MyCity » Ambulanta -> Arhiva Ambulante » autolt:Balero-c (wrm)

autolt:Balero-c (wrm)

Napisano na dan: 21.12.2009

Strana:
1
2

autolt:Balero-c (wrm)

Sledeća strana

Pagination

Odgovori

Strana:
1
2

AleX Poslao: 21 Dec 2009 22:56 Idi na vrh
offline AleX Građanin Pridružio: 20 Jul 2008 Poruke: 197	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Danas ga je avast otkrio. Problema na kompu nemam. Bio je u nekom fajlu, čudno se zvaže, nešto sa y, x, tako nešto. Ne znam ni odakle mi taj fajl. Avast nije mogao ni da obriše fajl, ni da ga popravi, ni u karantin da ga premesti. OS: Windows 7 AV: Avast, Premium. Pronašao je autolt:Balero-c (wrm). Pokušao sam da obrišem fajl, nisam uspeo. Podigao sam iz safe mode-a, a od fajla ni traga. Nema ga na mestu gde je bio (C:/users/public/documents) Onda sam zakazao skeniranje prilikom ponovnog starta sistema (preko avasta, ima on tu opciju). Skenirao se, ništa nije prikazao. Internet konekcija: DDS (Ver_09-12-01.01) - NTFSx86 Run by Alex at 22:06:00,66 on pon 21.12.2009 Internet Explorer: 8.0.7100.0 BrowserJavaVersion: 1.6.0_17 Microsoft Windows 7 Ultimate 6.1.7100.0.1250.381.1033.18.2047.1100 [GMT 1:00] ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Windows\system32\nvvsvc.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\DriveHQ\DriveHQ FileManager\DHQFMSvc.exe C:\Windows\vsnpstd3.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Windows\RtHDVCpl.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Windows\system32\OSPPSVC.EXE C:\Windows\system32\IoctlSvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Users\Alex\Program Files\DNA\btdna.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Users\Alex\AppData\Roaming\CoSoSys\CarryItEasy\CarryLaunch.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Windows\System32\alg.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\Alex\Desktop\dds.com C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uStart Page = [Link mogu videti samo ulogovani korisnici] uURLSearchHooks: DigitalPowered Toolbar: {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - c:\program files\digitalpowered\tbDigi.dll mURLSearchHooks: DigitalPowered Toolbar: {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - c:\program files\digitalpowered\tbDigi.dll BHO: IEPlugin Class: {11222041-111b-46e3-bd29-efb2449479b1} - d:\progra~3\arcsoft\mediac~1\intern~1\ARCURL~1.DLL BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~4\office14\GROOVEEX.DLL BHO: Windows Live pomagač za prijavljivanje: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: DigitalPowered Toolbar: {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - c:\program files\digitalpowered\tbDigi.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~4\office14\URLREDIR.DLL BHO: QUICKfind BHO Object: {c08df07a-3e49-4e25-9ab0-d3882835f153} - c:\progra~1\idm\quickf~1\plugins\IEHelp.dll BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\free download manager\iefdm2.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: DigitalPowered Toolbar: {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - c:\program files\digitalpowered\tbDigi.dll TB: Alive Text to Speech: {954f618b-0dec-4d1a-9317-e0fc96f87865} - c:\progra~1\alivem~1\textto~1\IETOOL~1.DLL uRun: [BitTorrent DNA] "c:\users\alex\program files\dna\btdna.exe" uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 uRun: [PC Suite Tray] "d:\programski file\nokia\nokia pc suite 7\PCSuite.exe" -onlytray uRun: [googletalk] c:\users\alex\appdata\roaming\google\google talk\googletalk.exe /autostart uRun: [CarryLaunch] c:\users\alex\appdata\roaming\cososys\carryiteasy\CarryLaunch.exe uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized uRun: [fsm] uRun: [OpenDNS Updater] "c:\program files\opendns updater\OpenDNSUpdater.exe" /autostart mRun: [snpstd3] c:\windows\vsnpstd3.exe mRun: [avast!] "c:\program files\alwil software\avast4\ashDisp.exe" mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe" mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [Skytel] Skytel.exe mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [GrooveMonitor] c:\progra~1\micros~4\office14\GROOVEMN.EXE mRun: [Adobe Reader Speed Launcher] "d:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Device Detector] DevDetect.exe -autorun mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [TV Card Remote Control Device Monitor] c:\windows\713xRMTMon.exe mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe" StartupFolder: c:\users\alex\appdata\roaming\micros~1\windows\startm~1\programs\startup\circle~1.lnk - c:\windows\system32\circledock0.9.2alpha8.2\CircleDock.exe StartupFolder: c:\users\alex\appdata\roaming\micros~1\windows\startm~1\programs\startup\gm_dev~1.lnk - c:\program files\speed-link vibration joystick\GM_DevUpdate.exe StartupFolder: c:\users\alex\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicd~1.lnk - d:\program files\magicdisc\MagicDisc.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\philip~1.lnk - c:\philips\gogear vibe device manager\GoGear_Vibe_DeviceManager.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Download video with Free Download Manager - [Link mogu videti samo ulogovani korisnici]\program files\free download manager\dlfvideo.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office14\EXCEL.EXE/3000 IE: Preuzmi odabrano Free Download Manager-om - [Link mogu videti samo ulogovani korisnici]\program files\free download manager\dlselected.htm IE: Preuzmi sa Free Download Managerom - [Link mogu videti samo ulogovani korisnici]\program files\free download manager\dllink.htm IE: Preuzmi sve sa Free Download Manager-om - [Link mogu videti samo ulogovani korisnici]\program files\free download manager\dlall.htm IE: S&end to OneNote - c:\progra~1\micros~4\office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll DPF: Microsoft XML Parser for Java - [Link mogu videti samo ulogovani korisnici] DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [Link mogu videti samo ulogovani korisnici] TCP: {E5A09A51-EE2B-43A9-BD0D-48E2F38566F4} = 217.26.71.3,79.101.10.2 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~4\office14\GROOVEEX.DLL ================= FIREFOX =================== FF - ProfilePath - c:\users\alex\appdata\roaming\mozilla\firefox\profiles\0k2rack0.default\ FF - prefs.js: browser.startup.homepage - google.rs FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - component: d:\programski file\arcsoft\media converter for philips\internet video downloader\plugin_firefox\components\nsURLRecordEx.dll FF - component: d:\programski file\nokia\nokia pc suite 7\bkmrksync\components\BkMrkExt.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\users\alex\program files\dna\plugins\npbtdna.dll FF - plugin: d:\program files\adobe\reader 9.0\reader\browser\nppdf32.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- FF - user.js: browser.blink_allowed - true FF - user.js: network.prefetch-next - true FF - user.js: nglayout.initialpaint.delay - 50 FF - user.js: layout.spellcheckDefault - 1 FF - user.js: browser.search.openintab - false FF - user.js: browser.tabs.closeButtons - 1 FF - user.js: browser.tabs.opentabfor.middleclick - true FF - user.js: browser.tabs.tabMinWidth - 100 ============= SERVICES / DRIVERS =============== R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-6-25 114768] R2 713xTVCard;SAA7130 TV Card;c:\windows\system32\drivers\SAA713x.sys [2009-6-25 289280] R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\common files\abbyy\finereader\9.00\licensing\pe\NetworkLicenseServer.exe [2008-10-27 759072] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-6-25 20560] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-6-25 53328] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-9-3 138680] R2 DriveHQ FileManagerFun;DriveHQ FileManagerFun;c:\program files\drivehq\drivehq filemanager\DHQFMSvc.exe [2009-11-19 46080] R2 osppsvc;Office Software Protection Platform;c:\windows\system32\OSPPSVC.EXE [2009-4-8 4319136] R2 TeamViewer4;TeamViewer 4;c:\program files\teamviewer\version4\TeamViewer_Service.exe [2009-10-7 185640] R2 WDMTVTuner;Universal WDM TV Tuner;c:\windows\system32\drivers\WDMTuner.sys [2009-6-25 26880] R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-9-3 254040] R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-9-3 352920] R3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2009-4-22 980992] R3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2009-4-22 266752] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-9-30 133104] S3 3xHybrid;SAA713x TV Card Service;c:\windows\system32\drivers\3xHybrid.sys [2007-7-6 906368] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-4-22 229888] S3 GMFilter;GMFilter HID Filter Driver;c:\windows\system32\drivers\GMFilter.sys [2009-7-16 19840] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2009-4-25 33480048] =============== Created Last 30 ================ 2009-12-20 11:28:14 835 ----a-w- c:\users\alex\.recently-used.xbel 2009-12-20 11:19:08 0 d-----w- c:\users\alex\.thumbnails 2009-12-19 13:24:53 0 d-----w- c:\users\alex\appdata\roaming\OpenDNS Updater 2009-12-19 13:24:52 0 d-----w- c:\program files\OpenDNS Updater 2009-12-19 11:38:33 0 d-----w- C:\mot 2009-12-17 18:06:20 491520 ----a-w- c:\windows\system32\NCTAudioFile.dll 2009-12-17 18:06:20 158208 ----a-w- c:\windows\system32\NCTTextToAudio.dll 2009-12-17 18:06:20 120832 ----a-w- c:\windows\system32\lame_enc.dll 2009-12-17 18:06:19 0 d-----w- c:\program files\AliveMedia 2009-12-17 18:01:01 22096 ----a-w- c:\users\alex\shema.mp3.sfk 2009-12-17 18:01:00 2047480 ----a-w- c:\users\alex\shema.mp3 2009-12-17 14:27:29 41756 ----a-w- c:\users\alex\n_msn_login_backround.jpg 2009-12-16 20:13:23 0 d-----w- C:\dnevnik2 2009-12-16 19:57:23 5453 ----a-w- c:\users\alex\n_msn_backround.jpg 2009-12-16 18:17:54 60824 ----a-w- c:\users\alex\msn backround.jpg 2009-12-05 19:55:41 0 d-----w- c:\users\alex\appdata\roaming\WebCam Recorder 2009-12-05 19:55:38 0 d-----w- c:\program files\Solent 2009-11-30 17:02:40 171144 ----a-w- c:\windows\system32\xliveinstall.dll 2009-11-30 17:02:38 72840 ----a-w- c:\windows\system32\xliveinstallhost.exe 2009-11-29 14:35:09 0 d-----w- c:\users\alex\appdata\roaming\ManyCam 2009-11-29 11:17:14 0 d-----w- c:\program files\SystemRequirementsLab 2009-11-29 11:11:08 0 d-----w- c:\users\alex\appdata\roaming\Software Informer 2009-11-29 11:11:07 0 d-----w- c:\program files\Software Informer ==================== Find3M ==================== 2009-12-21 20:49:15 633354 ----a-w- c:\windows\system32\perfh007.dat 2009-12-21 20:49:15 125688 ----a-w- c:\windows\system32\perfc007.dat 2009-11-09 12:25:57 3288 ------w- C:\bootsqm.dat 2009-11-07 20:20:44 55243 ----a-w- c:\windows\War3Unin.dat 2009-11-07 20:17:50 2829 ----a-w- c:\windows\War3Unin.pif 2009-11-07 20:17:50 139264 ----a-w- c:\windows\War3Unin.exe 2009-11-06 09:59:54 15406728 ----a-w- c:\windows\system32\xlive.dll 2009-11-06 09:59:54 13642888 ----a-w- c:\windows\system32\xlivefnt.dll 2009-11-02 19:42:06 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-10-22 15:04:44 315392 ----a-w- c:\windows\system32\TubeFinder.exe 2009-10-11 03:17:27 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-09-27 16:47:30 2173544 ----a-w- c:\windows\system32\nvcplui.exe 2009-09-27 16:47:00 92776 ----a-w- c:\windows\system32\nvmctray.dll 2009-09-27 16:47:00 805480 ----a-w- c:\windows\system32\nvsvc.dll 2009-09-27 16:47:00 4033128 ----a-w- c:\windows\system32\nvvitvs.dll 2009-09-27 16:47:00 3553896 ----a-w- c:\windows\system32\nvgames.dll 2009-09-27 16:47:00 3172968 ----a-w- c:\windows\system32\nvwss.dll 2009-09-27 16:47:00 215656 ----a-w- c:\windows\system32\nvvsvc.exe 2009-09-27 16:47:00 195176 ----a-w- c:\windows\system32\nvmccss.dll 2009-09-27 16:47:00 1309288 ----a-w- c:\windows\system32\nvsvs.dll 2009-09-27 16:47:00 1292904 ----a-w- c:\windows\system32\nvmobls.dll 2009-09-27 16:46:00 4942440 ----a-w- c:\windows\system32\nvdisps.dll 2009-09-27 16:46:00 13949544 ----a-w- c:\windows\system32\nvcpl.dll 2009-09-22 21:49:35 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2009-06-26 15:48:24 38062 ----a-w- c:\windows\inf\perflib\0407\perfd.dat 2009-06-26 15:48:24 38062 ----a-w- c:\windows\inf\perflib\0407\perfc.dat 2009-06-26 15:48:24 295938 ----a-w- c:\windows\inf\perflib\0407\perfi.dat 2009-06-26 15:48:24 295938 ----a-w- c:\windows\inf\perflib\0407\perfh.dat 2009-04-22 09:01:08 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat 2009-04-22 09:01:08 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat 2009-04-22 09:01:08 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat 2009-04-22 09:01:08 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat 2009-04-22 08:14:13 174 --sha-w- c:\program files\desktop.ini 2009-04-22 04:38:41 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2009-04-22 04:38:41 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2009-04-22 04:38:39 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2009-04-22 04:38:39 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2009-03-27 04:24:20 9633792 --sha-r- c:\windows\fonts\StaticCache.dat 2009-06-25 13:10:10 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat 2009-04-22 05:19:40 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7100.0_none_624b25e9a4cb0444\WinMail.exe ============= FINISH: 22:06:55,93 =============== [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici]

Profil

Bogdan-Tc Poslao: 22 Dec 2009 16:17 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Za početak mi postavi izveštaj od Avast_a da vidim šta je to pronašao.

Profil

AleX Poslao: 22 Dec 2009 23:14 Idi na vrh
offline AleX Građanin Pridružio: 20 Jul 2008 Poruke: 197	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Evo ti u attachment-u celokupan izveštaj. [Link mogu videti samo ulogovani korisnici]

Profil

Bogdan-Tc Poslao: 22 Dec 2009 23:44 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1. Preuzmi AVZ Antiviral Toolkit sa sledećeg linka : [Link mogu videti samo ulogovani korisnici] Raspakuj arhivu u neki folder (uputstvo), a zatim: pokreni AVZ (dvoklikom na ikonicu); u meniju izaberi File > Standard Scripts; u prozoru koji se otvori štikliraj opciju 2 i klikni Execute Selected Scripts; klikni Yes; po završetku skeniranja dobićeš obaveštenje: Script Executed; izađi iz programa. Uploaduj fajl virusinfo_syscheck.zip koji se nalazi u avz\log folderu na forum.

Profil

AleX Poslao: 23 Dec 2009 13:10 Idi na vrh
offline AleX Građanin Pridružio: 20 Jul 2008 Poruke: 197	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: [Link mogu videti samo ulogovani korisnici]

Profil

Bogdan-Tc Poslao: 23 Dec 2009 20:54 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 2. Pokreni AVZ Antiviral Toolkit u meniju izaberi File > Custom Scripts; u prozor koji se otvori iskopiraj sve što se nalazi unutar Kod polja: `begin SearchRootkit(true, true); SetAVZGuardStatus(True); QuarantineFile('C:\Users\Public\Documents\ylyrvw.exe',''); DeleteFile('C:\Users\Public\Documents\ylyrvw.exe'); BC_ImportDeletedList; BC_Activate; ExecuteSysClean; RebootWindows(true); end.` klikni taster Run i sačekaj da se skripta izvrši. Da bi videli rezultate obrade skripte neophodno je da ponoviš samo skeniranje AVZ alatom opisano u Koraku 1 i ponovo uploaduješ virusinfo_syscheck.zip.

Profil

AleX Poslao: 23 Dec 2009 22:32 Idi na vrh
offline AleX Građanin Pridružio: 20 Jul 2008 Poruke: 197	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Hvala. Mogu li da znam čime je moj PC bio zaražen? Šta je radio taj virus? Zašto se (i pre ove radnje sa ovim alatima) fajl s virusom izgubio? [Link mogu videti samo ulogovani korisnici]

Profil

Bogdan-Tc Poslao: 23 Dec 2009 23:01 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Prvo da rešimo problem. Pronađi i okači izveštaj Stalna zaštita ili Resident protection... Nalazi se u Report folderu. C:\Program Files\Alwil Software\Avast4\DATA\report\.

Profil

AleX Poslao: 24 Dec 2009 14:17 Idi na vrh
offline AleX Građanin Pridružio: 20 Jul 2008 Poruke: 197	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: [Link mogu videti samo ulogovani korisnici]

Profil

Bogdan-Tc Poslao: 24 Dec 2009 23:21 Idi na vrh
offline Bogdan-Tc Anti Malware Fighter Rank 1 Pridružio: 04 Jan 2009 Poruke: 2168	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logovi deluju ok i nema tragova malware-a. Isprati još sledeće uputstvo... Potrebno je deinstalirati AVZ Antiviral Toolkit. Pokreni AVZ (dvoklikom na ikonicu); U meniju izaberi File>Standard Scripts; U prozoru koji se otvori štikliraj opciju 6 i klikni na Execute Selected Scripts; Klikni Yes; Po završetku postupka dobićeš obaveštenje: Script Executed; Izađi iz programa i obriši folder gde je program raspakovan.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » autolt:Balero-c (wrm)

Ko je trenutno na forumu

Ukupno su 536 korisnika na forumu :: 49 registrovanih, 0 sakrivenih i 487 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: ArmFPGA, Avalon015, Beanara, Bolencebl, BSD, comi, Cp6uH, DejanCG, DJUNTA, draganl, GrammaticalAnalysis, GT, Hans Gajger, ILGromovnik, istina, Jovan.D, Karla, lakson001, Leonov, Makarid, Medojed, mikki jons, Milos82, mir, mkukoleca, Naj-Turs, obsidian, Ognjen D., Parker, PlayerOne, rambod, renvoi, robert90, RS28, samocitam, saputnik plavetnila, Shilok, shiro, sovanova95, trutcina, US_Rank_0, Valter071, vaso1, Vlad000, Vzor50, wolverined4, Zastava, Zeljo980, zoran77

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by