sumnjam na malware

sumnjam na malware

offline
  • Pridružio: 03 Dec 2007
  • Poruke: 26

Napisano: 12 Avg 2009 2:11

Problemi koje ja imam ne moraju poticati od malware-a, ali bih ipak zeleo da proverite, jer ja mislim da ga ima na mom racunaru dosta. Pre svega racunar mi je dosta usporen prilikom startovanja windowsa, kasnije se normalizuje, ali nekad se desi da ostane tako usporen, pa je neophodno da ga restartujem kako bi normalno radio. Takodje imam problema sa windows live messengerom, veoma cesto nece da me prijavi. Kao zastitu koristim Aviru, a juce sam skenirao racunar sa malwarebytes-om.

Evo DDS fajla:


DDS (Ver_09-07-30.01) - NTFSx86
Run by Dmitar at 23:21:07,68 on uto 11.08.2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.255.117 [GMT 2:00]

AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

============== Running Processes ===============

D:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
D:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\WINDOWS\system32\svchost.exe -k imgsvc
D:\Program Files\Canon\CAL\CALMAIN.exe
D:\Program Files\PC Connectivity Solution\ServiceLayer.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Opera\Opera.exe
d:\program files\avira\antivir desktop\avcenter.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Documents and Settings\Dmitar\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uURLSearchHooks: N/A: {0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2} - d:\program files\asksbar\srchastt\1.bin\A2SRCHAS.DLL
BHO: Ask Search Assistant BHO: {0579b4b1-0293-4d73-b02d-5ebb0ba0f0a2} - d:\program files\asksbar\srchastt\1.bin\A2SRCHAS.DLL
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - d:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - d:\program files\java\jre1.6.0_03\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - d:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Ask Toolbar BHO: {f0d4b231-da4b-4daf-81e4-dfee4931a4aa} - d:\program files\asksbar\bar\1.bin\ASKSBAR.DLL
TB: Ask Toolbar: {f0d4b239-da4b-4daf-81e4-dfee4931a4aa} - d:\program files\asksbar\bar\1.bin\ASKSBAR.DLL
uRun: [ctfmon.exe] d:\windows\system32\ctfmon.exe
uRun: [msnmsgr] "d:\program files\msn messenger\msnmsgr.exe" /background
mRun: [NeroFilterCheck] d:\windows\system32\NeroCheck.exe
mRun: [Adobe Reader Speed Launcher] "d:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [PCSuiteTrayApplication] d:\program files\nokia\nokia pc suite 6\LaunchApplication.exe -startup
mRun: [Adobe Photo Downloader] "d:\program files\adobe\photoshop album starter edition\3.0\apps\apdproxy.exe"
mRun: [avgnt] "d:\program files\avira\antivir desktop\avgnt.exe" /min
dRun: [Nokia.PCSync] d:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
IE: &Search
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - d:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {00000055-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/fhg.CAB
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

============= SERVICES / DRIVERS ===============

R1 avgio;avgio;d:\program files\avira\antivir desktop\avgio.sys [2009-7-12 11608]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;d:\program files\avira\antivir desktop\sched.exe [2009-7-12 108289]
R2 AntiVirService;Avira AntiVir Guard;d:\program files\avira\antivir desktop\avguard.exe [2009-7-12 185089]
R2 avgntflt;avgntflt;d:\windows\system32\drivers\avgntflt.sys [2009-4-4 55656]
R3 iadusb;MT882;d:\windows\system32\drivers\glauiad.sys [2008-3-24 30336]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;d:\program files\msn messenger\usnsvc.exe [2007-1-19 97136]

=============== Created Last 30 ================

2009-08-10 01:57 <DIR> --d----- d:\docume~1\dmitar\applic~1\Malwarebytes
2009-08-10 01:57 38,160 a------- d:\windows\system32\drivers\mbamswissarmy.sys
2009-08-10 01:57 <DIR> --d----- d:\docume~1\alluse~1.win\applic~1\Malwarebytes
2009-08-10 01:57 19,096 a------- d:\windows\system32\drivers\mbam.sys
2009-08-10 01:57 <DIR> --d----- d:\program files\Malwarebytes' Anti-Malware
2009-07-21 11:21 268 a---h--- D:\sqmdata08.sqm
2009-07-21 11:21 244 a---h--- D:\sqmnoopt08.sqm
2009-07-17 00:27 <DIR> --d----- d:\program files\Barbie(TM)

==================== Find3M ====================

2009-08-07 14:22 55,656 a------- d:\windows\system32\drivers\avgntflt.sys
2009-06-29 18:12 827,392 a------- d:\windows\system32\wininet.dll
2009-06-29 18:12 78,336 a------- d:\windows\system32\ieencode.dll
2009-06-29 18:12 17,408 -------- d:\windows\system32\corpol.dll
2009-06-16 16:55 119,808 a------- d:\windows\system32\t2embed.dll
2009-06-16 16:55 82,432 a------- d:\windows\system32\fontsub.dll
2009-06-03 21:27 1,290,752 a------- d:\windows\system32\quartz.dll
2001-11-23 06:08 712,704 a------- d:\windows\inf\other\AUDIO3D.DLL
2009-04-04 22:21 32,768 a--sh--- d:\windows\temp\cookies\index.dat
2009-04-04 22:21 32,768 a--sh--- d:\windows\temp\history\history.ie5\index.dat
2009-04-04 22:21 49,152 a--sh--- d:\windows\temp\temporary internet files\content.ie5\index.dat

============= FINISH: 23:22:12,22 ===============


Imao sam izvesnih problema sa GMER-om i RootRepeal-om, jedino GMER od ova dva sam uspeo da pokrenem, ali iz vise pokusaja nisam mogao da zavrsim prvo skeniranje (fajl gmer1), uvek mi je racunar zakocio. Uspeo sam jedino da snimim fajlove gmer2 i gmer3.

mycity.rs/must-login.png

Dopuna: 12 Avg 2009 2:34

Najvise sto sam uspeo da snimim prilikom skeniranja sa GMER-om je prilozeno u sledecem fajlu. Jednostavno racunar ne moze da izdrzi skeniranje do kraja, samo zakoci. Nadam se da su informacije koje sam pruzio od pomoci. Unapred hvala...


mycity.rs/must-login.png

offline
  • diarno  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 15 Jun 2007
  • Poruke: 5572

Nema ovde malware-a..Proveri temperature i predji malo top teme u windows podforumu koje se ticu optimizacije rada sistema...Pozzz

Ko je trenutno na forumu
 

Ukupno su 1223 korisnika na forumu :: 35 registrovanih, 12 sakrivenih i 1176 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Rade, amaterSRB, Bane san, BORUTUS, Brana01, cikadeda, CikaKURE, dankisha, dijica, Dimitrije Paunovic, DPera, dragoljub11987, dushan, ILGromovnik, Još malo pa deda, Karla, ladro, Leonov, lord sir giga, Magistar78, mercedesamg, milenko crazy north, milutin134, ruma, sabros, Smajser, Steeeefan, vathra, vlad the impaler, vladulns, voja64, Volkhov-M, YugoSlav, Zandar, zzapNDjuric99