racunar spor posle paljenja

racunar spor posle paljenja

offline
  • Pridružio: 27 Sep 2013
  • Poruke: 94

nov sam na ovom forumu pa ne zamjerite ako bude kakvih propusta.do pre par mjeseci racunar je radio ok ali je potom poceo da bude strasno spor posle podizanja windowsa xp(paljenja racunara).da bi otvorio recimo gugl ili mozilu treba mu 3-4 minuta.poslepar sati pogotovu uvece radi normalno.cesto ga skeniram sa avg-om koji nista ne nalazi,takodje redovno koristim cc cliner i radim defragmentaciju diska.internet mi je bezicni na neku staromodnu antenu jeste strasno spor ali kad je komp brz i internet je solidan.procesor mi je intel celeron 3,06ghz,1,0gb ram,graficka saphire radeonx600 pro 256mb.

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Pozdrav,

Isprati uputstvo i dostavi izvestaje --> http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

offline
  • Pridružio: 27 Sep 2013
  • Poruke: 94

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.17.2
Run by digital at 23:02:06 on 2013-09-27
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.239 [GMT 2:00]
.
AV: AVG AntiVirus 2014 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\DefaultTab\DefaultTabSearch.exe
C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
C:\Program Files\Yontoo\Y2Desktop.Updater.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\digital\Application Data\Yontoo\YontooDesktop.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.avira.com/?l=dis&o=APN10267&gct=hp&dc=EU&locale=en_BA
uSearch Bar = hxxp://www.searchamong.com/searchview.php?source=6987e315b363f4b09672a1cda71caea8&query={searchTerms}&cat=webs&bar=true
uSearch Page = hxxp://www.searchamong.com/searchview.php?source=6987e315b363f4b09672a1cda71caea8&query={searchTerms}&cat=webs&bar=true
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.searchamong.com/searchview.php?source=6987e315b363f4b09672a1cda71caea8&query={searchTerms}&cat=webs&bar=true
mSearchAssistant = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=390&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=5182072434134406&q={searchTerms}
mCustomizeSearch = hxxp://dnl.crawler.com/support/sa_customize.aspx?TbId=66022
uURLSearchHooks: BS Player ControlBar Toolbar: {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - c:\program files\bs_player\prxtbBS_2.dll
BHO: Claro LTD Helper Object: {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - c:\program files\claro ltd\claro\1.8.3.10\bh\claro.dll
BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - LocalServer32 - <no file>
BHO: FastestTube: {3E532CE8-C6D9-4A10-8ACE-4348C96E8B6A} - c:\program files\fastesttube\2.1.9\WombatBHO.dll
BHO: Cool Smiley Bar for Facebook: {4723AAA8-B2F9-4CC1-9E60-190976DB1FA4} - c:\program files\cool smiley bar for facebook\ScriptHost.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: DealPly: {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - LocalServer32 - <no file>
BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Softonic Helper Object: {E87806B5-E908-45FD-AF5E-957D83E58E68} - c:\program files\softonic\softonic\1.6.7.4\bh\Softonic.dll
BHO: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - LocalServer32 - <no file>
BHO: BS Player ControlBar Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\bs_player\prxtbBS_2.dll
TB: BS Player ControlBar Toolbar: {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - c:\program files\bs_player\prxtbBS_2.dll
TB: BS Player ControlBar Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\bs_player\prxtbBS_2.dll
TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - LocalServer32 - <no file>
TB: Claro LTD Toolbar: {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - c:\program files\claro ltd\claro\1.8.3.10\claroTlbr.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Yontoo Desktop] "c:\documents and settings\digital\application data\yontoo\YontooDesktop.exe"
mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
mRun: [TWCU] "c:\program files\tp-link\tp-link 54m wireless client utility\TWCU.exe" -nogui
mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
mRun: [vProt] "c:\program files\avg safeguard toolbar\vprot.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
TCP: NameServer = 10.0.0.1 87.250.98.250 87.250.97.250
TCP: Interfaces\{05F2CDEC-E13B-4347-9AC3-5465F5FCC2C3} : DHCPNameServer = 10.0.0.1 87.250.98.250 87.250.97.250
TCP: Interfaces\{9367FD5D-2693-4233-A7CC-895777A2D734} : NameServer = 91.191.59.118 87.250.98.250
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\15.5.0\ViProtocol.dll
Notify: AtiExtEvent - Ati2evxx.dll
AppInit_DLLs= c:\docume~1\alluse~1\applic~1\browse~2\261339~1.144\{c16c1~1\browse~1.dll
LSA: Authentication Packages = msv1_0 nwprovau
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\29.0.1547.76\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\digital\application data\mozilla\firefox\profiles\g2zdq4un.default-1366142093421\
FF - prefs.js: browser.search.selectedEngine - eBay.co.uk
FF - prefs.js: browser.startup.homepage - hxxp://search.avira.com/?l=dis&o=APN10267&gct=hp&dc=EU&locale=en_BA
FF - plugin: c:\documents and settings\digital\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\games\greenwebplayer\npgreenwebplayer.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\15.5.0\npsitesafety.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1203133.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_168.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-09-02 16:05; WebSiteRecommendation@weliketheweb.com; c:\documents and settings\digital\application data\mozilla\firefox\profiles\g2zdq4un.default-1366142093421\extensions\WebSiteRecommendation@weliketheweb.com
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-7-20 146232]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-7-20 223032]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-7-1 102200]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-7-10 26936]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2013-8-1 120120]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-7-20 209208]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22840]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-7-20 176952]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 193848]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-9-2 37664]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2012/02/09 12:22:29];c:\program files\cyberlink\powerdvd9\000.fcl [2009-5-7 87536]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2013-8-27 3534896]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2013-8-20 300640]
R2 DefaultTabSearch;DefaultTabSearch;c:\program files\defaulttab\DefaultTabSearch.exe [2013-2-11 572928]
R2 IBUpdaterService;Updater Service;c:\documents and settings\all users\application data\ibupdaterservice\ibsvc.exe [2013-6-10 703264]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\common files\pc tools\smonitor\StartManSvc.exe [2013-9-4 794272]
R2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.5.0\ToolbarUpdater.exe [2013-9-4 1643184]
R2 Yontoo Desktop Updater;Yontoo Desktop Updater;c:\program files\yontoo\Y2Desktop.Updater.exe [2013-3-12 23552]
R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [2012-2-9 1287296]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2013-09-16 13:09:46 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-16 13:09:46 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-08-22 21:37:18 176952 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-08-22 20:56:56 209208 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-08-22 20:56:16 223032 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-08-22 20:56:16 146232 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-08-09 01:56:45 386560 ----a-w- c:\windows\system32\themeui.dll
2013-08-08 06:05:59 920064 ----a-w- c:\windows\system32\wininet.dll
2013-08-08 06:05:59 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-08-08 06:05:59 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-08-08 06:05:58 18944 ----a-w- c:\windows\system32\corpol.dll
2013-08-08 01:27:48 1877760 ----a-w- c:\windows\system32\win32k.sys
2013-08-08 00:02:34 385024 ----a-w- c:\windows\system32\html.iec
2013-08-05 13:30:32 1289728 ----a-w- c:\windows\system32\ole32.dll
2013-08-01 14:08:52 193848 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2013-08-01 14:06:40 22840 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2013-08-01 14:06:14 120120 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2013-08-01 14:05:58 26936 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2013-07-31 13:11:22 810496 ----a-w- c:\windows\system32\wmvdmod.dll
2013-07-10 10:37:53 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-04 03:03:25 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-04 02:08:30 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2003-02-17 19:13:42 1164640 ----a-w- c:\program files\unins000.exe
.
============= FINISH: 23:02:58,18 ===============

mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Korak 1.


Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt




Korak 2.


Preuzmi program GMER sa donjeg linka na Desktop:


GMER download
Klikni dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.



Dvoklikom pokrenite GMER.
Sačekaj da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, klikni No;

klikni Scan i sačekaj da skeniranje bude završeno;

klikni Save ... - izveštaj sačuvaj na Desktop (pod nazivom Gmer1);

klikni desnim tasterom u prozor programa Gmer i odaberi Options > 3rd party - klikni Scan;

po završetku skeniranja klikni Save ... - izveštaj sačuvaj na Desktop (pod nazivom Gmer2);

klikni taster >>> i odaberi Autostart karticu;

po završetku kratkotrajnog skeniranja, klikni Copy;

otvori Notepad i u njega postavi kopirani tekst - izveštaj sačuvaj na Desktop (pod nazivom Gmer3);


Slikoviti prikaz postupka

Priloži sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

offline
  • Pridružio: 27 Sep 2013
  • Poruke: 94

Napisano: 28 Sep 2013 0:29

23:39:07
mycity.rs/must-login.png

Dopuna: 28 Sep 2013 0:29

u toku je drugi korak

Dopuna: 28 Sep 2013 1:06

mycity.rs/must-login.png
GMER 2.1.19163 - gmer.net
Autostart scan 2013-09-28 00:58:34
Windows 5.1.2600 Service Pack 3


HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs =

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
ACS@ = C:\WINDOWS\system32\acs.exe
ATI Smart@ = C:\WINDOWS\system32\ati2sgag.exe
AVGIDSAgent@ = "C:\Program Files\AVG\AVG2014\avgidsagent.exe"
avgwd@ = "C:\Program Files\AVG\AVG2014\avgwdsvc.exe"
DcomLaunch@ = %SystemRoot%\system32\svchost -k DcomLaunch /*file not found*/
gupdate@ = "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
JavaQuickStarterService@ = "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
PCToolsSSDMonitorSvc@ = C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
RpcSs@ = %SystemRoot%\system32\svchost -k rpcss /*file not found*/
vToolbarUpdater15.5.0@ = C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe /*file not found*/

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@CmaudioRunDll32 cmicnfg.cpl,CMICtrlWnd /*file not found*/ = RunDll32 cmicnfg.cpl,CMICtrlWnd /*file not found*/
@TWCU"C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe" -nogui = "C:\Program Files\TP-LINK\TP-LINK 54M Wireless Client Utility\TWCU.exe" -nogui
@AVG_UI"C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY = "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{42071714-76d4-11d1-8b24-00a0c9068ff3} /*Display Panning CPL Extension*/(null) =
@{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /*Autoplay for SlideShow*/(null) =
@{23170F69-40C1-278A-1000-000100020000} /*7-Zip Shell Extension*/C:\Program Files\7-Zip\7-zip.dll = C:\Program Files\7-Zip\7-zip.dll
@{1F77B17B-F531-44DB-ACA4-76ABB5010A28} /*AIMP2: ShellExt*/C:\PROGRA~1\AIMP2\System\AIMP_S~1.DLL = C:\PROGRA~1\AIMP2\System\AIMP_S~1.DLL
@{45AC2688-0253-4ED8-97DE-B5370FA7D48A} /*Shell Extension for Malware scanning*/(null) =
@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} /*AVG Shell Extension*/C:\Program Files\AVG\AVG2014\avgse.dll = C:\Program Files\AVG\AVG2014\avgse.dll
@{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} /*AVG Find Extension*/(null) =

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
7-Zip@{23170F69-40C1-278A-1000-000100020000} = C:\Program Files\7-Zip\7-zip.dll
AIMPClassic@{1F77B17B-F531-44DB-ACA4-76ABB5010A28} = C:\PROGRA~1\AIMP2\System\AIMP_S~1.DLL
AVG Shell Extension@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Program Files\AVG\AVG2014\avgse.dll

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
7-Zip@{23170F69-40C1-278A-1000-000100020000} = C:\Program Files\7-Zip\7-zip.dll
AIMPClassic@{1F77B17B-F531-44DB-ACA4-76ABB5010A28} = C:\PROGRA~1\AIMP2\System\AIMP_S~1.DLL

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\AVG Shell Extension@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Program Files\AVG\AVG2014\avgse.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{3E532CE8-C6D9-4A10-8ACE-4348C96E8B6A}C:\Program Files\FastestTube\2.1.9\WombatBHO.dll = C:\Program Files\FastestTube\2.1.9\WombatBHO.dll
@{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}C:\Program Files\Java\jre7\bin\ssv.dll = C:\Program Files\Java\jre7\bin\ssv.dll
@{DBC80044-A445-435b-BC74-9C25C1C588A9}C:\Program Files\Java\jre7\bin\jp2ssv.dll = C:\Program Files\Java\jre7\bin\jp2ssv.dll

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 >>>
@VIDC.FFDSff_vfw.dll = ff_vfw.dll
@VIDC.XVIDxvidvfw.dll = xvidvfw.dll
@VIDC.YV12yv12vfw.dll = yv12vfw.dll
@msacm.ac3acmac3acm.acm = ac3acm.acm
@msacm.lameacmlameACM.acm = lameACM.acm
@msacm.divxa32msaud32_divx.acm = msaud32_divx.acm
@vidc.VP60C:\WINDOWS\system32\vp6vfw.dll = C:\WINDOWS\system32\vp6vfw.dll
@vidc.VP61C:\WINDOWS\system32\vp6vfw.dll = C:\WINDOWS\system32\vp6vfw.dll

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://go.microsoft.com/fwlink/?LinkId=69157 = go.microsoft.com/fwlink/?LinkId=69157
@Start Pagehttp://go.microsoft.com/fwlink/?LinkId=69157 = go.microsoft.com/fwlink/?LinkId=69157
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Start Pagehttp://www.google.com = google.com
@Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
skype-ie-addon-data@CLSID = C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

HKLM\Software\Classes\PROTOCOLS\Handler\skype4com@CLSID = C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

---- EOF - GMER 2.1 ----

mycity.rs/must-login.png
gmer3 je prevelik pa ga nisam okacio vec kopirao.Pozdrav!

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Arrow Racunar je čist što se malware-a tiče. Potrebno je da ispratiš sledeće korake...



Arrow Ponovo pokreni AdwCleaner
Klikni na dugme [Uninstall] i pricekaj da se postupak uninstallacije završi.




Arrow Ostale alate obrisi rucno.



Arrow Preporučujem da za zaštitu USB memorijskih uredjaja koristiš MCShield v2. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad, a pokazao se kao jedan od najboljih vidova zaštite od malware-a koji se prenosi putem USB mem. uređaja. Skineš, instaliraš, ubodeš USB mem. uređaj, izvrši se skeniranje nakon čega dobiješ obaveštenje da je uređaj čist (ukoliko je stvarno tako); ili dobiješ log u kome vidiš informacije o malware-u koji je nađen i obrisan.


Home Page MCShield-a ::Anti-Malware Tool:: v2: http://amf.mycity.rs/mcshield/

Više o MCShield-u možeš saznati u ovim temama:
v1: http://www.mycity.rs/MyCity-Laboratorija/MCShield.html
v2: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html




Arrow Obavezno poseti temu "Testirajte da li vam je pretraživač ranjiv", pročitaj i isprati link koji stoji u njoj.
Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html



Arrow Takode, isprati i temu "Kako izbeci i ukloniti toolbar-ove" , procitaj i isprati korake u njoj. Link do teme je: http://www.mycity.rs/Zastita/Kako-izbeci-i-ukloniti-toolbar-ove.html



TwinHeadedEagle (AMF Tim)

offline
  • Pridružio: 27 Sep 2013
  • Poruke: 94

Uradio sam kako ste rekli,nesto je brzi racunar samo podizanje Windowsa na paljenju od jutros traje jedno pet puta duze.One plave kockice ispod loga Windowsa su prije pravile petnaestak krugova a od jutros preko 60.Jos jedno pitanje posto sam dosad koristio kao antivirus neku probnu verziju avg-a od 30 dana koja istice prekosutra sta mi vi predlazete da skinem kao antivirus?Hvala!

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

U Ambulanti resavamo probleme vezane samo za malware, a posto kod tebe nije prisutan, otvori temu u Windows potforumu i tamo pitaj sta god zelis, mnogo vise ljudi ti moze pomoci...

Ko je trenutno na forumu
 

Ukupno su 686 korisnika na forumu :: 37 registrovanih, 7 sakrivenih i 642 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _commandos_, A.R.Chafee.Jr., amaterSRB, Andrija357, Battlehammer, bojank, BSD, cavatina, Cufo, dexter300, dragon986, Fog of War, galijot, gile58, hatman, Insan, ivica976, Khaless, komkom, Leonardo, Logic005, Lošmi, Marko Marković, Milan A. Nikolic, Milos ZA, Miskohd, pein, sabros, segax1, stegonosa, StepskiVuk, Tenk, trajkoni018, VaRvArI 85, vathra, willie, YU-UKI