Posle ComboFix-a ne radi ADSL internet

Posle ComboFix-a ne radi ADSL internet

offline
  • Pridružio: 25 Dec 2007
  • Poruke: 10
  • Gde živiš: SO

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:57:21 PM, on 3/9/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Scope\app\bin\sfp.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WinTV\Ir.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\WINDOWS\System32\svchost.exe
H:\PROGRAMI\ANTIVIRUS ALATI\Tito\Tito.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: FGCatchUrl - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch_1.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: BHO Class - {8B3868B4-EBA8-48FA-A19B-E1DFB99066FA} - C:\Program Files\FlashCapture\fcbho.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (file missing)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [InitPulsar] C:/Scope/app/bin/sfp.exe -s
O4 - HKLM\..\Run: [H2OWIBU] C:\Program Files\WIBUKEY\H2O\CXWibu.exe
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\Program Files\FlashCapture\fciext.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com/microsoftupdate/v6/V5C.....9819967296
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\skype4com.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: CameraServer - Unknown owner - c:\FlyCam\CameraServer.exe (file missing)
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVS~1.EXE
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 8186 bytes

Nisam mogao da otvorim particije i pokrenuo sam program ComboFix koji je pronasao trojance i iselio ih iz mog racunara, ali sada ne mogu da se spojim na ADSL mrezu. U cemu je problem? Hvala.

Dopuna: 09 Mar 2009 22:35

ComboFix 09-03-06.02 - Goran 2009-03-09 2:25:16.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1535.1168 [GMT 1:00]
Running from: c:\documents and settings\Goran\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1296 [VPS 090307-0] *On-access scanning disabled* (Updated)

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
c:\program files\media-codec
C:\resycled
c:\resycled\ntldr.com
c:\windows\system32\drivers\gaopdxakdqomlw.sys
c:\windows\system32\drivers\gaopdxboyouxjd.sys
c:\windows\system32\drivers\gaopdxbuhbonba.sys
c:\windows\system32\drivers\gaopdxgrkelcit.sys
c:\windows\system32\drivers\gaopdxgskwkowf.sys
c:\windows\system32\drivers\gaopdxkkyirjil.sys
c:\windows\system32\drivers\gaopdxnpvwpyej.sys
c:\windows\system32\drivers\gaopdxolxeipsn.sys
c:\windows\system32\drivers\gaopdxrnsflnsc.sys
c:\windows\system32\drivers\gaopdxsfooqvpt.sys
c:\windows\system32\drivers\gaopdxvtkcbppk.sys
c:\windows\system32\gaopdxfxuxdril.dll
c:\windows\system32\msvcsv60.dll
D:\Autorun.inf
D:\resycled
d:\resycled\ntldr.com
E:\Autorun.inf
E:\resycled
e:\resycled\ntldr.com
F:\Autorun.inf
F:\resycled
f:\resycled\ntldr.com
G:\Autorun.inf
G:\resycled
g:\resycled\ntldr.com
H:\Autorun.inf
H:\resycled
h:\resycled\ntldr.com

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_gaopdxserv.sys
-------\Legacy_XPROTECTOR
-------\Service_XPROTECTOR


((((((((((((((((((((((((( Files Created from 2009-02-09 to 2009-03-09 )))))))))))))))))))))))))))))))
.

2009-03-07 16:05 . 2009-03-07 16:05 1,099,839 --a------ c:\windows\system32\TmpA8199421
2009-03-07 09:28 . 2009-03-07 09:28 <DIR> d-------- c:\program files\Alwil Software

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-08 23:13 7,100 --sha-w c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2009-03-08 23:01 --------- d-----w c:\documents and settings\Goran\Application Data\MxBoost
2009-03-08 22:54 --------- d-----w c:\program files\WinTV
2009-03-07 09:15 --------- d-----w c:\program files\Recomposit
2009-03-06 23:25 --------- d-----w c:\program files\Kaspersky Lab
2009-01-27 20:48 --------- d-----w c:\documents and settings\Goran\Application Data\Aleo Software
2009-01-27 20:45 --------- d-----w c:\program files\Aleo Software
2009-01-27 20:31 168 --sh--r c:\documents and settings\All Users\Application Data\45482E2492.sys
2009-01-27 20:00 --------- d-----w c:\documents and settings\Goran\Application Data\Corel
2009-01-27 19:57 --------- d-----w c:\documents and settings\All Users\Application Data\Corel
2009-01-27 19:55 --------- d-----w c:\program files\Corel
2009-01-27 19:55 --------- d-----w c:\program files\Common Files\Corel
2009-01-26 20:53 --------- d-----w c:\documents and settings\Goran\Application Data\Thinstall
2009-01-23 18:46 --------- d-----w c:\program files\Ulead Systems
2009-01-23 18:46 --------- d-----w c:\program files\Common Files\Ulead Systems
2009-01-23 16:38 --------- d-----w c:\documents and settings\All Users\Application Data\Ulead Systems
2009-01-23 16:31 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-01-22 15:23 737,280 ----a-w c:\windows\iun6002.exe
2009-01-22 15:23 --------- d-----w c:\program files\Backspin Billiards
2009-01-22 15:22 --------- d-----w c:\documents and settings\Goran\Application Data\Canon
2009-01-22 13:41 --------- d-----w c:\program files\RealDrawPRO4
2009-01-19 22:27 --------- d-----w c:\program files\Lavasoft
2009-01-19 22:27 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2009-01-19 02:03 --------- d-----w c:\program files\nanoPEG for WinTV
2009-01-17 02:29 974,880 --sha-w c:\windows\system32\drivers\fidbox2.dat
2009-01-17 02:29 7,556 --sha-w c:\windows\system32\drivers\fidbox2.idx
2009-01-17 02:29 20,995,104 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-01-17 02:29 170,344 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-01-17 02:17 --------- d-----w c:\program files\Chord Buster
2009-01-16 15:51 --------- d-----w c:\program files\Spectrasonics
2008-03-20 22:04 8 --sh--r c:\documents and settings\All Users\Application Data\394B34B312.sys
2007-08-27 08:38 0 ---ha-w c:\documents and settings\Goran\Application Data\.CAA735D2BF986FC0.sys
2007-08-25 01:11 0 ---ha-w c:\documents and settings\Goran\Application Data\.CAA735D26659B183.sys
2007-08-14 23:15 0 ---ha-w c:\documents and settings\Goran\Application Data\.CAA735D2571BECED.sys
2007-08-11 21:45 0 ---ha-w c:\documents and settings\Goran\Application Data\.CAA735D24A06AB74.sys
2007-08-11 21:42 0 ---ha-w c:\documents and settings\Goran\Application Data\.CAA735D24A06AB73.sys
2007-08-03 10:02 0 ---ha-w c:\documents and settings\Goran\Application Data\.CAA735D228CEB20A.sys
2007-05-09 18:56 94,080 ----a-w c:\documents and settings\Goran\Application Data\ezplay.sys
2007-05-09 18:56 81,920 ----a-w c:\documents and settings\Goran\Application Data\ezpinst.exe
2007-05-09 18:56 47,360 ----a-w c:\documents and settings\Goran\Application Data\pcouffin.sys
2007-03-26 14:06 0 ---ha-w c:\documents and settings\Goran\Application Data\.CAA735D2859F7D89.sys
2006-09-05 10:55 0 ---ha-w c:\documents and settings\Goran\Application Data\.CAA735D2EEEA39DE.sys
2006-08-01 16:28 0 ---ha-w c:\documents and settings\Goran\Application Data\.CAA735D2ABB8C36B.sys
2007-07-08 09:26 56 --sh--r c:\windows\system32\78499369A5.sys
2007-07-08 09:26 3,766 --sha-w c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H2OWIBU"="c:\program files\WIBUKEY\H2O\CXWibu.exe" [N/A]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2007-12-11 307200]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"UVS11 Preload"="c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-07-23 341232]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"InitPulsar"="C:/Scope/app/bin/sfp.exe" [2004-03-09 c:\scope\App\Bin\SFP.exe]

c:\documents and settings\Goran\Start Menu\Programs\Startup\
TitanTV Remote Scheduler.lnk - c:\program files\WinTV\Scheduler\TitanTV.exe [2009-01-19 782336]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
AutoStart IR.lnk - c:\program files\WinTV\Ir.exe [2009-01-19 110647]
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2008-11-01 458840]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.fraunhoferacm"= l3codecp.acm
"VIDC.ACDV"= ACDV.dll
"msacm.enc"= ITIG726.acm
"midi1"= KORGUMDD.DRV
"midi6"= KORGUMDD.DRV
"msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoStart IR.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\AutoStart IR.lnk
backup=c:\windows\pss\AutoStart IR.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ImapiService"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\WIBUKEY\\Server\\WkSvW32.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Documents and Settings\\Goran\\Desktop\\ALATI\\Torrent\\utorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Java\\jre1.5.0_06\\bin\\javaw.exe"=
"c:\\Program Files\\Outlook Express\\msimn.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\FlashGet\\FlashGet.exe"=
"c:\\Program Files\\Corel\\DVD9\\WinDVD.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\English\\setup.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"80:TCP"= 80:TCP:Windows Media Format SDK (VidCam.exe)

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2008-07-31 20616]
R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [2005-12-25 11264]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-03-07 111184]
R1 Scope;WDM Driver for Scope;c:\windows\system32\drivers\scope.sys [2005-12-22 110048]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-03-07 20560]
R2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-11-01 143467]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2005-12-23 33792]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2008-07-02 26248]
S1 oxser;OX16C95x Serial port driver;c:\windows\system32\drivers\OXSER.SYS [2007-12-14 51169]
S2 CameraServer;CameraServer;c:\flycam\CameraServer.exe --> c:\flycam\CameraServer.exe [?]
S2 FLYCAM;FlyCam, WDM Video Capture;c:\windows\system32\drivers\flycam.sys [2006-01-27 705408]
S3 2nixA;2nixA;c:\scope\App\Sys\2nixA.sys [2005-12-22 10016]
S3 2nixWDM;2nixWDM;c:\scope\App\Sys\2nixWDM.sys [2005-12-22 10112]
S3 AdWatchDrv;AW Realtime Driver;\??\c:\windows\system32\drivers\AWRTPD.sys --> c:\windows\system32\drivers\AWRTPD.sys [?]
S3 ASUSHWIO;ASUSHWIO;\??\c:\windows\system32\drivers\ASUSHWIO.sys --> c:\windows\system32\drivers\ASUSHWIO.sys [?]
S3 cxwibu;Team H2O WIBU Driver;c:\program files\WIBUKEY\H2O\cxwibu.sys [2006-05-14 7040]
S3 HauppaugeTVServer;HauppaugeTVServer;c:\progra~1\WinTV\HCWTVS~1.EXE [2009-01-19 815104]
S3 hypaudio;hypaudio;c:\windows\system32\drivers\hypaudio.sys [2006-04-28 1162424]
S3 hypkern;hypkern;c:\windows\system32\drivers\hypkern.sys [2006-04-28 260553]
S3 ids00026;ids00026;\??\c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys --> c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys [?]
S3 ids0005c;ids0005c;\??\c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0005c.sys --> c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0005c.sys [?]
S3 InvVxD;InvVxD;c:\scope\App\Sys\InvVxD.sys [2005-12-22 10784]
S3 KGPar2;KGPar2;c:\scope\App\Sys\KGPar2.sys [2005-12-22 22624]
S3 KGPar3;KGPar3;c:\scope\App\Sys\KGPar3.sys [2005-12-22 25472]
S3 KORGUMDS;KORG USB-MIDI Driver for Windows;c:\windows\system32\drivers\KORGUMDS.SYS [2007-10-02 21720]
S3 MagixASIODrv;MAGIX_ASIO_BoostDriver;\??\c:\program files\MAGIX\Samplitude_SE_No9\mxasio.sys --> c:\program files\MAGIX\Samplitude_SE_No9\mxasio.sys [?]
S3 MArrFifo;MArrFifo;c:\scope\App\Sys\MArrFifo.sys [2005-12-22 12640]
S3 MFifoArr;MFifoArr;c:\scope\App\Sys\MFifoArr.sys [2005-12-22 10400]
S3 MidiAck;MidiAck;c:\scope\App\Sys\MidiAck.sys [2005-12-22 10016]
S3 MVC2VxD;MVC2VxD;c:\scope\App\Sys\MVC2VxD.sys [2005-12-22 79264]
S3 MVCVxD;MVCVxD;c:\scope\App\Sys\MVCVxD.sys [2005-12-22 73792]
S3 netModUSBService;Service for netMod USB CAPI Driver;c:\windows\system32\drivers\nMUSB.sys [2007-03-29 61648]
S3 PC2VxD;PC2VxD;c:\scope\App\Sys\PC2VxD.sys [2005-12-22 10208]
S3 Smport;Smport;\??\i:\muzicki programi\TVR Snimanje razgovora\TVR\Smport.sys --> i:\muzicki programi\TVR Snimanje razgovora\TVR\Smport.sys [?]
S3 Spl2VxD;Spl2VxD;c:\scope\App\Sys\Spl2VxD.sys [2005-12-22 15648]
S3 TPlay;TPlay;c:\scope\App\Sys\TPlay.sys [2005-12-22 11296]
S3 TPRSync;TPRSync;c:\scope\App\Sys\TPRSync.sys [2005-12-22 11520]
S3 TPSync;TPSync;c:\scope\App\Sys\TPSync.sys [2005-12-22 10592]
S3 TRec;TRec;c:\scope\App\Sys\TRec.sys [2005-12-22 12832]
S3 TRSync;TRSync;c:\scope\App\Sys\TRSync.sys [2005-12-22 10592]
S3 TStretch;TStretch;c:\scope\App\Sys\TStretch.sys [2005-12-22 44864]
S3 VDATMot;VDATMot;c:\scope\App\Sys\VDATMot.sys [2005-12-22 19168]
S3 VPlay;VPlay;c:\scope\App\Sys\VPlay.sys [2005-12-22 12544]
S3 VRec;VRec;c:\scope\App\Sys\VRec.sys [2005-12-22 12640]
S3 VSTin;VSTin;c:\scope\App\Sys\VSTin.sys [2005-12-22 12960]
S3 VSTout;VSTout;c:\scope\App\Sys\VSTout.sys [2005-12-22 12256]
S3 VSTsync;VSTsync;c:\scope\App\Sys\VSTsync.sys [2005-12-22 10272]
S3 VxD2PC;VxD2PC;c:\scope\App\Sys\VxD2PC.sys [2005-12-22 10304]
S3 WaveIn16;WaveIn16;c:\scope\App\Sys\WaveIn16.sys [2005-12-22 10176]
S3 WaveOut16;WaveOut16;c:\scope\App\Sys\WaveOut16.sys [2005-12-22 10176]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\M]
\Shell\AutoRun\command - M:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{22038088-b209-11dc-8891-000ea67a9cb0}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\ntldr.com n:
\Shell\Open\command - n:\resycled\ntldr.com n:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37614a67-e15e-11dd-a142-101111111111}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\ntldr.com k:
\Shell\Open\command - k:\resycled\ntldr.com k:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b02b9d8-a736-11dc-887a-101111111111}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6296d04b-a43d-11dc-8874-000ea67a9cb0}]
\Shell\Auto\command - Windows.scr
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Windows.scr

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64f90106-1e76-11dc-b27d-fcbc5385d84d}]
\Shell\AutoRun\command - L:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6b8ef980-741c-11db-b88f-101111111111}]
\Shell\AutoRun\command - L:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a7887aec-209b-11dc-b287-000ea67a9cb0}]
\Shell\AutoRun\command - L:\autorun.exe
.
Contents of the 'Scheduled Tasks' folder

2009-01-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local;localhost
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: Add to AMV Convert Tool...
IE: Add to Media Manager...
IE: Download Link Using Mega Manager...
IE: Download with Rapget - c:\documents and settings\Goran\Desktop\ALATI\RAPIDSHARE\rapget.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Save F&lash with FlashCapture - c:\program files\FlashCapture\fciext.dll/FCIEXT.htm
IE: Send by Bluetooth - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
IE: Send via &Message... - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-03-09 02:34:21
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-117609710-287218729-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EC5FB77F-8DD4-CD6D-04E1-92D2DDE8A1B4}*]
"mafcbampoaoihkagknllhklnoh"=hex:6a,61,6c,62,63,64,65,63,67,62,64,6c,6b,6c,6b,
69,61,70,70,65,00,00
"nafcbampoaoibiclaojcgomfialh"=hex:6a,61,6c,62,63,64,6a,63,70,62,61,69,61,6b,
69,6d,67,67,6b,65,00,00
"cbfcbalpdapbpnogljgpdbeknhofbckebedbaf"=hex:62,61,6b,62,00,fa
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(760)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files\Common Files\EPSON\EBAPI\SAgent2.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\IVT Corporation\BlueSoleil\BsHelpCS.exe
c:\program files\IVT Corporation\BlueSoleil\BtTray.exe
.
**************************************************************************
.
Completion time: 2009-03-09 2:49:51 - machine was rebooted
ComboFix-quarantined-files.txt 2009-03-09 01:49:49

Pre-Run: 10,571,231,232 bytes free
Post-Run: 10,869,514,240 bytes free

294 --- E O F --- 2009-01-15 02:04:23

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Pozdrav...


Znači, koristio si program za koga sam ja mnogo puta ovde napisao da se ne koristi i napravio si sam sebi problem.
I sada bi pomoć.

Reci mi, kako tebi ovo zvuči?


Anyway... Možeš pokušati rešiti problem pokretanjem programa sa sledećeg linka:

http://majorgeeks.com/WinSock_XP_Fix_d4372.html


Skini i pokreni. Ako nakon restarta problem ne bude rešen, otvori temu u Windows forumu i potraži dalje savete.

offline
  • Pridružio: 25 Dec 2007
  • Poruke: 10
  • Gde živiš: SO

Zvuci glupo, ali se ja izvinjavam jer nisam pretrazivao ovaj deo foruma, vec sam naisao na slucajan post, uputstvo i postupio po njemu. Trebalo bi to biti u lepljivoj, ako vec nije? Uglavnom hvala na savetu.

Dopuna: 10 Mar 2009 20:40

Sad sve radi! Hvala!

Ko je trenutno na forumu
 

Ukupno su 975 korisnika na forumu :: 34 registrovanih, 11 sakrivenih i 930 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: aleksmajstor, Andrija357, bojank, bufanje, darkangel, Dimitrise93, Georgius, ivan979, Kubovac, mackenzie, Magistar78, menges, mercedesamg, mihajlo.hrin, milanovic, moldway, nemkea71, nextyamb, opt1, pacika, royst33, Sirius, SlaKoj, slonic_tonic, solic, sombrero, srbijaiznadsvega, Srki94, tmanda323, Valter071, vladaa012, YU-UKI, Yugol33, Čivi