MyCity » Ambulanta -> Arhiva Ambulante » otvaranje suvisnih prozora

otvaranje suvisnih prozora

Napisano na dan: 15.10.2014
1

otvaranje suvisnih prozora
Sledeća strana Pagination

Idi na vrh

Poslao: 15 Okt 2014 18:35
Idi na vrh
offline
  • Pridružio: 28 Apr 2012
  • Poruke: 62

molim da mi neko ukratko kaze sta se to desava...iskacu mi staqlno prozori ....online casino,aliexpress i slicni...bukvalno mi koce rad na internetu......posle se pojavi prozor sa opcijom end now....izbaci me sa neta....i tako ponovo...

mozda sam temu stavila na pogresno mesto......

Poslao: 15 Okt 2014 18:53
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Pozdrav i dobrodosla u Ambulantu. Nisi, otvorila si temu na pravo mesto.

Da bi poceli, potrebno je da ispratis ovu temu i postavis nam dijagnosticke izvestaje (Korak#2).
http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Na osnovu tih izvestaja mi vidimo gde je problem a onda i kako ga ukloniti.

Poslao: 16 Okt 2014 21:02
Idi na vrh
offline
  • Pridružio: 28 Apr 2012
  • Poruke: 62

Napisano: 16 Okt 2014 20:54

sve je to u redu...samo kad skinem bilo koju verziju FRST-a iskoci upozoravajuci prozor .....not valid win32 aplication...

Dopuna: 16 Okt 2014 21:02

i jos kad skinem ovaj FRST 32 bit verziju pokazuje da sam pokupila trojanca,pa ne mogu ni da zavrsim instalaciju....

Poslao: 16 Okt 2014 21:24
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Da probamo ovako ...



Preuzmite program OTL sa donjeg linka na Desktop:


OTL download
Kliknite dati link - u prozoru koji se otvori, kliknite Save;
kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.

Dvoklikom pokrenite OTL;

kliknite Run Scan;

po završetku skeniranja, izveštaj (koji će biti automatski sačuvan na Desktop-u kao OTL.Txt) će se otvoriti u Notepad-u.

Priložite izveštaj OTL.Txt uz poruku korišćenjem opcije Prikači fajl.

Poslao: 18 Okt 2014 22:23
Idi na vrh
offline
  • Pridružio: 28 Apr 2012
  • Poruke: 62

evo konacno....hvala vam.....
mycity.rs/must-login.png

Poslao: 19 Okt 2014 20:08
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Pozdrav,

Pokusaj prvo da deinstaliras 360 Total Security jer vec imas ESET. Ili deinstaliraj ESET a ostavi 360 ako ti je tako draze. Izbor je na tebi.

OTL log ne prikazuje nista konkretno, moramo to malo dublje da ispitamo ...



1. Preuzmi sUBs-ov ComboFix () sa ovog linka i sačuvaj alat na Desktop.
• Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
• Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.

------------------------------------------------------------
2. Privremeno deaktiviraj AntiVirus program, u većini slučajeva preko desnog klika na ikonu programa u system tray. Oni mogu ometati alat tokom rada.
Ukoliko nisi siguran kako to da uradiš, isprati ovo uputstvo.

------------------------------------------------------------
3. Dvoklikom na ikonicu pokreni ComboFix. Potom, na disclaimer prozoru klikni dugme I Agree!

• ComboFix će proveriti da li je dostupna nova verzija alata.
Klikni Yes ako je zatrazeno preuzimanje.
• Ukoliko Recovery Console nije instaliran, ComboFix će ponuditi preuzimanje i instalaciju.
Klikni Yes da bi dozvolio alatu da preuzme i instalira Recovery Console
• ComboFix će skenirati računar po fazama (Stage_#) ukupno 50 faza.
Ne kliktati okolo dok ComboFix ispituje sistem.
• Ukoliko je malware detektovan, ComboFix će zapoceti njegovo uklanjanje.
Iz tog razloga, alat će po potrebi restartovati Windows (nekad i više puta);
Napomena: Ako nakon rada alata dobiješ grešku (Illegal operation attempted on a registry key that has been marked for deletion) prilikom startovanja programa, restartovati računar i to ce rešiti problem.

------------------------------------------------------------
4. Kada alat završi, formiraće i otvoriti izveštaj (tipična lokacija: C:\ComboFix.txt)
Iskopiraj sadržaj ComboFix.txt izveštaja u poruku.

ComboFix će takođe formirati i dodatan izveštaj (tipicna lokacija: C:\Qoobox\ComboFix-quarantined-files.txt)
Okači ComboFix-quarantined-files.txt izveštaj uz poruku koristeći opciju Prikači fajl

Poslao: 20 Okt 2014 20:15
Idi na vrh
offline
  • Pridružio: 28 Apr 2012
  • Poruke: 62

sory ..opet imam neke probleme....recimo da sam iskljucila 360 security ComboFix kad ukljucim pisti...tj...prikazuje da i ESET Nod 32 smeta...ili sta vec...sta dalje raditi...blentava sam za ovo...hvala vam

Poslao: 20 Okt 2014 20:32
Idi na vrh
rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Dok se kolega ne javi, deinstaliraj taj 360 kineski antivirus jer ti pravi problem. Ima mnogo laznih uzbuna. Za njega je i Total Commander malware a kamo li alati koje mi koristimo.

Jos bolje da deinstaliras oba antivirusa dok ne zavrsite ciscenje, ko zna kakav rusvaj su napravili u sistemu.

Pozdrav.

Poslao: 20 Okt 2014 22:25
Idi na vrh
offline
  • Pridružio: 28 Apr 2012
  • Poruke: 62

uspela sam....oh konacno.....

mycity.rs/must-login.png



ComboFix 14-10-20.01 - Administrator 10/20/2014 22:07:51.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1916.1388 [GMT 2:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\All Users\Application Data\USBSecurity\svighost.dll
C:\END
c:\program files\MyPC Backup\aff.conf
c:\program files\MyPC Backup\AlphaVSS.51.x86.dll
c:\program files\MyPC Backup\AlphaVSS.52.x64.dll
c:\program files\MyPC Backup\AlphaVSS.52.x86.dll
c:\program files\MyPC Backup\AlphaVSS.60.x64.dll
c:\program files\MyPC Backup\AlphaVSS.60.x86.dll
c:\program files\MyPC Backup\AlphaVSS.Common.dll
c:\program files\MyPC Backup\AWSSDK.dll
c:\program files\MyPC Backup\BackupStack.exe
c:\program files\MyPC Backup\Config\api.ts2
c:\program files\MyPC Backup\Configuration Updater.exe
c:\program files\MyPC Backup\Crypto32.dll
c:\program files\MyPC Backup\Crypto64.dll
c:\program files\MyPC Backup\Database\mpcb_backup_conf.db
c:\program files\MyPC Backup\Database\mpcb_file_cache.db
c:\program files\MyPC Backup\Database\mpcb_queues.db
c:\program files\MyPC Backup\Database\mpcb_settings.db
c:\program files\MyPC Backup\Database\mpcb_sig_cache.db
c:\program files\MyPC Backup\Database\mpcb_version_queue.db
c:\program files\MyPC Backup\de_DE.mo
c:\program files\MyPC Backup\diffstack.dll
c:\program files\MyPC Backup\es_ES.mo
c:\program files\MyPC Backup\fr_FR.mo
c:\program files\MyPC Backup\GetText.dll
c:\program files\MyPC Backup\it_IT.mo
c:\program files\MyPC Backup\LinqBridge.dll
c:\program files\MyPC Backup\log\APPLICATION.log
c:\program files\MyPC Backup\log\AUTH.log
c:\program files\MyPC Backup\log\BACKOFF.log
c:\program files\MyPC Backup\log\CLIENT.log
c:\program files\MyPC Backup\log\GRID_RECOVERY_INIT.log
c:\program files\MyPC Backup\log\LICENCE.log
c:\program files\MyPC Backup\log\NETWORK_SHARES.log
c:\program files\MyPC Backup\log\REMOTING.log
c:\program files\MyPC Backup\log\REQUEST.log
c:\program files\MyPC Backup\log\SERVICE.log
c:\program files\MyPC Backup\log\SHELL.log
c:\program files\MyPC Backup\log\UPDATER.log
c:\program files\MyPC Backup\log\UTC_MIGRATION.log
c:\program files\MyPC Backup\log\WAIT_HANDLES.log
c:\program files\MyPC Backup\LogicNP.EZShellExtensions.dll
c:\program files\MyPC Backup\MPCBClient.dll
c:\program files\MyPC Backup\MPCBContextMenu.dll
c:\program files\MyPC Backup\MPCBIconOverlays.dll
c:\program files\MyPC Backup\MyPC Backup.exe
c:\program files\MyPC Backup\mypcbackup.ico
c:\program files\MyPC Backup\ObjectListView.dll
c:\program files\MyPC Backup\pt_PT.mo
c:\program files\MyPC Backup\RegisterExtensionDotNet20_x64.exe
c:\program files\MyPC Backup\RegisterExtensionDotNet20_x86.exe
c:\program files\MyPC Backup\RestartExplorer.exe
c:\program files\MyPC Backup\Service Start.exe
c:\program files\MyPC Backup\Shared Stack.dll
c:\program files\MyPC Backup\Signup Wizard.exe
c:\program files\MyPC Backup\syncicon.ico
c:\program files\MyPC Backup\syncing.ico
c:\program files\MyPC Backup\tick.ico
c:\program files\MyPC Backup\uninst.exe
c:\program files\MyPC Backup\UnRegisterExtensions.exe
c:\program files\MyPC Backup\Updater.exe
c:\program files\MyPC Backup\x64\System.Data.SQLite.dll
c:\program files\MyPC Backup\x86\System.Data.SQLite.dll
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_BackupStack
-------\Legacy_BackupStack
-------\Service_BackupStack
-------\Service_BackupStack
.
.
((((((((((((((((((((((((( Files Created from 2014-09-20 to 2014-10-20 )))))))))))))))))))))))))))))))
.
.
2014-10-20 17:47 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2014-10-20 17:28 . 2008-06-13 11:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2014-10-20 17:28 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2014-10-20 17:28 . 2008-04-21 18:44 330752 -c----w- c:\windows\system32\dllcache\ipnathlp.dll
2014-10-20 17:28 . 2014-10-20 19:58 -------- d--h--w- c:\windows\$hf_mig$
2014-10-20 17:28 . 2008-05-01 14:33 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2014-10-16 18:31 . 2014-10-16 18:31 -------- d-----w- c:\documents and settings\Administrator\Application Data\FlvPlayer
2014-10-09 19:50 . 2014-10-09 19:50 -------- d-----w- c:\program files\CCleaner
2014-09-29 15:02 . 2014-09-29 15:02 -------- d-----w- c:\documents and settings\Administrator\Application Data\WebExtend
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-10 17:45 . 2014-09-02 09:30 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-09-10 17:45 . 2014-07-14 08:16 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2005-04-11 65536]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2014-09-26 4811032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-28 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-28 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-08-28 141848]
"RTHDCPL"="RTHDCPL.EXE" [2008-01-29 16859648]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1024000]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-25 413696]
"AutorunRemover.exe"="c:\program files\AutorunRemover\AutorunRemover.exe" [2011-04-22 1806848]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 279456]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [9/29/2009 1:02 PM 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [9/29/2009 1:05 PM 96408]
S1 BAPIDRV;BAPIDRV;c:\windows\system32\DRIVERS\BAPIDRV.sys --> c:\windows\system32\DRIVERS\BAPIDRV.sys [?]
S3 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [9/29/2009 1:03 PM 735960]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [4/9/2014 3:12 PM 235696]
S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTS5121.sys --> c:\windows\system32\Drivers\RTS5121.sys [?]
S3 Update neurowise;Update neurowise;"c:\program files\neurowise\updateneurowise.exe" --> c:\program files\neurowise\updateneurowise.exe [?]
S4 Util neurowise;Util neurowise;"c:\program files\neurowise\bin\utilneurowise.exe" --> c:\program files\neurowise\bin\utilneurowise.exe [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-19 15:34 1089352 ----a-w- c:\program files\Google\Chrome\Application\38.0.2125.104\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-07-14 08:38]
.
2014-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-07-14 08:38]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 89.216.1.40 89.216.1.50
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\pb5782zn.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - ExtSQL: 2014-08-30 00:05; firefox-hotfix@mozilla.org; c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\pb5782zn.default\extensions\firefox-hotfix@mozilla.org.xpi
user_pref(extensions.autoDisableScopes,14);
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-MyPC Backup - c:\program files\MyPC Backup\uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2014-10-20 22:11
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2014-10-20 22:12:51
ComboFix-quarantined-files.txt 2014-10-20 20:12
.
Pre-Run: 48,833,601,536 bytes free
Post-Run: 48,838,950,912 bytes free
.
- - End Of File - - 422E3891C4F735E78BA6DF2B8D86B40F
8F558EB6672622401DA993E1E865C861

Poslao: 20 Okt 2014 22:34
Idi na vrh
offline
  • magna86  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 21 Jun 2008
  • Poruke: 6103

Pozdrav,

Super. Ovaj mocni alat je odradio svoju caroliju ...

Mozes li molim te da postavis i dodatni izvestaj?
C:\Qoobox\ComboFix-quarantined-files.txt

MyCity » Ambulanta -> Arhiva Ambulante » otvaranje suvisnih prozora

Ko je trenutno na forumu
 

Ukupno su 1512 korisnika na forumu :: 50 registrovanih, 5 sakrivenih i 1457 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., amaterSRB, Apok, babaroga, Ben Roj, bigfoot, Bobrock1, cinoeye, deLacy, DonRumataEstorski, dushan, FileFinder, FOX, galerija, goxin, Grah0, HrcAk47, ILGromovnik, Joco Skljoco, Karla, kjkszpj, Kubovac, ladro, laurusri, Leonov, Lieutenant, Metanoja, Miloskec, milutin134, MrNo, novator, ObelixSRB, Oscar, ozzy, Parker, pein, procesor, radoznao, rodoljub, ruger357, S1Mk3, slonic_tonic, stegonosa, styg, Tores, vladulns, W123, wolf431, zixmix, Zoca