Provera Sistema

Provera Sistema

offline
  • Absolut Gut
  • Pridružio: 13 Avg 2012
  • Poruke: 561
  • Gde živiš: Atakama

detaljan opis problema; Sumljam da imam neke malwere pitaj boga sta, ali mislim da mi je zarazen komp

postavljanje osnovnog dijagnostičkog izveštaja (log-a, logfile-a);



DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.11.2
Run by Prle at 13:20:44 on 2013-01-31
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.2815.1322 [GMT 1:00]
.
AV: ESET Smart Security 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\FreeAlarmClock\FreeAlarmClock.exe
C:\Users\Prle\AppData\Local\Skillbrains\lightshot\3.2.0.5\LightShot.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Rockstar Games\GTA San Andreas\samp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={79E5A520-68A2-11E2-8DAF-6C626D450386}
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={79E5A520-68A2-11E2-8DAF-6C626D450386}
uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll
uRun: [DAEMON Tools Pro Agent] "c:\program files\daemon tools pro\DTAgent.exe" -autorun
uRun: [GoogleChromeAutoLaunch_92ADFED8EB610815393C68C2427179AE] "c:\program files\google\chrome\application\chrome.exe" --no-startup-window
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [FreeAC] c:\program files\freealarmclock\FreeAlarmClock.exe -autorun
uRun: [LightShot] c:\users\prle\appdata\local\skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
uRun: [MsnMsgr] ~"c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Facebook Update] "c:\users\prle\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [RTHDVCPL] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [SweetIM] c:\program files\sweetim\messenger\SweetIM.exe
mRun: [Sweetpacks Communicator] c:\program files\sweetim\communicator\SweetPacksUpdateManager.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{415E54E2-E531-4242-96F8-DDDE9929BDE5} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{4E32011B-5E6D-42AF-B0E4-6338F9506808} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{ECD26813-19F9-459A-A334-CDBB27782937} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{F801B0A3-16BB-493E-B370-14D0A0CDCE25} : DHCPNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2011-8-4 50624]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2013-1-16 242240]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\drivers\EpfwLWF.sys [2011-8-4 33656]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2013-1-15 20712]
R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2011-8-9 163424]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2011-8-10 974944]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2013-1-15 514152]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\drivers\vcsvad.sys [2013-1-19 17792]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr73.sys [2009-6-10 545792]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-1-25 14848]
S3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\drivers\taphss6.sys [2013-1-10 37064]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-1-25 49664]
.
=============== Created Last 30 ================
.
2013-01-31 12:04:29 18800 ----a-w- c:\windows\system32\roboot.exe
2013-01-31 12:04:29 -------- d-----w- c:\users\prle\appdata\roaming\Systweak
2013-01-31 12:04:26 -------- d-----w- c:\program files\RegClean Pro
2013-01-31 11:59:15 -------- d-----w- c:\program files\WhoCrashed
2013-01-31 11:59:06 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{0fc99fc0-828e-419f-aa60-7a216dad06f5}\offreg.dll
2013-01-31 11:27:52 -------- d-----w- c:\programdata\hsswpr
2013-01-31 11:27:41 -------- d-----w- c:\users\prle\appdata\roaming\Hotspot Shield
2013-01-31 11:27:35 -------- d-----w- c:\windows\system32\appmgmt
2013-01-30 18:40:33 -------- d-----w- c:\users\prle\damaherc
2013-01-30 18:40:33 -------- d-----w- c:\program files\DamaHerc
2013-01-30 17:55:02 -------- d-----w- c:\program files\GRETECH
2013-01-29 17:26:30 -------- d-----w- c:\programdata\AVG Secure Search
2013-01-29 17:26:07 -------- d--h--w- c:\programdata\Common Files
2013-01-29 17:20:59 -------- d-----w- c:\program files\RAR Password Unlocker
2013-01-29 09:22:54 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{0fc99fc0-828e-419f-aa60-7a216dad06f5}\mpengine.dll
2013-01-28 22:56:08 -------- d-----w- c:\users\prle\appdata\local\Facebook
2013-01-28 06:11:36 -------- d-----w- c:\program files\SecurityXploded
2013-01-27 16:56:20 -------- d-----w- c:\users\prle\Tracing
2013-01-27 16:56:20 -------- d-----w- c:\programdata\SweetIM
2013-01-27 16:56:20 -------- d-----w- c:\program files\SweetIM
2013-01-27 16:56:17 -------- d-----w- c:\program files\sweetpacks bundle uninstaller
2013-01-27 16:53:51 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-01-27 16:53:25 -------- d-----w- c:\program files\Microsoft
2013-01-27 16:53:09 -------- d-----w- c:\program files\Windows Live SkyDrive
2013-01-27 16:52:35 -------- d-----w- c:\windows\PCHEALTH
2013-01-27 16:51:44 74520 ----a-w- c:\program files\common files\windows live\.cache\96c0a8d01cdfcae\DSETUP.dll
2013-01-27 16:51:44 484632 ----a-w- c:\program files\common files\windows live\.cache\96c0a8d01cdfcae\DXSETUP.exe
2013-01-27 16:51:44 1670936 ----a-w- c:\program files\common files\windows live\.cache\96c0a8d01cdfcae\dsetup32.dll
2013-01-27 16:49:40 -------- d-----w- c:\program files\common files\Windows Live
2013-01-25 08:53:13 247808 ----a-w- c:\windows\system32\schannel.dll
2013-01-25 08:53:12 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-01-25 08:53:12 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-01-25 08:53:12 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-01-25 08:53:09 514560 ----a-w- c:\windows\system32\qdvd.dll
2013-01-25 08:52:53 805376 ----a-w- c:\windows\system32\FntCache.dll
2013-01-25 08:52:52 739840 ----a-w- c:\windows\system32\d2d1.dll
2013-01-25 08:06:38 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2013-01-25 08:06:37 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2013-01-25 00:37:09 -------- d-----w- c:\windows\system32\SPReview
2013-01-25 00:11:59 90112 ----a-w- c:\windows\system32\olepro32.dll
2013-01-25 00:10:59 907776 ----a-w- c:\windows\system32\sdengin2.dll
2013-01-24 01:01:54 -------- d-----w- C:\Poker
2013-01-21 23:02:41 -------- d-sh--r- c:\users\prle\75439967573920484
2013-01-21 17:54:59 0 ---ha-w- c:\users\prle\appdata\roaming\winsvcns.sys
2013-01-21 17:54:35 -------- d-sh--r- c:\users\prle\76968780866536342
2013-01-21 12:18:07 -------- d-----w- c:\windows\system32\EventProviders
2013-01-21 12:17:21 -------- d-----w- c:\windows\sr-Latn-CS
2013-01-21 12:17:19 -------- d-----w- c:\windows\system32\wbem\sr-Latn-CS
2013-01-21 12:17:19 -------- d-----w- c:\windows\system32\drivers\sr-Latn-CS
2013-01-20 13:30:07 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-19 20:50:41 -------- d-----w- c:\users\prle\appdata\local\Gather.RS
2013-01-19 20:50:17 -------- d-----w- c:\program files\Gather.RS Anti-Cheat
2013-01-19 16:35:42 -------- d-----w- C:\AV_LOGS
2013-01-19 16:34:21 -------- d-----w- c:\program files\AV Vcs 7.0 DIAMOND
2013-01-19 16:21:18 -------- d-----w- c:\users\prle\appdata\roaming\Avnex
2013-01-19 16:21:04 17792 ----a-w- c:\windows\system32\drivers\vcsvad.sys
2013-01-19 05:59:45 -------- d-----w- c:\users\prle\appdata\roaming\Thinstall
2013-01-19 05:59:45 -------- d-----w- c:\users\prle\appdata\local\Thinstall
2013-01-19 05:56:51 -------- d-----w- c:\programdata\Thinstall
2013-01-19 05:56:50 -------- d-----w- c:\program files\Real Hide IP (VMware ThinApp)
2013-01-19 05:38:27 -------- d-----w- c:\users\prle\appdata\roaming\RealHideIP
2013-01-19 05:38:27 -------- d-----w- c:\programdata\RealHideIP
2013-01-19 02:23:42 -------- d-----w- c:\programdata\NVIDIA Corporation
2013-01-19 02:23:37 -------- d-----w- c:\program files\NVIDIA Corporation
2013-01-19 02:22:35 -------- d-----w- C:\Games
2013-01-19 02:18:36 -------- d-----w- c:\program files\Skillbrains
2013-01-19 02:18:35 -------- d-----w- c:\users\prle\appdata\local\Skillbrains
2013-01-19 02:18:34 -------- d-----w- c:\users\prle\appdata\local\Programs
2013-01-19 00:32:45 -------- d-----w- c:\program files\Counter-Strike 1.6
2013-01-18 23:03:30 -------- d--h--w- c:\windows\msdownld.tmp
2013-01-18 16:53:06 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2013-01-18 03:55:11 -------- d-----w- c:\program files\FreeAlarmClock
2013-01-18 03:23:43 -------- d-----w- c:\windows\system32\directx
2013-01-18 03:11:40 859552 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-01-18 03:11:40 780192 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-18 03:11:22 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-17 23:12:32 -------- d-----w- c:\users\prle\appdata\roaming\TS3Client
2013-01-17 23:12:16 -------- d-----w- c:\program files\TeamSpeak 3 Client
2013-01-17 23:01:09 -------- d-----w- c:\users\prle\appdata\local\Diagnostics
2013-01-17 22:08:34 -------- d-----w- c:\users\prle\appdata\roaming\PlayClaw4
2013-01-17 22:08:27 139264 ----a-w- c:\windows\system32\tmb1-v32.dll
2013-01-17 22:08:25 -------- d-----w- c:\program files\PlayClaw4
2013-01-17 13:49:19 80488 ----a-w- c:\windows\system32\RtNicProp32.dll
2013-01-17 13:49:19 100968 ----a-w- c:\windows\system32\RTNUninst32.dll
2013-01-17 13:26:00 -------- d-----r- c:\program files\Skype
2013-01-17 13:05:11 -------- d-----w- c:\program files\Rockstar Games
2013-01-17 13:03:16 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iscript.dll
2013-01-17 13:03:16 180224 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iuser.dll
2013-01-17 13:03:15 749568 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iKernel.dll
2013-01-17 13:03:15 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\ctor.dll
2013-01-17 13:03:15 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\DotNetInstaller.exe
2013-01-17 13:03:13 323716 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\setup.dll
2013-01-17 13:03:13 192644 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iGdi.dll
2013-01-17 02:57:39 -------- d-----w- c:\users\prle\appdata\local\Google
2013-01-16 11:04:04 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-01-16 11:04:04 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-01-16 11:04:04 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-01-16 11:04:04 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-01-16 11:04:03 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-01-16 11:04:03 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-01-16 11:04:03 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-01-16 11:03:57 1699328 ----a-w- c:\windows\system32\esent.dll
2013-01-16 11:03:57 143744 ----a-w- c:\windows\system32\drivers\nvstor.sys
2013-01-16 11:03:56 117120 ----a-w- c:\windows\system32\drivers\nvraid.sys
2013-01-16 11:03:55 80256 ----a-w- c:\windows\system32\drivers\amdsata.sys
2013-01-16 11:03:55 332160 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2013-01-16 11:03:55 22400 ----a-w- c:\windows\system32\drivers\amdxata.sys
2013-01-16 11:03:55 148864 ----a-w- c:\windows\system32\drivers\storport.sys
2013-01-16 11:03:54 74240 ----a-w- c:\windows\system32\fsutil.exe
2013-01-16 07:26:16 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-16 07:26:15 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-16 07:19:49 -------- d-----w- c:\programdata\KONAMI
2013-01-16 07:19:49 -------- d-----w- c:\program files\KONAMI
2013-01-16 07:15:10 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-01-16 07:15:08 -------- d-----w- c:\users\prle\appdata\roaming\DAEMON Tools Pro
2013-01-16 07:15:01 -------- d-----w- c:\program files\DAEMON Tools Pro
2013-01-16 07:14:36 -------- d-----w- c:\programdata\DAEMON Tools Pro
2013-01-16 07:13:05 70656 ----a-w- c:\windows\system32\fontsub.dll
2013-01-16 07:13:05 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-01-16 07:13:05 295424 ----a-w- c:\windows\system32\atmfd.dll
2013-01-16 04:17:10 826880 ----a-w- c:\windows\system32\rdpcore.dll
2013-01-16 04:17:10 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-01-16 04:17:10 18432 ----a-w- c:\windows\system32\drivers\tdpipe.sys
2013-01-16 04:16:13 -------- d-----w- c:\program files\uTorrent
2013-01-16 04:15:30 -------- d-----w- c:\users\prle\appdata\roaming\uTorrent
2013-01-16 04:14:23 -------- d-----w- c:\program files\Microsoft Download Manager
2013-01-16 04:13:57 -------- d-sh--w- c:\windows\Installer
2013-01-16 04:13:14 -------- d-----w- c:\windows\system32\wbem\Performance
2013-01-16 04:12:36 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-01-16 04:12:33 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-01-16 04:12:25 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-01-16 04:12:25 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-01-16 04:07:01 -------- d-sh--w- C:\Recovery
2013-01-16 04:02:19 -------- d-----w- c:\windows\Panther
2013-01-15 21:35:18 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-01-15 21:35:18 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-01-15 21:35:18 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-01-15 21:34:36 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-01-15 21:34:36 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-01-15 21:34:36 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-01-15 21:34:36 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-01-15 21:34:35 613888 ----a-w- c:\windows\system32\WUDFx.dll
2013-01-15 21:34:35 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-01-15 21:34:35 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2013-01-15 21:22:28 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2013-01-15 21:22:28 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2013-01-15 21:22:27 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2013-01-15 21:18:59 46592 ----a-w- c:\windows\system32\fpb.rs
2013-01-15 21:17:56 805376 ----a-w- c:\windows\system32\cdosys.dll
2013-01-15 21:16:53 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2013-01-15 21:15:59 478720 ----a-w- c:\windows\system32\timedate.cpl
2013-01-15 21:15:57 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-15 21:15:56 219136 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-15 21:15:56 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-15 21:15:55 67072 ----a-w- c:\windows\system32\packager.dll
2013-01-15 21:15:52 571904 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-15 21:15:52 233472 ----a-w- c:\windows\system32\oleacc.dll
2013-01-15 21:15:47 78336 ----a-w- c:\windows\system32\synceng.dll
2013-01-15 21:15:45 741376 ----a-w- c:\windows\system32\inetcomm.dll
2013-01-15 21:15:40 690688 ----a-w- c:\windows\system32\msvcrt.dll
2013-01-15 21:15:38 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-01-15 21:15:37 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-15 21:14:54 1077248 ----a-w- c:\windows\system32\DWrite.dll
2013-01-15 21:14:51 769024 ----a-w- c:\windows\system32\localspl.dll
2013-01-15 21:14:51 30208 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\winprint.dll
2013-01-15 21:14:41 442880 ----a-w- c:\windows\system32\ntshrui.dll
2013-01-15 21:14:36 1137664 ----a-w- c:\windows\system32\mfc42.dll
2013-01-15 21:14:35 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2013-01-15 21:14:31 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2013-01-15 20:43:23 -------- d-----w- c:\users\prle\appdata\local\Adobe
2013-01-15 20:15:52 123904 ----a-w- c:\windows\system32\poqexec.exe
2013-01-15 20:15:50 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2013-01-15 20:15:45 2048 ----a-w- c:\windows\system32\tzres.dll
2013-01-15 20:02:15 514152 ----a-w- c:\windows\system32\drivers\Rt86win7.sys
2013-01-15 20:00:16 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-01-15 20:00:15 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-01-15 20:00:15 107520 ----a-w- c:\windows\system32\cdd.dll
2013-01-15 19:49:12 20712 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2013-01-15 19:48:42 -------- d-----w- c:\program files\HWiNFO32
2013-01-15 19:39:55 -------- d-----w- c:\program files\Lavalys
2013-01-15 19:32:13 -------- d-----w- c:\program files\CCleaner
2013-01-15 19:29:10 -------- d-----w- c:\program files\common files\xing shared
2013-01-15 19:29:04 -------- d-----w- c:\program files\common files\Real
2013-01-15 19:28:32 569397 ----a-w- c:\program files\internet explorer\plugins\richfx\player\nprfxins.dll
2013-01-15 19:27:58 164352 ----a-w- c:\windows\system32\unrar.dll
2013-01-15 19:27:55 389120 ----a-w- c:\windows\system32\lameACM.acm
2013-01-15 19:27:54 755027 ----a-w- c:\windows\system32\xvidcore.dll
2013-01-15 19:27:54 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2013-01-15 19:27:54 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2013-01-15 19:27:54 159839 ----a-w- c:\windows\system32\xvidvfw.dll
2013-01-15 19:27:54 118784 ----a-w- c:\windows\system32\ac3acm.acm
2013-01-15 19:27:53 81920 ----a-w- c:\windows\system32\dpl100.dll
2013-01-15 19:27:51 682496 ----a-w- c:\windows\system32\divx.dll
2013-01-15 19:27:50 7680 ----a-w- c:\windows\system32\ff_vfw.dll
2013-01-15 19:27:50 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-01-15 19:27:49 -------- d-----w- c:\program files\K-Lite Codec Pack
2013-01-15 19:26:53 237072 ------w- c:\windows\system32\MpSigStub.exe
2013-01-15 19:26:32 -------- d-----w- c:\users\prle\appdata\roaming\ESET
2013-01-15 19:26:32 -------- d-----w- c:\users\prle\appdata\local\ESET
2013-01-15 19:25:38 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-15 19:25:00 -------- d-----w- c:\program files\VideoLAN
2013-01-15 19:24:38 -------- d-----w- c:\program files\ESET
2013-01-15 19:20:40 5504 ------w- c:\windows\system32\drivers\imagedrv.sys
2013-01-15 19:20:40 125184 ------w- c:\windows\system32\drivers\imagesrv.sys
2013-01-15 19:20:31 476320 ------w- c:\windows\system32\ImagXpr7.dll
2013-01-15 19:20:31 471040 ------w- c:\windows\system32\ImagXRA7.dll
2013-01-15 19:20:31 262144 ------w- c:\windows\system32\ImagXR7.dll
2013-01-15 19:20:31 1568768 ------w- c:\windows\system32\ImagX7.dll
2013-01-15 19:20:31 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2013-01-15 19:20:31 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2013-01-15 19:18:05 -------- d-----w- c:\users\prle\appdata\local\Opera
2013-01-15 19:17:41 -------- d-----w- c:\users\prle\appdata\local\CRE
2013-01-15 19:17:39 -------- d-----w- c:\program files\Conduit
2013-01-15 19:17:38 -------- d-----w- c:\users\prle\appdata\local\Conduit
2013-01-10 19:41:34 37064 ----a-w- c:\windows\system32\drivers\taphss6.sys
2013-01-10 19:27:44 36040 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
.
==================== Find3M ====================
.
2013-01-25 00:31:56 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-11-30 04:53:34 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-23 02:56:23 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-23 02:48:41 49152 ----a-w- c:\windows\system32\taskhost.exe
2012-11-22 04:45:03 626688 ----a-w- c:\windows\system32\usp10.dll
2012-11-09 04:43:04 492032 ----a-w- c:\windows\system32\win32spl.dll
.
============= FINISH: 13:21:28,80 ===============

https://www.mycity.rs/must-login.png
https://www.mycity.rs/must-login.png

Gmer Fajlovi
https://www.mycity.rs/must-login.png
https://www.mycity.rs/must-login.png

Mislim da je to to?

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Mozes li da postavis Screen Shot sta to tacno Nod detektuje?

Zasto sumnjas na malware?

offline
  • Absolut Gut
  • Pridružio: 13 Avg 2012
  • Poruke: 561
  • Gde živiš: Atakama

Nemam sad sliku zakasnio sam pisalo je da imam u gta samp sto nemam skenirao posle pa neki program i odjednom pise u zagradi (10) virusa nasao , i posle 2 min iskljuci i ne pokazuje vise, jutros mi izbaci tu Crash DUmp File, desi se nekad da zakoci , skenirao sam sa onom opcijom SMART SCAN sve uradio kako treba, obrisao toolbar , al opet mi se cini da usporeno malo radi , s'obzirom da imam odg. komponente trebalo bi da radi super ...

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Arrow Racunar je čist što se malware-a tiče. Nastavicemo diskusiju u temi koju si otvorio u Windows potforumu...


Arrow Preporučujem da za zaštitu USB memorijskih uredjaja koristiš MCShield v2. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad, a pokazao se kao jedan od najboljih vidova zaštite od malware-a koji se prenosi putem USB mem. uređaja. Skineš, instaliraš, ubodeš USB mem. uređaj, izvrši se skeniranje nakon čega dobiješ obaveštenje da je uređaj čist (ukoliko je stvarno tako); ili dobiješ log u kome vidiš informacije o malware-u koji je nađen i obrisan.


Home Page MCShield-a ::Anti-Malware Tool:: v2: http://amf.mycity.rs/mcshield/

Više o MCShield-u možeš saznati u ovim temama:
v1: http://www.mycity.rs/MyCity-Laboratorija/MCShield.html
v2: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html




Arrow Obavezno poseti temu "Testirajte da li vam je pretraživač ranjiv", pročitaj i isprati link koji stoji u njoj.
Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html



Arrow Takode, isprati i temu "Kako izbeci i ukloniti toolbar-ove" , procitaj i isprati korake u njoj. Link do teme je: http://www.mycity.rs/Zastita/Kako-izbeci-i-ukloniti-toolbar-ove.html



TwinHeadedEagle (AMF Tim)

offline
  • Absolut Gut
  • Pridružio: 13 Avg 2012
  • Poruke: 561
  • Gde živiš: Atakama

Hvala u svakom slucaju

Ko je trenutno na forumu
 

Ukupno su 765 korisnika na forumu :: 38 registrovanih, 7 sakrivenih i 720 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: aleksandarbl, amaterSRB, Arsenije, bladesu, BORUTUS, BSD, dankisha, darkojbn, darkstar101, Dejan84, djboj, Drug pukovnik, FileFinder, Frunze, Kruger, mercedesamg, mgolub, mikrimaus, mile23, Milos ZA, nemkea71, niksa517, Oscar, pein, pietro, plavii47, Rakenica, Ripanjac, Skakac7, solic, sombrero, Srki94, Stoilkovic, Toni, vathra, Vatrogasaccc, vobo, Webb