MyCity » Ambulanta -> Arhiva Ambulante » virusi usporen racunar

virusi usporen racunar

Napisano na dan: 11.5.2011

virusi usporen racunar

Sledeća strana

Pagination

Odgovori

slajad Poslao: 11 Maj 2011 19:55 Idi na vrh
offline slajad Građanin Pridružio: 26 Apr 2007 Poruke: 34	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: pokupio sam neke viruse sa usb-a i na racunaru su mi se pojavili folderi i exe fajlovi koje ne mogu da eliminisem,a racunar mi je poceo da radi usporeno. . DDS (Ver_11-03-05.01) - NTFSx86 Run by don gagi slax at 18:03:04.45 on Wed 05/11/2011 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.234 [GMT 2:00] . AV: AntiVir Desktop Enabled/Updated {AD166499-45F9-482A-A743-FDD3350758C7} . ============== Running Processes =============== . D:\WINDOWS\system32\Ati2evxx.exe D:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe D:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\Program Files\Avira\AntiVir Desktop\sched.exe svchost.exe D:\Program Files\Avira\AntiVir Desktop\avguard.exe D:\Program Files\Avira\AntiVir Desktop\avshadow.exe D:\WINDOWS\system32\Ati2evxx.exe D:\Program Files\Java\jre6\bin\jqs.exe D:\WINDOWS\Explorer.EXE D:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe D:\WINDOWS\system32\IoctlSvc.exe D:\Program Files\Ovislink\Common\RalinkRegistryWriter.exe D:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe D:\Program Files\Avira\AntiVir Desktop\avgnt.exe D:\Program Files\Common Files\Java\Java Update\jusched.exe D:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe D:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe D:\WINDOWS\system32\ctfmon.exe D:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe D:\WINDOWS\System32\svchost.exe -k HTTPFilter D:\WINDOWS\system32\WISPTIS.EXE D:\Program Files\Winamp\winamp.exe D:\Program Files\Opera\Opera.exe D:\Program Files\GRETECH\GomPlayer\GOM.exe D:\Documents and Settings\don gagi slax\Desktop\dds.scr . ============== Pseudo HJT Report =============== . uStart Page = [Link mogu videti samo ulogovani korisnici] mDefault_Page_URL = [Link mogu videti samo ulogovani korisnici] mStart Page = [Link mogu videti samo ulogovani korisnici] uURLSearchHooks: Softonic-Eng46 Toolbar: {86bf3498-8c44-4c3d-bbfb-05bd50858039} - d:\program files\softonic-eng46\tbSof2.dll uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - d:\program files\yahoo!\companion\installs\cpn0\yt.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - d:\program files\yahoo!\companion\installs\cpn0\yt.dll BHO: {043C5167-00BB-4324-AF7E-62013FAEDACF} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - d:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - d:\program files\conduitengine\ConduitEngine.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - d:\progra~1\spybot~1\SDHelper.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - d:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - d:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File BHO: Softonic-Eng46 Toolbar: {86bf3498-8c44-4c3d-bbfb-05bd50858039} - d:\program files\softonic-eng46\tbSof2.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - d:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\program files\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - d:\program files\windows live\toolbar\wltcore.dll BHO: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - No File BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - d:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No File BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - d:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll TB: Softonic-Eng46 Toolbar: {86bf3498-8c44-4c3d-bbfb-05bd50858039} - d:\program files\softonic-eng46\tbSof2.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - d:\program files\yahoo!\companion\installs\cpn0\yt.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - d:\program files\windows live\toolbar\wltcore.dll TB: {043C5167-00BB-4324-AF7E-62013FAEDACF} - No File uRun: [Google Update] "d:\documents and settings\don gagi slax\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [SpybotSD TeaTimer] d:\program files\spybot - search & destroy\TeaTimer.exe uRun: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "d:\program files\common files\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 uRun: [SkinClock] d:\program files\atomic alarm clock\AtomicAlarmClock.exe uRun: [MSMSGS] "d:\program files\messenger\msmsgs.exe" /background uRun: [ctfmon.exe] d:\windows\system32\ctfmon.exe mRun: [NeroFilterCheck] d:\program files\common files\nero\lib\NeroCheck.exe mRun: [NBKeyScan] "d:\program files\nero\nero8\nero backitup\NBKeyScan.exe" mRun: [QuickTime Task] "d:\program files\quicktime\qttask.exe" -atboottime mRun: [GrooveMonitor] "d:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [avgnt] "d:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [Adobe Reader Speed Launcher] "d:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "d:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k mRun: [SunJavaUpdateSched] "d:\program files\common files\java\java update\jusched.exe" IE: E&xport to Microsoft Excel - d:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - d:\program files\partygaming\partypoker\RunApp.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - d:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - d:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - d:\progra~1\micros~2\office12\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - d:\progra~1\spybot~1\SDHelper.dll DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - d:\program files\yahoo!\common\Yinsthelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] TCP: {D10840D5-BD55-444F-BDD3-EC24A832B9E9} = 87.250.98.250 208.67.222.222 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - d:\program files\microsoft office\office12\GrooveSystemServices.dll Notify: AtiExtEvent - Ati2evxx.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - d:\program files\microsoft office\office12\GrooveShellExtensions.dll mASetup: {23KLN5J0-4OPM-11WE-AAX5-24EF1F387232} - c:\recycler\k-1-3542-4232123213-7676767-8888886\root.exe Hosts: 127.0.0.1 www.spywareinfo.com . ============= SERVICES / DRIVERS =============== . R1 avgio;avgio;d:\program files\avira\antivir desktop\avgio.sys [2010-6-13 11608] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;d:\program files\avira\antivir desktop\sched.exe [2010-6-13 136360] R2 AntiVirService;Avira AntiVir Guard;d:\program files\avira\antivir desktop\avguard.exe [2010-6-13 269480] R2 avgntflt;avgntflt;d:\windows\system32\drivers\avgntflt.sys [2010-6-13 61960] R2 fssfltr;FssFltr;d:\windows\system32\drivers\fssfltr_tdi.sys [2009-11-24 54752] R2 LogWatch;Event Log Watch;d:\program files\ca\sharedcomponents\ca_lic\LogWatNT.exe [2005-2-23 53248] R2 RalinkRegistryWriter;Ralink Registry Writer;d:\program files\ovislink\common\RalinkRegistryWriter.exe [2009-10-19 69632] S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2009-12-2 24640] S2 Fireserv;Fireserv;"c:\fireserv\apache\bin\apache.exe" -k runservice --> c:\fireserv\apache\bin\Apache.exe [?] S3 3xHybrid;ASUSTek SAA713x PCI Card;d:\windows\system32\drivers\3xhybrid.sys --> d:\windows\system32\drivers\3xHybrid.sys [?] S3 fsssvc;Windows Live Family Safety Service;d:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872] . =============== Created Last 30 ================ . 2011-04-14 01:39:02 103864 ----a-w- d:\program files\internet explorer\plugins\nppdf32.dll . ==================== Find3M ==================== . 2011-03-07 05:33:50 692736 ----a-w- d:\windows\system32\inetcomm.dll 2011-03-04 06:37:06 420864 ----a-w- d:\windows\system32\vbscript.dll 2011-03-03 13:21:11 1857920 ----a-w- d:\windows\system32\win32k.sys 2011-02-24 09:02:09 0 ----a-w- d:\windows\system32\ConduitEngine.tmp 2011-02-22 23:06:29 916480 ----a-w- d:\windows\system32\wininet.dll 2011-02-22 23:06:29 43520 ----a-w- d:\windows\system32\licmgr10.dll 2011-02-22 23:06:29 1469440 ------w- d:\windows\system32\inetcpl.cpl 2011-02-22 11:41:59 385024 ----a-w- d:\windows\system32\html.iec 2011-02-17 12:32:12 5120 ----a-w- d:\windows\system32\xpsp4res.dll 2011-02-15 12:56:39 290432 ----a-w- d:\windows\system32\atmfd.dll . ============= FINISH: 18:07:15.67 =============== [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici]

Profil

dr_Bora Poslao: 13 Maj 2011 22:41 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	1Ovo se svidja korisniku: NIx Car Registruj se da bi pohvalio/la poruku! Preuzmi program OTM na Desktop. Dvoklikom pokreni OTM.exe U (levi) prozor programa (ispod Paste Instructions for Items to be Moved) iskopiraj sve što se nalazi unutar Kod polja: `:file c:\RECYCLER\k-1-3542-4232123213-7676767-8888886 :reg [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{23KLN5J0-4OPM-11WE-AAX5-24EF1F387232}]` Klikni MoveIt! Po završetku procesa, u desnom prozoru programa (ispod Results), će se nalaziti tekst koji je potrebno iskopirati u poruku na forumu. Ukoliko se pojavi upit: Confirm ::The system requires a reboot to finish removing files. Do you want to reboot now? kliknuti Yes kako bi se kompjuter restartovao i proces bio dovršen. Nakon ponovnog pokretanja sistema, logfile će se automatski otvoriti u Notepadu. Potrebno je iskopirati sadržaj tog loga u poruku na forumu. Ponovo pokreni program DDS i po ranije datom uputstvu postavi i njegove izveštaje.

Profil

slajad Poslao: 14 Maj 2011 00:12 Idi na vrh
offline slajad Građanin Pridružio: 26 Apr 2007 Poruke: 34	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: evo rezultat rada OTM programa Error: Unable to interpret <:file > in the current context! Error: Unable to interpret < c:\RECYCLER\k-1-3542-4232123213-7676767-8888886 > in the current context! ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{23KLN5J0-4OPM-11WE-AAX5-24EF1F387232}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23KLN5J0-4OPM-11WE-AAX5-24EF1F387232}\ not found. OTM by OldTimer - Version 3.1.17.2 log created on 05142011_000533 i DDS-a . DDS (Ver_11-03-05.01) - NTFSx86 Run by don gagi slax at 0:08:34.40 on Sat 05/14/2011 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.162 [GMT 2:00] . AV: AntiVir Desktop Enabled/Updated {AD166499-45F9-482A-A743-FDD3350758C7} . ============== Running Processes =============== . D:\WINDOWS\system32\Ati2evxx.exe D:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe D:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe D:\WINDOWS\system32\spoolsv.exe D:\Program Files\Avira\AntiVir Desktop\sched.exe svchost.exe D:\WINDOWS\system32\Ati2evxx.exe D:\Program Files\Avira\AntiVir Desktop\avguard.exe D:\WINDOWS\Explorer.EXE D:\Program Files\Avira\AntiVir Desktop\avshadow.exe D:\Program Files\Java\jre6\bin\jqs.exe D:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe D:\WINDOWS\system32\taskmgr.exe D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe D:\WINDOWS\system32\IoctlSvc.exe D:\Program Files\Ovislink\Common\RalinkRegistryWriter.exe D:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe D:\Program Files\Avira\AntiVir Desktop\avgnt.exe D:\Program Files\Common Files\Java\Java Update\jusched.exe D:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe D:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe D:\WINDOWS\system32\ctfmon.exe D:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe D:\WINDOWS\System32\svchost.exe -k HTTPFilter D:\Program Files\Opera\opera.exe D:\Program Files\GRETECH\GomPlayer\GOM.exe D:\WINDOWS\system32\WISPTIS.EXE D:\WINDOWS\system32\svchost.exe -k imgsvc D:\Program Files\Java\jre6\bin\javaw.exe D:\Documents and Settings\don gagi slax\Desktop\OTM.exe D:\Documents and Settings\don gagi slax\Desktop\dds.scr . ============== Pseudo HJT Report =============== . uStart Page = [Link mogu videti samo ulogovani korisnici] mDefault_Page_URL = [Link mogu videti samo ulogovani korisnici] mStart Page = [Link mogu videti samo ulogovani korisnici] uURLSearchHooks: Softonic-Eng46 Toolbar: {86bf3498-8c44-4c3d-bbfb-05bd50858039} - d:\program files\softonic-eng46\tbSof2.dll uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - d:\program files\yahoo!\companion\installs\cpn0\yt.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - d:\program files\yahoo!\companion\installs\cpn0\yt.dll BHO: {043C5167-00BB-4324-AF7E-62013FAEDACF} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - d:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - d:\program files\conduitengine\ConduitEngine.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - d:\progra~1\spybot~1\SDHelper.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - d:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - d:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File BHO: Softonic-Eng46 Toolbar: {86bf3498-8c44-4c3d-bbfb-05bd50858039} - d:\program files\softonic-eng46\tbSof2.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - d:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\program files\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - d:\program files\windows live\toolbar\wltcore.dll BHO: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - No File BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - d:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No File BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - d:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll TB: Softonic-Eng46 Toolbar: {86bf3498-8c44-4c3d-bbfb-05bd50858039} - d:\program files\softonic-eng46\tbSof2.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - d:\program files\yahoo!\companion\installs\cpn0\yt.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - d:\program files\windows live\toolbar\wltcore.dll TB: {043C5167-00BB-4324-AF7E-62013FAEDACF} - No File uRun: [Google Update] "d:\documents and settings\don gagi slax\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [SpybotSD TeaTimer] d:\program files\spybot - search & destroy\TeaTimer.exe uRun: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "d:\program files\common files\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 uRun: [SkinClock] d:\program files\atomic alarm clock\AtomicAlarmClock.exe uRun: [MSMSGS] "d:\program files\messenger\msmsgs.exe" /background uRun: [ctfmon.exe] d:\windows\system32\ctfmon.exe mRun: [NeroFilterCheck] d:\program files\common files\nero\lib\NeroCheck.exe mRun: [NBKeyScan] "d:\program files\nero\nero8\nero backitup\NBKeyScan.exe" mRun: [QuickTime Task] "d:\program files\quicktime\qttask.exe" -atboottime mRun: [GrooveMonitor] "d:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [avgnt] "d:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [Adobe Reader Speed Launcher] "d:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "d:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [SunJavaUpdateSched] "d:\program files\common files\java\java update\jusched.exe" IE: E&xport to Microsoft Excel - d:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - d:\program files\partygaming\partypoker\RunApp.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - d:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - d:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - d:\progra~1\micros~2\office12\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - d:\progra~1\spybot~1\SDHelper.dll DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - d:\program files\yahoo!\common\Yinsthelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] TCP: {D10840D5-BD55-444F-BDD3-EC24A832B9E9} = 87.250.98.250 208.67.222.222 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - d:\program files\microsoft office\office12\GrooveSystemServices.dll Notify: AtiExtEvent - Ati2evxx.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - d:\program files\microsoft office\office12\GrooveShellExtensions.dll Hosts: 127.0.0.1 www.spywareinfo.com . ============= SERVICES / DRIVERS =============== . R1 avgio;avgio;d:\program files\avira\antivir desktop\avgio.sys [2010-6-13 11608] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;d:\program files\avira\antivir desktop\sched.exe [2010-6-13 136360] R2 AntiVirService;Avira AntiVir Guard;d:\program files\avira\antivir desktop\avguard.exe [2010-6-13 269480] R2 avgntflt;avgntflt;d:\windows\system32\drivers\avgntflt.sys [2010-6-13 61960] R2 fssfltr;FssFltr;d:\windows\system32\drivers\fssfltr_tdi.sys [2009-11-24 54752] R2 LogWatch;Event Log Watch;d:\program files\ca\sharedcomponents\ca_lic\LogWatNT.exe [2005-2-23 53248] R2 RalinkRegistryWriter;Ralink Registry Writer;d:\program files\ovislink\common\RalinkRegistryWriter.exe [2009-10-19 69632] S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2009-12-2 24640] S2 Fireserv;Fireserv;"c:\fireserv\apache\bin\apache.exe" -k runservice --> c:\fireserv\apache\bin\Apache.exe [?] S3 3xHybrid;ASUSTek SAA713x PCI Card;d:\windows\system32\drivers\3xhybrid.sys --> d:\windows\system32\drivers\3xHybrid.sys [?] S3 fsssvc;Windows Live Family Safety Service;d:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872] . =============== Created Last 30 ================ . 2011-05-13 22:05:33 -------- d-----w- D:\_OTM 2011-04-14 01:39:02 103864 ----a-w- d:\program files\internet explorer\plugins\nppdf32.dll . ==================== Find3M ==================== . 2011-03-07 05:33:50 692736 ----a-w- d:\windows\system32\inetcomm.dll 2011-03-04 06:37:06 420864 ----a-w- d:\windows\system32\vbscript.dll 2011-03-03 13:21:11 1857920 ----a-w- d:\windows\system32\win32k.sys 2011-02-24 09:02:09 0 ----a-w- d:\windows\system32\ConduitEngine.tmp 2011-02-22 23:06:29 916480 ----a-w- d:\windows\system32\wininet.dll 2011-02-22 23:06:29 43520 ----a-w- d:\windows\system32\licmgr10.dll 2011-02-22 23:06:29 1469440 ------w- d:\windows\system32\inetcpl.cpl 2011-02-22 11:41:59 385024 ----a-w- d:\windows\system32\html.iec 2011-02-17 12:32:12 5120 ----a-w- d:\windows\system32\xpsp4res.dll 2011-02-15 12:56:39 290432 ----a-w- d:\windows\system32\atmfd.dll . ============= FINISH: 0:11:02.00 =============== [Link mogu videti samo ulogovani korisnici]

Profil

dr_Bora Poslao: 14 Maj 2011 07:48 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Dvoklikom pokreni OTM.exe. U (levi) prozor programa (ispod Paste Instructions for Items to be Moved) iskopiraj sve što se nalazi unutar Kod polja: `:files c:\RECYCLER\k-1-3542-4232123213-7676767-8888886 :reg [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{23KLN5J0-4OPM-11WE-AAX5-24EF1F387232}]` Klikni MoveIt! Po završetku procesa, u desnom prozoru programa (ispod Results), će se nalaziti tekst koji je potrebno iskopirati u poruku na forumu. Ukoliko se pojavi upit: Confirm ::The system requires a reboot to finish removing files. Do you want to reboot now? kliknuti Yes kako bi se kompjuter restartovao i proces bio dovršen. Nakon ponovnog pokretanja sistema, logfile će se automatski otvoriti u Notepadu. Potrebno je iskopirati sadržaj tog loga u poruku na forumu.

Profil

slajad Poslao: 14 Maj 2011 08:37 Idi na vrh
offline slajad Građanin Pridružio: 26 Apr 2007 Poruke: 34	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Error: Unable to interpret < > in the current context! ========== FILES ========== c:\RECYCLER\k-1-3542-4232123213-7676767-8888886 folder moved successfully. File/Folder :reg not found. File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{23KLN5J0-4OPM-11WE-AAX5-24EF1F387232}] not found. OTM by OldTimer - Version 3.1.17.2 log created on 05142011_083625

Profil

dr_Bora Poslao: 14 Maj 2011 11:34 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sada stanje?

Profil

slajad Poslao: 14 Maj 2011 23:26 Idi na vrh
offline slajad Građanin Pridružio: 26 Apr 2007 Poruke: 34	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Cini mi se da je dobro, uspio sam da izbrisem sto mi je smetalo, valjda se nece opet pojavljivati.

Profil

dr_Bora Poslao: 14 Maj 2011 23:31 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da proverimo flash diskove... Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa. - Sacekaj koji sekund dok program izvrsi inicijalno skeniranje. - Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi. - Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak - Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save scrambled log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum. Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » virusi usporen racunar

Ko je trenutno na forumu

Ukupno su 1050 korisnika na forumu :: 67 registrovanih, 3 sakrivenih i 980 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 20624 - dana 04 Apr 2026 04:18

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 33 bren, acatomic, aramis s, Arsenije, Blair, bobomicek, darionis, darkojovxp, desmeki, dj.ape, djordjemiklusev, Dorcolac, DPera, EVIDENTICAR, g_g, Glavonja049, Grah0, Great White, Halabit, Hans Gajger, iceburn, jalos, K a s p e r, king011, koneks, Lance Guest, Litostroton, Lucije Kvint, luka35, MB120mm, mercedesamg, MGBRBG, MIg, mig21, Miki 24pbr, MiljanXD, MilosKop, Mis uz pusku, nebojsag, Nele79, nenad81, nenomir, niksa517, ostoja, ozzy, panonski mornar, Panter, pein, ping15, Prečanin30, probisic, Raso75, saputnik plavetnila, sekretar, Shinobi, ShtagodShtagod, sony771, Tas011, umpah-pah, username_25, vobo, vrgudinac, xAlex2, yrraf, ZlatniRez, zziko, ZZZ

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by