Molim vas pogledajte ovo Please!!!

3

Molim vas pogledajte ovo Please!!!

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Predji u SafeMode Windowsa i skeniraj NOD-om odatle.
Naisao je jos na Virut ali nije mogao da ga sredi posto su ti programi bili aktivni (mikser za zvucnu karticu i neki Neroov servis).

offline
  • GTA  Male
  • Počasni građanin
  • Pridružio: 14 Avg 2008
  • Poruke: 717

Juce nisam mogao da se javim jer sam ostao bez interneta.
Uradio sam skeniranje iz safe moda ali log nemogu da postavim jer se odmah iskljucio nakon sto je izvsio skeniranje ali kako sam video pojavi su se neki fajlovi koji su bili zarazeni ali su uspesno ocisceni.Sada cu da izvsim skeniranje u normal modu pa cu da postavim log. Za sada toliko

Dopuna: 08 Apr 2009 15:00

Scan Log
Version of virus signature database: 3994 (20090407)
Date: 08/04/2009 Time: 2:27:49 PM
Scanned disks, folders and files: C:\Boot sector;C:\
C:\AUTOEXEC.BAT » MIME - is OK (internal scanning not performed)
C:\pagefile.sys - error opening [4]
C:\Documents and Settings\Administrator\NTUSER.DAT - error opening [4]
C:\Documents and Settings\Administrator\ntuser.dat.LOG - error opening [4]
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\krdyd8eg.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{012CA8E8-D2EE-4A5F-8A24-6E65E8D6C935}\Microsoft\Outlook Express\Inbox.dbx » DBX - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{012CA8E8-D2EE-4A5F-8A24-6E65E8D6C935}\Microsoft\Outlook Express\Sent Items.dbx » DBX - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\CardSpace\CardSpace.db - error opening [4]
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\CardSpace\CardSpace.db.shadow - error opening [4]
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening [4]
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening [4]
C:\Documents and Settings\Administrator\My Documents\Odštampaj stranicu - Sta su to Torenti.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\Italija\Polovni automobil Fiat punto cena 650 ( po dogovoru ) 327530- auto oglasi - MojAuto - polovni automobili.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\My Videos\RealPlayer Downloads\preferans.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\sppski\Kaleidoskop - Marina Cvetaeva.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\sppski\Zak Prever.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\LocalService\NTUSER.DAT - error opening [4]
C:\Documents and Settings\LocalService\ntuser.dat.LOG - error opening [4]
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening [4]
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening [4]
C:\Documents and Settings\NetworkService\NTUSER.DAT - error opening [4]
C:\Documents and Settings\NetworkService\ntuser.dat.LOG - error opening [4]
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening [4]
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening [4]
C:\Program Files\AGEIA Technologies\AGEIA_PhysX_Help.mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Ahead\Nero\CDI\CDI_VCD.CFG » MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\Content\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Crawler\firefox\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre6\lib\resources.jar » ZIP » com/sun/org/apache/xerces/internal/impl/msg/XIncludeMessages.properties » MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre6\lib\resources.jar » ZIP » com/sun/xml/internal/fastinfoset/resources/ResourceBundle.properties » MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre6\lib\resources.jar » ZIP » javax/xml/bind/Messages.properties » MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre6\lib\deploy\ffjcext.zip » ZIP » {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}/chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre6\lib\deploy\jqs\ff\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Microsoft Office\OFFICE11\1033\VIDEO.MHT » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\browser.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\comm.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\pippki.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\reporter.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\toolkit.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Nero\Nero Burning ROM\CDI\CDI_VCD.CFG » MIME - is OK (internal scanning not performed)
C:\Program Files\Real\RealPlayer\browserrecord\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Sony\Vegas Pro 8.0\Sony Vegas Pro 8 -- ShuttlePRO v2.mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Sony\Vegas Pro 8.0\Sony Vegas Pro 8 -- ShuttlePRO.mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Sony\Vegas Pro 8.0\Sony Vegas Pro 8 -- ShuttleXpress.mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Sony Setup\Sound Forge 7.0\main.cab » CAB » shuttlepromht » MIME - is OK (internal scanning not performed)
C:\Program Files\Sony Setup\Sound Forge 7.0\main.cab » CAB » shuttlepro2mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Sony Setup\Sound Forge 7.0\main.cab » CAB » shuttlexpmht » MIME - is OK (internal scanning not performed)
C:\Program Files\Sony Setup\Vegas Pro 8.0\main.cab » CAB » Sony_Vegas_Pro_8_ShuttlePRO_v2.mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Sony Setup\Vegas Pro 8.0\main.cab » CAB » Sony_Vegas_Pro_8_ShuttlePRO.mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Sony Setup\Vegas Pro 8.0\main.cab » CAB » Sony_Vegas_Pro_8_ShuttleXpress.mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Winamp\UninstWA.exe » NSIS - incorrect CRC checksum, the file may be damaged
C:\WINDOWS\hlktmp - error opening [4]
C:\WINDOWS\system32\config\default - error opening [4]
C:\WINDOWS\system32\config\default.LOG - error opening [4]
C:\WINDOWS\system32\config\SAM - error opening [4]
C:\WINDOWS\system32\config\SAM.LOG - error opening [4]
C:\WINDOWS\system32\config\SECURITY - error opening [4]
C:\WINDOWS\system32\config\SECURITY.LOG - error opening [4]
C:\WINDOWS\system32\config\software - error opening [4]
C:\WINDOWS\system32\config\software.LOG - error opening [4]
C:\WINDOWS\system32\config\system - error opening [4]
C:\WINDOWS\system32\config\system.LOG - error opening [4]
Number of scanned objects: 217751
Number of threats found: 0
Time of completion: 2:57:59 PM Total scanning time: 1810 sec (00:30:10)

Notes:
[4] Object cannot be opened. It may be in use by another application or operating system.

Dopuna: 08 Apr 2009 15:01

Scan Log
Version of virus signature database: 3994 (20090407)
Date: 08/04/2009 Time: 2:27:49 PM
Scanned disks, folders and files: C:\Boot sector;C:\
C:\AUTOEXEC.BAT » MIME - is OK (internal scanning not performed)
C:\pagefile.sys - error opening [4]
C:\Documents and Settings\Administrator\NTUSER.DAT - error opening [4]
C:\Documents and Settings\Administrator\ntuser.dat.LOG - error opening [4]
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\krdyd8eg.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{012CA8E8-D2EE-4A5F-8A24-6E65E8D6C935}\Microsoft\Outlook Express\Inbox.dbx » DBX - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\Local Settings\Application Data\Identities\{012CA8E8-D2EE-4A5F-8A24-6E65E8D6C935}\Microsoft\Outlook Express\Sent Items.dbx » DBX - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\CardSpace\CardSpace.db - error opening [4]
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\CardSpace\CardSpace.db.shadow - error opening [4]
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening [4]
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening [4]
C:\Documents and Settings\Administrator\My Documents\Odštampaj stranicu - Sta su to Torenti.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\Italija\Polovni automobil Fiat punto cena 650 ( po dogovoru ) 327530- auto oglasi - MojAuto - polovni automobili.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\My Videos\RealPlayer Downloads\preferans.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\sppski\Kaleidoskop - Marina Cvetaeva.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\Administrator\My Documents\sppski\Zak Prever.mht » MIME - is OK (internal scanning not performed)
C:\Documents and Settings\LocalService\NTUSER.DAT - error opening [4]
C:\Documents and Settings\LocalService\ntuser.dat.LOG - error opening [4]
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening [4]
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening [4]
C:\Documents and Settings\NetworkService\NTUSER.DAT - error opening [4]
C:\Documents and Settings\NetworkService\ntuser.dat.LOG - error opening [4]
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening [4]
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening [4]
C:\Program Files\AGEIA Technologies\AGEIA_PhysX_Help.mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Ahead\Nero\CDI\CDI_VCD.CFG » MIME - is OK (internal scanning not performed)
C:\Program Files\Common Files\LightScribe\Content\Getting Started.mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Crawler\firefox\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre6\lib\resources.jar » ZIP » com/sun/org/apache/xerces/internal/impl/msg/XIncludeMessages.properties » MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre6\lib\resources.jar » ZIP » com/sun/xml/internal/fastinfoset/resources/ResourceBundle.properties » MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre6\lib\resources.jar » ZIP » javax/xml/bind/Messages.properties » MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre6\lib\deploy\ffjcext.zip » ZIP » {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}/chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Java\jre6\lib\deploy\jqs\ff\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Microsoft Office\OFFICE11\1033\VIDEO.MHT » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\browser.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\comm.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\pippki.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\reporter.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\chrome\toolkit.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Nero\Nero Burning ROM\CDI\CDI_VCD.CFG » MIME - is OK (internal scanning not performed)
C:\Program Files\Real\RealPlayer\browserrecord\chrome.manifest » MIME - is OK (internal scanning not performed)
C:\Program Files\Sony\Vegas Pro 8.0\Sony Vegas Pro 8 -- ShuttlePRO v2.mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Sony\Vegas Pro 8.0\Sony Vegas Pro 8 -- ShuttlePRO.mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Sony\Vegas Pro 8.0\Sony Vegas Pro 8 -- ShuttleXpress.mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Sony Setup\Sound Forge 7.0\main.cab » CAB » shuttlepromht » MIME - is OK (internal scanning not performed)
C:\Program Files\Sony Setup\Sound Forge 7.0\main.cab » CAB » shuttlepro2mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Sony Setup\Sound Forge 7.0\main.cab » CAB » shuttlexpmht » MIME - is OK (internal scanning not performed)
C:\Program Files\Sony Setup\Vegas Pro 8.0\main.cab » CAB » Sony_Vegas_Pro_8_ShuttlePRO_v2.mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Sony Setup\Vegas Pro 8.0\main.cab » CAB » Sony_Vegas_Pro_8_ShuttlePRO.mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Sony Setup\Vegas Pro 8.0\main.cab » CAB » Sony_Vegas_Pro_8_ShuttleXpress.mht » MIME - is OK (internal scanning not performed)
C:\Program Files\Winamp\UninstWA.exe » NSIS - incorrect CRC checksum, the file may be damaged
C:\WINDOWS\hlktmp - error opening [4]
C:\WINDOWS\system32\config\default - error opening [4]
C:\WINDOWS\system32\config\default.LOG - error opening [4]
C:\WINDOWS\system32\config\SAM - error opening [4]
C:\WINDOWS\system32\config\SAM.LOG - error opening [4]
C:\WINDOWS\system32\config\SECURITY - error opening [4]
C:\WINDOWS\system32\config\SECURITY.LOG - error opening [4]
C:\WINDOWS\system32\config\software - error opening [4]
C:\WINDOWS\system32\config\software.LOG - error opening [4]
C:\WINDOWS\system32\config\system - error opening [4]
C:\WINDOWS\system32\config\system.LOG - error opening [4]
Number of scanned objects: 217751
Number of threats found: 0
Time of completion: 2:57:59 PM Total scanning time: 1810 sec (00:30:10)

Notes:
[4] Object cannot be opened. It may be in use by another application or operating system.
mislim da ih vise nema

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Logovi su OK.

Ostavljam temu otvorenom, a ti se javi za par dana da nam kazes da li je sve OK, ili se infekcija kojim slucajem vratila.

Javi se obavezno, da bi deinstalirali ComboFix

offline
  • GTA  Male
  • Počasni građanin
  • Pridružio: 14 Avg 2008
  • Poruke: 717

Ja sam ga vec deistalirao.
P.S.
Ima jos jedan problem sa nodom ali o tome cu nesto kasnije treba da okacim jednu sliku da bi video sta je problem.

Dopuna: 08 Apr 2009 18:24

evo te slike
Sta znaci ono sam obelezio zelenom

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Da li bi mogao da probas reinstalaciju NOD-a, da vidimo da li ce taj problem nestati?
Kao da nesto nije u redu sa nekim od NOD-ovih servisa.
Pitanje je sada da li je njegov servis u pitanju, ili neki od servisa na koje se taj NOD-ov servis oslanja.
Zato predlazem ponovnu instalaciju, da ustanovimo gde je problem.

Lako moze biti da je do onog ndis_fixera, jer smo prakticno intalirali mrezu ponovo nakon sto je instaliran NOD, pa sada NOD nije "nakacen" na ovaj novi drajver za mrezu koji je ndis_fixer ubacio.

offline
  • GTA  Male
  • Počasni građanin
  • Pridružio: 14 Avg 2008
  • Poruke: 717


Ima i drugi problem kada pokrenem internet explore javlja se ovo kliknem na yes ono i dalje stolji isto je tako i sa no nikako nemoze da se iskljuci
P>S. ivni sto te malo vise smara ali ijos samo ovo mi resi sta treba da radim.
A kasnije cu da probam ovo za nod

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Ne znam resenje za ovo sa IE, ali znam da je neko to pitao na forumu, i dobio je resenje. Sada, kada bi neko mogao da se seti u kojoj je to temi bilo...
To bolje pitaj na Windows forumu. Cini mi se da je Dr Sign onomad znao resenje.

offline
  • GTA  Male
  • Počasni građanin
  • Pridružio: 14 Avg 2008
  • Poruke: 717

ipak veliko hvala

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Izvinjavam se na upadu ali mozes na primer iskljuciti tu opciju

Pokreni IE> Tools> Internet Options> Advanced, cekiraj Disable script debugging, odcekiraj Display a notification about every script error. Iskljuci pa ponovo ukljuci IE.

offline
  • GTA  Male
  • Počasni građanin
  • Pridružio: 14 Avg 2008
  • Poruke: 717

meni je vec bila cekirana opcija Disable script debugging a odcekirana Display a notification about every script error

Ko je trenutno na forumu
 

Ukupno su 910 korisnika na forumu :: 51 registrovanih, 7 sakrivenih i 852 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Sale, A.R.Chafee.Jr., aljosa7, alkatraz080, aramis s, babaroga, Bane san, Ctrl x, darcaud, djordje92sm, dozorni, dragon986, Georgius, goxin, helen1, ivan1973, jaeger, Jovan Nenad, Kiki2004, kripo, LUDI, Mihajlo, Milan A. Nikolic, milekNS, milos.cbr, mk, nebkv, nenad81, pein, Pohovani_00, PRIVATE RYAN, raketaš, repac, RJ, Roman, royst33, S-lash, Sale.S, Simon simonović, Snorks, stegonosa, strela, Toni, vasa.93, VJ, Vl veliki, Vlada1389, zexoni, zuxbg, |_MeD_|, 223223