MyCity » Ambulanta -> Arhiva Ambulante » Zašto spybot ne može da ih ukloni?

Zašto spybot ne može da ih ukloni?

Napisano na dan: 6.7.2013
1

Zašto spybot ne može da ih ukloni?
Sledeća strana Pagination

Idi na vrh

Poslao: 06 Jul 2013 09:28
Idi na vrh
offline
  • Marko
  • Pridružio: 30 Maj 2013
  • Poruke: 424
  • Gde živiš: U kući

Kad pokrenem spybot i kliknem da mi pronađe probleme, pronađe ih neke ukloni ali ove nikad... Evo slike
.


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.25.2
Run by Home at 9:22:12 on 2013-07-06
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.3545.2058 [GMT 2:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\PROGRA~2\MARINE~2\bar\1.bin\57barsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mWinlogon: Userinit = userinit.exe
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: safe save: {C29E3ED8-1231-7B3D-301E-3AB7844D7FC6} - C:\ProgramData\safe save\51d71d048e6c0.dll
BHO: SSearch-NNewTab: {D476DEFF-B795-A00A-E99B-521D44058727} - C:\ProgramData\SSearch-NNewTab\51d71d4617826.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{A2EEAB71-9E59-4F0A-A90F-D432E29D2661} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\94yugiu7.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs/
FF - prefs.js: keyword.URL - hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=D24CC0AF-CFF3-42BE-A68A-54D6A20C0C11&n=77fd04b8&ind=2013070520&p2=^0D^xdm271^YYA^rs&searchfor=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-07-05 21:00; 57ffxtbr@MarineAquarium3Free_57.com; C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin
FF - ExtSQL: 2013-07-05 21:22; wef6o@aeiaoioa-.org; C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\94yugiu7.default\extensions\wef6o@aeiaoioa-.org
FF - ExtSQL: 2013-07-05 22:15; y-3io@iyaiaiooeey.net; C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\94yugiu7.default\extensions\y-3io@iyaiaiooeey.net
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-4-1 235520]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]
R2 MarineAquarium3Free_57Service;Marine Aquarium LiteService;C:\PROGRA~2\MARINE~2\bar\1.bin\57barsvc.exe [2013-7-5 42504]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2013-4-1 110744]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-3 162408]
S3 3xHybr64;3xHybrid service;C:\Windows\System32\drivers\3xHybr64.sys [2007-4-20 873216]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-2-5 235216]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 RTL2832U_IRHID;HID Infrared Remote Receiver;C:\Windows\System32\drivers\RTL2832U_IRHID.sys [2013-5-30 44320]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver;C:\Windows\System32\drivers\RTL2832UBDA.sys [2013-5-30 117152]
S3 RTL2832UUSB;REALTEK 2832U USB Driver;C:\Windows\System32\drivers\RTL2832UUSB.sys [2013-5-30 38944]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Usluga tehnologije aktivacije operativnog sistema Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-4-1 1255736]
SUnknown tsusbhub;tsusbhub; [x]
.
=============== Created Last 30 ================
.
2013-07-05 19:43:03 2455886 ----a-w- C:\Windows\Sim AQUARIUM 3.scr
2013-07-05 19:42:52 1998168 ----a-w- C:\Windows\D3DX9_43.dll
2013-07-05 19:42:52 -------- d-----w- C:\ProgramData\SA3
2013-07-05 19:21:15 -------- d-----w- C:\ProgramData\SSearch-NNewTab
2013-07-05 19:20:17 -------- d-----w- C:\ProgramData\safe save
2013-07-05 19:19:54 -------- d-----w- C:\ProgramData\InstallMate
2013-07-05 19:01:38 -------- d-----w- C:\Users\Home\AppData\Local\MarineAquarium3Free_57
2013-07-05 18:57:11 -------- d-----w- C:\Program Files (x86)\MarineAquarium3Free_57
2013-07-04 09:38:32 -------- d-----w- C:\Users\Home\Nova fascikla
2013-07-02 08:50:00 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-01 16:08:06 -------- d-----w- C:\Windows\pss
2013-06-29 16:51:57 -------- d-----w- C:\FRST
2013-06-29 14:16:48 -------- d-----w- C:\ProgramData\Simply Super Software
2013-06-29 13:01:16 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-06-29 11:14:46 -------- d-----w- C:\ProgramData\McAfee Security Scan
2013-06-29 11:14:44 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
2013-06-29 11:12:10 -------- d-----w- C:\Users\Home\AppData\Local\Adobe
2013-06-29 10:57:06 -------- d-----w- C:\Users\Home\AppData\Local\Deployment
2013-06-29 10:57:06 -------- d-----w- C:\Users\Home\AppData\Local\Apps
2013-06-28 19:09:00 -------- d-----w- C:\ProgramData\StarApp
2013-06-28 14:56:03 -------- d-----w- C:\Users\Home\AppData\Roaming\Foxit Software
2013-06-27 07:41:44 -------- d-----w- C:\Users\Home\AppData\Roaming\PhotoScape
2013-06-27 07:41:20 -------- d-----w- C:\Program Files (x86)\PhotoScape
2013-06-26 17:33:42 -------- d-----w- C:\Users\Home\AppData\Roaming\AVG
2013-06-26 17:33:04 -------- d-----w- C:\ProgramData\AVG
2013-06-26 17:32:51 -------- d-sh--w- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-06-26 14:06:17 -------- d-----w- C:\Users\Home\AppData\Roaming\DownLite
2013-06-26 14:03:49 -------- d-----w- C:\Users\Home\AppData\Local\Google
2013-06-22 11:42:05 -------- d-----w- C:\Users\Home\AppData\Roaming\uTorrent
2013-06-22 11:05:36 -------- d-----w- C:\Program Files (x86)\GOG.com
2013-06-22 08:05:29 -------- d-----w- C:\Program Files (x86)\SoftwareUpdater
2013-06-22 08:04:54 -------- d-----w- C:\Program Files (x86)\Vittalia
2013-06-21 19:46:26 -------- d-----w- C:\Users\Home\AppData\Local\Microsoft Games
2013-06-21 19:42:59 -------- d-----w- C:\Program Files\CCleaner
2013-06-21 17:00:12 263576 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2013-06-21 17:00:06 26520 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugin-hang-ui.exe
2013-06-21 17:00:06 12800 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
2013-06-21 12:45:51 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-21 11:53:01 -------- d-----w- C:\Windows\System32\appmgmt
.
==================== Find3M ====================
.
2013-06-29 11:14:42 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-29 11:14:42 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-21 12:45:43 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-06-21 12:45:43 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
.
============= FINISH: 9:22:36,38 ===============

https://www.mycity.rs/must-login.png

Poslao: 06 Jul 2013 10:26
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Preuzmi "Xplode"-ov AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
Klikni na dugme Delete i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Na sljedeća dva prozora koja se otvore (Informations i Restart required ) klikni OK
Računar će se restartovati, a potom otvoriti Notepad (C:\AdwCleaner[S1].txt) sa izvještajem.
Sačuvaj taj izvještaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"
Napomena: Izvještaj ce takođe biti sačuvan na C:\AdwCleaner[S1].txt



Arrow Korak 2

Preuzmite program GMER sa donjeg linka na Desktop:


GMER download
Kliknite dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.


Dvoklikom pokrenite GMER.
Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No;

kliknite Scan i sačekajte da skeniranje bude završeno;

kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1);

kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan;

po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2);

kliknite taster >>> i odaberite Autostart karticu;

po završetku kratkotrajnog skeniranja, kliknite Copy;

otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3);

Slikoviti prikaz postupka

Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

Poslao: 06 Jul 2013 10:53
Idi na vrh
offline
  • Marko
  • Pridružio: 30 Maj 2013
  • Poruke: 424
  • Gde živiš: U kući

Napisano: 06 Jul 2013 10:50

Kad skeniram posle početnog skeniranja piše da gmer nije ništa pronašao...

Dopuna: 06 Jul 2013 10:53

A evo izveštaj od AdwCleaner-a
https://www.mycity.rs/must-login.png

Poslao: 06 Jul 2013 10:55
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Skini ponovo GMER pa probaj još jednom da obaviš skeniranje.

Poslao: 06 Jul 2013 11:17
Idi na vrh
offline
  • Marko
  • Pridružio: 30 Maj 2013
  • Poruke: 424
  • Gde živiš: U kući

Napisano: 06 Jul 2013 10:59

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Dopuna: 06 Jul 2013 11:17

Evo i Gmer1
https://www.mycity.rs/must-login.png

Poslao: 06 Jul 2013 11:21
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Da li ti još uvijek Spybot prijavljuje PUP koji si uslikao u prvoj poruci?

Poslao: 06 Jul 2013 17:58
Idi na vrh
offline
  • Marko
  • Pridružio: 30 Maj 2013
  • Poruke: 424
  • Gde živiš: U kući

Napisano: 06 Jul 2013 12:05

Sad je ovako


Dopuna: 06 Jul 2013 17:58

Bili su 15 sad su 10.

Poslao: 06 Jul 2013 18:12
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Arrow Korak 1

Idi u Start -> Run (ili samo prečica na tastaturi: Win taster + R) i kopiraj sljedeće (uz navodnike):

"C:\ProgramData\Spybot - Search & Destroy\Logs"

Prikači uz poruku najnoviji izvještaj koji je Spybot izvještaj. Ukoliko nisi siguran koji je najnoviji, prikači ih sve.



Arrow Korak 2

Idi u Start -> Control Panel -> Programs and Features i deinstaliraj Sim AQUARIUM 3 ako ga ne koristiš.



Arrow Korak 3

Preuzmi zoek.exe sa ovog ili ovog linka i sačuvaj ga na Desktop.


zatvori browser i ostale pokrenute programe;
deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ;
dvoklikom pokreni zoek.exe;
pričekaj da se alat startuje ...


U beli okvir prozora iskopiraj sledeći tekst:

startupall;
filesrcm;
skipfix-iedefaults;
firefoxlook;
chromelook;


Klikni na dugme i pričekaj da se skeniranje završi.


zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log)


Arrow Kopiraj sadrzaj tog loga u poruku.

Poslao: 06 Jul 2013 20:53
Idi na vrh
offline
  • Marko
  • Pridružio: 30 Maj 2013
  • Poruke: 424
  • Gde živiš: U kući

Napisano: 06 Jul 2013 19:41

Evo spybot izveštaja:
https://www.mycity.rs/must-login.png


https://www.mycity.rs/must-login.png

Dopuna: 06 Jul 2013 19:47

Zoek.exe Version 4.0.0.3 Updated 05-July-2013
Tool run by Home on sub 06.07.2013 at 19:43:58,07.
Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected

==== System Restore Info ======================

6.7.2013 19:44:53 Zoek.exe System Restore Point Created Succesfully.

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2013-07-05 19:43:03 A5F1CA585B977FB04129E1B4C6374403 2455886 ----a-w- C:\Windows\Sim AQUARIUM 3.scr
2013-07-05 19:42:52 86E39E9161C3D930D93822F1563C280D 1998168 ----a-w- C:\Windows\D3DX9_43.dll
====== C:\Users\Home\AppData\Local\Temp ====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-07-06 17:19:36 C5A54992D6A354CEF89F853FB49E1F60 414656 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT
====== C:\Windows\Sysnative\drivers =====
====== C:\Windows\Tasks ======
2013-07-01 19:17:51 F6801A92498EB7B92055D83D63C0AB5B 936 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-01 19:17:51 623010D4242C6398E7C1230C251B1E25 3932 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA
2013-07-01 19:17:50 BFFCFE43A8FF78CA0106D33866368C44 932 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-01 19:17:50 9F8E970967CDBFA6DFE69C638E2BC04A 3680 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore
2013-06-29 11:14:43 A7B19EC715D2DB955BA5F436CA48573E 830 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-29 11:14:43 0E2E029782F39969FADA56D652F107FB 3768 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater
2013-06-29 10:57:15 D622EFB007881C595B664E2C4090DFCB 3148 ----a-w- C:\Windows\Sysnative\Tasks\{D91E0789-2B12-4F67-8B11-D7FC0A36A75F}
2013-06-23 18:01:27 B2FB7A6168A77F76D7B0D4BA98DF65ED 3382 ----a-w- C:\Windows\Sysnative\Tasks\EPUpdater
2013-06-22 13:41:25 AE7478EEE26E76A19530BCAFE1D67880 3086 ----a-w- C:\Windows\Sysnative\Tasks\{4380FA13-3162-4E22-9E8C-E40484B48067}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-06-22 10:47:31 -------- d-----w- C:\Program Files\WinRAR
======= C:\Program Files (x86) =====
2013-07-06 17:36:16 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2013-07-05 18:57:11 -------- d-----w- C:\Program Files (x86)\MarineAquarium3Free_57
2013-07-02 08:50:00 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-01 19:17:46 -------- d-----w- C:\Program Files (x86)\Google
2013-06-27 07:41:20 -------- d-----w- C:\Program Files (x86)\PhotoScape
2013-06-22 11:05:36 -------- d-----w- C:\Program Files (x86)\GOG.com
2013-06-22 08:04:54 -------- d-----w- C:\Program Files (x86)\Vittalia
======= C: =====
2013-07-06 08:30:26 187EB7A7F7950A0AFC71BA9CE73E8C3C 3372 ----a-w- C:\AdwCleaner[S1].txt
====== C:\Users\Home\AppData\Roaming ======
2013-07-06 15:56:06 A9A2DB1E591DA1A3A9B62A4CD8828967 108840 ----a-w- C:\users\Home\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-05 19:01:38 -------- d-----w- C:\users\Home\AppData\Local\MarineAquarium3Free_57
2013-07-05 18:57:15 -------- d-----w- C:\users\Home\AppData\Locallow\MarineAquarium3Free_57
2013-07-04 09:39:20 -------- d-----w- C:\users\Home\AppData\Roaming\GRETECH
2013-07-02 08:50:10 -------- d-----w- C:\users\Home\AppData\Roaming\Mozilla
2013-06-29 11:12:10 -------- d-----w- C:\users\Home\AppData\Local\Adobe
2013-06-29 10:57:06 -------- d-----w- C:\users\Home\AppData\Local\Deployment
2013-06-29 10:57:06 -------- d-----w- C:\users\Home\AppData\Local\Apps
2013-06-28 14:56:03 -------- d-----w- C:\users\Home\AppData\Roaming\Foxit Software
2013-06-27 07:41:44 -------- d-----w- C:\users\Home\AppData\Roaming\PhotoScape
2013-06-26 17:33:42 -------- d-----w- C:\users\Home\AppData\Roaming\AVG
2013-06-26 14:06:17 -------- d-----w- C:\users\Home\AppData\Roaming\DownLite
2013-06-26 14:03:49 -------- d-----w- C:\users\Home\AppData\Local\Google
2013-06-22 13:30:30 -------- d-----w- C:\users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2013-06-22 11:42:05 -------- d-----w- C:\users\Home\AppData\Roaming\uTorrent
2013-06-22 10:45:41 -------- d-----w- C:\users\Home\AppData\Roaming\WinRAR
2013-06-21 19:46:26 -------- d-----w- C:\users\Home\AppData\Local\Microsoft Games
====== C:\Users\Home ======
2013-07-06 17:36:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2013-07-06 17:32:25 54ACBA9CFD7154C02CEACF6310CF3CFA 16409960 ----a-w- C:\Users\Home\Downloads\spybotsd162.exe
2013-07-06 08:59:51 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Home\Downloads\b0wiuluh.exe
2013-07-06 08:33:55 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Home\Desktop\okownzzt.exe
2013-07-06 08:29:37 1078C8BD8C62CF4DEE6FE1058C3D56A7 650027 ----a-w- C:\Users\Home\Desktop\adwcleaner.exe
2013-07-05 20:15:32 AE677ADF6A181F5F342554C13AC0C37A 8335360 ----a-w- C:\Users\Home\Desktop\MageBros.exe
2013-07-05 19:42:54 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sim AQUARIUM 3
2013-07-05 19:42:52 -------- d-----w- C:\ProgramData\SA3
2013-07-05 19:27:26 1C7E512085EA1A997828DE0BEEA6FC31 33884411 ----a-w- C:\Users\Home\Downloads\SimAQUARIUM-V3.2-RD.exe
2013-07-04 13:28:27 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Home\ntuser.ini
2013-07-04 09:38:32 -------- d-----w- C:\Users\Home\Nova fascikla
2013-07-01 19:21:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-06-29 14:16:48 -------- d-----w- C:\ProgramData\Simply Super Software
2013-06-29 13:01:16 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-06-28 19:09:00 -------- d-----w- C:\ProgramData\StarApp
2013-06-28 19:09:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSearchh-NeWWTab
2013-06-28 19:07:54 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSafe savvee
2013-06-27 07:41:28 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
2013-06-26 19:08:15 -------- d-----w- C:\ProgramData\TEMP
2013-06-26 18:58:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchNewTab
2013-06-26 18:57:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ssaFe! save
2013-06-26 17:33:04 -------- d-----w- C:\ProgramData\AVG
2013-06-26 17:32:51 -------- d-sh--w- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-06-26 14:09:25 -------- d-----w- C:\ProgramData\Real
2013-06-21 11:59:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

====== C: exe-files ==
2013-07-06 17:36:18 896A1DB9A972AD2339C2E8569EC926D1 2144088 --sha-r- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
2013-07-06 17:36:18 794D4B48DFB6E999537C7C3947863463 1153368 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
2013-07-06 17:36:18 4CD08EEAC08BA53A38E48AF4813E1968 2005504 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy\SDShred.exe
2013-07-06 17:36:17 7C616AD7AE8F75278A069641ECFCDC06 1740632 --sha-r- C:\Program Files (x86)\Spybot - Search & Destroy\SDUpdate.exe
2013-07-06 17:36:17 0477C2F9171599CA5BC3307FDFBA8D89 5365592 --sha-r- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
2013-07-06 17:36:16 8F70F2CCE1DEF20016B53A8D217FA3B5 1757696 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy\SDFiles.exe
2013-07-06 17:36:16 8C9740A3B7603B0A746213DAE8C89526 428888 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy\blindman.exe
2013-07-06 17:36:16 6B44700917F45B19B96B46B345B6F0E7 414552 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy\SDMain.exe
2013-07-06 17:36:16 0BA1ACFEE0532249412F53EE6374EE93 696200 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe
2013-07-06 17:36:16 00071AF6D95C1002E5F9B63EA00A37A3 464728 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy\Update.exe
2013-07-06 17:32:25 54ACBA9CFD7154C02CEACF6310CF3CFA 16409960 ----a-w- C:\Users\Home\Downloads\spybotsd162.exe
2013-07-06 08:59:51 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Home\Downloads\b0wiuluh.exe
2013-07-06 08:33:55 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Home\Desktop\okownzzt.exe
2013-07-06 08:29:37 1078C8BD8C62CF4DEE6FE1058C3D56A7 650027 ----a-w- C:\Users\Home\Desktop\adwcleaner.exe
2013-07-05 20:15:32 AE677ADF6A181F5F342554C13AC0C37A 8335360 ----a-w- C:\Users\Home\Desktop\MageBros.exe
2013-07-05 19:27:26 1C7E512085EA1A997828DE0BEEA6FC31 33884411 ----a-w- C:\Users\Home\Downloads\SimAQUARIUM-V3.2-RD.exe
2013-07-05 19:21:14 57E626878D667E65127D1725279B0965 12384 ----atw- C:\Users\Home\AppData\Local\Temp\{7B247760-F493-4C9E-AE75-BCB1A0C75596}\x86\regsvr32.exe
2013-07-05 19:21:14 157FE300857E06020BCB38A04D5B3B75 12896 ----atw- C:\Users\Home\AppData\Local\Temp\{7B247760-F493-4C9E-AE75-BCB1A0C75596}\x64\regsvr32.exe
2013-07-05 19:21:11 3E94E32949C15E5D39FAA4162BE99830 261710 ----a-w- C:\Users\Home\AppData\Local\Temp\{7B247760-F493-4C9E-AE75-BCB1A0C75596}\Addons\newtab_setup.exe
2013-07-05 19:20:28 E46E1624BD0DBEB8635162F6F7C8766E 3670648 ----a-w- C:\Users\Home\AppData\Local\Temp\{7B247760-F493-4C9E-AE75-BCB1A0C75596}\Addons\OptimizerProInstaller.exe
2013-07-05 18:57:11 FB85F333D10B1475650C4304F99A1ECE 44784 ----a-w- C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57SrchMn.exe
2013-07-05 18:57:11 635F5E4B01597D0BAF2422245C8FF541 22048 ----a-w- C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57highin.exe
2013-07-05 18:57:11 622FCF264119F7DF127BE353F796B319 42504 ----a-w- C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57barsvc.exe
2013-07-05 18:57:11 35D6CAAA9E4D82974A74DBDB53801F98 30096 ----a-w- C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57brmon.exe
2013-07-02 08:50:01 3F03612125FDFA1DE204582CEEBB8ED5 106212 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe
2013-07-02 08:50:00 528A5C2570F468155A1B3CF0A2FF5EBD 117144 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
2013-07-01 19:21:34 C77CEFCE1DA1107E83D2745766E0FEA2 33573216 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\27.0.1453.116\27.0.1453.116_chrome_installer.exe
2013-07-01 19:17:48 C3190BA6ED6220369EEEED081A14DDFC 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleUpdateOnDemand.exe
2013-07-01 19:17:48 5F42FBCE3A8D9ED552E9852A23CA382F 800024 ----a-w- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleUpdateSetup.exe
2013-07-01 19:17:48 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
2013-07-01 19:17:48 1017788353D8349BF6086B9CDDC8CB7B 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleUpdateBroker.exe
2013-07-01 19:17:46 CA35155F6B4C4DB2513AAAA868BAFF47 324488 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler64.exe
2013-07-01 19:17:46 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleUpdate.exe
2013-07-01 19:17:46 09C87F376507122A5FE1CBE06E015512 239496 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.149\GoogleCrashHandler.exe
2013-07-01 19:17:38 7B1AA4DD4462410B4DE33C3EFFAB165C 10120 ------w- C:\Users\Home\AppData\Local\Apps\2.0\NPCWWXZ7.NXJ\KM540MK4.N8T\google.app_4fe91ede9f9bdca3_0001.0003_0e41ebcd634df8d0\clickonce_bootstrap.exe
2013-07-01 19:17:37 5F42FBCE3A8D9ED552E9852A23CA382F 800024 ----a-w- C:\Users\Home\AppData\Local\Apps\2.0\NPCWWXZ7.NXJ\KM540MK4.N8T\google.app_4fe91ede9f9bdca3_0001.0003_0e41ebcd634df8d0\GoogleUpdateSetup.exe
2013-07-01 19:17:37 5F42FBCE3A8D9ED552E9852A23CA382F 800024 ----a-w- C:\Users\Home\AppData\Local\Apps\2.0\NPCWWXZ7.NXJ\KM540MK4.N8T\clic...exe_4fe91ede9f9bdca3_0001.0003_none_81523cbd64d988f5\GoogleUpdateSetup.exe
=== C: other files ==
2013-07-06 11:17:27 E93DF41AEA7AC493ED573A5ACC51C116 849 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO320.zip
2013-07-06 11:17:27 DBF74BD6FD1B9213252B562CC27C8A30 588 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO316.zip
2013-07-06 11:17:27 DB440AD0B7E13B774ECB648786DC27B7 587 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO315.zip
2013-07-06 11:17:27 716F359D264289E710A6539946930840 733 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO317.zip
2013-07-06 11:17:27 63862A0E62F649496679B01AAA108AED 849 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO318.zip
2013-07-06 11:17:27 32DACD80F14DB8F3FE4E9FC52BB95EAF 586 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO314.zip
2013-07-06 11:17:27 2056ED9FFC65518B0F6D780414B74955 633 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\BarowwsoeSave21.zip
2013-07-06 11:17:27 168C66E5ECF40D88BE32889DCF45431B 734 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO319.zip
2013-07-06 11:17:26 3E670B67E58199D13051763FA651EE8A 605 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\DeltaToolbar30.zip
2013-07-05 19:25:28 FC5BAA3DA3B311775DE4631D2A96CB70 16406 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\myPCBackup.zip
2013-07-05 19:25:28 F6E14B612F0198A7C801E4067B1BB739 733 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO310.zip
2013-07-05 19:25:28 C944CAEE9BE5039770C9D44BE60A8065 849 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO311.zip
2013-07-05 19:25:28 B8E4D508315A9CA90CC74FF07AC34E6D 734 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO312.zip
2013-07-05 19:25:28 9EC3312094441F7F34DF51B16D9946E6 849 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO313.zip
2013-07-05 19:25:28 8502E435841378DA129673711C5A4396 588 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO309.zip
2013-07-05 19:25:27 F15271981FAEC1F3D8DB91FD3100B4E6 586 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO307.zip
2013-07-05 19:25:27 9280977B6F351C02C27FFF67A01AD5B3 605 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\DeltaToolbar29.zip
2013-07-05 19:25:27 64CA9790A86C941AF751B49608BE4FDE 587 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO308.zip
2013-07-05 18:57:55 776EABB2FDA8B6B7B065CD8E6083C600 16432665 ----a-w- C:\ProgramData\AVG2013\IDS\quarantine\96253ed3-dba3-47d3-903f-e1ccefac356f.zip
2013-06-29 19:53:12 FDD230DA07F318C1B8197FBAC6470890 733 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO303.zip
2013-06-29 19:53:12 E7CB533B984476389572B5ECB7245DBA 849 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO304.zip
2013-06-29 19:53:12 BEBB1845454D1124F6B994DD622853F0 849 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO306.zip
2013-06-29 19:53:12 50D3F3F429C85ECB23108B0D1DA1B09E 589 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO302.zip
2013-06-29 19:53:12 30F84259D135A1035E357E201A2A3289 734 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO305.zip
2013-06-29 19:53:11 E7EC343A80C8245362A8BCD45D81B0F7 588 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO301.zip
2013-06-29 19:53:11 8069E215685A4C66F913BB6374F11194 606 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\DeltaToolbar28.zip
2013-06-29 19:53:11 3FE4F9E8584241070AAE7AAAAAB065F6 586 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Recovery\WebCakeBHO300.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3145937626-3286986765-835811450-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY"
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"WinampAgent"="C:\Program Files (x86)\Winamp\winampa.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""


==== Startup Folders ======================

2013-06-29 11:14:45 2046 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [29.06.2013 13:14]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01.07.2013 21:17]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01.07.2013 21:17]

==== Firefox Extensions ======================

==== Firefox Plugins ======================

Profilepath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\94yugiu7.default
3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash
2EE9DCAE1D70ABF4D058688DE35F8221 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.16
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dhfcbmlocifngpbjdpgnkbjmgkadkjpp - C:\Program Files (x86)\Industriya\privitize\1.8.21.6\privitize.crx[]
nbmafkdmkkckhggblphicnnhlgljnoje - C:\Program Files (x86)\TornTV.com\torn2_10.crx[]

Google Docs - Home - default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Home - default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Home - default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Home - default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Slagalica fer igra - Ludara.com - Home - default\Extensions\ejpifakoabdhigpeebhalfkjkoidenba
Gmail - Home - default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== IE Start and Search Settings ======================

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== EOF on sub 06.07.2013 at 19:46:49,11 ======================

Dopuna: 06 Jul 2013 19:52

Uostalom da te pitam još nešto, u zadnje vreme viđam neke datoteke tipa ntuser.ini... desktop.ini i pošto možda nisam ranije obratio pažnju na njih smem li da ih obrišem?

Dopuna: 06 Jul 2013 20:52

Jos da ti kazem da sam uklonio sve probleme koje je spybot pronasao... Hvala ti na pomoci!

Dopuna: 06 Jul 2013 20:53

I reci mi mogu li sad sve ovo da uklonim?

Poslao: 07 Jul 2013 00:58
Idi na vrh
offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Tragove aktivnog malwarea nisam našao u logovima tako da sad možemo zatvoriti slučaj. Ostaje ti da uradiš sljedeće:

Arrow

Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop

Dvoklikom pokreni program.

Štikliraj sledeće opcije:
Remove disinfection tools
Purge System Restore
Reset system settings

Klikni na dugme "Run" i pričekaj da program završi rad.
Kada alat završi, otvoriće izvestaj u notepadu.
Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt

Ne moraš kačiti taj izvještaj. Ostale korišćene alate možeš obrisati.



Arrow

Posjeti temu Testirajte da li vam je pretraživač ranjiv, pročitaj i isprati link koji stoji u njoj.



Arrow

Preporučujem da za zaštitu USB memorijskih uređaja koristiš MCShield.
Nema nikakve veze sa antivirus-om tj. neće ometati njegov rad, a pokazao se kao jedan od najboljih vida zaštite od malware-a koji se prenosi putem USB mem. uređaja.


Home Page MCShield-a: http://www.mcshield.net

Više o MCShield-u možeš saznati u ovoj temi: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html

Facebook stranica MCShield-a: http://www.facebook.com/MCShield

MyCity » Ambulanta -> Arhiva Ambulante » Zašto spybot ne može da ih ukloni?

Ko je trenutno na forumu
 

Ukupno su 702 korisnika na forumu :: 31 registrovanih, 4 sakrivenih i 667 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Aleksandar Tomić, babaroga, Ben Roj, bojcistv, ccoogg123, DPera, draganca, dushan, Excalibur13, hologram, hooraay, ILGromovnik, kjkszpj, Luka Blažević, Mercury, MiroslavD, naki011, Nemanja.M, nemkea71, nuke92, pavlo, Pohovani_00, repac, royst33, S.Palestinac, Shinobi, stalja, vathra, vladulns, Čivi, 79693