MyCity » Ambulanta -> Arhiva Ambulante » zastita od virusa

zastita od virusa

Napisano na dan: 5.11.2007

Strana:
1
2
3

zastita od virusa

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

adelita Poslao: 02 Okt 2007 14:00 Idi na vrh
offline adelita Građanin Pridružio: 02 Okt 2007 Poruke: 50	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo, Imam neki virus windows security alert ne znam sta da radim kako to da izbrisem, sav kompjuter se poremetio ne radi mi regedit, ne mogu da idem na properis na My computer, nemam contorl panel i ne znam sta drugo vec. Recite mi ako znate kako da se resim ovog virusa, zato sto pre dve nedejle sam formatirala komjuter.

Profil

DEMIAN Poslao: 02 Okt 2007 15:11 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav i za tebe adelita. Za probleme vezane za infekcije malicioznim programimima postoji odgovarajući forum - Ambulanta. U njemu ćeš naći kao izdvojenu ovu temu > http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html Isprati detaljno uputstva koju su tu opisana i postavi log programa HijackThis pa ćemo pokušati da rešimo problem. Prebacujem ovo u odgovarajući forum.

Profil

adelita Poslao: 04 Okt 2007 12:09 Idi na vrh
offline adelita Građanin Pridružio: 02 Okt 2007 Poruke: 50	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo opet hvala na objasnenje sta ste mi poslali evo mog logfile Logfile of HijackThis v1.99.1 Scan saved at 11:57:54, on 04.10.2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\System32\printer.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\System32\mmdmm.exe C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\f1r5st83.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\System32\ctfmon.exe C:\HPDESK\HPPDDIR.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system\NOTEPAD.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe E:\SmartSoft\Asistent\Asistent.exe C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\Explorer.exe C:\Documents and Settings\Natasa\Desktop\New Folder (2)\tr3.exe F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\System32\printer.exe F3 - REG:win.ini: load=DTMONX.EXE O2 - BHO: (no name) - {35884CE2-E272-4FF2-9061-07DF2CC7619C} - C:\WINDOWS\System32\ddcyy.dll O2 - BHO: IEHlprObj Class - {ABCDECF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\System32\vtr.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\System32\WinAvXX.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [mmsass] mmdmm.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP O4 - HKLM\..\Run: [Clotusorgreg0] C:\lotus\orgreg\prtStart.exe 13 54 10 10 2007 "C:\lotus\orgreg\orgprt.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Systam13] f1r5st83.exe O4 - HKLM\..\Run: [SearchIndexer] rundll32.exe "C:\WINDOWS\System32\vkurmigr.dll",sitypnow O4 - HKLM\..\RunServices: [mmsass] mmdmm.exe O4 - HKLM\..\RunServices: [Systam13] f1r5st83.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\System32\WinAvXX.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - Startup: system.exe O4 - Global Startup: autorun.exe O4 - Global Startup: Document Assistant.lnk = C:\HPDESK\HPPDDIR.exe O4 - Global Startup: Lotus Organizer EasyClip.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Web Entry - {B4E30F61-16D9-11D3-85D1-005004229569} - c:\lotus\organize\bandobjs.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {F9463571-87CB-4A90-A1AC-2284B7F5AF4E} (Persits Software XEncrypt) - banka.com.mk/Ctrls/Ctrls.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{095B9FDB-FA52-4163-9AD1-E3300B448964}: NameServer = 217.16.69.3,217.16.69.2 O17 - HKLM\System\CCS\Services\Tcpip\..\{E2B7054A-1547-4D46-BE19-FC6B5DC22192}: NameServer = 85.30.126.1 217.16.68.140 O17 - HKLM\System\CS1\Services\Tcpip\..\{095B9FDB-FA52-4163-9AD1-E3300B448964}: NameServer = 217.16.69.3,217.16.69.2 O17 - HKLM\System\CS2\Services\Tcpip\..\{095B9FDB-FA52-4163-9AD1-E3300B448964}: NameServer = 217.16.69.3,217.16.69.2 O20 - AppInit_DLLs: C:\WINDOWS\System32\stdole32.dat O20 - Winlogon Notify: awtstqn - C:\WINDOWS\SYSTEM32\awtstqn.dll O20 - Winlogon Notify: byxwwvu - C:\WINDOWS\SYSTEM32\byxwwvu.dll O20 - Winlogon Notify: ddcdbxw - C:\WINDOWS\SYSTEM32\ddcdbxw.dll O20 - Winlogon Notify: ddcywvu - C:\WINDOWS\SYSTEM32\ddcywvu.dll O20 - Winlogon Notify: efcayxw - C:\WINDOWS\SYSTEM32\efcayxw.dll O20 - Winlogon Notify: fccbaxv - C:\WINDOWS\SYSTEM32\fccbaxv.dll O20 - Winlogon Notify: fccbywt - C:\WINDOWS\SYSTEM32\fccbywt.dll O20 - Winlogon Notify: hggfedd - C:\WINDOWS\SYSTEM32\hggfedd.dll O20 - Winlogon Notify: ljjgeda - C:\WINDOWS\SYSTEM32\ljjgeda.dll O20 - Winlogon Notify: ljjheef - C:\WINDOWS\SYSTEM32\ljjheef.dll O20 - Winlogon Notify: ljjihhg - C:\WINDOWS\SYSTEM32\ljjihhg.dll O20 - Winlogon Notify: mljjjgg - C:\WINDOWS\SYSTEM32\mljjjgg.dll O20 - Winlogon Notify: nnnnnli - C:\WINDOWS\SYSTEM32\nnnnnli.dll O20 - Winlogon Notify: opnllkh - C:\WINDOWS\SYSTEM32\opnllkh.dll O20 - Winlogon Notify: opnmnkl - C:\WINDOWS\SYSTEM32\opnmnkl.dll O20 - Winlogon Notify: qomlihg - C:\WINDOWS\SYSTEM32\qomlihg.dll O20 - Winlogon Notify: tuvvsqn - C:\WINDOWS\SYSTEM32\tuvvsqn.dll O20 - Winlogon Notify: urqppmk - C:\WINDOWS\SYSTEM32\urqppmk.dll O20 - Winlogon Notify: wvuurqn - C:\WINDOWS\SYSTEM32\wvuurqn.dll O20 - Winlogon Notify: wvuvstt - C:\WINDOWS\SYSTEM32\wvuvstt.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NOTEPAD - Unknown owner - C:\WINDOWS\system\NOTEPAD.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Profil

DEMIAN Poslao: 04 Okt 2007 13:37 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Izbrojao sam preko 25 aktivnih infekcija. Nemaš Windows Service Pack 2 pa me i ne čudi kada vidim da imaš toliko ozbiljno inficiran sistem. Bez Service Pack-a 2 je čisćenje računara skoro pa nemoguća misija jer su šanse da se zaraziš nečim novim odmah po izlasku na net velike. Možemo da probamo da uklonimo ove infekcije pomoću VundoFix alata i BitDefender online skenera. Ako se u prvim koracima ne budu pokazali rezultati moraćeš da formatiraš sistemsku particiju i odmah po novoj instalaciji Windows-a obavezno da instaliraš Service Pack 2 da ti se ovakva situacija ne bi ponovila. Korak 1 --------------------------- VundoFix: http://www.atribune.org/ccount/click.php?id=4 * Dvoklikom se startuje fajl VundoFix.exe. * Izabere opcija Scan for Vundo. * Posle završenog skeniranja i pojave poruke Done Searching for files klikne se na OK. * Sada, kada je skeniranje obavljeno potrebno je kliknuti na opciju Remove Vundo. * Po pojavljivanju upita o uklanjaju Vundo fajlova klikne se na Yes. * Pokretanje ove opcije učiniće Desktop privremeno praznim u cilju pripreme sistema za uklanjanje Vundo-a. * Po završetku, pojaviće se obaveštenje o gašnjenju računara, klikne se OK. * Uključi se računar i podigne sistem iznova. ----------------------- Korak 2 --------------------------------- Pokreni Internet Explorer i idi na adresu http://www.bitdefender.com/scan8/ie.html. Prati uputstva, (ako te bude pitao da li da instalira ActiveX - odobri), preskeniraj kompletan računar. Restartuj PC kada se bude završilo skeniranje. ----------------- Kada podigneš sistem iznova iskopiraj mi u sledeću tvoju poruku sadržaj loga sa putanje C:\vundofix.txt i postavi novi HiJackThis log.

Profil

adelita Poslao: 08 Okt 2007 15:33 Idi na vrh
offline adelita Građanin Pridružio: 02 Okt 2007 Poruke: 50	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo Ono sto ste mi rekli nisam jos uradila zato sto kad resetujem kompjuter tada teze mogu da ukljucim jedan program sta mi treba za posao. Ali ovid dana cu da uradim to, znate ovo je kompjuter na poslu. Sad da pitam koko moze da mogu da pronadjem Contro panel u Startu, kad idem na propertis u Startu u Customize u Advanced tamo ga nema.Mislim da sve to sto se desava je rezultata virusa, medjutim ako moze da mi nekako pomognete. Ne radi mi neke druge stvari medjutim to kasnije. Cao pozdrav

Profil

bobby Poslao: 08 Okt 2007 15:53 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zar ga nema pod Start > Settings > Control Panel ? Ako nece tako, onda idi na Start > Run i u pollje za upis komande ukucaj control pa klikni na OK Ako nece ni tako da se startuje, to znaci da su ti ukinute privilegije za startovanje Control Panela. To je mozda uradio administrator sistema, a mozda i virus.

Profil

adelita Poslao: 09 Okt 2007 10:56 Idi na vrh
offline adelita Građanin Pridružio: 02 Okt 2007 Poruke: 50	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! nece da radi ni tako ne znam sta da radim, pomozite Cao pozdrav

Profil

bobby Poslao: 09 Okt 2007 16:38 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pocni onda sa ciscenjem kompa, onako kako ti je DeM14n napisao, pa cemo na kraju da resavamo Control Panel.

Profil

adelita Poslao: 13 Okt 2007 11:36 Idi na vrh
offline adelita Građanin Pridružio: 02 Okt 2007 Poruke: 50	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ok hvala napravicu to ovih dana. Hvala pozdrav Dopuna: 13 Okt 2007 11:36 Zdravo Evo uradila sam to sto ste trazili pa da vidimo dali mozemo da nesto uradimo Logfile of HijackThis v1.99.1 Scan saved at 11:29:57, on 13.10.2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\printer.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\System32\mmdmm.exe C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe C:\Program Files\DAP\DAP.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\f1r5st83.exe C:\WINDOWS\system32\srvd.exe C:\WINDOWS\system32\amsng1.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\System32\ctfmon.exe C:\WINDOWS\System32\esbxw.exe C:\HPDESK\HPPDDIR.exe C:\lotus\organize\easyclip6.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system\NOTEPAD.exe C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Documents and Settings\Natasa\Desktop\New Folder (2)\tr3.exe C:\Program Files\Opera\Opera.exe F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\System32\printer.exe F3 - REG:win.ini: load=DTMONX.EXE O2 - BHO: (no name) - {9B829EE6-6186-4D78-AEE1-84FE4024AFCA} - C:\WINDOWS\System32\ddcyy.dll O2 - BHO: IEHlprObj Class - {ABCDECF0-4B15-11D1-ABED-709549C10000} - C:\WINDOWS\System32\vtr.dll (file missing) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\System32\WinAvXX.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [mmsass] mmdmm.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [Systam13] f1r5st83.exe O4 - HKLM\..\Run: [Windows haz Layer] esbxw.exe O4 - HKLM\..\Run: [johkjh] C:\WINDOWS\system32\srvd.exe O4 - HKLM\..\Run: [amsgupdate] C:\WINDOWS\system32\amsng1.exe O4 - HKLM\..\Run: [Clotusorgreg0] C:\lotus\orgreg\prtStart.exe 09 08 10 27 2007 "C:\lotus\orgreg\orgprt.exe" O4 - HKLM\..\RunServices: [mmsass] mmdmm.exe O4 - HKLM\..\RunServices: [Systam13] f1r5st83.exe O4 - HKLM\..\RunServices: [Windows haz Layer] esbxw.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\System32\WinAvXX.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [Windows haz Layer] esbxw.exe O4 - HKCU\..\Run: [johkjh] C:\WINDOWS\system32\srvd.exe O4 - HKCU\..\Run: [amsgupdate] C:\WINDOWS\system32\amsng1.exe O4 - Startup: system.exe O4 - Global Startup: autorun.exe O4 - Global Startup: Document Assistant.lnk = C:\HPDESK\HPPDDIR.exe O4 - Global Startup: Lotus Organizer EasyClip.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Web Entry - {B4E30F61-16D9-11D3-85D1-005004229569} - c:\lotus\organize\bandobjs.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {F9463571-87CB-4A90-A1AC-2284B7F5AF4E} (Persits Software XEncrypt) - banka.com.mk/Ctrls/Ctrls.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{095B9FDB-FA52-4163-9AD1-E3300B448964}: NameServer = 217.16.69.3,217.16.69.2 O17 - HKLM\System\CCS\Services\Tcpip\..\{E2B7054A-1547-4D46-BE19-FC6B5DC22192}: NameServer = 85.30.126.1 217.16.68.140 O17 - HKLM\System\CS1\Services\Tcpip\..\{095B9FDB-FA52-4163-9AD1-E3300B448964}: NameServer = 217.16.69.3,217.16.69.2 O17 - HKLM\System\CS2\Services\Tcpip\..\{095B9FDB-FA52-4163-9AD1-E3300B448964}: NameServer = 217.16.69.3,217.16.69.2 O20 - AppInit_DLLs: C:\WINDOWS\System32\stdole32.dat O20 - Winlogon Notify: awtstqn - C:\WINDOWS\SYSTEM32\awtstqn.dll O20 - Winlogon Notify: awtuvtu - C:\WINDOWS\SYSTEM32\awtuvtu.dll O20 - Winlogon Notify: byxusqn - C:\WINDOWS\SYSTEM32\byxusqn.dll O20 - Winlogon Notify: byxwtqq - C:\WINDOWS\SYSTEM32\byxwtqq.dll O20 - Winlogon Notify: byxwwvu - C:\WINDOWS\SYSTEM32\byxwwvu.dll O20 - Winlogon Notify: cbxvtrs - C:\WINDOWS\SYSTEM32\cbxvtrs.dll O20 - Winlogon Notify: cbxxxuu - C:\WINDOWS\SYSTEM32\cbxxxuu.dll O20 - Winlogon Notify: ddcdbxw - C:\WINDOWS\SYSTEM32\ddcdbxw.dll O20 - Winlogon Notify: ddcywvu - C:\WINDOWS\SYSTEM32\ddcywvu.dll O20 - Winlogon Notify: efcayxw - C:\WINDOWS\SYSTEM32\efcayxw.dll O20 - Winlogon Notify: efcywur - C:\WINDOWS\SYSTEM32\efcywur.dll O20 - Winlogon Notify: fccbaxv - C:\WINDOWS\SYSTEM32\fccbaxv.dll O20 - Winlogon Notify: fccbywt - C:\WINDOWS\SYSTEM32\fccbywt.dll O20 - Winlogon Notify: fccdccc - C:\WINDOWS\SYSTEM32\fccdccc.dll O20 - Winlogon Notify: fccywus - C:\WINDOWS\SYSTEM32\fccywus.dll O20 - Winlogon Notify: gebxvwu - C:\WINDOWS\SYSTEM32\gebxvwu.dll O20 - Winlogon Notify: gebxxyx - C:\WINDOWS\SYSTEM32\gebxxyx.dll O20 - Winlogon Notify: hggfedd - C:\WINDOWS\SYSTEM32\hggfedd.dll O20 - Winlogon Notify: hggghgg - C:\WINDOWS\SYSTEM32\hggghgg.dll O20 - Winlogon Notify: khfcdbc - C:\WINDOWS\SYSTEM32\khfcdbc.dll O20 - Winlogon Notify: ljjgeda - C:\WINDOWS\SYSTEM32\ljjgeda.dll O20 - Winlogon Notify: ljjheef - C:\WINDOWS\SYSTEM32\ljjheef.dll O20 - Winlogon Notify: ljjihhg - C:\WINDOWS\SYSTEM32\ljjihhg.dll O20 - Winlogon Notify: mljjjgg - C:\WINDOWS\SYSTEM32\mljjjgg.dll O20 - Winlogon Notify: nnnkklm - C:\WINDOWS\SYSTEM32\nnnkklm.dll O20 - Winlogon Notify: nnnnnli - C:\WINDOWS\SYSTEM32\nnnnnli.dll O20 - Winlogon Notify: opnllkh - C:\WINDOWS\SYSTEM32\opnllkh.dll O20 - Winlogon Notify: opnmnkl - C:\WINDOWS\SYSTEM32\opnmnkl.dll O20 - Winlogon Notify: qomjjkl - C:\WINDOWS\SYSTEM32\qomjjkl.dll O20 - Winlogon Notify: qomlihg - C:\WINDOWS\SYSTEM32\qomlihg.dll O20 - Winlogon Notify: qomlmnm - C:\WINDOWS\SYSTEM32\qomlmnm.dll O20 - Winlogon Notify: qommlmj - C:\WINDOWS\SYSTEM32\qommlmj.dll O20 - Winlogon Notify: tuvvsqn - C:\WINDOWS\SYSTEM32\tuvvsqn.dll O20 - Winlogon Notify: urqpoml - C:\WINDOWS\SYSTEM32\urqpoml.dll O20 - Winlogon Notify: urqppmk - C:\WINDOWS\SYSTEM32\urqppmk.dll O20 - Winlogon Notify: urqpqpm - C:\WINDOWS\SYSTEM32\urqpqpm.dll O20 - Winlogon Notify: wvuurqn - C:\WINDOWS\SYSTEM32\wvuurqn.dll O20 - Winlogon Notify: wvuvstt - C:\WINDOWS\SYSTEM32\wvuvstt.dll O20 - Winlogon Notify: xxyxwtr - C:\WINDOWS\SYSTEM32\xxyxwtr.dll O20 - Winlogon Notify: yayxvwt - C:\WINDOWS\SYSTEM32\yayxvwt.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: DomainService - Unknown owner - C:\WINDOWS\System32\xquunvlh.exe (file missing) O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Mims service (Mimserv) - Unknown owner - C:\WINDOWS\system32\dllcache\services.exe (file missing) O23 - Service: NOTEPAD - Unknown owner - C:\WINDOWS\system\NOTEPAD.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe VundoFix V6.5.9 Checking Java version... Sun Java not detected Scan started at 10:45:57 13.10.2007 Listing files found while scanning.... C:\WINDOWS\System32\gsewsdvi.dll C:\WINDOWS\System32\ivdswesg.ini C:\WINDOWS\System32\mxcngboe.dll Beginning removal... Attempting to delete C:\WINDOWS\System32\gsewsdvi.dll C:\WINDOWS\System32\gsewsdvi.dll Could not be deleted. Attempting to delete C:\WINDOWS\System32\ivdswesg.ini C:\WINDOWS\System32\ivdswesg.ini Has been deleted! Attempting to delete C:\WINDOWS\System32\mxcngboe.dll C:\WINDOWS\System32\mxcngboe.dll Has been deleted! Performing Repairs to the registry. Done! Beginning removal...

Profil

bobby Poslao: 13 Okt 2007 21:18 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! VundoFix log nije potpun. Mozes li da ga iskopiras ovde ponovo? Skini ComboFix sa jedne od sledecih adresa: http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log koji ces nam ovde iskopirati.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » zastita od virusa

Ko je trenutno na forumu

Ukupno su 1073 korisnika na forumu :: 34 registrovanih, 7 sakrivenih i 1032 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: armor, Avalon015, babaroga, CHARLIE JA., cifra, CrazyDiablo, dane007, dragan_mig31, Duh sa sekirom, Georgius, Kubovac, KUZMAR, mercedesamg, Mercury, Metanoja, Milometer, milutin134, nikoladim, opt1, pein, Petarvu, rovac, ruma, sap, saputnik plavetnila, Srle993, stegonosa, Stoilkovic, trutcina, uruk, Vatreni Zmaj, vrag81, Zimbabwe, zixmix

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by