MyCity » Ambulanta -> Arhiva Ambulante » Virus ili nesto drugo?

Virus ili nesto drugo?

Napisano na dan: 10.3.2011

Strana:
1
2

Virus ili nesto drugo?

Sledeća strana

Pagination

Odgovori

Strana:
1
2

elvin85 Poslao: 10 Mar 2011 15:47 Idi na vrh
offline elvin85 Novi MyCity građanin Pridružio: 10 Mar 2011 Poruke: 27	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Sinoc sam najnormalnije ugasio komjuter i ostao je u normalnom stanju. Danas kada sam ga upalio u crnom okviru izbacilo mi je da se virus nalazi na hard disku i da posjetim stranicu antivirus.com Kada se sistem podigao upalio sam skeniranje na aviri i hajmo reci da se racunar unormalio kol'ko tol'ko. Eh sada svaki put kada ga upalim ponudi mi da startam preko: -Microsoft windows recovery console -ili Microsoft windows XP Profesional. I naravno pocelo je da mi dosadjuje u donjem desnom uglu YOUR COMP MIGHT BE AT RISK. Eh sta sad da radim. Jek' imam zarazu, jesam li je otklonio ili? Hvalas unaprijed mycity.rs/must-login.png mycity.rs/must-login.png

Profil

dr_Bora Poslao: 10 Mar 2011 16:24 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Isprati uputstvo za 32-bitni Windows.

Profil

elvin85 Poslao: 10 Mar 2011 17:05 Idi na vrh
offline elvin85 Novi MyCity građanin Pridružio: 10 Mar 2011 Poruke: 27	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: . DDS (Ver_11-03-05.01) - FAT32x86 Run by Ermin at 16:52:45.53 on čet 10.03.2011 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.2.1250.385.1033.18.512.143 [GMT 1:00] . AV: AntiVir Desktop Enabled/Updated {AD166499-45F9-482A-A743-FDD3350758C7} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch SVCHOST.EXE C:\WINDOWS\System32\svchost.exe -k netsvcs SVCHOST.EXE SVCHOST.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe -k imgsvc C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\Ermin\My Documents\Downloads\dds.scr . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.ba/ uURLSearchHooks: Cram Toolbar: {01e69986-a054-4c52-abe8-ef63df1c5211} - c:\program files\cram toolbar\untitled1.dll BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - No File BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: ST: {9394ede7-c8b5-483e-8773-474bf36af6e4} - c:\program files\msn apps\st\01.03.0000.1005\en-xu\stmain.dll BHO: MSNToolBandBHO: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\01.02.5000.1021\en-us\msntb.dll TB: Cram Toolbar: {01e69986-a054-4c52-abe8-ef63df1c5211} - c:\program files\cram toolbar\untitled1.dll TB: MSN: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\01.02.5000.1021\en-us\msntb.dll TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File TB: {147D6308-0614-4112-89B1-31402F9B82C4} - No File TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [nwiz] nwiz.exe /install mycity.rs/must-login.png mycity.rs/must-login.png

Profil

dr_Bora Poslao: 10 Mar 2011 20:23 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! 1. Glavni DDS log (DDS.txt) nije kompletno iskopiran. 2. Umesto Attach.txt su uploadovao sam program DDS (DDS.scr). Probaj opet taj korak da odradiš.

Profil

elvin85 Poslao: 10 Mar 2011 20:54 Idi na vrh
offline elvin85 Novi MyCity građanin Pridružio: 10 Mar 2011 Poruke: 27	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 10 Mar 2011 20:53 DDS (Ver_11-03-05.01) - FAT32x86 Run by Ermin at 20:51:41.70 on čet 10.03.2011 Internet Explorer: 8.0.6001.18702 Microsoft Windows XP Professional 5.1.2600.2.1250.385.1033.18.512.275 [GMT 1:00] . AV: AntiVir Desktop Enabled/Updated {AD166499-45F9-482A-A743-FDD3350758C7} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch SVCHOST.EXE C:\WINDOWS\System32\svchost.exe -k netsvcs SVCHOST.EXE SVCHOST.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe -k imgsvc C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\Ermin\My Documents\Downloads\dds.scr . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.ba/ uURLSearchHooks: Cram Toolbar: {01e69986-a054-4c52-abe8-ef63df1c5211} - c:\program files\cram toolbar\untitled1.dll BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - No File BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: ST: {9394ede7-c8b5-483e-8773-474bf36af6e4} - c:\program files\msn apps\st\01.03.0000.1005\en-xu\stmain.dll BHO: MSNToolBandBHO: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\01.02.5000.1021\en-us\msntb.dll TB: Cram Toolbar: {01e69986-a054-4c52-abe8-ef63df1c5211} - c:\program files\cram toolbar\untitled1.dll TB: MSN: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\msn apps\msn toolbar\01.02.5000.1021\en-us\msntb.dll TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File TB: {147D6308-0614-4112-89B1-31402F9B82C4} - No File TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe Trusted Zone: getmirar.com\click Trusted Zone: mirarsearch.com\click Trusted Zone: mirarsearch.com\redirect Trusted Zone: net-nucleus.com\awbeta DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab DPF: Internet Explorer Classes for Java - file://c:\windows\system\iejava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} - hxxp://floridakeysmedia.tv/axiscam/Codebase/AxisCamControl.ocx DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\docume~1\ermin\applic~1\mozilla\firefox\profiles\482r4v2m.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - DAEMON Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.ba/ FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q= FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar . ============= SERVICES / DRIVERS =============== . R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2010-11-26 11608] R1 SysTool;SysTool Overclocking Utility;c:\windows\system32\drivers\SysTool.sys [2005-8-20 19968] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-11-26 135336] R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-11-26 267944] R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-11-26 61960] . =============== Created Last 30 ================ . 2011-03-10 14:48:50 -------- d-sh--w- C:\Recycled 2011-03-10 08:09:26 -------- d-sha-r- C:\cmdcons 2011-03-09 20:04:25 -------- d-----w- c:\docume~1\ermin\applic~1\DAEMON Tools Lite 2011-03-09 20:04:25 -------- d-----w- c:\docume~1\alluse~1\applic~1\DAEMON Tools Lite . ==================== Find3M ==================== . . ============= FINISH: 20:52:30.98 =============== Dopuna: 10 Mar 2011 20:54 . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_11-03-05.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 22.8.2004 21:52:41 System Uptime: 10.3.2011 16:47:15 (4 hours ago) . Motherboard: ASUSTeK Computer INC. \| \| P4SE Processor: Intel(R) Pentium(R) 4 CPU 2.40GHz \| PGA 478 \| 1816/100mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (FAT32) - 34 GiB total, 15.037 GiB free. D: is FIXED (FAT32) - 4 GiB total, 2.888 GiB free. E: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . Adobe Acrobat 5.0 Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Ahead Nero Burning ROM Audiograbber 1.83 SE AutoUpdate Avira AntiVir Personal - Free Antivirus BSPlayer C-Media Audio Conduit Engine Cram Toolbar DivX Player EVEREST Ultimate Edition v5.30 Football Manager 2011 hp deskjet 5550 series HP LaserJet P1000 series HP Photo and Imaging 1.0 - Scanjet 3500c Series hppMSRedist hppusgP1000 HPSSupply Islamic HDR Screen Saver K-Lite Mega Codec Pack 4.3.1 Macromedia Shockwave Player MarketResearch Microsoft .NET Framework 1.1 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2000 Professional Microsoft Text-to-Speech Engine 4.0 (English) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Mozilla Firefox (3.6.15) Mp3tag v2.47b MrvlUsgTracking MSN Toolbar MSVCRT Need for Speed™ Most Wanted NVIDIA Display Driver NVIDIA Drivers Postal 2 QuickPar 0.9 QuickTime Security Update for Windows XP (KB883939) Security Update for Windows XP (KB890046) Security Update for Windows XP (KB893756) Security Update for Windows XP (KB896358-) Security Update for Windows XP (KB896422) Security Update for Windows XP (KB896423) Security Update for Windows XP (KB896428-) Security Update for Windows XP (KB899587) Security Update for Windows XP (KB899588-) Security Update for Windows XP (KB899591) Security Update for Windows XP (KB901214) Security Update for Windows XP (KB903235) Segoe UI ShareIns Skype™ 3.6 SopCast 3.0.3 TVAnts 1.0 Update for Windows XP (KB894391) Update for Windows XP (KB896727) Update for Windows XP (KB898461) WebFldrs XP Winamp Winamp Toolbar for Firefox Windows Installer 3.1 (KB893803) Windows Internet Explorer 8 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Messenger Windows Live Sign-in Assistant Windows Live Upload Tool Windows Media Format Runtime Windows XP Hotfix - KB867282 Windows XP Hotfix - KB873333 Windows XP Hotfix - KB873339 Windows XP Hotfix - KB885250 Windows XP Hotfix - KB885835 Windows XP Hotfix - KB885836 Windows XP Hotfix - KB886185 Windows XP Hotfix - KB887742 Windows XP Hotfix - KB888113 Windows XP Hotfix - KB888302 Windows XP Hotfix - KB890047 Windows XP Hotfix - KB890175 Windows XP Hotfix - KB890859 Windows XP Hotfix - KB890923 Windows XP Hotfix - KB891781 Windows XP Hotfix - KB893066 Windows XP Hotfix - KB893086 Windows XP Service Pack 2 WinRAR archiver WinZip . ==== Event Viewer Messages From Past Week ======== . 9.3.2011 21:02:06, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} 8.3.2011 18:00:00, error: Dhcp [1002] - The IP address lease 77.78.221.150 for the Network Card with network address 00113B04F1AB has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). 8.3.2011 10:51:02, error: ipnathlp [32003] - The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code. 6.3.2011 16:21:18, error: Dhcp [1002] - The IP address lease 77.78.214.110 for the Network Card with network address 00113B04F1AB has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). 4.3.2011 16:28:10, error: Service Control Manager [7023] - The IPSEC Services service terminated with the following error: The authentication service is unknown. 4.3.2011 16:28:10, error: Service Control Manager [7023] - The BtwSrv service terminated with the following error: The specified module could not be found. 4.3.2011 16:28:10, error: Service Control Manager [7002] - The Routing and Remote Access service depends on the NetBIOSGroup group and no member of this group started. 10.3.2011 12:45:58, error: Service Control Manager [7028] - The Cfg Registry key denied access to SYSTEM account programs so the Service Control Manager took ownership of the Registry key. 10.3.2011 10:44:00, error: Dhcp [1002] - The IP address lease 77.78.226.86 for the Network Card with network address 00113B04F1AB has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). 10.3.2011 09:24:42, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: sptd . ==== End Of File ===========================

Profil

dr_Bora Poslao: 11 Mar 2011 21:29 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	2Ovo se svidja korisnicima: ThePhilosopher, Springfield Registruj se da bi pohvalio/la poruku! Pozdrav... Malo kasnim sa odgovorom. Sorry. U principu, ovo izgleda ok. Preporučujem da deinstaliraš Cram Toolbar (adware). Takođe, skini file sa donjeg linka na Desktop (desni klik, Save As): http://www.mvps.org/winhelp2002/DelDomains.inf klikni ga desnim tasterom miša i izaberi Install. Da li trenutno postoje neki konkretni problemi?

Profil

elvin85 Poslao: 12 Mar 2011 09:06 Idi na vrh
offline elvin85 Novi MyCity građanin Pridružio: 10 Mar 2011 Poruke: 27	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ma ne kasnis nista brate. Eh ovako: Cram bar nisam uspio da deinstaliram (kad kliknem na change/remove nista se ne dogodi samo se osvjezi slika). Takodjer, kada kliknem desnim klikom ne ponudi mi opciju Install vec Open itd jer se radi o nekom tekstu (samo provjeri je li dobar link). A sto se tice trenutnih problema prilikom paljenja mi i dalje nudi one iste dvije opcije i u desnom donjem uglu i dalje se pojavljuje okvir sa porukom Your com might be at risk. Izvini ti sto te zamaram. Pozdrav

Profil

dr_Bora Poslao: 12 Mar 2011 12:14 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	2Ovo se svidja korisnicima: Springfield, ThePhilosopher Registruj se da bi pohvalio/la poruku! Koristićemo program OTL (kojim si napravio prvi log u temi). Ponovo pokreni program OTL dvoklikom na ikonicu; U beli okvir prozora gde piše Custom Scans/Fixes iskopirati sledeći tekst: :OTL IE - HKCU\..\URLSearchHook: {01E69986-A054-4C52-ABE8-EF63DF1C5211} - File not found O3 - HKLM\..\Toolbar: (Cram Toolbar) - {01E69986-A054-4C52-ABE8-EF63DF1C5211} - File not found O3 - HKCU\..\Toolbar\WebBrowser: (Cram Toolbar) - {01E69986-A054-4C52-ABE8-EF63DF1C5211} - File not found O15 - HKLM\..Trusted Domains: getmirar.com ([click] http in Trusted sites) O15 - HKLM\..Trusted Domains: getmirar.com ([click] https in Trusted sites) O15 - HKLM\..Trusted Domains: mirarsearch.com ([click] http in Trusted sites) O15 - HKLM\..Trusted Domains: mirarsearch.com ([click] https in Trusted sites) O15 - HKLM\..Trusted Domains: mirarsearch.com ([redirect] http in Trusted sites) O15 - HKLM\..Trusted Domains: mirarsearch.com ([redirect] https in Trusted sites) O15 - HKLM\..Trusted Domains: net-nucleus.com ([awbeta] http in Trusted sites) O15 - HKLM\..Trusted Domains: net-nucleus.com ([awbeta] https in Trusted sites) :Files c:\program files\cram toolbar :Reg [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\XBTB00429.XBTB00429Toolbar] Klikni taster Run Fix; Log koji dobiješ iskopiraj ovde u poruci. ------------------------------------------------------------------------------------- Citat:pojavljuje okvir sa porukom Your com might be at risk. Control Panel > Security Center: sa leve strane: Change the way Security Center alerts me. Tu možeš da ugasiš ta obaveštenja. ------------------------------------------------------------------------------------- Citat:Danas kada sam ga upalio u crnom okviru izbacilo mi je da se virus nalazi na hard disku i da posjetim stranicu antivirus.com Ovo se događa pre no što se Windows pokrene. Tačno? Pretpostavljam da je ovo (ili slično) u pitanju: http://www.felgall.com/prog15.htm Inače, www.antivirus.com redirektuje na TrendMicro web site (legitiman). Znači, to možeš da ugasiš unutar CMOS Setup Utility (u "BIOS-u"). ------------------------------------------------------------------------------------- Citat:Eh sada svaki put kada ga upalim ponudi mi da startam preko: -Microsoft windows recovery console -ili Microsoft windows XP Profesional. Instalirana je Recovery Console. http://www.mycity.rs/Windows/Deinstalacija-Recovery-Console.html

Profil

elvin85 Poslao: 12 Mar 2011 14:06 Idi na vrh
offline elvin85 Novi MyCity građanin Pridružio: 10 Mar 2011 Poruke: 27	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ========== OTL ========== Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{01E69986-A054-4C52-ABE8-EF63DF1C5211} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01E69986-A054-4C52-ABE8-EF63DF1C5211}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{01E69986-A054-4C52-ABE8-EF63DF1C5211} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01E69986-A054-4C52-ABE8-EF63DF1C5211}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{01E69986-A054-4C52-ABE8-EF63DF1C5211} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01E69986-A054-4C52-ABE8-EF63DF1C5211}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\getmirar.com\click\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\getmirar.com\click\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mirarsearch.com\click\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mirarsearch.com\click\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mirarsearch.com\redirect\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mirarsearch.com\redirect\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\net-nucleus.com\awbeta\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\net-nucleus.com\awbeta\ not found. ========== FILES ========== File\Folder c:\program files\cram toolbar not found. ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\XBTB00429.XBTB00429Toolbar\ deleted successfully. OTL by OldTimer - Version 3.2.22.3 log created on 03122011_140017 Ovo je log koji sam dobio. Iskljucio sam obavjestenje za rizik kojem bi mogao biti izlozen moj komp i sta predlazes za ovu Rc? Da li da je deinstaliram?

Profil

dr_Bora Poslao: 13 Mar 2011 10:29 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preporučujem da RC ostane instalirana. Može biti od koristi nekada. Anyway, ovde ne bi trebalo biti malware-a. Pokreni OTL i klikni CleanUp. Možeš obrisati i ostale korišćene programe. Sem ako sada postoji neki konkretan problem, ovde smo gotovi.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Virus ili nesto drugo?

Ko je trenutno na forumu

Ukupno su 880 korisnika na forumu :: 14 registrovanih, 1 sakriven i 865 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: doloress, draggan, ivica976, Koridor, Kristian_KG, mikki jons, Neutral-M, robytz, scimitar19, simazr, slonic_tonic, sovanova95, stalja, Vitomir

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by