MyCity » Ambulanta -> Arhiva Ambulante » Avast pronasao virus

Avast pronasao virus

Napisano na dan: 12.3.2012

Avast pronasao virus
Sledeća strana Pagination

Idi na vrh

Poslao: 12 Mar 2012 00:05
Idi na vrh
offline
  • Pridružio: 09 Maj 2010
  • Poruke: 1

Pozdrav svima
Avast mi je pronasa proces u memoriji koji nemogu da uklonim.




Da napomenem da mi je racunar dosta usporio.
Konekcija mobilni internet.

evo logova:


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31
Run by Milos at 23:58:45 on 2012-03-11
Microsoft Windows XP Professional 5.1.2600.3.1250.381.1033.18.1023.132 [GMT 1:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS.0\system32\Ati2evxx.exe
C:\WINDOWS.0\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS.0\system32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS.0\system32\Ati2evxx.exe
svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS.0\system32\spoolsv.exe
C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\WINDOWS.0\Explorer.EXE
C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\FarStone\VirtualDrive\vdtask.exe
C:\Program Files\mts mobilni internet\mts mobilni internet.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS.0\SOUNDMAN.EXE
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS.0\system32\devldr32.exe
C:\Program Files\FarStone\VirtualDrive\Netsrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Documents and Settings\All Users\Application Data\mts mobilni internet\OnlineUpdate\ouc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS.0\System32\svchost.exe -k HTTPFilter
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS.0\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com/
uDefault_Search_URL = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.google.com/
uURLSearchHooks: Winamp Toolbar Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - c:\program files\winamp toolbar\winamptb.dll
mURLSearchHooks: Winamp Toolbar Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - c:\program files\winamp toolbar\winamptb.dll
mWinlogon: SfcDisable=-99 (0xffffff9d)
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Virtual Drive] "c:\program files\farstone\virtualdrive\vdtask.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRun: [ctfmon.exe] ctfmon.exe
dRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
uPolicies-explorer: NoResolveTrack = 1 (0x1)
uPolicies-explorer: NoInstrumentation = 1 (0x1)
uPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)
uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
mPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
dPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
dPolicies-explorer: NoResolveTrack = 1 (0x1)
dPolicies-explorer: NoInstrumentation = 1 (0x1)
dPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)
dPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: Interfaces\{B88B51AE-174A-4231-A20C-D6953B296DE6} : NameServer = 195.178.38.3 195.178.38.8
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: AtiExtEvent - Ati2evxx.dll
AppInit_DLLs: c:\windows.0\system32\guard32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows.0\system32\WPDShServiceObj.dll
SecurityProviders: schannel.dll, credssp.dll, digest.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\milos\application data\mozilla\firefox\profiles\2k3av4wd.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.winamp.com/search/search?query={searchTerms}&invocationType=tb50-ff-winamp-chromesbox-en-us&tb_uuid=20111117173153953&tb_oid=17-11-2011&tb_mrud=17-11-2011&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - google.rs
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&invocationType=tb50-ff-winamp-ab-en-us&tb_uuid=20111117173153953&tb_oid=17-11-2011&tb_mrud=17-11-2011&query=
FF - plugin: c:\documents and settings\milos\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\milos\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\milos\local settings\application data\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows.0\system32\drivers\aswSnx.sys [2011-8-16 612184]
R1 aswSP;aswSP;c:\windows.0\system32\drivers\aswSP.sys [2011-8-16 337880]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows.0\system32\drivers\cmdGuard.sys [2011-1-6 494968]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows.0\system32\drivers\cmdhlp.sys [2011-1-6 31704]
R2 aswFsBlk;aswFsBlk;c:\windows.0\system32\drivers\aswFsBlk.sys [2011-8-16 20696]
R2 Autodesk Content Service;Autodesk Content Service;c:\program files\autodesk\content service\Connect.Service.ContentService.exe [2011-2-2 18656]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-8-16 44768]
R2 cdant;cdant;c:\windows.0\system32\drivers\cdant.sys [2011-11-14 35661]
R2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2011-1-17 1960584]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\documents and settings\all users\application data\datacardservice\HWDeviceService.exe [2011-3-14 271712]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-11-15 652360]
R2 MSSQL$SHIPCON;SQL Server (SHIPCON);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2007-2-10 29178224]
R2 XRNBO;XRNBO;c:\windows.0\system32\drivers\XRNBO.sys [2011-10-16 177152]
R3 huawei_enumerator;huawei_enumerator;c:\windows.0\system32\drivers\ew_jubusenum.sys [2011-11-3 73216]
R3 MBAMProtector;MBAMProtector;c:\windows.0\system32\drivers\mbam.sys [2011-11-15 20464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows.0\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 mts mobilni internet. RunOuc;mts mobilni internet. OUC;c:\program files\mts mobilni internet\updatedog\ouc.exe [2011-11-3 239968]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows.0\system32\drivers\ew_hwusbdev.sys [2011-11-3 102784]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows.0\system32\drivers\ewusbnet.sys [2011-11-3 235392]
S3 qcusbser;Modem Interface USB Device for Legacy Serial Communication;c:\windows.0\system32\drivers\qcusbser.sys [2011-8-17 103552]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows.0\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
.scr=AutoCADScriptFile
.txt=InteGNPS_TXT
.
=============== Created Last 30 ================
.
2012-03-10 23:51:00 -------- d-----w- c:\documents and settings\milos\local settings\application data\Temp
2012-03-10 23:49:02 73728 ----a-w- c:\windows.0\system32\javacpl.cpl
2012-03-10 23:49:02 476904 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2012-03-09 23:07:51 -------- d-----w- c:\program files\Flamingo 2.0
2012-03-09 19:54:09 -------- d-----w- c:\program files\Rhinoceros 3.0
2012-03-09 19:19:12 -------- d-----w- c:\documents and settings\all users\application data\McNeel
2012-03-09 19:19:01 -------- d-----w- c:\program files\Rhinoceros 4.0
2012-03-09 16:12:56 400 ----a-w- c:\windows.0\system32\drivers\bhtrugl792.dat
2012-03-09 15:55:48 -------- d-----w- c:\program files\MagicISO
2012-03-08 19:47:40 -------- d-----w- C:\Milos
2012-03-08 14:39:45 -------- d-----w- c:\documents and settings\milos\application data\TuneUp Software
2012-03-08 14:36:36 -------- d-----w- c:\documents and settings\all users\application data\TuneUp Software
2012-03-08 14:36:11 -------- d-sh--w- c:\documents and settings\all users\application data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-03-07 20:51:52 1292288 ------w- c:\windows.0\system32\dllcache\quartz.dll
2012-03-07 20:51:51 386048 ------w- c:\windows.0\system32\dllcache\qdvd.dll
2012-03-07 20:51:40 33280 ------w- c:\windows.0\system32\dllcache\csrsrv.dll
2012-03-07 20:51:39 293376 ------w- c:\windows.0\system32\dllcache\winsrv.dll
2012-03-07 20:51:34 290432 ------w- c:\windows.0\system32\dllcache\atmfd.dll
2012-03-07 20:51:29 978944 ------w- c:\windows.0\system32\dllcache\mfc42.dll
2012-03-07 20:51:28 974848 ------w- c:\windows.0\system32\dllcache\mfc42u.dll
2012-03-07 20:51:18 186880 ------w- c:\windows.0\system32\dllcache\encdec.dll
2012-03-07 20:51:13 692736 ------w- c:\windows.0\system32\dllcache\inetcomm.dll
2012-03-07 20:51:01 354816 ------w- c:\windows.0\system32\dllcache\winhttp.dll
2012-03-07 20:51:01 152064 ------w- c:\windows.0\system32\dllcache\schannel.dll
2012-03-07 20:50:55 23040 ------w- c:\windows.0\system32\dllcache\mciseq.dll
2012-03-07 20:50:54 176128 ------w- c:\windows.0\system32\dllcache\winmm.dll
2012-03-07 20:50:50 1869056 ------w- c:\windows.0\system32\dllcache\win32k.sys
2012-03-07 20:50:36 551936 ------w- c:\windows.0\system32\dllcache\oleaut32.dll
2012-03-07 20:50:28 599552 ------w- c:\windows.0\system32\dllcache\crypt32.dll
2012-03-07 20:50:19 1289216 ------w- c:\windows.0\system32\dllcache\ole32.dll
2012-03-07 20:50:00 357888 ------w- c:\windows.0\system32\dllcache\srv.sys
2012-03-07 20:24:12 457856 ------w- c:\windows.0\system32\dllcache\mrxsmb.sys
2012-03-07 20:19:58 138496 ------w- c:\windows.0\system32\dllcache\afd.sys
2012-03-07 20:19:42 139656 ------w- c:\windows.0\system32\dllcache\rdpwd.sys
2012-03-07 19:58:28 -------- d-----w- c:\windows.0\SxsCaPendDel
2012-03-07 19:53:53 -------- d-----w- c:\windows.0\ie8updates
2012-03-07 19:53:22 -------- d--h--w- c:\windows.0\$hf_mig$
2012-03-07 19:50:29 420864 ------w- c:\windows.0\system32\dllcache\vbscript.dll
2012-03-07 19:50:28 726528 ------w- c:\windows.0\system32\dllcache\jscript.dll
2012-03-07 19:50:12 758784 ------w- c:\windows.0\system32\dllcache\vgx.dll
2012-03-07 19:49:34 10496 ------w- c:\windows.0\system32\dllcache\ndistapi.sys
2012-03-07 19:49:20 3072 ------w- c:\windows.0\system32\iacenc.dll
2012-03-07 19:49:20 3072 ------w- c:\windows.0\system32\dllcache\iacenc.dll
2012-03-07 18:13:07 33984 ----a-w- c:\windows.0\system32\cmdcsr.dll
2012-03-05 17:03:16 -------- d-----w- c:\windows.0\system32\Quicktime
2012-03-05 17:03:16 -------- d-----w- c:\documents and settings\all users\application data\SmartSound Software Inc
2012-03-05 17:03:14 -------- d-----w- c:\program files\SmartSound Software
2012-03-05 17:01:48 -------- d-----w- c:\program files\Windows Media Components
2012-03-05 16:55:23 -------- d-----w- c:\program files\common files\Ulead Systems
2012-03-05 16:55:21 282624 ----a-w- c:\program files\common files\installshield\updateservice\agent.exe
2012-03-05 16:54:13 -------- d-----w- c:\program files\Ulead Systems
2012-03-05 16:53:03 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll
2012-03-05 16:53:02 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll
2012-03-05 16:53:02 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe
2012-03-05 16:53:02 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll
2012-03-05 16:53:01 696320 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll
2012-03-05 16:53:00 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll
2012-03-05 16:52:59 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll
2012-03-03 14:30:02 -------- d-----w- c:\windows.0\system32\NtmsData
2012-02-18 01:00:27 19416 ----a-w- c:\program files\mozilla firefox\AccessibleMarshal.dll
2012-02-18 01:00:26 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll
2012-02-18 01:00:25 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2012-02-18 01:00:25 125912 ----a-w- c:\program files\mozilla firefox\crashreporter.exe
2012-02-18 01:00:23 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll
2012-02-12 15:51:25 -------- d-----w- c:\documents and settings\milos\application data\farstone
.
==================== Find3M ====================
.
2012-03-10 23:48:09 472808 ----a-w- c:\windows.0\system32\deployJava1.dll
2012-03-10 23:30:56 414368 ----a-w- c:\windows.0\system32\FlashPlayerCPLApp.cpl
2012-03-09 10:35:16 60416 ----a-w- c:\windows.0\ALCFDRTM.VER
2012-03-07 00:15:19 41184 ----a-w- c:\windows.0\avastSS.scr
2012-03-07 00:03:51 612184 ----a-w- c:\windows.0\system32\drivers\aswSnx.sys
2012-01-17 21:00:48 494968 ----a-w- c:\windows.0\system32\drivers\cmdGuard.sys
2012-01-12 16:54:47 1869056 ----a-w- c:\windows.0\system32\win32k.sys
2011-12-19 18:59:21 31704 ----a-w- c:\windows.0\system32\drivers\cmdhlp.sys
2011-12-19 18:59:19 18056 ----a-w- c:\windows.0\system32\drivers\cmderd.sys
2011-12-19 18:58:55 301224 ----a-w- c:\windows.0\system32\guard32.dll
2011-12-17 19:45:42 919552 ----a-w- c:\windows.0\system32\wininet.dll
2011-12-17 19:45:42 43520 ----a-w- c:\windows.0\system32\licmgr10.dll
2011-12-17 19:45:42 1469440 ----a-w- c:\windows.0\system32\inetcpl.cpl
2011-12-16 12:32:59 385024 ----a-w- c:\windows.0\system32\html.iec
2007-12-21 01:18:48 110592 ----a-w- c:\program files\SCon.ProjectSettings.dll
2007-12-21 01:14:04 790528 ----a-w- c:\program files\SCon.DataLayer.Dwg.dll
2007-12-21 01:13:30 1703936 ----a-w- c:\program files\SCon.DataLayer.Gen.dll
.
============= FINISH: 23:59:52.68 ===============

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png


Unapred hvala.

Poslao: 12 Mar 2012 12:52
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Pozdrav i dobro nam dosao.

Moram te pitati, da li si instalirao Full CIS ili samo Firewall.

Pitam jer vec imas instaliran Avast antivirus.

MyCity » Ambulanta -> Arhiva Ambulante » Avast pronasao virus

Ko je trenutno na forumu
 

Ukupno su 812 korisnika na forumu :: 14 registrovanih, 1 sakriven i 797 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Bane san, bigfoot, bozidar79, cvrle312, d bos, elenemste, Kubovac, novator, ObelixSRB, ozzy, Parker, pein, S-lash, wolverined4