MyCity » Ambulanta -> Arhiva Ambulante » Moguca infekcija

Moguca infekcija

Napisano na dan: 9.10.2010

Moguca infekcija

Sledeća strana

Pagination

Odgovori

Milos Poslao: 09 Okt 2010 02:54 Idi na vrh
offline Milos Super građanin Hardware manager Etliop Pridružio: 22 Jun 2008 Poruke: 1116	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 09 Okt 2010 2:37 Instalirao sam win7 nvidia edition 2010,mada mi ga nesto ne hvata oko sto se tice rada istog,pa evo da proverim sta se sve desava: DDS (Ver_10-10-05.01) - NTFSx86 Run by Misko at 2:29:58.31 on Sat 10/09/2010 Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_20 Microsoft Windows 7 NVIDIA 2010 6.1.7600.0.1252.1.1033.18.2047.919 [GMT 2:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Essentials\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\Installer\MSI4FC7.tmp C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\nvvsvc.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Application Updater\ApplicationUpdater.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\sppsvc.exe C:\Windows\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\conhost.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\YouTube Downloader Toolbar\SearchSettings.exe C:\Program Files\Microsoft Security Essentials\msseces.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\SpeedFan\speedfan.exe C:\Users\Misko\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Misko\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Misko\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Misko\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Users\Misko\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Misko\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Misko\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Misko\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Misko\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Misko\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Misko\Documents\Downloads\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uURLSearchHooks: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\youtube downloader toolbar\SearchSettings.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - c:\users\misko\appdata\roaming\flashgetbho\FlashGetBHO3.dll BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll BHO: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\youtube downloader toolbar\SearchSettings.dll BHO: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\1.0\youtubedownloaderToolbarIE.dll TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll TB: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\1.0\youtubedownloaderToolbarIE.dll TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll uRun: [Welcome Center] c:\windows\system32\rundll32.exe c:\windows\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut uRun: [FlashGet 3] "c:\program files\flashget network\flashget 3\Flashget3.exe" -minimize uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [SearchSettings] "c:\program files\youtube downloader toolbar\SearchSettings.exe" mRun: [MSSE] "c:\program files\microsoft security essentials\msseces.exe" -hide -runkey dRun: [Welcome Center] c:\windows\system32\rundll32.exe c:\windows\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut dRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uPolicies-explorer: NoResolveTrack = 1 (0x1) uPolicies-explorer: NoSMBalloonTip = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) dPolicies-explorer: NoResolveTrack = 1 (0x1) dPolicies-explorer: NoSMBalloonTip = 1 (0x1) IE: Download all by FlashGet3 - c:\users\misko\appdata\roaming\flashgetbho\GetAllUrl.htm IE: Download by FlashGet3 - c:\users\misko\appdata\roaming\flashgetbho\GetUrl.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL STS: CAveStartButtonChangerObject Class: {f791a188-699d-4fd4-955a-eb59e89b1907} - c:\program files\the skins factory\hyperdesk\common\AveStartButtonChangerInProc.dll ================= FIREFOX =================== FF - ProfilePath - c:\users\misko\appdata\roaming\mozilla\firefox\profiles\9zmu0si5.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157 FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p= FF - component: c:\program files\youtube downloader toolbar\ff\components\youtubedownloaderToolbarFF.dll FF - component: c:\program files\youtube downloader toolbar\ssff\components\SearchSettingsFF.dll FF - component: c:\users\misko\appdata\roaming\mozilla\firefox\profiles\9zmu0si5.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll FF - component: c:\users\misko\appdata\roaming\mozilla\firefox\profiles\9zmu0si5.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll FF - component: c:\users\misko\appdata\roaming\mozilla\firefox\profiles\9zmu0si5.default\extensions\{db9127a2-3381-41ec-82b3-1b6ed4c6f29a}\components\FlashGetXPI.dll FF - component: c:\users\misko\appdata\roaming\mozilla\firefox\profiles\9zmu0si5.default\extensions\dttoolbar@toolbarnet.com\components\DTToolbarFF.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\windows\system32\wat\npWatWeb.dll FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); ============= SERVICES / DRIVERS =============== R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-3-25 151216] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-9-6 135336] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-9-6 267432] R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2010-2-19 380928] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-9-6 60936] R2 HyperDeskCustomThemeEnabler;HyperDesk's Custom Theme Enabler;c:\windows\installer\MSI4FC7.tmp [2010-9-12 86016] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-3-25 42368] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2010-9-6 275048] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-9-9 54632] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-9-9 1343400] =============== Created Last 30 ================ 2010-10-04 14:33:57 -------- d-----w- c:\program files\CCleaner 2010-10-04 14:30:57 -------- d-----w- c:\windows\system32\appmgmt 2010-10-01 16:44:36 0 --sh--r- C:\winx.ld 2010-09-29 22:20:39 -------- d-----w- c:\program files\SpeedFan 2010-09-29 17:15:20 2048 ----a-w- c:\windows\system32\tzres.dll 2010-09-23 14:53:17 88472 ----a-w- c:\users\misko\45124_153268874688579_100000164037205_523466_1397352_n.jpg 2010-09-15 14:41:30 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf 2010-09-14 22:23:49 316928 ----a-w- c:\windows\system32\spoolsv.exe 2010-09-14 09:42:02 -------- d-----w- c:\progra~2\Futuremark 2010-09-13 22:57:56 27672 ----a-r- c:\windows\system32\drivers\Entech.sys 2010-09-13 22:57:56 -------- d-----w- c:\windows\system32\Futuremark 2010-09-13 22:57:53 -------- d-----w- c:\program files\common files\Futuremark Shared 2010-09-13 22:55:48 -------- d-----w- c:\program files\Futuremark 2010-09-13 22:55:46 -------- d-----w- c:\windows\45235788142C44BE8A4DDDE9A84492E5.TMP 2010-09-13 22:55:25 -------- d-----w- c:\program files\common files\Wise Installation Wizard 2010-09-13 21:59:39 2503 ----a-w- c:\users\misko\Skype.lnk 2010-09-13 21:59:31 -------- d-----r- c:\program files\Skype 2010-09-12 02:51:39 2315 ----a-w- c:\users\misko\Hyperdesk - Flagship.lnk 2010-09-11 23:09:48 2370 ----a-w- c:\users\misko\Hyperdesk - DarkMatter Subspace.lnk 2010-09-11 22:55:37 -------- d-----w- c:\users\misko\appdata\roaming\Skinux 2010-09-11 22:55:13 2370 ----a-w- c:\users\misko\Hyperdesk - DarkMatter RedShift.lnk 2010-09-11 22:54:50 -------- d-----w- c:\program files\The Skins Factory 2010-09-11 22:54:18 -------- d-----w- c:\users\misko\appdata\local\Downloaded Installations 2010-09-10 23:58:38 993 ----a-w- c:\users\misko\KMPlayer.lnk 2010-09-10 23:58:10 -------- d-----w- c:\program files\The KMPlayer 2010-09-10 23:55:24 -------- d-----w- c:\users\misko\appdata\local\RapidSolution 2010-09-10 23:52:22 14914820 ----a-w- c:\users\misko\The_KMPlayer_1435.exe 2010-09-10 23:52:22 1360328 ----a-w- c:\users\misko\Tunebite_7_Demo_Softonic_OND.exe 2010-09-10 22:14:45 997 ----a-w- c:\users\misko\MV2Player.lnk 2010-09-10 22:14:41 -------- d-----w- c:\program files\Mv2Player 2010-09-10 13:25:33 -------- d-----w- c:\users\misko\appdata\local\GPUMonitor 2010-09-10 13:00:31 171136 --sh--r- C:\grldr 2010-09-10 10:02:52 385040 --sh--r- C:\YEFPR 2010-09-09 22:15:04 2211 ----a-w- c:\users\misko\Windows 7 Manager.lnk 2010-09-09 22:14:59 -------- d-----w- c:\program files\Yamicsoft 2010-09-09 21:58:05 -------- d-----w- c:\program files\Microsoft Security Essentials 2010-09-09 21:44:37 -------- d-----w- c:\users\misko\Tracing 2010-09-09 21:43:00 54632 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2010-09-09 21:41:28 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2010-09-09 21:40:40 -------- d-----w- c:\program files\Microsoft 2010-09-09 21:40:23 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-09-09 21:39:47 -------- d-----w- c:\windows\PCHEALTH 2010-09-09 21:13:21 -------- d-----w- c:\program files\common files\Windows Live 2010-09-09 20:56:28 -------- d-----w- c:\windows\system32\Wat 2010-09-09 13:21:23 -------- d-----w- c:\program files\DAEMON Tools Toolbar 2010-09-09 13:21:21 1896 ----a-w- c:\users\misko\DAEMON Tools Lite.lnk 2010-09-09 13:21:06 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-09-09 13:20:54 -------- d-----w- c:\program files\DAEMON Tools Lite 2010-09-09 13:20:45 -------- d-----w- c:\users\misko\appdata\roaming\DAEMON Tools Lite 2010-09-09 13:20:44 -------- d-----w- c:\progra~2\DAEMON Tools Lite 2010-09-09 11:25:24 -------- d-----w- c:\users\misko\appdata\local\PassMark 2010-09-09 11:25:20 467984 ----a-w- c:\windows\system32\d3dx10_39.dll 2010-09-09 11:25:20 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll 2010-09-09 11:25:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll 2010-09-09 11:25:02 -------- d-----w- c:\progra~2\PassMark 2010-09-09 11:25:01 -------- d-----w- c:\program files\PerformanceTest ==================== Find3M ==================== 2010-09-16 13:19:04 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll 2010-09-16 13:18:46 20268032 ----a-w- c:\windows\system32\imageres.dll 2010-09-16 13:18:39 249856 ----a-w- c:\windows\system32\uxtheme.dll 2010-09-16 13:18:28 37376 ----a-w- c:\windows\system32\themeservice.dll 2010-08-10 11:46:46 1066176 ----a-w- c:\windows\system32\MSCOMCTL.ocx 2010-07-29 06:30:49 197632 ----a-w- c:\windows\system32\ir32_32.dll 2010-07-29 06:30:34 82944 ----a-w- c:\windows\system32\iccvid.dll 2010-07-25 20:23:22 56496 ----a-w- c:\windows\system32\wbhelp2.dll 2010-07-25 20:23:22 544768 ----a-w- c:\windows\system32\wbocx.ocx 2010-07-25 20:23:22 33968 ----a-w- c:\windows\system32\anim.dll 2010-07-25 20:23:22 258352 ----a-w- c:\windows\system32\unicows.dll 2010-07-25 20:23:22 1706800 ----a-w- c:\windows\system32\gdiplus.dll 2010-07-25 20:23:20 4608 ----a-w- c:\windows\system32\W95INF32.DLL 2010-07-25 20:23:20 2272 ----a-w- c:\windows\system32\W95INF16.DLL ============= FINISH: 2:30:30.87 =============== https://www.mycity.rs/must-login.png Dopuna: 09 Okt 2010 2:54 https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png

Profil

1l padr1n0 Poslao: 10 Okt 2010 13:49 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Izvinjavam se sto kasnim sa odgovorom. Tvoj racunar je cist sto se malware-a tice. ----------------------------------------------------------------------------------------- Preporuka: -Imas instalirana 2 anti-virusa (Microsoft Security Essentials i Avira) pa bi bilo jako pozeljno da jedan deinstaliras. -Ukoliko imas jos nekih problema sa racunarom, otvori temu u Windows podforumu: http://www.mycity.rs/Windows/ Hvala sto verujes AMF Timu Pozdrav, goran9888 (AMF Tim)

Profil

Milos Poslao: 13 Okt 2010 14:37 Idi na vrh
offline Milos Super građanin Hardware manager Etliop Pridružio: 22 Jun 2008 Poruke: 1116	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala puno! Sto se anti-virusa tice, mse sam deinstalirao,jer kad sam instalirao win nisam video da je anti virus vec instaliran uz win... Pozdrav!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Moguca infekcija

Ko je trenutno na forumu

Ukupno su 768 korisnika na forumu :: 4 registrovanih, 0 sakrivenih i 764 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: bladesu, draggan, saputnik plavetnila, wizzardone

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by