MyCity » Ambulanta -> Arhiva Ambulante » Avast ne može da očisti virus!

Avast ne može da očisti virus!

Napisano na dan: 23.2.2012

Avast ne može da očisti virus!
Sledeća strana Pagination

Idi na vrh

Poslao: 23 Feb 2012 23:48
Idi na vrh
offline
  • Pridružio: 28 Nov 2011
  • Poruke: 40

Kada sam uključio redovno skeniranje avast-ovim antivirus programom (v.6.0.1367) pronašao je jedan virus i očistio ga ali je preporučio da uradim Bootscan. To sam i uradio i program je pronašao dva virusa koja ne može da očisti. Log od boot skeniranja prilažem. Pokušao sam sa isključivanjem sistem restore-a i nekoliko puta ponavljao proceduru ali ništa. Kako da očistim viruse? Koristim 32-bitni sistem i konektovan sam na kablovski internet putem modema brzina 2 MBps.


[Link mogu videti samo ulogovani korisnici]
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Run by pc at 22:25:16 on 2012-02-23
Microsoft Windows XP Professional 5.1.2600.3.1250.381.1033.18.2047.1454 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MCShield\MCShieldRTM.exe
C:\Program Files\MCShield\MCShieldTray.exe
C:\Program Files\WinFast\WFDTV\WFWIZ.exe
C:\PROGRA~1\Webshots\webshots.scr
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
.
============== Pseudo HJT Report ===============
.
uStart Page = [Link mogu videti samo ulogovani korisnici]
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live pomagač za prijavljivanje: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [MCShield] c:\program files\mcshield\MCShieldRTM.exe
uRun: [MCShieldTray] c:\program files\mcshield\MCShieldTray.exe
uRun: [WinFast Schedule] c:\program files\winfast\wfdtv\WFWIZ.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
StartupFolder: c:\docume~1\pc\startm~1\programs\startup\webshots.lnk - c:\program files\webshots\Launcher.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - [Link mogu videti samo ulogovani korisnici]
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - [Link mogu videti samo ulogovani korisnici]
DPF: {76326493-E84F-4D4B-939C-1E07B50037F2} - [Link mogu videti samo ulogovani korisnici]
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici]
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici]
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [Link mogu videti samo ulogovani korisnici]
TCP: DhcpNameServer = 0.0.0.0
TCP: Interfaces\{24ED79C0-CF9C-476F-9DF4-5F95971BA890} : DhcpNameServer = 0.0.0.0
TCP: Interfaces\{305DAF80-B121-49FF-B80F-428784519024} : DhcpNameServer = 87.250.33.21 87.250.33.22
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 relog_ap
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\pc\application data\mozilla\firefox\profiles\ku0sl94s.default\
FF - component: c:\program files\mozilla firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - component: c:\program files\nokia\nokia ovi suite\connectors\bookmarks connector\firefoxextension\components\FirefoxExtension.dll
FF - component: c:\program files\nokia\nokia pc suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-11-17 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-11-17 314456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-11-17 20568]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-11-17 44768]
R2 FastPara;FastPara;c:\windows\system32\drivers\fastpara.sys [2011-4-10 4832]
R3 SKYNET;TechniSat DVB-PC TV Star PCI;c:\windows\system32\drivers\SkyNET.sys [2010-3-30 507408]
R3 WFLR6654;WinFast TV2000 XP Global/Global TV (XC2028-);c:\windows\system32\drivers\wfeaglxt.sys [2011-6-3 433920]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2012-02-22 19:03:01 2 ----a-w- c:\windows\system32\Dvbpws.dll
2011-12-22 00:21:40 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-28 18:01:25 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 17:53:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
.
============= FINISH: 22:30:37,37 ===============

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]

[Link mogu videti samo ulogovani korisnici]



Poslao: 24 Feb 2012 00:49
Idi na vrh
offline
  • Fil  Male
  • Legendarni građanin
  • Pridružio: 11 Jun 2009
  • Poruke: 16586

Pozdrav,


Izvršićemo dodatnu proveru:


Arrow Preuzmi program OTL sa donjeg linka na Desktop:

OTL download
Klikni na dati link i u prozoru koji se otvori, klikni na dugme Save;
kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati datoteku, odaberi Desktop i klikni na dugme Save.
Dvoklikom pokreni OTL;

klikni na dugme Run Scan;

po završetku skeniranja, izveštaj će se otvoriti u programu Notepad (napomena: izveštaj će automatski biti sačuvan na Desktopu kao OTL.Txt) .

Priloži izveštaj OTL.Txt uz poruku korišćenjem opcije Prikači fajl.



Poslao: 24 Feb 2012 10:19
Idi na vrh
offline
  • Pridružio: 28 Nov 2011
  • Poruke: 40

OTL logfile created on: 24.2.2012 10:13:18 - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = c:\Documents and Settings\pc\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000081A | Country: Serbia and Montenegro | Language: SRL | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,38 Gb Available Physical Memory | 69,09% Memory free
3,85 Gb Paging File | 3,43 Gb Available in Paging File | 89,28% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 160,59 Gb Total Space | 92,59 Gb Free Space | 57,65% Space Free | Partition Type: NTFS
Drive D: | 305,17 Gb Total Space | 53,79 Gb Free Space | 17,63% Space Free | Partition Type: NTFS

Computer Name: MSI | User Name: pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012.02.24 09:52:06 | 000,583,680 | ---- | M] (OldTimer Tools) -- c:\Documents and Settings\pc\My Documents\Downloads\OTL.exe
PRC - [2012.02.21 18:21:28 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.11.28 19:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.03.26 15:36:55 | 000,262,144 | ---- | M] () -- C:\Program Files\MCShield\MCShieldRTM.exe
PRC - [2010.11.04 18:46:45 | 000,073,728 | ---- | M] () -- C:\Program Files\MCShield\MCShieldTray.exe
PRC - [2010.08.11 15:11:38 | 002,920,448 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.09.08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2008.04.14 11:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.10.30 19:51:44 | 000,492,720 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
PRC - [2007.10.30 19:07:38 | 000,427,288 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2004.12.13 03:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2001.08.17 23:36:42 | 000,024,064 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\devldr32.exe


========== Modules (No Company Name) ==========

MOD - [2012.02.23 14:26:31 | 001,714,688 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\12022301\algo.dll
MOD - [2012.02.21 18:21:28 | 001,911,768 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.11.15 01:42:13 | 008,527,008 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011.03.26 15:36:55 | 000,262,144 | ---- | M] () -- C:\Program Files\MCShield\MCShieldRTM.exe
MOD - [2010.11.15 10:05:26 | 000,073,728 | ---- | M] () -- C:\Program Files\WinFast\WFDTV\RCConfig\RCKeysInfoIO.dll
MOD - [2010.11.04 18:46:45 | 000,073,728 | ---- | M] () -- C:\Program Files\MCShield\MCShieldTray.exe
MOD - [2009.04.01 13:07:12 | 000,303,188 | ---- | M] () -- C:\Program Files\WinFast\WFDTV\RTL283XACCESS.dll
MOD - [2008.12.02 10:04:34 | 000,007,680 | ---- | M] () -- C:\Program Files\WinFast\WFDTV\WIZLANGENG.dll
MOD - [2008.04.14 11:00:00 | 001,288,192 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2008.04.14 11:00:00 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\qcap.dll
MOD - [2008.04.14 11:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2008.04.14 11:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.10.30 19:51:44 | 000,492,720 | ---- | M] () -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
MOD - [1998.09.25 09:56:58 | 000,033,384 | ---- | M] () -- C:\WINDOWS\system32\HPFiop13.dll
MOD - [1998.09.25 09:56:40 | 000,137,232 | ---- | M] () -- C:\WINDOWS\system32\HPFmlc13.dll
MOD - [1998.09.25 09:56:32 | 000,057,240 | ---- | M] () -- C:\WINDOWS\system32\HPFmem13.dll
MOD - [1998.09.25 09:56:28 | 000,048,292 | ---- | M] () -- C:\WINDOWS\system32\HPFlpm13.dll
MOD - [1998.09.25 09:56:16 | 000,072,368 | ---- | M] () -- C:\WINDOWS\system32\HPFcom13.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.11.28 19:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011.06.08 12:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.09.08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8-)
SRV - [2007.10.30 19:51:44 | 000,492,720 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService)
SRV - [2007.10.30 19:07:38 | 000,427,288 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2004.12.13 03:34:32 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV - [2011.11.28 18:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011.11.28 18:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.11.28 18:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.11.28 18:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.11.28 18:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011.11.28 18:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.11.28 18:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011.06.03 16:36:00 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2011.06.03 16:36:00 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2011.06.03 16:35:52 | 000,129,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2011.06.03 16:35:36 | 000,368,544 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2011.05.18 09:12:38 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.05.18 09:12:36 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.05.18 09:12:32 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.05.18 09:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011.03.19 00:59:16 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV - [2009.10.21 17:30:32 | 000,433,920 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wfeaglxt.sys -- (WFLR6654) WinFast TV2000 XP Global/Global TV (XC2028-)
DRV - [2009.09.11 06:47:24 | 000,507,408 | ---- | M] (TechniSat Digital, S.A.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SkyNET.sys -- (SKYNET)
DRV - [2009.03.04 01:49:58 | 003,565,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.14 01:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.04.13 23:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008.04.07 15:06:48 | 000,105,088 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008.03.14 07:04:29 | 000,046,652 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2004.12.23 16:27:56 | 000,027,392 | ---- | M] (Ulead Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ULCDRHlp.sys -- (ULCDRHlp)
DRV - [2001.08.17 13:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001.08.17 13:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1) Creative Interface Manager Driver (WDM)
DRV - [2001.08.17 13:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k) Creative SB Live! (WDM)
DRV - [2001.08.17 13:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
DRV - [1997.07.28 15:23:02 | 000,004,832 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\fastpara.sys -- (FastPara)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [Link mogu videti samo ulogovani korisnici]:9.0.0.736
FF - prefs.js..extensions.enabledItems: [Link mogu videti samo ulogovani korisnici]:2.3.0
FF - prefs.js..extensions.enabledItems: [Link mogu videti samo ulogovani korisnici]:1.0.0.732
FF - prefs.js..extensions.enabledItems: {37fa1426-b82d-11db-8314-0800200c9a66}:2.7.6
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.449: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.12.03 11:52:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.21 18:21:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.01.22 23:53:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.07.04 12:43:21 | 000,000,000 | ---D | M]

[2010.04.07 10:57:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pc\Application Data\Mozilla\Extensions
[2012.02.18 00:15:10 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\ku0sl94s.default\extensions
[2012.02.18 00:15:10 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\ku0sl94s.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
[2012.02.12 19:09:17 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\ku0sl94s.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.12.17 09:54:13 | 000,000,000 | ---D | M] (Ant Video Downloader) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\ku0sl94s.default\extensions\anttoolbar@ant.com
[2012.01.10 01:12:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.02.21 18:21:28 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2007.08.29 22:47:44 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011.10.03 04:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.12.09 11:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.02.18 17:55:13 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.02.18 17:55:13 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2008.04.14 11:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKCU..\Run: [MCShield] C:\Program Files\MCShield\MCShieldRTM.exe ()
O4 - HKCU..\Run: [MCShieldTray] C:\Program Files\MCShield\MCShieldTray.exe ()
O4 - HKCU..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - Startup: C:\Documents and Settings\pc\Start Menu\Programs\Startup\Webshots.lnk = C:\Program Files\Webshots\Launcher.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} [Link mogu videti samo ulogovani korisnici] (Microsoft Office Template and Media Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} [Link mogu videti samo ulogovani korisnici] (Shockwave ActiveX Control)
O16 - DPF: {76326493-E84F-4D4B-939C-1E07B50037F2} [Link mogu videti samo ulogovani korisnici] (ProxyModule Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [Link mogu videti samo ulogovani korisnici] (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Link mogu videti samo ulogovani korisnici] (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24ED79C0-CF9C-476F-9DF4-5F95971BA890}: DhcpNameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{305DAF80-B121-49FF-B80F-428784519024}: DhcpNameServer = 87.250.33.21 87.250.33.22
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O30 - LSA: Authentication Packages - (relog_ap) - C:\WINDOWS\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.03.29 14:45:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\Shell\AutoRun\command - "" = F:\ZERAVICA\\\\\\\\\\LONDON.exe
O33 - MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\Shell\explore\command - "" = F:\ZERAVICA\\\\\\\\\\\\LONDON.exe
O33 - MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\Shell\open\command - "" = F:\ZERAVICA\\\\\\\\\\\\LONDON.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========


========== Files - Modified Within 30 Days ==========

[2012.02.24 09:54:59 | 000,468,232 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.02.24 09:54:59 | 000,075,480 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.02.24 09:50:32 | 000,000,924 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.24 09:50:32 | 000,000,372 | ---- | M] () -- C:\WINDOWS\tasks\FreeFileViewerUpdateChecker.job
[2012.02.24 09:50:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.02.24 00:41:00 | 000,000,928 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.23 14:50:46 | 000,292,708 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\AswBoot.JPG
[2012.02.23 01:25:38 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012.02.22 20:48:24 | 000,002,515 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2003.lnk
[2012.02.22 20:03:01 | 000,000,002 | ---- | M] () -- C:\WINDOWS\System32\Dvbpws.dll
[2012.02.22 01:03:53 | 000,000,045 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2012.02.21 18:20:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.02.16 17:00:16 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP

========== Files Created - No Company Name ==========

[2012.02.23 14:50:46 | 000,292,708 | ---- | C] () -- C:\Documents and Settings\pc\Desktop\AswBoot.JPG
[2011.11.30 14:38:08 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2011.11.30 14:38:06 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011.10.21 12:19:43 | 001,262,928 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011.10.21 11:00:14 | 000,000,076 | ---- | C] () -- C:\WINDOWS\Tiny_Run.ini
[2011.06.01 13:50:38 | 000,000,350 | ---- | C] () -- C:\WINDOWS\System32\AF15IRTBL.bin
[2011.06.01 13:47:57 | 000,000,277 | ---- | C] () -- C:\WINDOWS\WFD_FindDevID.ini
[2011.06.01 13:47:55 | 000,000,277 | ---- | C] () -- C:\WINDOWS\WFD_FindMceDev.ini
[2011.05.31 16:52:20 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.05.27 21:37:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\cd.dat
[2011.05.27 20:16:46 | 000,000,002 | ---- | C] () -- C:\WINDOWS\System32\Dvbpws.dll
[2011.05.27 19:55:21 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2011.05.27 16:35:43 | 000,051,972 | ---- | C] () -- C:\WINDOWS\System32\tlg2300_firmware.bin
[2011.04.10 23:00:22 | 000,000,623 | ---- | C] () -- C:\WINDOWS\Ulead32.ini
[2010.07.28 16:48:29 | 000,000,045 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2010.05.28 23:08:18 | 000,003,352 | ---- | C] () -- C:\WINDOWS\MDVDP.Ini
[2010.05.11 16:19:49 | 000,000,125 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\.zreglib
[2010.05.10 16:21:45 | 000,003,506 | ---- | C] () -- C:\WINDOWS\cdrLabel.ini
[2010.04.13 11:09:28 | 000,000,086 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010.04.11 22:56:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2010.04.07 10:57:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.04.07 10:08:59 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.03.31 02:05:07 | 000,000,040 | ---- | C] () -- C:\WINDOWS\RSoftInfo.dat
[2010.03.30 08:01:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010.03.29 16:35:08 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010.03.29 16:34:01 | 000,732,664 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.03.29 15:57:37 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2010.03.29 15:57:37 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2010.03.29 15:57:36 | 000,182,995 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010.03.29 15:38:30 | 000,036,352 | ---- | C] () -- C:\Documents and Settings\pc\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.29 15:38:23 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2010.03.29 15:27:48 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.03.29 15:23:41 | 000,000,192 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2010.03.29 15:01:13 | 000,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.03.29 15:01:12 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.03.29 15:01:08 | 000,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.03.29 15:01:07 | 000,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.03.29 15:01:05 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2010.03.29 15:00:59 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.03.29 14:48:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.03.29 14:42:08 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

========== Files - Unicode (All) ==========
[2011.08.28 22:59:10 | 000,000,000 | ---D | M](C:\Documents and Settings\pc\My Documents\???????) -- C:\Documents and Settings\pc\My Documents\Пријеми
[2010.03.29 14:21:18 | 000,000,000 | ---D | C](C:\Documents and Settings\pc\My Documents\???????) -- C:\Documents and Settings\pc\My Documents\Пријеми

< End of report >





[Link mogu videti samo ulogovani korisnici]

Poslao: 24 Feb 2012 20:05
Idi na vrh
offline
  • Fil  Male
  • Legendarni građanin
  • Pridružio: 11 Jun 2009
  • Poruke: 16586

Izvini na kašnjenju sa odgovorom. Privatne obaveze.


Arrow Ponovo pokreni program OTL dvoklikom na ikonicu;

U beli okvir prozora gde piše Custom Scans/Fixes iskopiraj sledeći tekst:

:OTL
O33 - MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\Shell\AutoRun\command - "" = F:\ZERAVICA\\\\\\\\\\LONDON.exe
O33 - MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\Shell\explore\command - "" = F:\ZERAVICA\\\\\\\\\\\\LONDON.exe
O33 - MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\Shell\open\command - "" = F:\ZERAVICA\\\\\\\\\\\\LONDON.exe

:Commands
[purity]
[EmptyTemp]
[CLEARALLRESTOREPOINTS]
[Reboot]

Klikni na dugme Run Fix;


Izveštaj (Log) koji dobiješ iskopiraj ovde u poruci.

Poslao: 24 Feb 2012 20:15
Idi na vrh
offline
  • Pridružio: 28 Nov 2011
  • Poruke: 40

All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{204e6ea9-607d-11df-a690-001617ec6807}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{204e6ea9-607d-11df-a690-001617ec6807}\ not found.
File F:\ZERAVICA\\\\\\\\\\LONDON.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{204e6ea9-607d-11df-a690-001617ec6807}\ not found.
File F:\ZERAVICA\\\\\\\\\\\\LONDON.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{204e6ea9-607d-11df-a690-001617ec6807}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{204e6ea9-607d-11df-a690-001617ec6807}\ not found.
File F:\ZERAVICA\\\\\\\\\\\\LONDON.exe not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: pc
->Temp folder emptied: 97177956 bytes
->Temporary Internet Files folder emptied: 319627316 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 77266017 bytes
->Flash cache emptied: 70097 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 40912087 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 510,00 mb

Restore points cleared and new OTL Restore Point set!

OTL by OldTimer - Version 3.2.33.2 log created on 02242012_200732

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Poslao: 24 Feb 2012 20:24
Idi na vrh
offline
  • Fil  Male
  • Legendarni građanin
  • Pridružio: 11 Jun 2009
  • Poruke: 16586

Pozdrav,


Računar je čist po pitanju malicioznih programa Smile


Arrow Pokreni OTL i klikni na Cleanup.



Evo par predloga da računar bude bezbedniji:


Idea Koristiš staru verziju Adobe Reader-a, koja ima propuste u sigurnosti. Predlažem da instaliraš najnoviju verziju ovog čitača, ili pređes na alternativne (na primer, Foxit Reader, Nitro PDF Reader, i drugi).


Idea Preporučujem ti da ažuriraš program MCShield za zaštitu USB memorijskih uređaja.

Izašla je beta verzija (v2) i preporučuje se da se ona koristi. Možeš je preuzeti sa OVOG linka. Nakon instalacije programa, priključi USB memorijske uređaje, i oni će biti skenirani. Na kraju skeniranja ćeš dobiti izveštaj da je uređaj čist ili obaveštenje o uklonjenom malware-u.


Idea Takođe, poseti ovu temu da vidiš da li ti je pretraživač ranjiv i instaliraš ažurirane komponente (na primer, najnovija verzija Jave)
[Link mogu videti samo ulogovani korisnici]

Poslao: 24 Feb 2012 22:08
Idi na vrh
offline
  • Pridružio: 28 Nov 2011
  • Poruke: 40

Napisano: 24 Feb 2012 21:58

Nažalost i dalje imam isti problem. Kada pokrenem Boot scan naiđe na taj Win32 Malware-gen i ne dozvoljava nijednu opciju sem da ga preskočim.


Dopuna: 24 Feb 2012 22:08

Sad ga Avast detektuje i u normalnom radu, ali ne može mu ništa!

Poslao: 24 Feb 2012 22:13
Idi na vrh
offline
  • Fil  Male
  • Legendarni građanin
  • Pridružio: 11 Jun 2009
  • Poruke: 16586

Pozdrav,

Ako obratiš pažnju na detekciju uočićeš "gen". Generičke detekcije mogu često biti "lažna uzbuna", a ovde je reč o lažnoj uzbuni.

Izveštaji ne pokazuju znake aktivne infekcije.

Poslao: 24 Feb 2012 22:15
Idi na vrh
offline
  • Pridružio: 28 Nov 2011
  • Poruke: 40

Ako je tako, onda puno hvala. Pozdrav!

MyCity » Ambulanta -> Arhiva Ambulante » Avast ne može da očisti virus!

Ko je trenutno na forumu
 

Ukupno su 1788 korisnika na forumu :: 89 registrovanih, 7 sakrivenih i 1692 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 5253 - dana 09 Dec 2025 16:26

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: -[CoA]-, 357magnum, aca018, acov34, Adaminho1985, ajo baba, amstel, Andy, Automaticar, Banovo Brdo, Beardonitch, bojan_t, Bole72, cinoeye, Clouseau, cole77, cvrle312, DalmatinacMF, Dannyboy, dejankm, DezurniOperativni, dok80, DonRumataEstorski, Draganeli, Duck of Death, Gogi_avio, jeen yuhs, Jeremiah, JK, Jomini, K a s p e r, kenny74, kolle.the.kid, Kordon, Koridor, Kubovac, kuntakinte, lacko, luka35, M74AB3, Marko Marković, MarkoMarkovic86, max power, mb1213, mercedesamg, miki kv, MILO-VAN, momcilob55, nenooo, neutrino, NklJov123, Nobunaga, nuki1234, pacika, Panter, Papadubi, pceklic, Pekman, pobeda, Povratak1912, proka89, Ratnik84, Regrut Boskica, royst33, Samo gledam, samp1389, Sarmat, sasa87, Sharpshooter, Slingshot, Srbija78, Srle993, Stanlio, travisrise, vaso1, Velizar Laro, Velički, vidra boy, virked, VJ, VNVK, vobo, voja64, VonDrobac, vukajlo71, vuksa72, Zastava, zauzet, zombicar153