Posle ComboFix-a ne radi ADSL internet

Posle ComboFix-a ne radi ADSL internet

offline
  • Pridružio: 25 Dec 2007
  • Poruke: 10
  • Gde živiš: SO

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:57:21 PM, on 3/9/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Scope\app\bin\sfp.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WinTV\Ir.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\WINDOWS\System32\svchost.exe
H:\PROGRAMI\ANTIVIRUS ALATI\Tito\Tito.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: FGCatchUrl - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch_1.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: BHO Class - {8B3868B4-EBA8-48FA-A19B-E1DFB99066FA} - C:\Program Files\FlashCapture\fcbho.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (file missing)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [InitPulsar] C:/Scope/app/bin/sfp.exe -s
O4 - HKLM\..\Run: [H2OWIBU] C:\Program Files\WIBUKEY\H2O\CXWibu.exe
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: FlashCapture - {753BBC4B-CC73-4fb8-A5B5-CA09C804C1DD} - C:\Program Files\FlashCapture\fciext.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com/microsoftupdate/v6/V5C.....9819967296
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\skype4com.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: CameraServer - Unknown owner - c:\FlyCam\CameraServer.exe (file missing)
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HauppaugeTVServer - Hauppauge Computer Works - C:\PROGRA~1\WinTV\HCWTVS~1.EXE
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 8186 bytes

Nisam mogao da otvorim particije i pokrenuo sam program ComboFix koji je pronasao trojance i iselio ih iz mog racunara, ali sada ne mogu da se spojim na ADSL mrezu. U cemu je problem? Hvala.

Dopuna: 09 Mar 2009 22:35

ComboFix 09-03-06.02 - Goran 2009-03-09 2:25:16.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1535.1168 [GMT 1:00]
Running from: c:\documents and settings\Goran\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1296 [VPS 090307-0] *On-access scanning disabled* (Updated)

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
c:\program files\media-codec
C:\resycled
c:\resycled\ntldr.com
c:\windows\system32\drivers\gaopdxakdqomlw.sys
c:\windows\system32\drivers\gaopdxboyouxjd.sys
c:\windows\system32\drivers\gaopdxbuhbonba.sys
c:\windows\system32\drivers\gaopdxgrkelcit.sys
c:\windows\system32\drivers\gaopdxgskwkowf.sys
c:\windows\system32\drivers\gaopdxkkyirjil.sys
c:\windows\system32\drivers\gaopdxnpvwpyej.sys
c:\windows\system32\drivers\gaopdxolxeipsn.sys
c:\windows\system32\drivers\gaopdxrnsflnsc.sys
c:\windows\system32\drivers\gaopdxsfooqvpt.sys
c:\windows\system32\drivers\gaopdxvtkcbppk.sys
c:\windows\system32\gaopdxfxuxdril.dll
c:\windows\system32\msvcsv60.dll
D:\Autorun.inf
D:\resycled
d:\resycled\ntldr.com
E:\Autorun.inf
E:\resycled
e:\resycled\ntldr.com
F:\Autorun.inf
F:\resycled
f:\resycled\ntldr.com
G:\Autorun.inf
G:\resycled
g:\resycled\ntldr.com
H:\Autorun.inf
H:\resycled
h:\resycled\ntldr.com

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_gaopdxserv.sys
-------\Legacy_XPROTECTOR
-------\Service_XPROTECTOR


((((((((((((((((((((((((( Files Created from 2009-02-09 to 2009-03-09 )))))))))))))))))))))))))))))))
.

2009-03-07 16:05 . 2009-03-07 16:05 1,099,839 --a------ c:\windows\system32\TmpA8199421
2009-03-07 09:28 . 2009-03-07 09:28 <DIR> d-------- c:\program files\Alwil Software

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-08 23:13 7,100 --sha-w c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2009-03-08 23:01 --------- d-----w c:\documents and settings\Goran\Application Data\MxBoost
2009-03-08 22:54 --------- d-----w c:\program files\WinTV
2009-03-07 09:15 --------- d-----w c:\program files\Recomposit
2009-03-06 23:25 --------- d-----w c:\program files\Kaspersky Lab
2009-01-27 20:48 --------- d-----w c:\documents and settings\Goran\Application Data\Aleo Software
2009-01-27 20:45 --------- d-----w c:\program files\Aleo Software
2009-01-27 20:31 168 --sh--r c:\documents and settings\All Users\Application Data\45482E2492.sys
2009-01-27 20:00 --------- d-----w c:\documents and settings\Goran\Application Data\Corel
2009-01-27 19:57 --------- d-----w c:\documents and settings\All Users\Application Data\Corel
2009-01-27 19:55 --------- d-----w c:\program files\Corel
2009-01-27 19:55 --------- d-----w c:\program files\Common Files\Corel
2009-01-26 20:53 --------- d-----w c:\documents and settings\Goran\Application Data\Thinstall
2009-01-23 18:46 --------- d-----w c:\program files\Ulead Systems
2009-01-23 18:46 --------- d-----w c:\program files\Common Files\Ulead Systems
2009-01-23 16:38 --------- d-----w c:\documents and settings\All Users\Application Data\Ulead Systems
2009-01-23 16:31 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-01-22 15:23 737,280 ----a-w c:\windows\iun6002.exe
2009-01-22 15:23 --------- d-----w c:\program files\Backspin Billiards
2009-01-22 15:22 --------- d-----w c:\documents and settings\Goran\Application Data\Canon
2009-01-22 13:41 --------- d-----w c:\program files\RealDrawPRO4
2009-01-19 22:27 --------- d-----w c:\program files\Lavasoft
2009-01-19 22:27 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2009-01-19 02:03 --------- d-----w c:\program files\nanoPEG for WinTV
2009-01-17 02:29 974,880 --sha-w c:\windows\system32\drivers\fidbox2.dat
2009-01-17 02:29 7,556 --sha-w c:\windows\system32\drivers\fidbox2.idx
2009-01-17 02:29 20,995,104 --sha-w c:\windows\system32\drivers\fidbox.dat
2009-01-17 02:29 170,344 --sha-w c:\windows\system32\drivers\fidbox.idx
2009-01-17 02:17 --------- d-----w c:\program files\Chord Buster
2009-01-16 15:51 --------- d-----w c:\program files\Spectrasonics
2008-03-20 22:04 8 --sh--r c:\documents and settings\All Users\Application Data\394B34B312.sys
2007-08-27 08:38 0 ---ha-w c:\documents and settings\Goran\Application Data\.CAA735D2BF986FC0.sys
2007-08-25 01:11 0 ---ha-w c:\documents and settings\Goran\Application Data\.CAA735D26659B183.sys
2007-08-14 23:15 0 ---ha-w c:\documents and settings\Goran\Application Data\.CAA735D2571BECED.sys
2007-08-11 21:45 0 ---ha-w c:\documents and settings\Goran\Application Data\.CAA735D24A06AB74.sys
2007-08-11 21:42 0 ---ha-w c:\documents and settings\Goran\Application Data\.CAA735D24A06AB73.sys
2007-08-03 10:02 0 ---ha-w c:\documents and settings\Goran\Application Data\.CAA735D228CEB20A.sys
2007-05-09 18:56 94,080 ----a-w c:\documents and settings\Goran\Application Data\ezplay.sys
2007-05-09 18:56 81,920 ----a-w c:\documents and settings\Goran\Application Data\ezpinst.exe
2007-05-09 18:56 47,360 ----a-w c:\documents and settings\Goran\Application Data\pcouffin.sys
2007-03-26 14:06 0 ---ha-w c:\documents and settings\Goran\Application Data\.CAA735D2859F7D89.sys
2006-09-05 10:55 0 ---ha-w c:\documents and settings\Goran\Application Data\.CAA735D2EEEA39DE.sys
2006-08-01 16:28 0 ---ha-w c:\documents and settings\Goran\Application Data\.CAA735D2ABB8C36B.sys
2007-07-08 09:26 56 --sh--r c:\windows\system32\78499369A5.sys
2007-07-08 09:26 3,766 --sha-w c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H2OWIBU"="c:\program files\WIBUKEY\H2O\CXWibu.exe" [N/A]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2007-12-11 307200]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"UVS11 Preload"="c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-07-23 341232]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"InitPulsar"="C:/Scope/app/bin/sfp.exe" [2004-03-09 c:\scope\App\Bin\SFP.exe]

c:\documents and settings\Goran\Start Menu\Programs\Startup\
TitanTV Remote Scheduler.lnk - c:\program files\WinTV\Scheduler\TitanTV.exe [2009-01-19 782336]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
AutoStart IR.lnk - c:\program files\WinTV\Ir.exe [2009-01-19 110647]
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2008-11-01 458840]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.fraunhoferacm"= l3codecp.acm
"VIDC.ACDV"= ACDV.dll
"msacm.enc"= ITIG726.acm
"midi1"= KORGUMDD.DRV
"midi6"= KORGUMDD.DRV
"msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\Vio\Dvacm.acm
"msacm.MPEGacm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
"msacm.ulmp3acm"= c:\progra~1\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^AutoStart IR.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\AutoStart IR.lnk
backup=c:\windows\pss\AutoStart IR.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ImapiService"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\WIBUKEY\\Server\\WkSvW32.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Documents and Settings\\Goran\\Desktop\\ALATI\\Torrent\\utorrent.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Java\\jre1.5.0_06\\bin\\javaw.exe"=
"c:\\Program Files\\Outlook Express\\msimn.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\FlashGet\\FlashGet.exe"=
"c:\\Program Files\\Corel\\DVD9\\WinDVD.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\English\\setup.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"80:TCP"= 80:TCP:Windows Media Format SDK (VidCam.exe)

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2008-07-31 20616]
R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [2005-12-25 11264]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-03-07 111184]
R1 Scope;WDM Driver for Scope;c:\windows\system32\drivers\scope.sys [2005-12-22 110048]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-03-07 20560]
R2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-11-01 143467]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 11032]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2005-12-23 33792]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2008-07-02 26248]
S1 oxser;OX16C95x Serial port driver;c:\windows\system32\drivers\OXSER.SYS [2007-12-14 51169]
S2 CameraServer;CameraServer;c:\flycam\CameraServer.exe --> c:\flycam\CameraServer.exe [?]
S2 FLYCAM;FlyCam, WDM Video Capture;c:\windows\system32\drivers\flycam.sys [2006-01-27 705408]
S3 2nixA;2nixA;c:\scope\App\Sys\2nixA.sys [2005-12-22 10016]
S3 2nixWDM;2nixWDM;c:\scope\App\Sys\2nixWDM.sys [2005-12-22 10112]
S3 AdWatchDrv;AW Realtime Driver;\??\c:\windows\system32\drivers\AWRTPD.sys --> c:\windows\system32\drivers\AWRTPD.sys [?]
S3 ASUSHWIO;ASUSHWIO;\??\c:\windows\system32\drivers\ASUSHWIO.sys --> c:\windows\system32\drivers\ASUSHWIO.sys [?]
S3 cxwibu;Team H2O WIBU Driver;c:\program files\WIBUKEY\H2O\cxwibu.sys [2006-05-14 7040]
S3 HauppaugeTVServer;HauppaugeTVServer;c:\progra~1\WinTV\HCWTVS~1.EXE [2009-01-19 815104]
S3 hypaudio;hypaudio;c:\windows\system32\drivers\hypaudio.sys [2006-04-28 1162424]
S3 hypkern;hypkern;c:\windows\system32\drivers\hypkern.sys [2006-04-28 260553]
S3 ids00026;ids00026;\??\c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys --> c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys [?]
S3 ids0005c;ids0005c;\??\c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0005c.sys --> c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0005c.sys [?]
S3 InvVxD;InvVxD;c:\scope\App\Sys\InvVxD.sys [2005-12-22 10784]
S3 KGPar2;KGPar2;c:\scope\App\Sys\KGPar2.sys [2005-12-22 22624]
S3 KGPar3;KGPar3;c:\scope\App\Sys\KGPar3.sys [2005-12-22 25472]
S3 KORGUMDS;KORG USB-MIDI Driver for Windows;c:\windows\system32\drivers\KORGUMDS.SYS [2007-10-02 21720]
S3 MagixASIODrv;MAGIX_ASIO_BoostDriver;\??\c:\program files\MAGIX\Samplitude_SE_No9\mxasio.sys --> c:\program files\MAGIX\Samplitude_SE_No9\mxasio.sys [?]
S3 MArrFifo;MArrFifo;c:\scope\App\Sys\MArrFifo.sys [2005-12-22 12640]
S3 MFifoArr;MFifoArr;c:\scope\App\Sys\MFifoArr.sys [2005-12-22 10400]
S3 MidiAck;MidiAck;c:\scope\App\Sys\MidiAck.sys [2005-12-22 10016]
S3 MVC2VxD;MVC2VxD;c:\scope\App\Sys\MVC2VxD.sys [2005-12-22 79264]
S3 MVCVxD;MVCVxD;c:\scope\App\Sys\MVCVxD.sys [2005-12-22 73792]
S3 netModUSBService;Service for netMod USB CAPI Driver;c:\windows\system32\drivers\nMUSB.sys [2007-03-29 61648]
S3 PC2VxD;PC2VxD;c:\scope\App\Sys\PC2VxD.sys [2005-12-22 10208]
S3 Smport;Smport;\??\i:\muzicki programi\TVR Snimanje razgovora\TVR\Smport.sys --> i:\muzicki programi\TVR Snimanje razgovora\TVR\Smport.sys [?]
S3 Spl2VxD;Spl2VxD;c:\scope\App\Sys\Spl2VxD.sys [2005-12-22 15648]
S3 TPlay;TPlay;c:\scope\App\Sys\TPlay.sys [2005-12-22 11296]
S3 TPRSync;TPRSync;c:\scope\App\Sys\TPRSync.sys [2005-12-22 11520]
S3 TPSync;TPSync;c:\scope\App\Sys\TPSync.sys [2005-12-22 10592]
S3 TRec;TRec;c:\scope\App\Sys\TRec.sys [2005-12-22 12832]
S3 TRSync;TRSync;c:\scope\App\Sys\TRSync.sys [2005-12-22 10592]
S3 TStretch;TStretch;c:\scope\App\Sys\TStretch.sys [2005-12-22 44864]
S3 VDATMot;VDATMot;c:\scope\App\Sys\VDATMot.sys [2005-12-22 19168]
S3 VPlay;VPlay;c:\scope\App\Sys\VPlay.sys [2005-12-22 12544]
S3 VRec;VRec;c:\scope\App\Sys\VRec.sys [2005-12-22 12640]
S3 VSTin;VSTin;c:\scope\App\Sys\VSTin.sys [2005-12-22 12960]
S3 VSTout;VSTout;c:\scope\App\Sys\VSTout.sys [2005-12-22 12256]
S3 VSTsync;VSTsync;c:\scope\App\Sys\VSTsync.sys [2005-12-22 10272]
S3 VxD2PC;VxD2PC;c:\scope\App\Sys\VxD2PC.sys [2005-12-22 10304]
S3 WaveIn16;WaveIn16;c:\scope\App\Sys\WaveIn16.sys [2005-12-22 10176]
S3 WaveOut16;WaveOut16;c:\scope\App\Sys\WaveOut16.sys [2005-12-22 10176]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\M]
\Shell\AutoRun\command - M:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{22038088-b209-11dc-8891-000ea67a9cb0}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\ntldr.com n:
\Shell\Open\command - n:\resycled\ntldr.com n:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{37614a67-e15e-11dd-a142-101111111111}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\ntldr.com k:
\Shell\Open\command - k:\resycled\ntldr.com k:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5b02b9d8-a736-11dc-887a-101111111111}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6296d04b-a43d-11dc-8874-000ea67a9cb0}]
\Shell\Auto\command - Windows.scr
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Windows.scr

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64f90106-1e76-11dc-b27d-fcbc5385d84d}]
\Shell\AutoRun\command - L:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6b8ef980-741c-11db-b88f-101111111111}]
\Shell\AutoRun\command - L:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a7887aec-209b-11dc-b287-000ea67a9cb0}]
\Shell\AutoRun\command - L:\autorun.exe
.
Contents of the 'Scheduled Tasks' folder

2009-01-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local;localhost
IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm
IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm
IE: Add to AMV Convert Tool...
IE: Add to Media Manager...
IE: Download Link Using Mega Manager...
IE: Download with Rapget - c:\documents and settings\Goran\Desktop\ALATI\RAPIDSHARE\rapget.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Save F&lash with FlashCapture - c:\program files\FlashCapture\fciext.dll/FCIEXT.htm
IE: Send by Bluetooth - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
IE: Send via &Message... - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-03-09 02:34:21
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-117609710-287218729-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{EC5FB77F-8DD4-CD6D-04E1-92D2DDE8A1B4}*]
"mafcbampoaoihkagknllhklnoh"=hex:6a,61,6c,62,63,64,65,63,67,62,64,6c,6b,6c,6b,
69,61,70,70,65,00,00
"nafcbampoaoibiclaojcgomfialh"=hex:6a,61,6c,62,63,64,6a,63,70,62,61,69,61,6b,
69,6d,67,67,6b,65,00,00
"cbfcbalpdapbpnogljgpdbeknhofbckebedbaf"=hex:62,61,6b,62,00,fa
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(760)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files\Common Files\EPSON\EBAPI\SAgent2.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\IVT Corporation\BlueSoleil\BsHelpCS.exe
c:\program files\IVT Corporation\BlueSoleil\BtTray.exe
.
**************************************************************************
.
Completion time: 2009-03-09 2:49:51 - machine was rebooted
ComboFix-quarantined-files.txt 2009-03-09 01:49:49

Pre-Run: 10,571,231,232 bytes free
Post-Run: 10,869,514,240 bytes free

294 --- E O F --- 2009-01-15 02:04:23

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Pozdrav...


Znači, koristio si program za koga sam ja mnogo puta ovde napisao da se ne koristi i napravio si sam sebi problem.
I sada bi pomoć.

Reci mi, kako tebi ovo zvuči?


Anyway... Možeš pokušati rešiti problem pokretanjem programa sa sledećeg linka:

http://majorgeeks.com/WinSock_XP_Fix_d4372.html


Skini i pokreni. Ako nakon restarta problem ne bude rešen, otvori temu u Windows forumu i potraži dalje savete.

offline
  • Pridružio: 25 Dec 2007
  • Poruke: 10
  • Gde živiš: SO

Zvuci glupo, ali se ja izvinjavam jer nisam pretrazivao ovaj deo foruma, vec sam naisao na slucajan post, uputstvo i postupio po njemu. Trebalo bi to biti u lepljivoj, ako vec nije? Uglavnom hvala na savetu.

Dopuna: 10 Mar 2009 20:40

Sad sve radi! Hvala!

Ko je trenutno na forumu
 

Ukupno su 930 korisnika na forumu :: 56 registrovanih, 9 sakrivenih i 865 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Sale, ALBION101, Alibaba1981, arzak, Bane san, BORUTUS, crnitrn, djo97, Dorcolac, DPera, dragoljub11987, Ehinacea, FOX, GreenMan, Hitri, HrcAk47, Insan, kokan0905, Koridor, kosticmilanko, kybonacci, Litostroton, Lucije Kvint, mačković, mercedesamg, miodrag, Mixelotti, mushroom, nedeljkovici, Nemanja.M, Panter, Paor, Parker, pedja.st, pirke96, Profica, proka89, raf87, Sale.S, samsung, sickmouse, Sirius, SlaKoj, Smajser, Smd, Srpska zauvjek, stankolich, Sterilizacija, Username1000, Van, Vlad000, vladetije, vobo, vranjanac29, YU-UKI, Zimbabwe