MyCity » Ambulanta -> Arhiva Ambulante » rundll32 error

rundll32 error

Napisano na dan: 13.7.2011

rundll32 error

Sledeća strana

Pagination

Odgovori

Terminator007 Poslao: 13 Jul 2011 07:46 Idi na vrh
offline Terminator007 Novi MyCity građanin Pridružio: 13 Jul 2011 Poruke: 26	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Mislim da sam pokupio nekakav virus rat tacnije prethodnih dana a mozda ja gresim Uglavnom prikilom pokretanja racunara izbacuje mi sledeci error: mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png Izvestaj gmer_3 nisam uspeo da prekopiram u pad pa sam uslikao

Profil

NIx Car Poslao: 13 Jul 2011 15:03 Idi na vrh
offline NIx Car Legendarni građanin Més que un club Glavni vokal @ Harpun Pridružio: 27 Feb 2009 Poruke: 3898 Gde živiš: Novi Sad,Klisa	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav Terminator007 U toku resavanja slucaja, zamolio bih te da se pridrzavas sledeceg: Detaljno citati moja uputstva ( ili uputstva kolega koji ce me zamenjivati) i raditi iskljucivo po njima; Ne traziti istovremeno pomoc na drugom mestu; Nemoj koristiti druge programe za uklanjanje malware-a, osim onih za koje budes dobio uputstvo; U toku intervencije ne koristiti USB memorijske uredjaje, dok to ne budem zatrazio; Ukoliko ne odgovorim u roku od 48h, osvezi temu novim post-om; Ukoliko se ne javis u roku od 5 dana, zatvoricemo slucaj. Za vise informacija o pravilima Ambulante MyCity foruma: LINK ---------------------------------------------------------------------------------------------- Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix; u prozoru koji se otvori klikni "I Agree". U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku. NIx Car (AMF Tim)

Profil

Terminator007 Poslao: 14 Jul 2011 21:05 Idi na vrh
offline Terminator007 Novi MyCity građanin Pridružio: 13 Jul 2011 Poruke: 26	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 14 Jul 2011 10:21 ComboFix 11-07-13.04 - Owner 14.07.2011 9:45.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.381.1033.18.1023.633 [GMT 2:00] Running from: d:\documents and settings\Owner\Desktop\ComboFix.exe . WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ADS - WINDOWS: deleted 24 bytes in 1 streams. . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . d:\documents and settings\Owner\Application Data\data.dat d:\documents and settings\Owner\Application Data\EurekaLog d:\documents and settings\Owner\Application Data\johnmal.exe d:\documents and settings\Owner\Application Data\local.exe d:\documents and settings\Owner\Application Data\Ownerlog.dat d:\documents and settings\Owner\Application Data\PriceGong d:\documents and settings\Owner\Application Data\PriceGong\Data\1.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\a.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\b.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\c.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\d.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\e.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\f.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\g.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\h.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\i.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\J.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\k.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\l.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\m.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\mru.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\n.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\o.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\p.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\q.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\r.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\s.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\t.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\u.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\v.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\w.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\x.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\y.xml d:\documents and settings\Owner\Application Data\PriceGong\Data\z.xml d:\windows\system32\rundll32 d:\windows\wpe pro.INI D:\Windupdt . . ((((((((((((((((((((((((( Files Created from 2011-06-14 to 2011-07-14 ))))))))))))))))))))))))))))))) . . 2011-07-13 05:27 . 2008-04-14 03:42 389120 ----a-w- d:\windows\system32\dllcache\cmd.exe 2011-07-13 05:27 . 2008-04-14 03:42 389120 ----a-w- d:\windows\system32\cmd.exe 2011-07-12 14:06 . 2011-07-13 11:24 -------- d-----w- d:\program files\The KMPlayer 2011-07-10 17:40 . 2011-07-14 08:04 -------- d-----w- d:\documents and settings\Owner\Application Data\uTorrent 2011-07-09 15:02 . 2011-07-09 15:02 -------- d-----w- d:\documents and settings\Owner\Local Settings\Application Data\Vitalwerks 2011-07-09 15:02 . 2011-07-09 15:02 -------- d-----w- d:\program files\No-IP 2011-07-08 12:19 . 2011-07-08 12:19 -------- d-----w- d:\documents and settings\Owner\Local Settings\Application Data\Tube Bot 2011-07-08 12:19 . 2011-07-08 12:22 -------- d-----w- d:\program files\Tube Bot 2011-07-07 15:48 . 2011-07-07 15:48 -------- d-----r- d:\program files\Skype 2011-07-07 15:23 . 2011-06-16 04:17 142296 ----a-w- d:\program files\Mozilla Firefox\components\browsercomps.dll 2011-07-07 15:23 . 2011-06-16 04:17 89048 ----a-w- d:\program files\Mozilla Firefox\libEGL.dll 2011-07-07 15:23 . 2011-06-16 04:17 781272 ----a-w- d:\program files\Mozilla Firefox\mozsqlite3.dll 2011-07-07 15:23 . 2011-06-16 04:17 465880 ----a-w- d:\program files\Mozilla Firefox\libGLESv2.dll 2011-07-07 15:23 . 2011-06-16 04:17 1850328 ----a-w- d:\program files\Mozilla Firefox\mozjs.dll 2011-07-07 15:23 . 2011-06-16 04:17 15832 ----a-w- d:\program files\Mozilla Firefox\mozalloc.dll 2011-07-07 15:23 . 2010-01-01 08:00 2106216 ----a-w- d:\program files\Mozilla Firefox\D3DCompiler_43.dll 2011-07-07 15:23 . 2010-01-01 08:00 1998168 ----a-w- d:\program files\Mozilla Firefox\d3dx9_43.dll 2011-07-07 08:45 . 2011-07-07 08:45 -------- d-----w- d:\program files\Havij 1.14 Pro 2011-07-06 12:30 . 2011-07-06 12:30 -------- d-----w- d:\program files\Common Files\Java 2011-07-04 20:13 . 2011-07-04 20:13 -------- d-----w- d:\documents and settings\Owner\Local Settings\Application Data\Help 2011-06-29 17:19 . 2011-06-29 17:21 -------- d-----w- d:\documents and settings\All Users\Application Data\Bluetooth 2011-06-29 17:13 . 2011-06-29 17:13 -------- d-----w- d:\program files\IVT Corporation 2011-06-29 17:13 . 2001-09-05 17:18 225280 ------w- d:\program files\Common Files\InstallShield\IScript\iscript.dll 2011-06-29 17:13 . 2001-09-05 17:14 176128 ------w- d:\program files\Common Files\InstallShield\engine\6\Intel 32\iuser.dll 2011-06-29 17:13 . 2001-09-05 17:13 32768 ------w- d:\program files\Common Files\InstallShield\engine\6\Intel 32\objectps.dll 2011-06-29 17:13 . 2001-09-05 17:18 77824 ----a-w- d:\program files\Common Files\InstallShield\engine\6\Intel 32\ctor.dll 2011-06-29 17:13 . 2002-07-26 06:07 614532 ----a-w- d:\program files\Common Files\InstallShield\engine\6\Intel 32\IKernel.exe 2011-06-21 14:09 . 2011-06-21 14:09 -------- d-----w- D:\found.002 2011-06-16 06:25 . 2011-06-16 15:00 -------- d-----w- d:\windows\SxsCaPendDel 2011-06-15 06:40 . 2010-12-20 17:32 551936 ------w- d:\windows\system32\dllcache\oleaut32.dll 2011-06-15 06:35 . 2011-04-21 13:52 105472 ------w- d:\windows\system32\dllcache\mup.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-04 11:43 . 2011-01-31 18:15 40112 ----a-w- d:\windows\avastSS.scr 2011-07-04 11:43 . 2011-01-31 18:15 199304 ----a-w- d:\windows\system32\aswBoot.exe 2011-07-04 11:36 . 2011-04-05 17:40 441176 ----a-w- d:\windows\system32\drivers\aswSnx.sys 2011-07-04 11:36 . 2011-01-31 18:15 309848 ----a-w- d:\windows\system32\drivers\aswSP.sys 2011-07-04 11:35 . 2011-01-31 18:15 43608 ----a-w- d:\windows\system32\drivers\aswTdi.sys 2011-07-04 11:35 . 2011-01-31 18:15 102616 ----a-w- d:\windows\system32\drivers\aswmon2.sys 2011-07-04 11:35 . 2011-01-31 18:15 96344 ----a-w- d:\windows\system32\drivers\aswmon.sys 2011-07-04 11:32 . 2011-01-31 18:15 25432 ----a-w- d:\windows\system32\drivers\aswRdr.sys 2011-07-04 11:32 . 2011-01-31 18:15 30808 ----a-w- d:\windows\system32\drivers\aavmker4.sys 2011-07-04 11:32 . 2011-01-31 18:15 19544 ----a-w- d:\windows\system32\drivers\aswFsBlk.sys 2011-06-02 14:07 . 2009-04-20 18:19 1867904 ----a-w- d:\windows\system32\win32k.sys 2011-05-04 02:52 . 2010-08-12 06:42 472808 ----a-w- d:\windows\system32\deployJava1.dll 2011-05-04 00:25 . 2010-10-22 11:29 73728 ----a-w- d:\windows\system32\javacpl.cpl 2011-05-02 15:30 . 2009-04-20 18:17 692736 ----a-w- d:\windows\system32\inetcomm.dll 2011-04-29 17:23 . 2009-04-20 18:18 151552 ----a-w- d:\windows\system32\schannel.dll 2011-04-29 16:47 . 2009-04-20 18:17 457856 ----a-w- d:\windows\system32\drivers\mrxsmb.sys 2011-04-26 11:02 . 2009-04-20 18:19 293376 ----a-w- d:\windows\system32\winsrv.dll 2011-04-26 11:02 . 2008-04-14 12:00 33280 ----a-w- d:\windows\system32\csrsrv.dll 2011-04-25 16:11 . 2009-04-20 18:19 916480 ----a-w- d:\windows\system32\wininet.dll 2011-04-25 16:11 . 2009-04-20 18:17 43520 ----a-w- d:\windows\system32\licmgr10.dll 2011-04-25 16:11 . 2009-04-20 18:17 1469440 ----a-w- d:\windows\system32\inetcpl.cpl 2011-04-25 12:01 . 2009-04-20 18:17 385024 ----a-w- d:\windows\system32\html.iec 2011-04-21 13:52 . 2009-04-20 18:18 105472 ----a-w- d:\windows\system32\drivers\mup.sys 2011-06-16 04:17 . 2011-07-07 15:23 142296 ----a-w- d:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2009-04-20 . BA8C046D98345129723E6BCAA1E8AB99 . 361600 . . [5.1.2600.5649] . . d:\windows\system32\drivers\tcpip.sys [7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . d:\windows\system32\dllcache\tcpip.sys . . d:\windows\System32\wscntfy.exe ... is missing !! . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-07-04 11:43 122512 ----a-w- d:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="d:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "SUPERAntiSpyware"="d:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-09-28 2424560] "uTorrent"="d:\program files\uTorrent\uTorrent.exe" [2011-07-10 399736] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "librtexec"="javaw -jar" [X] "VX1000"="d:\windows\vVX1000.exe" [2009-06-26 757248] "SunJavaUpdateSched"="d:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] . d:\documents and settings\Owner\Start Menu\Programs\Startup\ No-IP DUC.lnk - d:\program files\No-IP\DUC30.exe [2010-6-18 1423520] . [HKLM\~\startupfolder\D:^Documents and Settings^All Users^Start Menu^Programs^Startup^BlueSoleil.lnk] path=d:\documents and settings\All Users\Start Menu\Programs\Startup\BlueSoleil.lnk backup=d:\windows\pss\BlueSoleil.lnkCommon Startup . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\games\\CS 1.6 v42 FULL\\hl.exe"= "d:\\WINDOWS\\system32\\PnkBstrA.exe"= "d:\\WINDOWS\\system32\\PnkBstrB.exe"= "d:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "d:\\Documents and Settings\\Owner\\Application Data\\DDDDD.exe"= "d:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "d:\\Program Files\\Skype\\Phone\\Skype.exe"= "d:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"= "d:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"= "d:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\vbc.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "3724:TCP"= 3724:TCP:Blizzard Downloader: 3724 "2799:UDP"= 2799:UDP:Altova License Metering Port (UDP) "2799:TCP"= 2799:TCP:Altova License Metering Port (TCP) . R0 mv61xx;mv61xx;d:\windows\system32\drivers\mv61xx.sys [20.4.2009 20:32 151592] R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?] R1 aswSnx;aswSnx;d:\windows\system32\drivers\aswSnx.sys [5.4.2011 19:40 441176] R1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [31.1.2011 20:15 309848] R1 SASDIFSV;SASDIFSV;d:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 20:25 12872] R1 SASKUTIL;SASKUTIL;d:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 20:41 67656] R2 AcuWVSSchedulerv6;Acunetix WVS Scheduler v6;d:\program files\Acunetix\Web Vulnerability Scanner 6\WVSScheduler.exe [24.11.2008 12:46 994952] R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [31.1.2011 20:15 19544] R2 UsbService;Eltima Usb to Ethernet Connector;d:\program files\Eltima Software\USB to Ethernet Connector\UsbService.exe [8.1.2011 20:18 2349640] R3 ELTIMA_USB_HUB_FILTER;Eltima usb hub filter;d:\program files\Eltima Software\USB to Ethernet Connector\drv\NT5\fusbhub.sys [8.1.2011 20:18 56136] R3 eustub;Usb Stub (Eltima software);d:\windows\system32\drivers\eusbstub.sys [8.1.2011 20:18 12488] R3 vuhub;Virtual Usb Hub;d:\windows\system32\drivers\vuhub.sys [8.1.2011 20:18 51400] S0 TfFsMon;TfFsMon;d:\windows\system32\drivers\TfFsMon.sys --> d:\windows\system32\drivers\TfFsMon.sys [?] S0 TfSysMon;TfSysMon;d:\windows\system32\drivers\TfSysMon.sys --> d:\windows\system32\drivers\TfSysMon.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;d:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384] S2 gupdate;Google Update Service (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [18.1.2011 16:52 136176] S3 FsUsbExDisk;FsUsbExDisk;d:\windows\system32\FsUsbExDisk.Sys [8.1.2011 19:37 36608] S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);d:\windows\system32\drivers\ss_bbus.sys [8.1.2011 19:38 90112] S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);d:\windows\system32\drivers\ss_bmdfl.sys [8.1.2011 19:38 14976] S3 ss_bmdm;SAMSUNG USB Mobile Modem;d:\windows\system32\drivers\ss_bmdm.sys [8.1.2011 19:38 121856] S3 TfNetMon;TfNetMon;\??\d:\windows\system32\drivers\TfNetMon.sys --> d:\windows\system32\drivers\TfNetMon.sys [?] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;d:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504] . Contents of the 'Scheduled Tasks' folder . 2011-07-14 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job - d:\program files\Google\Update\GoogleUpdate.exe [2011-01-18 15:25] . 2011-07-14 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job - d:\program files\Google\Update\GoogleUpdate.exe [2011-01-18 15:25] . 2011-07-13 d:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-920026266-1177238915-1003Core.job - d:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-03 10:02] . 2011-07-14 d:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-448539723-920026266-1177238915-1003UA.job - d:\documents and settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-03 10:02] . 2011-07-14 d:\windows\Tasks\User_Feed_Synchronization-{63320CBD-0083-49D4-8C41-BAEDB08C3854}.job - d:\windows\system32\msfeedssync.exe [2009-04-20 18:22] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.rs/ IE: E&xport to Microsoft Excel - d:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - d:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\17kjdydd.default\ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - d:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: avast! WebRep: wrc@avast.com - d:\program files\Alwil Software\Avast5\WebRep\FF FF - Ext: Java Quick Starter: jqs@sun.com - d:\program files\Java\jre6\lib\deploy\jqs\ff . - - - - ORPHANS REMOVED - - - - . WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-Skype - d:\documents and settings\Owner\Application Data\local.exe HKCU-Run-Famous Booster - d:\program files\Famous Booster Trial\Famous Booster Trial.exe HKLM-Run-skype - d:\documents and settings\Owner\Application Data\local.exe HKLM_ActiveSetup-{AA0F65A2-B556-D5EC-ADC0-D146DD28FB3D} - d:\documents and settings\Owner\Application Data\local.exe AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - d:\documents and settings\All Users\Application Data\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4}\rbia.exe . . . ************************************************************************ . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2011-07-14 10:04 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . . d:\docume~1\Owner\LOCALS~1\Temp\RGI5.tmp 7075 bytes . scan completed successfully hidden files: 1 . ********************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,32,34,84,6f,e0,b3,11,4a,91,ed,27,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,32,34,84,6f,e0,b3,11,4a,91,ed,27,\ . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(3948-) d:\windows\system32\WININET.dll d:\windows\system32\msi.dll d:\windows\system32\ieframe.dll d:\windows\system32\webcheck.dll d:\windows\system32\WPDShServiceObj.dll d:\windows\system32\PortableDeviceTypes.dll d:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . d:\program files\Alwil Software\Avast5\AvastSvc.exe d:\program files\IVT Corporation\BlueSoleil\BTNtService.exe d:\program files\Java\jre6\bin\jqs.exe d:\windows\system32\PnkBstrA.exe d:\windows\system32\PnkBstrB.exe d:\program files\Windows Live\Contacts\wlcomm.exe . ************************************************************************ . Completion time: 2011-07-14 10:12:00 - machine was rebooted ComboFix-quarantined-files.txt 2011-07-14 08:11 . Pre-Run: 22.710.099.968 bytes free Post-Run: 30.146.306.048 bytes free . - - End Of File - - 6B3152B84307F91FE41786F99CA3D257 Dopuna: 14 Jul 2011 16:28 Error mi vise ne izbacuje! Sumnajm da imam rat(FUD) FUD= full undetectable.. Da li postoji program sa kojim mogu da proverim to!? Sta da radim?? Dopuna: 14 Jul 2011 21:05 Da dodam instlirao sam neki ant-malware program. On takodje blokira ip adrese ja sumnjam da je to povezano sa rat-om zato sto sam ja zarazen i on mu salje podatke na njegov komp kako god.. Evo slike: Nekad blokira i ip adresu koja pocinje sa 213. znaci obicno te dve ip adrese koje pocinju sa 83. i 213. Dopuna: 14 Jul 2011 21:05 89.* ne 83.

Profil

NIx Car Poslao: 14 Jul 2011 23:11 Idi na vrh
offline NIx Car Legendarni građanin Més que un club Glavni vokal @ Harpun Pridružio: 27 Feb 2009 Poruke: 3898 Gde živiš: Novi Sad,Klisa	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Terminator007, analizom ComboFix loga ustanovio sam da na tvom racunaru nema aktivnog malwarea ali ti preporucujem sledece: Reinstaliraj Mozillu Firefox. Taj .dll fajl je jedan od delova Mozillinog browsera. - Preporucujem da za zastitu USB memorijskih uredjaja koristis MCShield. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja. Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan. Home Page MCShield-a: http://amf.mycity.rs/programs/mc/mcshield/ Vise o MCShield-u mozes saznati u ovoj temi: http://www.mycity.rs/Antispyware-programi/MCShield.html Malwarebytes verovatno blokira dolazne konekcije iz utorrenta. Imam takodje PRO verziju i kad god mi je utorrent ukljucen MBAM se povremeno javi. Tako da ne moras da brines.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » rundll32 error

Ko je trenutno na forumu

Ukupno su 841 korisnika na forumu :: 21 registrovanih, 5 sakrivenih i 815 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: amaterSRB, Andrija357, bankulen, comi_pfc, galerija, HrcAk47, Ivica1102, Krusarac, Krvava Devetka, ladro, mik7, misa2, panzerwaffe, raptorsi, RJ, Stanlio, Stoilkovic, Trpe Grozni, Vlada78, wizzardone, zlaya011

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by