MyCity » Ambulanta -> Arhiva Ambulante » script - inf

script - inf

Napisano na dan: 12.4.2011

script - inf
Sledeća strana Pagination

Idi na vrh

Poslao: 12 Apr 2011 08:57
Idi na vrh
offline
  • Pridružio: 20 Jul 2008
  • Poruke: 197

Zdravo.
Avast mi je juce blokirao youtube, pa onda razne poznate sajtove.
Prikazuje "script - inf".
Stavio sam da se skenira sa podizanjem sistema, ali kad naidje na neku arhivu, nesposobni avast ne moze ni da popravi, ni da obrise, ni da premesti u karantin, vec samo moze da ignorise. Uzas.
Sada, da bih dosao do mycity-a, morao sam da disable-ujem avast.

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Alex at 8:23:09.79 on Tue 04/12/2011
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.894.444 [GMT 2:00]
.
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\S3trayp.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Alex\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Alex\My Documents\Downloads\dds.scr
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [MsnMsgr] "c:\program files\msn messenger\MsnMsgr.Exe" /background
uRun: [Google Update] "c:\documents and settings\alex\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [VTTimer] VTTimer.exe
mRun: [S3Trayp] S3trayp.exe
mRun: [4shared Update] "c:\program files\4shared desktop\checkUpdate.exe"
mRun: [HDAudDeck] c:\program files\via\viaudioi\hdadeck\HDeck.exe 1
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [avast] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: &Download All using 4shared Desktop - c:\program files\4shared desktop\down_all.htm
IE: &Download using 4shared Desktop - c:\program files\4shared desktop\down_link.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici]
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~3\office12\GR99D3~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\docume~1\alex\applic~1\mozilla\firefox\profiles\07aoiegm.default\
FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]
FF - plugin: c:\documents and settings\alex\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-4-4 371544]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-4-4 301528]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-4-4 19544]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-4-4 42184]
R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [2011-4-1 659456]
R3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;c:\windows\system32\drivers\sis163u.sys [2011-4-1 217600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-04-11 21:13:32 -------- d-----w- c:\windows\system32\SoftwareDistribution
2011-04-09 20:57:29 -------- d-----w- c:\program files\ConvertHelper
2011-04-09 20:56:28 -------- d-----w- c:\documents and settings\alex\dwhelper
2011-04-05 22:00:29 6144 ----a-w- c:\windows\system32\aca.dll
2011-04-05 21:53:36 6144 ----a-w- c:\windows\system32\nova.dll
2011-04-05 21:51:32 6144 ----a-w- c:\windows\system32\Layout01.dll
2011-04-05 21:29:38 -------- d-----w- c:\docume~1\alex\locals~1\applic~1\MSKLC
2011-04-05 21:27:29 -------- d-----w- c:\program files\Microsoft Keyboard Layout Creator 1.4
2011-04-05 21:26:44 -------- d-----w- c:\program files\Windows Resource Kits
2011-04-05 21:22:54 -------- d-----w- c:\program files\KeyTweak
2011-04-05 18:49:16 -------- d-----w- c:\program files\common files\FontLab
2011-04-05 18:49:14 -------- d-----w- c:\program files\FontLab
2011-04-05 18:40:38 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-04-05 18:40:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-05 13:47:23 -------- d-----w- c:\docume~1\alex\locals~1\applic~1\Temp
2011-04-05 13:47:23 -------- d-----w- c:\docume~1\alex\locals~1\applic~1\Adobe
2011-04-05 13:25:47 -------- d-----w- c:\program files\Microsoft
2011-04-05 13:25:16 -------- d-----w- c:\program files\Windows Live SkyDrive
2011-04-05 13:23:45 83249512 ----a-w- c:\program files\common files\windows live\.cache\wlc22.tmp
2011-04-05 13:22:51 -------- d-----w- c:\program files\common files\Windows Live
2011-04-05 13:16:57 -------- d-----w- c:\program files\MSN Messenger
2011-04-05 13:15:41 -------- d-----w- c:\windows\XSxS
2011-04-05 13:15:41 -------- d-----w- c:\program files\Xenocode
2011-04-04 19:51:01 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-04-04 19:50:39 40648 ----a-w- c:\windows\avastSS.scr
2011-04-04 19:45:00 -------- d-----w- c:\program files\Sony
2011-04-04 19:41:32 -------- d-----w- c:\windows\system32\LogFiles
2011-04-04 13:24:21 -------- d-----w- c:\program files\BitTorrent
2011-04-04 13:23:41 -------- d-----w- c:\docume~1\alex\applic~1\BitTorrent
2011-04-02 09:31:25 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
2011-04-02 09:31:25 32592 ----a-w- c:\windows\system32\msonpmon.dll
2011-04-02 09:29:32 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2011-04-02 09:20:12 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-04-02 09:19:10 -------- d-----w- c:\windows\SHELLNEW
2011-04-02 09:18:37 -------- d-----w- c:\docume~1\alex\locals~1\applic~1\Microsoft Help
2011-04-02 08:53:27 69448 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2011-04-02 08:53:27 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2011-04-02 08:53:26 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2011-04-02 08:53:26 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2011-04-02 08:53:25 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2011-04-02 08:53:25 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2011-04-02 08:53:24 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2011-04-02 08:53:23 -------- d-----w- c:\windows\Logs
2011-04-02 08:53:21 -------- d-----w- c:\program files\Microsoft XNA
2011-04-02 08:47:35 -------- d-----w- c:\windows\system32\XPSViewer
2011-04-02 08:47:05 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2011-04-02 08:46:58 14048 ------w- c:\windows\system32\spmsg2.dll
2011-04-02 08:31:05 -------- d-----w- c:\program files\Nero
2011-04-02 08:30:33 14 ----a-w- c:\windows\system32\SysEngineDrive1.sys
2011-04-02 08:30:00 56832 ----a-w- c:\windows\system32\msdvbnp.ax
2011-04-02 08:30:00 363520 -c--a-w- c:\windows\system32\dllcache\psisdecd.dll
2011-04-02 08:30:00 363520 ----a-w- c:\windows\system32\psisdecd.dll
2011-04-02 08:30:00 33280 ----a-w- c:\windows\system32\psisrndr.ax
2011-04-02 08:30:00 1645320 ----a-w- c:\windows\system32\gdiplus.dll
2011-04-02 08:29:50 -------- d-----w- c:\program files\BlazeVideo
2011-04-02 08:29:21 -------- d-----w- c:\program files\XviD
2011-04-02 08:29:07 -------- d-----w- c:\program files\ffdshow
2011-04-02 08:29:00 -------- d-----w- c:\program files\AC3Filter
2011-04-02 08:28:55 -------- d-----w- c:\program files\Mv2Player
2011-04-02 08:28:48 86016 ----a-w- c:\windows\unvise32.exe
2011-04-02 08:28:40 -------- d-----w- c:\program files\DivX
2011-04-02 08:28:35 53248 ----a-w- c:\windows\system32\DivXAF.ax
2011-04-02 08:27:22 -------- d-----w- c:\docume~1\alex\applic~1\4shared Desktop
2011-04-02 08:27:15 -------- d-----w- c:\program files\4shared Desktop
2011-04-02 08:26:51 -------- d-----w- c:\program files\Windows Grep
2011-04-02 08:22:47 -------- d-----w- c:\docume~1\alex\locals~1\applic~1\Google
2011-04-02 08:22:22 -------- d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software
.
==================== Find3M ====================
.
.
============= FINISH: 8:24:05.79 ===============

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]



Poslao: 12 Apr 2011 13:12
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Pozdrav @AleX Wink

Arrow Ono sto je tebi privremeno pravilo problem jeste avast.
Naime ,ALWIL Software je imao losiju epizodu sa definicijama i ta greska je naravno ubrzo ispravljena.

Avast je sinoc izdao zadnju verziju update-a ( 110411-2 ) gde je ta greska ispravljena.
Pokreni avast AntiVirus i pod Maintenance stavka Update pokreni Update engine and virus definitions.

Za vise informacija poseti ovu temu.
[Link mogu videti samo ulogovani korisnici]




Arrow Zeleo bih usput da vidim sta ti je to avast u toku boot-time skeniranja nasao.


Okaci log aswBoot.txt, opcijom Prikaci fajl, uz poruku, koji se nalazi na sledecoj lokaciji:
Citat:C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\report\aswBoot.txt



Poslao: 12 Apr 2011 20:42
Idi na vrh
offline
  • Pridružio: 20 Jul 2008
  • Poruke: 197

"Fajl je previše velik. Maksimalna dozvoljena veličina je 1 MB."

Zabolece te glava koliko linija ima.
Podelicu u dva fajla.
[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

Poslao: 12 Apr 2011 21:18
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6104

Nista... avast je samo prijavljivao HTML:Script-inf.
Gore sam objasnio uzrok detekcije,fix je objavljen u verziji update-a ( 110411-2 )
U medjuvremenu je objavljen jos jedan update ( 110412-0 ).

Logovi su cisti,nema tragova aktivne infekcije.
To je to. PozZ Wink

MyCity » Ambulanta -> Arhiva Ambulante » script - inf

Ko je trenutno na forumu
 

Ukupno su 989 korisnika na forumu :: 78 registrovanih, 7 sakrivenih i 904 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 6aurora9, acov34, Aleksa-, Apok, B61, babaroga, bavar357, bbogdan, Ben Roj, bojan581, bojanstros9, bolimejoli, BUDDAR70, Buzdovan, BWG, Cigi, Cili, crazydkure, Dare, darkkran, Darko Jovanovic, Desmond, djboj, Djole3621, draganca, dukajov, Grilzz, GveX, Hardenberg, ikan, Ir, ivan_8282, Jovan1983, Kanader, kolle.the.kid, kutija11, ljuba.b, Magistar78, markolopin, markoni.slo, Marky, MGBRBG, mikidragi, mikrimaus, milan.tatanac1, Mineral, mitja2512, mkukoleca, mrav pesadinac, nikoladim, Orc, panzerwaffe, Paraglajder, Peruta, Pinchroller, PlayerOne, PMsnow, raf87, raptorsi, raso76, S2M, samo opusteno, Sava89, sevenino, Sir Budimir, Smajser, sspp, stegonosa, stokssone, synergia, tachinni, Toper, tvlada, ujke, vladulns, vukajlo71, Zvone, ZZZ