|
Poslao: 06 Dec 2011 18:24
|
offline
- M78
- Građanin
- Pridružio: 07 Feb 2007
- Poruke: 161
- Gde živiš: Novi Sad
|
Napisano: 06 Dec 2011 17:58
Danas mi Avast izbacio poruku da je pronašao rootkit i preporučio da obrišem,kad sam stisnuo da ga obriše tražio je da odradi boot scan.Kad je odradio boot scan i kad sam restartovao komp opet mi je izbacio istu poruku i sve isto...
evo slika
U pitanju je 32-bitni windows!
Dopuna: 06 Dec 2011 18:13
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Lavrnic at 18:07:07 on 2011-12-06
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
BHO: AC-Pro: {0fb6a909-6086-458f-bd92-1f8ee10042a0} - c:\program files\autocompletepro\AutocompletePro.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [<NO NAME>]
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [WINSCHEDULER] c:\progra~1\interv~1\windvr\WINSCH~1.EXE
mRun: [WinRemote] "c:\program files\intervideo\windvr\WinRemote.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [lxdnmon.exe] "c:\program files\lexmark 2600 series\lxdnmon.exe"
mRun: [lxdnamon] "c:\program files\lexmark 2600 series\lxdnamon.exe"
mRun: [FaxCenterServer] "c:\program files\lexmark fax solutions\fm3032.exe" /s
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
TCP: DhcpNameServer = 188.246.32.2 188.246.32.1
TCP: Interfaces\{8FD39031-015B-4E10-9721-2B445B5A3F38} : DhcpNameServer = 188.246.32.2 188.246.32.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\lavrnic\application data\mozilla\firefox\profiles\ngf2ls6e.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php?ref=hp
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - plugin: c:\documents and settings\lavrnic\local settings\application data\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
.
============= SERVICES / DRIVERS ===============
.
R? lxdnCATSCustConnectService;lxdnCATSCustConnectService
R? MBAMSwissArmy;MBAMSwissArmy
R? osppsvc;Office Software Protection Platform
S? aswFsBlk;aswFsBlk
S? aswSnx;aswSnx
S? aswSP;aswSP
S? avast! Antivirus;avast! Antivirus
S? lxdn_device;lxdn_device
S? PhTVTune;TV Capture Card WDM TV Tuner
.
=============== Created Last 30 ================
.
2011-11-08 17:49:27 -------- d-----w- c:\program files\Microsoft
.
==================== Find3M ====================
.
2011-11-30 09:18:59 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-28 18:01:25 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 17:53:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 09:41:20 611328 ------w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 09:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
.
============= FINISH: 18:10:58.21 ===============
Dopuna: 06 Dec 2011 18:17
mycity.rs/must-login.png
Dopuna: 06 Dec 2011 18:23
mycity.rs/must-login.png
mycity.rs/must-login.png
mycity.rs/must-login.png
Dopuna: 06 Dec 2011 18:24
Nadam se da mi možete pomoći
|
|
|
|
|
|
|
Poslao: 06 Dec 2011 19:23
|
rip
- argus
- Anti Malware Fighter
Rank 2
- Pridružio: 27 Apr 2008
- Poruke: 9160
- Gde živiš: Prokuplje
|
Odradi update Avasta i restartuj racunar.
Javi stanje, tj. da li se javlja detekcija.
|
|
|
|
|
|
|
Poslao: 06 Dec 2011 20:08
|
offline
- M78
- Građanin
- Pridružio: 07 Feb 2007
- Poruke: 161
- Gde živiš: Novi Sad
|
Sad kad sam ga up-dejtovao i restartovao ne javlja mi nikakvu detekciju!?Zašto je pre javljao?Kod mene je Avast podešen da se svaki put kad upalim komp automatski updejtuje, i javljao mi je detekciju a sada ne!?Ne znam šta može da bude
|
|
|
|
|
|
|
Poslao: 06 Dec 2011 20:17
|
rip
- argus
- Anti Malware Fighter
Rank 2
- Pridružio: 27 Apr 2008
- Poruke: 9160
- Gde živiš: Prokuplje
|
Nije samo kod tebe. Avast je prijavljivao fp (laznu uzbunu), ali je zadnjim azuriranjem to ispravljeno.
Racunar ti je cist.
|
|
|
|
|
|
|
|
