evo
"J" - 2009-01-02 13:53:27 Service Pack 3
ComboFix 07-05.27.BV - Running from: "C:\Documents and Settings\J\Desktop\"
((((((((((((((((((((((((((((((( Files Created from 2008-12-02 to 2009-01-02 ))))))))))))))))))))))))))))))))))
2009-01-02 12:34 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2009-01-02 12:34 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2009-01-02 12:34 12,424 --a------ C:\WINDOWS\system32\drivers\avgrkx86.sys
2009-01-02 12:34 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2009-01-02 12:34 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2009-01-02 12:33 45,568 --a------ C:\WINDOWS\system32\avgfwdx.dll
2009-01-02 12:33 22,528 --a------ C:\WINDOWS\system32\drivers\avgfwdx.sys
2009-01-02 12:33 <DIR> d-------- C:\WINDOWS\LastGood
2009-01-02 12:33 <DIR> d-------- C:\Program Files\AVG
2009-01-02 12:33 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
2009-01-02 11:32 268,648 --a------ C:\WINDOWS\system32\mucltui.dll
2009-01-01 21:25 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-01 13:57 <DIR> d-------- C:\DOCUME~1\J\APPLIC~1\Thinstall
2008-12-31 17:08 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-12-31 17:08 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-12-31 16:45 49,152 --a------ C:\WINDOWS\nircmd.exe
2008-12-31 12:44 208,744 --a------ C:\WINDOWS\system32\muweb.dll
2008-12-30 19:34 <DIR> d-------- C:\Program Files\ChromePortable
2008-12-30 18:51 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
2008-12-29 19:08 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Applications
2008-12-28 20:04 <DIR> d-------- C:\Program Files\Eidos Interactive
2008-12-25 18:11 <DIR> d-------- C:\Documents and Settings\J\Tracing
2008-12-25 18:11 <DIR> d-------- C:\DOCUME~1\J\Tracing
2008-12-25 17:56 <DIR> d-------- C:\Program Files\Microsoft Office Outlook Connector
2008-12-25 17:51 <DIR> d-------- C:\Program Files\Windows Live SkyDrive
2008-12-25 17:24 <DIR> d-------- C:\Program Files\Common Files\Windows Live
2008-12-24 19:02 <DIR> d-------- C:\Games
2008-12-18 13:13 <DIR> d-------- C:\WINDOWS\ie8updates
2008-12-16 17:36 <DIR> d-------- C:\Program Files\Voice Changer 4.0 Diamond
2008-12-14 14:34 1,700,352 --a------ C:\WINDOWS\system32\gdiplus.dll
2008-12-11 18:16 16,252,928 --a------ C:\Documents and Settings\J\ntuser.dat
2008-12-11 18:16 16,252,928 --a------ C:\DOCUME~1\J\ntuser.dat
2008-12-08 15:41 <DIR> d-------- C:\Program Files\Microsoft Games for Windows - LIVE
2008-12-08 15:04 <DIR> d-------- C:\Program Files\Rockstar Games
2008-12-07 21:34 <DIR> d-------- C:\Program Files\RapidCheck
2008-12-02 22:37 49,480 --a------ C:\WINDOWS\system32\sirenacm.dll
2008-12-02 20:15 <DIR> d-------- C:\Program Files\titca
2008-12-02 17:05 <DIR> d-------- C:\Program Files\Uniblue
2008-12-02 16:49 <DIR> d-------- C:\DOCUME~1\J\APPLIC~1\Uniblue
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2009-01-01 19:09:04 -------- d-----w C:\Program Files\wLite
2009-01-01 19:05:31 -------- d-----w C:\DOCUME~1\J\APPLIC~1\Google
2009-01-01 19:01:26 -------- d-----w C:\DOCUME~1\J\APPLIC~1\BitTorrent
2009-01-01 12:55:27 -------- d-----w C:\DOCUME~1\J\APPLIC~1\Spy Emergency
2008-12-31 15:33:05 -------- d-----w C:\Program Files\Skype
2008-12-30 17:51:51 -------- d-----w C:\Program Files\Google
2008-12-30 16:18:27 -------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-12-29 18:19:33 -------- d-----w C:\Program Files\Microsoft Games
2008-12-25 16:54:34 -------- d-----w C:\Program Files\Windows Live
2008-12-24 16:42:07 -------- d-----w C:\Program Files\Illusion
2008-12-24 16:38:36 -------- d-----w C:\Program Files\DNA
2008-12-20 16:29:39 -------- d-----w C:\Program Files\PuppetMaster
2008-12-11 13:39:27 -------- d-----w C:\Program Files\Latinski Recnik 1.1
2008-12-08 14:06:05 -------- d--h--w C:\Program Files\InstallShield Installation Information
2008-12-04 13:56:11 410,984 ----a-w C:\WINDOWS\system32\deploytk.dll
2008-12-01 14:26:37 -------- d-----w C:\Program Files\SystemRequirementsLab
2008-11-28 15:51:09 -------- d-----w C:\Program Files\Siber Systems
2008-11-24 15:22:37 10 ----a-w C:\WINDOWS\popcinfo.dat
2008-11-23 14:18:22 -------- d-----w C:\Program Files\Njegos »Gorski vijenac«
2008-11-22 20:30:24 -------- d-----w C:\Program Files\mIRC
2008-11-22 17:30:16 -------- d-----w C:\DOCUME~1\J\APPLIC~1\SystemRequirementsLab
2008-11-21 19:58:24 -------- d-----w C:\DOCUME~1\J\APPLIC~1\Capcom
2008-11-21 19:56:01 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-11-15 18:20:52 -------- d-----w C:\DOCUME~1\J\APPLIC~1\PC Suite
2008-11-14 13:03:46 -------- d-----w C:\DOCUME~1\J\APPLIC~1\Skype
2008-11-14 13:00:33 -------- d-----w C:\DOCUME~1\J\APPLIC~1\skypePM
2008-11-12 13:20:35 -------- d-----w C:\Program Files\Mafia-WinterEdition
2008-11-12 12:44:54 -------- d-----w C:\Program Files\MSXML 4.0
2008-11-08 14:11:21 -------- d-----w C:\Program Files\Common Files\Skype
2008-11-06 15:57:20 -------- d-----w C:\DOCUME~1\J\APPLIC~1\EyeSpyFX
2008-10-23 12:36:14 286,720 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-10-22 04:29:02 14,303,392 ----a-w C:\WINDOWS\system32\xlive.dll
2008-10-22 04:29:02 13,643,936 ----a-w C:\WINDOWS\system32\xlivefnt.dll
2008-10-16 13:13:40 202,776 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-10-16 13:13:40 1,809,944 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-10-16 13:12:22 323,608 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-10-16 13:12:20 561,688 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-10-16 13:09:44 92,696 ----a-w C:\WINDOWS\system32\cdm.dll
2008-10-16 13:09:44 51,224 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-10-16 13:09:44 43,544 ----a-w C:\WINDOWS\system32\wups2.dll
2008-10-16 13:08:58 34,328 ----a-w C:\WINDOWS\system32\wups.dll
2008-10-13 18:05:29 356,352 ----a-w C:\WINDOWS\eSellerateEngine.dll
2008-10-10 03:52:38 452,440 ----a-w C:\WINDOWS\system32\d3dx10_40.dll
2008-10-10 03:52:38 4,379,984 ----a-w C:\WINDOWS\system32\D3DX9_40.dll
2008-10-10 03:52:38 2,036,576 ----a-w C:\WINDOWS\system32\D3DCompiler_40.dll
2008-10-03 10:02:42 247,326 ----a-w C:\WINDOWS\system32\strmdll.dll
2008-08-02 23:14:27 5,852 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{3049C3E9-B461-4BC5-8870-4C09146192CA}=C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-08-18 13:30]
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}=C:\Program Files\AVG\AVG8\avgssie.dll [2009-01-02 12:34]
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 07:01]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-04 14:56]
{9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 13:47]
{AA58ED58-01DD-4d91-8333-CF10577473F7}=C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-30 18:42]
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}=C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-12-30 18:42]
{DBC80044-A445-435b-BC74-9C25C1C588A9}=C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-04 14:56]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C}=C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-04 14:56]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2009-01-02 12:34]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 01:12]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2008-12-02 22:41]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoLowDiskSpaceChecks"=1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll" [2007-08-24 07:01]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"="C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 21:19]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
%SystemRoot%\System32\dimsntfy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages msv1_0 C:\WINDOWS\system32\mlJDtrPg
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Media Key.lnk]
backup=C:\WINDOWS\pss\Media Key.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
backup=C:\WINDOWS\pss\Windows Search.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\^.rnd]
path=\.rnd
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\^default.pls]
path=\default.pls
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\^ntuser.dat]
path=\ntuser.dat
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\^ntuser.dat.LOG]
path=\ntuser.dat.LOG
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\^ntuser.ini]
path=\ntuser.ini
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\90208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\9c147f9a]
rundll32.exe "C:\WINDOWS\system32\rdftlkap.dll",b
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AntamediaBandwidth]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath323Domino]
C:\WINDOWS\Domino.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BigDogPath323VMSnap]
C:\WINDOWS\VMSnap23.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
"C:\Program Files\DNA\btdna.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Caffe-Server]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeCall]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
%systemroot%\system32\dumprep 0 -k
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
"C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
"C:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RamBooster]
C:\Program Files\RamBooster 2.0\Rambooster.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RapidCheck]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoftickPPP]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyEmergency]
"C:\Program Files\NETGATE\Spy Emergency 2008\SpyEmergency.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ThePrivacyGuard]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2]
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMUAgent.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
eapsvcs eaphost
dot3svc dot3svc
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*
napagent
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{059d64d4-d379-11dd-803b-0018f3ea3f39}]
AutoRun\command- H:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\Rgmen.exe
open\command- H:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\Rgmen.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{08a941f0-6634-11dd-bf14-0018f3ea3f39}]
Auto\command- H:\Start.exe
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe
explore\Command- H:\gg.exe 0e
open\Command- H:\gg.exe 0o
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{220dba5a-71ea-11dd-bf54-0018f3ea3f39}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a9a04b8-4bea-11dc-9917-0018f3ea3f39}]
Auto\command- G:\RavMonE.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ce3ecb5c-6857-11dc-9995-0018f3ea3f39}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e86b5a62-4be3-11dc-9914-0018f3ea3f39}]
Auto\command- RavMonE.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RavMonE.exe e
*Newly Created Service* - AVG8WD
*Newly Created Service* - AVGFWS8
*Newly Created Service* - AVGLDX86
*Newly Created Service* - AVGMFX86
*Newly Created Service* - AVGRKX86
*Newly Created Service* - AVGTDIX
Contents of the 'Scheduled Tasks' folder
2009-01-02 11:56:10 C:\WINDOWS\tasks\User_Feed_Synchronization-{132907F2-D634-4C67-9942-44DF435096B5}.job
********************************************************************
catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-01-02 13:55:22
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
disk error: C:\WINDOWS\
please note that you need administrator rights to perform deep scan
********************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet005\Services\JavaQuickStarterService]
"ImagePath"="\"C:\Program Files\Java\jre6\bin\jqs.exe\" -service -config \"C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf\""
[HKEY_LOCAL_MACHINE\system\ControlSet005\Services\BTHPORT\Parameters\Services\{00001000-0000-1000-8000-00805f9b34fb}]
[HKEY_LOCAL_MACHINE\system\ControlSet005\Services\TDSSserv.sys]
"imagepath"="\systemroot\system32\drivers\TDSSpqlt.sys"
Completion time: 2009-01-02 13:57:04
C:\ComboFix-quarantined-files.txt ... 2009-01-02 13:56
C:\ComboFix2.txt ... 2009-01-02 13:48
C:\ComboFix3.txt ... 2009-01-01 13:01
--- E O F ---
Citat:
magna86: restartuj kompjuter..pritiskaj F8 i u boot meniju izaberi safe mode
pritisni:
Alt +Ctrl + Delete istovremeno
klikni na tab process
proveri nalazi li se ovaj process
WLXPGSS.SCR
ako ga nadjes selektuj ga i idi na end process
zatvori task manager
moraces da pokazes skrivene fajlove
ako neznas...evo ga tuto
http://www.bleepingcomputer.com/tutorials/tutorial62.html
nadji sledeci File
Code:
C:\WINDOWS\WLXPGSS.SCR
kad ga nadjes brisi ga Shift + Delete pa Enter
************
onda skini ovo
http://www.atribune.org/ccount/click.php?id=1
pokreni ga
*************
i dalje si u safe modu...
onda odradi sledece:
Start / Run kucaj
regedit
pa OK
nadji sledeci kljuc (prati levu stranu)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
znaci kad kliknes/otvoris Browser Helper Objects
ispod ce ti se pokazati neki brojevi.to su reg. kljucevi
obrisi ovaj kljuc
{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}
zatvori regedit
nadji sledeci File i obrisi ga
C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
ili ceo folder
C:\Program Files\ZoneAlarmSB
brises ovim komandama
Shift+Delete pa Enter
sad tek restartujes komp i dizes ga u normalni mod
***************
sigurno si imao zone alarm pa si ga obrisao
ovo su repovi od njega koji se pokrecu sa sistemom
javi rezultate ;)
[Ovu poruku je menjao magna86 dana 02.01.2009. u 00:34 GMT+1]
Imao sam zone alarma ali sam ga izbrisao jer nije mogao zajedno da radi sa nodom i imao sam crack za nod
Nema ovaj kljuc {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} samo ovi
{3049C3E9-B461-4BC5-8870-4C09146192CA}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{E7E6F031-17CE-4C07-BC86-EABFE594F69C}