blokira racunar

2

blokira racunar

offline
  • Pridružio: 17 Nov 2009
  • Poruke: 8

sad je odradio svoje i evo rezultata:

ComboFix 09-11-19.05 - ElektronS 11/20/2009 15:49.5.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.256.146 [GMT 1:00]
Running from: c:\documents and settings\ElektronS\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2009-10-20 to 2009-11-20 )))))))))))))))))))))))))))))))
.

2009-11-19 17:10 . 2006-02-26 15:21 92672 ----a-w- c:\windows\system32\drivers\viamraid.sys
2009-11-19 17:10 . 2004-08-04 04:00 95360 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-11-15 14:09 . 2009-11-15 14:09 -------- d-----w- c:\program files\uTorrent
2009-11-15 14:09 . 2009-11-20 13:33 -------- d-----w- c:\documents and settings\ElektronS\Application Data\uTorrent
2009-11-15 09:41 . 2009-11-17 23:30 -------- d-----w- c:\program files\Atomic Alarm Clock
2009-11-15 09:24 . 2009-11-15 09:24 -------- d-s---w- c:\documents and settings\ElektronS\UserData
2009-11-14 22:35 . 2009-07-28 15:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-11-14 19:57 . 2009-11-20 13:34 -------- d-----w- c:\documents and settings\ElektronS\Tracing
2009-11-14 19:55 . 2009-11-14 19:56 -------- d-----w- c:\program files\Windows Live
2009-11-14 19:37 . 2009-11-14 19:37 -------- d-----w- c:\program files\Common Files\Windows Live
2009-11-14 19:29 . 2009-11-14 19:29 -------- d-----w- c:\documents and settings\ElektronS\Application Data\Talkback
2009-11-14 19:28 . 2009-11-14 19:29 -------- d-----w- c:\documents and settings\ElektronS\Local Settings\Application Data\Thunderbird
2009-11-14 19:28 . 2009-11-14 19:28 -------- d-----w- c:\documents and settings\ElektronS\Application Data\Thunderbird

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-17 17:39 . 2007-08-06 10:46 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-14 23:27 . 2008-07-18 04:24 -------- d-----w- c:\program files\DaemonTools_WhenUSaveNow_Installer
2009-11-14 19:56 . 2008-11-11 04:03 -------- d-----w- c:\program files\Microsoft
2009-09-30 23:30 . 2009-09-30 23:30 1961720 ----a-w- c:\documents and settings\ElektronS\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-08-26 09:12 . 2007-08-05 23:21 49952 ----a-w- c:\documents and settings\ElektronS\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2006-05-06 16:42 . 2007-08-06 10:43 7260160 ----a-w- c:\program files\mozilla firefox\plugins\libvlc.dll
.

------- Sigcheck -------

[-] 2006-12-28 . C5E8C53A50767F016B539D946ED8B121 . 360576 . . [5.1.2600.2892] . . c:\windows\system32\drivers\tcpip.sys
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\inf\tcpip.sys
[7] 2004-08-03 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\Options\Cabs\tcpip.sys
.
((((((((((((((((((((((((((((( SnapShot@2009-11-17_23.21.22 )))))))))))))))))))))))))))))))))))))))))
.
- 2001-08-23 15:00 . 2009-11-17 17:42 39992 c:\windows\system32\perfc009.dat
+ 2001-08-23 15:00 . 2009-11-20 08:32 39992 c:\windows\system32\perfc009.dat
+ 2001-08-23 15:00 . 2009-11-20 08:32 311604 c:\windows\system32\perfh009.dat
- 2001-08-23 15:00 . 2009-11-17 17:42 311604 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]
"SkinClock"="c:\program files\Atomic Alarm Clock\AtomicAlarmClock.exe" [2008-09-11 1739264]
"uTorrent"="c:\documents and settings\ElektronS\Desktop\utorrent.exe" [2009-11-15 289584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2006-10-22 1622016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" - c:\windows\system32\advpack.dll [2004-08-04 99840]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
"StartMenuLogoff"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\ElektronS\\Desktop\\utorrent.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [7/18/2008 5:21 AM 643072]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ba/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\ElektronS\Application Data\Mozilla\Firefox\Profiles\hmw36r6o.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ba/
FF - prefs.js: keyword.URL -
FF - plugin: c:\program files\Mozilla Firefox\plugins\npvlc.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-11-20 15:55
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2276)
c:\windows\system32\msi.dll
.
Completion time: 2009-11-20 15:56
ComboFix-quarantined-files.txt 2009-11-20 14:55
ComboFix2.txt 2009-11-18 19:29
ComboFix3.txt 2009-11-17 23:24

Pre-Run: 9,510,641,664 bytes free
Post-Run: 9,483,382,784 bytes free

- - End Of File - - 6065C357BBD973B0A401E57C62849780

offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Log sada deluje čisto i nema tragova malware_a.


Prvo isprati uputstvo za deinstalaciju ComboFix_a.


Drugo, imaš na podforumu Antivirus programi dosta diskusija o Antivirus programima pa instaliraj neki po želji.


Takođe uradi upgrade Windows_a na Service Pack 3

-----------------------------


Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

ComboFix /Uninstall

Primeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).


Sačekaj da se proces deinstalacije završi.

offline
  • Pridružio: 17 Nov 2009
  • Poruke: 8

Hvala na pomoci. Odavno mi se bolje racunar ponasa (od kako sam prvi put s ComboFix-om radio) i primjetio sam da mi je ili on ili nesto drugo dosta "virusa" eleminisao.
hvala jos jednom Wink

Ko je trenutno na forumu
 

Ukupno su 1219 korisnika na forumu :: 45 registrovanih, 5 sakrivenih i 1169 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 9k38, A.R.Chafee.Jr., AK - 230, AMCXXL, Andrija357, Asparagus, babaroga, Battlehammer, Boris90, BORUTUS, Brana01, Bubimir, DonRumataEstorski, Duh sa sekirom, FOX, GenZee, Georgius, goxin, GveX, havoc995, ikan, ILGromovnik, jaeger, krkalon, Kruger, Krusarac, Krvava Devetka, kybonacci, ladro, Lieutenant, ljuba, lord sir giga, manda87, mercedesamg, ostoja, samsung, Sančo, sombrero, theNedjeljko, tubular, vasa.93, VJ, Vlada78, voja64, vukovi