.
Za Tehnička podrška, Dvokliknite e-mail adresa se nalazi na dnu svake izbornika.

Uspostaviti internetsku vezu i obavite online scan sa Internet Explorer na Kaspersky Online Scanner.

** Vista korisnici - kliknite desnom tipkom IE / Firefox Ikona i trčanje kao upravnik

Kliknite Prihvati, Kada su upitani za preuzimanje i instaliranje programskih datoteka i baza podataka zlonamjernih programa definicije.

• Kliknite Pokrenuti Sigurnost na redak.
• Program će tada početi s preuzimanjem i instaliranjem i također će ažurirati bazu podataka.
• Molimo budite strpljivi, jer to može potrajati nekoliko minuta.
• Nakon što je nadogradnja završena, kliknite na My Computer pod zelen Skeniranje bar s lijeve strane da biste započeli pretraživanje.
• Nakon što se skeniranje završi, ona će se prikazati ako tvoj sistem je okužen. Ona ne daje opciju za čistu / dezinficirati. Mi samo zahtijevati izvješće iz njega.
• Učiniti NE uznemirujte se od onoga što vidite u izvješću. Mnogi od nalaza su vjerojatno bili u karanteni.
• Kliknite Prikaži scan izvješće na dnu.
• Kliknite Spremi izvješće kao... gumb.
• Kliknite Spremi kao Tekst dugme da spremite datoteku na radnu površinu, tako da ćete svibanj post je na sljedeći odgovor.

Ova animacija vodit će vas kroz proces:


Napomena ** **

Da biste optimizirali skeniranje i proizvesti više osjetljiv izvješće za pregled:
Zatvori bilo koji otvoreni programi
Isključite realnom vremenu za sve postojeće skener antivirusni program tijekom vršenja online scan. Vi svibanj isključiti s interneta nakon što počnete skeniranje.

Napomena za Internet Explorer 7 korisnicima: Ako u bilo koje vrijeme ste imali problema s pregledom prihvatiti dugme za licencu, kliknite na Zoom tool se nalazi na dnu desnom dijelu IE prozora i postavite zoom na 75%. Nakon što je prihvatio licencu, vratiti na 100%.

Post natrag s rezultatima iz Kaspersky i ažuriranje mi o tome kako se stvari sada prikazivati

[abz]

-------------------------------------------------- ------------------------------
Kaspersky online Scanner 7,0 IZVJEŠĆE
Sunday, June 14, 2009
Operacijski sustav: Microsoft Windows XP Home Edition Service Pack 3 (graditi 2600)
Kaspersky Online Scanner verzija: 7.0.26.13
Last update database Program: Nedjelja, 14. lipnja 2009 12:36:24
Rekorda u bazi: 2342804
-------------------------------------------------- ------------------------------

Scan postavke:
Skeniranja pomoću sljedećih baza podataka: produžen
Scan arhivi: yes
Scan baze mail: yes

Scan područje - Moj Računalo:
A: \
C: \
D: \
E: \
F: \
G: \

Scan statistika:
Slika skenirana: 116206
Prijetnja ime: 2
Zaraženih predmeta: 2
Sumnjičavu objekata: 0
Trajanje skeniranje: 02:45:00


Naziv datoteke / prijetnju ime / Prijetnje računati
C: \ Program Files \ Mirc \ mirc.exe zaraženih: Ne-a-virus: Client-IRC.Win32.mIRC.631 1
C: \ Qoobox \ Karantena \ C \ Windows \ System32 \ SKYNETwfes rblu.dll.vir zaraženih: Trojan.Win32.Small.bzc 1

Odabranom području je skenirano.


Mislim da sam izbrisan combofix o nesreći, ali to nije bio u mojoj koš za smeće pa nisam siguran. Trebam li ga redownload i ispustite txt u njemu?

[sjb007]

Hi there

From što JA vidjeti sve je obličje dobar prijavite mudri, pronađeno stavki po Kaspersky ne predstavlja rizik, jedan je jednostavno Mirc klijent, a drugi je u karantenu combofix's mapu koja će se nflushed van kad smo uninstal alat

Vaš Adobe Acrobat Reader je zastarjela. Starije verzije imaju propusta zlonamjerni softver koji možete koristiti za zaraziti sustav.
Tu je i novija verzija Adobe Acrobat Reader dostupan.

• Molimo otiđite na ovaj link Adobe Acrobat Reader Download Link
• Click Download
• Na desnoj Untick Phototshop Adobe Album Starter Edition Ako ne želite da se uključite u ovu instalaciju.
• Kliknite Nastavi button
• Kliknite Pokrenuti, A zatim kliknite Pokrenuti ponovno
• Kliknite na Next Install Now dugme i slijedite upute na ekranu

Kad instalacija bude dovršena idite na Dodaj / Ukloni programe i deinstalirati sve prethodne verzije.

Molimo, preuzmite combofix rfom jedan od lokacije u nastavku ...

Link 1
Link 2
Link 3


Nakon što završite ....

Provesti upute kako u pogledu txt prema uputama im moj prethodni post

Nakon ispunjavanja.

Kliknite na Početak> Trčanje i copy / paste tekst sljedećeg podebljane u Run box i kliknite U redu:

ComboFix / u

Sljedeći postupak će se provoditi neke čišćenje procedura. Također će resetujete System Restore by ispiranje iz prethodne točke vraćanja (koji sadrže infekcija) i stvoriti novu točku vraćanja.

VAŽNO

Sljedeći će deinstalirali combofix i provoditi čišćenje nekim postupcima, kao i ponovno vraćanje sustava bodova:

Kliknite na Početak> Trčanje i copy / paste tekst sljedećeg podebljane u Run box i kliknite U redu:

ComboFix / u

Sada kada ste se čine slobodni od štetnih sadržaja omogućava vam pomoći ostati na taj način!

Windows Update na redovnoj osnovi - Ako nemate omogućen automatska ažuriranja tada posjetite Microsoft Update stranice i ažuriranje računala od tamo.

Ažurirajte svoje virus checker na redovnoj osnovi - To ne koristite vlasništvo virus checker s nesuvremen definicije.
Pratiti vaš vatrozid. provjerite o čemu se želi omogućiti, ne samo dopuštaju sve, ako postoji neki procesi koji niste sigurni onda ne boj se pitati za savjet. Za više informacija o vatrozidima pročitali ovaj članak ovdje

Sigurnije Browsing
Korištenje softvera kao što su Web of Trust koji će vam pomoći da ostanu daleko od bezazlen lokacijama koje su zlonamjerne svrhe.
Koristiti Spywareblaster kako bi se spriječili instaliranje neželjenog BHO-a (Browser Helper Objects)

Koristite alternativnu preglednik
Ostali preglednici imaju tendenciju da budu sigurniji od IE jer oni ne koriste x aktivnih objekata, Aktivni x objekti mogu koristiti kao infekcije špijunskim točku na vašem računalu. Sigurnije nisu aktivni x preglednici su Opera browser i, od nedavno, Firefox preglednik.

Napomena: Imajte na umu da iako vaš browser svibanj biti više siguran, bez aktivnog x on neće baciti prsten čelika oko vašeg računala. Ako purposly posjetite web-stranice koje su sumnjive u prirodi onda će prevladati infekciju.

Computer Maintenance
Zaštita od zlonamjernih programa može pasmine u privremenim lokacijama. Pomoću programa kao što su ccleaner slim da biste izbrisali privremene datoteke izvan vaše računalo na regularnoj osnovi.

Skenirajte svoje računalo redovito za štetne sadržaje
Scan na redovnoj osnovi kako bi vaše računalo čistim, slobodnog softvera kao što su 's Spybot Search & Destroy vam može pomoći da ostanu jasni. Ostali alternativni softver koji se izvodi pod licience i prati vaše računalo stalno u pozadini je za štetne sadržaje Malwarebytes Anti-zaštita od zlonamjernih programa (MBAM) i SUPERAntiSpyware- Imajte na umu da su ti proizvodi mogu se izvoditi kao besplatno bez licience kao skeniranje na zahtjev skener.

Secure vaš usmjerivač
Promijenite Vaš zadani usmjerivač korisničko ime i lozinka, ne ostavljajte ga na tvornički podešena, čineći tako olakšava neovlaštenog pristupa.

Šifriraj vašoj mreži. Postavite svoju bežičnu mrežu enkripcija na minimum nivo WPA-PSK [TKIP]. To će pomoći spriječiti bilo kakvo neovlašteno korisnici "nadodavanje" na svoju mrežu i krađe vaše bandwith koji ste platili za pravom.

Imam neke uključene sigurnosne srodni članci savjetujemo vam da sam pročitao na svom kroz vrijeme. Ti članci će vam dati savjete i savjete o preveting zlonamjernih programa, te kako ostati siguran dok pregledavate Internet.

-> Kako spriječiti štetni sadržaji - By miekiemoes
-> Nisam povlačenjem Vašu nogu, pošten - By Sandi Hardmeie

** Molimo odgovorite još jedno vrijeme i pustiti mene znati ako mi svibanj uzeti u obzir ovaj thread riješen.

[abz]

ComboFix 09-06-15.03 - postelji 06/15/2009 15:45.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.457 [GMT -5:00]
Running from: C: \ Documents and Settings \ postelji \ Desktop \ ComboFix.exe
Naredba prekidači koji se koriste:: C: \ Documents and Settings \ postelji \ Desktop \ CFScript.txt.txt
AV: McAfee VirusScan * U * onemogućen pristup skeniranje (Promjena) (84B5EE75-6421-4CDE-A33A-DD43BA9FAD83)
FW: McAfee Personal Firewall * * onemogućen (94894B63-8C7F-4050-BDA4-813CA00DA3E8)
.
- Načinu smanjene funkcionalnosti --
.

((((((((((((((((((((((((( Files Created from 2009/05/15 da 2009/06/15 ))))))))))) ))))))))))))))))))))
.

2009-06-13 12:39. 2009-06-13 12:39 410984 ---- AW-c: \ windows \ system32 \ deploytk.dll
2009-06-13 12:38. 2009-06-13 12:38 152576 ---- AW-c: \ Documents and Settings \ postelji \ Application Data \ nedjelja \ Java \ jre1.6.0_14 \ lzma.dll
2009-06-13 12:36. 2009-06-13 12:36 -------- d ----- w-C: \ Program Files \ Trend Micro
2009-06-13 12:26. 2009-06-13 12:26 -------- d ----- w-c: \ Documents and Settings \ postelji \ Application Data \ Malwarebytes
2009-06-13 12:26. 2009-05-26 18:20 40160 ---- AW-c: \ windows \ system32 \ drivers \ mbamswissarmy.sys
2009-06-13 12:26. 2009-06-13 12:26 -------- d ----- w-C: \ Program Files \ Malwarebytes' Anti-zaštita od zlonamjernih programa
2009-06-13 12:26. 2009-06-13 12:26 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2009-06-13 12:26. 2009-05-26 18:19 19096 ---- AW-c: \ windows \ system32 \ drivers \ mbam.sys
2009-06-13 10:58. 2009-06-13 12:47 117760 ---- AW-c: \ Documents and Settings \ postelji \ Application Data \ SUPERAntiSpyware.com \ SUPERAntiSpyware \ SDDLLS \ UIREPAIR.DLL
2009-06-13 10:57. 2009-06-13 10:57 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ SUPERAntiSpyware.com
2009-06-13 10:57. 2009-06-13 10:57 -------- d ----- w-C: \ Program Files \ SUPERAntiSpyware
2009-06-13 10:57. 2009-06-13 10:57 -------- d ----- w-c: \ Documents and Settings \ postelji \ Application Data \ SUPERAntiSpyware.com
2009-06-13 10:49. 2009-06-13 10:49 -------- d ----- w-C: \ Program Files \ CCleaner
2009-06-12 09:42. 2009-06-12 09:42 541696 ---- AW-c: \ Documents and Settings \ postelji \ Application Data \ Macromedia \ Flash Player \http://www.macromedia.com \ bin \ octosh ... 011-0-main.dll
2009-06-08 04:12. 2009-06-08 04:12 -------- d ----- w-c: \ Documents and Settings \ postelji \ Local Settings \ Application Data \ Mećava Zabava
2009-06-06 12:55. 2009-06-06 12:55 -------- d ----- w-c: \ Documents and Settings \ postelji \ Application Data \ GRETECH
2009-06-06 12:54. 2009-06-06 12:54 -------- d ----- w-c: \ program files \ GRETECH
2009-06-06 01:32. 2001-08-18 03:36 5632 ---- AW-c: \ windows \ system32 \ ptpusb.dll
2009-06-06 01:32. 2008-04-13 17:45 15104-c - AW-c: \ windows \ system32 \ dllcache \ usbscan.sys
2009-06-06 01:32. 2008-04-13 17:45 15104 ---- AW-c: \ windows \ system32 \ drivers \ usbscan.sys
2009-06-06 01:32. 2008-04-13 23:12 159232 ---- AW-c: \ windows \ system32 \ ptpusd.dll
2009-05-20 21:24. 2009-05-20 21:24 -------- d ----- w-c: \ windows \ system32 \ wbem \ Spremište
2009-05-17 00:59. 2009-05-17 00:59 -------- d ----- w-c: \ Documents and Settings \ postelji \ Application Data \ Logitech
2009-05-17 00:58. 2009-05-17 00:58 -------- d ----- w-c: \ Documents and Settings \ postelji \ Application Data \ Leadertech
2009-05-17 00:58. 2009-05-17 00:58 53248 ---- ar-c: \ Documents and Settings \ postelji \ Application Data \ Microsoft \ Installer \ (3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C) \ ARPPRODUCTICON.exe
2009-05-17 00:54. 2007-11-15 15:06 301656 ---- AW-c: \ windows \ system32 \ BtCoreIf.dll
2009-05-17 00:54. 2007-11-15 15:07 76304 ---- AW-c: \ windows \ system32 \ KemXML.dll
2009-05-17 00:54. 2007-11-15 15:07 117264 ---- AW-c: \ windows \ system32 \ KemWnd.dll
2009-05-17 00:54. 2007-11-15 15:07 141840 ---- AW-c: \ windows \ system32 \ KemUtil.dll
2009-05-17 00:54. 2007-11-15 15:07 170512 ---- AW-c: \ windows \ system32 \ kemutb.dll
2009-05-17 00:53. 2009-05-17 00:53 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ Logitech
2009-05-17 00:53. 2009-05-17 00:58 -------- d ----- w-C: \ Program Files \ Common Files \ Logishrd
2009-05-17 00:53. 2009-05-17 00:53 -------- d ----- w-C: \ Program Files \ Logitech
2009-05-17 00:52. 2009-05-17 00:52 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ LogiShrd

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-15 20:35. 2008-01-19 23:46 -------- d ----- w-C: \ Program Files \ Warcraft III
2009-06-15 19:57. 2008-05-08 21:26 -------- d ----- w-C: \ Program Files \ MSN 1
2009-06-15 19:52. 2009-01-16 02:19 -------- d ----- w-C: \ Program Files \ Garena
2009-06-15 19:50. 2008-01-20 11:30 -------- d ----- w-C: \ Program Files \ Common Files \ Adobe
2009-06-15 06:47. 2008-06-12 23:41 -------- d ----- w-c: \ program files \ Diablo II
2009-06-15 00:00. 2008-04-01 23:08 -------- d ----- w-c: \ program files \ Parna
2009-06-13 21:31. 2008-01-20 01:58 24 ---- AW-c: \ windows \ system32 \ DVCStateBkp-00000002-00000000-00000001-00001102-00000004-00581102 (). Dat
2009-06-13 21:31. 2008-01-20 01:58 24 ---- AW-c: \ windows \ system32 \ DVCState-00000002-00000000-00000001-00001102-00000004-00581102 (). Dat
2009-06-13 12:42. 2008-01-24 03:09 -------- d ----- w-C: \ Program Files \ Java
2009-06-13 10:55. 2008-12-05 22:58 -------- d ----- w-C: \ Program Files \ Common Files \ Wise Installation Wizard
2009-06-10 11:30. 2008-01-26 13:05 -------- d ----- w-c: \ Documents and Settings \ postelji \ Application Data \ Mirc
2009-06-10 11:28. 2008-01-26 13:05 -------- d ----- w-c: \ program files \ Mirc
2009-06-09 10:49. 2008-01-21 06:02 -------- d ----- w-C: \ Program Files \ World of Warcraft
2009-05-30 18:04. 2008-03-04 23:15 -------- d ----- w-c: \ Documents and Settings \ postelji \ Application Data \ uTorrent
2009-05-17 00:56. 2009-05-17 00:56 0 --- ha-w-c: \ windows \ system32 \ drivers \ Msft_Kernel_LMouFilt_0 1005.Wdf
2009-05-17 00:56. 2009-05-17 00:56 0 --- ha-w-c: \ windows \ system32 \ drivers \ Msft_Kernel_LUsbFilt_0 1005.Wdf
2009-05-17 00:56. 2009-05-17 00:56 0 --- ha-w-c: \ windows \ system32 \ drivers \ MsftWdf_Kernel_01005_C oinstaller_Critical.Wdf
2009-05-17 00:53. 2008-01-20 00:01 -------- d - h - w-C: \ Program Files \ InstallShield Installation Information
2009-05-13 20:47. 2009-05-13 13:50 -------- d ----- w-c: \ Documents and Settings \ postelji \ Application Data \ Winamp
2009-05-13 13:51. 2009-05-13 13:50 -------- d ----- w-C: \ Program Files \ Winamp
2009-05-07 15:32. 2002-09-03 13:00 345600 ---- AW-c: \ windows \ system32 \ Localspl.dll
2009-05-03 18:08. 2009-05-03 18:08 -------- d ----- w-c: \ Documents and Settings \ postelji \ Application Data \ Talkback
2009-05-01 01:15. 2009-05-01 01:15 -------- d ----- w-C: \ Program Files \ Common Files \ Inca Dijeljeno
2009-05-01 00:27. 2009-05-01 00:25 -------- d ----- w-c: \ Documents and Settings \ All Users \ Application Data \ PMB Files
2009-05-01 00:25. 2009-05-01 00:25 -------- d ----- w-c: \ program files \ Pando Mreše
2009-04-26 17:55. 2009-04-26 17:55 488960 ---- AW-c: \ Documents and Settings \ postelji \ Application Data \ Macromedia \ Flash Player \http://www.macromedia.com \ bin \ octosh ... 240-0-main.dll
2009-04-26 17:55. 2009-04-26 17:55 319488 ---- AW-c: \ Documents and Settings \ postelji \ Application Data \ Macromedia \ Flash Player \www.macromedia.com \ bin \ octoshape \ octoshape.exe
2009-04-26 17:54. 2009-04-26 17:54 1878984 ---- AW-c: \ Documents and Settings \ postelji \ Application Data \ Macromedia \ Flash Player \www.macromedia.com \ bin \ fpupdatepl \ fpupdatepl.exe
2009-04-20 14:40. 2008-01-19 23:47 -------- d ----- w-C: \ Program Files \ McAfee
2009-04-20 14:39. 2009-01-31 00:40 -------- d ----- w-C: \ Program Files \ Xfire
2009-04-18 08:31. 2009-01-31 00:40 -------- d ----- w-c: \ Documents and Settings \ postelji \ Application Data \ Xfire
2009-04-18 07:45. 2009-04-18 07:45 -------- d ----- w-c: \ Documents and Settings \ NetworkService \ Application Data \ Xfire
2009-04-17 12:26. 2002-09-03 13:00 1847168 ---- AW-c: \ windows \ system32 \ Win32k.sys
2009-04-15 14:51. 2004-03-06 02:16 585216 ---- AW-c: \ windows \ system32 \ rpcrt4.dll
2009-04-14 18:17. 2009-04-14 18:17 41808 ---- AW-c: \ windows \ system32 \ xfcodec.dll
2009-03-25 16:06. 2008-01-19 23:48 40552 ---- AW-c: \ windows \ system32 \ drivers \ mfesmfk.sys
2009-03-25 16:06. 2008-01-19 23:48 35272 ---- AW-c: \ windows \ system32 \ drivers \ mfebopk.sys
2009-03-25 16:06. 2008-01-19 23:48 79880 ---- AW-c: \ windows \ system32 \ drivers \ mfeavfk.sys
2009-03-25 16:06. 2008-01-19 23:48 214024 ---- AW-c: \ windows \ system32 \ drivers \ mfehidk.sys
2009-03-25 16:05. 2008-01-19 23:48 34216 ---- AW-c: \ windows \ system32 \ drivers \ mferkdk.sys
2009-03-20 04:38. 2008-01-19 23:51 93207 ---- AW-c: \ windows \ War3Unin.dat
2009-03-19 15:42. 2009-04-07 01:26 217088 ---- AW-c: \ Documents and Settings \ postelji \ Application Data \ Mozilla \ Firefox \ Profiles \ zj2wd98u.default \ ext ensions \ NPDyyno@dyyno.com \ Plugins \ npDyyno. dll
2008-02-04 22:08. 2008-02-04 22:08 13123836 ---- AW-c: \ program files \ GGClient_setup.exe
.

((((((((((((((((((((((((((((( SnapShot@2009-06-13_21.34.03 )))))))))))) )))))))))))))))))))))))))))))
.
+ 2009-06-15 15:18. 2009-06-15 15:18 16384 C: \ Windows \ Temp \ Perflib_Perfdata_810.dat
+ 2009-06-14 23:59. 2009-06-14 23:59 16384 C: \ Windows \ Temp \ Perflib_Perfdata_120.dat
+ 2008-01-19 23:26. 2009-06-15 20:42 32768 C: \ Windows \ System32 \ Config \ systemprofile \ Local Settings \ Povijest \ History.IE5 \ Index.dat
- 2008-01-19 23:26. 2009-06-13 17:07 32768 C: \ Windows \ System32 \ Config \ systemprofile \ Local Settings \ Povijest \ History.IE5 \ Index.dat
+ 2008-01-19 23:26. 2009-06-15 20:42 32768 C: \ Windows \ System32 \ Config \ systemprofile \ Cookies \ i ndex.dat
- 2008-01-19 23:26. 2009-06-13 17:07 32768 C: \ Windows \ System32 \ Config \ systemprofile \ Cookies \ i ndex.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Note * empty entries & čitljiv default unose se ne prikazuju
REGEDIT4

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
"MSMSGS" = "C: \ Program Files \ Messenger \ MSMSGS.EXE" [2008-04-14 1695232]
"Ctfmon.exe" = "c: \ windows \ system32 \ Ctfmon.exe" [2008-04-14 15360]
"Pare" = "C: \ Program Files \ Parna \ Steam.exe" [2009-06-13 1217784]
"Octoshape Streaming Services" = "C: \ Program Files \ Octoshape Streaming Services \ postelji \ OctoshapeClient.exe" [2006-02-13 214648]
"AlcoholAutomount" = "C: \ Program Files \ Alcohol Soft \ Alcohol 120 \ axcmd.exe" [2008-03-20 217544]
"Demon Tools Lite" = "C: \ Program Files \ demon Tools Lite \ daemon.exe" [2008-04-01 486856]
"Rundll32" = "c: \ windows \ system32 \ Rundll32.exe" [2008-04-14 33280]
"EasyLinkAdvisor" = "C: \ Program Files \ Linksys EasyLink Savjetnik \ LinksysAgent.exe" [2007-03-15 454784]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"SunJavaUpdateSched" = "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe" [2009-06-13 148888]
"mcagent_exe" = "C: \ Program Files \ McAfee.com \ Agent \ mcagent.exe" [2009-01-09 645328]
"PWRISOVM.EXE" = "C: \ Program Files \ PowerISO \ PWRISOVM.EXE" [2008-03-14 233472]
"QuickTime Task" = "C: \ Program Files \ QuickTime \ QTTask.exe" [2008-09-06 413696]
"WinampAgent" = "C: \ Program Files \ Winamp \ winampa.exe" [2009-04-10 37888]
"Adobe Reader Speed Launcher" = "C: \ Program Files \ Adobe \ Reader 9,0 \ Reader \ Reader_sl.exe" [2009-02-27 35696]
"WINDVDPatch" = "CTHELPER.EXE" - c: \ windows \ system32 \ CTHELPER.EXE [2002-02-08 40960]
"kmw_run.exe" = "kmw_run.exe" - c: \ windows \ system32 \ kmw_run.exe [2002-12-23 102400]
"Kernel i sloj apstrakcije hardvera" = "KHALMNPR.EXE" - c: \ windows \ KHALMNPR.Exe [2007-09-21 55824]

C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup \
Logitech SetPoint.lnk - C: \ Program Files \ Logitech \ SetPoint \ SetPoint.exe [2009-5-16 784912]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entversion \ Explorer \ ShellExecuteHooks]
"(5AE067D3-9AFB-48E0-853A-EBB7F4A000DA)" = "C: \ Program Files \ SUPERAntiSpyware \ SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ winlogon \ obavijestiti \! SASWinLogon]
2008-12-22 17:05 356352 ---- AW-C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ winlogon \ obavijestiti \ LBTWlgn]
2007-11-15 15:10 72208 ---- AW-C: \ Program Files \ Common Files \ Logishrd \ Bluetooth \ LBTWLgn.dll

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro l \ SafeBoot \ Minimal \ mcmscsvc]
@ = ""

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro l \ SafeBoot \ Minimal \ MCODS]
@ = ""

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro l \ SafeBoot \ Minimal \ WdfLoadGroup]
@ = ""

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ sigurnosni centar]
"AntiVirusOverride" = dword: 00000001

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ sigurnosni centar \ Praćenje \ McAfeeAntiVirus]
"DisableMonitoring" = dword: 00000001

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ sigurnosni centar \ Praćenje \ McAfeeFirewall]
"DisableMonitoring" = dword: 00000001

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ AuthorizedApplications \ List]
"% windir% \ \ system32 \ \ sessmgr.exe" =
"% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" =
"c: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" =
"c: \ \ WINDOWS \ \ system32 \ \ dpvsetup.exe" =
"c: \ \ Program Files \ \ Mirc \ \ mirc.exe" =
"c: \ \ Program Files \ \ Parna \ \ steamapps \ \ inatrance2 \ \ protuinformacije sstrajk \ \ hl.exe" =
"c: \ \ Program Files \ \ AIM6 \ \ aim6.exe" =
"c: \ \ Program Files \ \ uTorrent \ \ uTorrent.exe" =
"c: \ \ Program Files \ \ Bonjour \ \ mDNSResponder.exe" =
"c: \ \ Program Files \ \ Octoshape Streaming Services \ \ postelji \ \ OctoshapeClient.exe" =
"c: \ \ Program Files \ \ Warcraft III \ \ Warcraft III.exe" =
"c: \ \ Program Files \ \ Warcraft III \ \ Frozen Throne.exe" =
"c: \ \ Program Files \ \ Starcraft \ \ StarCraft.exe" =
"c: \ \ Documents and Settings \ \ postelji \ \ Local Settings \ \ Application Data \ \ Dyyno Receiver \ \ DPPM.exe" =
"c: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" =
"c: \ \ Program Files \ \ Parna \ \ steamapps \ \ inatrance2 \ \ protuinformacije sstrajk izvor \ \ hl2.exe" =
"c: \ \ Program Files \ \ Messenger \ \ msnmsgr.exe" =
"c: \ \ Program Files \ \ Messenger \ \ livecall.exe" =
"c: \ \ WINDOWS \ \ system32 \ \ rtcshare.exe" =
"c: \ \ Program Files \ \ NetMeeting \ \ conf.exe" =
"c: \ \ Program Files \ \ Ventrilo \ \ Ventrilo.exe" =
"c: \ \ Program Files \ \ Tortun \ \ gui.exe" =
"c: \ \ Program Files \ \ Garena \ \ Garena.exe" =
"c: \ \ Program Files \ \ Xfire \ \ Xfire.exe" =
"c: \ \ Program Files \ \ Common Files \ \ McAfee \ \ MNA \ \ McNASvc.exe" =
"c: \ \ Documents and Settings \ \ postelji \ \ Desktop \ \ wtvClient.exe" =
"c: \ \ Program Files \ \ Xfire \ \ dppm_source.exe" =
"c: \ \ Program Files \ \ World of Warcraft \ \ Launcher.exe" =
"c: \ \ Documents and Settings \ \ postelji \ \ Application Data \ \ Macromedia \ \ Flash Player \ \ www.macromedia.com \ \ bin \ \ octoshape \ \ octosh ape.exe" =
"c: \ \ Program Files \ \ Pando Mreše \ \ Media pobuđivač \ \ PMB.exe" =
"c: \ \ Program Files \ \ Warcraft III \ \ pickup.listchecker.exe" =
"c: \ \ Program Files \ \ World of Warcraft \ \ WOW-3.0.9.9551-to-3.1.0.9767-enUS-downloader.exe" =
"c: \ \ Program Files \ \ World of Warcraft \ \ WOW-3.1.0.9767-to-3.1.1.9806-enUS-downloader.exe" =
"c: \ \ Program Files \ \ World of Warcraft \ \ WOW-3.1.1.9806-to-3.1.1.9835-enUS-downloader.exe" =

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ GloballyOpenPorts \ List]
"58121: TCP" = 58121: TCP: Pando Mediji pobuđivač
"58121: UDP" = 58121: UDP: Pando Mediji pobuđivač
"3724: TCP" = 3724: TCP: Mećava Downloader: 3724

R1 SASDIFSV; SASDIFSV; C: \ Program Files \ SUPERAntiSpyware \ sasdifsv.sys [5/26/2009 10:05 AM 9968]
R1 SASKUTIL; SASKUTIL; C: \ Program Files \ SUPERAntiSpyware \ SASKUTIL.SYS [5/26/2009 10:05 AM 72944]
R3 GarenaPEngine; GarenaPEngine; \? \ C: \ docume ~ 1 \ postelji \ L OCALS ~ 1 \ Temp \ VEU2E6.tmp -> c: \ docume ~ 1 \ postelji \ Mještani ~ 1 \ Temp \ VEU2E6.tmp [ ?]
S2 gupdate1c9bbee86597ef4; Google Update Service (gupdate1c9bbee86597ef4); "C: \ Program Files \ Google \ Update \ GoogleUpdate.exe" / svc -> C: \ Program Files \ Google \ Update \ GoogleUpdate.exe [?]
S3 iscFlash; iscFlash; \? \ C: \ Windows \ System32 \ Drivers \ iscflash.sys -> c: \ Windows \ System32 \ Drivers \ iscflash.sys [?]
S3 mcdevice; mcdevice; c: \ windows \ system32 \ drivers \ mcde vice.sys [8/16/2008 3:17 PM 323584]
S3 npggsvc; nProtect GameGuard Service; c: \ windows \ system32 \ GameMon.des-service -> c: \ windows \ system32 \ GameMon.des-service [?]
S3 SASENUM; SASENUM; C: \ Program Files \ SUPERAntiSpyware \ SASENUM.SYS [5/26/2009 10:05 AM 7408]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ aktivnih setup \ instalirane komponente \> (60B49E34-C7CC-11D0-8953-00A0C90347FF)]
"c: \ windows \ system32 \ rundll32.exe" C: \ Windows \ system32 \ iedkcs32.dll ", BrandIEActiveSe ovan Signup
.
Sadržaj je 'Scheduled Tasks' folder

2009/06/15 C: \ Windows \ Tasks \ McDefragTask.job
- C: \ programa ~ 1 \ McAfee \ mqc \ QcConsol.exe [2008-01-19 15:53]

2009/06/01 C: \ Windows \ Tasks \ McQcTask.job
- C: \ programa ~ 1 \ McAfee \ mqc \ QcConsol.exe [2008-01-19 15:53]
.
.
------- Supplementary Scan -------
.
Page uStart = hxxp: / / www.wcreplays.com/
uSearchMigratedDefaultURL = hxxp: / / www.google.com/search?q = () searchTerms & sourceid = IE7 & rls = com.micros čest: en-US & ie = UTF8 & OE = UTF8
uSearchURL, (Default) = hxxp: / / search.yahoo.com / search? McAfee fr = & p =% s
IE: & AIM Toolbar Search - C: \ Documents and Settings \ All Users \ Application Data \ AIM Toolbar \ ieToolbar \ resurse \ en-us \ Local \ search.html
IE: E & zvezi u Microsoft Excel - C: \ programa ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
DPF: DirectAnimation Java Classes - file: / / c: \ windows \ Java \ Classes \ dajava.cab
DPF: Microsoft XML parser za Java - file: / / c: \ windows \ Java \ Classes \ xmldso.cab
DPF: (428088E0-96DB-4960-99D5-3C809C5A7D74) - hxxp: / / www.wcgzone.com / GamOnUpdate.cab
FF - ProfilePath --
.

************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit / potaja detector by Gmer zlonamjernih programa, http://www.gmer.net
Rootkit scan 2009-06-15 15:48
5/1/2600 Windows Service Pack 3 NTFS

skeniranja skrivenih procesa ...

skeniranja skrivenih autostart entries ...

skeniranja skrivenih datoteka ...

scan uspješno završena
skrivenih datoteka: 0

************************************************** ************************

[HKEY_LOCAL_MACHINE \ System \ ControlSet001 \ Services \ G arenaPEngine]
"ImagePath" = "\? \ C: \ docume ~ 1 \ postelji \ Mještani ~ 1 \ Temp \ VE U2E6.tmp"

[HKEY_LOCAL_MACHINE \ System \ ControlSet001 \ Services \ n pggsvc]
"ImagePath" = "c: \ windows \ system32 \ GameMon.des-service"
.
--------------------- --------------------- Zaključana registarske ključeve

[HKEY_USERS \ S-1-5-21-682003330-583907252-839522115-1004 \ Software \ Microsoft \ SystemCertificates \ Address Book *]
@ Dozvoljen: (Read) (RestrictedCode)
@ Dozvoljen: (Read) (RestrictedCode)
.
--------------------- Loaded DLL datoteke koje Under Running Processes ---------------------

- - - - - - -> 'Winlogon.exe' (608)
C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
C: \ Program Files \ zajedničke datoteke \ logishrd \ Bluetooth \ LBTWlgn.dll
C: \ Program Files \ zajedničke datoteke \ logishrd \ Bluetooth \ LBTServ.dll

- - - - - - -> "Explorer.exe" (8984)
C: \ Program Files \ Logitech \ SetPoint \ GameHook.dll
C: \ Program Files \ Logitech \ SetPoint \ lgscroll.dll
c: \ windows \ system32 \ ieframe.dll
c: \ windows \ system32 \ OneX.DLL
c: \ windows \ system32 \ eappprxy.dll
c: \ windows \ system32 \ webcheck.dll
.
Completion time: 2009-06-15 15:51
ComboFix-u karanteni-files.txt 2009-06-15 20:51
ComboFix2.txt 2009-06-13 21:38

Pre-Run: 23249760256 bytes free
Post-Run: 23353303040 bytes free

252 --- EOF --- 2009-06-10 10:09



I ran skeniranja sinoć, i to je rekao sam imao 2 detections. 1 je od onih koje se već fiksna, ali drugi je jedna Našao sam na prvi dan, zvalo Artemida s brojevima i uzvika, nije bilo informacije o mcafees mjestu. Prvi put se pojavio on ode nakon što sam se skeniraju, a sada ga popped up again. Bilo je u Windows /

[sjb007]

Hi there abz

Ja primjetiti da imate Malwarebytes Antimalware (MBAM) instaliran
Želim da pokrenete skeniranje za mene ..
Prvo želim da ažurirati MBAM pa smo najnovije definicije onboard
Molimo, otvorite Malwarebytes Antimalware
Sada kliknite na update kartice
Next - Kliknite na Provjeri ažuriranja button

• Ako naiđete na bilo kakve probleme tijekom preuzimanja ažuriranja, ručno ih preuzeti iz ovdje i samo dva puta kliknite na mbam-rules.exe instalirati.
• Na kartici Scanner:
  • Provjerite je li "Obavi Quick Scan"Opcija je odabrana.
  • Zatim kliknite na Scan gumb.
• Sljedeći screen će vas tražiti da odaberete Pogoni za skeniranje. Ostaviti svi pogoni odabrana i kliknite na Start Scan gumb.
• Skeniranje započet će i "Scan u tijeku"Će se prikazati na vrhu. On svibanj uzeti neko vrijeme da završe pa molimo budite strpljivi.
• Kada se skeniranje završi, okvir s porukom će reći "Skeniranje završeno uspješno. Kliknite na "Prikaži rezultate 'za prikaz svih objekata pronađeno".
• Kliknite U redu za zatvaranje poruke kutija i nastaviti s postupak uklanjanja.
• Natrag na glavnom Scanner ekranu, kliknite na Prikaži rezultate gumb da biste vidjeli popis svih zlonamjernih programa koji je pronađen.
• Uvjerite se da sve je označeno, A zatim kliknite Ukloni odabrano.
• Prilikom uklanjanja dovršen, dnevnik izvješću će se otvoriti u Notepad i vi svibanj biti zatraženo da ponovno pokrenete računalo. (vidi bilješku ispod)
• U zapisnik se automatski spremljene i mogu biti pregledani klikom na Evidencije karticu u MBAM.
• Kopirajte i zalijepite sadržaj tog izvješća u Vašem sljedećem odgovoru i izlaz MBAM.

Napomena: Ako MBAM susreti datoteku koja je teško ukloniti, bit će predstavljen sa 1 of 2 upitom. Kliknite U redu da biste bilo i nek MBAM dezinfekcija nastaviti s procesom. Ako zamoljeni da ponovo pokrenete računalo, učinite to odmah. Propust da će spriječiti pokretanje MBAM iz uklanjanje svih štetnih sadržaja.

Post natrag nastale zapisnik, čuvaj me updated on kako stvari stoje

[abz]

Malwarebytes' Anti-zaštita od zlonamjernih programa 1,37
Database Version: 2285
5/1/2600 Windows Service Pack 3

6/15/2009 6:16:04 PM
mbam-log-2009-06-15 (18-16-04). txt

Scan type: Quick Scan
Objekti skenirane: 85693
Vrijeme proteklo: 10 minute (s), 46 Drugi (a / e)

Memory Processes zaraženih: 0
Memorijske module zaraženih: 0
Ključevi registra zaraženih: 0
Registry Values zaraženih: 0
Registry Data Items zaraženih: 0
Mape zaraženih: 0
Zaraženih datoteka: 0

Memory Processes zaraženih:
(Nema stavki otkrivenih zlonamjernih)

Memorijske module zaraženih:
(Nema stavki otkrivenih zlonamjernih)

Ključevi registra zaraženih:
(Nema stavki otkrivenih zlonamjernih)

Registry Values zaraženih:
(Nema stavki otkrivenih zlonamjernih)

Registry Data Items zaraženih:
(Nema stavki otkrivenih zlonamjernih)

Mape zaraženih:
(Nema stavki otkrivenih zlonamjernih)

Zaražene datoteke:
(Nema stavki otkrivenih zlonamjernih)



Kad sam osvježite ovu stranicu u dnu lijevo piše loading računalno juce, pa ponekad i drugim stvarima poskočiti, kao swiji dot com, ili plemenska-infuzija ili nešto. Ali ja nemam problema s odlaskom na google više.

[sjb007]

Hi there abz

Quote:

Kad sam osvježite ovu stranicu u dnu lijevo piše loading računalno juce, pa ponekad i drugim stvarima poskočiti, kao swiji dot com, ili plemenska-infuzija ili nešto.

Info vidim da ste se informacije koje se odnose na Compuer soka forume i web stranice sponzora i ništa ne morate se brinuti. Jeste McAfee dati puni naziv datoteke i filepath do vrijeđa slika, bio je izrađen prijaviti na svim?