i Svi su kao dobri a svi imaju mane i prednosti... kod mojeg problema nijedan ga nije rjesio!!!
Sve moguce sam instalirao P.S licencirani kupljeni itd..
Slucajno na jednom forumu neki lik mi pusti link od CombaFix i gle cuda pored svih tih kupljenih antiv.. ovaj ga resi iz prve.... a ne bilo vam ko meni hahah u pitanju je lass.exe i smss.exe virus! evo i loga...
ComboFix 10-04-10.01 - Administrator 04/17/2010 16:58:14.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1022.830 [GMT -7:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\037589.log
C:\autorun.inf
C:\NetApi000.sys
C:\pagefile.pif
c:\windows\system32\326407.log
c:\windows\system32\367172.log
c:\windows\system32\46297.log
c:\windows\system32\522501.log
c:\windows\system32\543422.log
c:\windows\system32\554454.log
c:\windows\system32\com\lsass.exe
c:\windows\system32\com\netcfg.000
c:\windows\system32\Com\netcfg.dll
c:\windows\system32\Com\smss.exe
c:\windows\system32\dnsq.dll
D:\AUTORUN.INF
D:\pagefile.pif
.
((((((((((((((((((((((((( Files Created from 2010-03-18 to 2010-04-18 )))))))))))))))))))))))))))))))
.
2010-04-17 23:45 . 2010-04-17 23:46 -------- d-----w- c:\program files\Alwil Software
2010-04-17 23:30 . 2004-08-04 07:56 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2010-04-17 23:30 . 2004-08-04 07:56 21504 ----a-w- c:\windows\system32\hidserv.dll
2010-04-17 23:30 . 2004-08-04 05:58 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2010-04-17 23:30 . 2004-08-04 05:58 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2010-04-17 23:30 . 2001-08-17 21:02 9600 -c--a-w- c:\windows\system32\dllcache\hidusb.sys
2010-04-17 23:30 . 2001-08-17 21:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2010-04-17 23:30 . 2004-08-04 06:08 36224 -c--a-w- c:\windows\system32\dllcache\hidclass.sys
2010-04-17 23:30 . 2004-08-04 06:08 36224 ----a-w- c:\windows\system32\drivers\hidclass.sys
2010-04-17 23:30 . 2004-08-04 06:08 24960 -c--a-w- c:\windows\system32\dllcache\hidparse.sys
2010-04-17 23:30 . 2004-08-04 06:08 24960 ----a-w- c:\windows\system32\drivers\hidparse.sys
2010-04-17 23:30 . 2004-08-04 06:08 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-04-17 23:30 . 2004-08-04 06:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2010-04-17 08:15 . 2010-04-17 08:15 -------- d-----w- c:\program files\microsoft frontpage
2010-04-17 08:14 . 2010-04-17 08:14 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-04-17 08:11 . 2010-04-17 08:11 21640 ----a-w- c:\windows\system32\emptyregdb.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
************************************************** ************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-17 17:01
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
************************************************** ************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\wscntfy.exe
.
************************************************** ************************
.
Completion time: 2010-04-17 17:02:22 - machine was rebooted
ComboFix-quarantined-files.txt 2010-04-18 00:02
Pre-Run: 51,576,201,216 bytes free
Post-Run: 51,597,709,312 bytes free
- - End Of File - - 27B84EF73E925E5F619C60A222485770
Tolike pare bacene na AV a ovaj iz prve BLAM!!!!!!!!! eh da NoD je bio u njemu kad ga ovo cudo zakacilo! poz.
Bookmarks