MyCity » Ambulanta -> Arhiva Ambulante » Restartuje se komp Task Manager ne radi

Restartuje se komp Task Manager ne radi

Napisano na dan: 12.6.2010

Strana:
1
2

Restartuje se komp Task Manager ne radi

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Springfield Poslao: 12 Jun 2010 01:54 Idi na vrh
offline Springfield Moderator foruma 100%Milanista Information Technology Pridružio: 23 Avg 2008 Poruke: 2634 Gde živiš: Milan, Italy	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: p0z svima..... Drugu mi je poludeo komp ja predpostavljam da su virusi u pitanju, restartuje mu se komp kad ubaci USB ili preko USB kad kaci fon takodje i kad izvlaci Task Manger ne radi pise da je ""task manager has been disabled by your administrator" usporen mu je racunar i sve nekako naginje da je zarazen virusima evo vec jedno 10dana mu je tako... Brzina neta mu je 5Mbps. A evo i logova ako je jos sta potrebno slobodno recite Hvala unapred na pomoci.... DDS (Ver_10-03-17.01) - NTFSx86 Run by Korisnik at 1:07:20,18 on sub 12.06.2010 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.1800 [GMT 2:00] AV: ESET Smart Security 4.0 On-access scanning disabled (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} FW: ESET Personal firewall disabled {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\WINDOWS\System32\svchost.exe -k Akamai C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\WINDOWS\system32\FsUsbExService.Exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\CyberLink\Shared files\RichVideo.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\WINDOWS\Explorer.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\Program Files\SweetIM\Messenger\SweetIM.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Documents and Settings\Korisnik\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE C:\Program Files\iPod\bin\iPodService.exe C:\Documents and Settings\Korisnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Opera\opera.exe C:\Documents and Settings\Korisnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Korisnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Korisnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Korisnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Korisnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Korisnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Korisnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Korisnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Korisnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Korisnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Common Files\microsoft shared\virtualization handler\cvh.exe C:\Program Files\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Documents and Settings\Korisnik\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Documents and Settings\Korisnik\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050 uSearch Bar = hxxp://search.bearshare.com/sidebar.html?src=ssb uDefault_Search_URL = hxxp://search13.net/ uDefault_Page_URL = hxxp://search13.net/ uInternet Connection Wizard,ShellNext = hxxp://ww.4um.co.yu/ uInternet Settings,ProxyOverride = local uSearchAssistant = hxxp://search13.net/ uCustomizeSearch = hxxp://search13.net/ uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=13165&gct=&gc=1&q=%s mSearchAssistant = hxxp://start.facemoods.com/?s={searchTerms}&f=4 uURLSearchHooks: free-downloads.net Toolbar: {ecdee021-0d17-467f-a1ff-c7a115230949} - c:\program files\free-downloads.net\tbfree.dll uURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {eee6c35d-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgHelper.dll uURLSearchHooks: DVDVideoSoft Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - c:\program files\dvdvideosoft\tbDVDV.dll uURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVDV.dll mURLSearchHooks: H - No File mWinlogon: Shell=Explorer.exe scvhost.exe BHO: MediaBar: {0974ba1e-64ec-11de-b2a5-e43756d89593} - c:\program files\bearsharetb\BearShareDx.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - c:\program files\facemoods.com\facemoods\1.3.60.6\facemoods.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\mi1933~1\office14\GROOVEEX.DLL BHO: UrlHelper Class: {74322bf9-df26-493f-b0da-6d2fc5e6429e} - c:\program files\bearshare applications\bearshare\BearShareIEHelper.dll BHO: WitBHO Class: {75ed56af-4dc9-4243-a30c-4ef4dd0ca28f} - c:\documents and settings\korisnik\appdata\locallow\chameleontom for ie\wit4ie.dll BHO: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVDV.dll BHO: TomBHO Class: {8aa217b9-d729-4ee0-aed7-e93d695e94a2} - c:\program files\stylish profile\tom4ie.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: greatbar23dec2009 Toolbar: {a33fa729-d155-4b23-842b-2c665ecabdb6} - c:\program files\the_pirate_bay\tbThe0.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\mi1933~1\office14\URLREDIR.DLL BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: DVDVideoSoft Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - c:\program files\dvdvideosoft\tbDVDV.dll BHO: free-downloads.net Toolbar: {ecdee021-0d17-467f-a1ff-c7a115230949} - c:\program files\free-downloads.net\tbfree.dll BHO: SweetIM Toolbar Helper: {eee6c35c-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File TB: MediaBar: {0974ba1e-64ec-11de-b2a5-e43756d89593} - c:\program files\bearsharetb\BearShareDx.dll TB: greatbar23dec2009 Toolbar: {a33fa729-d155-4b23-842b-2c665ecabdb6} - c:\program files\the_pirate_bay\tbThe0.dll TB: Chameleon Tom Toolbar: {fc00cdd1-38e2-4a90-9805-bfc987777712} - c:\program files\chameleon tom toolbar\toolbar.dll TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - c:\program files\facemoods.com\facemoods\1.3.60.6\facemoodsTlbr.dll TB: free-downloads.net Toolbar: {ecdee021-0d17-467f-a1ff-c7a115230949} - c:\program files\free-downloads.net\tbfree.dll TB: SweetIM Toolbar for Internet Explorer: {eee6c35b-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgToolbarIE.dll TB: DVDVideoSoft Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - c:\program files\dvdvideosoft\tbDVDV.dll TB: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\tbDVDV.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Google Update] "c:\documents and settings\korisnik\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe" uRun: [Yahoo Messengger] c:\windows\system32\scvhost.exe uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [UpdatePDRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0" mRun: [LFAgent] mRun: [mmtask] c:\program files\musicmatch\musicmatch jukebox\mmtask.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [WinPatrol] c:\sa starog c\program files\billp studios\winpatrol\winpatrol.exe -expressboot mRun: [64552830] c:\docume~1\alluse~1\applic~1\64552830\64552830.exe mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [SweetIM] c:\program files\sweetim\messenger\SweetIM.exe mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [NPSStartup] mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW mRun: [4shared Update] "c:\program files\4shared desktop\checkUpdate.exe" StartupFolder: c:\docume~1\korisnik\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\logitech webcam software\eReg.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe uPolicies-explorer: NoSMBalloonTip = 1 (0x1) uPolicies-explorer: StartMenuLogoff = 1 (0x1) uPolicies-explorer: MemCheckBoxInRunDlg = 0 (0x0) uPolicies-explorer: NofolderOptions = 1 (0x1) uPolicies-system: DisableTaskMgr = 1 (0x1) uPolicies-system: DisableRegistryTools = 1 (0x1) mPolicies-explorer: Start = 04000000 mPolicies-explorer: NoNetCrawling = 01000000 IE: &Download All using 4shared Desktop - c:\program files\4shared desktop\down_all.htm IE: &Download using 4shared Desktop - c:\program files\4shared desktop\down_link.htm IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office14\EXCEL.EXE/3000 IE: Free YouTube to Mp3 Converter - c:\documents and settings\korisnik\application data\dvdvideosoftiehelpers\youtubetomp3.htm IE: Save YouTube Video - c:\program files\common files\dvdvideosoft\dll\IEContextMenuY.dll/scriptY2MP4.htm IE: Save YouTube Video as MP3 - c:\program files\common files\dvdvideosoft\dll\IEContextMenuY.dll/scriptY2MP3.htm IE: Se&nd to OneNote - c:\progra~1\mi1933~1\office14\ONBttnIE.dll/105 IE: {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - c:\program files\stylish profile\ct.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\mi1933~1\office14\GROOVEEX.DLL SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\korisnik\applic~1\mozilla\firefox\profiles\h3ndo5qi.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Search FF - prefs.js: browser.startup.homepage - www.google.com FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q= FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll FF - component: c:\documents and settings\korisnik\application data\mozilla\firefox\profiles\h3ndo5qi.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\components\FFExternalAlert.dll FF - component: c:\documents and settings\korisnik\application data\mozilla\firefox\profiles\h3ndo5qi.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\components\RadioWMPCore.dll FF - component: c:\documents and settings\korisnik\application data\mozilla\firefox\profiles\h3ndo5qi.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\FFExternalAlert.dll FF - component: c:\documents and settings\korisnik\application data\mozilla\firefox\profiles\h3ndo5qi.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\RadioWMPCore.dll FF - component: c:\program files\common files\dvdvideosoft\dll\ffcontextmenuy\components\FFContextMenu.dll FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\documents and settings\korisnik\local settings\application data\google\update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\progra~1\mi1933~1\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\mi1933~1\office14\NPSPWRAP.DLL FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npgcplug.dll FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); ============= SERVICES / DRIVERS =============== R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-9-11 108792] R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2007-12-1 14336] R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2009-9-26 819600] R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2009-9-11 735960] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-8-15 54752] R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-5-30 233472] R2 LF30FS;LF30FS;c:\program files\everstrike software\lock folder xp 3.5\LF30XP.sys [2004-11-19 101488] R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2009-9-23 447832] R2 WinFLdrv;WinFLdrv;c:\windows\system32\WinFLdrv.sys [2009-9-28 10752] R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-5-30 36608] R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2009-9-26 4639136] R3 sftfs;sftfs;c:\program files\microsoft application virtualization client\drivers\SftFSXP.sys [2009-9-23 543064] R3 sftplay;sftplay;c:\program files\microsoft application virtualization client\drivers\sftplayxp.sys [2009-9-23 190312] R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirxp.sys [2009-9-23 21864] R3 sftvol;sftvol;c:\program files\microsoft application virtualization client\drivers\SftVolXP.sys [2009-9-23 14680] R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2009-9-23 203608] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2009-8-21 30510960] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064] S3 PsSdk31;PsSdk31;c:\windows\system32\drivers\pssdk31.drv [2009-12-21 30272] S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2010-5-30 90112] S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2010-5-30 14976] S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2010-5-30 121856] ============== File Associations =============== regfile="regedit.exe" "%1" =============== Created Last 30 ================ 2010-06-09 06:42:13 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2010-06-07 19:23:47 0 d-----w- c:\docume~1\korisnik\applic~1\4shared Desktop 2010-06-07 19:23:45 0 d-----w- c:\program files\4shared Desktop 2010-06-04 22:51:02 0 d-----w- C:\DivX Movies 2010-06-03 19:13:15 0 d-----w- c:\docume~1\alluse~1\applic~1\DivX 2010-05-31 11:49:08 0 d-----w- C:\My Art 2010-05-30 20:36:36 0 d-----w- c:\program files\MarkAnyContentSAFER 2010-05-30 18:40:03 319456 ----a-w- c:\windows\system32\DIFxAPI.dll 2010-05-30 18:39:42 21632 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys 2010-05-30 18:38:51 12160 ----a-w- c:\windows\system32\drivers\ss_bcmnt.sys 2010-05-30 18:38:51 12160 ----a-w- c:\windows\system32\drivers\ss_bcm.sys 2010-05-30 18:38:50 90112 ----a-w- c:\windows\system32\drivers\ss_bbus.sys 2010-05-30 18:38:50 14976 ----a-w- c:\windows\system32\drivers\ss_bmdfl.sys 2010-05-30 18:38:50 121856 ----a-w- c:\windows\system32\drivers\ss_bmdm.sys 2010-05-30 18:38:49 12160 ----a-w- c:\windows\system32\drivers\ss_bwhnt.sys 2010-05-30 18:38:49 12160 ----a-w- c:\windows\system32\drivers\ss_bwh.sys 2010-05-30 18:37:50 36608 ----a-w- c:\windows\system32\FsUsbExDisk.Sys 2010-05-30 18:37:50 233472 ----a-w- c:\windows\system32\FsUsbExService.Exe 2010-05-30 18:37:50 110592 ----a-w- c:\windows\system32\FsUsbExDevice.Dll 2010-05-30 18:37:12 0 d-----w- c:\program files\MarkAny 2010-05-30 18:37:08 0 d-----w- c:\program files\PC Connectivity Solution 2010-05-30 18:35:42 0 d-----w- c:\program files\Samsung 2010-05-27 17:34:28 0 d-----w- c:\docume~1\alluse~1\applic~1\VirtualizedApplications 2010-05-27 11:31:18 0 d-----w- c:\docume~1\korisnik\applic~1\NVD 2010-05-27 11:30:24 0 d-----w- c:\docume~1\korisnik\applic~1\SoftGrid Client 2010-05-27 11:29:03 0 d-----w- c:\program files\Microsoft Application Virtualization Client 2010-05-27 11:26:06 0 d-----w- c:\docume~1\korisnik\applic~1\TP 2010-05-15 12:52:36 9369 --sha-r- c:\windows\system32\setting.ini 2010-05-15 12:51:32 23 --sha-r- c:\windows\system32\autorun.ini ==================== Find3M ==================== 2010-05-30 20:33:49 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys 2010-05-06 10:41:53 916480 ----a-w- c:\windows\system32\wininet.dll 2010-05-02 05:22:50 1851264 ----a-w- c:\windows\system32\win32k.sys 2010-04-27 18:40:40 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys 2010-04-27 18:40:40 133616 ------w- c:\windows\system32\pxafs.dll 2010-04-27 18:40:40 126448 ------w- c:\windows\system32\pxinsi64.exe 2010-04-27 18:40:40 123888 ------w- c:\windows\system32\pxcpyi64.exe 2010-04-20 05:30:08 285696 ----a-w- c:\windows\system32\atmfd.dll 2010-04-16 22:04:40 306032 ----a-w- c:\windows\WLXPGSS.SCR 2010-04-16 20:12:18 48464 ----a-w- c:\windows\system32\sirenacm.dll 2010-04-12 15:29:19 411368 ----a-w- c:\windows\system32\deployJava1.dll ============= FINISH: 1:07:51,03 =============== https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png

Profil

magna86 Poslao: 12 Jun 2010 16:24 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

Springfield Poslao: 12 Jun 2010 17:30 Idi na vrh
offline Springfield Moderator foruma 100%Milanista Information Technology Pridružio: 23 Avg 2008 Poruke: 2634 Gde živiš: Milan, Italy	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFIX je odradio sve kao sto pise ovdje, ali na kraju nema loga niti u C:\ ComboFix.txt ne mogu da nadjem...

Profil

magna86 Poslao: 12 Jun 2010 18:02 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 12 Jun 2010 18:01 Pronadji ovaj folder C:\QooBox Upload-uj ga preko ove forme http://www.mycity.rs/ambulanta-upload.php javi kad to odradis. Dopuna: 12 Jun 2010 18:02 edit: pre upload-a ga zip/rar -uj.

Profil

Springfield Poslao: 12 Jun 2010 18:35 Idi na vrh
offline Springfield Moderator foruma 100%Milanista Information Technology Pridružio: 23 Avg 2008 Poruke: 2634 Gde živiš: Milan, Italy	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! evo uspeo sam tek sad, pise uspjesno uploadovano

Profil

magna86 Poslao: 12 Jun 2010 18:50 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovako... Preuzmi Dr.Web CureIt (~24 MB). Restartuj kompjuter u Safe Mode (uputstvo za Safe Mode) Dvoklikom pokreni launch.exe, nakon čega će se pojaviti uvodni prozor - klikni Start Pojaviće se obaveštenje o započinjanju uvodnog skeniranja - klikni OK Sačekaj nekoliko minuta da Dr.Web CureIt izvrši Express Scan; ukoliko malware bude pronađen, klikom na taster Yes to All u prozoru koji se pojavi dozvoli programu da izvrši dezinfekciju Klikni Options > Change settings F9; u prozoru koji će se otvoriti, dečekiraj opciju Heuristic Analysis a zatim klikni OK U glavnom prozoru obeleži opciju Complete scan a zatim klikni i Dr.Web CureIt će započeti skeniranje Ukoliko malware bude pronađen, klikom na taster Yes to All u prozoru koji se pojavi dozvoli programu da izvrši dezinfekciju Kada skeniranje bude završeno, klikni Select all taster (ukoliko je dostupan), a zatim klikni Cure i, u meniju koji se otvori, klikni Move incurable: Po završetku procesa, klikni File > Save report list i sačuvaj log na Desktopu Iskopiraj sadržaj Dr.Web CureIt loga u temu na forumu. ........................................ Preuzmi instalaciju za program Malwarebytes Anti-Malware sa sledećeg linka: http://www.besttechie.net/tools/mbam-setup.exe Dvoklikom pokreni instalaciju - na samom kraju procesa, proveri da su obeležene opcije: Update Malwarebytes' Anti-Malware; Launch Malwarebytes Anti-Malware; a zatim klikni Finish. Nakon završenog ažuriranja program će se pokrenuti. Izaberi opciju Perform Quick Scan i klikni Scan. Po završetku procesa klikni OK, Show Results: u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected. Po završetku procesa, logfile će se otvoriti u Notepad-u; iskopiraj ga u temu na forumu. Ukoliko program zatraži restart kako bi se završio proces čišćenja, obavezno ga dozvoliti. Napomena: ako dođe do restarta na kraju procesa čišćenja, logfile će biti dostupan na Logs kartici (obeleži ga i klikni Open).

Profil

Springfield Poslao: 13 Jun 2010 16:54 Idi na vrh
offline Springfield Moderator foruma 100%Milanista Information Technology Pridružio: 23 Avg 2008 Poruke: 2634 Gde živiš: Milan, Italy	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 13 Jun 2010 0:53 Samo da javim da skeniranje u Safe modu sa " Dr.Web CureIt " traje evo vec oko 4sata i oko 65% je... ostace upaljeno do jutra... Dopuna: 13 Jun 2010 16:54 evo loga od Dr.Web CureIt... libcurl-4.dll;C:\Program Files\Lupo PenSuite v6.75 Full\Apps\GIMP Plus\App\Gimp\bin;Trojan.Siggen.6251;Neizleèiv.Premešten.; A0140219.dll;C:\System Volume Information\_restore{3CA24AAE-C416-43E1-840F-960570A678AD}\RP311;Trojan.Siggen.6251;Neizleèiv.Premešten.; BearShareV7.exe/BearShareV7.exe/rogram Files/data009/Bin/Static/sms_inst.exe\___\Install.dll;F:\BearShareV7.exe/BearShareV7.exe/rogram Files/data009/Bin/Static/sms_inst.exe;Adware.Shopper.24;; Bin/Static/sms_inst.exe;F:\;Kontejner sadrži inficirane objekte;; data009;F:\;Arhiva sadrži inficirane objekte;; rogram Files;F:\;Kontejner sadrži inficirane objekte;; BearShareV7.exe;F:\;Kontejner sadrži inficirane objekte;; BearShareV7.exe;F:\;Kontejner sadrži inficirane objekte;Premešten.; MailPassView.exe;F:\muzika i slike - zadnje\60 Most Wanted Portable Applications Collection\60 Most Wanted Portable Applications Collection\60 M;Tool.PassView;Neizleèiv.Izbrisan.; pass_IE.exe;F:\muzika i slike - zadnje\60 Most Wanted Portable Applications Collection\60 Most Wanted Portable Applications Collection\60 M;Tool.PassView.22;Neizleèiv.Izbrisan.; strun.exe;F:\muzika i slike - zadnje\60 Most Wanted Portable Applications Collection\60 Most Wanted Portable Applications Collection\60 M;Tool.StartupRun.122;Neizleèiv.Izbrisan.; Windows XP simulator.exe\Tutorial.exe;F:\Programi\Windows XP simulator.exe;Trojan.KeyLogger.478;; Windows XP simulator.exe;F:\Programi;Kontejner sadrži inficirane objekte;Premešten.; DivXPro505GAINBundle.exe\unvised_23.bin;F:\Programi\Programi\Codecs\DivX\DivXPro505GAINBundle.exe;Adware.Gator;; DivXPro505GAINBundle.exe;F:\Programi\Programi\Codecs\DivX;Kontejner sadrži inficirane objekte;Premešten.; SmileyCentar.exe/data002\mwsSrcSp.CommonCodebase.exe;F:\Programi\Programi za cetovanje\MSN\SmileyCentar.exe/data002;Adware.Websearch;; data002;F:\Programi\Programi za cetovanje\MSN;Arhiva sadrži inficirane objekte;; SmileyCentar.exe;F:\Programi\Programi za cetovanje\MSN;Kontejner sadrži inficirane objekte;Premešten.; LimeWire Turbo 5.4.1.exe/data002\{tmp}\VVSNInst.exe;F:\Programi\Programi za skidanje\LimeWire\LimeWire Turbo 5.4.1.exe/data002;Adware.SaveNow;; data002;F:\Programi\Programi za skidanje\LimeWire;Kontejner sadrži inficirane objekte;; LimeWire Turbo 5.4.1.exe;F:\Programi\Programi za skidanje\LimeWire;Kontejner sadrži inficirane objekte;Premešten.; Tutorial.exe;F:\Programi\XP Simulation\xp_simulation_setup;Trojan.KeyLogger.478;Izbrisan.; A0140220.exe/BearShareV7.exe/rogram Files/data009/Bin/Static/sms_inst.exe\___\Install.dll;F:\System Volume Information\_restore{3CA24AAE-C416-43E1-840F-960570A678AD}\RP311\A0140220.exe/BearShareV7.exe/rogram Files/dat;Adware.Shopper.24;; Bin/Static/sms_inst.exe;F:\System Volume Information\_restore{3CA24AAE-C416-43E1-840F-960570A678AD}\RP311;Kontejner sadrži inficirane objekte;; data009;F:\System Volume Information\_restore{3CA24AAE-C416-43E1-840F-960570A678AD}\RP311;Arhiva sadrži inficirane objekte;; rogram Files;F:\System Volume Information\_restore{3CA24AAE-C416-43E1-840F-960570A678AD}\RP311;Kontejner sadrži inficirane objekte;; BearShareV7.exe;F:\System Volume Information\_restore{3CA24AAE-C416-43E1-840F-960570A678AD}\RP311;Kontejner sadrži inficirane objekte;; A0140220.exe;F:\System Volume Information\_restore{3CA24AAE-C416-43E1-840F-960570A678AD}\RP311;Kontejner sadrži inficirane objekte;Premešten.; A0140221.exe\Tutorial.exe;F:\System Volume Information\_restore{3CA24AAE-C416-43E1-840F-960570A678AD}\RP311\A0140221.exe;Trojan.KeyLogger.478;; A0140221.exe;F:\System Volume Information\_restore{3CA24AAE-C416-43E1-840F-960570A678AD}\RP311;Kontejner sadrži inficirane objekte;Premešten.; A0140222.exe\unvised_23.bin;F:\System Volume Information\_restore{3CA24AAE-C416-43E1-840F-960570A678AD}\RP311\A0140222.exe;Adware.Gator;; A0140222.exe;F:\System Volume Information\_restore{3CA24AAE-C416-43E1-840F-960570A678AD}\RP311;Kontejner sadrži inficirane objekte;Premešten.; A0140223.exe/data002\mwsSrcSp.CommonCodebase.exe;F:\System Volume Information\_restore{3CA24AAE-C416-43E1-840F-960570A678AD}\RP311\A0140223.exe/data002;Adware.Websearch;; data002;F:\System Volume Information\_restore{3CA24AAE-C416-43E1-840F-960570A678AD}\RP311;Arhiva sadrži inficirane objekte;; A0140223.exe;F:\System Volume Information\_restore{3CA24AAE-C416-43E1-840F-960570A678AD}\RP311;Kontejner sadrži inficirane objekte;Premešten.; A0140224.exe/data002\{tmp}\VVSNInst.exe;F:\System Volume Information\_restore{3CA24AAE-C416-43E1-840F-960570A678AD}\RP311\A0140224.exe/data002;Adware.SaveNow;; data002;F:\System Volume Information\_restore{3CA24AAE-C416-43E1-840F-960570A678AD}\RP311;Kontejner sadrži inficirane objekte;; A0140224.exe;F:\System Volume Information\_restore{3CA24AAE-C416-43E1-840F-960570A678AD}\RP311;Kontejner sadrži inficirane objekte;Premešten.; A0140225.exe;F:\System Volume Information\_restore{3CA24AAE-C416-43E1-840F-960570A678AD}\RP311;Trojan.KeyLogger.478;Izbrisan.; Laka premija.EXE;F:\Zajebancije;Joke.Dollars;Neizleèiv.Izbrisan.; Masina za zvuke.exe;F:\Zajebancije;Trojan.PWS.Legmir.3686;Neizleèiv.Premešten.; Mona Liza.EXE;F:\Zajebancije;Joke.Mona;Neizleèiv.Izbrisan.;

Profil

magna86 Poslao: 13 Jun 2010 17:48 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hajde odradi jos skeniranje sa Malwarebytes-om (nece trajati dugo) pa mi onda postavi svez DDS log...

Profil

Springfield Poslao: 13 Jun 2010 18:04 Idi na vrh
offline Springfield Moderator foruma 100%Milanista Information Technology Pridružio: 23 Avg 2008 Poruke: 2634 Gde živiš: Milan, Italy	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4193 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 13.6.2010 17:06:46 mbam-log-2010-06-13 (17-06-46).txt Scan type: Quick scan Objects scanned: 119279 Time elapsed: 5 minute(s), 33 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 3 Registry Data Items Infected: 10 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\nofolderoptions (Hijack.FolderOptions) -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yahoo messengger (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\64552830 (Rogue.Multiple) -> Quarantined and deleted successfully. Registry Data Items Infected: HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions (Hijack.FolderOptions) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Search_URL (Hijack.SearchPage) -> Bad: (http://search13.net/) Good: (http://www.Google.com) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search\CustomizeSearch (Hijack.SearchPage) -> Bad: (http://search13.net/) Good: (http://www.Google.com/) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Search\SearchAssistant (Hijack.SearchPage) -> Bad: (http://search13.net/) Good: (http://www.Google.com/) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe scvhost.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Default_Page_URL (Hijack.StartPage) -> Bad: (http://search13.net/) Good: (http://www.Google.com) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)

Profil

magna86 Poslao: 14 Jun 2010 07:18 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odlicno... hajde sad ponovo pokreni DDS program i postavi svez DDS.txt I reci mi kakvo je sad stanje.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Restartuje se komp Task Manager ne radi

Ko je trenutno na forumu

Ukupno su 749 korisnika na forumu :: 3 registrovanih, 0 sakrivenih i 746 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: bigfoot, milenko crazy north, Ognjen D.

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by