MyCity » Ambulanta -> Arhiva Ambulante » ne radi update

ne radi update

Napisano na dan: 14.4.2010

ne radi update

Sledeća strana

Pagination

Odgovori

mpoint Poslao: 14 Apr 2010 14:18 Idi na vrh
offline mpoint Građanin Pridružio: 17 Feb 2010 Poruke: 35	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Mislim da je ovo poznat virus, ja sam ga svojevremeno znao uništiti... Ne mogu da se konektujem ni na jedan antivirus sajt, samim tim ne mogu da apdejtujem ništa... Probao sam preko mreže da skeniram ali ništa... DDS (Ver_10-03-17.01) - NTFSx86 Run by Administrator at 13:42:40,98 on sri 14.04.2010 Internet Explorer: 7.0.5730.11 Microsoft Windows XP Professional 5.1.2600.3.1250.385.1033.18.759.482 [GMT 2:00] AV: ESET NOD32 Antivirus 3.0 On-access scanning enabled (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\igfxtray.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Babylon\Babylon-Pro\Babylon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\WINDOWS\system32\svchost.exe -k hpdevmgmt C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\New Folder\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://search.babylon.com/home uInternet Connection Wizard,ShellNext = iexplore BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Babylon: {965b54b0-71e0-4611-8de7-f73fa0b20e26} - c:\program files\babylon\babylon toolbar\BabylonIEToolBar.dll uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe mRun: [IgfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [Babylon Client] c:\program files\babylon\babylon-pro\Babylon.exe -AutoStart dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N dRunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: Translate with &Babylon - c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll/Translate.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TCP: {F63CA89E-0BC0-4B8B-A3BA-A5E8FD8AFF22} = 80.65.162.101 Notify: igfxcui - igfxsrvc.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll ============= SERVICES / DRIVERS =============== R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-2-20 33800] R2 ekrn;Eset Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2008-2-20 472320] S2 yxoqx;Task Image;c:\windows\system32\svchost.exe -k netsvcs [2004-8-4 14336] S3 NDISKIO;NDISKIO;c:\docume~1\admini~1\locals~1\temp\00000fc1.nmc\nse\bin\ndiskio.sys [2010-4-2 24168] S3 nsak;nsak;c:\docume~1\admini~1\locals~1\temp\000005b1.nmc\nse\bin\nsak.sys [2010-2-11 18120] =============== Created Last 30 ================ 2010-04-14 11:18:46 0 d-----w- C:\New Folder ==================== Find3M ==================== 2007-10-30 23:31:48 81760 --sha-r- c:\windows\system32\agedpdsc.dll 2009-11-21 19:21:45 16384 --sha-w- c:\windows\system32\config\systemprofile\cookies\index.dat 2009-11-21 19:21:45 16384 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\index.dat 2009-11-21 19:21:45 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\temporary internet files\content.ie5\index.dat ============= FINISH: 13:42:54,51 =============== mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png

Profil

helen1 Poslao: 14 Apr 2010 15:07 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

mpoint Poslao: 14 Apr 2010 16:04 Idi na vrh
offline mpoint Građanin Pridružio: 17 Feb 2010 Poruke: 35	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Samo da naglasim: Ukinuo sam NOD i instalirao F-secure, koji je počistio neke viruse, ne sve ali je nešto uradio... ComboFix 10-04-13.04 - Administrator 14.04.2010 15:57:25.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.385.1033.18.759.449 [GMT 2:00] Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe AV: F-Secure Client Security 9.00 On-access scanning disabled (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15} FW: F-Secure Client Security 9.00 disabled {D4747503-0346-49EB-9262-997542F79BF4} . ((((((((((((((((((((((((( Files Created from 2010-03-14 to 2010-04-14 ))))))))))))))))))))))))))))))) . 2010-04-14 12:07 . 2010-04-14 12:07 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\F-Secure 2010-04-14 12:04 . 2010-04-14 12:32 33920 ----a-w- c:\windows\system32\drivers\fsbts.sys 2010-04-14 12:03 . 2009-11-26 09:35 80016 ----a-w- c:\windows\system32\drivers\fsdfw.sys 2010-04-14 12:03 . 2010-04-14 12:03 -------- d-----w- c:\documents and settings\All Users\Application Data\fssg 2010-04-14 12:03 . 2010-04-14 12:03 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure 2010-04-14 12:02 . 2010-04-14 12:32 -------- d-----w- c:\program files\F-Secure 2010-04-14 11:18 . 2010-04-14 12:01 -------- d-----w- C:\New Folder . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-04-14 13:44 . 2009-11-21 20:59 -------- d-----w- c:\documents and settings\Administrator\Application Data\HPAppData 2010-04-14 13:30 . 2010-02-05 14:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon 2010-03-26 11:07 . 2010-02-05 14:14 -------- d-----w- c:\documents and settings\Administrator\Application Data\Babylon . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-04-01 155648] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-04-01 126976] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152] "Babylon Client"="c:\program files\Babylon\Babylon-Pro\Babylon.exe" [2007-12-20 3116768] "F-Secure Manager"="c:\program files\F-Secure\Common\FSM32.EXE" [2009-11-26 301680] "F-Secure TNB"="c:\program files\F-Secure\FSGUI\TNBUtil.exe" [2009-11-26 1653360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2007-10-30 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] "nltide_3"="advpack.dll" [2007-09-20 124928] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "4960:TCP"= 4960:TCP:ytfhxrp R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [14.4.2010 14:04 33920] R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [14.4.2010 14:03 80016] R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\F-Secure\HIPS\drivers\fshs.sys [14.4.2010 14:03 68080] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure\Anti-Virus\minifilter\fsgk.sys [14.4.2010 14:03 111296] R3 FSORSPClient;F-Secure ORSP Client;c:\program files\F-Secure\ORSP Client\fsorsp.exe [14.4.2010 14:03 55992] S3 NDISKIO;NDISKIO;\??\c:\docume~1\ADMINI~1\LOCALS~1\Temp\00000fc1.nmc\nse\bin\ndiskio.sys --> c:\docume~1\ADMINI~1\LOCALS~1\Temp\00000fc1.nmc\nse\bin\ndiskio.sys [?] S3 nsak;nsak;\??\c:\docume~1\ADMINI~1\LOCALS~1\Temp\000005b1.nmc\nse\bin\nsak.sys --> c:\docume~1\ADMINI~1\LOCALS~1\Temp\000005b1.nmc\nse\bin\nsak.sys [?] S4 F-Secure Filter;F-Secure File System Filter;c:\program files\F-Secure\Anti-Virus\win2k\fsfilter.sys [14.4.2010 14:03 39792] S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\F-Secure\Anti-Virus\win2k\fsrec.sys [14.4.2010 14:03 25200] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs yxoqx . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uInternet Connection Wizard,ShellNext = iexplore IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Translate with &Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm TCP: {F63CA89E-0BC0-4B8B-A3BA-A5E8FD8AFF22} = 80.65.162.101 . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2010-04-14 16:00 Windows 5.1.2600 Service Pack 3, v.3244 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(2736) c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . Completion time: 2010-04-14 16:01:38 ComboFix-quarantined-files.txt 2010-04-14 14:01 Pre-Run: 148.248.436.736 bytes free Post-Run: 149.135.687.680 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn - - End Of File - - 46D69AAF12FCDDFDB4F526298D50F608

Profil

helen1 Poslao: 14 Apr 2010 16:18 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `Registry:: [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "4960:TCP"=- NetSvc:: yxoqx` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

mpoint Poslao: 15 Apr 2010 08:58 Idi na vrh
offline mpoint Građanin Pridružio: 17 Feb 2010 Poruke: 35	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 10-04-13.04 - Administrator 15.04.2010 8:51.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.385.1033.18.759.497 [GMT 2:00] Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt AV: F-Secure Client Security 9.00 On-access scanning disabled (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15} FW: F-Secure Client Security 9.00 disabled {D4747503-0346-49EB-9262-997542F79BF4} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Administrator\csrss.exe . ((((((((((((((((((((((((( Files Created from 2010-03-15 to 2010-04-15 ))))))))))))))))))))))))))))))) . 2010-04-14 12:07 . 2010-04-14 12:07 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\F-Secure 2010-04-14 12:04 . 2010-04-14 12:32 33920 ----a-w- c:\windows\system32\drivers\fsbts.sys 2010-04-14 12:03 . 2009-11-26 09:35 80016 ----a-w- c:\windows\system32\drivers\fsdfw.sys 2010-04-14 12:03 . 2010-04-14 12:03 -------- d-----w- c:\documents and settings\All Users\Application Data\fssg 2010-04-14 12:03 . 2010-04-14 12:03 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure 2010-04-14 12:02 . 2010-04-14 12:32 -------- d-----w- c:\program files\F-Secure 2010-04-14 11:18 . 2010-04-14 12:01 -------- d-----w- C:\New Folder . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-04-15 06:55 . 2010-02-05 14:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon 2010-04-14 13:44 . 2009-11-21 20:59 -------- d-----w- c:\documents and settings\Administrator\Application Data\HPAppData 2010-03-26 11:07 . 2010-02-05 14:14 -------- d-----w- c:\documents and settings\Administrator\Application Data\Babylon . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2007-10-30 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-04-01 155648] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-04-01 126976] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152] "Babylon Client"="c:\program files\Babylon\Babylon-Pro\Babylon.exe" [2007-12-20 3116768] "F-Secure Manager"="c:\program files\F-Secure\Common\FSM32.EXE" [2009-11-26 301680] "F-Secure TNB"="c:\program files\F-Secure\FSGUI\TNBUtil.exe" [2009-11-26 1653360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2007-10-30 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] "nltide_3"="advpack.dll" [2007-09-20 124928] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [14.4.2010 14:04 33920] R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [14.4.2010 14:03 80016] R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\F-Secure\HIPS\drivers\fshs.sys [14.4.2010 14:03 68080] S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure\Anti-Virus\minifilter\fsgk.sys [14.4.2010 14:03 111296] S3 FSORSPClient;F-Secure ORSP Client;c:\program files\F-Secure\ORSP Client\fsorsp.exe [14.4.2010 14:03 55992] S3 NDISKIO;NDISKIO;\??\c:\docume~1\ADMINI~1\LOCALS~1\Temp\00000fc1.nmc\nse\bin\ndiskio.sys --> c:\docume~1\ADMINI~1\LOCALS~1\Temp\00000fc1.nmc\nse\bin\ndiskio.sys [?] S3 nsak;nsak;\??\c:\docume~1\ADMINI~1\LOCALS~1\Temp\000005b1.nmc\nse\bin\nsak.sys --> c:\docume~1\ADMINI~1\LOCALS~1\Temp\000005b1.nmc\nse\bin\nsak.sys [?] S4 F-Secure Filter;F-Secure File System Filter;c:\program files\F-Secure\Anti-Virus\win2k\fsfilter.sys [14.4.2010 14:03 39792] S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\F-Secure\Anti-Virus\win2k\fsrec.sys [14.4.2010 14:03 25200] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uInternet Connection Wizard,ShellNext = iexplore IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Translate with &Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm LSP: c:\program files\F-Secure\FSPS\program\fslsp.dll TCP: {F63CA89E-0BC0-4B8B-A3BA-A5E8FD8AFF22} = 80.65.162.101 . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2010-04-15 08:56 Windows 5.1.2600 Service Pack 3, v.3244 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'lsass.exe'(744) c:\program files\F-Secure\FSPS\program\fslsp.dll - - - - - - - > 'explorer.exe'(2928-) c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\F-Secure\Anti-Virus\fsgk32st.exe c:\program files\F-Secure\Common\FSMA32.EXE c:\program files\F-Secure\Anti-Virus\FSGK32.EXE c:\program files\F-Secure\Common\FSHDLL32.EXE c:\program files\F-Secure\Common\FNRB32.EXE c:\program files\F-Secure\Common\FIH32.EXE c:\program files\F-Secure\FWES\Program\fsdfwd.exe c:\program files\F-Secure\Anti-Virus\fssm32.exe c:\windows\system32\wscntfy.exe c:\program files\F-Secure\Anti-Virus\fsav32.exe c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe c:\program files\HP\Digital Imaging\bin\hpqbam08.exe . ************************************************************************ . Completion time: 2010-04-15 08:57:46 - machine was rebooted ComboFix-quarantined-files.txt 2010-04-15 06:57 ComboFix2.txt 2010-04-14 14:01 Pre-Run: 149.134.000.128 bytes free Post-Run: 149.104.140.288 bytes free - - End Of File - - A34615FA03836265D256C5F4F89D79EC

Profil

helen1 Poslao: 15 Apr 2010 09:18 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sad stanje?

Profil

mpoint Poslao: 15 Apr 2010 12:02 Idi na vrh
offline mpoint Građanin Pridružio: 17 Feb 2010 Poruke: 35	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Meni se čini dobro, apdejtuje F-secure!!! Zahvaljujem.

Profil

helen1 Poslao: 15 Apr 2010 13:09 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » ne radi update

Ko je trenutno na forumu

Ukupno su 834 korisnika na forumu :: 9 registrovanih, 0 sakrivenih i 825 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Bluper, bojank, goxin, Neutral-M, robytz, Romibrat, SR-3m, TBF1D, wizzardone

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by