MyCity » Ambulanta -> Arhiva Ambulante » pomoć

pomoć

Napisano na dan: 28.11.2007

Strana:
1
2

pomoć

Sledeća strana

Pagination

Odgovori

Strana:
1
2

trajand Poslao: 28 Nov 2007 21:54 Idi na vrh
offline trajand Građanin Pridružio: 14 Feb 2007 Poruke: 62	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Komp mi je totalno usporio a kada sam ga skenirao sa avastom i obrisao inficirane fajlove od tada radi još gore.sada kada podigne sistem,pojave se ikonice pa nestanu i tako dva tri puta a zatm se totalno izgube i nema ih.kada ga prebacim na safe mode izbacuje mi sledeću poruku"WINDOWS-NO DISC" i "exception processing message C0000013 parameters 75b6bf9C 4 75b6bf9C 75b6bf9C.tako dva tri puta(ikonice se pojavljuju i nestaju) i onda ih opet nema i nema.kada za tih par sekundi kliknem na neki program on ga otvori i samo taj program radi normalno.pomoććć Dopuna: 28 Nov 2007 21:28 Znam da trebam da pošaljem log sa hjack ali neznam da li ću uspeti. Dopuna: 28 Nov 2007 21:54 evo ga i log:Logfile of HijackThis v1.99.1 Scan saved at 21:50:47, on 27.11.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe I:\hjd.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file) O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: (no name) - {141A1BA4-137F-4F85-A6F3-3F74E63FC452} - C:\WINDOWS\system32\geedc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: {3de1900c-8947-5e4a-1144-69a8ac64e279} - {972e46ca-8a96-4411-a4e5-7498c0091ed3} - C:\WINDOWS\system32\occeunbb.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [VirtualDrive] C:\Program Files\FarStone\VirtualDrive\vdtask.exe /AutoRestore O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Advanced WindowsCare V2 Personal] "C:\Program Files\IObit\Advanced WindowsCare V2\Awcl.exe" /startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Free Download Manager] "C:\Program Files\Free Download Manager\fdm.exe" -autorun O4 - HKCU\..\Run: [Free Upload Manager] "C:\Program Files\Free Download Manager\fum\fum.exe" -autorun O4 - HKCU\..\Run: [Free Uploader Oe Integration] C:\Program Files\Free Download Manager\FUM\fumoei.exe O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\ICQ\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: &Search - edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxmk142YYYU O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Preuzmi odabrano Free Download Manager-om - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Preuzmi sa Free Download Managerom - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Preuzmi sve sa Free Download Manager-om - file://C:\Program Files\Free Download Manager\dlall.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - ak.exe.imgfarm.com/images/nocache/funwebpro.....0.15-3.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{61C1C48F-1B3C-4575-8D48-A87F7A00F88D}: NameServer = 10.10.2.69,10.10.2.79 O17 - HKLM\System\CCS\Services\Tcpip\..\{FECBF21B-C7AD-4BCD-866B-F716C5D5D65F}: NameServer = 10.10.2.69,10.10.2.79 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: ptjpfddl - ptjpfddl.dll (file missing) O20 - Winlogon Notify: tuvwxya - tuvwxya.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVP Control Centre Service (AVPCC) - Kaspersky Labs. - D:\Srki\kasperski\avpcc.exe O23 - Service: KAV Monitor Service (KAVMonitorService) - Kaspersky Labs. - D:\Srki\kasperski\avpm.exe O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Profil

bobby Poslao: 28 Nov 2007 22:06 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Prvo deinstaliraj jedan antivirus. Nema teorije da dva real-time antivirusa rade u isto vreme bez da se kolju. Skini ComboFix sa jedne od sledecih adresa: http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log koji ces nam ovde iskopirati.

Profil

trajand Poslao: 28 Nov 2007 22:53 Idi na vrh
offline trajand Građanin Pridružio: 14 Feb 2007 Poruke: 62	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 07-11-19.4C - Srki 2007-11-27 22:23:27.1 - NTFSx86 MINIMAL Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.126 [GMT 1:00] Running from: I:\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\All Users\Start Menu\Live Safety Center.lnk C:\Documents and Settings\Srki\Favorites\Online Security Guide.lnk C:\Documents and Settings\Srki\ravmonlog C:\Program Files\internet explorer\msimg32.dll C:\WINDOWS\system32\cdeeg.ini C:\WINDOWS\system32\cdeeg.ini2 C:\WINDOWS\system32\drivers\sfsync02.sys C:\WINDOWS\system32\f3PSSavr.scr C:\WINDOWS\system32\geedc.dll C:\WINDOWS\system32\ptjpfddl.dllbox C:\WINDOWS\system32\yttfnowl.dllbox . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_SFSYNC02 -------\sfsync02 ((((((((((((((((((((((((( Files Created from 2007-10-27 to 2007-11-27 ))))))))))))))))))))))))))))))) . 2007-11-27 14:38 <DIR> d-------- C:\Program Files\IObit 2007-11-27 14:16 <DIR> d-------- C:\Program Files\SpywareBlaster 2007-11-27 14:14 145,984 --a------ C:\WINDOWS\system32\plwanjey.dll 2007-11-27 13:59 <DIR> d-------- C:\Program Files\Lavasoft 2007-11-27 13:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2007-11-26 20:20 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2007-11-26 20:20 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2007-11-26 20:19 <DIR> d-------- C:\Program Files\Alwil Software 2007-11-26 15:33 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared 2007-11-26 15:33 <DIR> d-------- C:\Documents and Settings\Srki\Application Data\Symantec 2007-11-26 15:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Symantec 2007-11-26 11:48 78,912 --a------ C:\WINDOWS\system32\occeunbb.dll 2007-11-26 11:40 145,984 --ah----- C:\WINDOWS\system32\yttfnowl.dll 2007-11-26 11:40 145,984 --a------ C:\WINDOWS\system32\rkqayjte.dll 2007-11-25 19:46 <DIR> d-------- C:\Program Files\vanBasco's Karaoke Player 2007-11-25 15:30 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2007-11-25 15:29 37,376 --a------ C:\WINDOWS\system32\xxyabca.dll 2007-11-21 18:09 <DIR> d-------- C:\XTCS Counter-Strike 1.6 Final Release 2007-11-20 15:59 <DIR> d-------- C:\Program Files\Free Download Manager 2007-11-20 15:59 <DIR> d-------- C:\Documents and Settings\Srki\Application Data\Free Download Manager 2007-11-20 15:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG 2007-11-20 15:42 <DIR> d-------- C:\Program Files\YouTube Downloader . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-11-27 12:58 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2007-11-27 12:57 --------- d-----w C:\Program Files\MSN Messenger 2007-11-26 22:21 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-11-26 22:08 --------- d-----w C:\Program Files\Add Remove Pro 2007-11-26 20:38 --------- d-----w C:\Program Files\Winamp 2007-11-21 12:31 --------- d-----w C:\Program Files\Lx_cats 2007-11-14 15:59 --------- d-----w C:\Documents and Settings\Srki\Application Data\LimeWire 2007-11-12 11:30 --------- d-----w C:\Program Files\mIRC 2007-10-25 17:05 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys 2007-10-25 17:03 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys 2007-10-25 17:01 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys 2007-10-05 14:35 --------- d-----w C:\Documents and Settings\Srki\Application Data\mIRC 2007-09-30 18:34 --------- d-----w C:\Documents and Settings\Srki\Application Data\Skype 2007-09-30 18:10 --------- d-----w C:\Program Files\iolo 2007-09-28 09:24 --------- d-----w C:\Documents and Settings\Srki\Application Data\Ahead 2007-09-28 09:23 --------- d-----w C:\Program Files\Common Files\Ahead 2007-09-28 09:21 --------- d-----w C:\Program Files\Nero 2007-09-28 09:10 --------- d-----w C:\Program Files\CyberLink 2007-09-28 09:09 --------- d-----w C:\Documents and Settings\Srki\Application Data\InterVideo 2007-09-28 09:08 --------- d-----w C:\Program Files\InterVideo 2007-09-28 09:02 --------- d-----w C:\Program Files\K-Lite Codec Pack 2007-09-28 08:49 14,423,840 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat 2007-09-27 11:05 731,936 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat 2007-09-27 11:05 70,712 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx 2007-09-27 11:05 197,360 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2007-09-14 15:43 512 ----a-w C:\ScanSectorLog.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{972e46ca-8a96-4411-a4e5-7498c0091ed3}] 2007-11-26 11:48 78912 --a------ C:\WINDOWS\system32\occeunbb.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24] "Free Download Manager"="C:\Program Files\Free Download Manager\fdm.exe" [2007-11-20 20:18] "Free Upload Manager"="C:\Program Files\Free Download Manager\fum\fum.exe" [2007-07-29 19:13] "Free Uploader Oe Integration"="C:\Program Files\Free Download Manager\FUM\fumoei.exe" [2007-06-10 18:02] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2006-11-17 04:42 C:\WINDOWS\soundman.exe] "VirtualDrive"="C:\Program Files\FarStone\VirtualDrive\vdtask.exe" [2004-01-27 18:12] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 03:00] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-10-25 17:20] "Advanced WindowsCare V2 Personal"="C:\Program Files\IObit\Advanced WindowsCare V2\Awcl.exe" [2007-09-19 21:33] "NvCplDaemon"="RUNDLL32.exe" [2004-08-03 23:56 C:\WINDOWS\system32\rundll32.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:56] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveSearch"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ptjpfddl] ptjpfddl.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tuvwxya] tuvwxya.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 C:\WINDOWS\system32\geedc.dll [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk backup=C:\WINDOWS\pss\InterVideo WinCinema Manager.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Srki^Start Menu^Programs^Startup^The Matrix_ Path of Neo Registration.lnk] path=C:\Documents and Settings\Srki\Start Menu\Programs\Startup\The Matrix_ Path of Neo Registration.lnk backup=C:\WINDOWS\pss\The Matrix_ Path of Neo Registration.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Srki^Start Menu^Programs^Startup^Y'z ToolBar.lnk] path=C:\Documents and Settings\Srki\Start Menu\Programs\Startup\Y'z ToolBar.lnk backup=C:\WINDOWS\pss\Y'z ToolBar.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2006-10-09 10:28 139264 --a------ C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe -lang 1033 [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe /background [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2006-01-12 15:40 155648 --a------ C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\sXe Injected] C:\Program Files\sXe Injected\sXe Injected.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] C:\Program Files\Winamp\winampa.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys R2 AVPCC;AVP Control Centre Service;D:\Srki\kasperski\avpcc.exe /service R2 KAVMonitorService;KAV Monitor Service;D:\Srki\kasperski\avpm.exe /service R3 FVDSCSI;FVDSCSI;C:\WINDOWS\system32\DRIVERS\fvdscsi.sys S1 tvtool;tvtool;\??\C:\Program Files\TVTool 9.5\tvtool.sys S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys S3 usnjsvc;Usluga Messenger Sharing Folders USN Journal Reader;"C:\Program Files\MSN Messenger\usnsvc.exe" . ************************************************************************ catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2007-11-27 22:28:50 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ************************************************************************ . Completion time: 2007-11-27 22:32:41 - machine was rebooted . --- E O F --- vratile su se ikonice. Dopuna: 28 Nov 2007 22:53 onaj AVG nemogu da deinstaliram jer ga nema nigde.

Profil

bobby Poslao: 28 Nov 2007 22:56 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ja vidim da imas Avast i Kaspersky. Racunar je jos inficiran, i to poprilicno, ali ja moram na spavanjac zbog ranog ustajanja. Mozemo da nastavimo sutra, bicu za kompom od oko 17:30 pa nadalje.

Profil

trajand Poslao: 29 Nov 2007 17:29 Idi na vrh
offline trajand Građanin Pridružio: 14 Feb 2007 Poruke: 62	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! važi.hvala Dopuna: 29 Nov 2007 15:59 Sta dalje da uradim? Dopuna: 29 Nov 2007 17:18 deinstalirao sam KAV Dopuna: 29 Nov 2007 17:29 Logfile of HijackThis v1.99.1 Scan saved at 17:34:08, on 28.11.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\FarStone\VirtualDrive\vdtask.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\IObit\Advanced WindowsCare V2\Awcl.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Mozilla Firefox\firefox.exe I:\hjd.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {972e46ca-8a96-4411-a4e5-7498c0091ed3} - C:\WINDOWS\system32\occeunbb.dll O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [VirtualDrive] C:\Program Files\FarStone\VirtualDrive\vdtask.exe /AutoRestore O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [Advanced WindowsCare V2 Personal] "C:\Program Files\IObit\Advanced WindowsCare V2\Awcl.exe" /startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O8 - Extra context menu item: &ICQ Toolbar Search - res://D:\ICQ\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: &Search - edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxmk142YYYU O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - ak.exe.imgfarm.com/images/nocache/funwebpro.....0.15-3.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{61C1C48F-1B3C-4575-8D48-A87F7A00F88D}: NameServer = 10.10.2.69,10.10.2.79 O17 - HKLM\System\CCS\Services\Tcpip\..\{FECBF21B-C7AD-4BCD-866B-F716C5D5D65F}: NameServer = 10.10.2.69,10.10.2.79 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: ptjpfddl - ptjpfddl.dll (file missing) O20 - Winlogon Notify: tuvwxya - tuvwxya.dll (file missing) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Profil

bobby Poslao: 29 Nov 2007 17:36 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Stigoh s posla. Evo odmah pocinjem sa pripremom uputstva. Za nekih 10 minuta ces dobiti zanimaciju

Profil

trajand Poslao: 29 Nov 2007 18:15 Idi na vrh
offline trajand Građanin Pridružio: 14 Feb 2007 Poruke: 62	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! da te cekam?

Profil

bobby Poslao: 29 Nov 2007 18:25 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `File:: C:\WINDOWS\system32\plwanjey.dll C:\WINDOWS\system32\occeunbb.dll C:\WINDOWS\system32\yttfnowl.dll C:\WINDOWS\system32\rkqayjte.dll C:\WINDOWS\system32\xxyabca.dll` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravaljen na kraju ciscenja/skeniranja, kao i svez HijackThis log. Sorry sto nisam uspeo da odrzim obecanje da cu da se javim za 10 minuta... Dopuna: 29 Nov 2007 18:25 trajand ::da te cekam? Verovao ili ne, procitao sam preko 20 stranica na 3 foruma, da bih video sta mi je ciniti u vezi ovog tvog problema.

Profil

trajand Poslao: 29 Nov 2007 18:30 Idi na vrh
offline trajand Građanin Pridružio: 14 Feb 2007 Poruke: 62	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! nisam najbolje razumeo.odkle da iskopiram text?

Profil

bobby Poslao: 29 Nov 2007 18:43 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Onaj uokvireni tekst iz moje prethodne poruke - iskopiraj ga u Notepad, u prazan fajl koji ces nakon toga snimiti kao CFScript.txt (ovo "txt" ce Notepad sam dodati).

Profil

MyCity » Ambulanta -> Arhiva Ambulante » pomoć

Ko je trenutno na forumu

Ukupno su 1170 korisnika na forumu :: 39 registrovanih, 6 sakrivenih i 1125 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., Andrija357, Apok, cavatina, cenejac111, Dannyboy, Dimitrise93, Djokislav, DragoslavS, dushan, FOX, Hamannche, Karla, Krvava Devetka, kubura91, madza, minmatar34957, miodrag, mnn2, nebkv, nemkea71, opt1, Oscar2, Panter, panzerwaffe, procesor, S1Mk3, Sirius, sovanova95, Srle993, StepskiVuk, suton, Vladko, ZetaMan, zlaya011, |_MeD_|, žeks62, 125, 79693

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by