MyCity » Ambulanta -> Arhiva Ambulante » Sumnjam na virus

Sumnjam na virus

Napisano na dan: 25.10.2009

Sumnjam na virus
Sledeća strana Pagination

Idi na vrh

Poslao: 25 Okt 2009 18:15
Idi na vrh
offline
  • Pridružio: 01 Mar 2008
  • Poruke: 245

Napisano: 25 Okt 2009 18:01

Ne znam u čemu je problem, Avast mi ne pokazuje virus ali se kompjuter tako ponaša odnedavno. Kad pokušam da ga ugasim preko starta i kliknem na isključi , sledeći prozor koji bi trebalo odmah da se otvori gde odaberem restart ili isključi mi se pojavi tek nakon nekoliko minuta kao da postoji neki program koji radi u pozadini. Međutim ako otvorim upravljač zadacima on mi ne pokazuje da ima otvorenih programa. Takođe s obzirom na konfiguraciju sistem radi vrlo usporeno tako da mislim da je nešto oko virusa u pitanju.


DDS (Ver_09-10-24.04) - NTFSx86
Run by Aca at 15:00:11,68 on ned 25.10.2009
Internet Explorer: 7.0.5730.11
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1561 [GMT 1:00]

AV: avast! antivirus 4.8.1356 [VPS 091024-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\LckFldService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Aca\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: Torrent-Search Toolbar: {e0c7b854-d5ce-4db6-9804-be1438603d89} - c:\program files\torrent-search\tbTorr.dll
mWinlogon: UIHost=c:\documents and settings\all users\application data\tuneup software\tuneup utilities\winstyler\tu_logonui.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Windows Live pomagac za prijavljivanje: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: NitroPDFBHO Class: {cf070cb8-f02f-4af4-a7b7-8d45cad4bb54} - c:\program files\nitro pdf\pdf download\NitroPDF.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Torrent-Search Toolbar: {e0c7b854-d5ce-4db6-9804-be1438603d89} - c:\program files\torrent-search\tbTorr.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Torrent-Search Toolbar: {e0c7b854-d5ce-4db6-9804-be1438603d89} - c:\program files\torrent-search\tbTorr.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Save Page As PDF ... - file://c:\program files\nitro pdf\pdf download\nitroweb.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {96538116-AB8C-4879-9F21-BD2BFE22A414} - {DC6169B9-3397-4D01-8639-07F1A34BAF99}
IE: {AD9E6088-E00B-42f9-9F0C-8480525D234E} - {FF5073C0-28A0-4223-9BDF-59FF020FE77C} - c:\program files\nitro pdf\pdf download\NitroPDF.dll
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-9-25 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-9-25 20560]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2007-1-1 1684736]

=============== Created Last 30 ================

2009-10-25 11:06:23 4526 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2009-10-24 13:14:00 0 d-----w- C:\CyberLink
2009-10-22 12:51:57 44 ----a-w- c:\windows\system32\mslck.dat
2009-10-22 12:51:41 12 ----a-w- c:\windows\system32\Mlkf.dll
2009-10-22 12:49:53 34304 ----a-w- c:\windows\system32\ntsvc.ocx
2009-10-22 12:49:52 546524 ----a-w- c:\windows\system32\olelib.tlb
2009-10-22 12:49:52 389120 ----a-w- c:\windows\system32\actskn43.ocx
2009-10-22 12:49:52 153088 ----a-w- c:\windows\system32\fldlckun.exe
2009-10-22 12:47:00 1024 ---h--r- c:\windows\system32\$SETINI$.DAT
2009-10-22 12:45:11 444 ----a-w- c:\windows\system32\FLOCKER.USR
2009-10-22 12:07:41 36864 ----a-w- c:\windows\system32\LckFldService.exe
2009-10-22 12:07:40 368912 ----a-w- c:\windows\system32\vbar332.dll
2009-10-22 12:07:40 140288 ----a-w- c:\windows\system32\COMDLG32.OCX
2009-10-22 12:07:40 0 d-----w- c:\program files\FolderAccess
2009-10-22 11:48:49 0 d-----w- c:\windows\system32\wbem\Repository
2009-10-21 22:12:39 0 d-----w- c:\windows\ServicePackFiles
2009-10-21 22:11:55 0 d-----w- c:\program files\MSXML 6.0
2009-10-21 22:08:46 0 d-----w- c:\windows\$hf_mig$
2009-10-16 16:16:36 0 d-----w- C:\ProgramData
2009-10-16 16:16:36 0 d-----w- c:\docume~1\alluse~1\applic~1\Electronic Arts
2009-10-16 13:45:49 189184 ----a-w- c:\windows\system32\PnkBstrB.xtr
2009-10-14 23:16:30 682280 ----a-w- c:\windows\system32\pbsvc.exe
2009-10-14 23:12:05 0 d-----w- c:\program files\Activision
2009-10-13 17:25:04 73728 ----a-w- c:\windows\system32\javacpl.cpl
2009-10-13 17:25:04 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-10-11 21:21:54 0 d-----w- c:\program files\Zip Password Recovery Magic
2009-10-11 20:59:18 0 d-----w- c:\program files\ElcomSoft
2009-10-06 15:20:09 1908 ----a-w- c:\windows\diagwrn.xml
2009-10-06 15:20:09 1908 ----a-w- c:\windows\diagerr.xml
2009-10-06 11:01:50 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-10-04 16:13:46 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-10-03 18:24:30 116 ----a-w- c:\documents and settings\aca\default.pls
2009-10-03 17:35:18 4 ---ha-w- c:\documents and settings\aca\__iw3mp
2009-10-03 17:34:39 4 ---ha-w- c:\documents and settings\aca\__iw3sp
2009-10-03 17:31:34 138064 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-10-03 17:31:33 22328 ----a-w- c:\docume~1\aca\applic~1\PnkBstrK.sys
2009-10-03 17:31:17 189184 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-10-03 17:31:15 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-10-03 17:31:15 0 d-----w- c:\windows\system32\LogFiles
2009-10-03 17:19:15 443752 ----a-w- c:\windows\system32\d3dx10_34.dll
2009-10-03 17:19:15 1124720 ----a-w- c:\windows\system32\D3DCompiler_34.dll
2009-10-03 17:19:13 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
2009-10-03 17:19:13 1123696 ----a-w- c:\windows\system32\D3DCompiler_33.dll
2009-10-03 17:18:50 319 ----a-w- c:\windows\game.ini
2009-10-03 16:43:52 0 d-sh--w- c:\windows\ftpcache
2009-09-30 15:14:01 90624 ----a-w- c:\windows\system32\drivers\kswdmcap.ax
2009-09-30 15:14:01 61952 ----a-w- c:\windows\system32\drivers\kstvtune.ax
2009-09-30 15:14:01 53760 ----a-w- c:\windows\system32\drivers\vfwwdm32.dll
2009-09-30 15:14:01 43008 ----a-w- c:\windows\system32\drivers\ksxbar.ax
2009-09-30 15:14:01 28672 ----a-w- c:\windows\system32\drivers\vidcap.ax
2009-09-30 15:13:40 0 d-----w- c:\program files\IVT Corporation
2009-09-28 10:16:10 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-09-28 10:16:10 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-09-28 10:15:55 0 d-----w- c:\program files\iPod
2009-09-28 10:15:53 0 d-----w- c:\program files\iTunes
2009-09-28 10:15:53 0 d-----w- c:\docume~1\alluse~1\applic~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-28 10:15:44 0 d-----w- c:\program files\Bonjour
2009-09-27 17:45:48 0 d-----w- c:\docume~1\alluse~1\applic~1\Messenger Plus!
2009-09-27 15:14:22 5248 ----a-w- c:\windows\system32\drivers\d347prt.sys
2009-09-27 15:14:22 155136 ----a-w- c:\windows\system32\drivers\d347bus.sys
2009-09-27 15:14:22 0 d-----w- c:\program files\D-Tools
2009-09-27 15:14:06 0 d-----w- c:\windows\Downloaded Installations
2009-09-27 14:16:43 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2009-09-27 14:16:43 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2009-09-27 14:16:43 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2009-09-27 14:16:43 8192 ----a-w- c:\windows\system32\kbdkor.dll
2009-09-27 14:16:43 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll
2009-09-27 14:16:43 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2009-09-27 14:16:43 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2009-09-27 14:16:43 6144 ----a-w- c:\windows\system32\kbd106.dll
2009-09-27 14:16:43 6144 ----a-w- c:\windows\system32\kbd101c.dll
2009-09-27 14:16:43 6144 ----a-w- c:\windows\system32\kbd101b.dll
2009-09-27 14:16:43 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2009-09-27 14:16:43 5632 ----a-w- c:\windows\system32\kbd103.dll
2009-09-27 12:56:48 0 d-----w- c:\windows\system32\appmgmt
2009-09-27 12:52:16 0 d-----w- c:\program files\Nitro PDF
2009-09-27 12:42:19 7537 ----a-w- c:\windows\system32\dopdf6.ctm
2009-09-27 12:35:05 0 d-----w- c:\windows\system32\XPSViewer
2009-09-27 12:34:34 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-09-27 12:34:34 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-09-27 12:34:34 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-09-27 12:34:34 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-09-27 12:34:34 117760 ------w- c:\windows\system32\prntvpt.dll
2009-09-27 12:34:33 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-09-27 12:34:33 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-09-27 12:33:29 341504 ----a-w- c:\windows\system32\localspl.dll
2009-09-27 12:33:29 2017280 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-09-27 12:33:28 26488 ----a-w- c:\windows\system32\spupdsvc.exe
2009-09-26 20:56:17 299520 ----a-w- c:\windows\uninst.exe
2009-09-26 20:56:14 0 d-----w- c:\documents and settings\aca\WINDOWS
2009-09-26 20:47:15 0 d-----w- c:\program files\ABBYY FineReader 6.0
2009-09-26 20:47:15 0 d-----w- c:\program files\ABBYY FineReader 5.0 Sprint
2009-09-26 20:46:52 0 d-----w- c:\program files\FaxTools
2009-09-26 20:45:18 267 ----a-w- c:\windows\lexstat.ini
2009-09-26 20:44:52 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-09-26 20:44:52 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-09-26 20:44:20 0 d-----w- c:\program files\Lexmark X1100 Series
2009-09-26 20:44:19 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2009-09-26 20:44:19 87040 ----a-w- c:\windows\system32\wiafbdrv.dll
2009-09-26 20:44:19 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-09-26 20:44:19 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-09-25 21:52:03 0 d-----w- c:\docume~1\aca\applic~1\ACD Systems
2009-09-25 21:51:50 0 d-----w- c:\docume~1\alluse~1\applic~1\ACD Systems
2009-09-25 21:51:48 0 d-----w- c:\program files\common files\ACD Systems
2009-09-25 21:51:48 0 d-----w- c:\program files\ACD Systems
2009-09-25 21:35:49 90624 -c--a-w- c:\windows\system32\dllcache\kswdmcap.ax
2009-09-25 21:35:49 90624 ----a-w- c:\windows\system32\kswdmcap.ax
2009-09-25 21:35:49 61952 -c--a-w- c:\windows\system32\dllcache\kstvtune.ax
2009-09-25 21:35:49 61952 ----a-w- c:\windows\system32\kstvtune.ax
2009-09-25 21:35:49 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2009-09-25 21:35:49 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2009-09-25 21:35:49 43008 -c--a-w- c:\windows\system32\dllcache\ksxbar.ax
2009-09-25 21:35:49 43008 ----a-w- c:\windows\system32\ksxbar.ax
2009-09-25 21:35:49 28672 -c--a-w- c:\windows\system32\dllcache\vidcap.ax
2009-09-25 21:35:49 28672 ----a-w- c:\windows\system32\vidcap.ax
2009-09-25 21:07:56 499712 ----a-w- c:\windows\system32\MSVCP71.dll
2009-09-25 21:07:56 348160 ----a-w- c:\windows\system32\MSVCR71.dll
2009-09-25 21:07:56 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-09-25 20:57:18 0 d-----w- c:\docume~1\aca\applic~1\BitTorrent
2009-09-25 20:57:16 0 d-----w- c:\program files\BitTorrent
2009-09-25 20:50:17 0 d-----w- c:\program files\Torrent-Search
2009-09-25 20:50:17 0 d-----w- c:\program files\Conduit
2009-09-25 20:09:31 0 d-----w- c:\documents and settings\aca\Tracing
2009-09-25 20:08:45 0 d-----w- c:\program files\Windows Live SkyDrive
2009-09-25 20:02:20 0 d-----w- c:\program files\common files\Windows Live
2009-09-25 19:36:16 0 d-----w- c:\program files\Yahoo!
2009-09-25 19:36:14 0 d-----w- c:\program files\CCleaner
2009-09-25 19:31:13 0 d-----w- c:\program files\YouTube Downloader
2009-09-25 19:25:49 0 d-----w- c:\program files\MessengerPlus! 3
2009-09-25 19:23:49 0 d-----w- c:\program files\iColorFolder
2009-09-25 19:23:12 0 d-----w- c:\program files\Combined Community Codec Pack
2009-09-25 19:20:17 0 d-----w- c:\program files\Microsoft
2009-09-25 14:06:49 2277376 ----a-w- c:\windows\system32\TUKernel.exe

==================== Find3M ====================

2009-08-07 21:27:37 363008 -c--a-w- c:\windows\system32\idecoiins.dll
2009-08-07 21:27:37 363008 -c--a-w- c:\windows\system32\idecoi.dll
2009-08-07 21:27:37 35840 -c--a-w- c:\windows\system32\NVCOI.DLL
2009-08-07 21:27:37 356352 -c--a-w- c:\windows\system32\nvunrm.exe
2009-08-07 21:27:37 208896 ------w- c:\windows\system32\nvuide.exe
2009-08-07 21:27:36 35840 -c--a-w- c:\windows\system32\nvconrm.dll
2009-08-07 21:27:36 201728 -c--a-w- c:\windows\system32\fdco1ins.dll
2009-08-07 21:27:36 201728 -c--a-w- c:\windows\system32\fdco1.dll
2009-08-07 21:27:36 11264 -c--a-w- c:\windows\system32\bdco1ins.dll
2009-08-07 21:27:36 11264 -c--a-w- c:\windows\system32\bdco1.dll
2006-12-31 23:27:27 16384 -csha-w- c:\windows\system32\config\systemprofile\cookies\index.dat
2006-12-31 23:27:27 32768 -csha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\index.dat
2006-12-31 23:27:25 32768 -csha-w- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012007010120070102\index.dat
2006-12-31 23:27:27 32768 -csha-w- c:\windows\system32\config\systemprofile\local settings\temporary internet files\content.ie5\index.dat

============= FINISH: 15:00:23,68 ===============

https://www.mycity.rs/must-login.png

Dopuna: 25 Okt 2009 18:02

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Dopuna: 25 Okt 2009 18:15

Takođe bih dodao da sam kompjuter skoro kupio kao polovan sa instaliranim Windowsom i drugim programima i da mi neka podešavanja nisu sasvim jasna. Pojavljuje mi se recimo AppleMobileDeviceService.exe a ne vidim da to imam negde u programima. Ima još par stvari koje mi nisu jasne odakle i čemu služe pa mi treba savet po tom pitanju.
Hvala.

Poslao: 25 Okt 2009 19:51
Idi na vrh
offline
  • Pridružio: 04 Jan 2009
  • Poruke: 2168

Pozdrav.


Nema tragova malware_a tako da možeš za dalja pitanja da otvoriš temu u Windows potforumu i tamo objasniš probleme koje imaš pa će neko da pomogne.

Poslao: 25 Okt 2009 20:35
Idi na vrh
offline
  • Pridružio: 01 Mar 2008
  • Poruke: 245

OK. Hvala na trudu.

MyCity » Ambulanta -> Arhiva Ambulante » Sumnjam na virus

Ko je trenutno na forumu
 

Ukupno su 945 korisnika na forumu :: 14 registrovanih, 3 sakrivenih i 928 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: dekan.m, HrcAk47, koom0001, Lazarus, marsovac 2, mnn2, Prometeus, RED4G-304, repac, S-lash, SlaKoj, Trpe Grozni, vukovi, yrraf