MyCity » Ambulanta -> Arhiva Ambulante » otvaranje suvisnih prozora

otvaranje suvisnih prozora

Napisano na dan: 15.10.2014
1

otvaranje suvisnih prozora
Sledeća strana Pagination

Idi na vrh

Poslao: 15 Okt 2014 18:35
Idi na vrh
offline
  • Pridružio: 28 Apr 2012
  • Poruke: 62

molim da mi neko ukratko kaze sta se to desava...iskacu mi staqlno prozori ....online casino,aliexpress i slicni...bukvalno mi koce rad na internetu......posle se pojavi prozor sa opcijom end now....izbaci me sa neta....i tako ponovo...

mozda sam temu stavila na pogresno mesto......

Poslao: 15 Okt 2014 18:53
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Pozdrav i dobrodosla u Ambulantu. Nisi, otvorila si temu na pravo mesto.

Da bi poceli, potrebno je da ispratis ovu temu i postavis nam dijagnosticke izvestaje (Korak#2).
http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Na osnovu tih izvestaja mi vidimo gde je problem a onda i kako ga ukloniti.

Poslao: 16 Okt 2014 21:02
Idi na vrh
offline
  • Pridružio: 28 Apr 2012
  • Poruke: 62

Napisano: 16 Okt 2014 20:54

sve je to u redu...samo kad skinem bilo koju verziju FRST-a iskoci upozoravajuci prozor .....not valid win32 aplication...

Dopuna: 16 Okt 2014 21:02

i jos kad skinem ovaj FRST 32 bit verziju pokazuje da sam pokupila trojanca,pa ne mogu ni da zavrsim instalaciju....

Poslao: 16 Okt 2014 21:24
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Da probamo ovako ...



Preuzmite program OTL sa donjeg linka na Desktop:


OTL download
Kliknite dati link - u prozoru koji se otvori, kliknite Save;
kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.

Dvoklikom pokrenite OTL;

kliknite Run Scan;

po završetku skeniranja, izveštaj (koji će biti automatski sačuvan na Desktop-u kao OTL.Txt) će se otvoriti u Notepad-u.

Priložite izveštaj OTL.Txt uz poruku korišćenjem opcije Prikači fajl.

Poslao: 18 Okt 2014 22:23
Idi na vrh
offline
  • Pridružio: 28 Apr 2012
  • Poruke: 62

evo konacno....hvala vam.....
mycity.rs/must-login.png

Poslao: 19 Okt 2014 20:08
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Pozdrav,

Pokusaj prvo da deinstaliras 360 Total Security jer vec imas ESET. Ili deinstaliraj ESET a ostavi 360 ako ti je tako draze. Izbor je na tebi.

OTL log ne prikazuje nista konkretno, moramo to malo dublje da ispitamo ...



1. Preuzmi sUBs-ov ComboFix () sa ovog linka i sačuvaj alat na Desktop.
• Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
• Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.

------------------------------------------------------------
2. Privremeno deaktiviraj AntiVirus program, u većini slučajeva preko desnog klika na ikonu programa u system tray. Oni mogu ometati alat tokom rada.
Ukoliko nisi siguran kako to da uradiš, isprati ovo uputstvo.

------------------------------------------------------------
3. Dvoklikom na ikonicu pokreni ComboFix. Potom, na disclaimer prozoru klikni dugme I Agree!

• ComboFix će proveriti da li je dostupna nova verzija alata.
Klikni Yes ako je zatrazeno preuzimanje.
• Ukoliko Recovery Console nije instaliran, ComboFix će ponuditi preuzimanje i instalaciju.
Klikni Yes da bi dozvolio alatu da preuzme i instalira Recovery Console
• ComboFix će skenirati računar po fazama (Stage_#) ukupno 50 faza.
Ne kliktati okolo dok ComboFix ispituje sistem.
• Ukoliko je malware detektovan, ComboFix će zapoceti njegovo uklanjanje.
Iz tog razloga, alat će po potrebi restartovati Windows (nekad i više puta);
Napomena: Ako nakon rada alata dobiješ grešku (Illegal operation attempted on a registry key that has been marked for deletion) prilikom startovanja programa, restartovati računar i to ce rešiti problem.

------------------------------------------------------------
4. Kada alat završi, formiraće i otvoriti izveštaj (tipična lokacija: C:\ComboFix.txt)
Iskopiraj sadržaj ComboFix.txt izveštaja u poruku.

ComboFix će takođe formirati i dodatan izveštaj (tipicna lokacija: C:\Qoobox\ComboFix-quarantined-files.txt)
Okači ComboFix-quarantined-files.txt izveštaj uz poruku koristeći opciju Prikači fajl

Poslao: 20 Okt 2014 20:15
Idi na vrh
offline
  • Pridružio: 28 Apr 2012
  • Poruke: 62

sory ..opet imam neke probleme....recimo da sam iskljucila 360 security ComboFix kad ukljucim pisti...tj...prikazuje da i ESET Nod 32 smeta...ili sta vec...sta dalje raditi...blentava sam za ovo...hvala vam

Poslao: 20 Okt 2014 20:32
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Dok se kolega ne javi, deinstaliraj taj 360 kineski antivirus jer ti pravi problem. Ima mnogo laznih uzbuna. Za njega je i Total Commander malware a kamo li alati koje mi koristimo.

Jos bolje da deinstaliras oba antivirusa dok ne zavrsite ciscenje, ko zna kakav rusvaj su napravili u sistemu.

Pozdrav.

Poslao: 20 Okt 2014 22:25
Idi na vrh
offline
  • Pridružio: 28 Apr 2012
  • Poruke: 62

uspela sam....oh konacno.....

mycity.rs/must-login.png



ComboFix 14-10-20.01 - Administrator 10/20/2014 22:07:51.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1916.1388 [GMT 2:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\All Users\Application Data\USBSecurity\svighost.dll
C:\END
c:\program files\MyPC Backup\aff.conf
c:\program files\MyPC Backup\AlphaVSS.51.x86.dll
c:\program files\MyPC Backup\AlphaVSS.52.x64.dll
c:\program files\MyPC Backup\AlphaVSS.52.x86.dll
c:\program files\MyPC Backup\AlphaVSS.60.x64.dll
c:\program files\MyPC Backup\AlphaVSS.60.x86.dll
c:\program files\MyPC Backup\AlphaVSS.Common.dll
c:\program files\MyPC Backup\AWSSDK.dll
c:\program files\MyPC Backup\BackupStack.exe
c:\program files\MyPC Backup\Config\api.ts2
c:\program files\MyPC Backup\Configuration Updater.exe
c:\program files\MyPC Backup\Crypto32.dll
c:\program files\MyPC Backup\Crypto64.dll
c:\program files\MyPC Backup\Database\mpcb_backup_conf.db
c:\program files\MyPC Backup\Database\mpcb_file_cache.db
c:\program files\MyPC Backup\Database\mpcb_queues.db
c:\program files\MyPC Backup\Database\mpcb_settings.db
c:\program files\MyPC Backup\Database\mpcb_sig_cache.db
c:\program files\MyPC Backup\Database\mpcb_version_queue.db
c:\program files\MyPC Backup\de_DE.mo
c:\program files\MyPC Backup\diffstack.dll
c:\program files\MyPC Backup\es_ES.mo
c:\program files\MyPC Backup\fr_FR.mo
c:\program files\MyPC Backup\GetText.dll
c:\program files\MyPC Backup\it_IT.mo
c:\program files\MyPC Backup\LinqBridge.dll
c:\program files\MyPC Backup\log\APPLICATION.log
c:\program files\MyPC Backup\log\AUTH.log
c:\program files\MyPC Backup\log\BACKOFF.log
c:\program files\MyPC Backup\log\CLIENT.log
c:\program files\MyPC Backup\log\GRID_RECOVERY_INIT.log
c:\program files\MyPC Backup\log\LICENCE.log
c:\program files\MyPC Backup\log\NETWORK_SHARES.log
c:\program files\MyPC Backup\log\REMOTING.log
c:\program files\MyPC Backup\log\REQUEST.log
c:\program files\MyPC Backup\log\SERVICE.log
c:\program files\MyPC Backup\log\SHELL.log
c:\program files\MyPC Backup\log\UPDATER.log
c:\program files\MyPC Backup\log\UTC_MIGRATION.log
c:\program files\MyPC Backup\log\WAIT_HANDLES.log
c:\program files\MyPC Backup\LogicNP.EZShellExtensions.dll
c:\program files\MyPC Backup\MPCBClient.dll
c:\program files\MyPC Backup\MPCBContextMenu.dll
c:\program files\MyPC Backup\MPCBIconOverlays.dll
c:\program files\MyPC Backup\MyPC Backup.exe
c:\program files\MyPC Backup\mypcbackup.ico
c:\program files\MyPC Backup\ObjectListView.dll
c:\program files\MyPC Backup\pt_PT.mo
c:\program files\MyPC Backup\RegisterExtensionDotNet20_x64.exe
c:\program files\MyPC Backup\RegisterExtensionDotNet20_x86.exe
c:\program files\MyPC Backup\RestartExplorer.exe
c:\program files\MyPC Backup\Service Start.exe
c:\program files\MyPC Backup\Shared Stack.dll
c:\program files\MyPC Backup\Signup Wizard.exe
c:\program files\MyPC Backup\syncicon.ico
c:\program files\MyPC Backup\syncing.ico
c:\program files\MyPC Backup\tick.ico
c:\program files\MyPC Backup\uninst.exe
c:\program files\MyPC Backup\UnRegisterExtensions.exe
c:\program files\MyPC Backup\Updater.exe
c:\program files\MyPC Backup\x64\System.Data.SQLite.dll
c:\program files\MyPC Backup\x86\System.Data.SQLite.dll
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_BackupStack
-------\Legacy_BackupStack
-------\Service_BackupStack
-------\Service_BackupStack
.
.
((((((((((((((((((((((((( Files Created from 2014-09-20 to 2014-10-20 )))))))))))))))))))))))))))))))
.
.
2014-10-20 17:47 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2014-10-20 17:28 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2014-10-20 17:28 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2014-10-20 17:28 . 2008-04-21 18:44 330752 -c----w- c:\windows\system32\dllcache\ipnathlp.dll
2014-10-20 17:28 . 2014-10-20 19:58 -------- d--h--w- c:\windows\$hf_mig$
2014-10-20 17:28 . 2008-05-01 14:33 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2014-10-16 18:31 . 2014-10-16 18:31 -------- d-----w- c:\documents and settings\Administrator\Application Data\FlvPlayer
2014-10-09 19:50 . 2014-10-09 19:50 -------- d-----w- c:\program files\CCleaner
2014-09-29 15:02 . 2014-09-29 15:02 -------- d-----w- c:\documents and settings\Administrator\Application Data\WebExtend
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-10 17:45 . 2014-09-02 09:30 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-09-10 17:45 . 2014-07-14 08:16 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-11 65536]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2014-09-26 4811032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-28 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-28 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-08-28 141848]
"RTHDCPL"="RTHDCPL.EXE" [2008-01-29 16859648]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1024000]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-25 413696]
"AutorunRemover.exe"="c:\program files\AutorunRemover\AutorunRemover.exe" [2011-04-22 1806848]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 279456]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [9/29/2009 1:02 PM 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [9/29/2009 1:05 PM 96408]
S1 BAPIDRV;BAPIDRV;c:\windows\system32\DRIVERS\BAPIDRV.sys --> c:\windows\system32\DRIVERS\BAPIDRV.sys [?]
S3 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [9/29/2009 1:03 PM 735960]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [4/9/2014 3:12 PM 235696]
S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTS5121.sys --> c:\windows\system32\Drivers\RTS5121.sys [?]
S3 Update neurowise;Update neurowise;"c:\program files\neurowise\updateneurowise.exe" --> c:\program files\neurowise\updateneurowise.exe [?]
S4 Util neurowise;Util neurowise;"c:\program files\neurowise\bin\utilneurowise.exe" --> c:\program files\neurowise\bin\utilneurowise.exe [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-19 15:34 1089352 ----a-w- c:\program files\Google\Chrome\Application\38.0.2125.104\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-07-14 08:38]
.
2014-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-07-14 08:38]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 89.216.1.40 89.216.1.50
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\pb5782zn.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - ExtSQL: 2014-08-30 00:05; firefox-hotfix@mozilla.org; c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\pb5782zn.default\extensions\firefox-hotfix@mozilla.org.xpi
user_pref(extensions.autoDisableScopes,14);
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-MyPC Backup - c:\program files\MyPC Backup\uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2014-10-20 22:11
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2014-10-20 22:12:51
ComboFix-quarantined-files.txt 2014-10-20 20:12
.
Pre-Run: 48,833,601,536 bytes free
Post-Run: 48,838,950,912 bytes free
.
- - End Of File - - 422E3891C4F735E78BA6DF2B8D86B40F
8F558EB6672622401DA993E1E865C861

Poslao: 20 Okt 2014 22:34
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Pozdrav,

Super. Ovaj mocni alat je odradio svoju caroliju ...

Mozes li molim te da postavis i dodatni izvestaj?
C:\Qoobox\ComboFix-quarantined-files.txt

MyCity » Ambulanta -> Arhiva Ambulante » otvaranje suvisnih prozora

Ko je trenutno na forumu
 

Ukupno su 898 korisnika na forumu :: 27 registrovanih, 7 sakrivenih i 864 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 8u47, A.R.Chafee.Jr., Andrija357, bigfoot, cincarin, darios, Darko001, DPera, draganl, esx66, Fabius, Frunze, goxin, HrcAk47, Jahorina, Lieutenant, mikrimaus, nemkea71, ozzy, Panter, pein, robertino, Sirius, Smiljke, StepskiVuk, Stoilkovic, Vlada1389