MyCity » Ambulanta -> Arhiva Ambulante » Avast virus - WindrwNS.SYS

Avast virus - WindrwNS.SYS

Napisano na dan: 15.5.2011

Avast virus - WindrwNS.SYS

Sledeća strana

Pagination

Odgovori

bobo 75 Poslao: 15 Maj 2011 12:42 Idi na vrh
offline bobo 75 Ugledni građanin Pridružio: 14 Sep 2008 Poruke: 424 Gde živiš: Podgorica	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Prilikom botovanja avast pokazuje sledeću iskačuću poruku... Probao sa brisanje ...ali se opet pojavljuje...poslao sam i njihovom timu ovu prijetnju... Prilažem log file... https://www.mycity.rs/must-login.png DDS - File... . DDS (Ver_11-03-05.01) - NTFSx86 Run by xp at 12:23:33,31 on ned 15.05.2011 Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_25 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.880 [GMT 2:00] . AV: avast! Antivirus Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} SP: Spy Emergency Disabled/Updated {82117492-906E-4b02-A33A-84D42A2DD907} FW: Outpost Firewall Enabled . ============== Running Processes =============== . C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\Program Files\Free Desktop Clock\DesktopClock.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Rainmeter\Rainmeter.exe C:\Program Files\Memturbo 4\MemTurbo.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe svchost.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Executive Software\Diskeeper\DkService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\System32\svchost.exe -k imgsvc C:\WINDOWS\System32\TUProgSt.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\ACD Systems\ACDSee\10.0\ACDSee10.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\xp\Desktop\dds.scr . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File uRun: [SkinClock] c:\program files\free desktop clock\DesktopClock.exe uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe" mRun: [OutpostMonitor] c:\progra~1\agnitum\outpos~1\op_mon.exe /tray /noservice mRun: [OutpostFeedBack] "c:\program files\agnitum\outpost firewall\feedback.exe" /dump:os_startup mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [avast] "c:\program files\alwil software\avast5\avastUI.exe" /nogui dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRunOnce: [RunNarrator] Narrator.exe StartupFolder: c:\docume~1\xp\startm~1\programs\startup\memturbo.lnk - c:\program files\memturbo 4\MemTurbo.exe StartupFolder: c:\docume~1\xp\startm~1\programs\startup\yahoo!~1.lnk - c:\program files\yahoo!\widgets\YahooWidgets.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\rainme~1.lnk - c:\program files\rainmeter\Rainmeter.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Name-Space Handler: ftp\DLA.IEClickMon - {A5A08E80-B472-11D2-89D1-0080C8C12A3A} - c:\progra~1\iolo\common\lib\URLSTO~1.DLL Name-Space Handler: http\DLA.IEClickMon - {A5A08E80-B472-11D2-89D1-0080C8C12A3A} - c:\progra~1\iolo\common\lib\URLSTO~1.DLL Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - c:\docume~1\xp\applic~1\mozilla\firefox\profiles\0wkwddr0.default\ FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-2-26 371544] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-6-30 301528] R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [2010-6-30 704384] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656] R2 acssrv;Agnitum Client Security Service;c:\progra~1\agnitum\outpos~1\acs.exe [2010-6-30 1195008] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-6-30 19544] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-6-30 42184] R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [2010-6-30 31128] R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [2010-6-30 257432] S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2010-5-11 27064] S3 ZSMC0305;A4 TECH PC Camera V;c:\windows\system32\drivers\usbVM305.sys [2010-1-20 391688] . =============== File Associations =============== . JSEFile=NOTEPAD.EXE %1 VBEFile=NOTEPAD.EXE %1 VBSFile=NOTEPAD.EXE %1 . =============== Created Last 30 ================ . 2011-05-08 22:12:37 53248 ----a-w- c:\windows\system32\suppdll.dll 2011-05-03 02:27:33 839680 ----a-w- c:\windows\system32\lameACM.acm 2011-05-03 02:27:33 631808 ----a-w- c:\windows\system32\xvidcore.dll 2011-05-03 02:27:33 243200 ----a-w- c:\windows\system32\xvidvfw.dll 2011-05-03 02:27:33 237568 ----a-w- c:\windows\system32\yv12vfw.dll 2011-05-03 02:27:33 151552 ----a-w- c:\windows\system32\ac3acm.acm 2011-05-03 02:27:32 80896 ----a-w- c:\windows\system32\ff_vfw.dll 2011-05-03 01:07:18 8 ----a-w- c:\windows\system32\Mlkf.dll 2011-05-02 23:41:28 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-04-25 23:49:49 -------- d-----w- c:\program files\Wise PC Engineer . ==================== Find3M ==================== . 2011-05-02 23:41:08 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-04-03 13:34:16 25992 ----a-w- c:\windows\system32\pgdfgsvc.exe 2011-03-20 19:22:59 1409 ----a-w- c:\windows\system32\tmpFEDE1.FOT 2011-03-20 19:22:59 1409 ----a-w- c:\windows\system32\tmpE1EE1.FOT 2011-03-20 19:22:59 1409 ----a-w- c:\windows\system32\tmp1ADE1.FOT 2011-03-20 19:22:59 1409 ----a-w- c:\windows\system32\tmp0CDE1.FOT 2011-03-02 10:43:46 175616 ----a-w- c:\windows\system32\unrar.dll 2011-02-23 15:04:21 40648 ----a-w- c:\windows\avastSS.scr . ============= FINISH: 12:26:09,37 =============== DDS Attach file... https://www.mycity.rs/must-login.png Gmer fajlovi ... https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png RootRepeal... https://www.mycity.rs/must-login.png Programi koji se podižu sa windowsom... Inače koristim bežični internet... Hvala na pomoći...

Profil

diarno Poslao: 15 Maj 2011 13:11 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	2Ovo se svidja korisnicima: bobo 75, SlobaBgd Registruj se da bi pohvalio/la poruku! Pozdrav... Koristis li program Folder Lock?

Profil

bobo 75 Poslao: 15 Maj 2011 13:14 Idi na vrh
offline bobo 75 Ugledni građanin Pridružio: 14 Sep 2008 Poruke: 424 Gde živiš: Podgorica	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da ... Već godinu dana...

Profil

diarno Poslao: 15 Maj 2011 18:17 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	2Ovo se svidja korisnicima: bobo 75, SlobaBgd Registruj se da bi pohvalio/la poruku! bobo 75 ::Da ... Već godinu dana... U pitanju je False Positive.. Stavi taj fajl u ignore listu i obavesti mailom Avast da je u pitanju FP.

Profil

bobo 75 Poslao: 15 Maj 2011 20:54 Idi na vrh
offline bobo 75 Ugledni građanin Pridružio: 14 Sep 2008 Poruke: 424 Gde živiš: Podgorica	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok hvala Diarno Veliki pozdrav!!!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Avast virus - WindrwNS.SYS

Ko je trenutno na forumu

Ukupno su 1044 korisnika na forumu :: 43 registrovanih, 8 sakrivenih i 993 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, _Rade, aramis s, Arsenije, Avalon015, bigfoot, colji, croato, DH, Frunze, gomago, Joja, Karla, kenny74, kokodakalo, krkalon, kybonacci, Leonov, Miki01, mikki jons, mile23, MiroslavD, nebidrag, nenooo, Ognjen D., opt1, Panter, pein, perkanidja1, raptorsi, ruma, sap, ser.hill, strelac07, tomigun, Tragač, trajkoni018, uruk, Vatreni Zmaj, Vlada1389, vladaa012, voja64, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by