MyCity » Ambulanta -> Arhiva Ambulante » Provera

Provera

Napisano na dan: 26.7.2012

Provera
Sledeća strana Pagination

Idi na vrh

Poslao: 26 Jul 2012 20:08
Idi na vrh
offline
  • Na odmoru xD
  • Na odmoru xD
  • Pridružio: 15 Feb 2012
  • Poruke: 430

Malwarebytes je nasao neku virus Malware.Packer gen trojan. Lepo ga je obrisao nije trazio restart posle skniranja i brisanja. Pa bih zeleo da proverim da li je sve uredu sada i da li ima razloga za brigu.

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 22.7.2012 16:06:10
System Uptime: 26.7.2012 19:22:47 (0 hours ago)
.
Motherboard: BIOSTAR Group |  | N61PC-M2S
Processor: AMD Athlon(tm) 7550 Dual-Core Processor | Socket AM2  | 2500/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 146 GiB total, 81,009 GiB free.
D: is FIXED (NTFS) - 319 GiB total, 302,346 GiB free.
E: is CDROM ()
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP13: 23.7.2012 19:56:38 - Windows Update
RP14: 23.7.2012 20:50:02 - Installed IronPython 2.7.3
RP15: 23.7.2012 20:53:11 - Removed IronPython 2.7.3
RP16: 23.7.2012 21:29:30 - Installed Python 2.7.3
RP18: 24.7.2012 11:40:41 - Installed Star Wars Battlefront II
RP20: 24.7.2012 12:57:27 - Removed Star Wars Battlefront II
RP22: 24.7.2012 13:01:06 - Installed Star Wars Battlefront
RP24: 24.7.2012 14:33:52 - Removed Star Wars Battlefront
RP26: 24.7.2012 14:38:00 - Installed Star Wars Battlefront
.
==== Installed Programs ======================
.
µTorrent
7-Zip 9.20
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
AMD Drag and Drop Transcoding
ATI AVIVO Codecs
ATI Catalyst Install Manager
avast! Free Antivirus
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center HydraVision Full
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
CrypTool 1.4.30
CrypTool 2.0 (Beta 8b - Build 4805.1)
Crystal Reports for Visual Studio
Dotfuscator Software Services - Community Edition
Foxit Reader
Free Pascal 2.6.0
Google Chrome
Google Earth
Google SketchUp 8
Google Update Helper
HydraVision
Inkscape 0.48.2
Java Auto Updater
Java(TM) 6 Update 33
Java(TM) 7 Update 5
Java(TM) SE Development Kit 6 Update 33
JavaFX 2.1.1
Lazarus 0.9.30.4
LibreOffice 3.5
MagicDisc 2.7.106
Maintenance Samsung ML-1660 Series
Malwarebytes Anti-Malware version 1.62.0.1300
MCShield ::Anti-Malware Tool::
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
Microsoft Help Viewer 1.0
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 R2 Data-Tier Application Framework
Microsoft SQL Server 2008 R2 Data-Tier Application Project
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 R2 Transact-SQL Language Service
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server System CLR Types
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime v1.0 SP1 (x86)
Microsoft Sync Framework SDK v1.0 SP1
Microsoft Sync Framework Services v1.0 SP1 (x86)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x86)
Microsoft Team Foundation Server 2010 Object Model - ENU
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319
Microsoft Visual F# 2.0 Runtime
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Office Developer Tools (x86)
Microsoft Visual Studio 2010 Performance Collection Tools - ENU
Microsoft Visual Studio 2010 SharePoint Developer Tools
Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
Microsoft Visual Studio 2010 Ultimate - ENU
Microsoft Visual Studio Macro Tools
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
NetBeans IDE 7.1.2
Notepad++
Oracle VM VirtualBox 4.1.18
Python 2.7.3
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Service Pack 1 for SQL Server 2008 (KB968369)
Sql Server Customer Experience Improvement Program
Star Wars Battlefront
TDM-GCC
The KMPlayer (remove only)
Total Commander (Remove or Repair)
TripleA Version 1_5_2_1
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
Web Deployment Tool
wxDev-C++
.
==== Event Viewer Messages From Past Week ========
.
26.7.2012 19:23:46, Error: Service Control Manager [7031]  - The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
26.7.2012 19:23:46, Error: Service Control Manager [7024]  - The Windows Search service terminated with service-specific error %%-1073473535.
26.7.2012 19:23:05, Error: Service Control Manager [7000]  - The DgiVecp service failed to start due to the following error:  The system cannot find the file specified.
24.7.2012 13:01:23, Error: cdrom [11]  - The driver detected a controller error on \Device\CdRom1.
23.7.2012 20:29:19, Error: Service Control Manager [7031]  - The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
23.7.2012 14:43:40, Error: volsnap [36]  - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
23.7.2012 13:13:31, Error: cdrom [11]  - The driver detected a controller error on \Device\CdRom2.
23.7.2012 12:40:42, Error: Service Control Manager [7030]  - The PandoraService service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
22.7.2012 19:07:05, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 8 for Windows 7 (KB2544521).
22.7.2012 19:05:38, Error: Microsoft-Windows-LanguagePackSetup [1001]  - Failed to start language pack setup wizard. Please restart the system and try running the wizard again.
22.7.2012 19:05:34, Error: Service Control Manager [7023]  -
22.7.2012 19:01:03, Error: Service Control Manager [7023]  - The Windows Modules Installer service terminated with the following error:  The process cannot access the file because it is being used by another process.
22.7.2012 18:49:49, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024200d: Update for Windows 7 (KB2633952).
.
==== End Of File ===========================



https://www.mycity.rs/must-login.png


https://www.mycity.rs/must-login.png


https://www.mycity.rs/must-login.png


https://www.mycity.rs/must-login.png

Poslao: 26 Jul 2012 20:13
Idi na vrh
offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Pozdrav, Aleksandr1996.


Nedostaje ti DDS.txt izveštaj, ukoliko ga nema na Desktop-u, ponovo pokreni skeniranje.

Poslao: 26 Jul 2012 20:16
Idi na vrh
offline
  • Na odmoru xD
  • Na odmoru xD
  • Pridružio: 15 Feb 2012
  • Poruke: 430

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Administrator at 19:31:01 on 2012-07-26
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2046.1375 [GMT 2:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\MCShield\MCShieldRTM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.rs/
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {dda57003-0068-4ed2-9d32-4d1ec707d94d} - c:\program files\microsoft visual studio 10.0\common7\ide\privateassemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
EB: Web Test Recorder 10.0: {5802d092-1784-4908-8cdb-99b6842d353d} - mscoree.dll
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [Samsung PanelMgr] c:\windows\samsung\panelmgr\SSMMgr.exe /autorun
StartupFolder: c:\users\admini~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - c:\program files\magicdisc\MagicDisc.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: Interfaces\{E087B49A-333E-4697-82A7-9F69C652E0C9} : NameServer = 212.200.190.166,212.200.191.166
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\administrator\appdata\roaming\mozilla\firefox\profiles\ucd82ixs.default\
FF - prefs.js: browser.startup.homepage - www.google.rs
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\3.0.40818.0\npctrlui.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_265.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-7-22 721000]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-7-22 353688]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-4-7 172032]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-7-22 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-7-22 57656]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-7-22 44808]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-7-22 655944]
R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.SYS [2012-7-23 5120]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-4-7 5430272]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-4-7 157184]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-7-22 22344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-7-22 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-7-22 250056]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-7-22 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-7-22 113120]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-7-22 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-7-23 52224]
S3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\microsoft visual studio 10.0\team tools\performance tools\VSPerfDrv100.sys [2009-12-8 48128]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-7-23 47128]
S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [2009-3-30 239336]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2009-3-30 366936]
.
=============== Created Last 30 ================
.
2012-07-26 17:25:26 -------- d-----w- c:\programdata\MCShield
2012-07-26 17:25:26 -------- d-----w- c:\program files\MCShield
2012-07-26 09:03:14 -------- d-----w- c:\users\administrator\VirtualBox VMs
2012-07-24 13:18:55 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2012-07-24 12:37:58 -------- d-----w- c:\program files\LucasArts
2012-07-24 12:35:03 696320 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll
2012-07-24 12:35:03 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll
2012-07-24 12:35:03 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe
2012-07-24 12:35:03 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2012-07-24 12:35:03 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll
2012-07-24 12:35:03 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll
2012-07-24 12:34:56 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll
2012-07-24 12:34:55 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll
2012-07-24 10:35:55 -------- d-----w- c:\users\administrator\appdata\local\ElevatedDiagnostics
2012-07-24 10:15:14 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2012-07-23 19:30:43 -------- d-----w- c:\users\administrator\.idlerc
2012-07-23 19:29:43 -------- d-----w- C:\Python27
2012-07-23 18:08:31 -------- d-----w- c:\windows\system32\SPReview
2012-07-23 18:08:11 -------- d-----w- c:\windows\system32\EventProviders
2012-07-23 17:52:59 9166336 ----a-w- c:\program files\dvd maker\OmdBase.dll
2012-07-23 17:51:59 828928 ----a-w- c:\windows\system32\fontext.dll
2012-07-23 17:50:55 189952 ----a-w- c:\windows\system32\wdscore.dll
2012-07-23 17:50:42 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll
2012-07-23 17:50:42 363008 ----a-w- c:\windows\system32\wbemcomn.dll
2012-07-23 17:50:42 189952 ----a-w- c:\program files\windows portable devices\sqmapi.dll
2012-07-23 17:50:33 189952 ----a-w- c:\windows\system32\sqmapi.dll
2012-07-23 14:53:10 -------- d-----w- c:\programdata\Microsoft Visual Studio
2012-07-23 14:52:59 -------- d-----w- c:\users\administrator\appdata\local\Temporary Projects
2012-07-23 14:51:51 -------- d-----w- c:\users\administrator\.netbeans
2012-07-23 13:33:37 -------- d-----w- c:\users\administrator\triplea
2012-07-23 13:33:02 -------- d-----w- c:\program files\TripleA
2012-07-23 13:26:58 -------- d-----w- c:\windows\system32\appmgmt
2012-07-23 11:58:36 -------- d-----w- c:\program files\Samsung
2012-07-23 11:58:02 5120 ------w- c:\windows\system32\drivers\SSPORT.SYS
2012-07-23 11:56:29 -------- d-----w- c:\users\administrator\appdata\local\ATI
2012-07-23 11:54:49 -------- d-----w- c:\program files\common files\ATI Technologies
2012-07-23 11:54:42 107024 ----a-w- c:\windows\system32\drivers\AtiHdmi.sys
2012-07-23 11:54:16 50176 ----a-w- c:\windows\system32\coinst.dll
2012-07-23 11:54:16 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-07-23 11:53:22 -------- d-----w- c:\program files\ATI Technologies
2012-07-23 11:53:19 -------- d-----w- c:\program files\ATI
2012-07-23 11:42:02 50200 ----a-w- c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll
2012-07-23 11:41:50 79896 ----a-w- c:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll
2012-07-23 11:40:56 -------- d-----w- c:\windows\system32\RsFx
2012-07-23 11:36:24 -------- d-----w- c:\program files\Microsoft SQL Server
2012-07-23 11:35:34 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-07-23 11:35:34 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-07-23 11:34:25 -------- d-----w- c:\programdata\PreEmptive Solutions
2012-07-23 11:30:21 -------- d-----w- c:\program files\Microsoft ASP.NET
2012-07-23 11:30:16 -------- d-----w- c:\program files\IIS
2012-07-23 11:29:10 2478272 ----a-w- c:\programdata\microsoft\visualstudio\10.0\1033\ResourceCache.dll
2012-07-23 11:20:21 -------- d-----w- c:\windows\system32\1033
2012-07-23 11:19:17 -------- d-----w- c:\program files\Microsoft F#
2012-07-23 11:19:17 -------- d-----w- c:\program files\HTML Help Workshop
2012-07-23 11:19:16 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0
2012-07-23 11:19:16 -------- d-----w- c:\program files\Microsoft Help Viewer
2012-07-23 11:19:16 -------- d-----w- c:\program files\common files\Merge Modules
2012-07-23 11:15:05 -------- d-----w- c:\windows\PCHEALTH
2012-07-23 11:11:48 116736 ----a-w- c:\windows\system32\drivers\mcdbus.sys
2012-07-23 11:11:48 -------- d-----w- c:\program files\MagicDisc
2012-07-23 10:42:11 -------- d-----w- c:\users\administrator\appdata\local\APN
2012-07-23 10:40:15 -------- d-----w- c:\program files\The KMPlayer
2012-07-23 09:43:43 -------- d-----w- c:\users\administrator\appdata\local\GHISLER
2012-07-23 09:33:11 -------- d-----w- c:\users\administrator\appdata\roaming\inkscape
2012-07-23 09:26:20 -------- d-----w- c:\program files\Inkscape
2012-07-23 00:00:19 -------- d-----w- c:\windows\Panther
2012-07-22 23:02:34 0 ----a-w- c:\windows\ativpsrm.bin
2012-07-22 22:15:03 -------- d-----w- c:\program files\NetBeans 7.1.2
2012-07-22 22:13:57 -------- d-----w- c:\users\administrator\.nbi
2012-07-22 20:31:14 -------- d-----w- c:\users\administrator\appdata\roaming\Foxit Software
2012-07-22 20:31:01 -------- d-----w- c:\program files\Foxit Software
2012-07-22 20:22:58 -------- d-----w- c:\users\administrator\appdata\local\Distributed_Systems_Group
2012-07-22 20:22:49 -------- d-----w- c:\users\administrator\appdata\local\CrypTool2
2012-07-22 20:22:17 -------- d-----w- c:\program files\CrypTool 2
2012-07-22 20:11:18 -------- d-----w- c:\users\administrator\appdata\roaming\CrypTool
2012-07-22 20:11:09 -------- d-----w- c:\program files\CrypTool
2012-07-22 19:50:09 -------- d-----w- c:\users\administrator\.VirtualBox
2012-07-22 19:49:36 158552 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2012-07-22 19:48:57 91992 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2012-07-22 19:36:11 -------- d-----w- c:\users\administrator\appdata\roaming\LibreOffice
2012-07-22 19:29:47 -------- d-----w- c:\program files\LibreOffice 3.5
2012-07-22 19:23:35 -------- d-----w- c:\users\administrator\appdata\roaming\Dev-Cpp
2012-07-22 19:21:08 545 ----a-w- c:\windows\UC.PIF
2012-07-22 19:21:08 545 ----a-w- c:\windows\RAR.PIF
2012-07-22 19:21:08 545 ----a-w- c:\windows\PKZIP.PIF
2012-07-22 19:21:08 545 ----a-w- c:\windows\PKUNZIP.PIF
2012-07-22 19:21:08 545 ----a-w- c:\windows\LHA.PIF
2012-07-22 19:21:07 545 ----a-w- c:\windows\ARJ.PIF
2012-07-22 19:21:07 -------- d-----w- c:\users\administrator\appdata\roaming\GHISLER
2012-07-22 19:21:07 -------- d-----w- C:\totalcmd
2012-07-22 19:06:52 -------- d-----w- c:\users\administrator\appdata\local\wxWidgets-2.8.7
2012-07-22 18:43:58 -------- d-----w- c:\programdata\Dev-Cpp
2012-07-22 18:43:56 -------- d-----w- c:\programdata\TDM-GCC
2012-07-22 18:43:19 -------- d-----w- c:\program files\Dev-Cpp
2012-07-22 18:09:42 -------- d-----w- c:\program files\uTorrent
2012-07-22 18:09:16 -------- d-----w- c:\users\administrator\appdata\roaming\uTorrent
2012-07-22 18:04:57 -------- d-----w- c:\users\administrator\appdata\local\FreePascal
2012-07-22 18:04:25 -------- d-----w- C:\FPC
2012-07-22 18:03:57 -------- d-----w- c:\users\administrator\appdata\local\lazarus
2012-07-22 18:03:47 1849344 ----a-w- c:\windows\system32\Qt4Pas5.dll
2012-07-22 18:01:50 -------- d-----w- C:\lazarus
2012-07-22 17:39:36 -------- d-----w- c:\users\administrator\appdata\roaming\Malwarebytes
2012-07-22 17:39:22 -------- d-----w- c:\programdata\Malwarebytes
2012-07-22 17:39:21 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-22 17:39:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-07-22 17:30:01 -------- d-----w- c:\users\administrator\appdata\local\Google
2012-07-22 17:29:57 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-07-22 17:29:56 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-22 17:29:53 57656 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-07-22 17:29:10 41224 ----a-w- c:\windows\avastSS.scr
2012-07-22 17:28:58 -------- d-----w- c:\programdata\AVAST Software
2012-07-22 17:28:58 -------- d-----w- c:\program files\AVAST Software
2012-07-22 17:20:45 -------- d-----w- c:\program files\Oracle
2012-07-22 17:20:14 772544 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-07-22 17:20:14 687544 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-22 17:19:46 -------- d-sh--w- c:\windows\Installer
2012-07-22 17:19:45 -------- d-----w- c:\users\administrator\appdata\local\Macromedia
2012-07-22 17:08:39 2048 ----a-w- c:\windows\system32\tzres.dll
2012-07-22 17:02:11 -------- d-----w- c:\windows\sr-Latn-CS
2012-07-22 17:02:00 -------- d-----w- c:\windows\system32\drivers\sr-Latn-CS
2012-07-22 17:01:59 -------- d-----w- c:\windows\system32\wbem\sr-Latn-CS
2012-07-22 16:30:37 -------- d-----w- c:\program files\CCleaner
2012-07-22 16:29:51 6891424 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2012-07-22 16:29:46 6891424 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{760d470c-4685-4f03-8a07-4a3947c88740}\mpengine.dll
2012-07-22 16:29:26 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-07-22 16:24:05 989184 ----a-w- c:\program files\windows journal\JNTFiltr.dll
2012-07-22 16:24:05 969216 ----a-w- c:\program files\windows journal\JNWDRV.dll
2012-07-22 16:24:05 936960 ----a-w- c:\program files\common files\microsoft shared\ink\journal.dll
2012-07-22 16:24:05 1785344 ----a-w- c:\program files\windows journal\Journal.exe
2012-07-22 16:24:05 1221632 ----a-w- c:\program files\windows journal\NBDoc.DLL
2012-07-22 16:24:04 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2012-07-22 16:24:04 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2012-07-22 16:24:04 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2012-07-22 16:22:58 708608 ----a-w- c:\program files\common files\system\wab32.dll
2012-07-22 16:16:52 123904 ----a-w- c:\windows\system32\poqexec.exe
2012-07-22 16:16:51 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2012-07-22 16:16:51 1137664 ----a-w- c:\windows\system32\mfc42.dll
2012-07-22 16:10:18 -------- d-----w- c:\windows\system32\wbem\Performance
2012-07-22 14:09:45 826880 ----a-w- c:\windows\system32\rdpcore.dll
2012-07-22 14:09:45 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-07-22 14:09:45 18432 ----a-w- c:\windows\system32\drivers\tdpipe.sys
2012-07-22 14:09:45 15872 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-07-22 14:09:45 134656 ----a-w- c:\windows\system32\rdpudd.dll
2012-07-22 14:06:54 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-07-22 14:06:47 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-07-22 14:06:37 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-07-22 14:06:37 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-07-22 14:06:07 -------- d-sh--w- C:\Recovery
.
==================== Find3M ====================
.
2012-07-23 18:17:32 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-07-22 17:19:37 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-22 17:19:37 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-06 05:05:52 1390080 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- c:\windows\system32\cdosys.dll
2012-06-05 14:33:00 116056 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2012-06-05 14:33:00 104792 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2012-06-05 14:32:58 135512 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll
2012-06-02 04:45:04 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 04:45:03 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 04:40:59 369336 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 04:40:39 225280 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- c:\windows\system32\ncrypt.dll
2012-05-31 10:25:14 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-04-28 04:41:44 919040 ----a-w- c:\windows\system32\rdpcorets.dll
2012-04-28 03:17:07 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
============= FINISH: 19:32:01,16 ===============


https://www.mycity.rs/must-login.png

Izvinjavam se mislio sam da sam ga postavio.

Poslao: 26 Jul 2012 21:15
Idi na vrh
offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Pritisni Windows + R, u prozoru koji ti se otvori kopiraj sledeći tekst:

%AppData%\Malwarebytes\Malwarebytes' Anti-Malware\Logs
-> Enter




Prikači mi uz poruku sve logove skeniranja.




Ivance95 (AMF Tim)

Poslao: 26 Jul 2012 21:53
Idi na vrh
offline
  • Na odmoru xD
  • Na odmoru xD
  • Pridružio: 15 Feb 2012
  • Poruke: 430

Napisano: 26 Jul 2012 21:48

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Dopuna: 26 Jul 2012 21:49

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Dopuna: 26 Jul 2012 21:53

To je valjda sve. Na njima pise da su svi cisti. Samo 3-4 loga su izvrsena do kraja posto sam morao da prekidam (nekoristim samo ja racunar). Nekapiram to uvek mi je prijavljivao da je sve cito a onda odem u karantin i vidim taj malware packer na datumu njega pisalo je da je to bilo 23 a ti logovi su citi kao sto mozes videti.

Poslao: 26 Jul 2012 22:48
Idi na vrh
offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Pritisni Windows + R, u prozoru koji ti se otvori kopiraj sledeći tekst:

%AppData%\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine
-> Enter

Fajl zapakuj u arhivu i uploaduj ga preko sledeće forme: http://www.mycity.rs/ambulanta-upload.php



Ivance95 (AMF Tim)

Poslao: 26 Jul 2012 23:06
Idi na vrh
offline
  • Na odmoru xD
  • Na odmoru xD
  • Pridružio: 15 Feb 2012
  • Poruke: 430

Fajl sam obrisao (nazalost) kao sto sam rekao u prvom postu. Navika mi je da uvek obrisem sve sto je prijavljeno kao usmnjivo i sto se nalazi u karantinu. Da li je moguceda je taj malware packer pokusao da udje u sistem dok sam bio na internetu i da ga je malwarebytes blokirao a da to nisam primetio? Ima real-time protection posto je trial.

Poslao: 26 Jul 2012 23:37
Idi na vrh
offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Arrow Logovi su čisti.

Citat:Navika mi je da uvek obrisem sve sto je prijavljeno kao usmnjivo i sto se nalazi u karantinu.
Ako se već obraćaš za pomoć kod nas u Ambulanti nemoj da brišeš fajl iz karantina pre analize, a i kada je fajl u karantinu nema šanse da zarazi sistem tako da nema potrebe za brisanjem.

Citat:
Da li je moguceda je taj malware packer pokusao da udje u sistem dok sam bio na internetu i da ga je malwarebytes blokirao a da to nisam primetio? Ima real-time protection posto je trial.
Ili prilikom downloada, ili prilikom surfovanja.




Ivance95 (AMF Tim)

Poslao: 26 Jul 2012 23:55
Idi na vrh
offline
  • Na odmoru xD
  • Na odmoru xD
  • Pridružio: 15 Feb 2012
  • Poruke: 430

Zahvaljujem se na odgovoru. Nadam se da cu biti u prilici da se oduzim Smile

MyCity » Ambulanta -> Arhiva Ambulante » Provera

Ko je trenutno na forumu
 

Ukupno su 842 korisnika na forumu :: 30 registrovanih, 9 sakrivenih i 803 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Andrija357, bigfoot, bobomicek, Boris BM, Brana01, cavatina, CikaKURE, Dimitrise93, dushan, galerija, Georgius, Ivica1102, Krvava Devetka, kybonacci, laganini123, Litostroton, maiden6657, mercedesamg, MiroslavD, Mlav, mnn2, nenad81, NikolaGTR, Panter, ruger357, suton, Vlad000, voja64, zlaya011