Mogu da udjem u safemode. Problemi su isti pored sata mi pise "VIRUS ALERT!" u start menu-u nema run, control panel itd...
I sto je najveci problem, taj program sto sam skinuo(3d world atlas) sam ubacio u d: particiju u folder downloads na kome su mi igre i svi programi je nestao a d: particija prikazuje i dalje 44gb free koliko je i bilo sa tim folderom... Dali ce se taj folder vratiti ako odradim reinst wiin-a?



Edit: Uspeo sam da vidim downloads folder, nije hteo ni preko total comander-a da ga vidi niti iz nekog drugog programa. Video sam na netu neki Trojan.Vundo free Removal Tool 1.5.0 od Symantec-am, i kliknem na download - save as - i otvori mi se folder downloads sa sve dokumentima ni jedan nije izbrisan, odma sam ih cut-ovao u nov folder i sad je ok...
Tako da ako ne resimo scenu mogu slobodno da bacam na reinstall



Edit2: Aaaa resio sam se otrova, sve je nestalo i vide se obe particije... Hvala na pomoci!   
Samo jos nesto da ne otvaram temu za DZ... Do sada sam koristio kombinaciju Kav+ kaspersky anti hacker, sada sam presao na Avast i cini mi se da nisu bas kompitabilni jer mi avast pri paljenju racunara izbaci neku gresku u vezi kaspersky anti hacker-a... Jel moze neki hint koji je firewall dobar uz avast? Hvala.

Evo novi log:

Logfile of HijackThis v1.99.1
Scan saved at 3:00:12 AM, on 8/8/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\GIGABYTE\Gigabyte Super Wireless LAN Card\GNConfig.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Conexant\Adsl\dslstat.exe
C:\Program Files\Conexant\Adsl\dslagent.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=33171&LegitCheckError=10
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [GNConfig] "C:\Program Files\GIGABYTE\Gigabyte Super Wireless LAN Card\GNConfig.exe" -nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\Conexant\Adsl\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\Conexant\Adsl\dslagent.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Global Startup: Kaspersky Anti-Hacker.lnk = C:\Program Files\Kaspersky Lab\Kaspersky Anti-Hacker\KAVPF.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{786A3BC1-3BE9-4F5F-B6D4-87BCDDAD13B5}: NameServer = 77.105.0.18 77.105.0.19
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

Ijaaooooooo kako je mene to sranje namuchilo. Ja i ortak imamo obichaj da se zezamo s' time...
Inache to na desktop-u ti je html stranica ;p
Pa e'o kako smo ga se otarasili...
Znachi prvo smo popravili 'polices' da bi mogli da koristimo regedit,run,cpanel etc...
Sachuvaj ovo kao restorepolicies.inf ... desni klik na njega i Install
U [HKEY_CURRENT_USER\Control Panel\International] nadji sTimeFormat i izbrishi "Virus alert" deo.
U [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion] nadji ProductId i zameni "Virus alert" svojim cd key-om
U [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source" i "SubscribedURL" promeni u About:Home ...

Ako se sve vrati na staro posle restarta - nabavi spyware doctor.
(Verzija kojom sam se ja zarazio je skidala josh neke stvarchice s' http servera (uglavnom "old timer" trojance za koje tje tvoj AV da se pobrine)  pa proveri sumnjive konekcije u netstat-u)

Dopisatju sutra ako se setim josh nechega, sada ne mogu vishe...

@sh0rty86

Odlicna kombinacija je Avast- Comodo pro Firewall.

Ja bih ti preporucio da odradis  http://siri.geekstogo.com/SmitfraudFix.php

SmitfraudFix bi trebalo da resi problem sto se tice tog virus alert-a

nebi bilo lose da odradis ovo sto ti ivica predlaze 

Da vratis opcije Run, Control panel, ... i ostale sto ti nedostaju (Display properties) pokreni "Run" odnosno win taster+r ili Task manager pa File pa Run i ukucaj Gpedit.msc
Kada se otvori, sa lijeve strane idi na User configuration, Administrative Templates, Control Panel, Display.
Sa desne strane prozora desni klik na Remove Display in Control Panel, izaberi Properties i oznaci Disabled
To sve ponovi za:

Hide Desktop Tab
Prevent changing wallpaper
Hide Apperance and Themes tab
Hide Settings tab
Hide Screen Saver tab

Inace, u pitanju je vjerovatno Antivirus XP 2008 ili neka njegova modifikacija.

@iNoob
Isao sam redom kako si rekao i svi kljucevi su ok...


@ivicaspas
Skinuo sam Comodo i za sada ok sljaka...
A sto se tice SmitfraudFix, samo da ga clean-ujem iz safemode-a ili jos nesto?


Edit:
Pa nemam vise nikakvih problema, ali odradicu scenu za svaki slucaj...

Pa imao si onaj beli desktop zato 

Ne verujem da ce SFF srediti registry haos koji je ostavio malware...Aj probaj sa ovim fixom sto sam ti okacio u attachu

Dakle i meni je ovo isto sranje upalo u komp..Ja nema volje kao vi da toliko pretrazujem po kompu,tako da kontam da je formatiranje Hdd-a ili reinstalacija najbolji lek,ili..???

pa znas kako...ako nemas zivaca i volje da jedno po jedno izizimas iz potencijalnih problema, format particije ce najverovatnije da ti zavrsi posao....