|
Poslao: 17 Maj 2013 19:37
|
offline
- TwinHeadedEagle
- Anti Malware Fighter
Rank 2
- Research Engineer @MalwareBytes
- Pridružio: 09 Avg 2011
- Poruke: 15877
- Gde živiš: Beograd
|
Pozdrav,
Sta se desava sa DDS-om. Ne mozes da skines ili nece da radi?
|
|
|
|
Poslao: 17 Maj 2013 19:40
|
rip
- Vuco
- Nezaboravni član
- Pridružio: 26 Sep 2012
- Poruke: 43
- Gde živiš: Kragujevac
|
Nece da skine izbaci samo prazan tab (United)i tako stoji ne pokrece skidanje..
|
|
|
|
Poslao: 17 Maj 2013 19:41
|
offline
- TwinHeadedEagle
- Anti Malware Fighter
Rank 2
- Research Engineer @MalwareBytes
- Pridružio: 09 Avg 2011
- Poruke: 15877
- Gde živiš: Beograd
|
Da li si probao desni klik, pa Save link as
|
|
|
|
Poslao: 17 Maj 2013 19:48
|
rip
- Vuco
- Nezaboravni član
- Pridružio: 26 Sep 2012
- Poruke: 43
- Gde živiš: Kragujevac
|
Evo ga
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: BrowserJavaVersion: 10.21.2
Run by Korisnik at 19:43:02 on 2013-05-17
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.2015.582 [GMT 2:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: Online Armor Firewall *Enabled* {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\UnsignedThemesSvc.exe
C:\Program Files\Online Armor\OAcat.exe
C:\Program Files\Online Armor\oasrv.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\CyberLink\Shared files\brs.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Online Armor\oaui.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\RAMRush\RAMRush.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Program Files\Secunia\PSI\psi_tray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files\Online Armor\OAhlp.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://klit.startnow.com/?src=startpage&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=RS&install_date=20130120&user_guid=28705F0918EB4FCCA1D06D3C921CC948&machine_id=e1b260cae9aa7c6d8e253322599965b1&browser=IE&os=win&os_version=6.1-x86-SP1
mStart Page = hxxp://search.gboxapp.com/
mURLSearchHooks: Mario Forever Toolbar: {707db484-2428-402d-afb5-d85b387544c7} - LocalServer32 - <no file>
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - LocalServer32 - <no file>
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
BHO: Conduit Engine : {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: Mario Forever Toolbar: {707db484-2428-402d-afb5-d85b387544c7} - LocalServer32 - <no file>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\14.2.0.1\AVG Secure Search_toolbar.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - LocalServer32 - <no file>
BHO: Nuclear Games Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - LocalServer32 - <no file>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Nuclear Games Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - LocalServer32 - <no file>
TB: Mario Forever Toolbar: {707DB484-2428-402D-AFB5-D85B387544C7} - LocalServer32 - <no file>
TB: uTorrentBar Toolbar: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - LocalServer32 - <no file>
TB: Nuclear Games Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - LocalServer32 - <no file>
TB: Mario Forever Toolbar: {707db484-2428-402d-afb5-d85b387544c7} - LocalServer32 - <no file>
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - LocalServer32 - <no file>
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\14.2.0.1\AVG Secure Search_toolbar.dll
uRun: [Xvid] c:\program files\xvid\CheckUpdate.exe
uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe"
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ftweak_RAMRush] c:\program files\ramrush\RAMRush.exe
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [RemoteControl10] "c:\program files\cyberlink\powerdvd10\PDVD10Serv.exe"
mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [@OnlineArmor GUI] "c:\program files\online armor\oaui.exe"
StartupFolder: c:\users\korisnik\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\users\korisnik\appdata\roaming\micros~1\windows\startm~1\programs\startup\rainme~1.lnk - c:\program files\rainmeter\Rainmeter.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:2
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Zuma/Images/stg_drm.ocx
DPF: {31150A86-0BBA-409F-BEB4-F3922D10BF34} - file:///C:/Users/Korisnik/AppData/Local/Microsoft/Windows%20Sidebar/Gadgets/xplugCam.gadget/en-US/xplug.ocx
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Zuma/Images/armhelper.ocx
TCP: NameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{C3BFA016-3C64-48F2-8FE0-79696CB443F2} : DHCPNameServer = 192.168.1.1 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\14.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
STS: {1984D045-52CF-49cd-DB77-08F378FEA4DB} - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: OA Shell Helper - {4F07DA45-8170-4859-9B5F-037EF2970034} - c:\program files\online armor\oaevent.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\korisnik\appdata\roaming\mozilla\firefox\profiles\cx8ept1r.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://klit.startnow.com/?src=startpage&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=RS&install_date=20130120&user_guid=28705F0918EB4FCCA1D06D3C921CC948&machine_id=e1b260cae9aa7c6d8e253322599965b1&browser=FF&os=win&os_version=6.1-x86-SP1
FF - prefs.js: keyword.URL - hxxp://klit.startnow.com/s/?src=addrbar&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=RS&install_date=20130120&user_guid=28705F0918EB4FCCA1D06D3C921CC948&machine_id=e1b260cae9aa7c6d8e253322599965b1&browser=FF&os=win&os_version=6.1-x86-SP1&q=
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\14.2.0\npsitesafety.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: c:\program files\nitro\reader 3\npdf.dll
FF - plugin: c:\program files\nitro\reader 3\npnitroie.dll
FF - plugin: c:\program files\nitro\reader 3\npnitromozilla.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1202122.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_202.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
FF - user.js: browser.sessionstore.resume_from_crash - false
FF - user.js: extensions.BabylonToolbar_i.id - ac0a69450000000000006c626d3b9c13
FF - user.js: extensions.BabylonToolbar_i.hardId - ac0a69450000000000006c626d3b9c13
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15446
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=111294&tt=010812_rbt_3112_6
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q=
FF - user.js: extensions.BabylonToolbar.id - ac0a69450000000000006c626d3b9c13
FF - user.js: extensions.BabylonToolbar.instlDay - 15556
FF - user.js: extensions.BabylonToolbar.vrsn - 1.5.29.1
FF - user.js: extensions.BabylonToolbar.vrsni - 1.5.29.1
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.29.123:10:42
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-10-15 55776]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-9-21 177376]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2012-11-16 94048]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-9-14 35552]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2012-10-22 179936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2012-9-21 19936]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-10-2 159712]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-9-21 164832]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-10-9 33112]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2013-5-16 208320]
R1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [2013-5-16 44992]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2013-5-16 27648]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/05/24 16:39:53];c:\program files\cyberlink\powerdvd10\navfilter\000.fcl [2010-6-28 87536]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2012-11-16 5814904]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2012-10-22 196664]
R2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys [2009-7-13 25448]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-5-16 22856]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf_x86.sys [2013-4-18 16024]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-5-24 327784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-7-28 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2011-8-17 137472]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2011-8-17 8576]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-5-24 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-5-24 52224]
.
=============== Created Last 30 ================
.
2013-05-16 22:24:51 -------- dc----w- c:\program files\MSXML 4.0
2013-05-16 22:02:53 -------- d-----w- c:\users\korisnik\appdata\local\Secunia PSI
2013-05-16 22:01:48 -------- d-----w- c:\users\korisnik\appdata\roaming\OnlineArmor
2013-05-16 22:01:48 -------- d-----w- c:\programdata\OnlineArmor
2013-05-16 22:01:17 -------- dc----w- c:\program files\Secunia
2013-05-16 21:58:26 44992 ----a-w- c:\windows\system32\drivers\oahlp32.sys
2013-05-16 21:58:26 27648 ----a-w- c:\windows\system32\drivers\OAmon.sys
2013-05-16 21:58:25 208320 ----a-w- c:\windows\system32\drivers\OADriver.sys
2013-05-16 21:58:14 -------- dc----w- c:\program files\Online Armor
2013-05-16 21:41:41 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-05-16 21:41:41 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware
2013-05-16 18:40:35 -------- d-----w- c:\users\korisnik\appdata\roaming\Auslogics
2013-05-16 18:39:53 -------- dc----w- c:\program files\Auslogics
2013-05-16 18:12:31 -------- dc----w- c:\program files\RAMRush
2013-05-16 10:33:31 -------- dc----w- c:\program files\Nitro
2013-05-16 10:33:31 -------- dc----w- c:\program files\common files\Nitro
2013-05-16 10:33:31 -------- d-----w- c:\programdata\Nitro
2013-05-16 10:30:06 -------- dc----w- c:\program files\Winamp Detect
2013-05-16 10:08:46 -------- dc----w- c:\program files\SmartTweak Software
2013-05-15 23:34:47 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-05-15 12:03:25 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 12:03:25 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-05-15 12:03:25 186368 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 12:02:58 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 12:02:57 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 12:01:11 47104 ----a-w- c:\windows\system32\appinfo.dll
2013-05-15 12:01:11 1796096 ----a-w- c:\windows\system32\authui.dll
2013-05-15 12:01:11 101720 ----a-w- c:\windows\system32\consent.exe
2013-05-12 21:16:55 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-05-11 10:37:28 209472 -c--a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2013-05-08 13:01:13 -------- dc----w- c:\program files\Cheat Engine 6.2
2013-04-27 12:24:06 -------- dc----w- c:\program files\EA GAMES
2013-04-27 00:56:23 442368 ----a-w- c:\windows\system32\vp6vfw.dll
2013-04-24 13:43:38 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-21 18:16:18 -------- d-----w- c:\programdata\Package Cache
2013-04-21 12:29:26 -------- d---a-w- C:\ADCDA2
2013-04-18 13:55:52 16024 ----a-w- c:\windows\system32\drivers\psi_mf_x86.sys
.
==================== Find3M ====================
.
2013-05-16 22:18:44 405360 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-15 15:33:53 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-13 04:45:16 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-04 22:11:34 1800704 ----a-w- c:\windows\system32\jscript9.dll
2013-04-04 22:02:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-04 22:02:17 1129472 ----a-w- c:\windows\system32\wininet.dll
2013-04-04 21:58:51 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2013-04-04 21:57:45 420864 ----a-w- c:\windows\system32\vbscript.dll
2013-03-19 05:04:13 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 04:48:45 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 02:49:16 69632 ----a-w- c:\windows\system32\smss.exe
2013-03-16 17:27:10 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-16 17:27:10 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-18 18:37:59 33112 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
.
============= FINISH: 19:45:55.44 ===============
mycity.rs/must-login.png
|
|
|
|
|
|
|
Poslao: 17 Maj 2013 22:12
|
rip
- Vuco
- Nezaboravni član
- Pridružio: 26 Sep 2012
- Poruke: 43
- Gde živiš: Kragujevac
|
Sad je normalno!Hvala matori jel pokupio nesto il je bio zatrpan bespotrebnim stvarima?
|
|
|
|
Poslao: 17 Maj 2013 22:39
|
offline
- TwinHeadedEagle
- Anti Malware Fighter
Rank 2
- Research Engineer @MalwareBytes
- Pridružio: 09 Avg 2011
- Poruke: 15877
- Gde živiš: Beograd
|
Da, bio si pretrpan raznim toolbarima i smecem, malware nije prisutan. Potrebno je da ispratiš sledeće korake...
Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop
Dvoklikom pokreni program.
Štikliraj sledeće opcije:
Remove disinfection tools
Purge System Restore
Reset system settings
Klikni na dugme "Run" i pričekaj da program završi rad.
Kada alat završi, otvoriće izvestaj u notepadu.
Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt
Preporučujem da za zaštitu USB memorijskih uredjaja koristiš MCShield v2. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad, a pokazao se kao jedan od najboljih vidova zaštite od malware-a koji se prenosi putem USB mem. uređaja. Skineš, instaliraš, ubodeš USB mem. uređaj, izvrši se skeniranje nakon čega dobiješ obaveštenje da je uređaj čist (ukoliko je stvarno tako); ili dobiješ log u kome vidiš informacije o malware-u koji je nađen i obrisan.
Home Page MCShield-a ::Anti-Malware Tool:: v2: http://amf.mycity.rs/mcshield/
Više o MCShield-u možeš saznati u ovim temama:
v1: http://www.mycity.rs/MyCity-Laboratorija/MCShield.html
v2: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html
Obavezno poseti temu "Testirajte da li vam je pretraživač ranjiv", pročitaj i isprati link koji stoji u njoj.
Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html
Takode, isprati i temu "Kako izbeci i ukloniti toolbar-ove" , procitaj i isprati korake u njoj. Link do teme je: http://www.mycity.rs/Zastita/Kako-izbeci-i-ukloniti-toolbar-ove.html
TwinHeadedEagle (AMF Tim)
|
|
|
|