Provera

Provera

offline
  • Pridružio: 24 Dec 2011
  • Poruke: 1638
  • Gde živiš: Novi Banovci

Napisano: 31 Dec 2012 20:44

Hteo bih da proverim bratovljev komp, da li ima virusa.

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 10.10.2
Run by Weedak at 20:11:07 on 2012-12-31
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2046.1310 [GMT 1:00]
.
AV: Bitdefender Antivirus Free Edition *Enabled/Updated* {9488E0FA-F058-4673-850E-E755F112BABC}
FW: *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\PANDORA.TV\PanService\PandoraService.exe
C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
C:\Program Files\PANDORA.TV\PanService\PanProcess.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MCShield\mcshieldrtm.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\PdaNet for Android\PdaNetPC.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Winamp\winamp.exe
C:\PROGRA~1\THEKMP~1\KMPlayer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k bthsvcs
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uInternet Connection Wizard,ShellNext = iexplore
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\bs_player\tbBS_P.dll
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
BHO: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - c:\program files\startnow toolbar\Toolbar32.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
BHO: Video Download Toolbar Intercept: {B29002A0-87A1-4DC4-AC55-5982034EB61E} - c:\program files\videodownloadtoolbar\VideoDownloadToolbarIntercept.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\bs_player\tbBS_P.dll
TB: &Google: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
TB: BS Player Toolbar: {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - c:\program files\bs_player\tbBS_P.dll
TB: &Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: &Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: &Google: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
TB: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\bs_player\tbBS_P.dll
TB: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - c:\program files\startnow toolbar\Toolbar32.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [EPSON Stylus Photo RX420 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [Yamaha DS-XG Driver] c:\windows\system32\vdriver.exe
mRun: [DrvIcon] e:\software\novi\novi programi\desktop\vista drive icon 1.3\vistadriveicon\DrvIcon.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [DAEMON Tools] "c:\program files\daemon tools\daemon.exe" -lang 1033
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [SkyTel] SkyTel.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [InstallerLauncher] c:\program files\bitdefender\antivirus free edition\install\Installer.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\weedak\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\weedak\startm~1\programs\startup\pdanet~1.lnk - c:\program files\pdanet for android\PdaNetPC.exe
StartupFolder: c:\docume~1\weedak\startm~1\programs\startup\shadow~1.lnk - c:\documents and settings\weedak\local settings\temp\{081a70fa-88dc-45ea-aa79-b7018a9b4b64}\{021cb753-d388-4c3b-8e40-554e226f54f2}\ATR1.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: NameServer = 8.8.8.8
TCP: Interfaces\{AAC5E3E6-31AB-4046-AB08-199BE291765B} : DHCPNameServer = 8.8.8.8
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Authentication Packages = msv1_0 nwprovau
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2012-12-31 622616]
R0 gzflt;gzflt;c:\windows\system32\drivers\gzflt.sys [2012-12-31 162976]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2009-7-15 13696]
R2 gzserv;Bitdefender Antivirus Free Edition;c:\program files\bitdefender\antivirus free edition\gzserv.exe [2012-12-31 26776]
R2 PanService;PandoraService;c:\program files\pandora.tv\panservice\PandoraService.exe [2012-12-29 625304]
R2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;c:\program files\startnow toolbar\ToolbarUpdaterService.exe [2012-6-22 265952]
R3 pneteth;PdaNet Broadband;c:\windows\system32\drivers\pneteth.sys [2012-12-31 13440]
S3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2012-12-31 447208]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
.
=============== Created Last 30 ================
.
2019-07-03 10:21:37 -------- d-----w- c:\program files\ESET
2019-07-03 10:21:00 -------- d-----w- c:\program files\ESET1
2012-12-31 17:23:17 -------- d-----w- c:\documents and settings\weedak\local settings\application data\Sun
2012-12-31 17:21:40 859072 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-12-31 17:21:40 779704 ----a-w- c:\windows\system32\deployJava1.dll
2012-12-31 17:21:40 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-12-31 17:21:22 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-12-31 16:57:37 43803 ----a-w- c:\documents and settings\all users\application data\1356973017.bdinstall.bin
2012-12-31 16:04:59 -------- d-----w- c:\documents and settings\all users\Kaspersky Lab Setup Files
2012-12-31 15:48:27 15770 ----a-w- c:\documents and settings\all users\application data\1356968904.bdinstall.bin
2012-12-31 15:48:20 44469 ----a-w- c:\documents and settings\all users\application data\1356968865.bdinstall.bin
2012-12-31 15:47:44 21212 ----a-w- c:\documents and settings\all users\application data\1356968864.bdinstall.bin
2012-12-31 15:40:28 164495 ----a-w- c:\documents and settings\all users\application data\1356968259.bdinstall.bin
2012-12-31 15:40:19 -------- d-----w- c:\program files\MCShield
2012-12-31 15:40:19 -------- d-----w- c:\documents and settings\all users\application data\MCShield
2012-12-31 15:40:14 -------- d-----w- c:\documents and settings\weedak\application data\StartNow Toolbar
2012-12-31 15:39:44 622616 ----a-w- c:\windows\system32\drivers\avc3.sys
2012-12-31 15:39:44 447208 ----a-w- c:\windows\system32\drivers\avckf.sys
2012-12-31 15:39:44 0 ----a-w- c:\windows\system32\drivers\avchv.sys
2012-12-31 15:38:06 -------- d-----w- c:\documents and settings\weedak\application data\QuickScan
2012-12-31 15:37:57 -------- d-----w- c:\program files\Bitdefender
2012-12-31 15:37:55 343456 ----a-w- c:\windows\system32\drivers\trufos.sys
2012-12-31 15:37:54 162976 ----a-w- c:\windows\system32\drivers\gzflt.sys
2012-12-31 15:35:24 -------- d-----w- c:\documents and settings\weedak\application data\Malwarebytes
2012-12-31 15:27:39 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-12-31 15:27:38 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-31 15:27:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-12-31 15:26:11 28190 ----a-w- c:\documents and settings\all users\application data\1356967551.bdinstall.bin
2012-12-31 15:19:12 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2012-12-31 15:18:35 581192 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll
2012-12-31 15:18:35 13440 ----a-w- c:\windows\system32\drivers\pneteth.sys
2012-12-31 15:18:35 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2012-12-31 15:18:35 -------- d-----w- c:\program files\PdaNet for Android
2012-12-30 10:37:58 -------- d-----w- c:\windows\pss
2012-12-29 17:25:18 -------- d-----w- c:\program files\PANDORA.TV
2012-12-29 17:25:00 -------- d-----w- c:\program files\The KMPlayer
.
==================== Find3M ====================
.
2012-12-26 18:40:13 3532 ----a-w- C:\drmHeader.bin
.
============= FINISH: 20:11:14,07 ===============


https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Hvala unapred Smile

Dopuna: 31 Dec 2012 20:45

I Srecna Vam nova godina Smile Smile Smile

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Pozdrav, Djolew. Srećna nova godina. Ziveli



Korak 1

Arrow Preuzmi ESET Uninstaller sa ovog linka. Restartuj računar u Safe Mod-u, i isprati uputstvo sa ovog linka.

Kako uci u Safe mode Windows-a: http://www.mycity.rs/MyCity-Laboratorija/Kako-uci-u-Safe-Mode-2.html




Korak 2

Arrow Preuzmi KAV Uninstaller sa ovog linka. Restartuj kompjuter u Safe Mod-u, i isprati uputstvo sa ovog linka.




Korak 3

Arrow idi u Start - Control Panel - Add or Remove Programs, i deinstaliraj sledeće:
BS_Player Toolbar
StartNow Toolbar
Video Download Toolbar 2.2.0.0
Yahoo! Toolbar





Korak 4

Arrow Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop.
Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje.
Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Dozvoli mu.

Napomena: Kada zavrsis sa ciscenjem temp fajlova,program mozes obrisati ili ga sacuvati za kasniju upotrebu.




Korak 5

Arrow Preuzmi "Xplode"-ov AdwCleaner i sacuvaj ga na Desktop
Dvoklikom pokreni program i klikni na dugme [Search] .
Kada program zavrsi analizu otvorice notepad (AdwCleaner[R1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[R1].txt




Exclamation Koristis Adobe Reader 8.1 koji je stara a ujedno i kriticna verzija ovog PDF citaca zbog propusta u sigurnosti. Svakako ti je moj predlog da instaliras najnoviju verziju (Reader XI (verzija 11)) ili predjes na alternativu tipa Foxit Reader, Nitro PDF Reader, itd ...;




Ivance95 (AMF Tim)

Ko je trenutno na forumu
 

Ukupno su 922 korisnika na forumu :: 4 registrovanih, 0 sakrivenih i 918 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Neutral-M, Panter, pein, VJ