MyCity » Ambulanta -> Arhiva Ambulante » Isti problem sa facebookom, pokupio sam virus preko chat-a, Hi how are you

Isti problem sa facebookom, pokupio sam virus preko chat-a, Hi how are you

Napisano na dan: 29.7.2011
1

Isti problem sa facebookom, pokupio sam virus preko chat-a, Hi how are you
Sledeća strana Pagination

Idi na vrh

Poslao: 29 Jul 2011 18:23
Idi na vrh
offline
  • Pridružio: 28 Jul 2011
  • Poruke: 6

E pa ovako isto mi se desilo kao i vecini ljudi pretpostavljam,stigla mi poruka Hi how are you ja kliknuo i ode sve u ... To naravno blokira anti virus itd ja se iznerviram reinstaliram kompjuter.ubacim sve ispocetka sve drajvere nov antivirus Avast itd i sistem normalno funkcionise ali naravno internet zeza otvori google otvori you tube ali nece da otvara neke stranice npr facebook,hotmail, itd sva sreca pa otvara ovaj forum gde verujem da cete mi pomoci da otklonim ovaj problem...
na kompjuteru imam ComboFix,imam Avast avast ne prijavljuje ni jedan virus...recite mi sta da radim dalje kako da mi profunkcionise internet normalno... UNAPRED HVALA NA POMOCI ... Ziveli

Poslao: 29 Jul 2011 18:28
Idi na vrh
offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Pozdrav NEMANJAKPD!










Arrow


U Ambulanti postoje neka pravila kojih se moramo pridrzavati.
Npr za otvaranje teme je potrebno da detaljno ispratis sledece Uputstvo: http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html


Postavi potrebne dijagnosticke izvestaje da pogledam.










Takodje, zapamti sledece ...


ComboFix nije dijagnosticki alat kao ovi iz uputstva. To je jako mocan alat, koji nepravilnim rukovanjem, moze unistiti operativni sistem ili pak obrisati sve padatke sa hard diska. Pokrece se iskljucivo uz predlog, nadleznost i detaljno uputstvo helpera koji je expert u toj oblasti i zna sta radi.

Za ubuduce, ne pokreci ComboFix na svoju ruku!!!








goran9888 (AMF Tim)

Poslao: 29 Jul 2011 18:53
Idi na vrh
offline
  • Pridružio: 28 Jul 2011
  • Poruke: 6

Napisano: 29 Jul 2011 18:30

Ok hvala Postoji li mogucnost resavanja mog problema???

Dopuna: 29 Jul 2011 18:35

Ok ok ukapirao sam sta treba da radim treba mi malo vremena Smile haha pocinjem proces

Dopuna: 29 Jul 2011 18:39

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18
Run by Nemanja at 18:33:10 on 2011-07-29
.
============== Running Processes ===============
.
C:\DOCUME~1\Nemanja\LOCALS~1\Temp\nsu19.tmp\ProcessList.txt
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
TCP: DhcpNameServer = 93.184.80.100 212.200.88.250
TCP: Interfaces\{FB99DDE3-3931-4AD2-9127-989E9A9E1E48} : DhcpNameServer = 93.184.80.100 212.200.88.250
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\nemanja\application data\mozilla\firefox\profiles\02c7ldt3.default\
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\nemanja\local settings\application data\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
.
============= SERVICES / DRIVERS ===============
.
R? gupdate;Google Update Service (gupdate)
S? aswFsBlk;aswFsBlk
S? aswSnx;aswSnx
S? aswSP;aswSP
S? avast! Antivirus;avast! Antivirus
S? CamSuiteVAC;CamSuite Virtual Audio
S? MBAMProtector;MBAMProtector
S? MBAMService;MBAMService
.
=============== Created Last 30 ================
.
2011-07-28 14:16:33 -------- d-----w- c:\documents and settings\nemanja\application data\Malwarebytes
2011-07-28 14:16:26 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-28 14:16:25 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-07-28 14:16:21 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-28 14:16:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-28 12:08:21 -------- d-----w- c:\documents and settings\nemanja\local settings\application data\ACD Systems
2011-07-28 12:08:20 -------- d-----w- c:\documents and settings\nemanja\application data\ACD Systems
2011-07-27 22:54:09 -------- d-s---w- C:\ComboFix
2011-07-27 22:41:20 -------- d-sha-r- C:\cmdcons
2011-07-27 22:39:26 98816 ----a-w- c:\windows\sed.exe
2011-07-27 22:39:26 518144 ----a-w- c:\windows\SWREG.exe
2011-07-27 22:39:26 256000 ----a-w- c:\windows\PEV.exe
2011-07-27 22:39:26 208896 ----a-w- c:\windows\MBR.exe
2011-07-27 22:04:58 -------- d-sh--w- c:\documents and settings\nemanja\IECompatCache
2011-07-27 22:03:49 -------- d-sh--w- c:\documents and settings\nemanja\PrivacIE
2011-07-27 22:01:38 -------- d-sh--w- c:\documents and settings\nemanja\IETldCache
2011-07-27 21:59:51 -------- d-----w- c:\windows\ie8updates
2011-07-27 21:59:31 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-07-27 21:59:30 599040 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2011-07-27 21:59:30 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-07-27 21:59:29 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-07-27 21:59:29 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-07-27 21:59:29 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2011-07-27 21:59:29 11076096 -c----w- c:\windows\system32\dllcache\ieframe.dll
2011-07-27 21:58:49 -------- dc-h--w- c:\windows\ie8
2011-07-27 20:11:27 8192 ----a-w- c:\program files\mozilla firefox\plugins\nprjplug.dll
2011-07-27 20:11:04 140864 ----a-w- c:\program files\mozilla firefox\plugins\nppl3260.dll
2011-07-27 20:10:55 98304 ----a-w- c:\program files\mozilla firefox\plugins\nprpjplug.dll
2011-07-27 20:10:44 -------- d-----w- c:\program files\common files\xing shared
2011-07-27 20:10:24 569397 ----a-w- c:\program files\internet explorer\plugins\richfx\player\nprfxins.dll
2011-07-27 20:10:20 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-07-27 20:10:17 -------- d-----w- c:\program files\common files\Real
2011-07-27 20:03:33 -------- d-----w- c:\documents and settings\nemanja\application data\go
2011-07-27 20:03:28 -------- d-----w- c:\documents and settings\all users\application data\Easybits GO
2011-07-27 19:57:01 -------- d-----w- c:\documents and settings\nemanja\application data\Reallusion
2011-07-27 19:54:21 -------- d-----w- c:\windows\PixArt
2011-07-27 19:51:26 5661488 ----a-w- c:\windows\system32\CSVirtualCamera.ocx
2011-07-27 19:51:26 37560 ----a-w- c:\windows\system32\drivers\CamSuiteVAC.sys
2011-07-27 19:51:26 -------- d-----w- c:\program files\common files\Reallusion
2011-07-27 19:51:09 -------- d-----w- c:\program files\Reallusion
2011-07-27 19:48:40 -------- d-----w- c:\windows\Cache
2011-07-27 19:48:02 458112 ----a-w- c:\windows\system32\drivers\PAC7302.SYS
2011-07-27 19:48:01 6656 ----a-w- c:\windows\system32\CoInst_071029.dll
2011-07-27 19:48:01 129024 ----a-w- c:\windows\system32\SP7302.AX
2011-07-27 19:48:01 -------- d-----w- c:\program files\common files\iLook300
2011-07-27 18:32:21 -------- d-----r- c:\program files\Skype
2011-07-27 17:02:03 -------- d-----w- c:\windows\system32\appmgmt
2011-07-27 16:20:30 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-07-27 16:20:30 411368 ----a-w- c:\windows\system32\deploytk.dll
2011-07-27 16:20:30 411368 ----a-w- c:\program files\mozilla firefox\plugins\npdeploytk.dll
2011-07-27 10:07:52 -------- d-----w- c:\documents and settings\nemanja\local settings\application data\ApplicationHistory
2011-07-26 01:03:12 -------- d-----w- c:\windows\ServicePackFiles
2011-07-26 00:13:29 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-07-26 00:13:29 272128 ------w- c:\windows\system32\drivers\bthport.sys
2011-07-25 21:27:23 -------- d-----w- C:\games
2011-07-25 21:13:23 -------- d-----w- C:\NV3448736.TMP
2011-07-25 21:13:23 -------- d-----w- C:\NV1328896.TMP
2011-07-25 21:12:32 -------- d-----w- C:\NV1984476.TMP
2011-07-25 21:12:31 -------- d-----w- C:\NV3136344.TMP
2011-07-25 21:12:30 -------- d-----w- C:\NV38164024.TMP
2011-07-25 21:12:30 -------- d-----w- C:\NV1880880.TMP
2011-07-25 19:11:06 2181376 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-07-25 19:11:06 2137088 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-07-25 19:11:05 2058368 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-07-25 19:11:05 2016768 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-07-25 18:57:41 -------- d-----w- c:\documents and settings\all users\application data\ACD Systems
2011-07-25 18:57:36 -------- d-----w- c:\program files\common files\ACD Systems
2011-07-25 18:57:36 -------- d-----w- c:\program files\ACD Systems
2011-07-25 18:56:38 -------- d-----w- c:\documents and settings\nemanja\local settings\application data\Downloaded Installations
2011-07-25 18:53:16 178176 ----a-w- c:\windows\system32\unrar.dll
2011-07-25 18:53:15 839680 ----a-w- c:\windows\system32\lameACM.acm
2011-07-25 18:53:14 881664 ----a-w- c:\windows\system32\xvidcore.dll
2011-07-25 18:53:14 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2011-07-25 18:53:14 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2011-07-25 18:53:14 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-07-25 18:53:13 90112 ----a-w- c:\windows\system32\dpl100.dll
2011-07-25 18:53:13 685056 ----a-w- c:\windows\system32\divx.dll
2011-07-25 18:53:13 3596288 ----a-w- c:\windows\system32\qt-dx331.dll
2011-07-25 18:53:10 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2011-07-25 18:53:09 -------- d-----w- c:\program files\K-Lite Codec Pack
2011-07-25 18:51:29 -------- d-----w- c:\documents and settings\nemanja\local settings\application data\Opera
2011-07-25 18:50:52 -------- d-----w- c:\windows\Logs
2011-07-25 17:30:00 -------- d-----w- c:\program files\GRETECH
2011-07-25 16:55:08 -------- d-----w- C:\NV24483724.TMP
2011-07-25 16:55:07 -------- d-----w- C:\NV10042764.TMP
2011-07-25 16:54:42 -------- d-----w- C:\NV32723892.TMP
2011-07-25 16:54:42 -------- d-----w- C:\NV1028168.TMP
2011-07-25 16:54:40 -------- d-----w- C:\NV39123004.TMP
2011-07-25 16:54:40 -------- d-----w- C:\NV12203800.TMP
2011-07-25 16:21:49 454016 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-07-25 14:11:59 -------- d-----w- c:\windows\system32\PreInstall
2011-07-25 14:11:58 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2011-07-25 14:11:56 -------- d--h--w- c:\windows\$hf_mig$
.
==================== Find3M ====================
.
2011-07-27 20:10:20 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-07-04 11:43:53 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:36:43 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
.
============= FINISH: 18:38:26.23 ===============

Dopuna: 29 Jul 2011 18:45

KADA SAM HTEO DA PRIKACIM FAJL Attach.txt JEDNOSTAVNO NEMA GA NA DESKTOPU KAO NI OVOG PRVOG A LEPO SAM IH SNIMIO NA SAVE AS I NA DESKTOP ???? Sad(((

Dopuna: 29 Jul 2011 18:51

mycity.rs/must-login.png

Dopuna: 29 Jul 2011 18:53

Eto nekako sam uspeo nisam mogao da ga nadjem na desktopu i ako sam ga uredno snimio dokumenta nije bilo na desktopu pa sam onda lepo ceo dokument iskopirao u Novi notepad snimio i zakacio...mislim da mu to nista ne smeta???

Poslao: 29 Jul 2011 18:58
Idi na vrh
offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Ok.

Citaj dalje Uputstvo.


Postavi GMER/RootRepail izvestaje.









goran9888 (AMF Tim)

Poslao: 29 Jul 2011 19:15
Idi na vrh
offline
  • Pridružio: 28 Jul 2011
  • Poruke: 6

Napisano: 29 Jul 2011 19:14

Druze sa tim Gmer programom mi se ceo kompjuter blokirao sacekao sam 10 min i restartovao ga jel nije mogla ni jedna funkcija da se obavlja na racunaru znaci blokiran je bio skroz nit mis nit tastatura nista nije funkcionisalo sve je stalo i ukocilo se...sta predlazes?? tj da li je to normalno?? da li sam trebao da ostavim tako ukoceno dok se sam ne otkoci???

Dopuna: 29 Jul 2011 19:15

Ili jednostavno treba da predjem na onaj drugi program koji ste tamo naveli??

Poslao: 29 Jul 2011 19:18
Idi na vrh
offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Normalno je da kada skeniras GMER-om nista ne radis na sistemu. Skeniranje moze da traje, u zavisnosti od sistema, i po par sati.

U svakom slucaju, slobodno mozes preci na alternativu koja stoji u Uputstvu.






Posto si pokretao ComboFix, postavi mi i njegov izvestaj koji se nalazi u root-u C:/ particije. Znaci, ne pokreci opet CF vec mi samo ostavi njegov izvestaj.






goran9888 (AMF Tim)

Poslao: 29 Jul 2011 20:26
Idi na vrh
offline
  • Pridružio: 28 Jul 2011
  • Poruke: 6

Napisano: 29 Jul 2011 19:22
ComboFix 11-07-27.03 - Nemanja 07/28/2011 0:42.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.510.186 [GMT 2:00]
Running from: c:\documents and settings\Nemanja\My Documents\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((( Files Created from 2011-06-27 to 2011-07-27 )))))))))))))))))))))))))))))))
.
.
2011-07-25 21:27 . 2011-07-25 21:27 -------- d-----w- C:\games
2011-07-25 21:13 . 2011-07-25 21:13 -------- d-----w- C:\NV3448736.TMP
2011-07-25 21:13 . 2011-07-25 21:13 -------- d-----w- C:\NV1328896.TMP
2011-07-25 21:12 . 2011-07-25 21:12 -------- d-----w- C:\NV1984476.TMP
2011-07-25 21:12 . 2011-07-25 21:12 -------- d-----w- C:\NV3136344.TMP
2011-07-25 21:12 . 2011-07-25 21:12 -------- d-----w- C:\NV38164024.TMP
2011-07-25 21:12 . 2011-07-25 21:12 -------- d-----w- C:\NV1880880.TMP
2011-07-25 16:55 . 2011-07-25 16:55 -------- d-----w- C:\NV24483724.TMP
2011-07-25 16:55 . 2011-07-25 16:55 -------- d-----w- C:\NV10042764.TMP
2011-07-25 16:54 . 2011-07-25 16:54 -------- d-----w- C:\NV32723892.TMP
2011-07-25 16:54 . 2011-07-25 16:54 -------- d-----w- C:\NV1028168.TMP
2011-07-25 16:54 . 2011-07-25 16:54 -------- d-----w- C:\NV39123004.TMP
2011-07-25 16:54 . 2011-07-25 16:54 -------- d-----w- C:\NV12203800.TMP
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-08 07:16 . 2011-07-25 12:53 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-07-25 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-09-29 344064]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
"SoundMan"="SOUNDMAN.EXE" [2004-07-01 67584]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2011-07-27 202256]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\games\\CS 1.6 v42 FULL\\hl.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Nemanja\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [7/25/2011 2:56 PM 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [7/25/2011 2:56 PM 309848]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7/25/2011 2:56 PM 19544]
R3 CamSuiteVAC;CamSuite Virtual Audio;c:\windows\system32\drivers\CamSuiteVAC.sys [7/27/2011 9:51 PM 37560]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/25/2011 2:50 PM 136176]
.
Contents of the 'Scheduled Tasks' folder
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-25 12:50]
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-25 12:50]
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-73586283-839522115-1003Core.job
- c:\documents and settings\Nemanja\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-25 13:13]
.
2011-07-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1454471165-73586283-839522115-1003UA.job
- c:\documents and settings\Nemanja\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-07-25 13:13]
.
2011-07-27 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1454471165-73586283-839522115-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
.
2011-07-27 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1454471165-73586283-839522115-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
TCP: DhcpNameServer = 212.200.88.250 93.184.80.100
FF - ProfilePath - c:\documents and settings\Nemanja\Application Data\Mozilla\Firefox\Profiles\02c7ldt3.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2011-07-28 00:49
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(520)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(1652)
c:\windows\system32\WININET.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2011-07-28 00:52:27
ComboFix-quarantined-files.txt 2011-07-27 22:52
.
Pre-Run: 10,187,624,448 bytes free
Post-Run: 10,259,808,256 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 50654BA2E47C95A116D77F041734090A

mycity.rs/must-login.png



to je valjda to

a sto se tice onog precicu na onu drugu alternativu ipak mi je ova prva sumnjiva ukoci mi se ceo kompjuter....nastavljam proces...i izvini sto davim malo ipak sam laik sto se tice kompjutera al ucim se... Smile hvala ti na strpljenju

Dopuna: 29 Jul 2011 20:26

mycity.rs/must-login.png



to je to....POMAGAJ SADA

Poslao: 30 Jul 2011 06:33
Idi na vrh
offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Start -> Control Panel -> Add or Remove Programs

Deinstaliraj sledece:

NVIDIA ForceWare Network Access Manager
EasyBits GO


Restartuj sistem.




Arrow

Preuzmi program SystemLook sa ovog ili ovog linka na Desktop;

Dvoklikom pokreni SystemLook;


- U beli okvir prozora iskopirati sledeći tekst:
:dir
C:\NV3448736.TMP /s/md5
C:\NV12203800.TMP /s/md5

Klikni taster Look;


Po završetku rada programa priloži uz poruku file SystemLook.txt koji će se nalaziti na Desktop-u korišćenjem opcije Prikači Fajl.



Arrow


Skini MiniToolBox na Desktop;
Pokreni ga dvoklikom, strikliraj sve ponudjene stavke i klikni na Go;
Nakon sto aplikacija zavrsi rad, izbacice izvestaj u Notepad-u; taj izvestaj okaci u sledecoj poruci da pogledamo.





Arrow


Koji ti problem sa racunarom imas?


Skini sledeci fajl na Desktop: [url=https://www.mycity.rs/must-login.png
Pokreni ga dvoklikom;
Dobijeni izvestaj prekopiraj mi u sledecoj poruci.








goran9888 (AMF Tim)

Poslao: 30 Jul 2011 11:58
Idi na vrh
offline
  • Pridružio: 28 Jul 2011
  • Poruke: 6

Napisano: 30 Jul 2011 11:15

mycity.rs/must-login.png

Dopuna: 30 Jul 2011 11:18

mycity.rs/must-login.png

Dopuna: 30 Jul 2011 11:20

mycity.rs/must-login.png

Dopuna: 30 Jul 2011 11:24

Problem sa racunarom je taj sto nece da ulazi u neke linkove na internetu npr na facebook hotmail you tube udje al nece da ucita pesmu itd znaci uglavnom mi se to desilo posle kliktanja na chat facebook-a Hi how are you mi je stiglo od prijatelja ja kliknem na neki link on mi instalira adobe flash player i tu pocinju problemi ne radi antivirus nece na facebook itd...ja reinstaliram windows ubacim Avast i on skenira kompjuter ne prijavljuje mi ni jedan virus ali kad se konektujem na internet naravno isti problem ulazi na google ali facebook nece Hotmail nece i mnogi drugi linkovi znaci retko koj otvara...eto to je to...!!

Dopuna: 30 Jul 2011 11:58

BRATE PRORADILO JE SVE RADI FACEBOOK RADI SVE OSTALO NE ZNAM KAKO Smile HVALA TI PUNO POMOGAO SI MI MNOGO PREPORUCICU TE SVIMA Smile

Poslao: 30 Jul 2011 15:53
Idi na vrh
offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Verovatno je problem bio do Nvidia-nog FW-a.

Tvoj sistem je cist sto se malware-a tice.




Arrow


Potrebno je deinstalirati ComboFix:
klikni start (ili ), a zatim RUN.

Na Visti koristiti Start Search polje ukoliko Run nije dostupan.

U liniju za unos teksta ukucaj (iskopiraj) sledeće:

ComboFix /Uninstall

Primeti da postoji razmak između "ComboFix" i "/Uninstall".



a zatim klikni OK (ili pritisni Enter).

Sačekaj da se proces deinstalacije završi.




Arrow


Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop.
Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje.
Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Dozvoli mu.
Napomena: Kada zavrsis sa ciscenjem temp fajlova,program mozes obrisati ili ga sacuvati za kasniju upotrebu.





--------------------------------------




- Preporucujem ti da instaliras Service Pack 3 za Windows XP tj. update-ujes svoj Operativni Sistem. Necu govoriti o njegovim prednostima u odnosu na Service Pack 2. Te informacije mozes naci na MS-ovom sajtu. Uglavnom, MS je 13.jula 2010 prekinuo podrsku za Service Pack 2 koji je instaliran na tvom racunaru.

Sta to znaci? Pogledaj link: http://windows.microsoft.com/en-US/windows/help/what-does-end-of-support-mean;

**** Ukoliko se odlucis na ovaj korak (instaliranje SP3), preporucujem ti da prethodno uradis backup svih bitnih podataka.



- Preporucujem da za zastitu USB memorijskih uredjaja koristis MCShield. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja.

Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan.


Home Page MCShield-a: http://amf.mycity.rs/programs/mc/mcshield/

Vise o MCShield-u mozes saznati u ovoj temi: http://www.mycity.rs/Antispyware-programi/MCShield.html


- Koristis Adobe Reader 9.3 koji je stara a ujedno i kriticna verzija ovog PDF citaca zbog propusta u sigurnosti. Svakako ti je moj predlog da instaliras najnoviju verziju (Reader X(10.1.0)) ili predjes na alternativu tipa Foxit Reader, Nitro PDF Reader, itd ...;


- Obavezno poseti temu "Testirajte da li vam je pretrazivac ranjiv", procitaj i isprati link koji stoji u njoj. Imas prastaru verziju Jave koju moras nadograditi zbog sigurnosnih propusta u njoj. U svakom slucaju, bilo koji dodatak da je stare verzije, bilo bi pozeljno nadograditi ga na najnoviju. Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html







MyCity » Ambulanta -> Arhiva Ambulante » Isti problem sa facebookom, pokupio sam virus preko chat-a, Hi how are you

Ko je trenutno na forumu
 

Ukupno su 849 korisnika na forumu :: 36 registrovanih, 8 sakrivenih i 805 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., bigfoot, Boris BM, CikaKURE, comi_pfc, darkojbn, elenemste, FOX, galerija, Gall, HrcAk47, Krvava Devetka, laurusri, libellule_dk, Lieutenant, MB120mm, mercedesamg, mikrimaus, milos.cbr, misa2, panzerwaffe, Pikac-47, radoznao, raptorsi, RJ, sasa87, Sirius, stalja, Tvrtko I, vathra, Vatreni Zmaj, Vlada78, vlajkox, vukovi, wizzardone, ZetaMan