MyCity » Ambulanta -> Arhiva Ambulante » cudne pojave...

cudne pojave...

Napisano na dan: 27.8.2011

Strana:
1
2

cudne pojave...

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Anchy-cuca Poslao: 27 Avg 2011 13:32 Idi na vrh
offline Anchy-cuca Građanin Andriana MIljkovic Pridružio: 16 Avg 2011 Poruke: 37 Gde živiš: Leskovac	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: pre nekih 20ak dana imala sam problem koji sam ''regulisala'' tacnije poceo je da mi se koci lap. i ja sam ga restartovala i zatim ono windows vrtelo se do besvesti pa sam ugasila lap. potom kad sam opet upalila komp pojavila mi se je crna stranica gde pise nesto safe mode netvork i jos dva natpisa sa safe mode ... i samo u safe modu je hteo da radi... ali i tada je bilo cudno jer je bilo malo cudno jer mi je bio kao neka starija verzija widnowsa,i to su mi ovde na sajtu pomogli da resim (da ne duzim s ovim). sada je problem jer mi se od pre neki dan nekoliko puta desilo da kada pokrenem Google chrom pojavi plava stranica sa brojevima i slovima koja trepere nekih 2-3 sec. i onda mi se restartuje lap. i posle sve radi najnormalnije... nisam pokusala ni na koj nacin resiti ovaj problem,ali uputili su me ovde sa sajta da provere o cemu se radi... windows koji koristim je 32-bitni,interner koristim adsl,a sto se tice jacine stvatno ne znam (ne snalazim se bas mnogo dobro oko kompjutera) dds.text . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_19 Run by X at 13:02:15 on 2011-08-27 . ============== Running Processes =============== . C:\DOCUME~1\XC578~1.SYD\LOCALS~1\Temp\nsy60.tmp\ProcessList.txt . ============== Pseudo HJT Report =============== . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2670199 uSearch Page = uSearch Bar = mStart Page = hxxp://home.sweetim.com mSearchAssistant = uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - c:\program files\ask.com\GenericAskToolbar.dll uURLSearchHooks: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\prxtbSof2.dll uURLSearchHooks: Messenger Plus Toolbar: {b760d5a4-8d24-4cb6-942e-d6bb540ad88c} - c:\program files\messenger_plus\prxtbMess.dll uURLSearchHooks: Free Lunch Design TB Toolbar: {a5ae8924-4036-420f-b7f6-a47e4b8f692e} - c:\program files\free_lunch_design_tb\prxtbFree.dll BHO: CescrtHlpr Object: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.4.19.19\bh\BabylonToolbar.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users.windows2\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\prxtbSof2.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Free Lunch Design TB Toolbar: {a5ae8924-4036-420f-b7f6-a47e4b8f692e} - c:\program files\free_lunch_design_tb\prxtbFree.dll BHO: Messenger Plus Toolbar: {b760d5a4-8d24-4cb6-942e-d6bb540ad88c} - c:\program files\messenger_plus\prxtbMess.dll BHO: Softonic Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\prxtbSof2.dll TB: Softonic Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.4.19.19\BabylonToolbarTlbr.dll TB: Messenger Plus Toolbar: {b760d5a4-8d24-4cb6-942e-d6bb540ad88c} - c:\program files\messenger_plus\prxtbMess.dll TB: Free Lunch Design TB Toolbar: {a5ae8924-4036-420f-b7f6-a47e4b8f692e} - c:\program files\free_lunch_design_tb\prxtbFree.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll TB: {EEE6C35B-6118-11DC-9C72-001320C79847} - No File uRun: [MCShield] c:\program files\mcshield\MCShieldRTM.exe uRun: [MCShieldTray] c:\program files\mcshield\MCShieldTray.exe uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background mRun: [IgfxTray] c:\windows2\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows2\system32\hkcmd.exe mRun: [Persistence] c:\windows2\system32\igfxpers.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui dRun: [CTFMON.EXE] c:\windows2\system32\CTFMON.EXE IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: Interfaces\{95A0206B-512E-49E5-929A-6557CB11E1A9} : DhcpNameServer = 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: igfxcui - igfxdev.dll LSA: Authentication Packages = msv1_0 nwprovau . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\x.sydney\application data\mozilla\firefox\profiles\vxwqj9mi.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2670199&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Free Lunch Design TB Customized Web Search FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2670199&SearchSource=13 FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=toolbar2&q= FF - component: c:\documents and settings\all users.windows2\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll FF - component: c:\documents and settings\x.sydney\application data\mozilla\firefox\profiles\vxwqj9mi.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\RadioWMPCoreGecko19.dll FF - component: c:\documents and settings\x.sydney\application data\mozilla\firefox\profiles\vxwqj9mi.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll FF - plugin: c:\documents and settings\all users.windows2\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll FF - plugin: c:\documents and settings\all users.windows2\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\documents and settings\x.sydney\local settings\application data\google\update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\mozilla firefox\plugins\npkimi.dll . ============= SERVICES / DRIVERS =============== . R? RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader S? aswFsBlk;aswFsBlk S? aswSnx;aswSnx S? aswSP;aswSP S? avast! Antivirus;avast! Antivirus S? RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter . =============== Created Last 30 ================ . 2011-08-27 10:51:12 -------- d--h--w- c:\windows2\PIF 2011-08-16 23:56:45 -------- d-----w- c:\windows2\pss 2011-08-16 23:55:59 -------- d-----w- c:\documents and settings\x.sydney\application data\MCShield 2011-08-16 23:55:58 -------- d-----w- c:\program files\MCShield 2011-08-16 23:54:00 441176 ----a-w- c:\windows2\system32\drivers\aswSnx.sys 2011-08-16 23:53:42 40112 ----a-w- c:\windows2\avastSS.scr 2011-08-16 23:53:31 -------- d-----w- c:\program files\AVAST Software 2011-08-16 23:53:31 -------- d-----w- c:\documents and settings\all users.windows2\application data\AVAST Software 2011-07-28 15:07:51 -------- d-----w- c:\documents and settings\x.sydney\local settings\application data\Free_Lunch_Design_TB 2011-07-28 15:07:50 -------- d-----w- c:\program files\Free_Lunch_Design_TB 2011-07-28 15:07:34 -------- d-----w- C:\games . ==================== Find3M ==================== . 2011-07-11 16:49:14 23 ----a-w- c:\windows2\clofghls.dll 2011-06-26 09:59:15 404640 ----a-w- c:\windows2\system32\FlashPlayerCPLApp.cpl 2011-06-20 11:45:09 0 ----a-w- c:\windows2\system32\ConduitEngine.tmp 2011-06-19 10:43:26 499712 ----a-w- c:\windows2\system32\msvcp71.dll 2011-06-19 10:43:26 348160 ----a-w- c:\windows2\system32\msvcr71.dll . ============= FINISH: 13:07:43,65 =============== Attach.txt . ==== Installed Programs ====================== . "Nero SoundTrax Help Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Advertising Center Ask Toolbar µTorrent avast! Free Antivirus Babylon toolbar DolbyFiles EasyBits GO Free Lunch Design TB Toolbar GameHouse Super Games AIO® Google Chrome Google Earth High Definition Audio Driver Package - KB888111 Hotfix for Windows XP (KB935448-) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB981793) Icy Tower v1.5 ImagXpress Imikimi Plugin Intel(R) Graphics Media Accelerator Driver Java Auto Updater Java(TM) 6 Update 19 K-Lite Codec Pack 5.1.0 (Full) Malwarebytes' Anti-Malware MCShield Menu Templates - Starter Kit Messenger Plus Toolbar Messenger Plus! 5 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Professional Edition 2003 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Movie Templates - Starter Kit Mozilla Firefox 6.0 (x86 en-US) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688-) MV2Player (remove only) Neighbors From Hell: On Vacation Nero 9 Nero BurningROM Nero BurnRights Nero ControlCenter Nero CoverDesigner Nero CoverDesigner Help Nero Disc Copy Gadget Nero Disc Copy Gadget Help Nero DiscSpeed Nero DriveSpeed Nero Express Nero InfoTool Nero Installer Nero Live Nero Live Help Nero PhotoSnap Nero PhotoSnap Help Nero Recode Nero Recode Help Nero Rescue Agent Nero RescueAgent Help Nero ShowTime Nero StartSmart Nero StartSmart Help Nero Vision Nero WaveEditor Nero WaveEditor Help NeroBurningROM NeroExpress neroxml Norton Security Scan PhotoScape RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer REALTEK GbE & FE Ethernet PCI-E NIC Driver Realtek High Definition Audio Driver REALTEK RTL8187B Wireless LAN Driver RealUpgrade 1.1 Santa Claus in Trouble Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player (KB979402) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB944338-v2) Security Update for Windows XP (KB946648-) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951748-) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958470) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970238-) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971032) Security Update for Windows XP (KB971468-) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318-) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978338-) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218-) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB981350) Security Update for Windows XP (KB982381) Segoe UI Skype Toolbars Skype™ 5.3 Softonic-Eng7 Toolbar SoundTrax SweetIM for Messenger 3.5 Synaptics Pointing Device Driver Total Commander 6.03a XP Update for Windows Internet Explorer 8 (KB976662) Update for Windows XP (KB898461) Update for Windows XP (KB955759) Update for Windows XP (KB961503) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) USB 2.0 Card Reader WebFldrs XP Winamp Windows Installer 3.1 (KB893803) Windows Internet Explorer 8 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Messenger Windows Live Sign-in Assistant Windows Live Upload Tool Windows Movie Maker 2.0 WinRAR archiver . ==== End Of File =========================== mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png

Profil

1l padr1n0 Poslao: 28 Avg 2011 07:27 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav Anchy-cuca! Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix; u prozoru koji se otvori klikni "I Agree". U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku. goran9888 (AMF Tim)

Profil

Anchy-cuca Poslao: 28 Avg 2011 14:21 Idi na vrh
offline Anchy-cuca Građanin Andriana MIljkovic Pridružio: 16 Avg 2011 Poruke: 37 Gde živiš: Leskovac	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 28 Avg 2011 13:03 sve sam ovo uradila ali kada sam stigla do na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. nikako nisam mogla da kopiram to u Notepad jer odma po zavrsetku skeniranja mi se je restartovao komp. kako to da kopiram? Dopuna: 28 Avg 2011 14:21 Anchy-cuca ::sve sam ovo uradila ali kada sam stigla do na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. nikako nisam mogla da kopiram to u Notepad jer odma po zavrsetku skeniranja mi se je restartovao komp. kako to da kopiram? tj prvi put kada sam to pokrenula i kada se izvrsila pretraga virusa odma mi se je restartovao komp. i nikako nisam mogla da selectujem u notepad rezultat. potom sam opet uradila to isto a sad ta pretraga izgleda ovako prvo pocne s ovim mycity.rs/must-login.png pa se zatim otvori isti takav prozor mycity.rs/must-login.png ne znam gde gresim :S

Profil

1l padr1n0 Poslao: 28 Avg 2011 16:54 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Gresis u tome sto si nestrpljiva. Moras cekati. Ako pise sledece: Citat:Preparing Log Report. Do not run any programs until ComboFix has finished To znaci da trebas sacekati jer CF priprema izvestaj. Nemoj pokretati nikakve programe, nemoj nista raditi na racunaru dok ne bude izasao CF izvestaj u Notepad-u. Taj izvestaj mi trebas prekopirati. Proveri da li imas izvestaj na sledecoj lokaciji: C:\Combofix.txt Ukoliko izvestaj postoji, posalji mi u sledecoj poruci (nemoj pokretati CF). Ukoliko ne postoji, ponovo pokreni CF i detaljno isprati uputstvo (trebas deaktivirati AV, instalirati RC, itd; sve to pise u uputstvu u mojoj prethodnoj poruci). Sve je jako prosto, samo trebas detaljno citati uputstvo i trebas biti strpljiva. goran9888 (AMF Tim)

Profil

Anchy-cuca Poslao: 28 Avg 2011 17:39 Idi na vrh
offline Anchy-cuca Građanin Andriana MIljkovic Pridružio: 16 Avg 2011 Poruke: 37 Gde živiš: Leskovac	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: da nije to ovo,ovo sam pronasla u kompu mycity.rs/must-login.png

Profil

1l padr1n0 Poslao: 28 Avg 2011 18:01 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da to je. Samo sto izvestaj nije kompletan. 4x si pokretala CF CF ti nije na Desktop-u kao sto pise u Uputstvu koje sam ti dao. Ponovo pokreni CF i postavi mi izvestaj, ali onako kako pise u Uputstvu koje sam ti dao. goran9888 (AMF Tim)

Profil

Anchy-cuca Poslao: 28 Avg 2011 18:30 Idi na vrh
offline Anchy-cuca Građanin Andriana MIljkovic Pridružio: 16 Avg 2011 Poruke: 37 Gde živiš: Leskovac	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 28 Avg 2011 18:05 ali sve sam uradila i ono sto se tice avasta! i sve ovo dvoklikom pokreni program ComboFix; u prozoru koji se otvori klikni "I Agree". U toku rada, ComboFix će: proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak. postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK. samo nisam zatvorila sve pokrenute programe... sada cu opet da pokrenem ovo i saljem sve... nadam se ca sad biti ok ... Dopuna: 28 Avg 2011 18:30 ComboFix 11-08-27.01 - X 28.08.2011 18:20:55.5.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.61.1033.18.1916.1452 [GMT 2:00] Running from: c:\documents and settings\X.SYDNEY\My Documents\Downloads\ComboFix.exe AV: avast! Antivirus Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} . . ((((((((((((((((((((((((( Files Created from 2011-07-28 to 2011-08-28 ))))))))))))))))))))))))))))))) . . 2011-08-27 10:51 . 2011-08-27 10:51 -------- d--h--w- c:\windows2\PIF 2011-08-16 23:55 . 2011-08-28 12:12 -------- d-----w- c:\documents and settings\X.SYDNEY\Application Data\MCShield 2011-08-16 23:55 . 2011-08-16 23:55 -------- d-----w- c:\program files\MCShield 2011-08-16 23:54 . 2011-08-16 23:54 -------- d-sh--w- c:\windows2\system32\config\systemprofile\IETldCache 2011-08-16 23:54 . 2011-07-04 11:36 309848 ----a-w- c:\windows2\system32\drivers\aswSP.sys 2011-08-16 23:54 . 2011-07-04 11:32 19544 ----a-w- c:\windows2\system32\drivers\aswFsBlk.sys 2011-08-16 23:54 . 2011-07-04 11:32 25432 ----a-w- c:\windows2\system32\drivers\aswRdr.sys 2011-08-16 23:54 . 2011-07-04 11:36 441176 ----a-w- c:\windows2\system32\drivers\aswSnx.sys 2011-08-16 23:54 . 2011-07-04 11:35 43608 ----a-w- c:\windows2\system32\drivers\aswTdi.sys 2011-08-16 23:53 . 2011-07-04 11:35 102616 ----a-w- c:\windows2\system32\drivers\aswmon2.sys 2011-08-16 23:53 . 2011-07-04 11:35 96344 ----a-w- c:\windows2\system32\drivers\aswmon.sys 2011-08-16 23:53 . 2011-07-04 11:32 30808 ----a-w- c:\windows2\system32\drivers\aavmker4.sys 2011-08-16 23:53 . 2011-07-04 11:43 40112 ----a-w- c:\windows2\avastSS.scr 2011-08-16 23:53 . 2011-07-04 11:43 199304 ----a-w- c:\windows2\system32\aswBoot.exe 2011-08-16 23:53 . 2011-08-16 23:53 -------- d-----w- c:\program files\AVAST Software 2011-08-16 23:53 . 2011-08-16 23:53 -------- d-----w- c:\documents and settings\All Users.WINDOWS2\Application Data\AVAST Software . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-26 09:59 . 2011-05-13 04:37 404640 ----a-w- c:\windows2\system32\FlashPlayerCPLApp.cpl 2011-06-20 11:45 . 2011-06-20 11:45 0 ----a-w- c:\windows2\system32\ConduitEngine.tmp 2011-06-19 10:43 . 2010-05-11 16:05 499712 ----a-w- c:\windows2\system32\msvcp71.dll 2011-06-19 10:43 . 2010-05-11 16:05 348160 ----a-w- c:\windows2\system32\msvcr71.dll 2011-08-18 15:52 . 2011-03-29 11:41 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-08-28_10.44.14 ))))))))))))))))))))))))))))))))))))))))) . + 2011-08-28 11:44 . 2011-08-28 11:44 16384 c:\windows2\Temp\Perflib_Perfdata_3f0.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312] "{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\prxtbSof2.dll" [2011-05-09 176936] "{b760d5a4-8d24-4cb6-942e-d6bb540ad88c}"= "c:\program files\Messenger_Plus\prxtbMess.dll" [2011-01-17 175912] "{a5ae8924-4036-420f-b7f6-a47e4b8f692e}"= "c:\program files\Free_Lunch_Design_TB\prxtbFree.dll" [2011-01-17 175912] . [HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}] . [HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] . [HKEY_CLASSES_ROOT\clsid\{b760d5a4-8d24-4cb6-942e-d6bb540ad88c}] . [HKEY_CLASSES_ROOT\clsid\{a5ae8924-4036-420f-b7f6-a47e4b8f692e}] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] 2011-05-09 09:49 176936 ----a-w- c:\program files\Softonic-Eng7\prxtbSof2.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a5ae8924-4036-420f-b7f6-a47e4b8f692e}] 2011-01-17 14:54 175912 ----a-w- c:\program files\Free_Lunch_Design_TB\prxtbFree.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b760d5a4-8d24-4cb6-942e-d6bb540ad88c}] 2011-01-17 14:54 175912 ----a-w- c:\program files\Messenger_Plus\prxtbMess.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2011-05-17 11:29 1490312 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\prxtbSof2.dll" [2011-05-09 176936] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312] "{b760d5a4-8d24-4cb6-942e-d6bb540ad88c}"= "c:\program files\Messenger_Plus\prxtbMess.dll" [2011-01-17 175912] "{a5ae8924-4036-420f-b7f6-a47e4b8f692e}"= "c:\program files\Free_Lunch_Design_TB\prxtbFree.dll" [2011-01-17 175912] . [HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CLASSES_ROOT\clsid\{b760d5a4-8d24-4cb6-942e-d6bb540ad88c}] . [HKEY_CLASSES_ROOT\clsid\{a5ae8924-4036-420f-b7f6-a47e4b8f692e}] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\prxtbSof2.dll" [2011-05-09 176936] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312] "{B760D5A4-8D24-4CB6-942E-D6BB540AD88C}"= "c:\program files\Messenger_Plus\prxtbMess.dll" [2011-01-17 175912] "{A5AE8924-4036-420F-B7F6-A47E4B8F692E}"= "c:\program files\Free_Lunch_Design_TB\prxtbFree.dll" [2011-01-17 175912] . [HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CLASSES_ROOT\clsid\{b760d5a4-8d24-4cb6-942e-d6bb540ad88c}] . [HKEY_CLASSES_ROOT\clsid\{a5ae8924-4036-420f-b7f6-a47e4b8f692e}] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MCShield"="c:\program files\MCShield\MCShieldRTM.exe" [2011-03-26 262144] "MCShieldTray"="c:\program files\MCShield\MCShieldTray.exe" [2010-11-04 73728] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows2\system32\igfxtray.exe" [2008-08-28 150040] "HotKeysCmds"="c:\windows2\system32\hkcmd.exe" [2008-08-28 170520] "Persistence"="c:\windows2\system32\igfxpers.exe" [2008-08-28 141848] "RTHDCPL"="RTHDCPL.EXE" [2008-08-28 16860672] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows2\system32\CTFMON.EXE" [2004-08-03 15360] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater] 2011-05-17 11:29 395144 ----a-w- c:\program files\Ask.com\Updater\Updater.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BabylonToolbar] 2010-11-07 09:22 286720 ----a-w- c:\program files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2004-08-03 22:56 15360 ----a-w- c:\windows2\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2010-04-26 18:27 136176 ----atw- c:\documents and settings\X.SYDNEY\Local Settings\Application Data\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LtMoh] 2007-01-09 12:23 191552 ------w- c:\program files\ltmoh\ltmoh.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlusService] 2011-05-26 09:29 800768 ----a-w- c:\program files\Yuna Software\Messenger Plus!\PlusService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2011-06-15 13:02 15141768 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM] 2011-06-02 13:56 114992 ----a-r- c:\program files\SweetIM\Messenger\SweetIM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2008-08-28 13:25 1024000 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2011-06-19 10:43 273544 ----a-w- c:\program files\real\realplayer\Update\realsched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] 2011-05-07 18:03 552312 ----a-w- c:\program files\uTorrent\uTorrent.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Documents and Settings\\All Users.WINDOWS2\\Application Data\\SweetIM\\Messenger\\update\\sweetimsetup.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . R1 aswSnx;aswSnx;c:\windows2\system32\drivers\aswSnx.sys [17.8.2011 1:54 441176] R1 aswSP;aswSP;c:\windows2\system32\drivers\aswSP.sys [17.8.2011 1:54 309848] R2 aswFsBlk;aswFsBlk;c:\windows2\system32\drivers\aswFsBlk.sys [17.8.2011 1:54 19544] R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows2\system32\drivers\RTL8187B.sys [26.4.2010 11:29 288000] S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows2\system32\Drivers\RTS5121.sys --> c:\windows2\system32\Drivers\RTS5121.sys [?] . Contents of the 'Scheduled Tasks' folder . 2011-08-24 c:\windows2\Tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-790525478-839522115-1003Core.job - c:\documents and settings\X.SYDNEY\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-04-26 18:27] . 2011-08-28 c:\windows2\Tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-790525478-839522115-1003UA.job - c:\documents and settings\X.SYDNEY\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-04-26 18:27] . 2011-08-22 c:\windows2\Tasks\Norton Security Scan for X.job - c:\progra~1\NORTON~2\Engine\312~1.9\Nss.exe [2011-06-19 07:42] . 2011-08-28 c:\windows2\Tasks\RealUpgradeLogonTaskS-1-5-21-2052111302-790525478-839522115-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47] . 2011-08-27 c:\windows2\Tasks\RealUpgradeScheduledTaskS-1-5-21-2052111302-790525478-839522115-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47] . 2011-08-28 c:\windows2\Tasks\Scheduled Update for Ask Toolbar.job - c:\program files\Ask.com\UpdateTask.exe [2011-05-17 11:29] . 2011-08-28 c:\windows2\Tasks\User_Feed_Synchronization-{0EE36B7E-F4FD-4A49-87E0-81DF64B56247}.job - c:\windows2\system32\msfeedssync.exe [2009-03-08 03:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2670199 mStart Page = hxxp://home.sweetim.com IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\X.SYDNEY\Application Data\Mozilla\Firefox\Profiles\vxwqj9mi.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2670199&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Free Lunch Design TB Customized Web Search FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2670199&SearchSource=13 FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=toolbar2&q= . - - - - ORPHANS REMOVED - - - - . WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) MSConfigStartUp-MsnMsgr - ~c:\program files\Windows Live\Messenger\msnmsgr.exe AddRemove-WinRAR archiver - c:\documents and settings\X.SYDNEY\Desktop\uninstall.exe . . . ************************************************************************ . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2011-08-28 18:26 Windows 5.1.2600 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(648-) c:\windows2\system32\WININET.dll c:\windows2\system32\ieframe.dll c:\windows2\system32\webcheck.dll . Completion time: 2011-08-28 18:29:45 ComboFix-quarantined-files.txt 2011-08-28 16:29 . Pre-Run: 8.886.816.768 bytes free Post-Run: 8.869.142.528 bytes free . - - End Of File - - E2E9EDA2C0179EBFF907A19FC7E0AB34 jer sad ok?

Profil

1l padr1n0 Poslao: 28 Avg 2011 18:54 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sad je ok. Korak 1 - Start -> Control Panel -> Add or Remove Programs - deinstaliraj sve aplikacije koje su visak, tj. ne trebaju ti. Takodje deinstaliraj toolbar-ove ako ih ne koristis: Ask Toolbar, Babylon toolbar, Free Lunch Design TB Toolbar, Messenger Plus Toolbar, Norton Security Scan, Softonic-Eng7 Toolbar, Skype Toolbars. Korak 2 Otvoriti Notepad i iskopirati sledeci tekst: DDS:: uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2670199 mStart Page = hxxp://home.sweetim.com FireFox:: FF - ProfilePath - c:\documents and settings\X.SYDNEY\Application Data\Mozilla\Firefox\Profiles\vxwqj9mi.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2670199&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Free Lunch Design TB Customized Web Search FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2670199&SearchSource=13 FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=toolbar2&q= Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja. Korak 3 Preuzmi instalaciju za program Malwarebytes Anti-Malware sa sledećeg linka: http://www.besttechie.net/tools/mbam-setup.exe Dvoklikom pokreni instalaciju - na samom kraju procesa, proveri da su obeležene opcije: Update Malwarebytes' Anti-Malware; Launch Malwarebytes Anti-Malware; a zatim klikni Finish. Nakon završenog ažuriranja program će se pokrenuti. Izaberi opciju Perform Quick Scan i klikni Scan. Po završetku procesa klikni OK, Show Results: u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected. Po završetku procesa, logfile će se otvoriti u Notepad-u; iskopiraj ga u temu na forumu. Ukoliko program zatraži restart kako bi se završio proces čišćenja, obavezno ga dozvoliti. Napomena: ako dođe do restarta na kraju procesa čišćenja, logfile će biti dostupan na Logs kartici (obeleži ga i klikni Open). goran9888 (AMF Tim)

Profil

Anchy-cuca Poslao: 28 Avg 2011 19:38 Idi na vrh
offline Anchy-cuca Građanin Andriana MIljkovic Pridružio: 16 Avg 2011 Poruke: 37 Gde živiš: Leskovac	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 28 Avg 2011 19:33 uklonila sam one Toolbars-e ... privukla sam ono i rezultat je ComboFix 11-08-28.01 - X 28.08.2011 19:19:30.6.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.61.1033.18.1916.1344 [GMT 2:00] Running from: c:\documents and settings\X.SYDNEY\My Documents\Downloads\ComboFix.exe Command switches used :: c:\documents and settings\X.SYDNEY\Desktop\CFScript.txt AV: avast! Antivirus Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\X.SYDNEY\Application Data\PriceGong c:\documents and settings\X.SYDNEY\Application Data\PriceGong\Data\mru.xml . . ((((((((((((((((((((((((( Files Created from 2011-07-28 to 2011-08-28 ))))))))))))))))))))))))))))))) . . 2011-08-27 10:51 . 2011-08-27 10:51 -------- d--h--w- c:\windows2\PIF 2011-08-16 23:55 . 2011-08-28 17:13 -------- d-----w- c:\documents and settings\X.SYDNEY\Application Data\MCShield 2011-08-16 23:55 . 2011-08-16 23:55 -------- d-----w- c:\program files\MCShield 2011-08-16 23:54 . 2011-08-16 23:54 -------- d-sh--w- c:\windows2\system32\config\systemprofile\IETldCache 2011-08-16 23:54 . 2011-07-04 11:36 309848 ----a-w- c:\windows2\system32\drivers\aswSP.sys 2011-08-16 23:54 . 2011-07-04 11:32 19544 ----a-w- c:\windows2\system32\drivers\aswFsBlk.sys 2011-08-16 23:54 . 2011-07-04 11:32 25432 ----a-w- c:\windows2\system32\drivers\aswRdr.sys 2011-08-16 23:54 . 2011-07-04 11:36 441176 ----a-w- c:\windows2\system32\drivers\aswSnx.sys 2011-08-16 23:54 . 2011-07-04 11:35 43608 ----a-w- c:\windows2\system32\drivers\aswTdi.sys 2011-08-16 23:53 . 2011-07-04 11:35 102616 ----a-w- c:\windows2\system32\drivers\aswmon2.sys 2011-08-16 23:53 . 2011-07-04 11:35 96344 ----a-w- c:\windows2\system32\drivers\aswmon.sys 2011-08-16 23:53 . 2011-07-04 11:32 30808 ----a-w- c:\windows2\system32\drivers\aavmker4.sys 2011-08-16 23:53 . 2011-07-04 11:43 40112 ----a-w- c:\windows2\avastSS.scr 2011-08-16 23:53 . 2011-07-04 11:43 199304 ----a-w- c:\windows2\system32\aswBoot.exe 2011-08-16 23:53 . 2011-08-16 23:53 -------- d-----w- c:\program files\AVAST Software 2011-08-16 23:53 . 2011-08-16 23:53 -------- d-----w- c:\documents and settings\All Users.WINDOWS2\Application Data\AVAST Software . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-26 09:59 . 2011-05-13 04:37 404640 ----a-w- c:\windows2\system32\FlashPlayerCPLApp.cpl 2011-06-20 11:45 . 2011-06-20 11:45 0 ----a-w- c:\windows2\system32\ConduitEngine.tmp 2011-06-19 10:43 . 2010-05-11 16:05 499712 ----a-w- c:\windows2\system32\msvcp71.dll 2011-06-19 10:43 . 2010-05-11 16:05 348160 ----a-w- c:\windows2\system32\msvcr71.dll 2011-08-18 15:52 . 2011-03-29 11:41 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2011-08-28_10.44.14 ))))))))))))))))))))))))))))))))))))))))) . + 2011-08-28 17:13 . 2011-08-28 17:13 16384 c:\windows2\Temp\Perflib_Perfdata_61c.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312] . [HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2011-05-17 11:29 1490312 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MCShield"="c:\program files\MCShield\MCShieldRTM.exe" [2011-03-26 262144] "MCShieldTray"="c:\program files\MCShield\MCShieldTray.exe" [2010-11-04 73728] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows2\system32\igfxtray.exe" [2008-08-28 150040] "HotKeysCmds"="c:\windows2\system32\hkcmd.exe" [2008-08-28 170520] "Persistence"="c:\windows2\system32\igfxpers.exe" [2008-08-28 141848] "RTHDCPL"="RTHDCPL.EXE" [2008-08-28 16860672] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows2\system32\CTFMON.EXE" [2004-08-03 15360] . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater] 2011-05-17 11:29 395144 ----a-w- c:\program files\Ask.com\Updater\Updater.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] 2004-08-03 22:56 15360 ----a-w- c:\windows2\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2010-04-26 18:27 136176 ----atw- c:\documents and settings\X.SYDNEY\Local Settings\Application Data\Google\Update\GoogleUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LtMoh] 2007-01-09 12:23 191552 ------w- c:\program files\ltmoh\ltmoh.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlusService] 2011-05-26 09:29 800768 ----a-w- c:\program files\Yuna Software\Messenger Plus!\PlusService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] 2011-06-15 13:02 15141768 ----a-r- c:\program files\Skype\Phone\Skype.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM] 2011-06-02 13:56 114992 ----a-r- c:\program files\SweetIM\Messenger\SweetIM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2008-08-28 13:25 1024000 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2011-06-19 10:43 273544 ----a-w- c:\program files\real\realplayer\Update\realsched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent] 2011-05-07 18:03 552312 ----a-w- c:\program files\uTorrent\uTorrent.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Documents and Settings\\All Users.WINDOWS2\\Application Data\\SweetIM\\Messenger\\update\\sweetimsetup.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . R1 aswSnx;aswSnx;c:\windows2\system32\drivers\aswSnx.sys [17.8.2011 1:54 441176] R1 aswSP;aswSP;c:\windows2\system32\drivers\aswSP.sys [17.8.2011 1:54 309848] R2 aswFsBlk;aswFsBlk;c:\windows2\system32\drivers\aswFsBlk.sys [17.8.2011 1:54 19544] R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows2\system32\drivers\RTL8187B.sys [26.4.2010 11:29 288000] S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows2\system32\Drivers\RTS5121.sys --> c:\windows2\system32\Drivers\RTS5121.sys [?] . Contents of the 'Scheduled Tasks' folder . 2011-08-24 c:\windows2\Tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-790525478-839522115-1003Core.job - c:\documents and settings\X.SYDNEY\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-04-26 18:27] . 2011-08-28 c:\windows2\Tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-790525478-839522115-1003UA.job - c:\documents and settings\X.SYDNEY\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-04-26 18:27] . 2011-08-28 c:\windows2\Tasks\RealUpgradeLogonTaskS-1-5-21-2052111302-790525478-839522115-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47] . 2011-08-28 c:\windows2\Tasks\RealUpgradeScheduledTaskS-1-5-21-2052111302-790525478-839522115-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47] . 2011-08-28 c:\windows2\Tasks\Scheduled Update for Ask Toolbar.job - c:\program files\Ask.com\UpdateTask.exe [2011-05-17 11:29] . 2011-08-28 c:\windows2\Tasks\User_Feed_Synchronization-{0EE36B7E-F4FD-4A49-87E0-81DF64B56247}.job - c:\windows2\system32\msfeedssync.exe [2009-03-08 03:31] . . ------- Supplementary Scan ------- . IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\X.SYDNEY\Application Data\Mozilla\Firefox\Profiles\vxwqj9mi.default\ . - - - - ORPHANS REMOVED - - - - . MSConfigStartUp-BabylonToolbar - c:\program files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe . . . ************************************************************************ . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2011-08-28 19:27 Windows 5.1.2600 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************ . Completion time: 2011-08-28 19:29:22 ComboFix-quarantined-files.txt 2011-08-28 17:29 ComboFix2.txt 2011-08-28 16:29 . Pre-Run: 8.814.292.992 bytes free Post-Run: 8.816.668.672 bytes free . - - End Of File - - F2ED2E02D9AAC73033B247120D55EA8A ako je to to? a sto se tice Malwarebytes Anti-Malware ja to vec imam u kompu,jer mogu odma da pocnem ''Izaberi opciju Perform Quick Scan i klikni Scan. Po završetku procesa klikni OK, Show Results: u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected. '' ? Dopuna: 28 Avg 2011 19:38 Malwarebytes' Anti-Malware 1.45 malwarebytes.org Database version: 3930 Windows 5.1.2600 Service Pack 2 Internet Explorer 8.0.6001.18702 28.8.2011 19:37:49 mbam-log-2011-08-28 (19-37-49).txt Scan type: Quick scan Objects scanned: 126839 Time elapsed: 2 minute(s), 47 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)

Profil

1l padr1n0 Poslao: 28 Avg 2011 20:09 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok, to je to. Mada, koliko vidim Ask Toolbar nisi deinstalirala. Proveri jos jednom. Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. Mozes ukljuciti AV. Takodje, ukljuci i Firewall: Start -> Control Panel -> Windows Firewall -> On - Obavezno poseti temu "Testirajte da li vam je pretrazivac ranjiv", procitaj i isprati link koji stoji u njoj. Imas prastaru verziju Jave koju moras nadograditi zbog sigurnosnih propusta u njoj. U svakom slucaju, bilo koji dodatak da je stare verzije, bilo bi pozeljno nadograditi ga na najnoviju. Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html - Preporucujem ti da instaliras Service Pack 3 za Windows XP tj. update-ujes svoj Operativni Sistem. Necu govoriti o njegovim prednostima u odnosu na Service Pack 2. Te informacije mozes naci na MS-ovom sajtu. Uglavnom, MS je 13.jula 2010 prekinuo podrsku za Service Pack 2 koji je instaliran na tvom racunaru. Sta to znaci? Pogledaj link: http://windows.microsoft.com/en-US/windows/help/what-does-end-of-support-mean; **** Ukoliko se odlucis na ovaj korak (instaliranje SP3), preporucujem ti da prethodno uradis backup svih bitnih podataka. - Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop. Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje. Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Dozvoli mu. Napomena: Kada zavrsis sa ciscenjem temp fajlova,program mozes obrisati ili ga sacuvati za kasniju upotrebu.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » cudne pojave...

Ko je trenutno na forumu

Ukupno su 916 korisnika na forumu :: 18 registrovanih, 2 sakrivenih i 896 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., alkatraz080, babaroga, Bubimir, cenejac111, Fabius, ladro, marsovac 2, mnn2, mrav pesadinac, Oscar, raketaš, repac, solic, suton, uruk, Vatreni Zmaj, yufighter

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by