MyCity » Ambulanta -> Arhiva Ambulante » Avast ne moze da obrise!

Avast ne moze da obrise!

Napisano na dan: 13.8.2009

Avast ne moze da obrise!

Sledeća strana

Pagination

Odgovori

branka_mi Poslao: 13 Avg 2009 16:44 Idi na vrh
offline branka_mi Novi MyCity građanin Pridružio: 13 Avg 2009 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Ne razumem se bas u racunare , ali rekli su mi da ovde postavim ove logove pa cete me vi uputiti sta dalje da radim,naravno ako nije problem sto detaljnije posto se slabo snalazim na racunaru! Imam neke viruse u racunaru,pa ako moze nekako to da se ocisti.Hvala u napred! DDS (Ver_09-07-30.01) - NTFSx86 Run by dragana at 16:31:28,54 on cet 13.08.2009 Internet Explorer: 6.0.2900.2180 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.255.21 [GMT 2:00] AV: avast! antivirus 4.8.1335 [VPS 090812-0] On-access scanning enabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RunDll32.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\sm56hlpr.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\dragana.NEW-F4C86356840\My Documents\Downloads\dds.scr ============== Pseudo HJT Report =============== BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL BHO: Mario Forever Toolbar Helper: {8036d4d7-aad3-4793-ab49-329e437155a8} - c:\program files\mario forever toolbar\v2.0.0.3\Mario_Forever_Toolbar.dll BHO: {c3f37eca-a8d9-4633-92c6-fe24c7d16aba} - c:\windows\system32\geBtUooN.dll TB: Mario Forever Toolbar: {463df6d5-bec1-4d67-b217-59db692dfc53} - c:\program files\mario forever toolbar\v2.0.0.3\Mario_Forever_Toolbar.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe" mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [SMSERIAL] sm56hlpr.exe mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" StartupFolder: c:\docume~1\dragan~1.new\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL TCP: {EE1BC51A-0EB7-42C7-9C5B-6530E506DCB6} = 217.24.17.17 217.24.17.80 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: geBtUooN - geBtUooN.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL SEH: {c3f37eca-a8d9-4633-92c6-fe24c7d16aba} - c:\windows\system32\geBtUooN.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\dragan~1.new\applic~1\mozilla\firefox\profiles\sa69g49k.default\ ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess"); c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); ============= SERVICES / DRIVERS =============== R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-8-8 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-8-8 20560] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-8-8 138680] R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-8-8 254040] R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-8-8 352920] =============== Created Last 30 ================ 2009-08-13 14:28 <DIR> --d----- c:\program files\Mario Forever 2009-08-09 17:28 38 a------- c:\windows\avisplitter.INI 2009-08-09 11:24 3,255 a------- c:\windows\system32\wbem\Outlook_01ca18d33f26d5da.mof 2009-08-09 10:47 238 a------- c:\windows\mafosav.INI 2009-08-08 22:43 56 a---h--- c:\windows\system32\ezsidmv.dat 2009-08-08 22:38 325,346 a------- c:\windows\Mario_Forever_Toolbar_Uninstaller_4140.exe 2009-08-08 22:38 <DIR> --d----- c:\program files\Mario Forever Toolbar 2009-08-08 22:32 <DIR> --d--r-- c:\program files\Skype 2009-08-08 22:30 414 a------- c:\windows\system32\lame_acm.xml 2009-08-08 22:30 389,120 a------- c:\windows\system32\lameACM.acm 2009-08-08 22:30 118,784 a------- c:\windows\system32\ac3acm.acm 2009-08-08 22:30 217,088 a------- c:\windows\system32\yv12vfw.dll 2009-08-08 22:30 159,839 a------- c:\windows\system32\xvidvfw.dll 2009-08-08 22:30 81,920 a------- c:\windows\system32\dpl100.dll 2009-08-08 22:30 682,496 a------- c:\windows\system32\divx.dll 2009-08-08 22:30 7,680 a------- c:\windows\system32\ff_vfw.dll 2009-08-08 22:30 547 a------- c:\windows\system32\ff_vfw.dll.manifest 2009-08-08 22:30 <DIR> --d----- c:\program files\K-Lite Codec Pack 2009-08-08 22:28 <DIR> --d----- c:\program files\NCH Swift Sound 2009-08-08 22:25 55,640 a------- c:\windows\system32\drivers\avgntflt.sys 2009-08-08 22:19 <DIR> --d----- c:\docume~1\dragan~1.new\applic~1\AIMP 2009-08-08 22:19 <DIR> --d----- c:\program files\AIMP2 2009-08-08 22:19 <DIR> --d----- c:\docume~1\alluse~1.win\applic~1\Innovative Solutions 2009-08-08 22:18 42,496 a------- c:\windows\system32\AdvUninstCPL.cpl 2009-08-08 22:18 <DIR> --d----- c:\program files\Innovative Solutions 2009-08-08 20:36 26,496 ac------ c:\windows\system32\dllcache\usbstor.sys 2009-08-08 20:17 <DIR> --d----- c:\docume~1\dragan~1.new\applic~1\MSNInstaller ==================== Find3M ==================== 2001-11-23 06:08 712,704 a------- c:\windows\inf\other\AUDIO3D.DLL ============= FINISH: 16:31:52,01 =============== mycity.rs/must-login.png

Profil

argus Poslao: 13 Avg 2009 17:48 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Molio bih te da ispratis uputstvo do kraja a tamo pise: Preuzmite program GMER sa donjeg linka na Desktop: ... btw. Sto vise podataka imam, to bolje i za tebe i za mene, znacu koji alat da upotrebimo.

Profil

branka_mi Poslao: 13 Avg 2009 19:43 Idi na vrh
offline branka_mi Novi MyCity građanin Pridružio: 13 Avg 2009 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Sorry..Evo : mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png

Profil

argus Poslao: 13 Avg 2009 19:54 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

branka_mi Poslao: 13 Avg 2009 20:55 Idi na vrh
offline branka_mi Novi MyCity građanin Pridružio: 13 Avg 2009 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-08-10.06 - dragana 13.08.2009 20:46.1.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.255.103 [GMT 2:00] Running from: c:\documents and settings\dragana.NEW-F4C86356840\Desktop\ComboFix.exe AV: avast! antivirus 4.8.1335 [VPS 090812-0] On-access scanning disabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\NavExcel c:\program files\NavExcel\NavHelper\v2.0.4a\NHelper.htm c:\program files\NavExcel\NavHelper\v2.0.4a\v2.0.4a.cab c:\recycler\S-1-5-21-117609710-1757981266-1801674531-1003 . ((((((((((((((((((((((((( Files Created from 2009-07-13 to 2009-08-13 ))))))))))))))))))))))))))))))) . 2009-08-13 17:27 . 2005-02-25 03:35 22752 ----a-w- c:\windows\system32\spupdsvc.exe 2009-08-13 12:28 . 2009-08-13 12:28 -------- d-----w- c:\program files\Mario Forever 2009-08-08 21:48 . 2009-08-08 21:48 -------- d-----w- c:\documents and settings\dragana.NEW-F4C86356840\Local Settings\Application Data\Innovative Solutions 2009-08-08 20:43 . 2009-08-08 20:43 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-08-08 20:43 . 2009-08-13 14:09 -------- d-----w- c:\documents and settings\dragana.NEW-F4C86356840\Application Data\skypePM 2009-08-08 20:42 . 2009-08-08 20:42 0 ----a-w- c:\windows\nsreg.dat 2009-08-08 20:42 . 2009-08-08 20:42 -------- d-----w- c:\documents and settings\dragana.NEW-F4C86356840\Local Settings\Application Data\Mozilla 2009-08-08 20:38 . 2009-08-08 20:38 325346 ----a-w- c:\windows\Mario_Forever_Toolbar_Uninstaller_4140.exe 2009-08-08 20:38 . 2009-08-08 20:38 -------- d-----w- c:\program files\Mario Forever Toolbar 2009-08-08 20:34 . 2009-08-13 18:43 -------- d-----w- c:\documents and settings\dragana.NEW-F4C86356840\Application Data\Skype 2009-08-08 20:32 . 2009-08-08 20:32 -------- d-----w- c:\program files\Common Files\Skype 2009-08-08 20:32 . 2009-08-08 20:32 -------- d-----r- c:\program files\Skype 2009-08-08 20:32 . 2009-08-08 20:32 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Skype 2009-08-08 20:30 . 2004-01-25 15:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll 2009-08-08 20:30 . 2008-01-10 11:16 159839 ----a-w- c:\windows\system32\xvidvfw.dll 2009-08-08 20:30 . 2007-11-29 21:28 81920 ----a-w- c:\windows\system32\dpl100.dll 2009-08-08 20:30 . 2007-12-04 00:33 682496 ----a-w- c:\windows\system32\divx.dll 2009-08-08 20:30 . 2008-03-04 10:33 7680 ----a-w- c:\windows\system32\ff_vfw.dll 2009-08-08 20:30 . 2009-08-08 20:30 -------- d-----w- c:\program files\K-Lite Codec Pack 2009-08-08 20:28 . 2009-08-08 20:28 -------- d-----w- c:\program files\NCH Swift Sound 2009-08-08 20:25 . 2009-03-24 14:08 55640 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-08-08 20:19 . 2009-08-09 10:08 -------- d-----w- c:\documents and settings\dragana.NEW-F4C86356840\Application Data\AIMP 2009-08-08 20:19 . 2009-08-08 20:19 -------- d-----w- c:\program files\AIMP2 2009-08-08 20:19 . 2009-08-08 20:19 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Innovative Solutions 2009-08-08 20:18 . 2009-08-08 20:18 -------- d-----w- c:\program files\Innovative Solutions 2009-08-08 20:17 . 2009-08-08 20:17 -------- d-----w- c:\program files\Common Files\Adobe AIR 2009-08-08 19:46 . 2009-02-05 20:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-08-08 19:46 . 2009-02-05 20:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-08-08 19:46 . 2009-02-05 20:05 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-08-08 19:46 . 2009-02-05 20:04 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-08-08 19:46 . 2009-02-05 20:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-08-08 19:46 . 2009-02-05 20:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-08-08 19:46 . 2009-02-05 20:08 93296 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-08-08 19:46 . 2009-02-05 20:08 94032 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-08-08 19:46 . 2009-02-05 20:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe 2009-08-08 18:36 . 2004-08-03 21:08 26496 -c--a-w- c:\windows\system32\dllcache\usbstor.sys 2009-08-08 18:17 . 2009-08-08 21:20 -------- d-----w- c:\documents and settings\dragana.NEW-F4C86356840\Application Data\MSNInstaller . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-09 10:26 . 2009-04-01 00:42 -------- d-----w- c:\documents and settings\dragana.NEW-F4C86356840\Application Data\Winamp 2009-08-08 22:16 . 2008-10-14 11:49 -------- d-----w- c:\program files\Zuma Deluxe 2009-08-08 20:36 . 2008-03-29 17:56 -------- d-----w- c:\program files\Winamp 2009-08-08 20:19 . 2009-08-08 20:19 -------- d-----w- c:\windows\Fonts\AdvUninstal 2009-08-08 20:15 . 2008-05-17 16:34 -------- d-----w- c:\program files\Common Files\Adobe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-03 1667584] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-02-04 23975720] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "SMSERIAL"="sm56hlpr.exe" - c:\windows\sm56hlpr.exe [2004-06-29 569344] c:\documents and settings\Dragana\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632] c:\documents and settings\dragana.NEW-F4C86356840\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [8.8.2009 21:46 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8.8.2009 21:46 20560] . - - - - ORPHANS REMOVED - - - - HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe HKLM-Run-Cmaudio - cmicnfg.cpl Notify-geBtUooN - geBtUooN.dll . ------- Supplementary Scan ------- . IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: {EE1BC51A-0EB7-42C7-9C5B-6530E506DCB6} = 217.24.17.17 217.24.17.80 FF - ProfilePath - c:\documents and settings\dragana.NEW-F4C86356840\Application Data\Mozilla\Firefox\Profiles\sa69g49k.default\ FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews..wholeText", "noAccess"); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-08-13 20:50 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2009-08-13 20:51 ComboFix-quarantined-files.txt 2009-08-13 18:51 Pre-Run: 1.088.888.832 bytes free Post-Run: 1.899.757.568 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 169 --- E O F --- 2009-08-13 17:27

Profil

argus Poslao: 13 Avg 2009 23:40 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da li imas nekih problema sada, jel' sve u redu ?

Profil

branka_mi Poslao: 14 Avg 2009 13:39 Idi na vrh
offline branka_mi Novi MyCity građanin Pridružio: 13 Avg 2009 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Za sada ne vidim da ima problema! Jel sve ok sada ? Racunar mi je cist ?

Profil

argus Poslao: 14 Avg 2009 14:16 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: combofix /u Primeti da postoji razmak između "ComboFix" i "/u". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Avast ne moze da obrise!

Ko je trenutno na forumu

Ukupno su 894 korisnika na forumu :: 22 registrovanih, 6 sakrivenih i 866 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Andrija357, Bluper, darkojbn, Faki-Valjevo, HogarStrashni, HrcAk47, ikan, kolle.the.kid, Kubovac, kunktator, loon123, milenko crazy north, MilosKop, nick79, Panter, royst33, sabros, samsung, Toper, Vlada78, vladulns, zdrebac

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by