MyCity » Ambulanta -> Arhiva Ambulante » spyware guard problem

spyware guard problem

Napisano na dan: 27.12.2008

Strana:
1
2

spyware guard problem

Sledeća strana

Pagination

Odgovori

Strana:
1
2

srdjan076 Poslao: 27 Dec 2008 02:00 Idi na vrh
offline srdjan076 Građanin Pridružio: 27 Dec 2008 Poruke: 30	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 1:48:39 AM, on 12/27/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18241) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\WINDOWS\system32\ctfmon.exe C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Rainlendar2\Rainlendar2.exe C:\Program Files\Ovislink\Common\TurboG-UI.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Windows Live\Messenger\wlcsdk.exe C:\WINDOWS\system32\WISPTIS.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\uTorrent\uTorrent.exe C:\Documents and Settings\All Users\Application Data\Microsoft\Protect\svhost.exe C:\WINDOWS\system32\winscenter.exe C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Spyware Guard 2008\spywareguard.exe C:\WINDOWS\system32\wbem\wmiprvse.exe D:\SKINUTO SA INTERNETA\HiJackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157 O1 - Hosts: 66.98.148.65 auto.search.msn.com O1 - Hosts: 66.98.148.65 auto.search.msn.es O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [AntiSpyWare2Guard] C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [spywareguard] C:\Program Files\Spyware Guard 2008\spywareguard.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: AirLive Turbo-G Wireless Utility.lnk = C:\Program Files\Ovislink\Common\TurboG-UI.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{3A455EF2-F91F-4537-8468-69EA55C14D4B}: NameServer = 81.93.85.152 81.93.85.132 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O21 - SSODL: ieModule - {547D99B1-CE6C-40E5-ABAC-BECF6701F01B} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll O21 - SSODL: InternetConnection - {8EC94ADC-ACFD-4743-B371-3B22FB145525} - C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\cvhhwwxyzx.dll O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 8047 bytes Dopuna: 27 Dec 2008 2:00 zaboravio sam da kazem da mi se poceo paliti neki spyware guard neznam kako da ga uklonim

Profil

diarno Poslao: 27 Dec 2008 03:20 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Uradi sledece: * Klikni desnim tasterom miša na AVG ikonicu ( ) u donjem, desnom uglu ekrana. * Kada se pokrene AVG Control Center, dvoklikni na AVG Resident Shield komponentu. * U prozoru koji se otvori, deštikliraj opciju Turn on AVG Resident Shield i klikni OK. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

srdjan076 Poslao: 27 Dec 2008 15:22 Idi na vrh
offline srdjan076 Građanin Pridružio: 27 Dec 2008 Poruke: 30	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav neradi ni jedna ova stranica sto si mi poslao Dopuna: 27 Dec 2008 15:22 u medjuvremenu sam zamjenio anti virus stavio sam aviru

Profil

diarno Poslao: 27 Dec 2008 16:48 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Probaj odavde : http://amf.mycity.rs/programs/mirrored/C-F.exe

Profil

srdjan076 Poslao: 27 Dec 2008 19:55 Idi na vrh
offline srdjan076 Građanin Pridružio: 27 Dec 2008 Poruke: 30	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-12-26.03 - Srdjan 2008-12-27 19:45:15.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.511.289 [GMT 1:00] Running from: c:\documents and settings\Srdjan\Desktop\C-F.exe AV: Avira AntiVir PersonalEdition On-access scanning enabled (Updated) WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\moduleie.dll c:\program files\Spyware Guard 2008 c:\program files\Spyware Guard 2008\conf.cfg c:\program files\Spyware Guard 2008\mbase.vdb c:\program files\Spyware Guard 2008\quarantine.vdb c:\program files\Spyware Guard 2008\queue.vdb c:\program files\Spyware Guard 2008\spywareguard.exe c:\program files\Spyware Guard 2008\vbase.vdb c:\windows\reged.exe c:\windows\spoolsystem.exe c:\windows\sys.com c:\windows\syscert.exe c:\windows\sysexplorer.exe c:\windows\system32\drivers\TDSSmqlt.sys c:\windows\system32\TDSSbrsr.dll c:\windows\system32\TDSSlxwp.dll c:\windows\system32\TDSSoiqh.dll c:\windows\system32\TDSSosvd.dat c:\windows\system32\TDSSriqp.dll c:\windows\system32\TDSStkdu.log c:\windows\system32\TDSSxfum.dll c:\windows\system32\winscenter.exe c:\windows\vmreg.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_TDSSserv.sys -------\Legacy_TDSSserv.sys ((((((((((((((((((((((((( Files Created from 2008-11-27 to 2008-12-27 ))))))))))))))))))))))))))))))) . 2008-12-27 14:42 . 2008-12-27 14:42 <DIR> d-------- c:\program files\Avira 2008-12-27 14:42 . 2008-12-27 14:42 <DIR> d-------- c:\documents and settings\All Users\Application Data\Avira 2008-12-27 14:40 . 2008-12-27 14:40 <DIR> d-------- c:\documents and settings\All Users\Application Data\Avg7 2008-12-26 15:39 . 2008-12-26 17:01 69 --a------ c:\windows\NeroDigital.ini 2008-12-26 15:28 . 2008-12-26 15:28 <DIR> d-------- c:\documents and settings\Srdjan\Application Data\Nero 2008-12-26 15:26 . 2008-12-26 15:26 <DIR> d-------- c:\program files\Nero 2008-12-26 15:26 . 2008-12-26 15:27 <DIR> d-------- c:\program files\Common Files\Nero 2008-12-26 15:26 . 2008-12-26 15:26 <DIR> d-------- c:\documents and settings\All Users\Application Data\Nero 2008-12-25 01:14 . 2008-12-25 01:14 14 --a------ c:\windows\popcinfot.dat 2008-12-25 01:13 . 2008-12-25 01:13 <DIR> d-------- c:\documents and settings\All Users\Application Data\PopCap Games 2008-12-21 23:39 . 2008-12-21 23:39 <DIR> d-------- c:\program files\GameHouse 2008-12-21 23:39 . 2008-12-26 17:06 10 --a------ c:\windows\popcinfo.dat 2008-12-21 23:10 . 2008-10-18 16:09 1,041 --a------ C:\ma477.bin 2008-12-17 13:29 . 2008-12-17 13:29 <DIR> d-------- c:\program files\Common Files\xing shared 2008-12-16 21:25 . 2008-12-16 21:25 <DIR> d-------- c:\windows\PixArt 2008-12-16 21:25 . 2008-12-16 21:25 <DIR> d-------- c:\program files\PLEOMAX PWC-2000 2008-12-16 21:25 . 2008-12-16 21:25 <DIR> d-------- c:\program files\Common Files\PWC2000 2008-12-16 21:25 . 2005-09-16 05:34 150,272 --a------ c:\windows\system32\drivers\PA707UCM.SYS 2008-12-16 21:25 . 2005-11-26 08:39 107,520 --a------ c:\windows\system32\SP7311.AX 2008-12-16 21:17 . 2008-12-27 15:49 <DIR> d-------- c:\documents and settings\Srdjan\Tracing 2008-12-16 21:16 . 2008-12-16 21:16 <DIR> d-------- c:\program files\Microsoft 2008-12-16 20:47 . 2008-12-16 20:47 <DIR> d-------- c:\program files\Common Files\Windows Live 2008-12-16 20:37 . 2008-12-16 21:15 <DIR> d-------- c:\program files\Windows Live 2008-12-16 20:37 . 2008-12-16 20:37 <DIR> d--hsc--- c:\program files\Common Files\WindowsLiveInstaller 2008-12-16 20:37 . 2008-12-16 20:37 <DIR> d-------- c:\documents and settings\All Users\Application Data\WLInstaller 2008-12-16 20:28 . 2007-07-30 19:19 43,352 --a------ c:\windows\system32\wups2.dll 2008-12-16 20:28 . 2007-07-30 19:18 34,136 --a------ c:\windows\system32\wucltui.dll.mui 2008-12-16 20:28 . 2007-07-30 19:19 25,944 --a------ c:\windows\system32\wuaucpl.cpl.mui 2008-12-16 20:28 . 2007-07-30 19:19 25,944 --a------ c:\windows\system32\wuapi.dll.mui 2008-12-16 20:28 . 2007-07-30 19:18 20,312 --a------ c:\windows\system32\wuaueng.dll.mui 2008-12-16 20:10 . 2008-12-16 20:10 <DIR> d-------- c:\documents and settings\Srdjan\Application Data\MealSiteBook 2008-12-16 17:02 . 2008-12-16 17:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\Proxy Long Chin Ping 2008-12-16 15:59 . 2008-12-16 15:59 <DIR> d-------- c:\documents and settings\All Users\Application Data\Eset 2008-12-15 17:00 . 2008-12-24 18:27 <DIR> d-------- c:\program files\Windows Media Connect 2 2008-12-15 16:58 . 2008-12-15 16:58 <DIR> d-------- c:\windows\system32\LogFiles 2008-12-15 16:58 . 2008-12-15 16:59 <DIR> d-------- c:\windows\system32\drivers\UMDF 2008-12-14 19:38 . 2008-12-14 19:38 196,608 --a------ c:\windows\system32\avisynth.dll 2008-12-14 19:38 . 2008-12-14 19:38 33,280 --a------ c:\windows\system32\HUFFYUV.DLL 2008-12-14 17:37 . 2008-12-14 21:32 <DIR> d-------- c:\program files\Lavasoft 2008-12-14 13:01 . 2008-12-14 13:01 <DIR> d-------- c:\program files\KONAMI 2008-12-14 01:19 . 2008-12-14 01:19 <DIR> d-------- c:\program files\uTorrent 2008-12-14 01:19 . 2008-12-27 02:23 <DIR> d-------- c:\documents and settings\Srdjan\Application Data\uTorrent 2008-12-14 00:42 . 2008-12-14 17:56 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft 2008-12-13 23:26 . 2008-12-13 23:26 <DIR> d-------- c:\program files\Common Files\Adobe AIR 2008-12-13 23:25 . 2008-12-13 23:25 <DIR> d-------- c:\program files\Common Files\Adobe 2008-12-13 19:27 . 2008-12-27 15:30 <DIR> d-------- c:\program files\Rainlendar2 2008-12-13 19:27 . 2008-12-27 15:30 <DIR> d-------- c:\documents and settings\Srdjan\.rainlendar2 2008-12-13 02:42 . 2008-12-13 02:42 <DIR> d-------- c:\program files\CCleaner 2008-12-12 18:59 . 2008-12-12 19:00 <DIR> d-------- c:\program files\Real 2008-12-12 18:59 . 2008-12-17 13:29 <DIR> d-------- c:\program files\Common Files\Real 2008-12-12 15:47 . 2008-12-12 15:47 <DIR> d--hs---- c:\documents and settings\Srdjan\PrivacIE 2008-12-12 15:42 . 2008-12-12 15:42 268 --ah----- C:\sqmdata02.sqm 2008-12-12 15:42 . 2008-12-12 15:42 244 --ah----- C:\sqmnoopt02.sqm 2008-12-12 15:35 . 2008-12-12 15:35 268 --ah----- C:\sqmdata01.sqm 2008-12-12 15:35 . 2008-12-12 15:35 244 --ah----- C:\sqmnoopt01.sqm 2008-12-12 15:34 . 2008-12-12 15:34 <DIR> d--h-c--- c:\windows\ie8 2008-12-12 15:34 . 2008-06-12 11:27 26,144 --a------ c:\windows\system32\spupdsvc.exe 2008-12-12 15:25 . 2008-12-12 15:25 <DIR> d-------- c:\windows\system32\IOSUBSYS 2008-12-12 15:14 . 2008-12-12 15:46 <DIR> d-------- c:\documents and settings\Srdjan\Contacts 2008-12-12 15:08 . 2008-12-12 15:08 <DIR> d-------- c:\documents and settings\All Users\Application Data\Windows Live Toolbar 2008-12-12 15:07 . 2008-12-12 14:42 <DIR> d-------- c:\program files\Windows Live Toolbar 2008-12-12 15:06 . 2008-12-12 15:06 <DIR> d----c--- c:\windows\system32\DRVSTORE 2008-12-12 14:55 . 2008-12-12 14:55 268 --ah----- C:\sqmdata00.sqm 2008-12-12 14:55 . 2008-12-12 14:55 244 --ah----- C:\sqmnoopt00.sqm 2008-12-12 14:51 . 2008-12-12 14:51 <DIR> d-------- c:\program files\Ovislink 2008-12-12 14:51 . 2005-10-27 15:06 356,096 --a------ c:\windows\system32\drivers\Rt61.sys 2008-12-12 14:51 . 2005-05-17 16:24 311,296 --a------ c:\windows\system32\AegisI5.exe 2008-12-12 14:51 . 2005-10-20 15:00 243,328 --a------ c:\windows\system32\drivers\RT2500.SYS 2008-12-12 14:51 . 2005-07-15 18:11 81,920 --a------ c:\windows\system32\Install6x.dll 2008-12-12 14:51 . 2008-12-12 14:51 20,747 --a------ c:\windows\system32\drivers\AegisP.sys 2008-12-12 14:51 . 2005-10-26 14:22 8,192 --a------ c:\windows\system32\drivers\RT2661.bin 2008-12-12 14:51 . 2005-10-26 14:22 8,192 --a------ c:\windows\system32\drivers\RT2561s.bin 2008-12-12 14:51 . 2005-10-26 14:22 8,192 --a------ c:\windows\system32\drivers\RT2561.bin 2008-12-12 14:51 . 2005-06-16 00:30 162 --a------ c:\windows\filespec6x 2008-12-12 14:44 . 2008-12-12 14:44 <DIR> d-------- c:\program files\Skype 2008-12-12 14:44 . 2008-12-27 16:09 <DIR> d-------- c:\documents and settings\Srdjan\Application Data\skypePM 2008-12-12 14:44 . 2008-12-26 22:29 <DIR> d-------- c:\documents and settings\Srdjan\Application Data\Skype 2008-12-12 14:44 . 2008-12-12 14:44 56 --ah----- c:\windows\system32\ezsidmv.dat 2008-12-12 14:43 . 2008-12-12 14:43 <DIR> d-------- c:\program files\Common Files\Skype 2008-12-12 14:43 . 2008-12-12 14:44 <DIR> d-------- c:\documents and settings\All Users\Application Data\Skype 2008-12-12 14:36 . 2008-12-12 14:36 169 --a------ c:\windows\RtlRack.ini 2008-12-12 14:32 . 2008-12-12 14:32 <DIR> d-------- c:\program files\Yahoo! 2008-12-12 14:32 . 2008-12-12 14:32 <DIR> d-------- c:\documents and settings\All Users\Application Data\Yahoo! 2008-12-12 14:25 . 2008-12-27 17:28 <DIR> d-------- c:\program files\Mozilla Thunderbird 2008-12-12 14:25 . 2008-12-12 14:25 <DIR> d-------- c:\documents and settings\Srdjan\Application Data\Thunderbird 2008-12-12 14:25 . 2008-12-12 14:25 <DIR> d-------- c:\documents and settings\Srdjan\Application Data\Talkback 2008-12-10 18:31 . 2008-12-10 18:31 <DIR> d-------- c:\documents and settings\Srdjan\Application Data\Malwarebytes 2008-12-10 18:31 . 2008-12-10 18:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2008-12-10 18:02 . 2008-12-10 18:02 <DIR> d-------- c:\documents and settings\All Users\Application Data\nView_Profiles . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-27 13:21 --------- d-----w c:\program files\TUGZip 2008-12-16 20:25 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-14 20:32 --------- d-----w c:\program files\Common Files\Wise Installation Wizard 2008-12-12 14:42 --------- d-----w c:\documents and settings\Srdjan\Application Data\BSplayer 2008-12-12 14:25 --------- d-----w c:\program files\Google 2008-12-10 16:48 --------- d-----w c:\program files\Microsoft.NET 2008-12-10 16:47 --------- d-----w c:\program files\Microsoft ActiveSync 2008-12-10 16:41 --------- d-----w c:\documents and settings\Srdjan\Application Data\BSplayer Pro 2008-12-10 16:40 --------- d-----w c:\program files\K-Lite Codec Pack 2008-12-10 16:36 --------- d-----w c:\documents and settings\Srdjan\Application Data\Winamp 2008-12-10 16:35 --------- d-----w c:\program files\Winamp 2008-12-10 16:32 306,432 ----a-w c:\windows\system32\TuneUpDefragService.exe 2008-12-10 16:32 --------- d-----w c:\program files\TuneUp Utilities 2008 2008-12-10 16:32 --------- d-----w c:\documents and settings\Srdjan\Application Data\TuneUp Software 2008-12-10 16:32 --------- d-----w c:\documents and settings\All Users\Application Data\TuneUp Software 2008-12-10 16:29 --------- d-----w c:\program files\CONEXANT 2008-12-10 16:22 --------- d-----w c:\program files\Realtek Sound Manager 2008-12-10 16:22 --------- d-----w c:\program files\Common Files\InstallShield 2008-12-10 16:22 --------- d-----w c:\program files\AvRack 2008-12-10 16:07 --------- d-----w c:\program files\microsoft frontpage 2008-12-02 21:37 49,480 ----a-w c:\windows\system32\sirenacm.dll 2008-11-17 20:04 2,306,113 ----a-w c:\windows\system32\GPhotos.scr . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2008-12-02 3882312] "Yahoo! Pager"="c:\progra~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" [2007-08-27 4670704] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-12-10 7311360] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-12-10 86016] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-12-17 185872] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 1836328] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "SoundMan"="SOUNDMAN.EXE" [2004-06-18 c:\windows\SOUNDMAN.EXE] "nwiz"="nwiz.exe" [2005-12-10 c:\windows\system32\nwiz.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] c:\documents and settings\All Users\Start Menu\Programs\Startup\ AirLive Turbo-G Wireless Utility.lnk - c:\program files\Ovislink\Common\TurboG-UI.exe [2008-12-12 614400] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.HFYU"= huffyuv.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\NVIDIA\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"= R3 PAC7311;PLEOMAX PWC-2000;c:\windows\system32\DRIVERS\PA707UCM.SYS [2008-12-16 150272] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6b3cfe75-c6da-11dd-a0f8-806d6172696f}] \Shell\AutoRun\command - e:\bin\Assetup.exe . Contents of the 'Scheduled Tasks' folder 2008-12-12 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2008\OneClick.exe [2008-01-08 13:31] 2008-12-27 c:\windows\Tasks\User_Feed_Synchronization-{5D84A704-E623-4283-BAC9-6AC6E0733F2A}.job - c:\windows\system32\msfeedssync.exe [2008-08-22 03:05] . - - - - ORPHANS REMOVED - - - - HKLM-Run-spywareguard - c:\program files\Spyware Guard 2008\spywareguard.exe . ------- Supplementary Scan ------- . uDefault_Search_URL = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Srdjan\Application Data\Mozilla\Firefox\Profiles\xxoud96e.default\ FF - prefs.js: browser.startup.homepage - google FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Yahoo!\Shared\npYState.dll . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-12-27 19:46:37 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TDSSserv.sys] "imagepath"="\systemroot\system32\drivers\TDSSmqlt.sys" . Completion time: 2008-12-27 19:47:21 ComboFix-quarantined-files.txt 2008-12-27 18:47:05 Pre-Run: 69,040,611,328 bytes free Post-Run: 69,820,063,744 bytes free 234

Profil

diarno Poslao: 27 Dec 2008 22:10 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sada stanje?

Profil

srdjan076 Poslao: 27 Dec 2008 22:28 Idi na vrh
offline srdjan076 Građanin Pridružio: 27 Dec 2008 Poruke: 30	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! super nepojavljuje se vise spyware guard instalirao sam malwarebytes antimalware i on je nasao 12 infekcija i obrisao sad ja ok

Profil

diarno Poslao: 27 Dec 2008 22:36 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ja ti nisam rekao da pustas MBAM... Kazi mi kada si ga pustao : pre ili posle Combofixa.? Uradi sledece : Otvori Malwarebyts i klikni na Logs tab/karticu oznaci izvestaj i klikni open. Iskopiraj mi ovde sadrzaj iz notepada.

Profil

srdjan076 Poslao: 28 Dec 2008 00:00 Idi na vrh
offline srdjan076 Građanin Pridružio: 27 Dec 2008 Poruke: 30	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! sve sam pobrisao znao sam da cu nesto zabrljati a posle sam ga instalirao Dopuna: 28 Dec 2008 0:00 sta da mu radim sad izvini bio sam nestrpljiv

Profil

diarno Poslao: 28 Dec 2008 00:03 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sta si pobrisao? Logove iz Malwarebytes-a? U sustini to je sad i nebitno s obzirom da je sada CF log cist.. Samo jos nesto...Da znas za ubuduce...Dok ti neko ovde u ambulanti(ako ponovo budes imao problema pa te muka dovede kod nas) daje instrukcije, nemoj svojevoljno koristiti druge security programe, a koji nisu navedeni u tim instrukcijama. Uradi jo i ovo : Klikni START a zatim RUN U liniju za unos teksta ukucaj Combofix /u i klikni OK Sačekaj da se proces deinstalacije završi Gornja procedura će: Obrisati sledeće: ComboFix i njegove file-ove i foldere VundoFix Backups folder, ako postoji C:\Deckard folder, ako postoji C:\OtMoveIt folder, ako postoji Resetovati podešavanja sata na kompjuteru Sakriti ekstenzije file-ova, ako je potrebno Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno Resetovati System Restore

Profil

MyCity » Ambulanta -> Arhiva Ambulante » spyware guard problem

Ko je trenutno na forumu

Ukupno su 522 korisnika na forumu :: 6 registrovanih, 0 sakrivenih i 516 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: anta, bato, goxin, milenko crazy north, nenad81, sasa76

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by