MyCity » Ambulanta -> Arhiva Ambulante » Usporen rad racunara

Usporen rad racunara

Napisano na dan: 26.12.2011

Usporen rad racunara

Sledeća strana

Pagination

Odgovori

Master Boot Poslao: 26 Dec 2011 22:20 Idi na vrh
offline Master Boot Počasni građanin Pridružio: 21 Avg 2011 Poruke: 810 Gde živiš: Sibir	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 26 Dec 2011 20:03 Pozdrav Prije nekolika dana racunar je oceo veoma da koci...Takodje mnogo vremena mu treba da ocita neku stranicu na internetu. Pokusao sam skeniranje Avastom i MBAM-om i oni nisu nista nasli. Ja ipak sumnjam na malware pa sam odlucio da se obratim vama. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 6.0.2900.5512 Run by Kiboa at 19:36:43 on 2011-12-26 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.135 [GMT 1:00] . AV: Lavasoft Ad-Watch Live! Anti-Virus Enabled/Updated {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33} AV: avast! Internet Security Enabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: avast! Internet Security Enabled . ============== Running Processes =============== . C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\Program Files\AVAST Software\Avast\afwServ.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Documents and Settings\Kiboa\Local Settings\Apps\F.lux\flux.exe C:\Program Files\Terminator\TV7131 Utilities\P3XRCtl.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\secpro.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Kiboa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Kiboa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Kiboa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Kiboa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Kiboa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Kiboa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Kiboa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.mystart.com/?pr=vmn&id=pandasecuritytb&v=2_0 mStart Page = hxxp://home.sweetim.com mSearchAssistant = hxxp://start.facemoods.com/?a=wbsttst2&s={searchTerms}&f=4 mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\program files\isafe\wpk.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File BHO: MrFroggy Class: {856e12b5-22d7-4e22-9aca-ea9a008dd65b} - c:\program files\minibar\Froggy.dll BHO: MinibarBHO: {aa74d58f-acd0-450d-a85e-6c04b171c044} - c:\program files\minibar\Kango.dll BHO: Panda Security Toolbar: {b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4} - c:\program files\panda security\panda security toolbar\PandaSecurityDx.dll BHO: {B94D2A9E-E529-4389-B8DE-4F50D087F0D1} - No File BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File TB: {338B4DFE-2E2C-4338-9E41-E176D497299E} - No File TB: {AF3D7884-B142-414E-943D-75D8D54E1FFF} - No File TB: {99079a25-328f-4bd4-be04-00955acaa0a7} - No File TB: !{30F9B915-B755-4826-820B-08FBA6BD249D} - No File TB: !{51a86bb3-6602-4c85-92a5-130ee4864f13} - No File TB: Panda Security Toolbar: {b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4} - c:\program files\panda security\panda security toolbar\PandaSecurityDx.dll TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized uRun: [F.lux] "c:\documents and settings\kiboa\local settings\apps\f.lux\flux.exe" /noshow uRun: [Google Update] "c:\documents and settings\kiboa\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [Facebook Update] "c:\documents and settings\kiboa\local settings\application data\facebook\update\FacebookUpdate.exe" /c /nocrashserver mRun: [SoundMan] SOUNDMAN.EXE mRun: [RemoteControl] "c:\program files\asustek\asusdvd\PDVDServ.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [Panda Security URL Filtering] "c:\documents and settings\all users\application data\panda security url filtering\Panda_URL_Filtering.exe" mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui StartupFolder: c:\docume~1\kiboa\startm~1\programs\startup\facebo~1.lnk - c:\documents and settings\kiboa\local settings\application data\facebook\messenger\2.0.4373.0\FacebookMessenger.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\tvremo~1.lnk - c:\program files\terminator\tv7131 utilities\P3XRCtl.exe IE: Download with &Media Finder - c:\program files\media finder\hook.html IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL IE: {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - c:\program files\minibar\MinibarButton.dll TCP: DhcpNameServer = 213.133.31.202 213.133.31.203 109.122.98.116 109.122.98.117 TCP: Interfaces\{24DAF792-1CA6-44A6-98F9-3F3BF5AAE365} : DhcpNameServer = 213.133.31.202 213.133.31.203 109.122.98.116 109.122.98.117 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll . ============= SERVICES / DRIVERS =============== . R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2011-12-17 12112] R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2011-12-17 195416] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2037-8-20 64512] R0 nvcchflt;NVIDIA Disk Cache Filter Driver;c:\windows\system32\drivers\nvcchflt.sys [2082-7-8 16640] R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [2011-12-17 111320] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-17 435032] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-12-17 314456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-12-17 20568] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-12-17 44768] R2 avast! Firewall;avast! Firewall;c:\program files\avast software\avast\afwServ.exe [2011-12-17 127192] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2037-10-28 366152] R2 SecStore;Secure Storage;c:\windows\system32\secpro.exe [2037-11-1 61440] R3 Cap713x;Philips Cap713x Video Capture;c:\windows\system32\drivers\Cap713x.sys [2082-7-25 685824] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2037-10-28 22216] S0 edyvv;edyvv;c:\windows\system32\drivers\vbqsam.sys --> c:\windows\system32\drivers\vbqsam.sys [?] S0 lhur;lhur;c:\windows\system32\drivers\knsk.sys --> c:\windows\system32\drivers\knsk.sys [?] S0 loonk;loonk;c:\windows\system32\drivers\dkysk.sys --> c:\windows\system32\drivers\dkysk.sys [?] S0 rccjsut;rccjsut;c:\windows\system32\drivers\hxgsoj.sys --> c:\windows\system32\drivers\hxgsoj.sys [?] S0 xctqetgw;xctqetgw;c:\windows\system32\drivers\ghcqhx.sys --> c:\windows\system32\drivers\ghcqhx.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 Freemake Improver;Freemake Improver;c:\documents and settings\all users\application data\freemake\freemakeutilsservice\FreemakeUtilsService.exe [2011-12-21 74752] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\lavasoft\ad-aware\aawservice.exe" --> c:\program files\lavasoft\ad-aware\AAWService.exe [?] S2 PSGenUn;Panda Security Generic Uninstaller;c:\smclpav\smclpav.exe /logc:\docume~1\admini~1\locals~1\temp\pslogs\smclpav_77.log /runservice --> c:\smclpav\SMCLpav.exe [?] S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\garena plus\room\safedrv.sys --> c:\program files\garena plus\room\safedrv.sys [?] S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?] S3 RkPavproc1;RkPavproc1;\??\c:\windows\system32\drivers\rkpavproc1.sys --> c:\windows\system32\drivers\RkPavproc1.sys [?] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2082-07-25 16:45:26 306688 ----a-w- c:\windows\IsUninst.exe 2082-07-25 16:43:40 32768 ----a-w- c:\windows\p3xunist.exe 2082-07-25 16:43:28 685824 ----a-r- c:\windows\system32\drivers\Cap713x.sys 2082-07-25 16:43:20 57344 ----a-r- c:\windows\system32\Prop713x.dll 2082-07-25 16:43:12 -------- d-----w- c:\program files\Terminator 2082-07-25 16:43:06 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll 2082-07-25 16:43:05 692224 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll 2082-07-25 16:43:05 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll 2082-07-25 16:43:05 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe 2082-07-25 16:43:05 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll 2082-07-25 16:43:05 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll 2082-07-25 16:43:05 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll 2082-07-25 16:43:04 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll 2082-07-17 19:26:44 5632 ----a-w- c:\windows\system32\ptpusb.dll 2082-07-17 19:26:43 159232 ----a-w- c:\windows\system32\ptpusd.dll 2082-07-17 19:26:43 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys 2082-07-17 19:26:43 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys . ==================== Find3M ==================== . 2037-11-24 14:20:43 29 ----a-w- c:\windows\system32\TempWmicBatchFile.bat 2037-10-29 21:58:17 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2037-10-27 12:45:06 2560 ----a-w- c:\windows\_MSRSTRT.EXE 2037-08-20 12:36:14 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2037-08-20 12:35:19 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys 2011-12-24 22:52:00 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-11-28 18:01:25 41184 ----a-w- c:\windows\avastSS.scr 2011-11-28 17:54:38 111320 ----a-w- c:\windows\system32\drivers\aswFW.sys 2011-11-28 17:53:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-11-28 17:53:22 195416 ----a-w- c:\windows\system32\drivers\aswNdis2.sys 2011-11-28 17:26:19 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys 2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys 2011-11-01 20:35:20 81920 ----a-w- c:\windows\system32\ieencode.dll 2011-11-01 20:35:20 667136 ----a-w- c:\windows\system32\wininet.dll 2011-11-01 20:35:20 61952 ----a-w- c:\windows\system32\tdc.ocx 2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll 2011-11-01 15:02:49 369664 ----a-w- c:\windows\system32\html.iec 2011-10-28 08:00:00 74752 ----a-w- c:\windows\system32\ff_vfw.dll 2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-25 13:33:08 2192768 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-25 12:52:03 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-24 13:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2011-10-24 13:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts 2011-10-18 11:13:22 186880 ----a-w- c:\windows\system32\encdec.dll 2011-10-10 14:21:17 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll . ============= FINISH: 19:37:57,90 =============== https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png Dopuna: 26 Dec 2011 22:20 Pogledaj pravilnik

Profil

Fil Poslao: 27 Dec 2011 16:51 Idi na vrh
offline Fil Legendarni građanin Pridružio: 11 Jun 2009 Poruke: 16586	1Ovo se svidja korisniku: MISTER UNSU Registruj se da bi pohvalio/la poruku! Korak 1. Preuzmi AVZ Antiviral Toolkit sa sledećeg linka : http://devbuilds.kaspersky-labs.com/devbuilds/AVZ/avz4.zip Raspakuj arhivu u neki folder (uputstvo), a zatim: pokreni AVZ (dvoklikom na ikonicu); u meniju izaberi File > Custom Scripts; u prozor koji se otvori iskopiraj sve što se nalazi unutar Kod polja: begin SearchRootkit(true, true); SetAVZGuardStatus(True); RegKeyStrParamWrite('HKCU', 'software\microsoft\windows nt\currentversion\winlogon', 'Userinit', 'c:\windows\system32\userinit.exe,'); QuarantineFile('C:\Program Files\iSafe\wpk.exe',''); DeleteFile('C:\Program Files\iSafe\wpk.exe'); DelCLSID('856e12b5-22d7-4e22-9aca-ea9a008dd65b'); DelCLSID('aa74d58f-acd0-450d-a85e-6c04b171c044'); DelCLSID('338B4DFE-2E2C-4338-9E41-E176D497299E'); DelCLSID('99079a25-328f-4bd4-be04-00955acaa0a7'); DelCLSID('99079a25-328f-4bd4-be04-00955acaa0a7'); DelCLSID('AAA38851-3CFF-475F-B5E0-720D3645E4A5'); DeleteDirectory('c:\program files\minibar'); BC_DeleteSvc ('edyvv'); BC_DeleteSvc ('lhur'); BC_DeleteSvc ('rccjsut'); BC_DeleteSvc ('xctqetgw'); BC_ImportDeletedList; BC_Activate; ExecuteSysClean; RebootWindows(true); end. klikni taster Run i sačekaj da se skripta izvrši. -------------------------------- Korak 2. Ponovo pokreni AVZ (dvoklikom na ikonicu); u meniju izaberi File > Standard Scripts; U prozoru koji se otvori štikliraj opciju 2 i klikni Execute Selected Scripts; klikni Yes; po završetku skeniranja dobićeš obaveštenje: Script Executed; izađi iz programa. Uploaduj fajl virusinfo_syscheck.zip koji se nalazi u avz\log folderu na forum. -------------------------------- Korak 3. Postavi i svež DDS log

Profil

Master Boot Poslao: 28 Dec 2011 21:09 Idi na vrh
offline Master Boot Počasni građanin Pridružio: 21 Avg 2011 Poruke: 810 Gde živiš: Sibir	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala vam Na racunaru se vidi veliko poboljsanje. Mislim da sam rijesio problem. Hvala AMF timu

Profil

Fil Poslao: 28 Dec 2011 21:22 Idi na vrh
offline Fil Legendarni građanin Pridružio: 11 Jun 2009 Poruke: 16586	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Slučaj još nije gotov. Bolje po tebe (i tvoj računar) bi bilo da pošalješ neophodne izveštaje, kako sam ti napisao u prethodnoj poruci, da utvrdimo trenutno stanje operativnog sistema.

Profil

Master Boot Poslao: 29 Dec 2011 13:31 Idi na vrh
offline Master Boot Počasni građanin Pridružio: 21 Avg 2011 Poruke: 810 Gde živiš: Sibir	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 29 Dec 2011 13:30 Evo logova. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 6.0.2900.5512 Run by Kiboa at 13:23:38 on 2011-12-29 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.511.40 [GMT 1:00] . AV: Lavasoft Ad-Watch Live! Anti-Virus Enabled/Updated {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33} AV: avast! Internet Security Enabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: avast! Internet Security Enabled . ============== Running Processes =============== . C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\SYSTEM32\Ati2evxx.exe C:\Program Files\AVAST Software\Avast\afwServ.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe C:\Documents and Settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Documents and Settings\Kiboa\Local Settings\Apps\F.lux\flux.exe C:\Program Files\Terminator\TV7131 Utilities\P3XRCtl.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\secpro.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Documents and Settings\Kiboa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Kiboa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Kiboa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Kiboa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Kiboa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Kiboa\Local Settings\Application Data\Google\Chrome\Application\chrome.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.mystart.com/?pr=vmn&id=pandasecuritytb&v=2_0 mStart Page = hxxp://home.sweetim.com mSearchAssistant = hxxp://start.facemoods.com/?a=wbsttst2&s={searchTerms}&f=4 BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File BHO: Panda Security Toolbar: {b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4} - c:\program files\panda security\panda security toolbar\PandaSecurityDx.dll BHO: {B94D2A9E-E529-4389-B8DE-4F50D087F0D1} - No File BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File TB: {AF3D7884-B142-414E-943D-75D8D54E1FFF} - No File TB: !{30F9B915-B755-4826-820B-08FBA6BD249D} - No File TB: !{51a86bb3-6602-4c85-92a5-130ee4864f13} - No File TB: Panda Security Toolbar: {b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4} - c:\program files\panda security\panda security toolbar\PandaSecurityDx.dll TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized uRun: [F.lux] "c:\documents and settings\kiboa\local settings\apps\f.lux\flux.exe" /noshow uRun: [Google Update] "c:\documents and settings\kiboa\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [Facebook Update] "c:\documents and settings\kiboa\local settings\application data\facebook\update\FacebookUpdate.exe" /c /nocrashserver mRun: [SoundMan] SOUNDMAN.EXE mRun: [RemoteControl] "c:\program files\asustek\asusdvd\PDVDServ.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [Panda Security URL Filtering] "c:\documents and settings\all users\application data\panda security url filtering\Panda_URL_Filtering.exe" mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui StartupFolder: c:\docume~1\kiboa\startm~1\programs\startup\facebo~1.lnk - c:\documents and settings\kiboa\local settings\application data\facebook\messenger\2.0.4373.0\FacebookMessenger.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\tvremo~1.lnk - c:\program files\terminator\tv7131 utilities\P3XRCtl.exe IE: Download with &Media Finder - c:\program files\media finder\hook.html IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL TCP: DhcpNameServer = 213.133.31.202 213.133.31.203 109.122.98.116 109.122.98.117 TCP: Interfaces\{24DAF792-1CA6-44A6-98F9-3F3BF5AAE365} : DhcpNameServer = 213.133.31.202 213.133.31.203 109.122.98.116 109.122.98.117 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll . ============= SERVICES / DRIVERS =============== . R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2011-12-17 12112] R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2011-12-17 195416] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2037-8-20 64512] R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [2011-12-17 111320] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-17 435032] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-12-17 314456] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-12-17 20568] R3 Cap713x;Philips Cap713x Video Capture;c:\windows\system32\drivers\Cap713x.sys [2082-7-25 685824] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2037-10-28 22216] S0 loonk;loonk;c:\windows\system32\drivers\dkysk.sys --> c:\windows\system32\drivers\dkysk.sys [?] S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\garena plus\room\safedrv.sys --> c:\program files\garena plus\room\safedrv.sys [?] S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?] . =============== Created Last 30 ================ . 2082-07-25 16:45:26 306688 ----a-w- c:\windows\IsUninst.exe 2082-07-25 16:43:40 32768 ----a-w- c:\windows\p3xunist.exe 2082-07-25 16:43:28 685824 ----a-r- c:\windows\system32\drivers\Cap713x.sys 2082-07-25 16:43:20 57344 ----a-r- c:\windows\system32\Prop713x.dll 2082-07-25 16:43:12 -------- d-----w- c:\program files\Terminator 2082-07-25 16:43:06 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll 2082-07-25 16:43:05 692224 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll 2082-07-25 16:43:05 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll 2082-07-25 16:43:05 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe 2082-07-25 16:43:05 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll 2082-07-25 16:43:05 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll 2082-07-25 16:43:05 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll 2082-07-25 16:43:04 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll 2082-07-17 19:26:44 5632 ----a-w- c:\windows\system32\ptpusb.dll 2082-07-17 19:26:43 159232 ----a-w- c:\windows\system32\ptpusd.dll 2082-07-17 19:26:43 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys 2082-07-17 19:26:43 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys . ==================== Find3M ==================== . 2037-11-24 14:20:43 29 ----a-w- c:\windows\system32\TempWmicBatchFile.bat 2037-10-29 21:58:17 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2037-10-27 12:45:06 2560 ----a-w- c:\windows\_MSRSTRT.EXE 2037-08-20 12:36:14 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys 2037-08-20 12:35:19 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys 2011-12-24 22:52:00 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-11-28 18:01:25 41184 ----a-w- c:\windows\avastSS.scr 2011-11-28 17:54:38 111320 ----a-w- c:\windows\system32\drivers\aswFW.sys 2011-11-28 17:53:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-11-28 17:53:22 195416 ----a-w- c:\windows\system32\drivers\aswNdis2.sys 2011-11-28 17:26:19 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys 2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys 2011-11-01 20:35:20 81920 ----a-w- c:\windows\system32\ieencode.dll 2011-11-01 20:35:20 667136 ----a-w- c:\windows\system32\wininet.dll 2011-11-01 20:35:20 61952 ----a-w- c:\windows\system32\tdc.ocx 2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll 2011-11-01 15:02:49 369664 ----a-w- c:\windows\system32\html.iec 2011-10-28 08:00:00 74752 ----a-w- c:\windows\system32\ff_vfw.dll 2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-25 13:33:08 2192768 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-25 12:52:03 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-24 13:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2011-10-24 13:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts 2011-10-18 11:13:22 186880 ----a-w- c:\windows\system32\encdec.dll 2011-10-10 14:21:17 692736 ----a-w- c:\windows\system32\inetcomm.dll . ============= FINISH: 13:28:42,17 =============== https://www.mycity.rs/must-login.png Dopuna: 29 Dec 2011 13:31 A virusinfo_syscheck.zip nisam mogao da nadjem.

Profil

Fil Poslao: 29 Dec 2011 18:29 Idi na vrh
offline Fil Legendarni građanin Pridružio: 11 Jun 2009 Poruke: 16586	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1. pokreni AVZ (dvoklikom na ikonicu); u meniju izaberi File > Custom Scripts; u prozor koji se otvori iskopiraj sve što se nalazi unutar Kod polja: `begin SearchRootkit(true, true); SetAVZGuardStatus(True); BC_DeleteSvc ('loonk'); BC_ImportDeletedList; BC_Activate; RebootWindows(true); end.` klikni taster Run i sačekaj da se skripta izvrši. -------------------------------- Korak 2. Ponovo pokreni AVZ (dvoklikom na ikonicu); u meniju izaberi File > Standard Scripts; U prozoru koji se otvori štikliraj opciju 2 i klikni Execute Selected Scripts; klikni Yes; po završetku skeniranja dobićeš obaveštenje: Script Executed; izađi iz programa. Uploaduj fajl virusinfo_syscheck.zip koji se nalazi u avz\log folderu na forum. Ukoliko, iz nekog razloga, ne možeš da nađeš ovu datoteku, koristi pretragu na računaru. Korak 3. Preuzmi instalaciju za program Malwarebytes Anti-Malware sa sledećeg linka: http://www.besttechie.net/tools/mbam-setup.exe Dvoklikom pokreni instalaciju - na samom kraju procesa, proveri da su obeležene opcije: Update Malwarebytes' Anti-Malware; Launch Malwarebytes Anti-Malware; a zatim klikni Finish. Nakon završenog ažuriranja program će se pokrenuti. Izaberi opciju Perform Quick Scan i klikni Scan. Po završetku procesa klikni OK, Show Results: u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected. Po završetku procesa, logfile će se otvoriti u Notepad-u; iskopiraj ga u temu na forumu. Ukoliko program zatraži restart kako bi se završio proces čišćenja, obavezno ga dozvoliti. Napomena: ako dođe do restarta na kraju procesa čišćenja, logfile će biti dostupan na Logs kartici (obeleži ga i klikni Open).

Profil

Master Boot Poslao: 29 Dec 2011 19:37 Idi na vrh
offline Master Boot Počasni građanin Pridružio: 21 Avg 2011 Poruke: 810 Gde živiš: Sibir	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! MBAM nije nista pronasao. A avz/log nisam mogao da nadjem zbog toga sto i ne postoji na racunaru.Koristio sam pretragu ali nije nista pronadjeno. Sta treba sada da uradim?

Profil

Fil Poslao: 29 Dec 2011 20:16 Idi na vrh
offline Fil Legendarni građanin Pridružio: 11 Jun 2009 Poruke: 16586	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! MISTER UNSU :: Sta treba sada da uradim? Da uživaš u novogodišnjim praznicima Tvoj računar je čist što se tiče malicioznih programa. Već si primetio da je bolje stanje računara. Potrebno je deinstalirati AVZ Antiviral Toolkit. Pokreni AVZ (dvoklikom na ikonicu); U meniju izaberi File>Standard Scripts; U prozoru koji se otvori štikliraj opciju 6 i klikni na Execute Selected Scripts; Klikni Yes; Po završetku postupka dobićeš obaveštenje: Script Executed; Izađi iz programa i obriši folder gde je program raspakovan. Uključi i isključi System Restore: http://www.mycity.rs/MyCity-Laboratorija/Kako-iskl.....sta-7.html Nije loše da koristiš i MCShield za zaštitu od infekcija sa USB diskova

Profil

Master Boot Poslao: 29 Dec 2011 20:20 Idi na vrh
offline Master Boot Počasni građanin Pridružio: 21 Avg 2011 Poruke: 810 Gde živiš: Sibir	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Veliko hvala tebi i citavom AMF timu. MC Shield vec koristim Ziveli

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Usporen rad racunara

Ko je trenutno na forumu

Ukupno su 840 korisnika na forumu :: 17 registrovanih, 0 sakrivenih i 823 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: _Rade, avijacija, babaroga, djordje92sm, Frunze, havoc995, ILGromovnik, Kenanjoz, Leonov, m0nstrum_, milenko crazy north, Nikolaa11, pein, sakuljinac, saputnik plavetnila, Udvar, Viktor Petrenko

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by