Zna li netko rješenje za ovaj problem. hvala
skini ovu free verziju i skeniraj pc.
već uradio našao ih par ali ne u memoriji, očistio ali opet nod32 prijavi isto
sve napravio i opet isto............
uradio i opet isto
Formatiraj disk i problem riješen.
to je naporno smece,koje se uklanja combofixom. pun je net tutorijala.
to je naporno smece,koje se uklanja combofixom. pun je net tutorijala.
Ah bas!
Cudi me upravo to sto je napravio sve,ali nije pitao Google!?Ima cak i na Hrv verziji uklanjanje,ali ajd dobo!
svaka cast malo ti je ovo sto si postao taj link daj stavi ga na facebook mozda jos malo ljudi uspijes zaraziti.... koji debil u pm
pa nista ako ti je taj virus bas zapao za oko,probaj drugim antivurusom obrisat
http://webtoolsandtips.com/remove-trojan/how-to-remove-win32olmarik-uninstall-olmarik-trojan-free/
Slijedi tutorijal za manualno uklanjanje a zanemari ovaj program koji nude...
Pokušaj isključiti System Restore i zatim skeniraj s MBAM-om i SASP-om. Prije skeniranja ih nadogradi na najnoviju bazu podataka. Ako ni to ne pomože skini Aviru Free, instaliraj ju, napravio joj nadogradnju i skeniraj s njom. Možeš skenirat s HijackThisom (Do a system scan and save a logfile) i kada završi kopiraj sve iz notepada ovdje na forum da vidim što treba uklonit.
Korak 1 - Press Ctrl+Shift+Esc
otvori se Win.Upr.Zad.
što god hoću da zaustavim ne reagira
Korak 2 - Tražim dll (start, pretraži programe i datoteke
UACsnbfuyfvmevqlyg.dll
UACdfqsytqwwyfllri.dll
rezultat - pretraživanje nije dalo rezultata
Korak 3 - regedit
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects - neznam što odabrati
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5BF49A2-94F3-42BD-F434-3604812C897D} - nema
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C5BF49A2-94F3-42BD-F434-3604812C897D} - nema
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C5BF49A2-94F3-42BD-F434-3604812C897D}\InProcServer32 - nema
evo i par slika
evo nešto sam napravio sa combofix-om
ComboFix 11-03-09.03 - Josip 0.03.2011. 12:15:53.3.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.385.1033.18.3071.2129 [GMT 1:00]
Running from: c:\users\Josip\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-02-10 to 2011-03-10 )))))))))))))))))))))))))))))))
.
.
2011-03-10 11:20 . 2011-03-10 11:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-10 11:13 . 2011-03-10 11:14 -------- d-----w- C:\32788R22FWJFW
2011-03-10 11:11 . 2011-03-10 11:11 -------- d-----w- c:\program files\CCleaner
2011-03-10 07:19 . 2011-03-10 07:22 -------- d-----w- c:\program files\trend micro
2011-03-10 07:19 . 2011-03-10 07:19 -------- d-----w- C:\rsit
2011-03-09 22:16 . 2011-03-09 22:16 -------- d-----w- c:\program files\ESET
2011-03-09 22:07 . 2005-09-23 06:29 626688 ----a-w- c:\windows\system32\msvcr80.dll
2011-03-09 18:38 . 2011-03-09 18:38 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-03-09 15:34 . 2011-03-09 15:35 -------- d-----w- c:\program files\Nero
2011-03-09 15:34 . 2011-03-09 15:35 -------- d-----w- c:\program files\Common Files\Nero
2011-03-09 07:54 . 2011-02-19 05:32 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-03-09 07:54 . 2011-02-19 05:33 802304 ----a-w- c:\windows\system32\FntCache.dll
2011-03-09 07:54 . 2011-02-19 05:32 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-03-09 07:54 . 2010-12-18 05:30 2690560 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 07:54 . 2010-12-18 05:26 1034240 ----a-w- c:\windows\system32\mstsc.exe
2011-03-09 07:54 . 2010-12-23 05:28 642048 ----a-w- c:\windows\system32\CPFilters.dll
2011-03-09 07:54 . 2010-12-23 05:28 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 07:54 . 2010-12-23 05:28 850432 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 07:54 . 2010-12-23 05:24 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-08 18:29 . 2009-12-30 10:21 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2011-03-08 18:29 . 2011-03-08 18:29 -------- d-----w- c:\program files\VS Revo Group
2011-03-08 13:49 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{864BDA58-6E9B-4CF5-A2FC-A4A72338353E}\mpengine.dll
2011-03-07 12:17 . 2011-03-07 12:17 -------- d-----w- c:\program files\Conduit
2011-03-07 12:17 . 2011-03-07 12:17 -------- d-----w- c:\program files\BitTorrent
2011-03-05 20:21 . 2011-03-05 20:21 -------- d-----w- c:\program files\Gabest
2011-03-05 20:21 . 2011-03-05 20:25 -------- d-----w- c:\program files\Xvid
2011-03-05 20:20 . 2011-03-05 20:25 -------- d-----w- c:\program files\AviSynth 2.5
2011-03-05 20:20 . 2011-03-05 20:23 -------- d-----w- c:\program files\AVI ReComp
2011-03-04 14:16 . 2011-03-04 14:16 -------- d-----w- c:\program files\Common Files\Java
2011-03-04 14:15 . 2011-03-04 14:15 -------- d-----w- c:\programdata\McAfee
2011-02-22 20:09 . 2010-09-14 06:07 276992 ----a-w- c:\windows\system32\wcncsvc.dll
2011-02-22 18:40 . 2011-03-04 21:21 -------- d-----w- c:\program files\AnvSoft
2011-02-22 18:09 . 2011-01-07 07:31 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-22 18:09 . 2011-01-07 07:31 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-22 07:47 . 2011-02-22 07:47 -------- d-----w- c:\program files\Common Files\Adobe
2011-02-18 10:34 . 2011-02-18 10:34 -------- d-----w- c:\windows\system32\Visual Studio 2008
2011-02-18 10:31 . 2011-02-18 10:31 -------- d-----w- c:\program files\Common Files\Corel
2011-02-18 10:30 . 2011-02-18 10:30 -------- d-----w- c:\program files\Common Files\Protexis
2011-02-18 10:30 . 2011-02-18 10:30 -------- d-----w- c:\programdata\Corel
2011-02-18 10:22 . 2011-02-18 10:22 -------- d-----w- c:\program files\Corel
2011-02-17 10:47 . 2011-02-17 10:47 -------- d-----w- C:\Philips
2011-02-15 07:08 . 2011-02-15 07:08 -------- d-----w- C:\FreeRapid-0.85-build555
2011-02-13 20:45 . 2011-02-13 20:45 4668928 ----a-w- C:\LogimoSetup.exe
2011-02-13 20:02 . 2011-02-02 20:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-13 20:01 . 2011-03-04 14:16 -------- d-----w- c:\program files\Java
2011-02-13 01:17 . 2011-02-12 16:24 -------- d-----w- c:\windows\Panther
2011-02-12 20:54 . 2011-02-12 20:54 -------- d-----w- c:\windows\system32\Macromed
2011-02-12 20:24 . 2011-02-12 20:24 -------- d-----w- c:\windows\system32\Wat
2011-02-12 20:24 . 2011-02-12 20:24 -------- d-----w- c:\program files\MSXML 4.0
2011-02-12 20:24 . 2011-02-12 20:24 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-02-12 19:19 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2011-02-12 19:18 . 2009-11-25 11:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-02-12 19:18 . 2009-11-25 11:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-02-12 19:18 . 2009-11-25 11:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-02-12 19:18 . 2009-11-25 11:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-02-12 19:18 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-02-12 19:11 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-02-12 19:10 . 2010-03-04 04:04 146304 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2011-02-12 19:10 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2011-02-12 19:08 . 2009-09-03 07:04 1320960 ----a-w- c:\windows\system32\CertEnroll.dll
2011-02-12 19:07 . 2010-08-21 05:32 316928 ----a-w- c:\windows\system32\spoolsv.exe
2011-02-12 19:02 . 2010-11-02 04:46 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-02-12 19:02 . 2011-02-03 05:45 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-02-12 19:02 . 2010-11-02 04:23 107520 ----a-w- c:\windows\system32\cdd.dll
2011-02-12 18:39 . 2008-03-03 17:21 568 ---ha-w- c:\windows\nod32fixtemdono.reg
2011-02-12 18:39 . 2008-03-03 13:25 5702 ---ha-w- c:\windows\nod32restoretemdono.reg
2011-02-12 18:21 . 2011-03-09 15:34 -------- d-----w- c:\programdata\Nero
2011-02-12 18:17 . 2011-02-12 18:17 -------- d-----w- c:\program files\Ask.com
2011-02-12 17:58 . 2011-02-12 17:58 -------- d-----w- c:\program files\YouTube Downloader
2011-02-12 17:52 . 2008-11-10 10:41 32656 ----a-w- c:\windows\system32\msonpmon.dll
2011-02-12 17:52 . 2006-10-26 18:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2011-02-12 17:51 . 2011-02-12 20:29 -------- d-----w- c:\program files\Microsoft Works
2011-02-12 17:51 . 2011-02-13 22:06 -------- d-----w- c:\program files\Microsoft.NET
2011-02-12 17:47 . 2011-02-12 17:47 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-02-12 17:46 . 2011-03-09 07:55 -------- d-----w- c:\programdata\Microsoft Help
2011-02-12 17:46 . 2011-02-12 17:46 -------- d-----r- C:\MSOCache
2011-02-12 17:37 . 2011-02-12 17:37 -------- d-----w- c:\windows\PCHEALTH
2011-02-12 17:37 . 2011-02-12 17:38 -------- d-----w- c:\program files\Windows Live
2011-02-12 17:36 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2011-02-12 17:36 . 2010-05-23 10:11 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-02-12 17:36 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\system32\mf.dll
2011-02-12 17:35 . 2011-02-12 17:35 -------- d-----w- c:\program files\Common Files\Windows Live
2011-02-12 17:33 . 2011-02-12 17:34 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-02-12 17:29 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-12 17:29 . 2011-03-07 12:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-12 17:29 . 2011-02-12 17:29 -------- d-----w- c:\programdata\Malwarebytes
2011-02-12 17:29 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-12 17:23 . 2011-02-12 17:23 -------- d-----r- c:\program files\Skype
2011-02-12 17:23 . 2011-02-12 17:23 -------- d-----w- c:\program files\Common Files\Skype
2011-02-12 17:23 . 2011-02-12 17:23 -------- d-----w- c:\programdata\Skype
2011-02-12 17:20 . 2011-02-12 17:20 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2011-02-12 17:20 . 2010-02-09 14:37 65602 ----a-w- c:\windows\system32\cook3260.dll
2011-02-12 17:20 . 2010-02-09 14:37 217127 ----a-w- c:\windows\system32\drv43260.dll
2011-02-12 17:20 . 2010-02-09 14:37 208935 ----a-w- c:\windows\system32\drv33260.dll
2011-02-12 17:20 . 2010-02-09 14:37 176165 ----a-w- c:\windows\system32\drv23260.dll
2011-02-12 17:20 . 2010-02-09 14:37 102439 ----a-w- c:\windows\system32\sipr3260.dll
2011-02-12 17:20 . 2010-02-09 14:37 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2011-02-12 17:20 . 2010-02-09 14:37 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2011-02-12 17:20 . 2011-02-12 17:34 -------- d-----w- c:\program files\VSO
2011-02-12 17:16 . 2011-02-12 20:14 -------- d-----w- c:\programdata\NVIDIA
2011-02-12 17:15 . 2011-02-12 17:15 -------- d-----w- c:\program files\Common Files\Adobe AIR
2011-02-12 17:14 . 2011-02-12 17:14 -------- d-----w- c:\program files\asus
2011-02-12 17:13 . 2011-02-12 17:13 -------- d-----w- c:\program files\Elantech
2011-02-12 17:13 . 2009-07-29 07:30 87040 ----a-w- c:\windows\system32\drivers\ETD.sys
2011-02-12 17:13 . 2009-07-08 05:43 4512768 ----a-w- c:\windows\system32\ETDUI.cpl
2011-02-12 17:12 . 2009-03-05 06:54 73728 ----a-w- c:\windows\system32\RtNicProp32.dll
2011-02-12 17:12 . 2009-06-05 10:14 35264 ----a-w- c:\windows\system32\drivers\sncduvc.sys
2011-02-12 17:12 . 2009-06-05 10:14 1766592 ----a-w- c:\windows\system32\drivers\snp2uvc.sys
2011-02-12 17:12 . 2009-06-05 10:14 18496 ----a-w- c:\windows\DrvInst.exe
2011-02-12 17:12 . 2009-05-27 07:41 2266 ----a-w- c:\windows\Uninstvga.bat
2011-02-12 17:12 . 2009-02-02 01:57 2008 ----a-w- c:\windows\Uninstsxga.bat
2011-02-12 17:12 . 2008-06-25 11:00 1682 ----a-w- c:\windows\Uninstuxga.bat
2011-02-12 17:12 . 2008-03-21 13:44 384 ----a-w- c:\windows\Uninstvga.reg
2011-02-12 17:12 . 2008-03-21 13:44 386 ----a-w- c:\windows\Uninstsxga.reg
2011-02-12 17:12 . 2008-03-21 13:38 386 ----a-w- c:\windows\Uninstuxga.reg
2011-02-12 17:11 . 2011-02-12 17:11 -------- d-----w- c:\windows\system32\SRSLabs
2011-02-12 17:11 . 2009-04-02 08:43 520 ----a-r- c:\windows\system32\drivers\SamSfPa.dat
2011-02-12 17:11 . 2009-09-11 12:54 2965536 ----a-w- c:\windows\system32\RtkAPO.dll
2011-02-12 17:11 . 2011-02-12 20:11 -------- d--h--w- c:\program files\Temp
2011-02-12 17:11 . 2011-02-12 17:11 -------- d-----w- c:\program files\Common Files\InstallShield
2011-02-12 17:11 . 2009-07-20 09:29 13880 ----a-w- c:\windows\system32\drivers\kbfiltr.sys
2011-02-12 17:10 . 2009-04-26 14:02 457248 ----a-w- c:\windows\system32\nvuhda.exe
2011-02-12 17:10 . 2009-05-01 02:13 64032 ----a-w- c:\windows\system32\drivers\nvhda32v.sys
2011-02-12 17:10 . 2009-05-01 02:13 57344 ----a-w- c:\windows\system32\nvapo32v.dll
2011-02-12 17:10 . 2009-05-01 02:13 19456 ----a-w- c:\windows\system32\nvhdap32.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-09 15:21 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
------- Sigcheck -------
.
[-] 2009-07-14 01:26 . !HASH: COULD NOT OPEN FILE !!!!! . 21584 . . [------] . . c:\windows\System32\drivers\atapi.sys
[7] 2009-07-14 . 338C86357871C167A96AB976519BF59E . 21584 . . [6.1.7600.16385] . . c:\windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[7] 2009-07-14 . 338C86357871C167A96AB976519BF59E . 21584 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files\BitTorrentBar\tbBitT.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2010-12-09 11:51 3911776 ----a-w- c:\program files\BitTorrentBar\tbBitT.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 15:50 1197448 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files\BitTorrentBar\tbBitT.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
"{88C7F2AA-F93F-432C-8F0E-B7D85967A527}"= "c:\program files\BitTorrentBar\tbBitT.dll" [2010-12-09 3911776]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\users\Josip\AppData\Local\Google\Update\GoogleUpdate.exe" [2011-02-12 136176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-15 13797920]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-07-30 497024]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-12-20 443728]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-02-22 2140880]
.
c:\users\Josip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Alat programa OneNote 2007 za stvaranje zaslonskih isjeźaka i pokretanje.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 qxdscyad;qxdscyad;c:\windows\system32\drivers\qxdscyad.sys [x]
R1 SASDIFSV;SASDIFSV;c:\users\Josip\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV.SYS [x]
R1 SASKUTIL;SASKUTIL;c:\users\Josip\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL.SYS [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2009-07-14 9216]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 WatAdminSvc;Servis Tehnologije aktivacije sustava Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-02-12 1343400]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-02-22 114984]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-02-22 133512]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-02-22 810120]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-02-22 96896]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-07-29 87040]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-12-20 20952]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2009-05-01 64032]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-02-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-111131909-1680138150-4196413403-1001Core.job
- c:\users\Josip\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-12 19:34]
.
2011-03-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-111131909-1680138150-4196413403-1001UA.job
- c:\users\Josip\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-12 19:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.hr/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7600 Disk: Hitachi_HTS543232L9A300 rev.FB4OC40C -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-0
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x861378D4]<<
_asm { PUSH EBP; MOV EBP, ESP; MOV ECX, [0xffdf0308]; MOV EAX, [EBP+0x8]; SUB ESP, 0x14; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; CMP EAX, [ECX+0x4]; JNZ 0x6d; XOR EDI, EDI; }
1 ntkrnlpa!IofCallDriver[0x82A44448] -> \Device\Harddisk0\DR0[0x8620B878]
3 CLASSPNP[0x8B19F59E] -> ntkrnlpa!IofCallDriver[0x82A44448] -> [0x85CFA918]
5 ACPI[0x8369B3B2] -> ntkrnlpa!IofCallDriver[0x82A44448] -> \IdeDeviceP0T0L0-0[0x85CBB030]
[0x8632C9E8] -> IRP_MJ_CREATE -> 0x861378D4
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [BP+0x0], 0x0; }
detected disk devices:
\Device\Ide\IdeDeviceP0T0L0-0 -> \??\IDE#DiskHitachi_HTS543232L9A300_________________FB4OC40C#5&13219e89&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
user & kernel MBR OK
sectors 625142446 (+253): user != kernel
Warning: possible TDL3 rootkit infection !
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-111131909-1680138150-4196413403-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-111131909-1680138150-4196413403-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Completion time: 2011-03-10 12:24:30 - machine was rebooted
ComboFix-quarantined-files.txt 2011-03-10 11:24
.
Pre-Run: 88.369.258.496 bytes free
Post-Run: 88.360.312.832 bytes free
.
- - End Of File - - 3B38E6A61FEDCF4A6627812883271D35
Riješio sam problem Kaspersky TDS Skiller uništava gamad. Barem je mene riješio moje. Hvala svima na trudu
Pozz
moze li mi neko pomoci i reci sta da uradim na drugom kompjuteru imam virus
antivirusni program mi je avast free
znaci pojavio mi se neki virus i cim upalim kompjuter nakon 5 sekundi on se sam ugasi
sta da uradim
Pozz
moze li mi neko pomoci i reci sta da uradim na drugom kompjuteru imam virus
antivirusni program mi je avast free
znaci pojavio mi se neki virus i cim upalim kompjuter nakon 5 sekundi on se sam ugasi
sta da uradim
sprži ovo na cd i čisti s tim
ili ga digni u safe modu pa pokreni hitman,ako nejde normalno drži tipku ctrl
dr web kao hitman idu i sa sticka
mozete li mi objasniti sta da uradim kad prebacim hitman na usb stick
jednostavno ga kopiraš nakon što ga skineš,i zalijepiš na stick
znači desni klik copy i na umetnuti stick koji otvoriš desni klik paste
isto tako i dr web curelt (to radiš na tom zdravom kompu)
ili spržiš onu aviru za sisteme koji se ne mogu dići
ta dva programa imaju moć prekinuti procese od virusa koji blokiraju rad na računalu i čišćenja istog
kod hitmana je to na način da pri pokretnju držiš tipku ctrl,a kod dr ewb-a nudi kod otvaranja enhanced security mode
Pomoć ljudstvo!
Pojavio mi se virus "searchcompletion", malwarebytes ga ne prepoznaje, molim neku preporuku kako da ga skinem sa kompa ako se netko već susreo sa njime.
Hvala.
Pozdrav momci,ovak imam jedan problem. naime imam neki virus neznam ni ja kakav,otvara mi sve programe ali browsere za int. nece opce otvorit sad neznam kak da to rjesim? moze pomoc nekakva
Pozdrav momci,ovak imam jedan problem. naime imam neki virus neznam ni ja kakav,otvara mi sve programe ali browsere za int. nece opce otvorit sad neznam kak da to rjesim? moze pomoc nekakva
Pitaj ovo u ultimativnu antivirus temu. Tamo ćeš brzo dobiti odgovor.
Ako nisi,instalirja Malwarebytes' Anti-Malware i napravil update te full scan,ako nešto nađe ukloni,ako se problem ponavlja,skini SUperAntiSpyware i isto napravi i s njim.
Ali sigurno će ti na ultimativnoj antivirus temi dati bolji odgovor.
Pozdrav momci,ovak imam jedan problem. naime imam neki virus neznam ni ja kakav,otvara mi sve programe ali browsere za int. nece opce otvorit sad neznam kak da to rjesim? moze pomoc nekakva
koji je windows ?
otvara li browsere preko safe mode ?
uradi kako piše u ovom postu pa da pogledamo
