MyCity » Ambulanta -> Arhiva Ambulante » Moguca infekcija

Moguca infekcija

Napisano na dan: 9.10.2010

Moguca infekcija
Sledeća strana Pagination

Idi na vrh

Poslao: 09 Okt 2010 02:54
Idi na vrh
offline
  • Milos  Male
  • Super građanin
  • Hardware manager Etliop
  • Pridružio: 22 Jun 2008
  • Poruke: 1116

Napisano: 09 Okt 2010 2:37

Instalirao sam win7 nvidia edition 2010,mada mi ga nesto ne hvata oko sto se tice rada istog,pa evo da proverim sta se sve desava:

DDS (Ver_10-10-05.01) - NTFSx86
Run by Misko at 2:29:58.31 on Sat 10/09/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_20
Microsoft Windows 7 NVIDIA 2010 6.1.7600.0.1252.1.1033.18.2047.919 [GMT 2:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\Installer\MSI4FC7.tmp
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\conhost.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\YouTube Downloader Toolbar\SearchSettings.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\SpeedFan\speedfan.exe
C:\Users\Misko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Misko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Misko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Misko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Misko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Misko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Misko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Misko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Misko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Misko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Misko\Documents\Downloads\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uURLSearchHooks: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\youtube downloader toolbar\SearchSettings.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - c:\users\misko\appdata\roaming\flashgetbho\FlashGetBHO3.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\youtube downloader toolbar\SearchSettings.dll
BHO: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\1.0\youtubedownloaderToolbarIE.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\1.0\youtubedownloaderToolbarIE.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
uRun: [Welcome Center] c:\windows\system32\rundll32.exe c:\windows\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
uRun: [FlashGet 3] "c:\program files\flashget network\flashget 3\Flashget3.exe" -minimize
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [SearchSettings] "c:\program files\youtube downloader toolbar\SearchSettings.exe"
mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey
dRun: [Welcome Center] c:\windows\system32\rundll32.exe c:\windows\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
dRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uPolicies-explorer: NoResolveTrack = 1 (0x1)
uPolicies-explorer: NoSMBalloonTip = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
dPolicies-explorer: NoResolveTrack = 1 (0x1)
dPolicies-explorer: NoSMBalloonTip = 1 (0x1)
IE: Download all by FlashGet3 - c:\users\misko\appdata\roaming\flashgetbho\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\misko\appdata\roaming\flashgetbho\GetUrl.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici]
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
STS: CAveStartButtonChangerObject Class: {f791a188-699d-4fd4-955a-eb59e89b1907} - c:\program files\the skins factory\hyperdesk\common\AveStartButtonChangerInProc.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\misko\appdata\roaming\mozilla\firefox\profiles\9zmu0si5.default\
FF - prefs.js: browser.search.defaulturl - [Link mogu videti samo ulogovani korisnici]
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]
FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici]
FF - component: c:\program files\youtube downloader toolbar\ff\components\youtubedownloaderToolbarFF.dll
FF - component: c:\program files\youtube downloader toolbar\ssff\components\SearchSettingsFF.dll
FF - component: c:\users\misko\appdata\roaming\mozilla\firefox\profiles\9zmu0si5.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: c:\users\misko\appdata\roaming\mozilla\firefox\profiles\9zmu0si5.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - component: c:\users\misko\appdata\roaming\mozilla\firefox\profiles\9zmu0si5.default\extensions\{db9127a2-3381-41ec-82b3-1b6ed4c6f29a}\components\FlashGetXPI.dll
FF - component: c:\users\misko\appdata\roaming\mozilla\firefox\profiles\9zmu0si5.default\extensions\dttoolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\wat\npWatWeb.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

============= SERVICES / DRIVERS ===============

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 151216]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-9-6 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-9-6 267432]
R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2010-2-19 380928]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-9-6 60936]
R2 HyperDeskCustomThemeEnabler;HyperDesk's Custom Theme Enabler;c:\windows\installer\MSI4FC7.tmp [2010-9-12 86016]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-3-25 42368]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-9-6 275048]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-9-9 54632]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-9-9 1343400]

=============== Created Last 30 ================

2010-10-04 14:33:57 -------- d-----w- c:\program files\CCleaner
2010-10-04 14:30:57 -------- d-----w- c:\windows\system32\appmgmt
2010-10-01 16:44:36 0 --sh--r- C:\winx.ld
2010-09-29 22:20:39 -------- d-----w- c:\program files\SpeedFan
2010-09-29 17:15:20 2048 ----a-w- c:\windows\system32\tzres.dll
2010-09-23 14:53:17 88472 ----a-w- c:\users\misko\45124_153268874688579_100000164037205_523466_1397352_n.jpg
2010-09-15 14:41:30 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-09-14 22:23:49 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-14 09:42:02 -------- d-----w- c:\progra~2\Futuremark
2010-09-13 22:57:56 27672 ----a-r- c:\windows\system32\drivers\Entech.sys
2010-09-13 22:57:56 -------- d-----w- c:\windows\system32\Futuremark
2010-09-13 22:57:53 -------- d-----w- c:\program files\common files\Futuremark Shared
2010-09-13 22:55:48 -------- d-----w- c:\program files\Futuremark
2010-09-13 22:55:46 -------- d-----w- c:\windows\45235788142C44BE8A4DDDE9A84492E5.TMP
2010-09-13 22:55:25 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2010-09-13 21:59:39 2503 ----a-w- c:\users\misko\Skype.lnk
2010-09-13 21:59:31 -------- d-----r- c:\program files\Skype
2010-09-12 02:51:39 2315 ----a-w- c:\users\misko\Hyperdesk - Flagship.lnk
2010-09-11 23:09:48 2370 ----a-w- c:\users\misko\Hyperdesk - DarkMatter Subspace.lnk
2010-09-11 22:55:37 -------- d-----w- c:\users\misko\appdata\roaming\Skinux
2010-09-11 22:55:13 2370 ----a-w- c:\users\misko\Hyperdesk - DarkMatter RedShift.lnk
2010-09-11 22:54:50 -------- d-----w- c:\program files\The Skins Factory
2010-09-11 22:54:18 -------- d-----w- c:\users\misko\appdata\local\Downloaded Installations
2010-09-10 23:58:38 993 ----a-w- c:\users\misko\KMPlayer.lnk
2010-09-10 23:58:10 -------- d-----w- c:\program files\The KMPlayer
2010-09-10 23:55:24 -------- d-----w- c:\users\misko\appdata\local\RapidSolution
2010-09-10 23:52:22 14914820 ----a-w- c:\users\misko\The_KMPlayer_1435.exe
2010-09-10 23:52:22 1360328 ----a-w- c:\users\misko\Tunebite_7_Demo_Softonic_OND.exe
2010-09-10 22:14:45 997 ----a-w- c:\users\misko\MV2Player.lnk
2010-09-10 22:14:41 -------- d-----w- c:\program files\Mv2Player
2010-09-10 13:25:33 -------- d-----w- c:\users\misko\appdata\local\GPUMonitor
2010-09-10 13:00:31 171136 --sh--r- C:\grldr
2010-09-10 10:02:52 385040 --sh--r- C:\YEFPR
2010-09-09 22:15:04 2211 ----a-w- c:\users\misko\Windows 7 Manager.lnk
2010-09-09 22:14:59 -------- d-----w- c:\program files\Yamicsoft
2010-09-09 21:58:05 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-09-09 21:44:37 -------- d-----w- c:\users\misko\Tracing
2010-09-09 21:43:00 54632 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-09-09 21:41:28 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-09-09 21:40:40 -------- d-----w- c:\program files\Microsoft
2010-09-09 21:40:23 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-09-09 21:39:47 -------- d-----w- c:\windows\PCHEALTH
2010-09-09 21:13:21 -------- d-----w- c:\program files\common files\Windows Live
2010-09-09 20:56:28 -------- d-----w- c:\windows\system32\Wat
2010-09-09 13:21:23 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-09-09 13:21:21 1896 ----a-w- c:\users\misko\DAEMON Tools Lite.lnk
2010-09-09 13:21:06 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-09-09 13:20:54 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-09-09 13:20:45 -------- d-----w- c:\users\misko\appdata\roaming\DAEMON Tools Lite
2010-09-09 13:20:44 -------- d-----w- c:\progra~2\DAEMON Tools Lite
2010-09-09 11:25:24 -------- d-----w- c:\users\misko\appdata\local\PassMark
2010-09-09 11:25:20 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2010-09-09 11:25:20 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2010-09-09 11:25:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2010-09-09 11:25:02 -------- d-----w- c:\progra~2\PassMark
2010-09-09 11:25:01 -------- d-----w- c:\program files\PerformanceTest

==================== Find3M ====================

2010-09-16 13:19:04 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2010-09-16 13:18:46 20268032 ----a-w- c:\windows\system32\imageres.dll
2010-09-16 13:18:39 249856 ----a-w- c:\windows\system32\uxtheme.dll
2010-09-16 13:18:28 37376 ----a-w- c:\windows\system32\themeservice.dll
2010-08-10 11:46:46 1066176 ----a-w- c:\windows\system32\MSCOMCTL.ocx
2010-07-29 06:30:49 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30:34 82944 ----a-w- c:\windows\system32\iccvid.dll
2010-07-25 20:23:22 56496 ----a-w- c:\windows\system32\wbhelp2.dll
2010-07-25 20:23:22 544768 ----a-w- c:\windows\system32\wbocx.ocx
2010-07-25 20:23:22 33968 ----a-w- c:\windows\system32\anim.dll
2010-07-25 20:23:22 258352 ----a-w- c:\windows\system32\unicows.dll
2010-07-25 20:23:22 1706800 ----a-w- c:\windows\system32\gdiplus.dll
2010-07-25 20:23:20 4608 ----a-w- c:\windows\system32\W95INF32.DLL
2010-07-25 20:23:20 2272 ----a-w- c:\windows\system32\W95INF16.DLL

============= FINISH: 2:30:30.87 ===============

[Link mogu videti samo ulogovani korisnici]

Dopuna: 09 Okt 2010 2:54

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]



Poslao: 10 Okt 2010 13:49
Idi na vrh
offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Izvinjavam se sto kasnim sa odgovorom.


Tvoj racunar je cist sto se malware-a tice.







-----------------------------------------------------------------------------------------
Preporuka:

-Imas instalirana 2 anti-virusa (Microsoft Security Essentials i Avira) pa bi bilo jako pozeljno da jedan deinstaliras.
-Ukoliko imas jos nekih problema sa racunarom, otvori temu u Windows podforumu: [Link mogu videti samo ulogovani korisnici]




Hvala sto verujes AMF Timu Ziveli




Pozdrav,
goran9888 (AMF Tim)



Poslao: 13 Okt 2010 14:37
Idi na vrh
offline
  • Milos  Male
  • Super građanin
  • Hardware manager Etliop
  • Pridružio: 22 Jun 2008
  • Poruke: 1116

Hvala puno!
Sto se anti-virusa tice, mse sam deinstalirao,jer kad sam instalirao win nisam video da je anti virus vec instaliran uz win... Pozdrav!

MyCity » Ambulanta -> Arhiva Ambulante » Moguca infekcija

Ko je trenutno na forumu
 

Ukupno su 1188 korisnika na forumu :: 103 registrovanih, 10 sakrivenih i 1075 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 015, Arsenije, babaroga, Balvan, beki76, Betty25, blackjack, bladesu, bojanstros9, bokisha253, bolimejoli, Boris90, BORUTUS, BraneS, Bubimir, burevestnik, Chainsaw, crnogorac, darcaud, dearg, djuradj, Dogma21, elenemste, famoso, Georgius, Gogi do, Gogi_avio, Haris, HPkopun, istina, JK, jodzula, jon istvan, Kajzer_Soze, Kaplar2, klepesina, kn19, kolateralnasteta, KonstantinR, kovinacc, Kruger, lacko, ladro, Lelemood, Leonov, ljuba.b, LostInSpaceandTime, M74AB3, Magnum_956, markoni.slo, medaTT, mercedesamg, miki kv, Milan A. Nikolic, milenko crazy north, mocnijogurt, Mravojed, Najax, nebojsag, Neuromancer, NMNJ, Nomica, novator, nsharambasa, Papadubi, Pekman, pfc74, Pilence, Pilipenda, ping15, Povratak1912, proka89, RajkoB, RD84, septembar, Shinobi, Slingshot, sova72, Srle993, stalja, stefanmpurtic, stegonosa, stevo svinja, tamno.nebo, Timočka Divizija, Toper, trajkoni018, varda, vaso1, vdeki, vensla, vidra boy, vidra1, Vlad000, vuksa72, VX1, wizzardone, Yugol33, zafon031, zbazin, ZetaMan, zmajognjeniivan, Zrcalo