MyCity :: Ambulanta

Usporen rad racunara

nobody@mycity.rs (paokjowanpfc) — Sun, 19 May 2013 19:46:14 +0100

Na preporuku TwinHeadedEagle na ovoj temi je predstavljem moj problem http://www.mycity.rs/Windows/sporo-se-podize-sistem_3.html

Inace nesto mi nije izgleda dobro sa fontom ili necim drugim ili gresim?

http://www.mycity.rs/must-login.png

Usporen rad

nobody@mycity.rs (Vuco) — Fri, 17 May 2013 19:36:22 +0100

Ovako od nedavno se zesce usporio ceo komp znaci sve otvorim neki program i par sekundi ne mogu nista sa njim da uradim isto tako i net ako otvorim vise tab-ova zakuca ili na samo jednom tabu zakuca i sporo skrola stranu Od programa imam AVG,Online Armor Malwarebytes i oni nista ne prijavljuju sem sto Malware skoro svaki sajt oznaci kao maliciozan i fejs,YT...

I moram da otvorim nepotpunu temu posto vise nista nmg da skinem sa neta tako da ni DDS nmg da okacim,ako postoji neki drugi nacin da se proveri negde je izgleda pokupio nesto ili je neki drugi

sumnjivo ponasanje wifi kartice

nobody@mycity.rs (Stefan Cvetkovic) — Wed, 15 May 2013 12:46:00 +0100

Zdravo.
Otvorio sam ovu temu u podforumu Windows, jer mi kartica preskace sa signalom za internet.
Probelm se ispoljava tako sto, mi u donjem desnom uglu stoji da nema konekcije (crveni x preko monitora), kada kliknem Repair, neretko se desi da komp zablokira potpuno. Pa sam onda poceo da sumnjam da nisam mozda ubacio neki virus, mada je komp cist cist s obzirom da sam pre neki dan uradio re-install sistema, ali sam mozda uneo neki virus preko programa koje sam instalirao.
Tekst za link

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 6.0.2900.5512
Run by Gost at 0:43:36 on 2013-05-16
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1476 [GMT 2:00]
.
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\rserver30\RServer3.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\TeamViewer\Version8\tv_w32.exe
C:\WINDOWS\system32\rserver30\FamItrfc.Exe
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\AASP\1.00.59\aaCenter.exe
C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe
C:\Program Files\ROCCAT\Kone Mouse\KoneHID.EXE
C:\Program Files\REALTEK RTL8185 Wireless LAN Driver and Utility\RtWLan.exe
C:\Program Files\ROCCAT\Kone Mouse\osd.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: <No Name>: {9EBF5C54-224C-48A2-BC86-A5EDA9F8ABF9} - c:\windows\system32\mlJBRHwu.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
uRun: [HKCU] c:\windows\system32\windir\svchost.exe
mRun: [Ai Nap] "c:\program files\asus\ai suite\ainap\AiNap.exe"
mRun: [CPU Power Monitor] "c:\program files\asus\ai suite\aigear3\CpuPowerMonitor.exe"
mRun: [Cpu Level Up help] c:\program files\asus\ai suite\CpuLevelUpHelp.exe
mRun: [ASUS Energy Saving] "c:\program files\asus\ai suite\energysaving\PwSave.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [RUSB3MON] "c:\program files\renesas electronics\usb 3.0 host controller driver\application\rusb3mon.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [HKLM] c:\windows\system32\windir\svchost.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 10.0\acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 10.0\acrobat\Acrotray.exe"
mRun: [Kone] "c:\program files\roccat\kone mouse\KoneHID.EXE"
uExplorerRun: [Policies] c:\windows\system32\windir\svchost.exe
mExplorerRun: [Policies] c:\windows\system32\windir\svchost.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\realte~1.lnk - c:\program files\realtek rtl8185 wireless lan driver and utility\RtWLan.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: NameServer = 109.122.98.116 109.122.98.117
TCP: Interfaces\{50DE23D2-F1AF-4151-9D8D-A957552880A2} : DHCPNameServer = 109.122.98.116 109.122.98.117
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Notify: mlJBRHwu - mlJBRHwu.dll
SEH: <No Name> - {9EBF5C54-224C-48A2-BC86-A5EDA9F8ABF9} - c:\windows\system32\mlJBRHwu.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {SJ447BF0-J621-VFYM-DTX3-02QL2N80FMM3} - c:\windows\system32\windir\svchost.exe
Hosts: 127.0.0.1 mpa.one.microsoft.com
.
============= SERVICES / DRIVERS ===============
.
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2013-5-15 21664]
R1 raddrvv3;raddrvv3;c:\windows\system32\rserver30\raddrvv3.sys [2010-4-21 46280]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2013-5-14 38144]
R2 RServer3;Radmin Server V3;c:\windows\system32\rserver30\rserver3.exe [2010-4-21 1242480]
R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-5-14 3574624]
R3 KoneFltr;ROCCAT Kone;c:\windows\system32\drivers\Kone.sys [2013-5-13 13056]
R3 mirrorv3;mirrorv3;c:\windows\system32\drivers\rminiv3.sys [2010-4-21 3328]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\drivers\rusb3hub.sys [2013-5-14 80256]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\drivers\rusb3xhc.sys [2013-5-14 171520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2013-05-15 22:38:56 -------- d-----w- c:\documents and settings\gost\local settings\application data\Google
2013-05-15 22:38:47 -------- d-----w- c:\documents and settings\gost\local settings\application data\Adobe
2013-05-15 22:38:43 -------- d-----w- c:\documents and settings\gost\application data\ROCCAT
2013-05-14 23:43:47 21664 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2013-05-14 23:43:32 -------- d-----w- c:\program files\HWiNFO32
2013-05-14 20:32:17 -------- d-----w- c:\windows\system32\SoftwareDistribution
2013-05-14 06:07:43 80256 ----a-w- c:\windows\system32\drivers\rusb3hub.sys
2013-05-14 06:06:39 -------- d-----w- c:\program files\Realtek WLAN Driver
2013-05-14 06:02:53 356352 ----a-w- c:\windows\system32\nvudisp.exe
.
==================== Find3M ====================
.
2013-05-14 06:16:34 315392 ----a-w- c:\windows\HideWin.exe
2013-05-14 06:16:19 21035 ----a-w- c:\windows\system32\drivers\AegisP.sys
2013-05-13 21:26:23 58368 ----a-w- c:\windows\system32\mlJBRHwu.dll
2005-09-27 02:56:07 401478 --sh--r- c:\windows\system32\windir\svchost.exe
.
============= FINISH: 0:44:07.17 ===============

http://www.mycity.rs/must-login.png

anti malware software

nobody@mycity.rs (zenskaglava) — Tue, 14 May 2013 15:21:56 +0100

mo�e li neko da mi preporu�i efikasan anti malware softver?
koristim windows 7

non stop mi se pojavljuju reklame po stranicama u svim browserima sem u operi. tipa

probala sam malwarebytes, rootkit, hitmanpro, spybot, adwcleaner - nisu ni�ta prona�li
skenirala sistem kasperskim - opet ni�ta

hvala unapred na odgovoru

KIS vrstao - mozda lazna uzbuna - savet

nobody@mycity.rs (Brksi) — Mon, 13 May 2013 14:07:28 +0100

Jutros oko 8 kasper javio da je karantin stavio neka dva file.... kad otvorim lokaciju tog foldera nema - vide se skriveni folderi. Kasper kaze da su u karantinu i nisu opasne.

Da li vas taj detektovani exe podseca na neku infekciju?
Postijuci vas rad, trud i vreme necu davati logove, jer sam nedavno radio rutinsku kontroli i bio negativan na viruse. Cudno je da u temporaly internet files nema tog foldera......

provera

nobody@mycity.rs (Milan Januzovic) — Sun, 12 May 2013 21:30:45 +0100

da proverim dal mi je komp cist.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.21.2
Run by milan at 21:27:23 on 2013-05-12
Microsoft Windows 8 Pro 6.2.9200.0.1250.381.1033.18.4095.2609 [GMT 2:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Users\milan\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\dashost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\SysWOW64\schtasks.exe
C:\Windows\SysWOW64\schtasks.exe
C:\Windows\SysWOW64\schtasks.exe
C:\Windows\System32\dwm.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
D:\Users\milan\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\milan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Users\milan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\milan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\milan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\milan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\milan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\milan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.softonic.com/INF00176/tb_v1?SearchSource=10&cc=
uURLSearchHooks: SimilarSites: {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll
uURLSearchHooks: uTorrentControl_v6 Toolbar: {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTo0.dll
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mURLSearchHooks: uTorrentControl_v6 Toolbar: {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTo0.dll
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mURLSearchHooks: SimilarSites: {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll
mWinlogon: Userinit = userinit.exe
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: SelectionLinks: {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - C:\Program Files (x86)\OApps\SelectionLinks.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\milan\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
BHO: uTorrentControl_v6 Toolbar: {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTo0.dll
BHO: delta Helper Object: {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Softonic Helper Object: {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.16.10\bh\Softonic.dll
TB: uTorrentControl_v6 Toolbar: {96F454EA-9D38-474F-B504-56193E00C1A5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTo0.dll
TB: uTorrentControl_v6 Toolbar: {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTo0.dll
TB: SimilarSites: {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll
TB: Delta Toolbar: {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll
TB: Softonic Toolbar: {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.16.10\SoftonicTlbr.dll
EB: SimilarSites: {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll
uRun: [Google Update] "C:\Users\milan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [uTorrent] "D:\Users\milan\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [GoogleChromeAutoLaunch_D971043783DA68EB84898D80B96D85DA] "C:\Users\milan\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [Facebook Update] "C:\Users\milan\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
uRun: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Denzi] C:\Program Files (x86)\Denzi\Denzi.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: disablecad = dword:1
IE: {807DF5E0-4EF7-48a8-A405-239F3E29FFA9} - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files (x86)\SimilarSites\similarsites.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{D0159CC3-679C-49DB-98DC-C05577DC2CB6} : DHCPNameServer = 192.168.1.1
SSODL: WebCheck - <orphaned>
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll
x64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -
x64-mPolicies-System: disablecad = dword:1
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\Drivers\dtsoftbus01.sys [2013-2-24 283200]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-3-29 241152]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-3-28 361984]
R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]
R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\milan\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-5-5 107520]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2013-2-14 94208]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-6-2 589824]
S2 DefaultTabSearch;DefaultTabSearch;C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [2013-2-11 572928]
S3 amdkmafd;AMD Audio Bus Lower Filter;C:\Windows\System32\Drivers\amdkmafd.sys [2013-3-29 21600]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\Drivers\taphss6.sys [2013-2-22 42184]
S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-26 117248]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
.
=============== Created Last 30 ================
.
2013-05-12 09:34:06 -------- d-----w- C:\Program Files (x86)\Softonic
2013-05-12 09:34:01 -------- d-----w- C:\Users\milan\AppData\Roaming\Softonic
2013-05-11 20:49:59 9317456 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{88D94E89-CA23-47EB-B0CB-E55BA7A598D9}\mpengine.dll
2013-05-11 17:03:49 9317456 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-05-07 19:52:35 -------- d-----w- C:\Users\milan\AppData\Local\Babylon
2013-05-07 16:58:14 -------- d-----w- C:\Users\milan\AppData\Local\CrashRpt
2013-05-07 14:10:31 564824 ----a-w- C:\Windows\System32\drivers\sptd.sys
2013-05-07 14:09:50 -------- d-----w- C:\Users\milan\AppData\Roaming\DAEMON Tools Lite
2013-05-07 14:09:49 -------- d-----w- C:\ProgramData\DAEMON Tools Lite
2013-05-07 09:35:26 114176 ----a-w- C:\Users\milan\AppData\Roaming\BabMaint.exe
2013-05-06 20:52:20 -------- d-----w- C:\Users\milan\AppData\Local\Facebook
2013-05-06 20:39:20 -------- d-----w- C:\ProgramData\BrowserProtect
2013-05-06 20:39:16 -------- d-----w- C:\Users\milan\AppData\Roaming\BabSolution
2013-05-06 20:39:12 -------- d-----w- C:\Program Files (x86)\Delta
2013-05-06 20:39:10 -------- d-----w- C:\Users\milan\AppData\Roaming\Delta
2013-05-06 20:38:45 -------- d-----w- C:\Program Files (x86)\AutocompletePro
2013-05-05 21:08:59 -------- d-----w- C:\Users\milan\AppData\Roaming\Software Informer
2013-05-05 20:03:43 -------- d-----w- C:\Program Files (x86)\SimilarSites
2013-05-05 20:03:39 -------- d-----w- C:\Users\milan\AppData\Roaming\SimilarSites
2013-05-05 19:53:42 -------- d-----w- C:\Program Files (x86)\DefaultTab
2013-05-05 19:53:35 -------- d-----w- C:\Users\milan\AppData\Roaming\DefaultTab
2013-05-05 19:53:15 -------- d-----w- C:\Program Files (x86)\OApps
2013-05-04 09:31:18 -------- d-----w- C:\Users\milan\AppData\Local\AMD
2013-05-04 09:31:04 -------- d-----w- C:\Users\milan\AppData\Local\ATI
2013-05-04 09:29:01 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2013-05-04 09:29:01 -------- d-----w- C:\Program Files (x86)\AMD AVT
2013-05-04 09:28:37 -------- d-----w- C:\ProgramData\AMD
2013-05-04 09:28:12 -------- d-----w- C:\Windows\LastGood.Tmp
2013-05-04 09:27:27 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2013-05-04 09:27:17 -------- d-----w- C:\Program Files\ATI Technologies
2013-05-04 09:27:14 -------- d-----w- C:\Program Files\ATI
2013-05-04 09:26:10 -------- d-----w- C:\AMD
2013-05-03 23:47:07 -------- d-----w- C:\Program Files\CCleaner
2013-05-03 23:00:30 -------- d-----w- C:\Users\milan\AppData\Roaming\Real Desktop
2013-05-03 22:38:14 -------- d-----w- C:\Windows\SysWow64\directx
2013-05-02 20:13:30 -------- d-----w- C:\Users\milan\AppData\Roaming\uTorrent
2013-05-02 19:56:59 -------- d-----w- C:\Program Files (x86)\SmartTweak Software
2013-05-02 19:56:56 -------- d-----w- C:\Users\milan\AppData\Local\PackageAware
2013-05-01 07:37:43 -------- d-----w- C:\Users\milan\AppData\Roaming\DealPly
2013-04-26 16:36:59 415232 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\tiptsf.dll
2013-04-26 16:35:36 987648 ----a-w- C:\Windows\SysWow64\srmclient.dll
2013-04-26 16:34:52 368640 ----a-w- C:\Windows\System32\sppwinob.dll
2013-04-26 16:31:38 707584 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll
2013-04-26 16:31:38 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll
2013-04-22 20:18:41 -------- d-----w- C:\Users\milan\AppData\Roaming\Origin
2013-04-22 20:16:15 -------- d-----w- C:\ProgramData\Origin
2013-04-21 13:10:18 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2013-04-21 13:10:16 2580552 ----a-r- C:\Windows\SysWow64\pbsvc.exe
2013-04-21 12:53:18 778856 ----a-w- C:\Windows\SysWow64\PresentationNative_v0300.dll
2013-04-21 12:53:18 35400 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2013-04-21 12:53:18 102528 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-04-21 12:53:17 35400 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2013-04-21 12:53:17 124040 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2013-04-21 12:53:17 1166440 ----a-w- C:\Windows\System32\PresentationNative_v0300.dll
2013-04-21 06:32:11 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.
==================== Find3M ====================
.
2013-05-07 16:59:06 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2013-05-02 15:29:56 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-04-05 05:26:50 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-04-05 05:26:50 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-04-05 04:15:24 958936 ----a-w- C:\Windows\System32\npDeployJava1.dll
2013-04-05 04:15:24 838616 ----a-w- C:\Windows\System32\deployJava1.dll
2013-04-02 22:08:01 78176 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-02 22:08:01 692576 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-04-02 02:04:16 0 ----a-w- C:\Windows\ativpsrm.bin
2013-03-29 02:37:10 78432 ----a-w- C:\Windows\System32\atimpc64.dll
2013-03-29 02:37:10 71704 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2013-03-29 02:37:08 78432 ----a-w- C:\Windows\System32\amdpcom64.dll
2013-03-29 02:37:06 71704 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2013-03-29 02:37:06 139696 ----a-w- C:\Windows\System32\atiuxp64.dll
2013-03-29 02:37:04 92304 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2013-03-29 02:37:04 118584 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2013-03-29 02:37:04 112440 ----a-w- C:\Windows\System32\atiu9p64.dll
2013-03-29 02:37:02 1155264 ----a-w- C:\Windows\System32\aticfx64.dll
2013-03-29 02:37:00 970912 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2013-03-29 02:36:56 8272136 ----a-w- C:\Windows\System32\atidxx64.dll
2013-03-29 02:36:54 7233336 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2013-03-29 02:36:50 4450264 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2013-03-29 02:36:44 5944264 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2013-03-29 02:36:40 5000320 ----a-w- C:\Windows\System32\atiumd6a.dll
2013-03-29 02:36:38 6985624 ----a-w- C:\Windows\System32\atiumd64.dll
2013-03-29 02:35:28 21600 ----a-w- C:\Windows\System32\drivers\amdkmafd.sys
2013-03-29 02:35:02 11658752 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2013-03-29 02:13:28 222720 ----a-w- C:\Windows\System32\clinfo.exe
2013-03-29 02:13:14 798734 ----a-w- C:\Windows\SysWow64\amdocl_ld32.exe
2013-03-29 02:13:14 1187342 ----a-w- C:\Windows\System32\amdocl_as64.exe
2013-03-29 02:13:14 1061902 ----a-w- C:\Windows\System32\amdocl_ld64.exe
2013-03-29 02:13:12 995342 ----a-w- C:\Windows\SysWow64\amdocl_as32.exe
2013-03-29 02:13:08 76288 ----a-w- C:\Windows\System32\OpenVideo64.dll
2013-03-29 02:13:04 65536 ----a-w- C:\Windows\SysWow64\OpenVideo.dll
2013-03-29 02:13:00 64000 ----a-w- C:\Windows\System32\OVDecode64.dll
2013-03-29 02:12:56 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2013-03-29 02:12:48 29150720 ----a-w- C:\Windows\System32\amdocl64.dll
2013-03-29 02:10:52 23810560 ----a-w- C:\Windows\SysWow64\amdocl.dll
2013-03-29 02:09:04 54784 ----a-w- C:\Windows\System32\OpenCL.dll
2013-03-29 02:09:00 50176 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2013-03-29 02:04:42 24229376 ----a-w- C:\Windows\System32\atio6axx.dll
2013-03-29 02:00:54 76800 ----a-w- C:\Windows\System32\coinst_12.104.dll
2013-03-29 01:57:54 163840 ----a-w- C:\Windows\System32\atiapfxx.exe
2013-03-29 01:55:36 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2013-03-29 01:55:34 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2013-03-29 01:55:28 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2013-03-29 01:55:28 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2013-03-29 01:55:16 16082944 ----a-w- C:\Windows\System32\aticaldd64.dll
2013-03-29 01:51:04 13703168 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2013-03-29 01:48:26 19870720 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2013-03-29 01:35:14 442368 ----a-w- C:\Windows\System32\atidemgy.dll
2013-03-29 01:35:06 562688 ----a-w- C:\Windows\System32\atieclxx.exe
2013-03-29 01:34:18 241152 ----a-w- C:\Windows\System32\atiesrxx.exe
2013-03-29 01:33:00 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2013-03-29 01:32:46 26112 ----a-w- C:\Windows\System32\atimuixx.dll
2013-03-29 01:32:42 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2013-03-29 01:32:36 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2013-03-29 01:10:30 636416 ----a-w- C:\Windows\System32\atiadlxx.dll
2013-03-29 01:10:20 430080 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2013-03-29 01:10:08 17920 ----a-w- C:\Windows\System32\atig6pxx.dll
2013-03-29 01:10:04 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2013-03-29 01:10:04 14848 ----a-w- C:\Windows\System32\atiglpxx.dll
2013-03-29 01:10:00 44032 ----a-w- C:\Windows\System32\atig6txx.dll
2013-03-29 01:09:52 34816 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2013-03-29 01:09:44 581120 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2013-03-29 01:07:52 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2013-03-19 22:19:24 4041728 ----a-w- C:\Windows\System32\win32k.sys
2013-03-07 06:50:56 6991592 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-02 10:57:48 337128 ----a-w- C:\Windows\System32\drivers\USBXHCI.SYS
2013-03-02 10:57:46 77544 ----a-w- C:\Windows\System32\drivers\storahci.sys
2013-03-02 10:57:46 332520 ----a-w- C:\Windows\System32\drivers\storport.sys
2013-03-02 10:57:46 283880 ----a-w- C:\Windows\System32\drivers\spaceport.sys
2013-03-02 10:45:20 148712 ----a-w- C:\Windows\System32\drivers\tpm.sys
2013-03-02 10:45:19 194792 ----a-w- C:\Windows\System32\drivers\sdbus.sys
2013-03-02 10:45:10 125160 ----a-w- C:\Windows\System32\drivers\dumpsd.sys
2013-03-02 10:39:39 495336 ----a-w- C:\Windows\System32\drivers\vhdmp.sys
2013-03-02 10:39:38 69864 ----a-w- C:\Windows\System32\drivers\pdc.sys
2013-03-02 10:39:32 327912 ----a-w- C:\Windows\System32\drivers\Classpnp.sys
2013-03-02 09:59:37 2231528 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-03-02 09:59:36 411880 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-03-02 08:24:08 34304 ----a-w- C:\Windows\SysWow64\wuapp.exe
2013-03-02 08:23:43 83968 ----a-w- C:\Windows\SysWow64\wudriver.dll
2013-03-02 08:23:43 125952 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2013-03-02 08:23:30 893952 ----a-w- C:\Windows\SysWow64\winmde.dll
2013-03-02 08:23:30 1338880 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-03-02 08:23:28 601088 ----a-w- C:\Windows\SysWow64\Windows.Globalization.dll
2013-03-02 08:23:28 504320 ----a-w- C:\Windows\SysWow64\Windows.Security.Authentication.OnlineId.dll
2013-03-02 08:23:19 8857088 ----a-w- C:\Windows\SysWow64\twinui.dll
2013-03-02 08:23:19 246784 ----a-w- C:\Windows\SysWow64\ubpm.dll
2013-03-02 08:23:04 356352 ----a-w- C:\Windows\SysWow64\SettingSync.dll
2013-03-02 08:23:04 100864 ----a-w- C:\Windows\SysWow64\SettingSyncInfo.dll
2013-03-02 08:23:00 375808 ----a-w- C:\Windows\SysWow64\ReAgent.dll
2013-03-02 08:22:36 357888 ----a-w- C:\Windows\SysWow64\netcfgx.dll
2013-03-02 08:22:32 5091840 ----a-w- C:\Windows\SysWow64\mstscax.dll
2013-03-02 08:22:18 361984 ----a-w- C:\Windows\SysWow64\MFMediaEngine.dll
2013-03-02 08:22:17 850944 ----a-w- C:\Windows\SysWow64\mfasfsrcsnk.dll
2013-03-02 08:21:56 550912 ----a-w- C:\Windows\SysWow64\drvstore.dll
2013-03-02 08:21:52 36352 ----a-w- C:\Windows\SysWow64\DevDispItemProvider.dll
2013-03-02 08:21:40 309760 ----a-w- C:\Windows\SysWow64\BCP47Langs.dll
2013-03-02 08:21:39 2033664 ----a-w- C:\Windows\SysWow64\authui.dll
.
============= FINISH: 21:28:07,05 ===============

http://www.mycity.rs/must-login.png

Sumnjivi exe fajlovi

nobody@mycity.rs (Vladan Petkovic) — Sun, 12 May 2013 17:55:36 +0100

Imam summljive fajlove u procesu : lsass.exe ,services.exe , csrss.exe , smss.exe
Ne znam na koj nacin da ih uklonim pokusao sam sa "Malwarebytes Anti-Malware","Sophos Virus Removal Tool" pronasli su neke druge viruse..
dok igram cs 1.6 ona veoma baguje
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by KUCNI at 17:49:15 on 2013-05-12
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.510.97 [GMT 2:00]
.
AV: Avira Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
FW: ZoneAlarm Free Firewall Firewall *Disabled*
.
============== Running Processes ================
.
C:\Windows\system32\nvsvc32.exe
C:\Windows\Explorer.exe
C:\Windows\services.exe
C:\Windows\system32\ctfmon.exe
C:\Documents and Settings\KUCNI\Desktop\IGRICE\CS 1.6\monitor.exe
C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
C:\Documents and Settings\KUCNI\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\KUCNI\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\KUCNI\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\KUCNI\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\svchost.exe -k netsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
uInternet Connection Wizard,ShellNext = iexplore
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mWinlogon: Shell = Explorer.exe c:\windows\system32\fservice.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [LogMeIn Hamachi Ui] "d:\program files\logmein hamachi\hamachi-2-ui.exe" --auto-start
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
mExplorerRun: [DirectX For Microsoft� Windows] c:\windows\system32\fservice.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{5FA3B8E9-E6E9-44B9-A8D9-A10DD3D95D2E} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SecurityProviders: SecurityProviders = msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
mASetup: {5Y99AE78-58TT-11dW-BE53-Y67078979Y} - c:\windows\system\sservice.exe
.
============= SERVICES / DRIVERS ===============
.
R0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2013-1-8 13560]
R0 mv61xxmm;mv61xxmm;c:\windows\system32\drivers\mv61xxmm.sys [2012-4-14 13616]
R0 mv64xxmm;mv64xxmm;c:\windows\system32\drivers\mv64xxmm.sys [2012-4-14 5632]
R0 mvxxmm;mvxxmm;c:\windows\system32\drivers\mvxxmm.sys [2012-4-14 13616]
R1 PStrip;PSTRIP;c:\windows\system32\drivers\pstrip.sys [2007-7-15 27992]
R2 KSS;Kaspersky Security Scan Service;c:\program files\kaspersky lab\kaspersky security scan 2.0\kss.exe [2012-4-25 202296]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-10-28 242240]
S1 Vsdatant;vsdatant;c:\windows\system32\vsdatant.sys --> c:\windows\system32\vsdatant.sys [?]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\program files\logmein hamachi\hamachi-2.exe [2012-12-14 1436160]
S3 0fb18E;0fb18E;c:\windows\system32\0fb18E.sys [2013-3-15 185824]
S3 97534542;97534542; [x]
S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?]
S3 EsgScanner;EsgScanner;c:\windows\system32\drivers\EsgScanner.sys [2012-6-22 19984]
S3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys [2013-1-9 33616]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-4-29 22856]
S3 MBAMScheduler;MBAMScheduler;d:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-5-7 418376]
S3 RkHit;RkHit;c:\windows\system32\drivers\RKHit.sys [2013-5-9 34736]
S3 WinRing0_1_2_0;WinRing0_1_2_0;d:\program files\iobit\game booster 3\driver\WinRing0.sys [2013-5-12 14416]
S4 lfaqeorr;IP Traffic Filter Controller;c:\windows\system32\svchost.exe -k netsvcs [2008-4-14 14336]
S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S4 WiseBootAssistant;Wise Boot Assistant;d:\program files\wise\wise care 365\BootTime.exe [2013-3-31 580648]
.
=============== Created Last 30 ================
.
2013-05-12 14:51:48 153424 -c--a-w- c:\documents and settings\kucni\application data\r3.exe
2013-05-12 10:32:21 -------- dc----w- c:\documents and settings\kucni\local settings\application data\LogMeIn Hamachi
2013-05-12 09:55:38 -------- dc----w- c:\documents and settings\kucni\application data\ParetoLogic
2013-05-12 09:50:32 -------- dc----w- c:\documents and settings\kucni\application data\SpeedyPC Software
2013-05-11 17:08:58 36864 -c--a-w- c:\windows\system32\reginv.dll
2013-05-11 17:08:55 350764 -csh--w- c:\windows\system32\fservice.exe
2013-05-11 17:08:55 350764 -csh--w- c:\windows\system\sservice.exe
2013-05-11 17:08:55 350764 -csh--w- c:\windows\services.exe
2013-05-11 17:08:55 13312 -c--a-w- c:\windows\system32\winkey.dll
2013-05-11 17:08:53 1117296 -c--a-w- c:\windows\system32\lncom_.exe
2013-05-11 14:39:40 180224 -c--a-w- c:\windows\system32\nvudisp.exe
2013-05-11 14:39:40 -------- dc----w- c:\windows\nview
2013-05-11 14:39:29 180224 -c--a-w- c:\windows\system32\NVUNINST.EXE
2013-05-09 16:33:49 -------- dc----w- c:\program files\Kaspersky Lab
2013-05-09 15:29:07 34736 -c--a-w- c:\windows\system32\drivers\RKHit.sys
2013-05-09 15:25:39 -------- dc----w- c:\documents and settings\kucni\application data\GetRightToGo
2013-05-09 14:26:48 -------- dc----w- c:\program files\Enigma Software Group
2013-05-09 14:26:33 -------- dc----w- c:\windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2013-05-09 14:24:26 -------- dc----w- c:\documents and settings\kucni\application data\IObit
2013-05-09 11:38:34 -------- dc----w- c:\windows\0AC0F1B261C74B6EACEF58FCC0B94835.TMP
2013-05-08 16:29:58 -------- dc----w- c:\program files\common files\Steam
2013-05-08 14:30:54 -------- dc----w- C:\TDSSKiller_Quarantine
2013-05-07 17:11:19 -------- dc----w- c:\program files\common files\Wise Installation Wizard
2013-05-06 17:47:17 -------- dc----w- c:\documents and settings\all users\application data\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-05-06 17:47:05 -------- dc----w- c:\documents and settings\all users\application data\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}
2013-05-06 17:44:39 -------- dc----w- c:\documents and settings\all users\application data\IObit
2013-05-06 17:13:07 -------- dc----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2013-05-02 11:01:43 -------- dc----w- c:\program files\CCleaner
2013-05-01 15:33:53 -------- dc----w- c:\program files\RegClean Pro
2013-04-29 16:37:50 -------- dc----w- c:\documents and settings\kucni\application data\Malwarebytes
2013-04-29 16:37:49 22856 -c--a-w- c:\windows\system32\drivers\mbam.sys
2013-04-29 07:47:42 -------- dc----w- c:\documents and settings\kucni\application data\OpenCandy
2013-04-28 15:33:53 -------- dc----w- c:\documents and settings\all users\application data\RealHideIP
2013-04-28 09:32:54 -------- dc----w- c:\documents and settings\kucni\application data\TS3Client
2013-04-27 22:15:07 -------- dc----w- c:\documents and settings\kucni\local settings\application data\Conduit
2013-04-27 15:29:31 10240 -c--a-w- c:\windows\system32\imdsksvc.exe
2013-04-27 08:42:41 25992 -c--a-w- c:\windows\system32\pgdfgsvc.exe
2013-04-25 11:59:07 -------- dc----w- C:\NVIDIA
2013-04-25 11:25:22 -------- dc----w- c:\documents and settings\all users\Uniblue
2013-04-23 12:03:28 -------- dc----w- c:\documents and settings\all users\application data\Kaspersky Lab
2013-04-23 10:36:54 -------- dc----w- c:\documents and settings\all users\application data\Sophos
2013-04-23 10:36:21 73728 -c--a-r- c:\documents and settings\kucni\application data\microsoft\installer\{b829e117-d072-41ea-9606-9826a38d34c1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2013-04-23 10:36:21 73728 -c--a-r- c:\documents and settings\kucni\application data\microsoft\installer\{b829e117-d072-41ea-9606-9826a38d34c1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2013-04-23 10:36:21 73728 -c--a-r- c:\documents and settings\kucni\application data\microsoft\installer\{b829e117-d072-41ea-9606-9826a38d34c1}\ARPPRODUCTICON.exe
2013-04-19 21:26:46 -------- dc----w- c:\documents and settings\all users\application data\Canneverbe Limited
2013-04-19 17:56:54 1047552 -c--a-w- c:\windows\system32\mfc71u.dll
2013-04-18 09:17:51 -------- dc----w- c:\documents and settings\all users\application data\Tarma Installer
2013-04-17 18:15:19 98816 -c--a-w- c:\windows\sed.exe
2013-04-17 18:15:19 256000 -c--a-w- c:\windows\PEV.exe
2013-04-17 18:15:19 208896 -c--a-w- c:\windows\MBR.exe
2013-04-17 18:07:57 -------- dc----w- c:\documents and settings\kucni\local settings\application data\Max Secure Software
2013-04-17 09:19:26 -------- dc----w- c:\documents and settings\kucni\application data\uTorrent
2013-04-13 15:05:10 54016 -c--a-w- c:\windows\system32\drivers\iiifwsmb.sys
2013-04-13 14:41:52 177496 -c--a-w- c:\windows\system32\drivers\49187010.sys
2013-04-13 11:12:16 177496 -c--a-w- c:\windows\system32\drivers\78944739.sys
2013-04-13 10:37:01 27159 -c--a-w- c:\windows\TempFileCleaner.cmd
.
==================== Find3M ====================
.
2013-05-12 14:54:58 153424 -c--a-w- c:\documents and settings\kucni\application data\Evhshw.exe
2013-04-25 11:39:33 69632 -c--a-w- c:\windows\agrsmdel.exe
2013-04-25 11:39:33 1149888 -c--a-w- c:\windows\system32\drivers\AGRSM.sys
2013-04-25 11:36:25 35427 -c--a-w- c:\windows\system32\drivers\sisnic.sys
2013-04-25 11:34:55 36992 -c--a-w- c:\windows\system32\drivers\SISAGPX.SYS
2013-04-13 08:48:24 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-13 08:48:24 691592 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-11 14:22:56 770384 -c--a-w- c:\windows\system32\msvcr100.dll
2013-04-11 14:22:56 421200 -c--a-w- c:\windows\system32\msvcp100.dll
2013-04-10 16:54:58 249856 -c--a-w- c:\windows\Setup1.exe
2013-04-10 16:54:57 73216 -c--a-w- c:\windows\ST6UNST.EXE
2013-04-06 12:33:28 17488 -c--a-w- c:\windows\gdrv.sys
2013-03-19 12:34:02 28400 -c--a-w- c:\windows\system32\drivers\secdrv.sys
2013-03-15 16:07:35 185824 -c--a-w- c:\windows\system32\0fb18E.sys
2013-03-08 08:35:47 293376 -c--a-w- c:\windows\system32\winsrv.dll
2013-03-07 19:09:42 242240 -c--a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-03-07 04:23:36 2070016 -c--a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-07 01:31:48 2193536 -c--a-w- c:\windows\system32\ntoskrnl.exe
2013-02-26 16:09:50 9338880 -c--a-w- c:\windows\system32\alsna108.rra
.
============= FINISH: 17:50:52.96 ===============

Prozori prijavljuju gre�ku

nobody@mycity.rs (Vera55555) — Sun, 12 May 2013 16:12:34 +0100

Pre izvesnog vremena, pojavljivala su se tri proyora, prijavljuju�i gre�ku.
http://www.mycity.rs/Cekaonica/Odakle-poceti-3.html
Ovde sam dala opis problema.
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 12/27/2008 2:06:49 PM
System Uptime: 5/12/2013 3:11:24 PM (1 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | EP31-DS3L
Processor: Intel Pentium III Xeon processor | Socket 775 | 2499/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 78 GiB total, 12.258 GiB free.
D: is FIXED (NTFS) - 155 GiB total, 154.04 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1096: 2/25/2013 1:47:54 PM - Revo Uninstaller's restore point - Paint.NET v3.5.10
RP1097: 2/25/2013 1:48:04 PM - Removed Paint.NET v3.5.10
RP1098: 2/25/2013 1:50:00 PM - Revo Uninstaller's restore point - Comodo Dragon
RP1099: 2/25/2013 1:50:58 PM - Revo Uninstaller's restore point - Comodo Dragon
RP1100: 2/26/2013 9:49:45 PM - System Checkpoint
RP1101: 2/28/2013 11:49:16 AM - System Checkpoint
RP1102: 3/2/2013 6:52:58 AM - System Checkpoint
RP1103: 3/3/2013 8:43:47 AM - System Checkpoint
RP1104: 3/4/2013 10:45:29 AM - System Checkpoint
RP1105: 3/5/2013 11:27:00 AM - System Checkpoint
RP1106: 3/6/2013 11:35:12 AM - System Checkpoint
RP1107: 3/7/2013 12:52:31 PM - System Checkpoint
RP1108: 3/8/2013 1:12:38 PM - System Checkpoint
RP1109: 3/8/2013 1:36:54 PM - Installed Magic Skin Filter
RP1110: 3/10/2013 6:05:13 AM - System Checkpoint
RP1111: 3/11/2013 9:09:11 AM - System Checkpoint
RP1112: 3/12/2013 10:36:08 AM - System Checkpoint
RP1113: 3/12/2013 4:06:50 PM - Revo Uninstaller's restore point - AthTek RegistryCleaner v2.0
RP1114: 3/12/2013 4:07:40 PM - Revo Uninstaller's restore point - AthTek RegistryCleaner v2.0
RP1115: 3/13/2013 7:02:24 PM - System Checkpoint
RP1116: 3/14/2013 7:38:14 PM - System Checkpoint
RP1117: 3/15/2013 11:19:12 PM - System Checkpoint
RP1118: 3/17/2013 6:46:39 AM - System Checkpoint
RP1119: 3/18/2013 7:37:33 AM - System Checkpoint
RP1120: 3/19/2013 8:54:16 AM - System Checkpoint
RP1121: 3/20/2013 9:17:10 AM - System Checkpoint
RP1122: 3/21/2013 11:05:29 PM - System Checkpoint
RP1123: 3/23/2013 6:47:02 AM - System Checkpoint
RP1124: 3/24/2013 8:13:56 AM - System Checkpoint
RP1125: 3/25/2013 10:58:21 PM - System Checkpoint
RP1126: 3/27/2013 9:04:03 AM - System Checkpoint
RP1127: 3/28/2013 10:11:44 AM - System Checkpoint
RP1128: 3/29/2013 11:15:21 AM - System Checkpoint
RP1129: 3/30/2013 11:57:22 AM - System Checkpoint
RP1130: 3/31/2013 3:17:07 PM - System Checkpoint
RP1131: 4/1/2013 11:04:16 PM - System Checkpoint
RP1132: 4/3/2013 6:53:00 AM - System Checkpoint
RP1133: 4/4/2013 7:58:51 PM - System Checkpoint
RP1134: 4/5/2013 10:26:17 PM - System Checkpoint
RP1135: 4/7/2013 10:24:41 PM - System Checkpoint
RP1136: 4/9/2013 7:54:15 PM - System Checkpoint
RP1137: 4/11/2013 3:01:03 PM - System Checkpoint
RP1138: 4/13/2013 11:14:20 PM - System Checkpoint
RP1139: 4/16/2013 8:15:37 AM - System Checkpoint
RP1140: 4/17/2013 7:31:53 PM - System Checkpoint
RP1141: 4/17/2013 9:19:14 PM - Printer Driver Foxit Reader PDF Printer Driver Installed
RP1142: 4/19/2013 8:40:31 AM - System Checkpoint
RP1143: 4/20/2013 11:50:00 AM - System Checkpoint
RP1144: 4/21/2013 12:42:45 PM - System Checkpoint
RP1145: 4/23/2013 1:02:54 AM - System Checkpoint
RP1146: 4/24/2013 8:12:32 AM - System Checkpoint
RP1147: 4/25/2013 9:08:26 PM - System Checkpoint
RP1148: 4/26/2013 9:59:46 PM - System Checkpoint
RP1149: 4/27/2013 10:34:16 PM - System Checkpoint
RP1150: 4/29/2013 9:06:00 AM - System Checkpoint
RP1151: 4/29/2013 12:59:02 PM - Revo Uninstaller's restore point - Magic Skin Filter
RP1152: 4/29/2013 12:59:17 PM - Removed Magic Skin Filter
RP1153: 4/29/2013 1:00:21 PM - Revo Uninstaller's restore point - Wise Disk Cleaner 7.81
RP1154: 4/29/2013 1:01:25 PM - Revo Uninstaller's restore point - Wise Registry Cleaner 7.68
RP1155: 4/29/2013 1:02:29 PM - Revo Uninstaller's restore point - Easter 3D Screensaver 1.0
RP1156: 4/29/2013 1:21:44 PM - Revo Uninstaller's restore point - SoftOrbits Photo Retoucher 1.3
RP1157: 4/30/2013 9:48:47 PM - System Checkpoint
RP1158: 5/1/2013 10:19:25 PM - System Checkpoint
RP1159: 5/2/2013 11:42:51 PM - System Checkpoint
RP1160: 5/4/2013 9:54:55 AM - System Checkpoint
RP1161: 5/5/2013 11:07:29 AM - System Checkpoint
RP1162: 5/6/2013 7:41:10 PM - System Checkpoint
RP1163: 5/7/2013 3:13:44 PM - Revo Uninstaller's restore point - FastStone Capture 7.4
RP1164: 5/7/2013 3:21:00 PM - Installed GeSWall 2.9.2 Freeware
RP1165: 5/10/2013 11:50:50 PM - Revo Uninstaller's restore point - GeSWall 2.9.2 Freeware
RP1166: 5/10/2013 11:51:26 PM - Removed GeSWall 2.9.2 Freeware
RP1167: 5/10/2013 11:52:23 PM - Revo Uninstaller's restore point - GeSWall 2.9.2 Freeware
RP1168: 5/11/2013 12:00:24 AM - Revo Uninstaller's restore point - OSForensics
RP1169: 5/11/2013 12:01:52 AM - Revo Uninstaller's restore point - SpyShelter Personal Free 8.3
RP1170: 5/11/2013 1:24:40 PM - Revo Uninstaller's restore point - Wise Care 365 version 2.44
RP1171: 5/11/2013 1:25:53 PM - Revo Uninstaller's restore point - Wise Care 365 version 2.44
RP1172: 5/11/2013 6:16:18 PM - Revo Uninstaller's restore point - Sticky Password 6.0.8.437
RP1173: 5/11/2013 6:17:34 PM - Revo Uninstaller's restore point - Efficient Password Manager 3.10
.
==== Installed Programs ======================
.
7-Zip 4.65
ACDSee
ACPsoft PDF Converter
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Shockwave Player 11.6
Akamai NetSession Interface
Arabic Made Easy
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
Auslogics Duplicate File Finder
Bonjour
BS.Player FREE
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center HydraVision Full
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help English
CCleaner
COMODO Internet Security
doPDF 6.2 printer
Dr Kawashima
Easy MP3 Cutter 3.0
FormatFactory 2.70
Foxit Reader
Free Studio version 5.1.4
Free Video Flip and Rotate version 1.8.10.324
GIMP 2.6.10
Google Chrome
Google Earth
Google Gears
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Java 7 Update 11
Java Auto Updater
JavaFX 2.1.1
Junk Mail filter update
K-Lite Codec Pack 4.1.7 (Full)
Lexmark Printable Web
Lexmark Pro700 Series
Lexmark Toolbar
Lexmark Tools for Office
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office Access MUI (English) 2007
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove MUI (English) 2010
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2007
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2007
Microsoft Office Word MUI (English) 2010
Microsoft Software Update for Web Folders (English) 12
Microsoft Software Update for Web Folders (English) 14
Microsoft SQL Server Desktop Engine (PCTOOLS)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 20.0.1 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 17.0.2 (x86 sr)
MSVCRT
MSXML 6.0 Parser (KB933579)
Nero 8 Micro 8.3.2.1
PC Connectivity Solution
PDFCreator
pdfforge Toolbar v4.9
PDFZilla V1.2.11
Puran Utilities 2.0
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Revo Uninstaller 1.92
SAMSUNG Mobile Composite Device Software
Samsung Mobile Modem Device Software
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung New PC Studio
Samsung New PC Studio USB Driver Installer
SAMSUNG USB Mobile Device Software
SamsungConnectivityCableDriver
Segoe UI
Skins
Skype� 6.3
Spybot - Search & Destroy
Subtitle Workshop 2.51
SUPERAntiSpyware
swMSM
Total Commander (Remove or Repair)
Uninstall 1.0.0.1
USB Video Camera Driver v1.53
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Vit Registry Fix 9.5.9 (remove only)
VS10RuntimeWin32
WebFldrs XP
Winamp
Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)
Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)
Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 11
WinRAR archiver
Wise Folder Hider 1.33
Wise PC Engineer 6.4.2
.
==== Event Viewer Messages From Past Week ========
.
5/9/2013 3:50:10 PM, error: Dhcp [1002] - The IP address lease 192.168.1.211 for the Network Card with network address 001FD05B1356 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
5/8/2013 2:26:05 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Akamai service.
5/12/2013 2:32:50 PM, error: Service Control Manager [7034] - The SQLAgent$PCTOOLS service terminated unexpectedly. It has done this 1 time(s).
5/12/2013 2:32:50 PM, error: Service Control Manager [7034] - The Office Software Protection Platform service terminated unexpectedly. It has done this 1 time(s).
5/12/2013 2:32:50 PM, error: Service Control Manager [7034] - The Indexing Service service terminated unexpectedly. It has done this 1 time(s).
5/12/2013 2:32:50 PM, error: Service Control Manager [7034] - The COMODO Internet Security Helper Service service terminated unexpectedly. It has done this 1 time(s).
5/10/2013 11:49:03 PM, error: Service Control Manager [7024] - The MSSQLServerADHelper service terminated with service-specific error 3221225572 (0xC0000064).
5/10/2013 11:49:03 PM, error: Service Control Manager [7023] - The Windows Driver Foundation - User-mode Driver Framework service terminated with the following error: A device attached to the system is not functioning.
5/10/2013 11:48:42 PM, error: NETLOGON [3095] - This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration.
.
==== End Of File ===========================
http://www.mycity.rs/must-login.png

mozda je virus

nobody@mycity.rs (zarko mihajlovic) — Sun, 12 May 2013 15:56:23 +0100

imam problem sa kompom posto bilo koju igricu da pustim komp koci nzm sta je sve sam pokusao skenirao sa 2 av avastom i avirom i nasao je viruse i sve sam izbrisao ali nekoliko nisam jer su bila i c/windows/system32 zatim sam skinao program malwarebytes anti malware pronasao je 36.izbrisao je 33 a ostala 3 nije mogao jer su u system32,skidao sam i tune up utilites i resio sve greske u kompu do tada je nenormalno kocio ali sad se oseca da je komp ubrzan ali nedovoljno jer i dalje nmg da igram igrice pa ako mozete da pomognete.

JS/Kryptik.ADZ.Trojan

nobody@mycity.rs (vilenjakmax) — Sun, 12 May 2013 11:06:24 +0100

Упадам у сред теме, али и даље мислим да је то боље него да отварам нову. Имам проблем са вирусом на сајту. Наиме, тај вирус се не појављује док се користи хромирани ( Google chrome) али када се користи лисица (mozilla firefox) уз ESET NOD 32 пријављује вирус и блокира приступ сајту. Вирус који пријављује је JS/Kryptik.ADZ.Trojan. Сваки савет је добродошао. Унапред хвала.

Izgubljeni folderi

nobody@mycity.rs (Aljosa Ilic) — Sun, 12 May 2013 01:38:32 +0100

Pozdrav ljudi,

prije nekog vremena mi je sa D particije nestao �itav folder sa filmovima. Nije ga bilo ni u recycle binu i takodje ga nisam uspio na�i sa nekim od recovery programa. Ve�eras mi se dogodilo to isto, sa folderom u kome su se nalazile serije. Po slobodnom prostoru na disku znam da ga prikazuje kao zauzeti prostor, jer je bio ogroman folder. Isprobao sam ve�inu stvari koje sam prona�ao na internetu, od mjenjanja atributa skrivenim fajlovima do �i��enja pomo�u rkill-a i malwarebyte-a. Antivirus isto nema nikakvog efekta. Hvala unaprijed za svaki prijedlog!

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7600.16671 BrowserJavaVersion: 10.17.2
Run by Ajk at 23:48:27 on 2013-05-11
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4094.2346 [GMT 2:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\explorer.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\DAODx.exe
C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Users\Ajk\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ajk\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ajk\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ajk\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ajk\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Ajk\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Ajk\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Ajk\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bigseekpro.com/sothinkmoviedvdmaker/{8D9B4013-B544-4829-BF8F-00DA0BEC8611}
mStart Page = hxxp://www.bigseekpro.com/sothinkmoviedvdmaker/{8D9B4013-B544-4829-BF8F-00DA0BEC8611}
uURLSearchHooks: SimilarWeb: {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - C:\Program Files (x86)\SimilarWeb\SimilarWeb.dll
uURLSearchHooks: <No Name>: - LocalServer32 - <no file>
uURLSearchHooks: ToolbarURLSearchHook Class: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files (x86)\DealBulldog Toolbar Toolbar\tbhelper.dll
mURLSearchHooks: <No Name>: - LocalServer32 - <no file>
mURLSearchHooks: SimilarWeb: {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - C:\Program Files (x86)\SimilarWeb\SimilarWeb.dll
mWinlogon: Userinit = userinit.exe,
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: CescrtHlpr Object: {2EECD738-5844-4a99-B4B6-146BF802613B} -
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SMTTB2009 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\DealBulldog Toolbar Toolbar\tbcore3.dll
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB: DealBulldog Toolbar Toolbar: {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\DealBulldog Toolbar Toolbar\tbcore3.dll
TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: SimilarWeb: {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - C:\Program Files (x86)\SimilarWeb\SimilarWeb.dll
TB: DealBulldog Toolbar Toolbar: {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\DealBulldog Toolbar Toolbar\tbcore3.dll
EB: SimilarWeb: {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - C:\Program Files (x86)\SimilarWeb\SimilarWeb.dll
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Google Update] "C:\Users\Ajk\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [AdobeBridge] <no file>
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [TurboV EVO] "C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" -b
mRun: [Six Engine] "C:\Program Files (x86)\ASUS\EPU\EPU.exe" -b
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [FontExpertType1Loader] C:\Program Files (x86)\FontExpert\Type1Loader.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRunOnce: [!iLividOnce] C:\Users\Ajk\Downloads\iLividSetupV1.exe
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
mRunOnce: [aswAhAScr.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\AhAScr.dll"
mRunOnce: [aswasOutExt.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\asOutExt.dll"
mRunOnce: [aswasOutExt64.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe" "C:\Program Files\AVAST Software\Avast\asOutExt64.dll"
mRunOnce: [aswaswOtl.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\aswOtl.dll"
mRunOnce: [aswaswOtl64.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe" "C:\Program Files\AVAST Software\Avast\aswOtl64.dll"
mRunOnce: [sothinkmoviedvdmaker] <no file>
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Free YouTube Download - C:\Users\Ajk\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
IE: {5D06ED6E-DA78-4486-A246-B131A2C39807} - {74198672-5F7D-4FE9-A611-4AC1D5A66A15} - C:\Program Files (x86)\SimilarWeb\SimilarWeb.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: NameServer = 79.143.160.20 79.143.168.8
TCP: Interfaces\{EE5E37FB-1FD6-4330-B257-10D2050BB9D7} : DHCPNameServer = 79.143.160.20 79.143.168.8
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
x64-mWinlogon: Userinit = C:\Windows\explorer.exe,
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-TB: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-RunOnce: [*WerKernelReporting] C:\Windows\System32\WerFault.exe -k -rq
x64-RunOnce: [*Restore] C:\Windows\System32\rstrui.exe /runonce
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-11-19 55280]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-10-8 969200]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-10-8 359464]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2011-9-23 254528]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-10-8 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-10-8 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-2-15 44808]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-29 382272]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-11-19 2848168]
R3 anvsnddrv;AnvSoft Virtual Sound Device;C:\Windows\System32\drivers\anvsnddrv.sys [2013-4-8 33872]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-4-27 83080]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-4-27 184968]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-11-19 333928]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-11-19 38456]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2010-11-19 1301504]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-2-5 235216]
S3 Revoflt;Revoflt;C:\Windows\System32\drivers\revoflt.sys [2011-9-23 31800]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S4 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [2010-11-19 109056]
S4 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-12-28 1030600]
S4 mi-raysat_3dsmax2010_64;mental ray 3.7 Satellite for Autodesk 3ds Max 2010 64-bit 64-bit;C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_64server.exe [2009-3-12 86016]
S4 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
.
=============== File Associations ===============
.
.js: <filetype is not registered>
.
=============== Created Last 30 ================
.
2013-05-11 21:43:42 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CDC7F4F4-597C-456B-922F-D9C2A0BAC355}\offreg.dll
2013-05-11 21:37:10 -------- d-----w- C:\Program Files (x86)\Disk Heal
2013-05-07 23:21:43 -------- d-----w- C:\Program Files (x86)\CDRViewer
2013-04-27 01:01:44 9317456 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CDC7F4F4-597C-456B-922F-D9C2A0BAC355}\mpengine.dll
2013-04-21 21:59:58 -------- d-----w- C:\Windows\lhsp
2013-04-21 21:59:57 -------- d-----w- C:\Program Files (x86)\CFS-Technologies
2013-04-18 19:31:24 6163104 ----a-r- C:\Windows\SysWow64\Flash.ocx
2013-04-18 19:31:24 -------- d-----w- C:\Program Files (x86)\kvisoft
2013-04-16 17:44:28 -------- d-----w- C:\ProgramData\McAfee Security Scan
2013-04-16 17:44:26 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
.
==================== Find3M ====================
.
2013-04-08 01:48:57 99384 ----a-w- C:\Users\Ajk\AppData\Roaming\inst.exe
2013-04-08 01:48:57 82816 ----a-w- C:\Users\Ajk\AppData\Roaming\pcouffin.sys
2013-04-07 22:33:26 82816 ----a-w- C:\Windows\System32\drivers\pcouffin.sys
2013-04-07 21:58:47 33019 ----a-w- C:\Windows\SysWow64\CoreAAC-uninstall.exe
2013-04-07 00:04:16 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-07 00:04:15 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-04-07 00:04:15 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-04-04 12:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-03-27 21:31:58 231376 ----a-w- C:\Windows\System32\drivers\truecrypt.sys
2013-03-14 15:23:48 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-14 15:23:48 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-03-11 23:10:56 282744 ------w- C:\Windows\System32\MpSigStub.exe
.
============= FINISH: 23:49:29.58 ===============

http://www.mycity.rs/must-login.png

Obrisani folderi!!

nobody@mycity.rs (Aljosa Ilic) — Sat, 11 May 2013 23:53:04 +0100

Lljudi pomagajte,

na D particiji mi se nalazi folder Filmovi, u kome su filmovi opet svrstani po folderima (crtani, serije, evropski, itd...). Prije nekog vremena mi se izgubio jedan od foldera, i sada opet citav folder sa serijama Pokusao sam apsolutno sve, od mijenjanja atributa, folder options, malwarebyte, rkill, combofix, i nista. Ikakva nova ideja? Hvala unaprijed!!

Problem sa tastaturom

nobody@mycity.rs (nenadzaric) — Sat, 11 May 2013 15:10:08 +0100

Imam problem sa tastaturom povremeno mi tastatura zabaguje nerade samo slova i esc ali kad pritisnem ctrl+alt+del i otvorim task menager prorade na jedno 15min i na svakih 15min moram tako.
Kad mi stane teastatura svako slovo koje pritisnem otvara neke precice "A - obelezi sve sto se moze obeleziti kao da sam pritisnuo ctrl+a" proverio sam da se nije zaglavilo ctral ali nije isto i alt i del.
Nzm sta da radim dal je do tastature ili dali su virusi da ne reinstaliram sistem ili menjam tastaturu dzabe

Sumnja na virus :)

nobody@mycity.rs (boki199777) — Sat, 11 May 2013 14:50:08 +0100

Pozdrav dobri narode. U zadnje vreme kompjuter mi je vidno usporen,a nemam nesto sto bi mu otezavalo rad.Sumnjam da bi mogao biti neki virus. Evo trazenih testova

http://www.mycity.rs/must-login.png

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 10.21.2
Run by G31M at 14:47:23 on 2013-05-11
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.381.1033.18.2037.635 [GMT 2:00]
.
AV: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{F3D2141D-9FBF-46E7-90E0-E0AA7A09A19B} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{F3D2141D-9FBF-46E7-90E0-E0AA7A09A19B}\6596C61602D456469647562716E60223 : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\g31m\appdata\roaming\mozilla\firefox\profiles\u9fbhd4a.default\
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll
.
============= SERVICES / DRIVERS ===============
.
R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2011-8-9 163424]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2011-8-9 974944]
R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2011-8-4 103112]
R2 TeamViewer8;TeamViewer 8;c:\program files\teamviewer\version8\TeamViewer_Service.exe [2013-3-3 3560800]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\drivers\athur.sys [2013-3-3 1500160]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x86.sys [2009-6-10 50688]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
.
=============== Created Last 30 ================
.
2013-05-10 15:57:56 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-05-10 15:25:37 398336 ----a-w- c:\windows\system32\TVWizudlg.exe
2013-05-10 15:25:37 140288 ----a-w- c:\windows\system32\igfxtvcx.dll
2013-05-10 15:21:47 1002008 ----a-w- c:\windows\system32\igxpun.exe
2013-05-04 12:53:18 -------- d-----w- c:\users\g31m\appdata\roaming\Need for Speed World
2013-05-04 11:48:53 -------- d-----w- c:\users\g31m\appdata\local\Electronic_Arts_Inc
2013-04-25 13:01:24 -------- d-----w- c:\program files\Movie Maker 2.6
2013-04-18 16:19:17 -------- d-----w- c:\program files\Webteh
2013-04-14 11:24:51 -------- d-----w- c:\windows\system32\Lang
.
==================== Find3M ====================
.
2013-03-17 21:11:10 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-17 21:11:10 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-13 06:03:09 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-13 06:03:08 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-04 16:51:21 409088 ----a-w- c:\windows\system32\systemcpl.dll
2013-03-04 16:51:21 13824 ----a-w- c:\windows\system32\slwga.dll
2013-03-04 16:51:18 811520 ----a-w- c:\windows\system32\user32.dll
.
============= FINISH: 14:48:04,84 ===============

Virus

nobody@mycity.rs (B-u-B-i) — Fri, 10 May 2013 14:03:42 +0100

Pozdrav, imam sledeci problem: Znaci kada udjem na FaceBook pocne se slati nekakav link prijateljima u inbox, ja msm da je to neki virus, al nez sta da uradim. Trenutno sam deaktiviro profil radi toga, salje se ko ludo, po 20-30 poruka u 2-3min. Nadam se da cete mi pomoci. Hvala!

DDS (Ver_2012-11-20.01) - FAT32_x86
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 10.17.2
Run by Bojan at 13:44:37 on 2013-05-10
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Bojan.BOJAN-10BB93A0A\Application Data\svchosts.exe
C:\Documents and Settings\Bojan.BOJAN-10BB93A0A\Application Data\nig1.tmp.bat
C:\Documents and Settings\Bojan.BOJAN-10BB93A0A\Application Data\nig2.tmp.bat
C:\DOCUME~1\BOJAN~1.BOJ\LOCALS~1\Temp\minerd.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN33495761603207119&ctid=CT3220468
BHO: {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Microsoft Corp] c:\documents and settings\bojan.bojan-10bb93a0a\application data\svchosts.exe
uRun: [WINSXS32] c:\documents and settings\bojan.bojan-10bb93a0a\application data\nig2.tmp.bat
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [Microsoft Corp] c:\documents and settings\bojan.bojan-10bb93a0a\application data\svchosts.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mExplorerRun: [Microsoft Corp] c:\documents and settings\bojan.bojan-10bb93a0a\application data\svchosts.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{1588775F-0C14-4120-93E6-D33E81EC8F13} : DHCPNameServer = 192.168.1.1
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\26.0.1410.64\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\bojan.bojan-10bb93a0a\application data\mozilla\firefox\profiles\kqe44taz.default\
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_180.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-03-10 19:09; speedanalysis@SpeedAnalysis.com; c:\documents and settings\bojan.bojan-10bb93a0a\application data\mozilla\extensions\speedanalysis@SpeedAnalysis.com
FF - ExtSQL: !HIDDEN! 2013-03-10 19:09; speedanalysis@SpeedAnalysis.com; c:\documents and settings\bojan.bojan-10bb93a0a\application data\mozilla\extensions\speedanalysis@SpeedAnalysis.com
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2013-05-10 09:55:19 88912 ----a-w- c:\documents and settings\bojan.bojan-10bb93a0a\application data\nig1.tmp.bat
2013-05-10 09:55:19 300880 ----a-w- c:\documents and settings\bojan.bojan-10bb93a0a\application data\nig2.tmp.bat
2013-05-10 09:55:16 0 ----a-w- c:\documents and settings\bojan.bojan-10bb93a0a\application data\nig2.tmp
2013-05-10 09:55:16 0 ----a-w- c:\documents and settings\bojan.bojan-10bb93a0a\application data\nig1.tmp
2013-05-09 10:52:59 14336 ----a-w- c:\windows\system32\dllcache\tsprof.exe
2013-05-09 10:51:50 7680 ----a-w- c:\windows\system32\dllcache\migregdb.exe
2013-05-09 10:50:59 94208 ----a-w- c:\windows\system32\dllcache\fpencode.dll
2013-05-09 10:49:52 68608 ----a-w- c:\windows\system32\dllcache\isatq.dll
2013-05-09 10:41:24 24661 ----a-w- c:\windows\system32\spxcoins.dll
2013-05-09 10:41:24 24661 ----a-w- c:\windows\system32\dllcache\spxcoins.dll
2013-05-09 10:41:24 13312 ----a-w- c:\windows\system32\irclass.dll
2013-05-09 10:41:24 13312 ----a-w- c:\windows\system32\dllcache\irclass.dll
2013-05-09 10:21:22 -------- d-sh--w- C:\FOUND.005
2013-05-09 09:55:30 88912 ----a-w- c:\documents and settings\bojan.bojan-10bb93a0a\application data\nig6.tmp.bat
2013-05-09 09:55:26 0 ----a-w- c:\documents and settings\bojan.bojan-10bb93a0a\application data\nig6.tmp
2013-05-09 09:32:24 88912 ----a-w- c:\documents and settings\bojan.bojan-10bb93a0a\application data\nig15.tmp.bat
2013-05-09 09:32:22 0 ----a-w- c:\documents and settings\bojan.bojan-10bb93a0a\application data\nig15.tmp
2013-05-08 17:21:13 0 ----a-w- c:\documents and settings\bojan.bojan-10bb93a0a\application data\nig39E.tmp
2013-05-08 12:10:43 0 ----a-w- c:\documents and settings\bojan.bojan-10bb93a0a\application data\nig5.tmp
2013-05-06 19:35:16 -------- d-sh--w- C:\FOUND.004
2013-05-05 20:58:01 0 ----a-w- c:\documents and settings\bojan.bojan-10bb93a0a\application data\nig1918.tmp
2013-05-05 20:42:05 72528 --sh--r- c:\documents and settings\bojan.bojan-10bb93a0a\application data\svchosts.exe
.
==================== Find3M ====================
.
2013-04-05 14:35:38 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-04-05 14:35:36 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-10 17:58:04 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-10 17:58:02 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-03-10 17:58:00 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-03-10 17:58:00 782240 ----a-w- c:\windows\system32\deployJava1.dll
.
============= FINISH: 13:45:03.99 ===============

http://www.mycity.rs/must-login.png