Poslao: 02 Nov 2011 21:24
|
offline
- Dragana211
- Novi MyCity građanin
- Pridružio: 02 Nov 2011
- Poruke: 2
|
Primila sam preko fb-a link i kada sam otišla na taj link traženo je da instaliram flash player,pritisnula sam.Otada ne mogu da udjem na Fb-ovu stranicu ,a pojavili su se i mnogi virusi na kompjuteru.Međutim,viruse sam izbrisala sa kompjutera uz pomoć Malwarebytes' Anti-Malware dok još uvijek ne mogu pristupiti Fb stranici.Šta da radim Hvala unaprijed.
|
|
|
|
|
Poslao: 02 Nov 2011 22:47
|
offline
- Dragana211
- Novi MyCity građanin
- Pridružio: 02 Nov 2011
- Poruke: 2
|
DDS
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Run by xx at 21:42:28 on 2011-11-02
.
============== Running Processes ===============
.
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\AVG\AVG2012\avgfws.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\USB Disk Win98 Driver\Res.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\PC Tools Security\pctsGui.exe
C:\Program Files\PC Tools Security\BDT\FGuard.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Documents and Settings\xx\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Documents and Settings\xx\Local Settings\Application Data\Google\Update\1.3.21.79\GoogleCrashHandler.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\PC Tools Security\pctsAuxs.exe
C:\DOCUME~1\xx\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Documents and Settings\xx\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\xx\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\xx\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\xx\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\xx\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\PC Tools Security\pctsSvc.exe
\??\C:\Program Files\AVG\AVG2012\avgcsrvx.exe
\??\C:\Program Files\AVG\AVG2012\avgrsx.exe
\??\C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Documents and Settings\xx\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\xx\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\xx\My Documents\Downloads\dds.com
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2786678
uSearch Page = hxxp://www.live.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.searchgateway.net/search/%s
mSearchAssistant = hxxp://start.facemoods.com/?a=fbpage&s={searchTerms}&f=4
uURLSearchHooks: H - No File
uURLSearchHooks: ToggleEN Toolbar: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - c:\program files\toggleen\tbTog0.dll
uURLSearchHooks: Brothersoft Toolbar: {e8de9422-3b2c-4243-bf6f-235da84d8ef8} - c:\program files\brothersoft\prxtbBro2.dll
uURLSearchHooks: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
BHO: ToggleEN Toolbar: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - c:\program files\toggleen\tbTog0.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: MediaBar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - c:\progra~1\imesha~1\mediabar\toolbar\imeshdtxmltbpi.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: UrlHelper Class: {474597c5-ab09-49d6-a4d5-2e8d7341384e} - c:\progra~1\imesha~1\mediabar\datamngr\IEBHO.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\8.0.0.34\AVG Secure Search_toolbar.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\6.3.2348.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Brothersoft Toolbar: {e8de9422-3b2c-4243-bf6f-235da84d8ef8} - c:\program files\brothersoft\prxtbBro2.dll
TB: ToggleEN Toolbar: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - c:\program files\toggleen\tbTog0.dll
TB: Brothersoft Toolbar: {e8de9422-3b2c-4243-bf6f-235da84d8ef8} - c:\program files\brothersoft\prxtbBro2.dll
TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: @c:\program files\msn toolbar\platform\6.3.2348.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\6.3.2348.0\npwinext.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\pc tools security\bdt\PCTBrowserDefender.dll
TB: MediaBar: {28387537-e3f9-4ed7-860c-11e69af4a8a0} - c:\progra~1\imesha~1\mediabar\toolbar\imeshdtxmltbpi.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\8.0.0.34\AVG Secure Search_toolbar.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMBgMonitor.exe"
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [Google Update] "c:\documents and settings\xx\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [iMesh] "c:\program files\imesh applications\imesh\iMesh.exe" --lightmode
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
mRun: [avgnt] "c:\program files\avira\antivir personaledition classic\avgnt.exe" /min
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [AzMixerSel] c:\program files\realtek\installshield\AzMixerSel.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe
mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [USB Storage Toolbox] c:\program files\usb disk win98 driver\Res.EXE
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [tray"] "c:\program files\codedcolor\byngo.exe /tray"
mRun: [CM108Sound] RunDll32 CM108.cpl,CMICtrlWnd
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [ISTray] "c:\program files\pc tools security\pctsGui.exe" /hideGUI
mRun: [PCTools FGuard] c:\program files\pc tools security\bdt\FGuard.exe
mRun: [DATAMNGR] c:\progra~1\imesha~1\mediabar\datamngr\DATAMN~1.EXE
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [tray_ico]
mRun: [tray_ico1]
mRun: [tray_ico2]
mRun: [tray_ico3]
mRun: [tray_ico4]
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
mPolicies-system: EnableSecureUIAPaths = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{562E5250-2734-46D1-8AD0-F80A75AA133B} : DhcpNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\8.0.1\ViProtocol.dll
Notify: igfxcui - igfxdev.dll
.
============= SERVICES / DRIVERS ===============
.
R? AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler
R? AntiVirService;Avira AntiVir Personal - Free Antivirus Guard
R? AntiVirUpgradeService;Avira Upgrade Service
R? Avgfwfd;AVG network filter service
R? avgio;avgio
R? avgntflt;avgntflt
R? CM1083264;C-Media CM108 Like Sound UDAX Interface
R? PowerManager;Power Manager
S? ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor
S? Avgfwdx;Avgfwdx
S? avgfws;AVG Firewall
S? AVGIDSAgent;AVGIDSAgent
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSEH;AVGIDSEH
S? AVGIDSFilter;AVGIDSFilter
S? AVGIDSShim;AVGIDSShim
S? Avgldx86;AVG AVI Loader Driver
S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx86;AVG Anti-Rootkit Driver
S? Avgtdix;AVG TDI Driver
S? avgwd;AVG WatchDog
S? Browser Defender Update Service;Browser Defender Update Service
S? MBAMSwissArmy;MBAMSwissArmy
S? PCTCore;PCTools KDS
S? pctDS;PC Tools Data Store
S? pctEFA;PC Tools Extended File Attributes
S? sdAuxService;PC Tools Auxiliary Service
S? sdCoreService;PC Tools Security Service
S? Start BT in service;Start BT in service
S? vToolbarUpdater;vToolbarUpdater
.
=============== Created Last 30 ================
.
2011-11-02 20:37:44 -------- d--h--w- c:\windows\PIF
2011-11-02 20:23:22 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-11-02 20:05:35 -------- d-----w- c:\program files\MALWAREBYTES ANTI-MALWARE
2011-11-02 20:05:27 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-02 09:11:54 -------- d-----w- c:\program files\MSN TOOLBAR
2011-11-02 09:10:14 -------- dc----w- c:\documents and settings\xx\application data\AVG2012
2011-11-02 09:08:20 -------- dc----w- c:\documents and settings\xx\application data\AVG Secure Search
2011-11-02 09:08:08 -------- d-----w- c:\program files\common files\AVG Secure Search
2011-11-02 09:08:06 -------- d-----w- c:\program files\AVG Secure Search
2011-11-02 08:55:22 -------- d-----w- c:\windows\system32\drivers\AVG
2011-11-02 08:55:20 -------- dc----w- c:\documents and settings\all users\application data\AVG2012
2011-11-02 07:28:54 -------- dcs---w- C:\ComboFix
2011-11-01 20:49:15 98816 ----a-w- c:\windows\sed.exe
2011-11-01 20:49:15 518144 ----a-w- c:\windows\SWREG.exe
2011-11-01 20:49:15 256000 ----a-w- c:\windows\PEV.exe
2011-11-01 20:49:15 208896 ----a-w- c:\windows\MBR.exe
2011-10-31 19:56:56 -------- dc----w- c:\documents and settings\xx\application data\Malwarebytes
2011-10-31 19:55:53 -------- dc----w- c:\documents and settings\all users\application data\Malwarebytes
2011-10-31 19:55:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-31 18:48:55 -------- dc----w- c:\documents and settings\xx\local settings\application data\Opera
2011-10-30 16:10:47 -------- d-----w- c:\program files\Conduit
2011-10-30 16:03:15 -------- dc----w- c:\documents and settings\xx\application data\uTorrent
2011-10-29 13:48:26 -------- d--h--w- c:\windows\update.2
2011-10-29 13:40:29 -------- d--h--w- c:\windows\update.5.0
2011-10-29 13:31:35 -------- d-----w- c:\windows\av_ico
2011-10-29 13:29:57 -------- d--h--w- c:\windows\update.1
2011-10-29 13:29:46 -------- d--h--w- c:\windows\update.tray-8-0-lnk
2011-10-29 13:29:46 -------- d--h--w- c:\windows\update.tray-8-0
2011-10-27 17:52:04 -------- d-----w- c:\program files\VideoLAN
2011-10-27 17:42:48 -------- d-----w- c:\program files\JDownloader
2011-10-27 17:24:16 26368 ------w- c:\windows\system32\drivers\SET36.tmp
2011-10-27 17:23:35 26368 ----a-w- c:\windows\system32\drivers\SET32.tmp
2011-10-22 11:09:09 293376 ------w- c:\windows\system32\browserchoice.exe
2011-10-17 20:38:04 -------- d-----r- c:\program files\Skype
2011-10-15 15:40:53 -------- dc----w- c:\documents and settings\xx\application data\PathToSuccess
2011-10-07 20:15:03 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-10-07 20:06:09 -------- dc----w- c:\documents and settings\all users\application data\Big Fish Games
2011-10-07 19:54:33 -------- dc----w- c:\documents and settings\all users\application data\BigFishGamesCache
.
==================== Find3M ====================
.
2011-09-13 05:30:10 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
.
============= FINISH: 21:49:08,71 ===============
mycity.rs/must-login.png
mycity.rs/must-login.png
Ako treba još nešto,poslaću.
|
|
|
|
Poslao: 02 Nov 2011 23:33
|
offline
- diarno
- Anti Malware Fighter
Rank 2
- Pridružio: 15 Jun 2007
- Poruke: 5572
|
Odakle da krenem.
Pustala si Combofix. Nisi trebala.
Imas ni sam ne znam kolko Antivirusa. Opredeli se za jedan, ostale deinstaliraj.
Postavi mi poslednji log Combofixa. C:\ComboFix.txt
|
|
|
|