kako da očistim komp od virusa

3

kako da očistim komp od virusa

offline
  • Pridružio: 30 Apr 2009
  • Poruke: 18

Napisano: 30 Apr 2009 16:35

opet isto jednostavno ne reaguje.

Dopuna: 30 Apr 2009 16:45

GMER 1.0.15.14972 - gmer.net
Rootkit scan 2009-04-30 16:41:54
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.15 ----

SSDT F8B6F87E ZwCreateKey
SSDT F8B6F874 ZwCreateThread
SSDT F8B6F883 ZwDeleteKey
SSDT F8B6F88D ZwDeleteValueKey
SSDT F8B6F892 ZwLoadKey
SSDT F8B6F860 ZwOpenProcess
SSDT F8B6F865 ZwOpenThread
SSDT F8B6F89C ZwReplaceKey
SSDT F8B6F897 ZwRestoreKey
SSDT F8B6F888 ZwSetValueKey
SSDT F8B6F86F ZwTerminateProcess
SSDT F8B6F86A ZwWriteVirtualMemory

Code \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys pIofCallDriver

---- Kernel code sections - GMER 1.0.15 ----

? C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys The system cannot find the file specified. !
? C:\WINDOWS\system32\Drivers\PROCEXP90.SYS The system cannot find the file specified. !

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip avfwot.sys (TDI filtering kernel driver/Avira GmbH)
AttachedDevice \Driver\Tcpip \Device\Tcp avfwot.sys (TDI filtering kernel driver/Avira GmbH)
AttachedDevice \Driver\Tcpip \Device\Udp avfwot.sys (TDI filtering kernel driver/Avira GmbH)
AttachedDevice \Driver\Tcpip \Device\RawIp avfwot.sys (TDI filtering kernel driver/Avira GmbH)

---- EOF - GMER 1.0.15 ----


evo sad ovo ali sam morala skloniti kvačicu sa files da bi počelo skeniranje

Dopuna: 30 Apr 2009 17:15

GMER 1.0.15.14972 - gmer.net
Rootkit scan 2009-04-30 17:12:33
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.15 ----

SSDT F8B6F87E ZwCreateKey
SSDT F8B6F874 ZwCreateThread
SSDT F8B6F883 ZwDeleteKey
SSDT F8B6F88D ZwDeleteValueKey
SSDT F8B6F892 ZwLoadKey
SSDT F8B6F860 ZwOpenProcess
SSDT F8B6F865 ZwOpenThread
SSDT F8B6F89C ZwReplaceKey
SSDT F8B6F897 ZwRestoreKey
SSDT F8B6F888 ZwSetValueKey
SSDT F8B6F86F ZwTerminateProcess
SSDT F8B6F86A ZwWriteVirtualMemory

Code \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys pIofCallDriver

---- Kernel code sections - GMER 1.0.15 ----

? C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys The system cannot find the file specified. !
? C:\WINDOWS\system32\Drivers\PROCEXP90.SYS The system cannot find the file specified. !

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip avfwot.sys (TDI filtering kernel driver/Avira GmbH)
AttachedDevice \Driver\Tcpip \Device\Tcp avfwot.sys (TDI filtering kernel driver/Avira GmbH)
AttachedDevice \Driver\Tcpip \Device\Udp avfwot.sys (TDI filtering kernel driver/Avira GmbH)
AttachedDevice \Driver\Tcpip \Device\RawIp avfwot.sys (TDI filtering kernel driver/Avira GmbH)

---- EOF - GMER 1.0.15 ----


evo sad je uspjelo.

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

@mala mu, kakav problem ti imas, combofix log je cist, nema znakova malware-a. Mozes li da napises kako se manifestuje tvoj problem.

offline
  • Pridružio: 30 Apr 2009
  • Poruke: 18

problem je počeo prije 15 dana:čim bi se konektovala na internet komp sam počne otvarati stranice u IE. znao ih je otvoriti i do 60. ja inače koristim firefox.skinula sam anti malvare sa neta i skenirala komp on je pronašao 21 infekciju .smjestila sam ih u karantinu ali i dalje je postojao isti problem sa otvaranjem stranica. nakon toga mi je rečeno da uključim kombofix i sa njim sam probala i ništa.imala sam avast AV i on nije nikad ništa našao. onda sam instalirala aviru i ona ih još uvijek pronalazi imam ih 17 u karantini.
nakon toga sam skenirala komp i na msn virus i nema mns virusa ali je našao tri trojan agenta na igricama. mene najviše zanima kako da ja ove viruse izbrišem iz kompa.
samo da kažem da nakon avire više ne otvara stranice, ali je juče prilikom paljenja komp jako pištao.

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Ajde postavi taj izvestaj od Avire da vidim sta je to.

offline
  • Pridružio: 30 Apr 2009
  • Poruke: 18

Napisano: 01 Maj 2009 9:49

Premium Security Suite
Report file date: 28. april 2009 13:01

Scanning for 1369245 virus strains and unwanted programs.

Licensee : mersiha bu?o
Serial number : 1104489235-ISECE-0001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : MEDIAMARKET

Version information:
BUILD.DAT : 9.0.0.367 29020 Bytes 4/20/2009 11:35:00
AVSCAN.EXE : 9.0.3.5 466689 Bytes 4/17/2009 07:57:30
AVSCAN.DLL : 9.0.3.0 40705 Bytes 2/27/2009 09:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 10:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 2/27/2009 09:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 11:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 2/11/2009 19:33:26
ANTIVIR2.VDF : 7.1.3.63 1588224 Bytes 4/16/2009 10:59:22
ANTIVIR3.VDF : 7.1.3.122 203776 Bytes 4/28/2009 10:59:24
Engineversion : 8.2.0.156
AEVDF.DLL : 8.1.1.0 106868 Bytes 1/27/2009 16:36:42
AESCRIPT.DLL : 8.1.1.77 381306 Bytes 4/28/2009 10:59:38
AESCN.DLL : 8.1.1.10 127348 Bytes 4/28/2009 10:59:37
AERDL.DLL : 8.1.1.3 438645 Bytes 10/29/2008 17:24:41
AEPACK.DLL : 8.1.3.14 397685 Bytes 4/28/2009 10:59:36
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 2/26/2009 19:01:56
AEHEUR.DLL : 8.1.0.122 1737080 Bytes 4/28/2009 10:59:34
AEHELP.DLL : 8.1.2.2 119158 Bytes 2/26/2009 19:01:56
AEGEN.DLL : 8.1.1.39 348532 Bytes 4/28/2009 10:59:26
AEEMU.DLL : 8.1.0.9 393588 Bytes 10/9/2008 13:32:40
AECORE.DLL : 8.1.6.9 176500 Bytes 4/28/2009 10:59:25
AEBB.DLL : 8.1.0.3 53618 Bytes 10/9/2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:59
AVPREF.DLL : 9.0.0.1 43777 Bytes 12/5/2008 09:32:15
AVREP.DLL : 8.0.0.3 155905 Bytes 1/20/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 12/5/2008 09:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 3/24/2009 14:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 09:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 07:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 12/5/2008 09:32:10
RCIMAGE.DLL : 9.0.0.22 2901249 Bytes 3/11/2009 13:47:13
RCTEXT.DLL : 9.0.37.0 90369 Bytes 4/17/2009 09:04:17

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: 28. april 2009 13:01

Starting search for hidden objects.
'21223' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avmailc.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'ashMaiSv.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'SUSB.exe' - '1' Module(s) have been scanned
Module is infected -> 'C:\WINDOWS\system32\SUSB.exe'
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'ashDisp.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'avwebgrd.exe' - '1' Module(s) have been scanned
Scan process 'TUProgSt.exe' - '1' Module(s) have been scanned
Scan process 'SMAgent.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'avfwsvc.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'ashServ.exe' - '1' Module(s) have been scanned
Scan process 'aswUpdSv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
Process 'SUSB.exe' has been terminated
C:\WINDOWS\system32\SUSB.exe
[DETECTION] Is the TR/Click.Age.245760 Trojan
[NOTE] The file was moved to '4a49e299.qua'!

33 processes with 32 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).

The registry was scanned ( '48' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Documents and Settings\Administrator\Desktop\fixo.exe
[0] Archive type: RAR SFX (self extracting)
--> 32788R22FWJFW\psexec.cfexe
[1] Archive type: RSRC
--> Object
[DETECTION] Contains recognition pattern of the APPL/PsExec.E application
C:\Program Files\Chicken Invaders 1,2,3,4 Collection\Chicken Invaders 4.rar
[0] Archive type: RAR
--> Chicken Invaders 4\MOORHUHN.EXE
[DETECTION] Contains recognition pattern of the GAME/Moorhuhn game
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP105\A0022182.exe
[DETECTION] Is the TR/Click.Age.245760 Trojan
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP105\A0022424.exe
[0] Archive type: RAR SFX (self extracting)
--> 32788R22FWJFW\psexec.cfexe
[1] Archive type: RSRC
--> Object
[DETECTION] Contains recognition pattern of the APPL/PsExec.E application
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP106\A0022501.EXE
[DETECTION] Contains recognition pattern of the APPL/PsExec.E application
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP106\snapshot\MFEX-1.DAT
[DETECTION] Is the TR/Click.Age.245760 Trojan
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP107\A0022596.exe
[DETECTION] Is the TR/Click.Age.245760 Trojan
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP107\snapshot\MFEX-1.DAT
[DETECTION] Is the TR/Click.Age.245760 Trojan
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP108\A0022770.exe
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP112\A0024017.exe
[0] Archive type: RAR SFX (self extracting)
--> 32788R22FWJFW\psexec.cfexe
[1] Archive type: RSRC
--> Object
[DETECTION] Contains recognition pattern of the APPL/PsExec.E application
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP113\A0024162.exe
[0] Archive type: RAR SFX (self extracting)
--> 32788R22FWJFW\psexec.cfexe
[1] Archive type: RSRC
--> Object
[DETECTION] Contains recognition pattern of the APPL/PsExec.E application
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP115\A0025420.exe
[DETECTION] Is the TR/Click.Age.245760 Trojan

Beginning disinfection:
C:\Documents and Settings\Administrator\Desktop\fixo.exe
[NOTE] The file was moved to '4a6ee6b6.qua'!
C:\Program Files\Chicken Invaders 1,2,3,4 Collection\Chicken Invaders 4.rar
[NOTE] The file was moved to '4a5fe6b5.qua'!
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP105\A0022182.exe
[DETECTION] Is the TR/Click.Age.245760 Trojan
[NOTE] The file was moved to '4a26e67d.qua'!
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP105\A0022424.exe
[NOTE] The file was moved to '4a26e67e.qua'!
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP106\A0022501.EXE
[DETECTION] Contains recognition pattern of the APPL/PsExec.E application
[NOTE] The file was moved to '4b78110f.qua'!
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP106\snapshot\MFEX-1.DAT
[DETECTION] Is the TR/Click.Age.245760 Trojan
[NOTE] The file was moved to '4a3be694.qua'!
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP107\A0022596.exe
[DETECTION] Is the TR/Click.Age.245760 Trojan
[NOTE] The file was moved to '4b4b915f.qua'!
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP107\snapshot\MFEX-1.DAT
[DETECTION] Is the TR/Click.Age.245760 Trojan
[NOTE] The file was moved to '4b5789cd.qua'!
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP108\A0022770.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '49220947.qua'!
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP112\A0024017.exe
[NOTE] The file was moved to '4923117f.qua'!
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP113\A0024162.exe
[NOTE] The file was moved to '4a26e67f.qua'!
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP115\A0025420.exe
[DETECTION] Is the TR/Click.Age.245760 Trojan
[NOTE] The file was moved to '492ee010.qua'!


End of the scan: 28. april 2009 13:19
Used time: 17:52 Minute(s)

The scan has been done completely.

2549 Scanned directories
123760 Files were scanned
14 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
13 Files were moved to quarantine
0 Files were renamed
1 Files cannot be scanned
123745 Files not concerned
700 Archives were scanned
1 Warnings
14 Notes
21223 Objects were scanned with rootkit scan
0 Hidden objects were found

ovo je prvi put kad sam instalirala aviru.

Dopuna: 01 Maj 2009 9:51

Premium Security Suite
Report file date: 29. april 2009 15:58

Scanning for 1370884 virus strains and unwanted programs.

Licensee :
Serial number : 1104489235-ISECE-0001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : MEDIAMARKET

Version information:
BUILD.DAT : 9.0.0.367 29020 Bytes 4/20/2009 11:35:00
AVSCAN.EXE : 9.0.3.5 466689 Bytes 4/17/2009 07:57:30
AVSCAN.DLL : 9.0.3.0 40705 Bytes 2/27/2009 09:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 10:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 2/27/2009 09:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 11:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 2/11/2009 19:33:26
ANTIVIR2.VDF : 7.1.3.63 1588224 Bytes 4/16/2009 10:59:22
ANTIVIR3.VDF : 7.1.3.129 226304 Bytes 4/29/2009 13:46:36
Engineversion : 8.2.0.156
AEVDF.DLL : 8.1.1.0 106868 Bytes 1/27/2009 16:36:42
AESCRIPT.DLL : 8.1.1.77 381306 Bytes 4/28/2009 10:59:38
AESCN.DLL : 8.1.1.10 127348 Bytes 4/28/2009 10:59:37
AERDL.DLL : 8.1.1.3 438645 Bytes 10/29/2008 17:24:41
AEPACK.DLL : 8.1.3.14 397685 Bytes 4/28/2009 10:59:36
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 2/26/2009 19:01:56
AEHEUR.DLL : 8.1.0.122 1737080 Bytes 4/28/2009 10:59:34
AEHELP.DLL : 8.1.2.2 119158 Bytes 2/26/2009 19:01:56
AEGEN.DLL : 8.1.1.39 348532 Bytes 4/28/2009 10:59:26
AEEMU.DLL : 8.1.0.9 393588 Bytes 10/9/2008 13:32:40
AECORE.DLL : 8.1.6.9 176500 Bytes 4/28/2009 10:59:25
AEBB.DLL : 8.1.0.3 53618 Bytes 10/9/2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:59
AVPREF.DLL : 9.0.0.1 43777 Bytes 12/5/2008 09:32:15
AVREP.DLL : 8.0.0.3 155905 Bytes 1/20/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 12/5/2008 09:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 3/24/2009 14:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 09:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 07:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 12/5/2008 09:32:10
RCIMAGE.DLL : 9.0.0.22 2901249 Bytes 3/11/2009 13:47:13
RCTEXT.DLL : 9.0.37.0 90369 Bytes 4/17/2009 09:04:17

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: 29. april 2009 15:58

Starting search for hidden objects.
'21290' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avnotify.exe' - '1' Module(s) have been scanned
Scan process 'avnotify.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'vk_watchop.exe' - '1' Module(s) have been scanned
Scan process 'wlcomm.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'avwebgrd.exe' - '1' Module(s) have been scanned
Scan process 'avmailc.exe' - '1' Module(s) have been scanned
Scan process 'vk_service.exe' - '1' Module(s) have been scanned
Scan process 'TUProgSt.exe' - '1' Module(s) have been scanned
Scan process 'SMAgent.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'avfwsvc.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'VirusKeeper.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
32 processes with 32 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '48' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP115\A0025421.exe
[0] Archive type: RAR SFX (self extracting)
--> 32788R22FWJFW\psexec.cfexe
[1] Archive type: RSRC
--> Object
[DETECTION] Contains recognition pattern of the APPL/PsExec.E application
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP116\A0025666.exe
[DETECTION] Is the TR/Trash.Gen Trojan

Beginning disinfection:
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP115\A0025421.exe
[NOTE] The file was moved to '4a286103.qua'!
C:\System Volume Information\_restore{8B27E316-6429-4FEC-A757-B1AE8226A1FC}\RP116\A0025666.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4b438c0c.qua'!


End of the scan: 29. april 2009 16:14
Used time: 15:36 Minute(s)

The scan has been done completely.

2534 Scanned directories
123877 Files were scanned
2 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
2 Files were moved to quarantine
0 Files were renamed
1 Files cannot be scanned
123874 Files not concerned
717 Archives were scanned
1 Warnings
3 Notes
21290 Objects were scanned with rootkit scan
0 Hidden objects were found

evo naredni dan

Dopuna: 01 Maj 2009 9:54

ima još jedan od juče ako treba i njega stavim.

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Da, postavi taj zadnji.

offline
  • Pridružio: 30 Apr 2009
  • Poruke: 18

Premium Security Suite
Report file date: 30. april 2009 20:50

Scanning for 1373000 virus strains and unwanted programs.

Licensee :
Serial number : 1104489235-ISECE-0001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : MEDIAMARKET

Version information:
BUILD.DAT : 9.0.0.367 29020 Bytes 4/20/2009 11:35:00
AVSCAN.EXE : 9.0.3.5 466689 Bytes 4/17/2009 07:57:30
AVSCAN.DLL : 9.0.3.0 40705 Bytes 2/27/2009 09:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 10:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 2/27/2009 09:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 10/27/2008 11:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 2/11/2009 19:33:26
ANTIVIR2.VDF : 7.1.3.137 1810944 Bytes 4/30/2009 14:02:56
ANTIVIR3.VDF : 7.1.3.139 8704 Bytes 4/30/2009 16:00:20
Engineversion : 8.2.0.160
AEVDF.DLL : 8.1.1.1 106868 Bytes 4/30/2009 16:00:22
AESCRIPT.DLL : 8.1.1.79 385403 Bytes 4/30/2009 16:00:20
AESCN.DLL : 8.1.1.10 127348 Bytes 4/28/2009 10:59:37
AERDL.DLL : 8.1.1.3 438645 Bytes 10/29/2008 17:24:41
AEPACK.DLL : 8.1.3.14 397685 Bytes 4/28/2009 10:59:36
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 2/26/2009 19:01:56
AEHEUR.DLL : 8.1.0.122 1737080 Bytes 4/28/2009 10:59:34
AEHELP.DLL : 8.1.2.2 119158 Bytes 2/26/2009 19:01:56
AEGEN.DLL : 8.1.1.39 348532 Bytes 4/28/2009 10:59:26
AEEMU.DLL : 8.1.0.9 393588 Bytes 10/9/2008 13:32:40
AECORE.DLL : 8.1.6.9 176500 Bytes 4/28/2009 10:59:25
AEBB.DLL : 8.1.0.3 53618 Bytes 10/9/2008 13:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 07:47:59
AVPREF.DLL : 9.0.0.1 43777 Bytes 12/5/2008 09:32:15
AVREP.DLL : 8.0.0.3 155905 Bytes 1/20/2009 13:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 12/5/2008 09:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 3/24/2009 14:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 09:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 14:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 07:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 12/5/2008 09:32:10
RCIMAGE.DLL : 9.0.0.22 2901249 Bytes 3/11/2009 13:47:13
RCTEXT.DLL : 9.0.37.0 90369 Bytes 4/17/2009 09:04:17

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: 30. april 2009 20:50

Starting search for hidden objects.
An ARK library instance is already running.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'vk_watchop.exe' - '1' Module(s) have been scanned
Scan process 'wlcomm.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'avwebgrd.exe' - '1' Module(s) have been scanned
Scan process 'avmailc.exe' - '1' Module(s) have been scanned
Scan process 'vk_service.exe' - '1' Module(s) have been scanned
Scan process 'TUProgSt.exe' - '1' Module(s) have been scanned
Scan process 'SMAgent.exe' - '1' Module(s) have been scanned
Scan process 'MDM.EXE' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'avfwsvc.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'VirusKeeper.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
31 processes with 31 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '48' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\RECYCLER\S-1-5-21-861567501-1715567821-839522115-500\Dc1.exe
[0] Archive type: RAR SFX (self extracting)
--> 32788R22FWJFW\psexec.cfexe
[1] Archive type: RSRC
--> Object
[DETECTION] Contains recognition pattern of the APPL/PsExec.E application

Beginning disinfection:
C:\RECYCLER\S-1-5-21-861567501-1715567821-839522115-500\Dc1.exe
[NOTE] The file was moved to '4a2af757.qua'!


End of the scan: 30. april 2009 21:07
Used time: 15:49 Minute(s)

The scan has been done completely.

2508 Scanned directories
125496 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
1 Files cannot be scanned
125494 Files not concerned
715 Archives were scanned
1 Warnings
2 Notes

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Ovako, u tvom racunaru nema malware-a, sve je cisto. To sto ti Avira stalno detektuje ponesto, to je zato sto je tako podesena (agresivno) da detektuje sve.

Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Znaci ovo je cekirano da detektuje, pa onda za posledicu imas da ti je naprimer detektovana igra Moorhuhn sto mozes da vidis u logu.
U svakom slucaju situacija je cista, ostaje samo da deinstaliras combofix


Deinstalacija ComboFix-a:
Klikni START a zatim RUN.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

Combofix /u



a zatim klikni OK.

Sačekaj da se proces deinstalacije završi.

offline
  • Pridružio: 30 Apr 2009
  • Poruke: 18

Uredu, hvala puno na pomoći. Deinstalacija završena.Nadam se da neče opet pištati kad ga upalim (sinoć ga nisam smjela ugasiti).
Hvala.

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24130
  • Gde živiš: Wien

Pistanje neje prouzrokovano virusima.
Pistanje je obicno posledica kvara na samoj elektronici.
Objasni od prilike kako je zvucalo to pistanje, da bih znao u koji forum da te uputim da se obratis za pomoc.

Da li je to bio zvuk kao neki biper (kao recimo elektronski budilnik) ili je to neko zujanje.
Bipovi su signali koje komp daje, i oni su obicno sa pauzama. Treba izbrojati koliko je bilo tih bipova i da li je neki bio duzi ili kraci. To su kodovi gresaka. Recimo, moze da bude tri duga bipa i jedan kratak (ovo je samo primer).

Ukoliko nisu bipovi, vec se zuje konstantno zujanje, onda je najverovatnije crkao lezaj na nekom od ventilatora i taj ventilator treba u dogledno vreme zameniti pre nego sto se skroz pokvari.

Ko je trenutno na forumu
 

Ukupno su 892 korisnika na forumu :: 25 registrovanih, 3 sakrivenih i 864 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 1798 - dana 19 Sep 2019 18:42

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., aleksmajstor, aposoulyptic, Blue, bulovic, cole77, cvrle312, DENA2, Djole, faxovi, indja2, ivan979, krunc, Metanoja, Mihajlo2, mihajlot2013, Milos1977, nikoladgajic, Recce, shmele, suton, Trpe Grozni, vasa.93, VJ, wizzardone