MyCity » Ambulanta -> Arhiva Ambulante » KIS vrstao - mozda lazna uzbuna - savet

KIS vrstao - mozda lazna uzbuna - savet

Napisano na dan: 13.5.2013

Strana:
1
2

KIS vrstao - mozda lazna uzbuna - savet

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Brksi Poslao: 13 Maj 2013 14:07 Idi na vrh
offline Brksi Ex KGB officer Pridružio: 18 Jul 2003 Poruke: 4204 Gde živiš: U zlatnom kavezu	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jutros oko 8 kasper javio da je karantin stavio neka dva file.... kad otvorim lokaciju tog foldera nema - vide se skriveni folderi. Kasper kaze da su u karantinu i nisu opasne. Da li vas taj detektovani exe podseca na neku infekciju? Postijuci vas rad, trud i vreme necu davati logove, jer sam nedavno radio rutinsku kontroli i bio negativan na viruse. Cudno je da u temporaly internet files nema tog foldera......

Profil

magna86 Poslao: 13 Maj 2013 14:44 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Mnogo malware-a postavlja svoje fajlove privremeno u %temp% foldere dok se ne izvrsi ... ili zasta je vec napisan, te je svaki AV sada paranoican kada vidi tako neki izvrsni file u tempu. Po prici rekao bih da je tu AV nista drugo nego odradio svoj posao. Mozes isprazni temp koristeci ovaj alat: Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop. Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje. Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Dozvoli mu. Napomena: Kada zavrsis sa ciscenjem temp fajlova,program mozes obrisati ili ga sacuvati za kasniju upotrebu. A ti ako zelis, budi slobodan pa postavi nam DDS log bez ustrucavanja ako zelis proveru. [Link mogu videti samo ulogovani korisnici]

Profil

Brksi Poslao: 13 Maj 2013 15:54 Idi na vrh
offline Brksi Ex KGB officer Pridružio: 18 Jul 2003 Poruke: 4204 Gde živiš: U zlatnom kavezu	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16448 Run by Brksi at 15:50:51 on 2013-05-13 Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.16283.13843 [GMT 2:00] . AV: Kaspersky Internet Security Enabled/Updated {2EAA32A5-1EE1-1B22-95DA-337730C6E984} SP: Kaspersky Internet Security Enabled/Updated {95CBD341-38DB-14AC-AF6A-08054B41A339} SP: Windows Defender Enabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security Enabled {1691B380-548E-1A7A-BE85-9A42CE15AEFF} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files\Bonjour\mDNSResponder.exe F:\powerdvd11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe F:\powerdvd11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe F:\powerdvd11\PowerDVD11\Common\MediaServer\CLMSServer.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe F:\The bat\thebat.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\BrksiAppData\Local\Temp\vcheck.exe C:\Windows\system32\IProsetMonitor.exe C:\Program Files (x86)\Trillian\trillian.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe F:\itunes\iTunesHelper.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation F:\powerdvd11\PowerDVD11\PDVD11Serv.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Windows\System32\svchost.exe -k secsvcs F:\AppData\Local\Google\Chrome\Application\chrome.exe F:\AppData\Local\Google\Chrome\Application\chrome.exe F:\AppData\Local\Google\Chrome\Application\chrome.exe F:\AppData\Local\Google\Chrome\Application\chrome.exe F:\AppData\Local\Google\Chrome\Application\chrome.exe F:\AppData\Local\Google\Chrome\Application\chrome.exe F:\AppData\Local\Google\Chrome\Application\chrome.exe F:\AppData\Local\Google\Chrome\Application\chrome.exe F:\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtblfs.exe C:\Windows\system32\wuauclt.exe F:\uTorrent\uTorrent.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\AUDIODG.EXE C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici] mSearchAssistant = [Link mogu videti samo ulogovani korisnici] mWinlogon: Userinit = userinit.exe BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Pomoćnik za prijavljivanje u Microsoft nalog: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [thebat_startup] F:\The bat\thebat.exe /minimize uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [vcheck] C:\Users\BRKSIA~1\Local\Temp\vcheck.exe uRun: [VerControl] C:\Users\BRKSIA~1\Local\TempImg\VerControl.exe uRun: [Google Update] "f:\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe mRun: [PWRISOVM.EXE] F:\PowerISO\PWRISOVM.EXE -startup mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [TV Card Remote Control Device Monitor] C:\Windows\9205RMTMon.exe mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "F:\iTunes\iTunesHelper.exe" mRun: [Bonus.SSR.FR10] "F:\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" /autorun mRun: [RemoteControl11] F:\powerdvd11\PowerDVD11\PDVD11Serv.exe mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" StartupFolder: C:\Users\Brksi\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVENTG~1.LNK - F:\EventGhost\EventGhost.exe StartupFolder: C:\Users\Brksi\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Trillian.lnk - C:\Program Files (x86)\Trillian\trillian.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: Dodaj u Zaštitu od reklama - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll TCP: NameServer = 192.168.1.1 TCP: Interfaces\{26B515FA-E152-4E0F-A67F-8FA8B2D2E203} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{D9F2B677-9CAA-4931-99B6-5EE78008B477} : DHCPNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - x64-BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-Notify: klogon - C:\Windows\System32\klogon.dll x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - f:\AppData\Roaming\Mozilla\Firefox\Profiles\vzl3fyk5.default\ FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npqtplugin.dll FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npqtplugin2.dll FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npqtplugin3.dll FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npqtplugin4.dll FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npqtplugin5.dll FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npqtplugin6.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll FF - plugin: f:\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: F:\iTunes\Mozilla Plugins\npitunes.dll . ============= SERVICES / DRIVERS =============== . R1 kl2;kl2;C:\Windows\System32\drivers\kl2.sys [2011-3-4 11864] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2011-3-10 29488] R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2013/05/04 20:18:48];F:\powerdvd11\PowerDVD11\Common\NavFilter\000.fcl [2013-5-4 148976] R2 ABBYY.Licensing.FineReader.Corporate.10.0;ABBYY FineReader 10 CE Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [2009-12-19 814344] R2 AVP;Kaspersky Anti-Virus usluga;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2011-4-24 206448] R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;F:\powerdvd11\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2013-5-4 83240] R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;F:\powerdvd11\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2013-5-4 70952] R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;F:\powerdvd11\PowerDVD11\Common\MediaServer\CLMSServer.exe [2013-5-4 312616] R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-7-21 171688] R2 ntk_PowerDVD;ntk_PowerDVD;F:\powerdvd11\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2013-5-4 75248] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-3-14 383264] R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848] R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-7-21 317440] R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2009-11-2 22544] R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136] R3 LVUVC64;Logitech HD Webcam C525(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2012-7-21 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2012-7-21 181248] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-10-19 160944] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992] S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960] S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-4-25 52736] S3 WatAdminSvc;Usluga tehnologije aktivacije operativnog sistema Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-21 1255736] . =============== Created Last 30 ================ . 2013-05-09 15:50:30 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab 2013-05-05 16:09:02 -------- d-----w- f:\AppData\Local\CyberLink 2013-05-04 18:18:50 -------- d-----w- C:\ProgramData\PDVD 2013-05-04 18:18:33 -------- d-----w- f:\AppData\Local\MediaServer 2013-05-04 18:17:33 -------- d-----w- C:\ProgramData\install_clap 2013-04-30 20:08:13 -------- d-----w- C:\Program Files (x86)\Advanced Port Scanner 2013-04-24 11:09:48 108448 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll 2013-04-20 13:58:48 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2013-04-20 09:30:29 -------- d-----w- f:\AppData\Local\PunkBuster 2013-04-20 09:30:13 -------- d-----w- C:\ProgramData\Orbit 2013-04-20 09:28:21 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2013-04-20 09:28:21 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2013-04-20 09:28:21 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2013-04-20 09:09:20 -------- d-----w- f:\AppData\Local\Ubisoft Game Launcher . ==================== Find3M ==================== . 2013-04-24 11:09:46 971680 ----a-w- C:\Windows\System32\deployJava1.dll 2013-04-24 11:09:46 1092512 ----a-w- C:\Windows\System32\npDeployJava1.dll 2013-04-23 14:31:30 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-03-15 04:16:18 3477280 ----a-w- C:\Windows\System32\nvsvc64.dll 2013-03-15 04:16:17 6398240 ----a-w- C:\Windows\System32\nvcpl.dll 2013-03-15 04:16:10 877856 ----a-w- C:\Windows\System32\nvvsvc.exe 2013-03-15 04:16:10 63776 ----a-w- C:\Windows\System32\nvshext.dll 2013-03-15 04:16:10 2555680 ----a-w- C:\Windows\System32\nvsvcr.dll 2013-03-15 04:16:10 237856 ----a-w- C:\Windows\System32\nvmctray.dll 2013-03-14 20:07:52 559904 ----a-w- C:\Windows\SysWow64\nvStreaming.exe 2013-03-13 16:24:01 3065455 ----a-w- C:\Windows\System32\nvcoproc.bin 2013-03-13 11:19:48 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-13 11:19:48 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-02-23 20:44:12 472576 ----a-w- C:\Windows\AutoKMS.exe . ============= FINISH: 15:51:05,63 =============== [Link mogu videti samo ulogovani korisnici]

Profil

magna86 Poslao: 13 Maj 2013 17:27 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi RogueKiller i sačuvaj ga na Desktop 32bit verzija: [Link mogu videti samo ulogovani korisnici] 64bit verzija: [Link mogu videti samo ulogovani korisnici] Dvoklikom pokreni RogueKiller i pričekaj da se inicijalno skeniranje završi. Klikni na dugme Scan. Po završenom skeniranju, biće kreiran izveštaj na desktopu pod nazivom RKreport.txt Sadržaj tog loga iskopiraj u temi.. Zatvori RogueKiller

Profil

Brksi Poslao: 13 Maj 2013 17:36 Idi na vrh
offline Brksi Ex KGB officer Pridružio: 18 Jul 2003 Poruke: 4204 Gde živiš: U zlatnom kavezu	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : [Link mogu videti samo ulogovani korisnici] Website : [Link mogu videti samo ulogovani korisnici] Blog : [Link mogu videti samo ulogovani korisnici] Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Brksi [Admin rights] Mode : Scan -- Date : 05/13/2013 17:34:29 \| ARK \|\| FAK \|\| MBR \| ¤¤¤ Bad processes : 1 ¤¤¤ [SUSP PATH] vcheck.exe -- C:\Users\BrksiAppData\Local\Temp\vcheck.exe [-] -> KILLED [TermProc] ¤¤¤ Registry Entries : 6 ¤¤¤ [RUN][SUSP PATH] HKCU\[...]\Run : vcheck (C:\Users\BrksiAppData\Local\Temp\vcheck.exe) [-] -> FOUND [RUN][SUSP PATH] HKUS\S-1-5-21-1479331576-3048224127-1960789526-1000[...]\Run : vcheck (C:\Users\BrksiAppData\Local\Temp\vcheck.exe) [-] -> FOUND [RUN][SUSP PATH] HKLM\[...]\Wow6432Node\Run : TV Card Remote Control Device Monitor (C:\Windows\9205RMTMon.exe) [x] -> FOUND [HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: SAMSUNG HD204UI ATA Device +++++ --- User --- [MBR] 702e88cdaa959c2dd4f9b63e83e96a1a [BSP] cdb6e58bb822d6dbeefe9f97021f7c2d : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 \| Size: 1586128 Mo 1 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 3417057630 \| Size: 239241 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3248391195 \| Size: 82356 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: KINGSTON SH103S3120G ATA Device +++++ --- User --- [MBR] b258087d0c96f6d9507fdcac29dee48d [BSP] 5be1689d0148e1388ac5481e9c8ea7f4 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 \| Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 \| Size: 114371 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_05132013_02d1734.txt >> RKreport[1]_S_05132013_02d1734.txt

Profil

magna86 Poslao: 13 Maj 2013 17:54 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hajde jos jednu malu proveru; Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop. zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; dvoklikom pokreni zoek.exe; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sledeći tekst: `C:\Users\BrksiAppData\Local\Temp\vcheck.exe;virustotal; vcheck.exe;z` Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku. Napomena: Zoek ce mozda startovati default browser sa virustotal sajtom. Ne zatvaraj browser dok zoek ne zavrsi rad.

Profil

Brksi Poslao: 13 Maj 2013 18:00 Idi na vrh
offline Brksi Ex KGB officer Pridružio: 18 Jul 2003 Poruke: 4204 Gde živiš: U zlatnom kavezu	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradicu za par minuta, dok skinem neki rar. Mada mislim da je taj checker cist (nije mi namera da te ucim tvom poslu, nemoj to tako shvatiti)

Profil

magna86 Poslao: 13 Maj 2013 18:15 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	1Ovo se svidja korisniku: Brksi Registruj se da bi pohvalio/la poruku! Opusteno ( ), ovo je vise radjeno za istrazivacke svrhe.

Profil

Brksi Poslao: 13 Maj 2013 18:27 Idi na vrh
offline Brksi Ex KGB officer Pridružio: 18 Jul 2003 Poruke: 4204 Gde živiš: U zlatnom kavezu	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zoek.exe Version 4.0.0.2 Updated 12-May-2013 Tool run by Brksi on pon 13.05.2013 at 18:25:03,49. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected ==== VirusTotal Scan ====================== C:\Users\BrksiAppData\Local\Temp\vcheck.exe [Link mogu videti samo ulogovani korisnici] ==== Folders Found ====================== ==== Files Found ====================== --- C:\Documents and Settings\Brksi\Desktop\RK_Quarantine\vcheck.exe.vir --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 389120 Created time: 2013-05-13 15:34:29 Modified time: 2013-05-13 15:34:29 MD5: 409FAC735BF589644DF333A17D2113EC SHA1: 0D2EF94653DB4AECB288482256EE4E3ACE5BF0E9 --- C:\Documents and Settings\BrksiAppData\Local\Temp\vcheck.exe --- Company: File Description: Version Checker File Version: 1, 0, 0, 1 Product Name: Copyright: Original Filename: File type: ------w- File size: 389120 Created time: 2012-11-17 20:04:09 Modified time: 2011-03-14 10:35:34 MD5: D16D52674EBCC8175B837C09FEF263CA SHA1: 91DBCC2AEC7F5DB86CBAAD6F13355103BADC70D6

Profil

magna86 Poslao: 13 Maj 2013 18:36 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6104	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Brksi, to je to. Kao sto vidis i sam, RK je izlistao te fajlove koristeci svoju heuristic detekciju a fajlovi su legitimni. Isti slucaj je i sa Dr.Web-om. Sistem je cist, nema tragova malware-a. Mozes ukloniti koriscene alate. Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop Dvoklikom pokreni program. Štikliraj sledeće opcije: Remove disinfection tools Purge System Restore Reset system settings Klikni na dugme "Run" i pričekaj da program završi rad. Kada alat završi, otvoriće izvestaj u notepadu. Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt Nemoras da kacis DelFix log. Pozdrav

Profil

MyCity » Ambulanta -> Arhiva Ambulante » KIS vrstao - mozda lazna uzbuna - savet

Ko je trenutno na forumu

Ukupno su 949 korisnika na forumu :: 69 registrovanih, 6 sakrivenih i 874 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 33 bren, 6.5lapua, Ailton, ALEXV, blatruc82, bobomicek, bojan313, bojank, bojanM84, Bombarder, Boris BM, bozo13, Car89, Dannyboy, dejan.7951, Demi87, dijica, Dogma21, dule10savic, ele, Feller, Georgius, Haris, Inner-Cell, interesujeme, ivica976, jarovitt, Leonov, Lucije Kvint, Marko Marković, MarkoD, Mechanik, Metanoja, milutin134, MiroslavD, Mis uz pusku, Misha2101, Mitraljeta, moldway, nekdo, nevjerna beba, niksa517, nisamBot, pein, Petar888, Povratak1912, Prečanin30, radoznao, RajkoB, Ranutovac, raptorsi, RJ, Sirius, sistem22, spalev, ss10, stalja, stegonosa, stokssone, suton, taackee, Timočka Divizija, Uzice, W123, YugoSlav, zbazin, zlaya011, Zoca, 79693

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by