MyCity » Ambulanta -> Arhiva Ambulante » Da li imam virus?

Da li imam virus?

Napisano na dan: 28.1.2014

Strana:
1
2

Da li imam virus?

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Killer7 Poslao: 28 Jan 2014 21:56 Idi na vrh
offline Killer7 Super građanin Istrazivanje Windowsa Pridružio: 12 Jul 2012 Poruke: 1023	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 28 Jan 2014 21:37 Evo sad sam na starom racunaru i nemam anitvirus jer kada ga imam onda kompjuter samo koci.Sad posto nemam pojavio se problem igrao sam igra pre 10 minuta i sve bilo dobro i sad youtube opet poceo da koci znaci danima sve bilo dobro (( DDS: DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.45.2 Run by Slavko Radic at 21:33:37 on 2014-01-28 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.959.302 [GMT 1:00] . . ============== Running Processes ================ . C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\PixArt\PAC7302\Monitor.exe C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com uSearch Bar = hxxp://www.google.com/ie mStart Page = hxxp://www.google.com uInternet Connection Wizard,ShellNext = iexplore uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet uPolicies-Explorer: NoDriveTypeAutoRun = dword:221 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204 DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1341956071921 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{DCDA6A31-04D3-488B-BDC7-FBF8DD2AA9B8} : DHCPNameServer = 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll AppInit_DLLs= Hosts: 192.168.1.2 ps2nfs04.ea.com ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\slavko radic\application data\mozilla\firefox\profiles\ocykmfzx.default\ FF - prefs.js: browser.startup.homepage - hxxps://www.google.rs FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_170.dll . ============= SERVICES / DRIVERS =============== . S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2013-1-19 1691480] S4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S4 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-7-25 162672] S4 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856] . =============== File Associations =============== . FileExt: .txt: txtfile=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice] FileExt: .inf: inffile=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice] . =============== Created Last 30 ================ . 2014-01-27 17:37:50 -------- d-----w- c:\documents and settings\slavko radic\local settings\application data\FilesFrog Update Checker 2014-01-05 21:17:50 -------- d-----w- c:\documents and settings\all users\application data\SoftWarehouse 2014-01-05 00:10:42 -------- d-----w- c:\documents and settings\slavko radic\AppData 2014-01-05 00:10:20 -------- d-----w- c:\documents and settings\all users\application data\cff81145b297ae00 2014-01-05 00:10:19 -------- d-----w- c:\documents and settings\slavko radic\local settings\application data\Comodo . ==================== Find3M ==================== . 2014-01-27 22:02:07 1073452 -c--a-w- c:\windows\system32\nvdrsdb1.bin 2014-01-27 22:02:07 1 -c--a-w- c:\windows\system32\nvdrssel.bin 2014-01-27 22:01:58 1073452 -c--a-w- c:\windows\system32\nvdrsdb0.bin 2013-12-12 19:50:25 692616 -c--a-w- c:\windows\system32\FlashPlayerApp.exe 2013-12-12 19:50:24 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-11-27 20:21:06 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys 2013-11-13 02:59:42 150528 ----a-w- c:\windows\system32\imagehlp.dll 2013-11-07 05:38:51 591360 ----a-w- c:\windows\system32\rpcrt4.dll 2013-11-06 01:03:31 7168 -c--a-w- c:\windows\system32\xpsp4res.dll . ============= FINISH: 21:34:30,10 =============== attach: https://www.mycity.rs/must-login.png I imam 32 bitni windows ali ne znam u cemu je sad greska Bilo u redu i sad opet koci youtube! Da li mozda imam virus? Dopuna: 28 Jan 2014 21:56 I da na pomenem kad sam na youtube onda se pojavi znak uzvicnik gore kod adrese i pise: this website does not supply identity information'' i sta sad to znaci? Kako da popravim sve to? :/

Profil

Sass Drake Poslao: 28 Jan 2014 22:28 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	1Ovo se svidja korisniku: spasa Registruj se da bi pohvalio/la poruku! Preuzmite program GMER sa donjeg linka na Desktop: GMER download Kliknite dati link; Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save. Dvoklikom pokrenite GMER. Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No; kliknite Scan i sačekajte da skeniranje bude završeno; kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1); kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan; po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2); kliknite taster >>> i odaberite Autostart karticu; po završetku kratkotrajnog skeniranja, kliknite Copy; otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3); Slikoviti prikaz postupka Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

Profil

Killer7 Poslao: 28 Jan 2014 22:36 Idi na vrh
offline Killer7 Super građanin Istrazivanje Windowsa Pridružio: 12 Jul 2012 Poruke: 1023	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Izvini ali ne mogu da ti postavim gmer! Kliknem na scan i ono radi i dode malo dalje i onda izbaci error i pise ''error memory could not be ridden i (oxcf4837837 click to terminate process'' i kliknes ok i izskljuci program.Ima li neki dugi program jer ovaj nece :/

Profil

Sass Drake Poslao: 28 Jan 2014 22:37 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi aswMBR i sačuvaj ga na Desktop. Dvoklikom pokreni aswMBR. Ukoliko dobiješ sljedeću poruku: Would you like to download latest Avast! virus definitions? Klikni na dugme Yes i pričekaj da se proces preuzimanja definicija završi. Provjeri da je pod AV Scan: izabrana opcija QuickScan Klikni na Scan. Kada završi skeniranje ( Scan finished successfully ) klikni Save log. Sačuvaj aswMBR log na Desktop. Sadržaj tog loga iskopiraj u temi.

Profil

Killer7 Poslao: 28 Jan 2014 22:39 Idi na vrh
offline Killer7 Super građanin Istrazivanje Windowsa Pridružio: 12 Jul 2012 Poruke: 1023	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sad imam neka 3 fajla u korpi ali ne mogu da ih obrisem! Ja ne znam sta se desava sa mojim kompjuterom ali nesto se cudno ponasa :/

Profil

Sass Drake Poslao: 28 Jan 2014 22:53 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi aswMBR i sačuvaj ga na Desktop. Dvoklikom pokreni aswMBR. Ukoliko dobiješ sljedeću poruku: Would you like to download latest Avast! virus definitions? Klikni na dugme Yes i pričekaj da se proces preuzimanja definicija završi. Provjeri da je pod AV Scan: izabrana opcija QuickScan Klikni na Scan. Kada završi skeniranje ( Scan finished successfully ) klikni Save log. Sačuvaj aswMBR log na Desktop. Sadržaj tog loga iskopiraj u temi.

Profil

Killer7 Poslao: 28 Jan 2014 23:12 Idi na vrh
offline Killer7 Super građanin Istrazivanje Windowsa Pridružio: 12 Jul 2012 Poruke: 1023	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 28 Jan 2014 23:06 Evo ga: aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software Run date: 2014-01-28 22:40:38 ----------------------------- 22:40:38.109 OS Version: Windows 5.1.2600 Service Pack 3 22:40:38.109 Number of processors: 1 586 0x5F03 22:40:38.109 ComputerName: SLAVKO UserName: 22:40:39.375 Initialize success 22:46:06.703 AVAST engine defs: 14012801 22:46:14.781 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4 22:46:14.781 Disk 0 Vendor: Maxtor_6Y080L0 YAR41BW0 Size: 78167MB BusType: 3 22:46:14.984 Disk 0 MBR read successfully 22:46:14.984 Disk 0 MBR scan 22:46:15.062 Disk 0 Windows XP default MBR code 22:46:15.078 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 39999 MB offset 1 22:46:15.078 Disk 0 Partition - 00 0F Extended LBA 38166 MB offset 81919982 22:46:15.093 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 38166 MB offset 81919983 22:46:15.109 Disk 0 scanning sectors +160085982 22:46:15.296 Disk 0 scanning C:\WINDOWS\system32\drivers 22:46:32.796 Service scanning 22:47:11.921 Modules scanning 22:47:32.390 Disk 0 trace - called modules: 22:47:32.890 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys 22:47:32.890 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8626d030] 22:47:32.890 3 CLASSPNP.SYS[f74c7fd7] -> nt!IofCallDriver -> \Device\0000005d[0x8626ff18] 22:47:32.890 5 ACPI.sys[f735e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8622dd98] 22:47:33.734 AVAST engine scan C:\WINDOWS 22:47:42.109 AVAST engine scan C:\WINDOWS\system32 22:52:47.781 AVAST engine scan C:\WINDOWS\system32\drivers 22:53:05.687 AVAST engine scan C:\Documents and Settings\Slavko Radic 23:04:02.609 AVAST engine scan C:\Documents and Settings\All Users 23:04:32.187 Scan finished successfully 23:05:11.312 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Slavko Radic\Desktop\MBR.dat" 23:05:11.312 The log file has been saved successfully to "C:\Documents and Settings\Slavko Radic\Desktop\aswMBR.txt" Dopuna: 28 Jan 2014 23:12 I sta sad?

Profil

Sass Drake Poslao: 28 Jan 2014 23:22 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Postavljeni izvještaji ne pokazuju tragove aktivnog malware-a, no ako želiš obavićemo još jednu provjeru sa FRST-om. Preuzmi Farbar-ov Farbar Recovery Scan Tool () sa ove adrese na Desktop: Postoji 32-bit. i 64-bitna verzija. Potrebno je preuzeti verziju koja je kompatibilna sa tvojim sistemom. Ako nisi siguran koja verzija se odnosi na tvoj sistem, preuzmi ih obe i pokreni. Samo jedan od njih će raditi na tvom sistemu, to će biti prava verzija. dvoklikom pokreni program, kada se alat pokrene klikni Yes na Disclaimer prozor; klikni na dugme Scan; po završetku skeniranja, alat će formirati izveštaj (FRST.txt) u isti direktorijum gde je FRST alat sačuvan; iskopiraj sadržaj FRST.txt izveštaja u poruku; po prvom pokretanju, alat bi trebao formirati i dodatni izveštaj (Addition.txt); okači Addition.txt izveštaj uz poruku koristeći opciju Prikači fajl

Profil

Killer7 Poslao: 28 Jan 2014 23:38 Idi na vrh
offline Killer7 Super građanin Istrazivanje Windowsa Pridružio: 12 Jul 2012 Poruke: 1023	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 28 Jan 2014 23:35 can result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-01-2014 03 Ran by Slavko Radic (administrator) on SLAVKO on 28-01-2014 23:31:41 Running from C:\Documents and Settings\Slavko Radic\My Documents\Downloads Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/ ==================== Processes (Whitelisted) =================== (PixArt Imaging Incorporation) C:\WINDOWS\Pixart\Pac7302\Monitor.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [PAC7302_Monitor] - C:\WINDOWS\PixArt\PAC7302\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation) HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [15517472 2013-01-31] (NVIDIA Corporation) HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMCTray.dll [108832 2013-01-31] (NVIDIA Corporation) HKLM\...\Run: [nwiz] - C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1982312 2013-01-31] () HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 MountPoints2: F - F:\Launch.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie SearchScopes: HKLM - DefaultScope value is missing. BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - No Name - {10921475-03CE-4E04-90CE-E2E7EF20C814} - No File Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation) Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Slavko Radic\Application Data\Mozilla\Firefox\Profiles\ocykmfzx.default FF Homepage: https://www.google.rs FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll () FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) ========================== Services (Whitelisted) ================= S4 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-10-08] (Oracle Corporation) ==================== Drivers (Whitelisted) ==================== R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.) S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative) R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [36864 2006-07-01] (Advanced Micro Devices) S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation) S3 hamachi; C:\WINDOWS\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.) R3 HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFBS2S2.sys [220032 2004-08-03] (Conexant Systems, Inc.) R3 HSF_DP; C:\WINDOWS\System32\DRIVERS\HSFDPSP2.sys [1041536 2004-08-03] (Conexant Systems, Inc.) S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.) S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R0 nvata; C:\WINDOWS\System32\DRIVERS\nvata.sys [105344 2006-08-14] (NVIDIA Corporation) R0 nvgts; C:\WINDOWS\System32\DRIVERS\nvgts.sys [168040 2010-04-09] (NVIDIA Corporation) S3 PAC7302; C:\WINDOWS\System32\DRIVERS\PAC7302.SYS [461824 2009-04-28] (PixArt Imaging Inc.) S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation) R3 winachsf; C:\WINDOWS\System32\DRIVERS\HSFCXTS2.sys [685056 2004-08-03] (Conexant Systems, Inc.) S4 IntelIde; No ImagePath U5 Nsynas32; C:\Windows\System32\Drivers\Nsynas32.sys [17784 2001-04-09] (Syncrosoft Hard- und Software GmbH) U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation) U1 WS2IFSL; U3 aswMBR; \??\C:\DOCUME~1\SLAVKO~1\LOCALS~1\Temp\aswMBR.sys [x] U3 mbr; \??\C:\DOCUME~1\SLAVKO~1\LOCALS~1\Temp\mbr.sys [x] U3 uxtdypob; \??\C:\DOCUME~1\SLAVKO~1\LOCALS~1\Temp\uxtdypob.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-01-28 23:30 - 2014-01-28 23:30 - 00000000 ____D C:\FRST 2014-01-28 23:05 - 2014-01-28 23:05 - 00002128 _____ C:\Documents and Settings\Slavko Radic\Desktop\aswMBR.txt 2014-01-28 23:05 - 2014-01-28 23:05 - 00000512 _____ C:\Documents and Settings\Slavko Radic\Desktop\MBR.dat 2014-01-28 17:48 - 2014-01-28 17:50 - 01463630 _____ C:\Documents and Settings\Slavko Radic\Downloads\snes9x-1.53-win32.zip 2014-01-27 18:37 - 2014-01-27 18:41 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Local Settings\Application Data\FilesFrog Update Checker 2014-01-16 19:16 - 2014-01-28 22:21 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Application Data\Skype 2014-01-15 19:45 - 2014-01-15 19:45 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Application Data\WinRAR 2014-01-05 22:17 - 2014-01-05 22:18 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SoftWarehouse 2014-01-05 15:12 - 2014-01-05 23:40 - 00000000 ____D C:\Documents and Settings\Slavko Radic\My Documents\My Games 2014-01-05 01:10 - 2014-01-05 22:19 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\cff81145b297ae00 2014-01-05 01:10 - 2014-01-05 01:10 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Local Settings\Application Data\Google 2014-01-05 01:10 - 2014-01-05 01:10 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Local Settings\Application Data\Comodo 2014-01-05 01:10 - 2014-01-05 01:10 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Local Settings\Application Data\Comodo 2014-01-04 21:23 - 2014-01-04 21:23 - 00000045 _____ C:\WINDOWS\system32\initdebug.nfo 2013-12-29 22:50 - 2013-12-29 22:50 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\KONAMI ==================== One Month Modified Files and Folders ======= 2014-01-28 23:30 - 2014-01-28 23:30 - 00000000 ____D C:\FRST 2014-01-28 23:06 - 2012-04-13 15:30 - 00000830 ____C C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-01-28 23:05 - 2014-01-28 23:05 - 00002128 _____ C:\Documents and Settings\Slavko Radic\Desktop\aswMBR.txt 2014-01-28 23:05 - 2014-01-28 23:05 - 00000512 _____ C:\Documents and Settings\Slavko Radic\Desktop\MBR.dat 2014-01-28 22:24 - 2012-03-05 21:52 - 00000000 __SHD C:\Documents and Settings\Slavko Radic\UserData 2014-01-28 22:24 - 2012-03-01 18:30 - 00000000 ____D C:\Documents and Settings\Slavko Radic 2014-01-28 22:21 - 2014-01-16 19:16 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Application Data\Skype 2014-01-28 22:20 - 2012-04-18 19:49 - 00002265 ____C C:\Documents and Settings\All Users\Desktop\Skype.lnk 2014-01-28 22:20 - 2012-03-01 18:24 - 01150647 ____C C:\WINDOWS\WindowsUpdate.log 2014-01-28 17:50 - 2014-01-28 17:48 - 01463630 _____ C:\Documents and Settings\Slavko Radic\Downloads\snes9x-1.53-win32.zip 2014-01-28 10:59 - 2013-07-08 19:00 - 00000324 ____C C:\WINDOWS\Tasks\YourFile DownloaderUpdate.job 2014-01-28 10:59 - 2012-03-01 19:17 - 00000159 ____C C:\WINDOWS\wiadebug.log 2014-01-28 10:59 - 2012-03-01 19:17 - 00000049 ____C C:\WINDOWS\wiaservc.log 2014-01-28 10:59 - 2012-03-01 18:29 - 00000006 ___HC C:\WINDOWS\Tasks\SA.DAT 2014-01-28 10:06 - 2012-03-01 18:30 - 00000178 __SHC C:\Documents and Settings\Slavko Radic\ntuser.ini 2014-01-28 10:06 - 2012-03-01 18:29 - 00032620 ____N C:\WINDOWS\SchedLgU.Txt 2014-01-27 23:02 - 2012-08-10 19:55 - 01073452 ____C C:\WINDOWS\system32\nvdrsdb1.bin 2014-01-27 23:02 - 2012-08-10 19:55 - 00000001 ____C C:\WINDOWS\system32\nvdrssel.bin 2014-01-27 23:01 - 2012-08-10 19:55 - 01073452 ____C C:\WINDOWS\system32\nvdrsdb0.bin 2014-01-27 18:47 - 2012-03-02 15:45 - 00000000 ___RD C:\Documents and Settings\Slavko Radic\Desktop\igre 2014-01-27 18:41 - 2014-01-27 18:37 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Local Settings\Application Data\FilesFrog Update Checker 2014-01-27 18:41 - 2012-03-05 12:35 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Local Settings\Application Data\Google 2014-01-27 18:41 - 2012-03-05 12:34 - 00000000 ____D C:\Program Files\Google 2014-01-27 18:40 - 2013-01-21 11:30 - 00000803 _____ C:\Documents and Settings\Slavko Radic\Start Menu\Programs\Internet Explorer.lnk 2014-01-27 15:37 - 2004-08-04 13:00 - 00002206 ____C C:\WINDOWS\system32\wpa.dbl 2014-01-18 12:12 - 2013-12-28 22:40 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Desktop\Important 2014-01-16 21:12 - 2012-03-01 19:13 - 00000223 ___SH C:\boot.ini 2014-01-16 21:12 - 2004-08-04 13:00 - 00000852 ____C C:\WINDOWS\win.ini 2014-01-16 21:12 - 2004-08-04 13:00 - 00000227 ____C C:\WINDOWS\system.ini 2014-01-15 19:45 - 2014-01-15 19:45 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Application Data\WinRAR 2014-01-15 09:04 - 2013-08-14 21:57 - 00000000 ____D C:\WINDOWS\system32\MRT 2014-01-15 08:59 - 2012-05-26 05:49 - 83425928 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-01-07 00:56 - 2012-03-01 18:36 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2014-01-06 18:47 - 2012-03-02 21:39 - 00000634 ____C C:\WINDOWS\SIERRA.INI 2014-01-05 23:40 - 2014-01-05 15:12 - 00000000 ____D C:\Documents and Settings\Slavko Radic\My Documents\My Games 2014-01-05 22:19 - 2014-01-05 01:10 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\cff81145b297ae00 2014-01-05 22:18 - 2014-01-05 22:17 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SoftWarehouse 2014-01-05 22:18 - 2013-07-07 20:00 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\InstallMate 2014-01-05 20:22 - 2012-04-07 09:48 - 00000023 ____C C:\WINDOWS\BlendSettings.ini 2014-01-05 15:26 - 2012-03-01 18:23 - 00000000 ____D C:\WINDOWS\system32\DirectX 2014-01-05 01:10 - 2014-01-05 01:10 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Local Settings\Application Data\Google 2014-01-05 01:10 - 2014-01-05 01:10 - 00000000 ____D C:\Documents and Settings\UpdatusUser\Local Settings\Application Data\Comodo 2014-01-05 01:10 - 2014-01-05 01:10 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Local Settings\Application Data\Comodo 2014-01-04 21:23 - 2014-01-04 21:23 - 00000045 _____ C:\WINDOWS\system32\initdebug.nfo 2014-01-03 16:29 - 2012-03-01 18:30 - 00001599 _____ C:\Documents and Settings\Slavko Radic\Start Menu\Programs\Remote Assistance.lnk 2013-12-31 14:30 - 2013-01-13 15:18 - 00000000 ____D C:\Documents and Settings\Slavko Radic\Application Data\AIMP3 2013-12-29 22:50 - 2013-12-29 22:50 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\KONAMI ==================== Bamital & volsnap Check ================= C:\WINDOWS\explorer.exe => MD5 is legit C:\WINDOWS\system32\winlogon.exe => MD5 is legit C:\WINDOWS\system32\svchost.exe => MD5 is legit C:\WINDOWS\system32\services.exe => MD5 is legit C:\WINDOWS\system32\User32.dll => MD5 is legit C:\WINDOWS\system32\userinit.exe => MD5 is legit C:\WINDOWS\system32\rpcss.dll => MD5 is legit C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit ==================== End Of Log ============================ https://www.mycity.rs/must-login.png Imas neki savet? Mislim da li nesto treba da obrisem sa kompa? I kako da obrisem ono iz korpe? Dopuna: 28 Jan 2014 23:38 Jedino ne volim ovaj kompjuter jer mnogo koci kad igras igre mislim onako baguje i tako to.Jer to je problem do malog MB rama i graficke ali mislim ne vredi mi ga nadogradivati jer ionako koci a i star je vise od 10 godina.Ovaj kompjuter je od kompanije fujitsu siemens.

Profil

Sass Drake Poslao: 28 Jan 2014 23:45 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ja malware i adware u izvještajima ne vidim, pa ti ostaje da uradiš sljedeće: • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja. Otvori temu u Windows potforumu i tamo objasni svoj problem.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Da li imam virus?

Ko je trenutno na forumu

Ukupno su 962 korisnika na forumu :: 26 registrovanih, 10 sakrivenih i 926 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., AK - 230, aleksandarbl, amaterSRB, aramis s, bestguarder, bojanM84, Bokiboks, Brana01, Bubimir, cinoeye, Darko001, Djokislav, gomago, Istman, JOntra, Karla, Kubovac, kunktator, marsovac 2, NoOneEver Dreams, Panter, RJ, Sirius, wolverined4, 79693

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by