MyCity » Ambulanta -> Arhiva Ambulante » zaraza

zaraza

Napisano na dan: 22.11.2009

zaraza
Sledeća strana Pagination

Idi na vrh

Poslao: 22 Nov 2009 16:16
Idi na vrh
offline
  • Pridružio: 19 Maj 2007
  • Poruke: 31

Imam problema sa misom kliknem jednom on softwerski klikne dvaput, nije do hardvera i mikroprekidaca. Zatim BS Player mi nesto pobenavio menja skinse, nece da mi prihvati registraciju, tj. prihvata registraciju , ali opet je trazi, i ime i sifra su ispravni. Dalje nemogu da pristupim text service and input languages (srpski itd). sve u svemu windows mi neradi kako treba, verovatno neki virus?Pa ima jedno 20-tak dana kako imam problem, ako ne vise. Pa problem sam pokusao da resim skeniranjem sa: a-squared, spybootom, ad-awareom, nod32 ali mi neuspeva.ADSL 1mb/s.

DDS (Ver_09-10-26.01) - NTFSx86
Run by alukard at 15:02:52.29 on Sun 11/22/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.1123 [GMT 1:00]

FW: ZoneAlarm Pro Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\alukard\Desktop\dds.scr

============== Pseudo HJT Report ===============

uInternet Connection Wizard,ShellNext = hxxp://www.google.com/support/chrome/bin/request.py?hl=en-US&contact_type=uninstall&crversion=3.0.195.32&os=5.1.2600
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
uRun: [Uniblue Registry Booster] c:\program files\uniblue\registry booster\RegistryBooster.exe /S
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dslmon.lnk - c:\program files\sagem\sagem f@st 800-840\dslmon.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
TCP: {C85B1A3D-2099-4614-B0B1-4F0E1AB604C2} = 194.106.162.10 194.106.162.3
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\alukard\applic~1\mozilla\firefox\profiles\7xx8gais.default\
FF - prefs.js: browser.startup.homepage - google.rs

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-9-21 64288]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007-4-23 82200]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-9-24 1184912]
R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [2009-11-10 104344]
S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [2009-11-10 69656]

=============== Created Last 30 ================

2009-11-15 03:12:00 550 ---ha-w- C:\aaw7boot.cmd
2009-11-14 16:31:51 552 ----a-w- c:\windows\system32\d3d8caps.dat
2009-11-14 15:43:17 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2009-11-14 15:43:17 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-11-10 09:29:56 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-11-10 08:37:36 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-10 08:24:56 0 dc-h--w- c:\docume~1\alluse~1\applic~1\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-11-10 07:40:59 81088 ----a-w- c:\windows\system32\drivers\rtbldep4.bnm
2009-11-07 17:38:34 0 d-----w- c:\program files\YouTube Downloader
2009-11-05 20:29:53 0 d-----w- c:\windows\system32\LogFiles
2009-11-05 15:07:45 990 ----a-w- c:\windows\adiras.ini
2009-11-05 15:06:58 0 d-----w- c:\program files\SAGEM
2009-11-01 13:30:45 0 d-----w- c:\program files\Ontrack
2009-10-31 22:14:32 0 d-----w- c:\docume~1\alluse~1\applic~1\F-Secure
2009-10-29 21:49:57 0 d-----w- c:\program files\NetLimiter 2 Pro
2009-10-23 19:02:22 398416 ----a-w- c:\windows\system32\Vbrun300.dll
2009-10-23 19:02:21 64432 ----a-w- c:\windows\system32\THREED.VBX
2009-10-23 19:01:41 299520 ----a-w- c:\windows\uninst.exe

==================== Find3M ====================

2009-11-10 07:41:44 32 ----a-w- c:\windows\system32\drivers\adidsl.cfg
2009-11-09 12:36:00 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2009-10-17 15:24:21 68096 ----a-w- c:\windows\ScUnin.exe
2009-09-29 18:44:49 0 ----a-w- c:\program files\SiSoftware
2009-09-03 21:05:59 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-08-06 20:58:07 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012009080620090807\index.dat
2009-08-09 15:34:55 32768 --sha-w- c:\windows\temp\history\history.ie5\mshist012009080920090810\index.dat
2009-08-20 18:08:38 32768 --sha-w- c:\windows\temp\history\history.ie5\mshist012009082020090821\index.dat

============= FINISH: 15:03:16.31 ===============

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

Poslao: 22 Nov 2009 16:22
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Zdravo,

a jel su nesto pokazali ti programi kojima si skenirao? Da li su nasli nesto sumnjivo?

Poslao: 22 Nov 2009 16:41
Idi na vrh
offline
  • Pridružio: 19 Maj 2007
  • Poruke: 31

Prvi put se susrecem sa ovim programima, nisam primetio verovato bih dobio obavestenje, ali nisam primetio. Resio sam da skinem norton najnoviji da probam sa njim da pregazim... lako cu ga deinstalirati ako nije ok, vidim da su neki skepticni u njegov rad tj. da trosi resurse.

Poslao: 22 Nov 2009 17:23
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Izvrsicemo jos jednu proveru:

Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.



Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix.
U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE:
klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.

Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Poslao: 22 Nov 2009 18:27
Idi na vrh
offline
  • Pridružio: 19 Maj 2007
  • Poruke: 31

Napisano: 22 Nov 2009 18:26

ComboFix 09-11-21.03 - alukard 11/22/2009 18:15.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1918.1537 [GMT 1:00]
Running from: c:\documents and settings\alukard\Desktop\ComboFix.exe
FW: ZoneAlarm Pro Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.

((((((((((((((((((((((((( Files Created from 2009-10-22 to 2009-11-22 )))))))))))))))))))))))))))))))
.

2009-11-22 15:05 . 2009-11-22 15:05 -------- d-----w- c:\documents and settings\alukard\Application Data\BSplayer PRO
2009-11-18 20:04 . 2009-11-18 20:04 -------- d-----w- c:\documents and settings\alukard\Local Settings\Application Data\Identities
2009-11-14 16:31 . 2009-11-14 16:31 552 ----a-w- c:\windows\system32\d3d8caps.dat
2009-11-14 15:43 . 2003-03-18 20:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-11-14 15:43 . 2003-03-18 19:14 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2009-11-14 15:43 . 2009-11-14 15:43 -------- d-----w- c:\program files\Alwil Software
2009-11-10 09:29 . 2009-11-10 08:37 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-11-10 08:40 . 2009-11-10 08:40 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-11-10 08:37 . 2009-11-10 08:37 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-10 08:37 . 2009-11-10 08:37 93360 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\SBREDrv.sys
2009-11-10 08:37 . 2009-11-10 08:37 554280 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\sbap.dll
2009-11-10 08:37 . 2009-11-20 08:38 537576 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\aawapi.dll
2009-11-10 08:37 . 2009-11-10 08:37 212480 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\VipreBridge.dll
2009-11-10 08:37 . 2009-11-10 08:37 283944 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Vipre.dll
2009-11-10 08:37 . 2009-11-10 08:37 1223976 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\SBTE.dll
2009-11-10 08:37 . 2009-11-10 08:37 242984 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\SBRE.dll
2009-11-10 08:31 . 2009-11-14 17:11 -------- d-----w- c:\documents and settings\alukard\Local Settings\Application Data\Google
2009-11-10 08:31 . 2009-11-10 08:31 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-11-10 08:24 . 2009-11-14 20:09 -------- d-----w- c:\program files\Google
2009-11-10 08:24 . 2009-11-10 08:24 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-11-10 08:24 . 2009-10-03 08:15 2924848 -c--a-w- c:\documents and settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
2009-11-10 07:41 . 2007-02-13 15:20 253008 ----a-w- c:\windows\adirasx64.exe
2009-11-10 07:41 . 2007-02-13 15:19 194128 ----a-w- c:\windows\adiras.exe
2009-11-10 07:41 . 2001-07-27 11:25 127456 ----a-w- c:\windows\system32\IPDETECT.EXE
2009-11-10 07:41 . 2007-02-07 15:51 169496 ----a-w- c:\windows\system32\drivers\adiusbawx64.sys
2009-11-10 07:41 . 2007-01-04 12:48 104344 ----a-w- c:\windows\system32\drivers\e4usbaw.sys
2009-11-10 07:41 . 2007-01-04 12:46 146968 ----a-w- c:\windows\system32\drivers\e4usbawx64.sys
2009-11-10 07:41 . 2002-05-09 14:12 155648 ----a-w- c:\windows\system32\adadix32.dll
2009-11-10 07:41 . 2007-02-07 15:50 118552 ----a-w- c:\windows\system32\drivers\adiusbaw.sys
2009-11-07 17:38 . 2009-11-07 17:38 -------- d-----w- c:\program files\YouTube Downloader
2009-11-05 20:29 . 2009-11-05 20:29 -------- d-----w- c:\windows\system32\LogFiles
2009-11-05 15:06 . 2009-11-05 15:06 -------- d-----w- c:\program files\SAGEM
2009-11-01 17:10 . 2009-11-05 22:38 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-01 17:01 . 2009-11-01 17:01 -------- d-----w- c:\documents and settings\alukard\Local Settings\Application Data\Help
2009-11-01 13:30 . 2009-11-01 17:16 -------- d-----w- c:\program files\Ontrack
2009-10-31 22:14 . 2009-10-31 22:14 -------- d-----w- c:\documents and settings\All Users\Application Data\F-Secure
2009-10-29 21:49 . 2009-10-29 21:50 -------- d-----w- c:\program files\NetLimiter 2 Pro
2009-10-23 19:02 . 1996-08-24 11:11 398416 ----a-w- c:\windows\system32\Vbrun300.dll
2009-10-23 19:01 . 1999-03-23 07:12 299520 ----a-w- c:\windows\uninst.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-22 17:05 . 2009-08-06 22:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-11-22 13:55 . 2009-08-06 23:09 -------- d-----w- c:\program files\a-squared Free
2009-11-22 13:50 . 2009-08-06 23:12 -------- d-----w- c:\documents and settings\alukard\Application Data\uTorrent
2009-11-14 16:59 . 2009-09-29 18:50 -------- d-----w- c:\documents and settings\alukard\Application Data\Registry Booster
2009-11-12 06:10 . 2009-08-06 22:46 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-10 08:37 . 2009-09-21 21:03 15880 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lsdelete.exe
2009-11-10 08:36 . 2009-09-21 21:02 5908024 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Resources.dll
2009-11-10 07:41 . 2009-11-10 07:40 32 ----a-w- c:\windows\system32\drivers\adidsl.cfg
2009-11-10 07:40 . 2009-10-14 11:49 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-10 07:40 . 2009-11-10 07:40 -------- d-----w- c:\documents and settings\alukard\Application Data\InstallShield
2009-11-09 12:36 . 2009-08-06 22:34 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2009-11-07 20:12 . 2009-08-06 22:11 -------- d-----w- c:\program files\Planplus
2009-11-01 19:41 . 2009-08-21 18:44 -------- d-----w- c:\program files\Common Files\InstallShield
2009-10-17 15:24 . 2009-10-17 15:24 967 ----a-w- c:\windows\ScUnin.pif
2009-10-17 15:24 . 2009-10-17 15:24 68096 ----a-w- c:\windows\ScUnin.exe
2009-10-14 19:40 . 2009-08-06 21:47 -------- d-----w- c:\documents and settings\alukard\Application Data\Winamp
2009-10-14 11:13 . 2009-10-14 11:13 41776 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-10-11 15:53 . 2009-10-11 15:53 -------- d-----w- c:\documents and settings\alukard\Application Data\ACD Systems
2009-09-29 18:49 . 2009-09-29 18:49 -------- d-----w- c:\program files\Uniblue
2009-09-29 18:44 . 2009-09-29 18:44 0 ----a-w- c:\program files\SiSoftware
2009-09-29 18:34 . 2009-09-29 18:34 -------- d-----w- c:\documents and settings\alukard\Application Data\Uniblue
2009-09-28 05:58 . 2009-09-28 05:58 -------- d-----w- c:\documents and settings\alukard\Application Data\Media Player Classic
2009-09-27 20:40 . 2009-09-27 20:40 -------- d-----w- c:\program files\AVG
2009-09-27 11:01 . 2009-09-27 11:01 -------- d-----w- c:\program files\ESET
2009-09-27 11:01 . 2009-09-27 11:01 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-09-23 12:55 . 2009-09-21 21:03 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-09-21 21:03 . 2009-09-21 21:03 17632 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\WSCUpdate.dll
2009-09-21 21:02 . 2009-09-21 21:02 68640 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\64\lbd.sys
2009-09-21 21:02 . 2009-09-21 21:02 525792 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\64\DIFxAPI.dll
2009-09-21 21:02 . 2009-09-21 21:02 303976 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Drivers\64\AAWDriverTool.exe
2009-09-21 21:02 . 2009-09-21 21:02 640760 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWWSC.exe
2009-09-11 19:02 . 2009-09-11 19:02 7168 ----a-w- c:\documents and settings\alukard\Application Data\Thinstall\AAA Logo 2009 Business Edition 3.0\1000000b00002i\verclsid.exe
2009-09-03 21:05 . 2009-09-03 21:05 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-09-03 20:36 . 2009-09-03 20:36 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Uniblue Registry Booster"="c:\program files\Uniblue\Registry Booster\RegistryBooster.exe" [2006-04-27 1761280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-15 981384]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-23 8466432]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2009-11-5 1205840]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [9/21/2009 10:03 PM 64288]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [4/23/2007 12:03 PM 82200]
R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [11/10/2009 8:41 AM 104344]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [9/3/2009 9:36 PM 721904]
S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [11/10/2009 8:40 AM 69656]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [9/24/2009 12:17 PM 1184912]
.
Contents of the 'Scheduled Tasks' folder

2009-11-22 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-10-01 08:38]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/support/chrome/bin/request.py?hl=en-US&contact_type=uninstall&crversion=3.0.195.32&os=5.1.2600
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
TCP: {C85B1A3D-2099-4614-B0B1-4F0E1AB604C2} = 194.106.162.10 194.106.162.3
FF - ProfilePath - c:\documents and settings\alukard\Application Data\Mozilla\Firefox\Profiles\7xx8gais.default\
FF - prefs.js: browser.startup.homepage - google.rs
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-11-22 18:18
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3992)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-11-22 18:19
ComboFix-quarantined-files.txt 2009-11-22 17:19

Pre-Run: 15,311,007,744 bytes free
Post-Run: 15,292,198,912 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 81DA177ACABCCAC9CF8B615FA5A3FED0

Dopuna: 22 Nov 2009 18:27

Sta kaze izvestaj? Ja se nesnalazim u njegovom tumacenju.

Poslao: 22 Nov 2009 20:27
Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8617
  • Gde živiš: Novi Beograd

Izvestaj kaze da nema malwera.


Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

ComboFix /Uninstall

Primeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).

Sačekaj da se proces deinstalacije završi.

MyCity » Ambulanta -> Arhiva Ambulante » zaraza

Ko je trenutno na forumu
 

Ukupno su 783 korisnika na forumu :: 5 registrovanih, 2 sakrivenih i 776 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: goxin, mgolub, MilosKop, S-lash, zziko