MyCity » Ambulanta -> Arhiva Ambulante » Problem sa Avast-om koji nemoze da izbrise virus

Problem sa Avast-om koji nemoze da izbrise virus

Napisano na dan: 28.9.2009

Strana:
1
2
3

Problem sa Avast-om koji nemoze da izbrise virus

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

ermin81 Poslao: 28 Sep 2009 22:08 Idi na vrh
offline ermin81 Novi MyCity građanin Pridružio: 28 Sep 2009 Poruke: 11 Gde živiš: Sarajevo	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: DDS (Ver_09-09-29.01) - NTFSx86 Run by ermin at 21:35:40,81 on pon 09/28/2009 Internet Explorer: 7.0.5730.11 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.242 [GMT 2:00] AV: avast! antivirus 4.8.1356 [VPS 090927-0] On-access scanning disabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\desfx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Atds.exe C:\WINDOWS\system32\B7JH7Z9OUD\F001.exe "C:\WINDOWS\system32\svchost.exe" 63683 C:\WINDOWS\System32\svchost.exe -k homelisten C:\Program Files\Dell\OpenManage\Client\Iap.exe C:\WINDOWS\nhg.exe C:\WINDOWS\desfx.exe C:\WINDOWS\Atds.exe C:\WINDOWS\nhg.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\desfx.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\ermin\Desktop\dds.scr ============== Pseudo HJT Report =============== uInternet Connection Wizard,ShellNext = hxxp://ok3.114graph.com/msn/163.htm BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL TCP: {6CAB2D5E-81F6-4A23-BA28-2E29DE6253DE} = 77.238.208.3 77.238.208.4 SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\ermin\applic~1\mozilla\firefox\profiles\t8akazwe.default\ FF - plugin: c:\program files\google\google updater\2.4.1636.7222\npCIDetect13.dll ============= SERVICES / DRIVERS =============== R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-9-27 114768] R2 afex;faday;c:\windows\desfx.exe [2009-9-28 10368] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-9-27 20560] R2 Atdx;Atg;c:\windows\Atds.exe [2009-9-28 10368] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-9-27 138680] R2 ferst;ces;c:\windows\system32\b7jh7z9oud\F001.exe [2009-9-27 65536] R2 HomeListen;Home Group Listener;c:\windows\system32\svchost.exe -k homelisten [2004-8-4 14336] R2 n hj;fmgn;c:\windows\nhg.exe [2009-9-28 10368] R2 TCPZ;TCP Half Open Limited Patcher ( TCP-Z);c:\windows\system32\drivers\tcpz-x86d.sys [2009-9-27 12136] R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-9-27 254040] S2 ASPX;ASPX State Service;c:\windows\system32\aspx.exe [2009-9-28 19231] S2 BitSrv;Bit Service;c:\windows\system32\BtSrv.exe [2009-9-27 430080] S2 re;fsrd;c:\windows\system32\62o476l683\J001.exe [2009-9-28 65536] S2 windswe;windswer;c:\windows\system32\windswe.exe [2009-9-27 22512] S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-9-27 352920] =============== Created Last 30 ================ 2009-09-28 21:34 46 a------- C:\t.ini 2009-09-28 21:33 778,752 a------- c:\windows\system32\homlogsrv.dll 2009-09-28 21:33 <DIR> --d----- c:\windows\system32\GRUA4Z4HY7 2009-09-28 20:53 10,368 ---sh--- c:\windows\nhg.exe 2009-09-28 20:53 19,231 a------- c:\windows\system32\aspx.exe 2009-09-28 20:53 10,368 ---sh--- c:\windows\Atds.exe 2009-09-28 20:51 <DIR> --d----- c:\windows\system32\793HDI4IBE 2009-09-28 20:50 10,368 ---sh--- c:\windows\desfx.exe 2009-09-28 20:48 <DIR> --d----- c:\windows\system32\62O476L683 2009-09-28 20:48 41,984 ---sh--- c:\windows\system32\homrunsrv.dll 2009-09-28 20:48 <DIR> --d----- c:\windows\system32\6S8S2YN26Z 2009-09-28 20:47 778,752 a------- c:\windows\system32\wmplogsrv.dll 2009-09-28 19:55 <DIR> --d----- c:\docume~1\ermin\applic~1\Malwarebytes 2009-09-28 19:54 <DIR> --d----- c:\documents and settings\ermin 2009-09-28 19:49 103,424 ac------ c:\windows\system32\dllcache\uihelper.dll 2009-09-28 19:48 1,875,968 ac------ c:\windows\system32\dllcache\msir3jp.lex 2009-09-28 19:47 400,384 ac------ c:\windows\system32\dllcache\fxsxp32.dll 2009-09-28 19:46 5,632 ac------ c:\windows\system32\dllcache\EXCH_adsiisex.dll 2009-09-28 19:44 488 a---hr-- c:\windows\system32\logonui.exe.manifest 2009-09-28 19:44 749 a---hr-- c:\windows\WindowsShell.Manifest 2009-09-28 19:44 749 a---hr-- c:\windows\system32\wuaucpl.cpl.manifest 2009-09-28 19:44 749 a---hr-- c:\windows\system32\sapi.cpl.manifest 2009-09-28 19:44 749 a---hr-- c:\windows\system32\nwc.cpl.manifest 2009-09-28 19:44 749 a---hr-- c:\windows\system32\ncpa.cpl.manifest 2009-09-28 19:43 16,384 ac------ c:\windows\system32\dllcache\isignup.exe 2009-09-28 19:42 32,768 ac------ c:\windows\system32\dllcache\icwdl.dll 2009-09-28 19:42 214,528 ac------ c:\windows\system32\dllcache\icwconn1.exe 2009-09-28 19:42 86,016 ac------ c:\windows\system32\dllcache\icwconn2.exe 2009-09-28 19:42 20,480 ac------ c:\windows\system32\dllcache\inetwiz.exe 2009-09-28 19:28 13,753 a----r-- c:\windows\SET5B.tmp 2009-09-28 19:28 1,086,058 a----r-- c:\windows\SET4F.tmp 2009-09-28 19:28 1,042,903 a----r-- c:\windows\SET4C.tmp 2009-09-27 22:53 <DIR> --d----- c:\windows\system32\BVEY4KM2CY 2009-09-27 22:51 22,512 a------- c:\windows\system32\windswe.exe 2009-09-27 22:50 <DIR> --d----- c:\windows\system32\B7JH7Z9OUD 2009-09-27 22:12 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-27 22:12 19,160 a------- c:\windows\system32\drivers\mbam.sys 2009-09-27 22:12 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2009-09-27 22:12 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-09-27 21:37 48,640 a------- c:\windows\system32\dhcpqec.dll 2009-09-27 21:32 <DIR> --d----- c:\windows\ServicePackFiles 2009-09-27 21:26 19,569 a------- c:\windows\003139_.tmp 2009-09-27 21:25 26,488 a------- c:\windows\system32\spupdsvc.exe 2009-09-27 16:04 12,136 a------- c:\windows\system32\drivers\tcpz-x86d.sys 2009-09-27 16:04 430,080 ---shr-- c:\windows\system32\BtSrv.exe 2009-09-27 16:04 40,960 a--sh--- c:\windows\system32\wmprunsrv.dll 2009-09-27 14:54 737,280 a------- c:\windows\iun6002.exe 2009-09-27 14:54 <DIR> --d----- c:\program files\Codec Pack - All In 1 2009-09-27 14:53 <DIR> --d----- c:\program files\Webteh 2009-09-27 14:47 376 a------- c:\windows\ODBC.INI 2009-09-27 14:46 17,920 a------- c:\windows\system32\mdimon.dll 2009-09-27 14:45 <DIR> --d----- c:\program files\Microsoft ActiveSync 2009-09-27 14:43 <DIR> --d-h--- c:\windows\ShellNew 2009-09-27 14:06 6,272 a------- c:\windows\system32\drivers\splitter.sys 2009-09-27 14:06 52,864 a------- c:\windows\system32\drivers\DMusic.sys 2009-09-27 14:05 130,048 a------- c:\windows\system32\ksproxy.ax 2009-09-27 14:05 4,096 a------- c:\windows\system32\ksuser.dll 2009-09-27 14:05 4,816 a------- c:\windows\system32\drivers\aeaudio.sys 2009-09-27 14:05 3,744 a------- c:\windows\system32\drivers\smsens.sys 2009-09-27 14:05 720,896 a------- c:\windows\system32\a3d.dll 2009-09-27 14:05 539,008 a------- c:\windows\system32\drivers\smwdm.sys 2009-09-27 14:05 45,056 a------- c:\windows\system32\CleanUp.exe 2009-09-27 14:05 36,864 a------- c:\windows\system32\DSndUp.exe 2009-09-27 14:05 <DIR> --d----- c:\program files\Analog Devices 2009-09-27 14:03 2,725 a----r-- c:\windows\system32\e1000325.din 2009-09-27 14:03 126,976 a------- c:\windows\system32\e1000msg.dll 2009-09-27 14:03 121,856 a------- c:\windows\system32\drivers\e1000325.sys 2009-09-27 14:03 118,784 a------- c:\windows\system32\Prounstl.exe 2009-09-27 14:03 24,064 a------- c:\windows\system32\IntelNic.dll 2009-09-27 14:03 <DIR> --d----- C:\drvrtmp 2009-09-27 14:01 18,688 a------- c:\windows\system32\drivers\omci.sys 2009-09-27 14:01 <DIR> --d----- c:\program files\Dell 2009-09-27 14:00 <DIR> --d----- c:\windows\system32\ReinstallBackups 2009-09-27 13:59 <DIR> --d----- C:\dell 2009-09-27 13:54 <DIR> --ds---- c:\windows\system32\Microsoft 2009-09-27 13:54 8,192 a------- c:\windows\REGLOCS.OLD 2009-09-27 13:50 618,605 ac------ c:\windows\system32\dllcache\fp4autl.dll 2009-09-27 13:47 <DIR> --dsh--- c:\documents and settings\all users\DRM 2009-09-27 13:47 488 a---hr-- c:\windows\system32\WindowsLogon.manifest 2009-09-27 13:47 749 a---hr-- c:\windows\system32\cdplayer.exe.manifest 2009-09-27 13:47 <DIR> --d-h--- c:\program files\WindowsUpdate 2009-09-27 13:47 4,399,505 ac------ c:\windows\system32\dllcache\nls302en.lex 2009-09-27 13:47 <DIR> --d----- c:\windows\system32\DirectX 2009-09-27 13:46 <DIR> --d----- c:\program files\common files\MSSoap 2009-09-27 13:44 <DIR> --d----- c:\program files\Online Services 2009-09-27 13:44 <DIR> --d----- c:\program files\Windows Media Connect 2 2009-09-27 13:43 <DIR> --d----- c:\program files\Messenger 2009-09-27 13:43 <DIR> --d----- c:\program files\MSN Gaming Zone 2009-09-27 13:43 <DIR> --d----- c:\program files\Windows NT 2009-09-26 15:28 <DIR> --d----- c:\program files\common files\ODBC 2009-09-26 15:28 <DIR> --d----- c:\program files\common files\SpeechEngines 2009-09-26 15:28 <DIR> --d--r-- c:\documents and settings\all users\Documents ==================== Find3M ==================== 2009-09-28 19:41 22,720 a------- c:\windows\system32\emptyregdb.dat 2009-09-27 21:41 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat 2004-08-17 20:00 76,288 ---sh--- c:\windows\system32\RmmltoC.dll 2004-08-17 20:00 76,288 ---sh--- c:\windows\system32\RnmutlC.dll 2004-08-17 20:00 76,288 ---sh--- c:\windows\system32\RpmitpC.dll 2004-08-17 20:00 76,288 a--sh--- c:\windows\system32\RvmutlC.dll ============= FINISH: 21:36:05,93 =============== Instalirao sam novi sistem XP 32 bitni koji, cim sam pokusao da se konektujem na net je zablokirao. Tacnije Avast me poceo upozoravati na malware koji mi ometa rad i zbog kojeg sam primoran prilikom startanja kompijutera brzo ugasiti kako bi od Vas zatrazio pomoc. Hvala Vam unaprijed za pomoc! Veliki pozdrav! mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png

Profil

helen1 Poslao: 28 Sep 2009 22:57 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

ermin81 Poslao: 28 Sep 2009 23:28 Idi na vrh
offline ermin81 Novi MyCity građanin Pridružio: 28 Sep 2009 Poruke: 11 Gde živiš: Sarajevo	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Iskreno se nadam da je to to sto sam trebao kopirati. ComboFix 09-09-27.05 - ermin 09/28/2009 23:03:28.1.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.234 [GMT 2:00] Running from: C:\Documents and Settings\ermin\Desktop\ComboFix.exe AV: avast! antivirus 4.8.1356 [VPS 090928-0] On-access scanning disabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\aspx.exe C:\WINDOWS\system32\e1000msg.dll c:\windows\system32\homrunsrv.dll C:\WINDOWS\system32\wmprunsrv.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_ASPX -------\Service_ASPX -------\Legacy_HomeListen -------\Service_HomeListen ((((((((((((((((((((((((( Files Created from 2009-08-28 to 2009-09-28 ))))))))))))))))))))))))))))))) . 2009-09-28 20:20:58 . 2009-09-28 20:23:04 0 d-----w- C:\WINDOWS\system32\QYQITKFMSF 2009-09-28 20:00:21 . 2009-09-28 20:01:18 0 d-----w- C:\WINDOWS\system32\MA73PJIGWB 2009-09-28 19:53:50 . 2009-09-28 19:53:50 0 d-----w- C:\WINDOWS\system32\K 2009-09-28 19:33:06 . 2009-09-28 19:35:25 0 d-----w- C:\WINDOWS\system32\GRUA4Z4HY7 2009-09-28 18:53:48 . 2009-09-28 18:53:48 10368 --sh--w- C:\WINDOWS\nhg.exe 2009-09-28 18:53:34 . 2009-09-28 18:53:34 10368 --sh--w- C:\WINDOWS\Atds.exe 2009-09-28 18:51:15 . 2009-09-28 18:53:50 0 d-----w- C:\WINDOWS\system32\793HDI4IBE 2009-09-28 18:50:02 . 2009-09-28 18:50:02 10368 --sh--w- C:\WINDOWS\desfx.exe 2009-09-28 18:48:42 . 2009-09-28 18:50:36 0 d-----w- C:\WINDOWS\system32\62O476L683 2009-09-28 18:48:32 . 2009-09-28 18:48:45 0 d-----w- C:\WINDOWS\system32\6S8S2YN26Z 2009-09-28 18:47:40 . 2009-09-28 18:48:30 778752 ----a-w- C:\WINDOWS\system32\wmplogsrv.dll 2009-09-28 18:16:23 . 2009-09-28 18:16:23 0 d-----w- C:\Documents and Settings\ermin\Local Settings\Application Data\Mozilla 2009-09-28 18:04:32 . 2009-09-28 18:04:32 42944 ----a-w- C:\Documents and Settings\ermin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-09-28 17:55:12 . 2009-09-28 17:55:13 0 d-----w- C:\Documents and Settings\ermin\Application Data\Malwarebytes 2009-09-28 17:49:59 . 2004-08-03 23:56:48 103424 -c--a-w- C:\WINDOWS\system32\dllcache\uihelper.dll 2009-09-28 17:48:55 . 2001-08-23 12:00:00 98304 -c--a-w- C:\WINDOWS\system32\dllcache\msir3jp.dll 2009-09-28 17:47:58 . 2004-08-03 23:56:44 400384 -c--a-w- C:\WINDOWS\system32\dllcache\fxsxp32.dll 2009-09-28 17:46:59 . 2001-08-17 20:36:10 5632 -c--a-w- C:\WINDOWS\system32\dllcache\EXCH_adsiisex.dll 2009-09-28 17:43:21 . 2001-08-23 12:00:00 16384 -c--a-w- C:\WINDOWS\system32\dllcache\isignup.exe 2009-09-28 17:42:38 . 2004-08-03 23:56:44 32768 -c--a-w- C:\WINDOWS\system32\dllcache\icwdl.dll 2009-09-28 17:42:37 . 2004-08-03 23:56:52 86016 -c--a-w- C:\WINDOWS\system32\dllcache\icwconn2.exe 2009-09-28 17:42:37 . 2004-08-03 23:56:52 214528 -c--a-w- C:\WINDOWS\system32\dllcache\icwconn1.exe 2009-09-28 17:42:37 . 2004-08-03 23:56:52 20480 -c--a-w- C:\WINDOWS\system32\dllcache\inetwiz.exe 2009-09-28 17:29:38 . 2001-08-23 12:00:00 13312 -c--a-w- C:\WINDOWS\system32\dllcache\irclass.dll 2009-09-28 17:29:38 . 2001-08-23 12:00:00 13312 ----a-w- C:\WINDOWS\system32\irclass.dll 2009-09-28 17:29:37 . 2001-08-23 12:00:00 24661 -c--a-w- C:\WINDOWS\system32\dllcache\spxcoins.dll 2009-09-28 17:29:37 . 2001-08-23 12:00:00 24661 ----a-w- C:\WINDOWS\system32\spxcoins.dll 2009-09-27 20:53:03 . 2009-09-27 20:53:30 0 d-----w- C:\WINDOWS\system32\BVEY4KM2CY 2009-09-27 20:51:15 . 2009-09-28 19:35:19 22512 ----a-w- C:\WINDOWS\system32\windswe.exe 2009-09-27 20:50:52 . 2009-09-27 20:51:57 0 d-----w- C:\WINDOWS\system32\B7JH7Z9OUD 2009-09-27 20:12:45 . 2009-09-27 20:12:45 0 d-----w- C:\Documents and Settings\Administrator\Application Data\Malwarebytes 2009-09-27 20:12:38 . 2009-09-10 12:54:06 38224 ----a-w- C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2009-09-27 20:12:36 . 2009-09-27 20:12:43 0 d-----w- C:\Program Files\Malwarebytes' Anti-Malware 2009-09-27 20:12:36 . 2009-09-27 20:12:36 0 d-----w- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-09-27 20:12:36 . 2009-09-10 12:53:50 19160 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys 2009-09-27 19:38:11 . 2008-04-13 22:13:34 9728 ----a-w- C:\WINDOWS\system32\comsdupd.exe 2009-09-27 19:38:11 . 2004-08-03 21:08:34 40832 ----a-w- C:\WINDOWS\system32\drivers\irbus.sys 2009-09-27 19:38:10 . 2004-08-03 23:56:46 9728 -c--a-w- C:\WINDOWS\system32\dllcache\rwnh.dll 2009-09-27 19:38:10 . 2004-08-03 23:56:46 9728 ----a-w- C:\WINDOWS\system32\rwnh.dll 2009-09-27 19:38:10 . 2004-08-03 23:56:46 10752 -c--a-w- C:\WINDOWS\system32\dllcache\smtpapi.dll 2009-09-27 19:38:10 . 2004-08-03 23:56:46 10752 ----a-w- C:\WINDOWS\system32\smtpapi.dll 2009-09-27 19:38:09 . 2004-08-03 23:56:46 221696 -c--a-w- C:\WINDOWS\system32\dllcache\seo.dll 2009-09-27 19:38:09 . 2004-08-03 23:56:46 2134528 -c--a-w- C:\WINDOWS\system32\dllcache\smtpsnap.dll 2009-09-27 19:38:09 . 2004-08-03 23:56:46 189440 -c--a-w- C:\WINDOWS\system32\dllcache\smtpadm.dll 2009-09-27 19:38:01 . 2004-08-03 22:56:42 377984 ----a-w- C:\WINDOWS\system32\ati2dvaa.dll 2009-09-27 19:38:00 . 2008-04-14 03:41:52 233472 ----a-w- C:\WINDOWS\system32\azroles.dll 2009-09-27 19:38:00 . 2004-08-03 22:56:42 32768 ----a-w- C:\WINDOWS\system32\ativtmxx.dll 2009-09-27 19:32:43 . 2009-09-27 19:38:26 0 d-----w- C:\WINDOWS\ServicePackFiles 2009-09-27 19:25:58 . 2007-08-10 18:46:18 26488 ----a-w- C:\WINDOWS\system32\spupdsvc.exe 2009-09-27 14:04:33 . 2009-09-28 18:48:40 12136 ----a-w- C:\WINDOWS\system32\drivers\tcpz-x86d.sys 2009-09-27 14:04:32 . 2009-09-27 14:04:32 430080 --sh--r- C:\WINDOWS\system32\BtSrv.exe 2009-09-27 12:54:52 . 2009-09-27 12:54:05 737280 ----a-w- C:\WINDOWS\iun6002.exe 2009-09-27 12:54:45 . 2009-09-27 12:54:52 0 d-----w- C:\Program Files\Codec Pack - All In 1 2009-09-27 12:53:35 . 2009-09-27 12:53:35 0 d-----w- C:\Program Files\Webteh 2009-09-27 12:52:51 . 2009-09-27 12:52:51 0 ----a-w- C:\WINDOWS\nsreg.dat 2009-09-27 12:50:39 . 2009-09-27 12:50:46 0 d-----w- C:\Documents and Settings\All Users\Application Data\Google Updater 2009-09-27 12:50:36 . 2009-09-27 12:50:40 0 d-----w- C:\Program Files\Google 2009-09-27 12:49:38 . 2009-09-27 12:49:38 0 d-----w- C:\Documents and Settings\Administrator\Application Data\AdobeUM 2009-09-27 12:46:53 . 2003-06-18 15:31:48 17920 ----a-w- C:\WINDOWS\system32\mdimon.dll 2009-09-27 12:45:30 . 2009-09-27 12:45:30 0 d-----w- C:\Program Files\Microsoft.NET 2009-09-27 12:45:17 . 2009-09-27 12:45:17 0 d-----w- C:\Program Files\Microsoft ActiveSync 2009-09-27 12:43:58 . 2009-09-27 12:45:26 0 d--h--w- C:\WINDOWS\ShellNew 2009-09-27 12:36:10 . 2009-09-27 12:36:10 0 d-----w- C:\Program Files\Common Files\Adobe 2009-09-27 12:06:15 . 2006-06-14 08:50:20 6272 ----a-w- C:\WINDOWS\system32\drivers\splitter.sys 2009-09-27 12:06:11 . 2004-08-03 21:07:40 52864 ----a-w- C:\WINDOWS\system32\drivers\DMusic.sys 2009-09-27 12:05:53 . 2004-08-03 22:56:44 4096 ----a-w- C:\WINDOWS\system32\ksuser.dll 2009-09-27 12:05:49 . 2002-10-28 09:26:04 3744 ----a-w- C:\WINDOWS\system32\drivers\smsens.sys 2009-09-27 12:05:49 . 2002-04-01 11:15:00 4816 ----a-w- C:\WINDOWS\system32\drivers\aeaudio.sys 2009-09-27 12:05:48 . 2009-09-27 12:05:48 0 d-----w- C:\Program Files\Analog Devices 2009-09-27 12:05:48 . 2002-12-19 15:48:48 539008 ----a-w- C:\WINDOWS\system32\drivers\smwdm.sys 2009-09-27 12:05:48 . 2002-12-17 13:11:10 36864 ----a-w- C:\WINDOWS\system32\DSndUp.exe 2009-09-27 12:05:48 . 2002-04-17 13:05:32 45056 ----a-w- C:\WINDOWS\system32\CleanUp.exe 2009-09-27 12:05:48 . 2001-09-19 11:32:26 720896 ----a-w- C:\WINDOWS\system32\a3d.dll 2009-09-27 12:03:49 . 2009-09-27 12:04:22 0 d-----w- C:\drvrtmp 2009-09-27 12:03:49 . 2003-07-11 10:15:48 118784 ----a-w- C:\WINDOWS\system32\Prounstl.exe 2009-09-27 12:03:49 . 2003-07-11 08:58:42 121856 ----a-w- C:\WINDOWS\system32\drivers\e1000325.sys 2009-09-27 12:03:49 . 2002-12-29 03:00:02 24064 ----a-w- C:\WINDOWS\system32\IntelNic.dll 2009-09-27 12:01:45 . 2009-09-27 12:07:10 0 d-----w- C:\Program Files\Dell 2009-09-27 12:01:45 . 2005-11-23 09:43:56 18688 ----a-w- C:\WINDOWS\system32\drivers\omci.sys 2009-09-27 12:01:00 . 2009-09-27 12:01:00 0 d-----w- C:\Program Files\Intel 2009-09-27 12:00:25 . 2009-09-27 12:07:11 0 d--h--w- C:\Program Files\InstallShield Installation Information 2009-09-27 12:00:10 . 2009-09-27 12:00:11 0 d-----w- C:\Program Files\Common Files\InstallShield . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-28 17:41:18 . 2009-09-27 11:44:47 22720 ----a-w- C:\WINDOWS\system32\emptyregdb.dat 2009-09-28 17:40:41 . 2009-09-27 11:44:01 0 d-----w- C:\Program Files\Windows Media Connect 2 2009-09-27 12:12:00 . 2009-09-27 12:12:00 0 d-----w- C:\Program Files\Alwil Software 2009-09-27 11:49:52 . 2009-09-27 11:49:52 0 d-----w- C:\Program Files\microsoft frontpage 2009-09-15 10:59:36 . 2009-09-27 12:12:02 1279968 ----a-w- C:\WINDOWS\system32\aswBoot.exe 2009-09-15 10:56:21 . 2009-09-27 12:12:25 93424 ----a-w- C:\WINDOWS\system32\drivers\aswmon.sys 2009-09-15 10:56:14 . 2009-09-27 12:12:25 94160 ----a-w- C:\WINDOWS\system32\drivers\aswmon2.sys 2009-09-15 10:55:30 . 2009-09-27 12:12:25 114768 ----a-w- C:\WINDOWS\system32\drivers\aswSP.sys 2009-09-15 10:55:19 . 2009-09-27 12:12:25 20560 ----a-w- C:\WINDOWS\system32\drivers\aswFsBlk.sys 2009-09-15 10:54:30 . 2009-09-27 12:12:27 52368 ----a-w- C:\WINDOWS\system32\drivers\aswTdi.sys 2009-09-15 10:54:21 . 2009-09-27 12:12:27 23152 ----a-w- C:\WINDOWS\system32\drivers\aswRdr.sys 2009-09-15 10:53:24 . 2009-09-27 12:12:26 27408 ----a-w- C:\WINDOWS\system32\drivers\aavmker4.sys 2009-09-15 10:53:01 . 2009-09-27 12:12:25 97480 ----a-w- C:\WINDOWS\system32\AvastSS.scr 2004-08-17 18:00:00 . 2004-08-17 18:00:00 76288 --sh--w- C:\WINDOWS\system32\RmmltoC.dll 2004-08-17 18:00:00 . 2004-08-17 18:00:00 76288 --sh--w- C:\WINDOWS\system32\RnmutlC.dll 2004-08-17 18:00:00 . 2004-08-17 18:00:00 76288 --sh--w- C:\WINDOWS\system32\RpmitpC.dll 2004-08-17 18:00:00 . 2004-08-17 18:00:00 76288 --sh--w- C:\WINDOWS\system32\RrmstlC.dll 2004-08-17 18:00:00 . 2004-08-17 18:00:00 76288 --sha-w- C:\WINDOWS\system32\RvmutlC.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 10:56:48 81000] "Malwarebytes Anti-Malware (reboot)"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 12:53:56 1312080] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:56:50 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] "tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-03 21:59:28 44544] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 2;2 afex;faday;C:\WINDOWS\desfx.exe [x] 2;2 n hj;fmgn;C:\WINDOWS\nhg.exe [x] R2 Atdx;Atg;C:\WINDOWS\Atds.exe [2009-09-28 18:53:34 10368] R2 re;fsrd;C:\WINDOWS\system32\62O476L683\J001.exe [2009-09-28 18:50:36 65536] R2 TCPZ;TCP Half Open Limited Patcher ( TCP-Z);C:\WINDOWS\system32\drivers\tcpz-x86d.sys [2009-09-28 18:48:40 12136] R2 windswe;windswer;C:\WINDOWS\system32\windswe.exe [2009-09-28 19:35:19 22512] S1 aswSP;avast! Self Protection; [x] S2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-09-15 10:55:19 20560] S2 BitSrv;Bit Service;C:\WINDOWS\System32\BtSrv.exe [2009-09-27 14:04:32 430080] S2 ferst;ces;C:\WINDOWS\system32\B7JH7Z9OUD\F001.exe [2009-09-27 20:51:11 65536] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] wmpnetwk REG_MULTI_SZ WmpNetwk Wind homelisten REG_MULTI_SZ HomeListen Home . Contents of the 'Scheduled Tasks' folder 2009-09-28 C:\WINDOWS\Tasks\Google Software Updater.job - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-27 12:50:36 . 2009-09-27 12:50:36] . . ------- Supplementary Scan ------- . uInternet Connection Wizard,ShellNext = hxxp://ok3.114graph.com/msn/163.htm FF - ProfilePath - C:\Documents and Settings\ermin\Application Data\Mozilla\Firefox\Profiles\t8akazwe.default\ FF - plugin: C:\Program Files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-09-28 23:09:22 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(1408-) C:\WINDOWS\system32\wpdshserviceobj.dll C:\WINDOWS\system32\portabledevicetypes.dll C:\WINDOWS\system32\portabledeviceapi.dll . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Dell\OpenManage\Client\Iap.exe C:\Program Files\Alwil Software\Avast4\Setup\avast.setup . ************************************************************************ . Completion time: 2009-09-28 23:11:27 - machine was rebooted ComboFix-quarantined-files.txt 2009-09-28 21:11:24 Pre-Run: 11.926.560.768 bytes free Post-Run: 11.910.008.832 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4 204

Profil

helen1 Poslao: 29 Sep 2009 12:24 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, izvini sto cekas, ali je slucaj malo komplikovaniji. Windows XP Klikni Start taster (u levom donjem uglu). Izaberi My Computer. Selektuj Tools meni i klikni na Folder Options. Selektuj View na vrhu, unutar Hidden files and folders grupe selektuj Show hidden files and folders. Skini kvačicu sa Hide file extensions for known types. Skini kvačicu sa Hide protected operating system files (recommended). Klikni YES. Klikni OK. probaj da nadjes sledeci fajl i da mi ga posaljes: C:\WINDOWS\system32\RvmutlC.dll preko ovog linka: http://www.mycity.rs/ambulanta-upload.php

Profil

ermin81 Poslao: 29 Sep 2009 22:38 Idi na vrh
offline ermin81 Novi MyCity građanin Pridružio: 28 Sep 2009 Poruke: 11 Gde živiš: Sarajevo	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Izvini ti sto si cekala, evo tek sad sam dosao s posla Nakon upustava predhodnih koje si mi nalozila da uradim upalio se Avast i izbrisao more virusa tako da sam sad uspijesno upalio komp bez, sad zasad, ikakvih problema i kao sto i sama vidis cak i konektovao na net. Iskreno se nadam da sam, to jest TI, uspjesno popravila ovu moju kantu! Fajl C:\WINDOWS\system32\RvmutlC.dll nemogu da pronadzem na kompu.

Profil

helen1 Poslao: 30 Sep 2009 00:13 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kanta nije jos popravljena skroz. Potrebno je da opet skeniras programom ComboFix.

Profil

ermin81 Poslao: 30 Sep 2009 18:15 Idi na vrh
offline ermin81 Novi MyCity građanin Pridružio: 28 Sep 2009 Poruke: 11 Gde živiš: Sarajevo	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Bas sam se ponadao. Obavio sam ono sto si mi rekla i evo saljem ti izvijestaj. ComboFix 09-09-27.05 - ermin 09/30/2009 18:02.2.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.323 [GMT 2:00] Running from: c:\documents and settings\ermin\Desktop\ComboFix.exe AV: avast! antivirus 4.8.1356 [VPS 090929-0] On-access scanning enabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . c:\windows\system32\aspx.exe c:\windows\system32\e1000msg.dll c:\windows\system32\homrunsrv.dll c:\windows\system32\wmprunsrv.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_ASPX -------\Service_ASPX -------\Legacy_HomeListen -------\Service_HomeListen ((((((((((((((((((((((((( Files Created from 2009-08-28 to 2009-09-30 ))))))))))))))))))))))))))))))) . 2009-09-28 20:20 . 2009-09-28 20:23 -------- d-----w- c:\windows\system32\QYQITKFMSF 2009-09-28 20:00 . 2009-09-28 20:01 -------- d-----w- c:\windows\system32\MA73PJIGWB 2009-09-28 19:53 . 2009-09-28 19:53 -------- d-----w- c:\windows\system32\K 2009-09-28 19:33 . 2009-09-28 22:04 -------- d-----w- c:\windows\system32\GRUA4Z4HY7 2009-09-28 18:53 . 2009-09-28 18:53 10368 --sh--w- c:\windows\Atds.exe 2009-09-28 18:51 . 2009-09-28 22:01 -------- d-----w- c:\windows\system32\793HDI4IBE 2009-09-28 18:50 . 2009-09-28 18:50 10368 --sh--w- c:\windows\desfx.exe 2009-09-28 18:48 . 2009-09-28 22:01 -------- d-----w- c:\windows\system32\62O476L683 2009-09-28 18:48 . 2009-09-28 18:48 -------- d-----w- c:\windows\system32\6S8S2YN26Z 2009-09-28 18:16 . 2009-09-28 18:16 -------- d-----w- c:\documents and settings\ermin\Local Settings\Application Data\Mozilla 2009-09-28 18:04 . 2009-09-28 18:04 42944 ----a-w- c:\documents and settings\ermin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-09-28 17:55 . 2009-09-28 17:55 -------- d-----w- c:\documents and settings\ermin\Application Data\Malwarebytes 2009-09-28 17:49 . 2004-08-03 23:56 103424 -c--a-w- c:\windows\system32\dllcache\uihelper.dll 2009-09-28 17:48 . 2001-08-23 12:00 98304 -c--a-w- c:\windows\system32\dllcache\msir3jp.dll 2009-09-28 17:47 . 2004-08-03 23:56 400384 -c--a-w- c:\windows\system32\dllcache\fxsxp32.dll 2009-09-28 17:46 . 2001-08-17 20:36 5632 -c--a-w- c:\windows\system32\dllcache\EXCH_adsiisex.dll 2009-09-28 17:43 . 2001-08-23 12:00 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe 2009-09-28 17:42 . 2004-08-03 23:56 32768 -c--a-w- c:\windows\system32\dllcache\icwdl.dll 2009-09-28 17:42 . 2004-08-03 23:56 86016 -c--a-w- c:\windows\system32\dllcache\icwconn2.exe 2009-09-28 17:42 . 2004-08-03 23:56 214528 -c--a-w- c:\windows\system32\dllcache\icwconn1.exe 2009-09-28 17:42 . 2004-08-03 23:56 20480 -c--a-w- c:\windows\system32\dllcache\inetwiz.exe 2009-09-28 17:29 . 2001-08-23 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll 2009-09-28 17:29 . 2001-08-23 12:00 13312 ----a-w- c:\windows\system32\irclass.dll 2009-09-28 17:29 . 2001-08-23 12:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll 2009-09-28 17:29 . 2001-08-23 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll 2009-09-27 20:53 . 2009-09-27 20:53 -------- d-----w- c:\windows\system32\BVEY4KM2CY 2009-09-27 20:50 . 2009-09-28 22:01 -------- d-----w- c:\windows\system32\B7JH7Z9OUD 2009-09-27 20:12 . 2009-09-27 20:12 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2009-09-27 20:12 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-27 20:12 . 2009-09-27 20:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-09-27 20:12 . 2009-09-27 20:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-09-27 20:12 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-27 19:38 . 2008-04-13 22:13 9728 ----a-w- c:\windows\system32\comsdupd.exe 2009-09-27 19:38 . 2004-08-03 21:08 40832 ----a-w- c:\windows\system32\drivers\irbus.sys 2009-09-27 19:38 . 2004-08-03 23:56 9728 -c--a-w- c:\windows\system32\dllcache\rwnh.dll 2009-09-27 19:38 . 2004-08-03 23:56 9728 ----a-w- c:\windows\system32\rwnh.dll 2009-09-27 19:38 . 2004-08-03 23:56 10752 -c--a-w- c:\windows\system32\dllcache\smtpapi.dll 2009-09-27 19:38 . 2004-08-03 23:56 10752 ----a-w- c:\windows\system32\smtpapi.dll 2009-09-27 19:38 . 2004-08-03 23:56 221696 -c--a-w- c:\windows\system32\dllcache\seo.dll 2009-09-27 19:38 . 2004-08-03 23:56 2134528 -c--a-w- c:\windows\system32\dllcache\smtpsnap.dll 2009-09-27 19:38 . 2004-08-03 23:56 189440 -c--a-w- c:\windows\system32\dllcache\smtpadm.dll 2009-09-27 19:38 . 2004-08-03 22:56 377984 ----a-w- c:\windows\system32\ati2dvaa.dll 2009-09-27 19:38 . 2008-04-14 03:41 233472 ----a-w- c:\windows\system32\azroles.dll 2009-09-27 19:38 . 2004-08-03 22:56 32768 ----a-w- c:\windows\system32\ativtmxx.dll 2009-09-27 19:32 . 2009-09-27 19:38 -------- d-----w- c:\windows\ServicePackFiles 2009-09-27 19:25 . 2007-08-10 18:46 26488 ----a-w- c:\windows\system32\spupdsvc.exe 2009-09-27 14:04 . 2009-09-28 18:48 12136 ----a-w- c:\windows\system32\drivers\tcpz-x86d.sys 2009-09-27 14:04 . 2009-09-27 14:04 430080 --sh--r- c:\windows\system32\BtSrv.exe 2009-09-27 12:54 . 2009-09-27 12:54 737280 ----a-w- c:\windows\iun6002.exe 2009-09-27 12:54 . 2009-09-27 12:54 -------- d-----w- c:\program files\Codec Pack - All In 1 2009-09-27 12:53 . 2009-09-27 12:53 -------- d-----w- c:\program files\Webteh 2009-09-27 12:52 . 2009-09-27 12:52 0 ----a-w- c:\windows\nsreg.dat 2009-09-27 12:50 . 2009-09-27 12:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2009-09-27 12:50 . 2009-09-27 12:50 -------- d-----w- c:\program files\Google 2009-09-27 12:49 . 2009-09-27 12:49 -------- d-----w- c:\documents and settings\Administrator\Application Data\AdobeUM 2009-09-27 12:46 . 2003-06-18 15:31 17920 ----a-w- c:\windows\system32\mdimon.dll 2009-09-27 12:45 . 2009-09-27 12:45 -------- d-----w- c:\program files\Microsoft.NET 2009-09-27 12:45 . 2009-09-27 12:45 -------- d-----w- c:\program files\Microsoft ActiveSync 2009-09-27 12:43 . 2009-09-27 12:45 -------- d--h--w- c:\windows\ShellNew 2009-09-27 12:36 . 2009-09-27 12:36 -------- d-----w- c:\program files\Common Files\Adobe 2009-09-27 12:06 . 2006-06-14 08:50 6272 ----a-w- c:\windows\system32\drivers\splitter.sys 2009-09-27 12:06 . 2004-08-03 21:07 52864 ----a-w- c:\windows\system32\drivers\DMusic.sys 2009-09-27 12:05 . 2004-08-03 22:56 4096 ----a-w- c:\windows\system32\ksuser.dll 2009-09-27 12:05 . 2002-10-28 09:26 3744 ----a-w- c:\windows\system32\drivers\smsens.sys 2009-09-27 12:05 . 2002-04-01 11:15 4816 ----a-w- c:\windows\system32\drivers\aeaudio.sys 2009-09-27 12:05 . 2009-09-27 12:05 -------- d-----w- c:\program files\Analog Devices 2009-09-27 12:05 . 2002-12-19 15:48 539008 ----a-w- c:\windows\system32\drivers\smwdm.sys 2009-09-27 12:05 . 2002-12-17 13:11 36864 ----a-w- c:\windows\system32\DSndUp.exe 2009-09-27 12:05 . 2002-04-17 13:05 45056 ----a-w- c:\windows\system32\CleanUp.exe 2009-09-27 12:05 . 2001-09-19 11:32 720896 ----a-w- c:\windows\system32\a3d.dll 2009-09-27 12:03 . 2009-09-27 12:04 -------- d-----w- C:\drvrtmp 2009-09-27 12:03 . 2003-07-11 10:15 118784 ----a-w- c:\windows\system32\Prounstl.exe 2009-09-27 12:03 . 2003-07-11 08:58 121856 ----a-w- c:\windows\system32\drivers\e1000325.sys 2009-09-27 12:03 . 2002-12-29 03:00 24064 ----a-w- c:\windows\system32\IntelNic.dll 2009-09-27 12:01 . 2009-09-27 12:07 -------- d-----w- c:\program files\Dell 2009-09-27 12:01 . 2005-11-23 09:43 18688 ----a-w- c:\windows\system32\drivers\omci.sys 2009-09-27 12:01 . 2009-09-27 12:01 -------- d-----w- c:\program files\Intel 2009-09-27 12:00 . 2009-09-27 12:07 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-09-27 12:00 . 2009-09-27 12:00 -------- d-----w- c:\program files\Common Files\InstallShield . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-28 17:41 . 2009-09-27 11:44 22720 ----a-w- c:\windows\system32\emptyregdb.dat 2009-09-28 17:40 . 2009-09-27 11:44 -------- d-----w- c:\program files\Windows Media Connect 2 2009-09-27 12:12 . 2009-09-27 12:12 -------- d-----w- c:\program files\Alwil Software 2009-09-27 11:49 . 2009-09-27 11:49 -------- d-----w- c:\program files\microsoft frontpage 2009-09-15 10:59 . 2009-09-27 12:12 1279968 ----a-w- c:\windows\system32\aswBoot.exe 2009-09-15 10:56 . 2009-09-27 12:12 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-09-15 10:56 . 2009-09-27 12:12 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-09-15 10:55 . 2009-09-27 12:12 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-09-15 10:55 . 2009-09-27 12:12 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-09-15 10:54 . 2009-09-27 12:12 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-09-15 10:54 . 2009-09-27 12:12 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-09-15 10:53 . 2009-09-27 12:12 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-09-15 10:53 . 2009-09-27 12:12 97480 ----a-w- c:\windows\system32\AvastSS.scr . ((((((((((((((((((((((((((((( SnapShot@2009-09-28_21.09.32 ))))))))))))))))))))))))))))))))))))))))) . + 2009-09-30 15:56 . 2009-09-30 15:56 16384 c:\windows\Temp\Perflib_Perfdata_5e0.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] "tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-03 44544] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [9/27/2009 14:12 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9/27/2009 14:12 20560] R2 TCPZ;TCP Half Open Limited Patcher ( TCP-Z);c:\windows\system32\drivers\tcpz-x86d.sys [9/27/2009 16:04 12136] S2 afex;faday;c:\windows\desfx.exe [9/28/2009 20:50 10368] S2 Atdx;Atg;c:\windows\Atds.exe [9/28/2009 20:53 10368] S2 BitSrv;Bit Service;c:\windows\system32\BtSrv.exe [9/27/2009 16:04 430080] S2 ferst;ces;c:\windows\system32\B7JH7Z9OUD\F001.exe [9/27/2009 22:51 65536] S2 re;fsrd;c:\windows\system32\62O476L683\J001.exe [9/28/2009 20:50 65536] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] wmpnetwk REG_MULTI_SZ WmpNetwk Wind homelisten REG_MULTI_SZ HomeListen Home . Contents of the 'Scheduled Tasks' folder 2009-09-30 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-27 12:50] . . ------- Supplementary Scan ------- . uInternet Connection Wizard,ShellNext = hxxp://ok3.114graph.com/msn/163.htm FF - ProfilePath - c:\documents and settings\ermin\Application Data\Mozilla\Firefox\Profiles\t8akazwe.default\ FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-09-30 18:07 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(124) c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . Completion time: 2009-09-30 18:09 ComboFix-quarantined-files.txt 2009-09-30 16:09 Pre-Run: 11.858.993.152 bytes free Post-Run: 11.830.804.480 bytes free Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4 187

Profil

helen1 Poslao: 30 Sep 2009 18:25 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: Folder:: C:\WINDOWS\system32\QYQITKFMSF C:\WINDOWS\system32\MA73PJIGWB C:\WINDOWS\system32\K C:\WINDOWS\system32\GRUA4Z4HY7 C:\WINDOWS\system32\62O476L683 C:\WINDOWS\system32\6S8S2YN26Z C:\WINDOWS\system32\BVEY4KM2CY C:\WINDOWS\system32\B7JH7Z9OUD C:\WINDOWS\system32\793HDI4IBE File:: C:\WINDOWS\nhg.exe C:\WINDOWS\desfx.exe C:\WINDOWS\Atds.exe C:\WINDOWS\system32\wmplogsrv.dll C:\WINDOWS\system32\B7JH7Z9OUD\F001.exe C:\WINDOWS\System32\BtSrv.exe C:\WINDOWS\system32\62O476L683\J001.exe c:\windows\system32\wmprunsrv.dll c:\windows\system32\drivers\tcpz-x86d.sys Driver:: ferst BitSrv re Atdx TCPZ afex Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

ermin81 Poslao: 30 Sep 2009 18:42 Idi na vrh
offline ermin81 Novi MyCity građanin Pridružio: 28 Sep 2009 Poruke: 11 Gde živiš: Sarajevo	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo ga, gotovo. ComboFix 09-09-29.04 - ermin 09/30/2009 18:29.3.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.300 [GMT 2:00] Running from: c:\documents and settings\ermin\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\ermin\Desktop\CFScript AV: avast! antivirus 4.8.1356 [VPS 090929-0] On-access scanning enabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} * Created a new restore point FILE :: "c:\windows\Atds.exe" "c:\windows\desfx.exe" "c:\windows\nhg.exe" "c:\windows\system32\62O476L683\J001.exe" "c:\windows\system32\B7JH7Z9OUD\F001.exe" "c:\windows\System32\BtSrv.exe" "c:\windows\system32\drivers\tcpz-x86d.sys" "c:\windows\system32\wmplogsrv.dll" "c:\windows\system32\wmprunsrv.dll" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\Atds.exe c:\windows\desfx.exe c:\windows\system32\62O476L683 c:\windows\system32\62O476L683\A8800.exe c:\windows\system32\62O476L683\J001.exe c:\windows\system32\62O476L683\J002.exe c:\windows\system32\6S8S2YN26Z c:\windows\system32\793HDI4IBE c:\windows\system32\793HDI4IBE\A8800.exe c:\windows\system32\793HDI4IBE\J001.exe c:\windows\system32\B7JH7Z9OUD c:\windows\system32\B7JH7Z9OUD\F001.exe c:\windows\system32\B7JH7Z9OUD\J001.exe c:\windows\System32\BtSrv.exe c:\windows\system32\BVEY4KM2CY c:\windows\system32\BVEY4KM2CY\F001.exe c:\windows\system32\BVEY4KM2CY\J001.exe c:\windows\system32\drivers\tcpz-x86d.sys c:\windows\system32\GRUA4Z4HY7 c:\windows\system32\GRUA4Z4HY7\A8800.exe c:\windows\system32\GRUA4Z4HY7\J001.exe c:\windows\system32\K c:\windows\system32\MA73PJIGWB c:\windows\system32\QYQITKFMSF c:\windows\system32\QYQITKFMSF\A8800.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_AFEX -------\Legacy_ATDX -------\Legacy_BITSRV -------\Legacy_FERST -------\Legacy_RE -------\Legacy_TCPZ -------\Service_afex -------\Service_Atdx -------\Service_BitSrv -------\Service_ferst -------\Service_re -------\Service_TCPZ ((((((((((((((((((((((((( Files Created from 2009-08-28 to 2009-09-30 ))))))))))))))))))))))))))))))) . 2009-09-28 18:16 . 2009-09-28 18:16 -------- d-----w- c:\documents and settings\ermin\Local Settings\Application Data\Mozilla 2009-09-28 18:04 . 2009-09-28 18:04 42944 ----a-w- c:\documents and settings\ermin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-09-28 17:55 . 2009-09-28 17:55 -------- d-----w- c:\documents and settings\ermin\Application Data\Malwarebytes 2009-09-28 17:49 . 2004-08-03 23:56 103424 -c--a-w- c:\windows\system32\dllcache\uihelper.dll 2009-09-28 17:48 . 2001-08-23 12:00 98304 -c--a-w- c:\windows\system32\dllcache\msir3jp.dll 2009-09-28 17:47 . 2004-08-03 23:56 400384 -c--a-w- c:\windows\system32\dllcache\fxsxp32.dll 2009-09-28 17:46 . 2001-08-17 20:36 5632 -c--a-w- c:\windows\system32\dllcache\EXCH_adsiisex.dll 2009-09-28 17:43 . 2001-08-23 12:00 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe 2009-09-28 17:42 . 2004-08-03 23:56 32768 -c--a-w- c:\windows\system32\dllcache\icwdl.dll 2009-09-28 17:42 . 2004-08-03 23:56 86016 -c--a-w- c:\windows\system32\dllcache\icwconn2.exe 2009-09-28 17:42 . 2004-08-03 23:56 214528 -c--a-w- c:\windows\system32\dllcache\icwconn1.exe 2009-09-28 17:42 . 2004-08-03 23:56 20480 -c--a-w- c:\windows\system32\dllcache\inetwiz.exe 2009-09-28 17:29 . 2001-08-23 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll 2009-09-28 17:29 . 2001-08-23 12:00 13312 ----a-w- c:\windows\system32\irclass.dll 2009-09-28 17:29 . 2001-08-23 12:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll 2009-09-28 17:29 . 2001-08-23 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll 2009-09-27 20:12 . 2009-09-27 20:12 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2009-09-27 20:12 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-09-27 20:12 . 2009-09-27 20:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-09-27 20:12 . 2009-09-27 20:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-09-27 20:12 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-27 19:38 . 2008-04-13 22:13 9728 ----a-w- c:\windows\system32\comsdupd.exe 2009-09-27 19:38 . 2004-08-03 21:08 40832 ----a-w- c:\windows\system32\drivers\irbus.sys 2009-09-27 19:38 . 2004-08-03 23:56 9728 -c--a-w- c:\windows\system32\dllcache\rwnh.dll 2009-09-27 19:38 . 2004-08-03 23:56 9728 ----a-w- c:\windows\system32\rwnh.dll 2009-09-27 19:38 . 2004-08-03 23:56 10752 -c--a-w- c:\windows\system32\dllcache\smtpapi.dll 2009-09-27 19:38 . 2004-08-03 23:56 10752 ----a-w- c:\windows\system32\smtpapi.dll 2009-09-27 19:38 . 2004-08-03 23:56 221696 -c--a-w- c:\windows\system32\dllcache\seo.dll 2009-09-27 19:38 . 2004-08-03 23:56 2134528 -c--a-w- c:\windows\system32\dllcache\smtpsnap.dll 2009-09-27 19:38 . 2004-08-03 23:56 189440 -c--a-w- c:\windows\system32\dllcache\smtpadm.dll 2009-09-27 19:38 . 2004-08-03 22:56 377984 ----a-w- c:\windows\system32\ati2dvaa.dll 2009-09-27 19:38 . 2008-04-14 03:41 233472 ----a-w- c:\windows\system32\azroles.dll 2009-09-27 19:38 . 2004-08-03 22:56 32768 ----a-w- c:\windows\system32\ativtmxx.dll 2009-09-27 19:32 . 2009-09-27 19:38 -------- d-----w- c:\windows\ServicePackFiles 2009-09-27 19:25 . 2007-08-10 18:46 26488 ----a-w- c:\windows\system32\spupdsvc.exe 2009-09-27 12:54 . 2009-09-27 12:54 737280 ----a-w- c:\windows\iun6002.exe 2009-09-27 12:54 . 2009-09-27 12:54 -------- d-----w- c:\program files\Codec Pack - All In 1 2009-09-27 12:53 . 2009-09-27 12:53 -------- d-----w- c:\program files\Webteh 2009-09-27 12:52 . 2009-09-27 12:52 0 ----a-w- c:\windows\nsreg.dat 2009-09-27 12:50 . 2009-09-27 12:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2009-09-27 12:50 . 2009-09-27 12:50 -------- d-----w- c:\program files\Google 2009-09-27 12:49 . 2009-09-27 12:49 -------- d-----w- c:\documents and settings\Administrator\Application Data\AdobeUM 2009-09-27 12:46 . 2003-06-18 15:31 17920 ----a-w- c:\windows\system32\mdimon.dll 2009-09-27 12:45 . 2009-09-27 12:45 -------- d-----w- c:\program files\Microsoft.NET 2009-09-27 12:45 . 2009-09-27 12:45 -------- d-----w- c:\program files\Microsoft ActiveSync 2009-09-27 12:43 . 2009-09-27 12:45 -------- d--h--w- c:\windows\ShellNew 2009-09-27 12:36 . 2009-09-27 12:36 -------- d-----w- c:\program files\Common Files\Adobe 2009-09-27 12:06 . 2006-06-14 08:50 6272 ----a-w- c:\windows\system32\drivers\splitter.sys 2009-09-27 12:06 . 2004-08-03 21:07 52864 ----a-w- c:\windows\system32\drivers\DMusic.sys 2009-09-27 12:05 . 2004-08-03 22:56 4096 ----a-w- c:\windows\system32\ksuser.dll 2009-09-27 12:05 . 2002-10-28 09:26 3744 ----a-w- c:\windows\system32\drivers\smsens.sys 2009-09-27 12:05 . 2002-04-01 11:15 4816 ----a-w- c:\windows\system32\drivers\aeaudio.sys 2009-09-27 12:05 . 2009-09-27 12:05 -------- d-----w- c:\program files\Analog Devices 2009-09-27 12:05 . 2002-12-19 15:48 539008 ----a-w- c:\windows\system32\drivers\smwdm.sys 2009-09-27 12:05 . 2002-12-17 13:11 36864 ----a-w- c:\windows\system32\DSndUp.exe 2009-09-27 12:05 . 2002-04-17 13:05 45056 ----a-w- c:\windows\system32\CleanUp.exe 2009-09-27 12:05 . 2001-09-19 11:32 720896 ----a-w- c:\windows\system32\a3d.dll 2009-09-27 12:03 . 2009-09-27 12:04 -------- d-----w- C:\drvrtmp 2009-09-27 12:03 . 2003-07-11 10:15 118784 ----a-w- c:\windows\system32\Prounstl.exe 2009-09-27 12:03 . 2003-07-11 08:58 121856 ----a-w- c:\windows\system32\drivers\e1000325.sys 2009-09-27 12:03 . 2002-12-29 03:00 24064 ----a-w- c:\windows\system32\IntelNic.dll 2009-09-27 12:01 . 2009-09-27 12:07 -------- d-----w- c:\program files\Dell 2009-09-27 12:01 . 2005-11-23 09:43 18688 ----a-w- c:\windows\system32\drivers\omci.sys 2009-09-27 12:01 . 2009-09-27 12:01 -------- d-----w- c:\program files\Intel 2009-09-27 12:00 . 2009-09-27 12:07 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-09-27 12:00 . 2009-09-27 12:00 -------- d-----w- c:\program files\Common Files\InstallShield . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-28 17:41 . 2009-09-27 11:44 22720 ----a-w- c:\windows\system32\emptyregdb.dat 2009-09-28 17:40 . 2009-09-27 11:44 -------- d-----w- c:\program files\Windows Media Connect 2 2009-09-27 12:12 . 2009-09-27 12:12 -------- d-----w- c:\program files\Alwil Software 2009-09-27 11:49 . 2009-09-27 11:49 -------- d-----w- c:\program files\microsoft frontpage 2009-09-15 10:59 . 2009-09-27 12:12 1279968 ----a-w- c:\windows\system32\aswBoot.exe 2009-09-15 10:56 . 2009-09-27 12:12 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-09-15 10:56 . 2009-09-27 12:12 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-09-15 10:55 . 2009-09-27 12:12 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-09-15 10:55 . 2009-09-27 12:12 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-09-15 10:54 . 2009-09-27 12:12 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-09-15 10:54 . 2009-09-27 12:12 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-09-15 10:53 . 2009-09-27 12:12 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-09-15 10:53 . 2009-09-27 12:12 97480 ----a-w- c:\windows\system32\AvastSS.scr . ((((((((((((((((((((((((((((( SnapShot@2009-09-28_21.09.32 ))))))))))))))))))))))))))))))))))))))))) . + 2009-09-30 16:34 . 2009-09-30 16:34 16384 c:\windows\Temp\Perflib_Perfdata_680.dat + 2009-09-30 15:56 . 2009-09-30 15:56 16384 c:\windows\Temp\Perflib_Perfdata_5e0.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] "tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-03 44544] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [9/27/2009 14:12 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9/27/2009 14:12 20560] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] wmpnetwk REG_MULTI_SZ WmpNetwk Wind homelisten REG_MULTI_SZ HomeListen Home . Contents of the 'Scheduled Tasks' folder 2009-09-30 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-27 12:50] . . ------- Supplementary Scan ------- . uInternet Connection Wizard,ShellNext = hxxp://ok3.114graph.com/msn/163.htm FF - ProfilePath - c:\documents and settings\ermin\Application Data\Mozilla\Firefox\Profiles\t8akazwe.default\ FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-09-30 18:34 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(3928-) c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\program files\Dell\OpenManage\Client\Iap.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe c:\program files\Alwil Software\Avast4\Setup\avast.setup . ************************************************************************ . Completion time: 2009-09-30 18:37 - machine was rebooted ComboFix-quarantined-files.txt 2009-09-30 16:37 ComboFix2.txt 2009-09-30 16:09 Pre-Run: 11.808.436.224 bytes free Post-Run: 11.777.490.944 bytes free Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4 219

Profil

helen1 Poslao: 30 Sep 2009 18:51 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8620 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Interesuje me gde si nasao prvi ComboFix log koji si mi ovde kopirao? Da ga nisi nasao u C:\ComboFix\

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Problem sa Avast-om koji nemoze da izbrise virus

Ko je trenutno na forumu

Ukupno su 846 korisnika na forumu :: 17 registrovanih, 4 sakrivenih i 825 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Bane san, bigfoot, bozidar79, dozorni, elenemste, Kubovac, Litostroton, MiG-29M2, Miki01, milutin134, novator, ozzy, Parker, pein, S-lash, Vatreni Zmaj, zastavnik

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by