Avast ne može da očisti virus!

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Kada sam uključio redovno skeniranje avast-ovim antivirus programom (v.6.0.1367) pronašao je jedan virus i očistio ga ali je preporučio da uradim Bootscan. To sam i uradio i program je pronašao dva virusa koja ne može da očisti. Log od boot skeniranja prilažem. Pokušao sam sa isključivanjem sistem restore-a i nekoliko puta ponavljao proceduru ali ništa. Kako da očistim viruse? Koristim 32-bitni sistem i konektovan sam na kablovski internet putem modema brzina 2 MBps.


mycity.rs/must-login.png
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Run by pc at 22:25:16 on 2012-02-23
Microsoft Windows XP Professional 5.1.2600.3.1250.381.1033.18.2047.1454 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MCShield\MCShieldRTM.exe
C:\Program Files\MCShield\MCShieldTray.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\PROGRA~1\Webshots\webshots.scr
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.rs/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live pomagač za prijavljivanje: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [MCShield] c:\program files\mcshield\MCShieldRTM.exe
uRun: [MCShieldTray] c:\program files\mcshield\MCShieldTray.exe
uRun: [WinFast Schedule] c:\program files\winfast\wfdtv\WFWIZ.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
StartupFolder: c:\docume~1\pc\startm~1\programs\startup\webshots.lnk - c:\program files\webshots\Launcher.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {76326493-E84F-4D4B-939C-1E07B50037F2} - hxxps://online.bancaintesabeograd.com/RetailDLL/SGCMSCCD.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 0.0.0.0
TCP: Interfaces\{24ED79C0-CF9C-476F-9DF4-5F95971BA890} : DhcpNameServer = 0.0.0.0
TCP: Interfaces\{305DAF80-B121-49FF-B80F-428784519024} : DhcpNameServer = 87.250.33.21 87.250.33.22
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 relog_ap
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\pc\application data\mozilla\firefox\profiles\ku0sl94s.default\
FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - component: c:\program files\nokia\nokia ovi suite\connectors\bookmarks connector\firefoxextension\components\FirefoxExtension.dll
FF - component: c:\program files\nokia\nokia pc suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-11-17 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-11-17 314456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-11-17 20568]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-11-17 44768]
R2 FastPara;FastPara;c:\windows\system32\drivers\fastpara.sys [2011-4-10 4832]
R3 SKYNET;TechniSat DVB-PC TV Star PCI;c:\windows\system32\drivers\SkyNET.sys [2010-3-30 507408]
R3 WFLR6654;WinFast TV2000 XP Global/Global TV (XC2028-);c:\windows\system32\drivers\wfeaglxt.sys [2011-6-3 433920]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2012-02-22 19:03:01 2 ----a-w- c:\windows\system32\Dvbpws.dll
2011-12-22 00:21:40 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-28 18:01:25 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 17:53:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
.
============= FINISH: 22:30:37,37 ===============

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav,


Izvršićemo dodatnu proveru:


Preuzmi program OTL sa donjeg linka na Desktop:

OTL download
Klikni na dati link i u prozoru koji se otvori, klikni na dugme Save;
kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati datoteku, odaberi Desktop i klikni na dugme Save.
Dvoklikom pokreni OTL;

klikni na dugme Run Scan;

po završetku skeniranja, izveštaj će se otvoriti u programu Notepad (napomena: izveštaj će automatski biti sačuvan na Desktopu kao OTL.Txt) .

Priloži izveštaj OTL.Txt uz poruku korišćenjem opcije Prikači fajl.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

OTL logfile created on: 24.2.2012 10:13:18 - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = c:\Documents and Settings\pc\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000081A | Country: Serbia and Montenegro | Language: SRL | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 69,09% Memory free
3,85 Gb Paging File | 3,43 Gb Available in Paging File | 89,28% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 160,59 Gb Total Space | 92,59 Gb Free Space | 57,65% Space Free | Partition Type: NTFS
Drive D: | 305,17 Gb Total Space | 53,79 Gb Free Space | 17,63% Space Free | Partition Type: NTFS

Computer Name: MSI | User Name: pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.02.24 09:52:06 | 000,583,680 | ---- | M] (OldTimer Tools) -- c:\Documents and Settings\pc\My Documents\Downloads\OTL.exe
PRC - [2012.02.21 18:21:28 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.03.26 15:36:55 | 000,262,144 | ---- | M] () -- C:\Program Files\MCShield\MCShieldRTM.exe
PRC - [2010.11.04 18:46:45 | 000,073,728 | ---- | M] () -- C:\Program Files\MCShield\MCShieldTray.exe
PRC - [2010.08.11 15:11:38 | 002,920,448 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.09.08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2008.04.14 11:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.10.30 19:51:44 | 000,492,720 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
PRC - [2007.10.30 19:07:38 | 000,427,288 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2004.12.13 03:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2001.08.17 23:36:42 | 000,024,064 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\devldr32.exe


========== Modules (No Company Name) ==========

MOD - [2012.02.23 14:26:31 | 001,714,688 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12022301\algo.dll
MOD - [2012.02.21 18:21:28 | 001,911,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.11.15 01:42:13 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011.03.26 15:36:55 | 000,262,144 | ---- | M] () -- C:\Program Files\MCShield\MCShieldRTM.exe
MOD - [2010.11.15 10:05:26 | 000,073,728 | ---- | M] () -- C:\Program Files\WinFast\WFDTV\RCConfig\RCKeysInfoIO.dll
MOD - [2010.11.04 18:46:45 | 000,073,728 | ---- | M] () -- C:\Program Files\MCShield\MCShieldTray.exe
MOD - [2009.04.01 13:07:12 | 000,303,188 | ---- | M] () -- C:\Program Files\WinFast\WFDTV\RTL283XACCESS.dll
MOD - [2008.12.02 10:04:34 | 000,007,680 | ---- | M] () -- C:\Program Files\WinFast\WFDTV\WIZLANGENG.dll
MOD - [2008.04.14 11:00:00 | 001,288,192 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008.04.14 11:00:00 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\qcap.dll
MOD - [2008.04.14 11:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008.04.14 11:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.10.30 19:51:44 | 000,492,720 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
MOD - [1998.09.25 09:56:58 | 000,033,384 | ---- | M] () -- C:\WINDOWS\system32\HPFiop13.dll
MOD - [1998.09.25 09:56:40 | 000,137,232 | ---- | M] () -- C:\WINDOWS\system32\HPFmlc13.dll
MOD - [1998.09.25 09:56:32 | 000,057,240 | ---- | M] () -- C:\WINDOWS\system32\HPFmem13.dll
MOD - [1998.09.25 09:56:28 | 000,048,292 | ---- | M] () -- C:\WINDOWS\system32\HPFlpm13.dll
MOD - [1998.09.25 09:56:16 | 000,072,368 | ---- | M] () -- C:\WINDOWS\system32\HPFcom13.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.06.08 12:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.09.08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8-)
SRV - [2007.10.30 19:51:44 | 000,492,720 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService)
SRV - [2007.10.30 19:07:38 | 000,427,288 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2004.12.13 03:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.06.03 16:36:00 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2011.06.03 16:36:00 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2011.06.03 16:35:52 | 000,129,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2011.06.03 16:35:36 | 000,368,544 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2011.05.18 09:12:38 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.05.18 09:12:36 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.05.18 09:12:32 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.05.18 09:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.03.19 00:59:16 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2009.10.21 17:30:32 | 000,433,920 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wfeaglxt.sys -- (WFLR6654) WinFast TV2000 XP Global/Global TV (XC2028-)
DRV - [2009.09.11 06:47:24 | 000,507,408 | ---- | M] (TechniSat Digital, S.A.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SkyNET.sys -- (SKYNET)
DRV - [2009.03.04 01:49:58 | 003,565,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.14 01:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.04.13 23:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008.04.07 15:06:48 | 000,105,088 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008.03.14 07:04:29 | 000,046,652 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2004.12.23 16:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ULCDRHlp.sys -- (ULCDRHlp)
DRV - [2001.08.17 13:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001.08.17 13:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1) Creative Interface Manager Driver (WDM)
DRV - [2001.08.17 13:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k) Creative SB Live! (WDM)
DRV - [2001.08.17 13:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
DRV - [1997.07.28 15:23:02 | 000,004,832 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\fastpara.sys -- (FastPara)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = google.rs/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.736
FF - prefs.js..extensions.enabledItems: anttoolbar@ant.com:2.3.0
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732
FF - prefs.js..extensions.enabledItems: {37fa1426-b82d-11db-8314-0800200c9a66}:2.7.6
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.449: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.12.03 11:52:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.21 18:21:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.22 23:53:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.07.04 12:43:21 | 000,000,000 | ---D | M]

[2010.04.07 10:57:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pc\Application Data\Mozilla\Extensions
[2012.02.18 00:15:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\ku0sl94s.default\extensions
[2012.02.18 00:15:10 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\ku0sl94s.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
[2012.02.12 19:09:17 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\ku0sl94s.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.12.17 09:54:13 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\ku0sl94s.default\extensions\anttoolbar@ant.com
[2012.01.10 01:12:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.02.21 18:21:28 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007.08.29 22:47:44 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011.10.03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.12.09 11:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.02.18 17:55:13 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.18 17:55:13 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2008.04.14 11:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKCU..\Run: [MCShield] C:\Program Files\MCShield\MCShieldRTM.exe ()
O4 - HKCU..\Run: [MCShieldTray] C:\Program Files\MCShield\MCShieldTray.exe ()
O4 - HKCU..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - Startup: C:\Documents and Settings\pc\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\Launcher.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {76326493-E84F-4D4B-939C-1E07B50037F2} online.bancaintesabeograd.com/RetailDLL/SGCMSCCD.DLL (ProxyModule Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24ED79C0-CF9C-476F-9DF4-5F95971BA890}: DhcpNameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{305DAF80-B121-49FF-B80F-428784519024}: DhcpNameServer = 87.250.33.21 87.250.33.22
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.03.29 14:45:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\Shell\AutoRun\command - "" = F:\ZERAVICA\\\\\\\\\\LONDON.exe
O33 - MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\Shell\explore\command - "" = F:\ZERAVICA\\\\\\\\\\\\LONDON.exe
O33 - MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\Shell\open\command - "" = F:\ZERAVICA\\\\\\\\\\\\LONDON.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========


========== Files - Modified Within 30 Days ==========

[2012.02.24 09:54:59 | 000,468,232 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.02.24 09:54:59 | 000,075,480 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.02.24 09:50:32 | 000,000,924 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.24 09:50:32 | 000,000,372 | ---- | M] () -- C:\WINDOWS\tasks\FreeFileViewerUpdateChecker.job
[2012.02.24 09:50:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.02.24 00:41:00 | 000,000,928 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.23 14:50:46 | 000,292,708 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\AswBoot.JPG
[2012.02.23 01:25:38 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.02.22 20:48:24 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2003.lnk
[2012.02.22 20:03:01 | 000,000,002 | ---- | M] () -- C:\WINDOWS\System32\Dvbpws.dll
[2012.02.22 01:03:53 | 000,000,045 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2012.02.21 18:20:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.02.16 17:00:16 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP

========== Files Created - No Company Name ==========

[2012.02.23 14:50:46 | 000,292,708 | ---- | C] () -- C:\Documents and Settings\pc\Desktop\AswBoot.JPG
[2011.11.30 14:38:08 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2011.11.30 14:38:06 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011.10.21 12:19:43 | 001,262,928 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011.10.21 11:00:14 | 000,000,076 | ---- | C] () -- C:\WINDOWS\Tiny_Run.ini
[2011.06.01 13:50:38 | 000,000,350 | ---- | C] () -- C:\WINDOWS\System32\AF15IRTBL.bin
[2011.06.01 13:47:57 | 000,000,277 | ---- | C] () -- C:\WINDOWS\WFD_FindDevID.ini
[2011.06.01 13:47:55 | 000,000,277 | ---- | C] () -- C:\WINDOWS\WFD_FindMceDev.ini
[2011.05.31 16:52:20 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.05.27 21:37:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\cd.dat
[2011.05.27 20:16:46 | 000,000,002 | ---- | C] () -- C:\WINDOWS\System32\Dvbpws.dll
[2011.05.27 19:55:21 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2011.05.27 16:35:43 | 000,051,972 | ---- | C] () -- C:\WINDOWS\System32\tlg2300_firmware.bin
[2011.04.10 23:00:22 | 000,000,623 | ---- | C] () -- C:\WINDOWS\Ulead32.ini
[2010.07.28 16:48:29 | 000,000,045 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2010.05.28 23:08:18 | 000,003,352 | ---- | C] () -- C:\WINDOWS\MDVDP.Ini
[2010.05.11 16:19:49 | 000,000,125 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2010.05.10 16:21:45 | 000,003,506 | ---- | C] () -- C:\WINDOWS\cdrLabel.ini
[2010.04.13 11:09:28 | 000,000,086 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010.04.11 22:56:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2010.04.07 10:57:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.04.07 10:08:59 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.03.31 02:05:07 | 000,000,040 | ---- | C] () -- C:\WINDOWS\RSoftInfo.dat
[2010.03.30 08:01:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010.03.29 16:35:08 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.03.29 16:34:01 | 000,732,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.03.29 15:57:37 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010.03.29 15:57:37 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010.03.29 15:57:36 | 000,182,995 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010.03.29 15:38:30 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\pc\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.29 15:38:23 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.03.29 15:27:48 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.03.29 15:23:41 | 000,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2010.03.29 15:01:13 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.03.29 15:01:12 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.03.29 15:01:08 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.03.29 15:01:07 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.03.29 15:01:05 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010.03.29 15:00:59 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.03.29 14:48:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.03.29 14:42:08 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== Files - Unicode (All) ==========
[2011.08.28 22:59:10 | 000,000,000 | ---D | M](C:\Documents and Settings\pc\My Documents\???????) -- C:\Documents and Settings\pc\My Documents\Пријеми
[2010.03.29 14:21:18 | 000,000,000 | ---D | C](C:\Documents and Settings\pc\My Documents\???????) -- C:\Documents and Settings\pc\My Documents\Пријеми

< End of report >





mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Izvini na kašnjenju sa odgovorom. Privatne obaveze.


Ponovo pokreni program OTL dvoklikom na ikonicu;

U beli okvir prozora gde piše Custom Scans/Fixes iskopiraj sledeći tekst:

:OTL
O33 - MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\Shell\AutoRun\command - "" = F:\ZERAVICA\\\\\\\\\\LONDON.exe
O33 - MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\Shell\explore\command - "" = F:\ZERAVICA\\\\\\\\\\\\LONDON.exe
O33 - MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\Shell\open\command - "" = F:\ZERAVICA\\\\\\\\\\\\LONDON.exe

:Commands
[purity]
[EmptyTemp]
[CLEARALLRESTOREPOINTS]
[Reboot]

Klikni na dugme Run Fix;


Izveštaj (Log) koji dobiješ iskopiraj ovde u poruci.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{204e6ea9-607d-11df-a690-001617ec6807}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{204e6ea9-607d-11df-a690-001617ec6807}\ not found.
File F:\ZERAVICA\\\\\\\\\\LONDON.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{204e6ea9-607d-11df-a690-001617ec6807}\ not found.
File F:\ZERAVICA\\\\\\\\\\\\LONDON.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{204e6ea9-607d-11df-a690-001617ec6807}\ not found.
File F:\ZERAVICA\\\\\\\\\\\\LONDON.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: pc
->Temp folder emptied: 97177956 bytes
->Temporary Internet Files folder emptied: 319627316 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 77266017 bytes
->Flash cache emptied: 70097 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 40912087 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 510,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.33.2 log created on 02242012_200732

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav,


Računar je čist po pitanju malicioznih programa


Pokreni OTL i klikni na Cleanup.



Evo par predloga da računar bude bezbedniji:


Koristiš staru verziju Adobe Reader-a, koja ima propuste u sigurnosti. Predlažem da instaliraš najnoviju verziju ovog čitača, ili pređes na alternativne (na primer, Foxit Reader, Nitro PDF Reader, i drugi).


Preporučujem ti da ažuriraš program MCShield za zaštitu USB memorijskih uređaja.

Izašla je beta verzija (v2) i preporučuje se da se ona koristi. Možeš je preuzeti sa OVOG linka. Nakon instalacije programa, priključi USB memorijske uređaje, i oni će biti skenirani. Na kraju skeniranja ćeš dobiti izveštaj da je uređaj čist ili obaveštenje o uklonjenom malware-u.


Takođe, poseti ovu temu da vidiš da li ti je pretraživač ranjiv i instaliraš ažurirane komponente (na primer, najnovija verzija Jave)
http://www.mycity.rs/Propusti-i-azuriranja/Testira.....anjiv.html

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 24 Feb 2012 21:58

Nažalost i dalje imam isti problem. Kada pokrenem Boot scan naiđe na taj Win32 Malware-gen i ne dozvoljava nijednu opciju sem da ga preskočim.


Dopuna: 24 Feb 2012 22:08

Sad ga Avast detektuje i u normalnom radu, ali ne može mu ništa!

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav,

Ako obratiš pažnju na detekciju uočićeš "gen". Generičke detekcije mogu često biti "lažna uzbuna", a ovde je reč o lažnoj uzbuni.

Izveštaji ne pokazuju znake aktivne infekcije.

• 1Ovo se svidja korisniku: ThePhilosopher
  
  Registruj se da bi pohvalio/la poruku!

Ako je tako, onda puno hvala. Pozdrav!