|
Poslao: 11 Maj 2011 19:55
|
offline
- Pridružio: 26 Apr 2007
- Poruke: 34
|
pokupio sam neke viruse sa usb-a i na racunaru su mi se pojavili folderi i exe fajlovi koje ne mogu da eliminisem,a racunar mi je poceo da radi usporeno.
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by don gagi slax at 18:03:04.45 on Wed 05/11/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.234 [GMT 2:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
D:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\Program Files\Avira\AntiVir Desktop\avshadow.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
D:\WINDOWS\system32\IoctlSvc.exe
D:\Program Files\Ovislink\Common\RalinkRegistryWriter.exe
D:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
D:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
D:\WINDOWS\System32\svchost.exe -k HTTPFilter
D:\WINDOWS\system32\WISPTIS.EXE
D:\Program Files\Winamp\winamp.exe
D:\Program Files\Opera\Opera.exe
D:\Program Files\GRETECH\GomPlayer\GOM.exe
D:\Documents and Settings\don gagi slax\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://vshare.toolbarhome.com/?hp=df&t=1
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uURLSearchHooks: Softonic-Eng46 Toolbar: {86bf3498-8c44-4c3d-bbfb-05bd50858039} - d:\program files\softonic-eng46\tbSof2.dll
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - d:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - d:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: {043C5167-00BB-4324-AF7E-62013FAEDACF} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - d:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - d:\program files\conduitengine\ConduitEngine.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - d:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - d:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - d:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Softonic-Eng46 Toolbar: {86bf3498-8c44-4c3d-bbfb-05bd50858039} - d:\program files\softonic-eng46\tbSof2.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - d:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - d:\program files\windows live\toolbar\wltcore.dll
BHO: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - No File
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - d:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No File
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - d:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Softonic-Eng46 Toolbar: {86bf3498-8c44-4c3d-bbfb-05bd50858039} - d:\program files\softonic-eng46\tbSof2.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - d:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - d:\program files\windows live\toolbar\wltcore.dll
TB: {043C5167-00BB-4324-AF7E-62013FAEDACF} - No File
uRun: [Google Update] "d:\documents and settings\don gagi slax\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [SpybotSD TeaTimer] d:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "d:\program files\common files\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
uRun: [SkinClock] d:\program files\atomic alarm clock\AtomicAlarmClock.exe
uRun: [MSMSGS] "d:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] d:\windows\system32\ctfmon.exe
mRun: [NeroFilterCheck] d:\program files\common files\nero\lib\NeroCheck.exe
mRun: [NBKeyScan] "d:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [QuickTime Task] "d:\program files\quicktime\qttask.exe" -atboottime
mRun: [GrooveMonitor] "d:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [avgnt] "d:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Adobe Reader Speed Launcher] "d:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "d:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [SunJavaUpdateSched] "d:\program files\common files\java\java update\jusched.exe"
IE: E&xport to Microsoft Excel - d:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - d:\program files\partygaming\partypoker\RunApp.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - d:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - d:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - d:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - d:\progra~1\spybot~1\SDHelper.dll
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - d:\program files\yahoo!\common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: {D10840D5-BD55-444F-BDD3-EC24A832B9E9} = 87.250.98.250 208.67.222.222
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - d:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: AtiExtEvent - Ati2evxx.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - d:\program files\microsoft office\office12\GrooveShellExtensions.dll
mASetup: {23KLN5J0-4OPM-11WE-AAX5-24EF1F387232} - c:\recycler\k-1-3542-4232123213-7676767-8888886\root.exe
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R1 avgio;avgio;d:\program files\avira\antivir desktop\avgio.sys [2010-6-13 11608]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;d:\program files\avira\antivir desktop\sched.exe [2010-6-13 136360]
R2 AntiVirService;Avira AntiVir Guard;d:\program files\avira\antivir desktop\avguard.exe [2010-6-13 269480]
R2 avgntflt;avgntflt;d:\windows\system32\drivers\avgntflt.sys [2010-6-13 61960]
R2 fssfltr;FssFltr;d:\windows\system32\drivers\fssfltr_tdi.sys [2009-11-24 54752]
R2 LogWatch;Event Log Watch;d:\program files\ca\sharedcomponents\ca_lic\LogWatNT.exe [2005-2-23 53248]
R2 RalinkRegistryWriter;Ralink Registry Writer;d:\program files\ovislink\common\RalinkRegistryWriter.exe [2009-10-19 69632]
S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2009-12-2 24640]
S2 Fireserv;Fireserv;"c:\fireserv\apache\bin\apache.exe" -k runservice --> c:\fireserv\apache\bin\Apache.exe [?]
S3 3xHybrid;ASUSTek SAA713x PCI Card;d:\windows\system32\drivers\3xhybrid.sys --> d:\windows\system32\drivers\3xHybrid.sys [?]
S3 fsssvc;Windows Live Family Safety Service;d:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
.
=============== Created Last 30 ================
.
2011-04-14 01:39:02 103864 ----a-w- d:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2011-03-07 05:33:50 692736 ----a-w- d:\windows\system32\inetcomm.dll
2011-03-04 06:37:06 420864 ----a-w- d:\windows\system32\vbscript.dll
2011-03-03 13:21:11 1857920 ----a-w- d:\windows\system32\win32k.sys
2011-02-24 09:02:09 0 ----a-w- d:\windows\system32\ConduitEngine.tmp
2011-02-22 23:06:29 916480 ----a-w- d:\windows\system32\wininet.dll
2011-02-22 23:06:29 43520 ----a-w- d:\windows\system32\licmgr10.dll
2011-02-22 23:06:29 1469440 ------w- d:\windows\system32\inetcpl.cpl
2011-02-22 11:41:59 385024 ----a-w- d:\windows\system32\html.iec
2011-02-17 12:32:12 5120 ----a-w- d:\windows\system32\xpsp4res.dll
2011-02-15 12:56:39 290432 ----a-w- d:\windows\system32\atmfd.dll
.
============= FINISH: 18:07:15.67 ===============
mycity.rs/must-login.png
mycity.rs/must-login.png
|
|
|
|
|
|
|
|
|
Poslao: 14 Maj 2011 00:12
|
offline
- Pridružio: 26 Apr 2007
- Poruke: 34
|
evo rezultat rada OTM programa
Error: Unable to interpret <:file > in the current context!
Error: Unable to interpret < c:\RECYCLER\k-1-3542-4232123213-7676767-8888886 > in the current context!
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{23KLN5J0-4OPM-11WE-AAX5-24EF1F387232}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{23KLN5J0-4OPM-11WE-AAX5-24EF1F387232}\ not found.
OTM by OldTimer - Version 3.1.17.2 log created on 05142011_000533
i DDS-a
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by don gagi slax at 0:08:34.40 on Sat 05/14/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.162 [GMT 2:00]
.
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
D:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Avira\AntiVir Desktop\avshadow.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
D:\WINDOWS\system32\taskmgr.exe
D:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
D:\WINDOWS\system32\IoctlSvc.exe
D:\Program Files\Ovislink\Common\RalinkRegistryWriter.exe
D:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
D:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
D:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
D:\WINDOWS\System32\svchost.exe -k HTTPFilter
D:\Program Files\Opera\opera.exe
D:\Program Files\GRETECH\GomPlayer\GOM.exe
D:\WINDOWS\system32\WISPTIS.EXE
D:\WINDOWS\system32\svchost.exe -k imgsvc
D:\Program Files\Java\jre6\bin\javaw.exe
D:\Documents and Settings\don gagi slax\Desktop\OTM.exe
D:\Documents and Settings\don gagi slax\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://vshare.toolbarhome.com/?hp=df&t=1
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uURLSearchHooks: Softonic-Eng46 Toolbar: {86bf3498-8c44-4c3d-bbfb-05bd50858039} - d:\program files\softonic-eng46\tbSof2.dll
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - d:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - d:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: {043C5167-00BB-4324-AF7E-62013FAEDACF} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - d:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - d:\program files\conduitengine\ConduitEngine.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - d:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - d:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - d:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Softonic-Eng46 Toolbar: {86bf3498-8c44-4c3d-bbfb-05bd50858039} - d:\program files\softonic-eng46\tbSof2.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - d:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - d:\program files\windows live\toolbar\wltcore.dll
BHO: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - No File
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - d:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No File
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - d:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: Softonic-Eng46 Toolbar: {86bf3498-8c44-4c3d-bbfb-05bd50858039} - d:\program files\softonic-eng46\tbSof2.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - d:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - d:\program files\windows live\toolbar\wltcore.dll
TB: {043C5167-00BB-4324-AF7E-62013FAEDACF} - No File
uRun: [Google Update] "d:\documents and settings\don gagi slax\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [SpybotSD TeaTimer] d:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "d:\program files\common files\nero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
uRun: [SkinClock] d:\program files\atomic alarm clock\AtomicAlarmClock.exe
uRun: [MSMSGS] "d:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] d:\windows\system32\ctfmon.exe
mRun: [NeroFilterCheck] d:\program files\common files\nero\lib\NeroCheck.exe
mRun: [NBKeyScan] "d:\program files\nero\nero8\nero backitup\NBKeyScan.exe"
mRun: [QuickTime Task] "d:\program files\quicktime\qttask.exe" -atboottime
mRun: [GrooveMonitor] "d:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [avgnt] "d:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Adobe Reader Speed Launcher] "d:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "d:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "d:\program files\common files\java\java update\jusched.exe"
IE: E&xport to Microsoft Excel - d:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - d:\program files\partygaming\partypoker\RunApp.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - d:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - d:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - d:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - d:\progra~1\spybot~1\SDHelper.dll
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - d:\program files\yahoo!\common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: {D10840D5-BD55-444F-BDD3-EC24A832B9E9} = 87.250.98.250 208.67.222.222
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - d:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: AtiExtEvent - Ati2evxx.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - d:\program files\microsoft office\office12\GrooveShellExtensions.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R1 avgio;avgio;d:\program files\avira\antivir desktop\avgio.sys [2010-6-13 11608]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;d:\program files\avira\antivir desktop\sched.exe [2010-6-13 136360]
R2 AntiVirService;Avira AntiVir Guard;d:\program files\avira\antivir desktop\avguard.exe [2010-6-13 269480]
R2 avgntflt;avgntflt;d:\windows\system32\drivers\avgntflt.sys [2010-6-13 61960]
R2 fssfltr;FssFltr;d:\windows\system32\drivers\fssfltr_tdi.sys [2009-11-24 54752]
R2 LogWatch;Event Log Watch;d:\program files\ca\sharedcomponents\ca_lic\LogWatNT.exe [2005-2-23 53248]
R2 RalinkRegistryWriter;Ralink Registry Writer;d:\program files\ovislink\common\RalinkRegistryWriter.exe [2009-10-19 69632]
S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2009-12-2 24640]
S2 Fireserv;Fireserv;"c:\fireserv\apache\bin\apache.exe" -k runservice --> c:\fireserv\apache\bin\Apache.exe [?]
S3 3xHybrid;ASUSTek SAA713x PCI Card;d:\windows\system32\drivers\3xhybrid.sys --> d:\windows\system32\drivers\3xHybrid.sys [?]
S3 fsssvc;Windows Live Family Safety Service;d:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
.
=============== Created Last 30 ================
.
2011-05-13 22:05:33 -------- d-----w- D:\_OTM
2011-04-14 01:39:02 103864 ----a-w- d:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M ====================
.
2011-03-07 05:33:50 692736 ----a-w- d:\windows\system32\inetcomm.dll
2011-03-04 06:37:06 420864 ----a-w- d:\windows\system32\vbscript.dll
2011-03-03 13:21:11 1857920 ----a-w- d:\windows\system32\win32k.sys
2011-02-24 09:02:09 0 ----a-w- d:\windows\system32\ConduitEngine.tmp
2011-02-22 23:06:29 916480 ----a-w- d:\windows\system32\wininet.dll
2011-02-22 23:06:29 43520 ----a-w- d:\windows\system32\licmgr10.dll
2011-02-22 23:06:29 1469440 ------w- d:\windows\system32\inetcpl.cpl
2011-02-22 11:41:59 385024 ----a-w- d:\windows\system32\html.iec
2011-02-17 12:32:12 5120 ----a-w- d:\windows\system32\xpsp4res.dll
2011-02-15 12:56:39 290432 ----a-w- d:\windows\system32\atmfd.dll
.
============= FINISH: 0:11:02.00 ===============
mycity.rs/must-login.png
|
|
|
|
|
|
|
Poslao: 14 Maj 2011 07:48
|
offline
- dr_Bora
- Anti Malware Fighter
Rank 2
- Pridružio: 24 Jul 2007
- Poruke: 12280
- Gde živiš: Höganäs, SE
|
Dvoklikom pokreni OTM.exe.
U (levi) prozor programa (ispod Paste Instructions for Items to be Moved) iskopiraj sve što se nalazi unutar Kod polja:
:files
c:\RECYCLER\k-1-3542-4232123213-7676767-8888886
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{23KLN5J0-4OPM-11WE-AAX5-24EF1F387232}]
Klikni MoveIt!
Po završetku procesa, u desnom prozoru programa (ispod Results), će se nalaziti tekst koji je potrebno iskopirati u poruku na forumu.
Ukoliko se pojavi upit:
Confirm ::The system requires a reboot to finish removing files.
Do you want to reboot now?
kliknuti Yes kako bi se kompjuter restartovao i proces bio dovršen.
Nakon ponovnog pokretanja sistema, logfile će se automatski otvoriti u Notepadu.
Potrebno je iskopirati sadržaj tog loga u poruku na forumu.
|
|
|
|
|
|
|
Poslao: 14 Maj 2011 08:37
|
offline
- Pridružio: 26 Apr 2007
- Poruke: 34
|
Error: Unable to interpret < > in the current context!
========== FILES ==========
c:\RECYCLER\k-1-3542-4232123213-7676767-8888886 folder moved successfully.
File/Folder :reg not found.
File/Folder [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{23KLN5J0-4OPM-11WE-AAX5-24EF1F387232}] not found.
OTM by OldTimer - Version 3.1.17.2 log created on 05142011_083625
|
|
|
|
|
|
|
|
|
Poslao: 14 Maj 2011 23:26
|
offline
- Pridružio: 26 Apr 2007
- Poruke: 34
|
Cini mi se da je dobro, uspio sam da izbrisem sto mi je smetalo, valjda se nece opet pojavljivati.
|
|
|
|
|
|
|
Poslao: 14 Maj 2011 23:31
|
offline
- dr_Bora
- Anti Malware Fighter
Rank 2
- Pridružio: 24 Jul 2007
- Poruke: 12280
- Gde živiš: Höganäs, SE
|
Da proverimo flash diskove...
Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa.
- Sacekaj koji sekund dok program izvrsi inicijalno skeniranje.
- Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi.
- Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak
- Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save scrambled log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum.
Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd.
|
|
|
|
|
|
Preuzmi program 
