MyCity » Ambulanta -> Arhiva Ambulante » Kada pokusam da otvorim FACEBOOK otvara se VK

Kada pokusam da otvorim FACEBOOK otvara se VK

Napisano na dan: 7.4.2012

Strana:
1
2
3
4

Kada pokusam da otvorim FACEBOOK otvara se VK

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3
4

malaprinceza Poslao: 09 Apr 2012 20:49 Idi na vrh
offline malaprinceza Građanin Pridružio: 01 Jan 2012 Poruke: 75	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 09 Apr 2012 20:24 Ok....postavljam izvestaj sto je pre moguce.... Dopuna: 09 Apr 2012 20:49 Nisam uspela deaktivirati antiviruse,ali je izvestaj gotov... ComboFix 12-04-07.02 - Altior 09.04.2012 20:28:58.1.2 - x86 Microsoft Windows 7 Professional 6.1.7600.0.1250.381.1033.18.3067.2328 [GMT 2:00] Running from: c:\users\Altior\Desktop\ComboFix.exe AV: ESET NOD32 Antivirus 4.0 Enabled/Outdated {CB0F8167-5331-BA19-698E-64816B6801A5} SP: ESET NOD32 Antivirus 4.0 Enabled/Outdated {706E6083-750B-B597-533E-5FF310EF4B18} SP: Windows Defender Enabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\FunWebProducts c:\program files\FunWebProducts\Installr\1.bin\F3EZSETP.DLL c:\program files\FunWebProducts\Installr\1.bin\F3PLUGIN.DLL c:\program files\FunWebProducts\Installr\1.bin\NPFUNWEB.DLL c:\program files\FunWebProducts\Installr\8.bin\F3EZSETP.DLL c:\program files\MyWebSearch c:\program files\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR c:\program files\MyWebSearch\bar\2.bin\chrome\M3FFXTBR.JAR c:\program files\MyWebSearch\bar\3.bin\chrome\M3FFXTBR.JAR c:\program files\MyWebSearch\bar\4.bin\chrome\M3FFXTBR.JAR c:\program files\MyWebSearch\bar\5.bin\chrome\M3FFXTBR.JAR c:\program files\MyWebSearch\bar\6.bin\CHROME.MANIFEST c:\program files\MyWebSearch\bar\6.bin\chrome\M3FFXTBR.JAR c:\program files\MyWebSearch\bar\6.bin\F3BKGERR.JPG c:\program files\MyWebSearch\bar\6.bin\F3SCRCTR.DLL c:\program files\MyWebSearch\bar\6.bin\F3SPACER.WMV c:\program files\MyWebSearch\bar\6.bin\F3WALLPP.DAT c:\program files\MyWebSearch\bar\6.bin\F3WPHOOK.DLL c:\program files\MyWebSearch\bar\6.bin\FWPBUDDY.PNG c:\program files\MyWebSearch\bar\6.bin\INSTALL.RDF c:\program files\MyWebSearch\bar\6.bin\M3FFTBPR.DLL c:\program files\MyWebSearch\bar\6.bin\M3HIGHIN.EXE c:\program files\MyWebSearch\bar\6.bin\M3IDLE.DLL c:\program files\MyWebSearch\bar\6.bin\M3PATCH.DLL c:\program files\MyWebSearch\bar\6.bin\M3SKIN.DLL c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S c:\program files\MyWebSearch\bar\Game\CHESS.F3S c:\program files\MyWebSearch\bar\Game\REVERSI.F3S c:\program files\MyWebSearch\bar\icons\CM.ICO c:\program files\MyWebSearch\bar\icons\MFC.ICO c:\program files\MyWebSearch\bar\icons\PSS.ICO c:\program files\MyWebSearch\bar\icons\SMILEY.ICO c:\program files\MyWebSearch\bar\icons\WB.ICO c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO c:\program files\MyWebSearch\bar\Message\COMMON.F3S c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S c:\program files\MyWebSearch\bar\Notifier\DOG.F3S c:\program files\MyWebSearch\bar\Notifier\FISH.F3S c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S c:\program files\MyWebSearch\bar\Notifier\MAID.F3S c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S c:\program files\MyWebSearch\bar\Overlay\COMMON.F3S c:\program files\MyWebSearch\bar\Settings\s_pid.dat c:\program files\Object c:\program files\Object\config.ini c:\programdata\Tarma Installer c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico c:\windows\av_ico c:\windows\av_ico\ico_avast_desktop.ico c:\windows\av_ico\ico_avast_start.ico c:\windows\av_ico\ico_mcafee_start.ico c:\windows\av_ico\ico_NOD_AV_START.ico c:\windows\av_ico\ico_NOD_SYSINSP.ico c:\windows\av_ico\ico_NOD_SYSRESC.ico c:\windows\av_ico\ico_NOD_TXT.ico c:\windows\av_ico\ico_NOD_UNINSTALL.ico c:\windows\btc_client_iplist.txt c:\windows\ddh_iplist.txt c:\windows\front_ip_list.txt c:\windows\geoiplist c:\windows\geoiplist.rar c:\windows\iecheck_iplist.txt c:\windows\info1 c:\windows\iplist.txt c:\windows\l1rezerv.exe c:\windows\loader2.exe_ok c:\windows\phoenix c:\windows\phoenix.rar c:\windows\phoenix\kernels\phatk\__init__.py c:\windows\phoenix\kernels\phatk\__init__.pyc c:\windows\phoenix\kernels\phatk\BFIPatcher.py c:\windows\phoenix\kernels\phatk\kernel.cl c:\windows\phoenix\kernels\poclbm\__init__.py c:\windows\phoenix\kernels\poclbm\__init__.pyc c:\windows\phoenix\kernels\poclbm\BFIPatcher.py c:\windows\phoenix\kernels\poclbm\kernel.cl c:\windows\phoenix\phoenix.exe c:\windows\pkunzip.pif c:\windows\pkzip.pif c:\windows\proc_list1.log c:\windows\rpcminer c:\windows\rpcminer.rar c:\windows\rpcminer\bitcoinminercuda_10.cubin c:\windows\rpcminer\bitcoinminercuda_11.cubin c:\windows\rpcminer\bitcoinminercuda_20.cubin c:\windows\rpcminer\bitcoinmineropencl.cl c:\windows\rpcminer\cudart32_32_16.dll c:\windows\rpcminer\curllib.dll c:\windows\rpcminer\libeay32.dll c:\windows\rpcminer\libsasl.dll c:\windows\rpcminer\openldap.dll c:\windows\rpcminer\rpcminer-4way.exe c:\windows\rpcminer\rpcminer-cpu.exe c:\windows\rpcminer\rpcminer-cuda.exe c:\windows\rpcminer\rpcminer-opencl.exe c:\windows\rpcminer\ssleay32.dll c:\windows\services32.exe c:\windows\sysdriver32.exe c:\windows\sysdriver32_.exe c:\windows\system32\drivers\etc\hosts.ics c:\windows\system32\drivers\etc\HSTS~1 c:\windows\systemup.exe c:\windows\Tasks\At1.job c:\windows\Tasks\At2.job c:\windows\Tasks\At3.job c:\windows\Tasks\At4.job c:\windows\Tasks\At5.job c:\windows\Temp\115172.exe c:\windows\Temp\2244153.exe c:\windows\Temp\58998255-loader2.exe c:\windows\ufa.rar c:\windows\update.1 c:\windows\update.1\svchost.exe c:\windows\update.2 c:\windows\update.2\svchost.exe c:\windows\update.5.0 c:\windows\update.5.0\svchost.exe c:\windows\update.7.1 c:\windows\update.7.1\svchostdriver.exe c:\windows\update.tray-2-0\svchost.exe c:\windows\update.tray-7-0\svchost.exe c:\windows\update.tray-9-0\svchost.exe c:\windows\winlog-dirs.txt c:\windows\winlog-ids.txt c:\windows\winsetupapi.log . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_ddservice -------\Service_srvbtcclient -------\Service_srviecheck -------\Service_srvsysdriver32 -------\Service_wxpdrivers . . ((((((((((((((((((((((((( Files Created from 2012-03-09 to 2012-04-09 ))))))))))))))))))))))))))))))) . . 2012-04-09 18:34 . 2012-04-09 18:36 -------- d-----w- c:\users\Altior\AppData\Local\temp 2012-04-09 18:34 . 2012-04-09 18:34 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-04-09 07:36 . 2012-04-09 11:52 -------- d-----w- c:\users\Altior\AppData\Local\Microsoft Games 2012-04-09 07:35 . 2012-04-09 07:35 -------- d-----w- c:\program files\Microsoft Games 2012-04-08 11:34 . 2012-04-09 18:34 -------- d--h--w- c:\windows\update.tray-7-0 2012-04-08 11:34 . 2012-04-09 11:21 -------- d--h--w- c:\windows\update.tray-7-0-lnk 2012-04-08 11:33 . 2012-03-06 23:01 57688 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2012-04-08 11:32 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr 2012-04-08 11:32 . 2012-03-06 23:15 201352 ----a-w- c:\windows\system32\aswBoot.exe 2012-04-06 16:57 . 2012-04-06 16:57 -------- d-----w- c:\programdata\YTD YouTube Downloader & Converter 2012-03-30 10:27 . 2012-03-30 10:27 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-03-18 22:50 . 2012-03-18 22:50 592824 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll 2012-03-18 22:50 . 2012-03-18 22:50 44472 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-30 10:27 . 2011-09-10 14:43 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-25 16:57 . 2010-11-13 14:01 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-18 22:50 . 2012-01-12 11:33 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTo2.dll" [2011-05-09 176936] "{930f1200-f5f1-4870-bac6-e233ec8e7023}"= "c:\program files\Softonic_English\tbSoft.dll" [2009-10-27 2325528] . [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] . [HKEY_CLASSES_ROOT\clsid\{930f1200-f5f1-4870-bac6-e233ec8e7023}] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0974BA1E-64EC-11DE-B2A5-E43756D89593}] 2009-12-20 09:51 87480 ----a-w- c:\progra~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5E942F70-2AB9-659D-681F-0E0D1D2117A5}] 2009-07-14 01:16 200192 ----a-w- c:\windows\System32\ncci.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}] 2010-10-19 12:53 585136 ----a-w- c:\progra~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{930f1200-f5f1-4870-bac6-e233ec8e7023}] 2009-10-27 10:45 2325528 ----a-w- c:\program files\Softonic_English\tbSoft.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] 2011-05-09 09:49 176936 ----a-w- c:\program files\uTorrentBar\prxtbuTo2.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{0974BA1E-64EC-11DE-B2A5-E43756D89593}"= "c:\progra~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll" [2009-12-20 87480] "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTo2.dll" [2011-05-09 176936] "{930f1200-f5f1-4870-bac6-e233ec8e7023}"= "c:\program files\Softonic_English\tbSoft.dll" [2009-10-27 2325528] . [HKEY_CLASSES_ROOT\clsid\{0974ba1e-64ec-11de-b2a5-e43756d89593}] . [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] . [HKEY_CLASSES_ROOT\clsid\{930f1200-f5f1-4870-bac6-e233ec8e7023}] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\prxtbuTo2.dll" [2011-05-09 176936] "{930F1200-F5F1-4870-BAC6-E233EC8E7023}"= "c:\program files\Softonic_English\tbSoft.dll" [2009-10-27 2325528] . [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}] . [HKEY_CLASSES_ROOT\clsid\{930f1200-f5f1-4870-bac6-e233ec8e7023}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-05-01 399736] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-06-29 217088] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-15 458844] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-11 13789728] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2009-06-11 92704] "Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4562944] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-07-12 74752] "OEM13Mon.exe"="c:\windows\OEM13Mon.exe" [2008-01-07 36864] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [N/A] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableSecureUIAPaths"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll c:\progra~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000001 "DisableThumbnailCache"=dword:00000001 . R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-09 135664] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 253600] R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560] R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-09 135664] R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x] R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [2008-12-30 103040] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-10 691696] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-02-06 92800] S3 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdg.sys [2009-05-22 58528] S3 O2SDGRDR;O2SDGRDR;c:\windows\system32\DRIVERS\o2sdg.sys [2009-05-07 41504] S3 OEM13Vfx;Creative Camera OEM013 Video VFX Driver;c:\windows\system32\DRIVERS\OEM13Vfx.sys [2007-03-05 7424] S3 OEM13Vid;Creative Camera OEM013 Driver;c:\windows\system32\DRIVERS\OEM13Vid.sys [2008-05-28 235840] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-17 167936] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336] . . --- Other Services/Drivers In Memory --- . NewlyCreated - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2012-04-09 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 10:27] . 2012-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-09 17:44] . 2012-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-09 17:44] . . ------- Supplementary Scan ------- . uStart Page = hxxp://home.allgameshome.com/ mStart Page = hxxp://home.allgameshome.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 192.168.1.1 FF - ProfilePath - c:\users\Altior\AppData\Roaming\Mozilla\Firefox\Profiles\k7fi2wmn.default\ FF - prefs.js: Keyword.Enabled - true FF - prefs.js: browser.search.selectedEngine - BearShare Web Search FF - prefs.js: browser.startup.homepage - hxxp://search.bearshare.com/ FF - prefs.js: keyword.URL - hxxp://search.bearshare.com/web?src=ffb&systemid=2&q= . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file) Toolbar-Locked - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) WebBrowser-{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - (no file) WebBrowser-{5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - (no file) HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe HKLM-Run-wxpdrv - c:\windows\services32.exe HKLM-Run-tray_ico - (no file) HKLM-Run-tray_ico0 - c:\windows\update.tray-2-0\svchost.exe HKLM-Run-tray_ico1 - c:\windows\update.tray-9-0\svchost.exe HKLM-Run-tray_ico2 - c:\windows\update.tray-7-0\svchost.exe HKLM-Run-tray_ico3 - (no file) HKLM-Run-tray_ico4 - (no file) HKLM-Run-systemup - c:\windows\systemup.exe HKLM-Run-l1rezerv.exe - c:\windows\l1rezerv.exe HKLM-Run-avast - c:\program files\AVAST Software\Avast\avastUI.exe AddRemove-{889DF117-14D1-44EE-9F31-C5FB5D47F68B} - c:\progra~2\TARMAI~1\{889DF~1\Setup.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvvsvc.exe c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5f120bca41bba11b\STacSV.exe c:\program files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE c:\windows\system32\WLANExt.exe c:\windows\system32\conhost.exe c:\program files\Dell\Dell Wireless WLAN Card\bcmwltry.exe c:\windows\system32\nvvsvc.exe c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe c:\windows\system32\DRIVERS\o2flash.exe c:\program files\Microsoft\BingBar\SeaPort.EXE c:\windows\system32\taskhost.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\windows\system32\conhost.exe c:\windows\System32\rundll32.exe c:\program files\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe c:\program files\DellTPad\ApMsgFwd.exe c:\program files\DellTPad\HidFind.exe c:\program files\DellTPad\Apntex.exe c:\windows\system32\conhost.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\sppsvc.exe . ************************************************************************** . Completion time: 2012-04-09 20:39:42 - machine was rebooted ComboFix-quarantined-files.txt 2012-04-09 18:39 . Pre-Run: 140.709.535.744 bytes free Post-Run: 168.011.042.816 bytes free . - - End Of File - - BD624EC10B808ABE5CA2E5624C723DE7

Profil

Sass Drake Poslao: 09 Apr 2012 22:11 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	2Ovo se svidja korisnicima: TwinHeadedEagle, A.L. Registruj se da bi pohvalio/la poruku! Korak 1 Preporučujem ti da deinstaliraš sljedeće programe ako ih ne koristiš: Advertising Center MediaBar Mesh Runtime My Web Search (Zwinky) Softonic_English Toolbar uTorrentBar Toolbar Korak 2 Potrebno je ukloniti ostatke AV programa. Avast: Preuzmi na Desktop aswclear.exe. Pokreni sistem u Safe Mode-u. Kako ući u Safe Mode Pokreni aswclear.exe i prati upustva na ekranu. Restartuj sistem. ESET: Preuzmi na Desktop ESET Uninstaller Pokreni sistem u Safe Mode-u. Kako ući u Safe Mode Pokreni ESETUninstaller.exe i prati upustva na ekranu. Restartuj sistem. McAfee: Preuzmi na Desktop MCPR Pokreni ga i prati upustva na ekranu. Restartuj sistem. Norton: Preuzmi na Desktop Norton Removal Tool Pokreni ga i prati upustva na ekranu. Restartuj sistem. Korak 3 Otvoriti Notepad i iskopirati sledeći tekst: Folder:: c:\windows\update.tray-7-0-lnk c:\windows\update.tray-7-0 Registry:: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" RegLock:: [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledećoj poruci log koji bude bio napravljen na kraju čišćenja/skeniranja. Korak 4 Preuzmi program CatchMe. Dvoklikom pokreni catchme.exe i klikni na tab Script. U (beli) prozor programa iskopiraj sledeći tekst: `files: c:\windows\System32\ncci.dll` Klikni na dugme Run. Kada se pojavi poruka sa obaveštenjem, klikni na dugme OK. Po završetku procesa, na Desktopu će se nalaziti datoteka catchme.zip. Tu datoteku je neophodno postaviti (uploadovati) na forum preko sledeće forme: http://www.mycity.rs/ambulanta-upload.php

Profil

malaprinceza Poslao: 10 Apr 2012 10:26 Idi na vrh
offline malaprinceza Građanin Pridružio: 01 Jan 2012 Poruke: 75	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nisam uspela otkloniti ostatke McAfee i ESET-a....prilazem izvestaj koji se pojavio na desktopu prilikom rada na ESET-u >>>>>>>>>>>>>>>>>>>>>>> BEGIN >>>>>>>>>>>>>>>>>>>>>>> [04/10/12 09:44:38] C:\Users\Altior\Desktop\ESETUninstaller.exe 4.0.15.5 [04/10/12 09:44:38] Input arguments: [04/10/12 09:44:38] Online (PC booted from fixed disk) mode detected. [04/10/12 09:44:38] WARNING! This tool uninstalls AV product in non-standard way. Your PC can be harmed seriously, please back up Your data. Please keep in mind that as soon as this application is finished your network connection can be down and you will have to restart your PC. Are you really sure to continue? (y/n): y [04/10/12 09:44:40] Scanning available operating systems ... [04/10/12 09:44:40] Available operating systems, which AV product can be removed from: [04/10/12 09:44:40] [1] [04/10/12 09:44:40] Product Name: Windows 7 Professional [04/10/12 09:44:40] Current Version: 6.1.0.7600.WinNT.x86 [04/10/12 09:44:40] Volume: C:\ [04/10/12 09:44:40] System Root: C:\Windows [04/10/12 09:44:40] Program Files: C:\Program Files [04/10/12 09:44:40] Program Files (x86): [04/10/12 09:44:40] Common files: C:\Program Files\Common Files [04/10/12 09:44:40] Common files (x86): [04/10/12 09:44:40] Common application data folder: C:\ProgramData [04/10/12 09:44:40] Common programs folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs [04/10/12 09:44:40] Device path folder: C:\Windows\inf [04/10/12 09:44:40] Drives mapping: [04/10/12 09:44:40] Current Letter: C Native Letter: C [04/10/12 09:44:40] Building cache: COM: AppID -> DllName ... [04/10/12 09:44:40] Building cache: COM: Category -> ReferenceCounter ... [04/10/12 09:44:40] Scanning installed AV products ... [04/10/12 09:44:40] Installed AV products: [04/10/12 09:44:40] 1. SEP [04/10/12 09:44:40] 2. Symantec LiveUpdate [04/10/12 09:44:40] Enter sequence number of AV product to uninstall and press ENTER (hint: to abort press 'q'): 1 [04/10/12 09:44:45] Are you sure to uninstall SEP from this OS? (y/n): y [04/10/12 09:44:46] Product uninstallation: SEP [04/10/12 09:44:46] Uninstallation in progress, please wait ... [04/10/12 09:44:47] Current control set ... ControlSet001 [04/10/12 09:44:47] WSC: SEP unregistered of Windows Security Center [04/10/12 09:44:47] WSC: SEP (WMI) unregistered of Windows Security Center [04/10/12 09:44:47] Symantec Product: deleted: Symantec [04/10/12 09:44:48] Uninstallation SEP finished successfully. [04/10/12 09:44:48] Installed AV products: [04/10/12 09:44:48] 1. Symantec LiveUpdate [04/10/12 09:44:48] Enter sequence number of AV product to uninstall and press ENTER (hint: to abort press 'q'): 1 [04/10/12 09:44:51] Are you sure to uninstall Symantec LiveUpdate from this OS? (y/n): y [04/10/12 09:44:54] Product uninstallation: Symantec LiveUpdate [04/10/12 09:44:54] Uninstallation in progress, please wait ... [04/10/12 09:44:54] Current control set ... ControlSet001 [04/10/12 09:44:54] Uninstallation Symantec LiveUpdate finished successfully. [04/10/12 09:44:54] Log file location: "C:\Users\Altior\Desktop\~ESETUninstaller.log" [04/10/12 09:44:54] Uninstallation finished successfully, please restart your PC now. [04/10/12 09:44:54] Press any key to exit ... >>>>>>>>>>>>>>>>>>>>>>>> END >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> BEGIN >>>>>>>>>>>>>>>>>>>>>>> [04/10/12 09:48:03] C:\Users\Altior\Desktop\ESETUninstaller.exe 4.0.15.5 [04/10/12 09:48:03] Input arguments: [04/10/12 09:48:04] Online (PC booted from fixed disk) mode detected. [04/10/12 09:48:04] WARNING! This tool uninstalls AV product in non-standard way. Your PC can be harmed seriously, please back up Your data. Please keep in mind that as soon as this application is finished your network connection can be down and you will have to restart your PC. Are you really sure to continue? (y/n): y [04/10/12 09:48:05] Scanning available operating systems ... [04/10/12 09:48:05] Available operating systems, which AV product can be removed from: [04/10/12 09:48:05] [1] [04/10/12 09:48:05] Product Name: Windows 7 Professional [04/10/12 09:48:05] Current Version: 6.1.0.7600.WinNT.x86 [04/10/12 09:48:05] Volume: C:\ [04/10/12 09:48:05] System Root: C:\Windows [04/10/12 09:48:05] Program Files: C:\Program Files [04/10/12 09:48:05] Program Files (x86): [04/10/12 09:48:05] Common files: C:\Program Files\Common Files [04/10/12 09:48:05] Common files (x86): [04/10/12 09:48:05] Common application data folder: C:\ProgramData [04/10/12 09:48:05] Common programs folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs [04/10/12 09:48:05] Device path folder: C:\Windows\inf [04/10/12 09:48:05] Drives mapping: [04/10/12 09:48:05] Current Letter: C Native Letter: C [04/10/12 09:48:05] Building cache: COM: AppID -> DllName ... [04/10/12 09:48:05] Building cache: COM: Category -> ReferenceCounter ... [04/10/12 09:48:06] Scanning installed AV products ... [04/10/12 09:48:07] No supported AV product installed! [04/10/12 09:48:07] Log file location: "C:\Users\Altior\Desktop\~ESETUninstaller.log" [04/10/12 09:48:07] Press any key to exit ... >>>>>>>>>>>>>>>>>>>>>>>> END >>>>>>>>>>>>>>>>>>>>>>>>

Profil

Sass Drake Poslao: 10 Apr 2012 12:14 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradi Korak 3 i Korak 4.

Profil

malaprinceza Poslao: 10 Apr 2012 15:28 Idi na vrh
offline malaprinceza Građanin Pridružio: 01 Jan 2012 Poruke: 75	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 10 Apr 2012 15:25 Korak 3 sam uspela izvrsiti,evo izvestaja ComboFix 12-04-07.02 - Altior 10.04.2012 15:02:29.2.2 - x86 Microsoft Windows 7 Professional 6.1.7600.0.1250.381.1033.18.3067.2069 [GMT 2:00] Running from: c:\users\Altior\Desktop\ComboFix.exe Command switches used :: c:\users\Altior\Desktop\CFScript.txt SP: Windows Defender Enabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\front_ip_list.txt c:\windows\geoiplist c:\windows\geoiplist.rar c:\windows\info1 c:\windows\iplist.txt c:\windows\loader2.exe_ok c:\windows\proc_list1.log c:\windows\sysdriver32.exe c:\windows\sysdriver32_.exe c:\windows\system32\drivers\etc\hosts.ics c:\windows\update.5.0 c:\windows\update.5.0\svchost.exe c:\windows\update.7.1 c:\windows\update.tray-7-0-lnk c:\windows\update.tray-7-0-lnk\svchost.exe c:\windows\update.tray-7-0-lnk\svchost.rar c:\windows\update.tray-7-0 c:\windows\winsetupapi.log . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_srvbtcclient -------\Service_srvsysdriver32 . . ((((((((((((((((((((((((( Files Created from 2012-03-10 to 2012-04-10 ))))))))))))))))))))))))))))))) . . 2012-04-10 13:07 . 2012-04-10 13:09 -------- d-----w- c:\users\Altior\AppData\Local\temp 2012-04-09 07:36 . 2012-04-10 08:14 -------- d-----w- c:\users\Altior\AppData\Local\Microsoft Games 2012-04-09 07:35 . 2012-04-09 07:35 -------- d-----w- c:\program files\Microsoft Games 2012-04-08 11:32 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr 2012-04-06 16:57 . 2012-04-06 16:57 -------- d-----w- c:\programdata\YTD YouTube Downloader & Converter 2012-03-30 10:27 . 2012-04-09 19:41 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-03-18 22:50 . 2012-03-18 22:50 592824 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll 2012-03-18 22:50 . 2012-03-18 22:50 44472 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-10 08:47 . 2011-07-22 15:30 246272 ----a-w- c:\windows\unrar.exe 2012-04-09 19:41 . 2011-09-10 14:43 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-25 16:57 . 2010-11-13 14:01 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-18 22:50 . 2012-01-12 11:33 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5E942F70-2AB9-659D-681F-0E0D1D2117A5}] 2009-07-14 01:16 200192 ----a-w- c:\windows\System32\ncci.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}] 2010-10-19 12:53 585136 ----a-w- c:\progra~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-05-01 399736] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-06-29 217088] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-15 458844] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-11 13789728] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2009-06-11 92704] "Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4562944] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-07-12 74752] "OEM13Mon.exe"="c:\windows\OEM13Mon.exe" [2008-01-07 36864] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [N/A] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableSecureUIAPaths"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000001 "DisableThumbnailCache"=dword:00000001 . R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-09 135664] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 253600] R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560] R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-09 135664] R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x] R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [2008-12-30 103040] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-10 691696] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S3 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdg.sys [2009-05-22 58528] S3 O2SDGRDR;O2SDGRDR;c:\windows\system32\DRIVERS\o2sdg.sys [2009-05-07 41504] S3 OEM13Vfx;Creative Camera OEM013 Video VFX Driver;c:\windows\system32\DRIVERS\OEM13Vfx.sys [2007-03-05 7424] S3 OEM13Vid;Creative Camera OEM013 Driver;c:\windows\system32\DRIVERS\OEM13Vid.sys [2008-05-28 235840] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-17 167936] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336] . . Contents of the 'Scheduled Tasks' folder . 2012-04-10 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 19:41] . 2012-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-09 17:44] . 2012-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-09 17:44] . . ------- Supplementary Scan ------- . uStart Page = hxxp://home.allgameshome.com/ mStart Page = hxxp://home.allgameshome.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 192.168.1.1 FF - ProfilePath - c:\users\Altior\AppData\Roaming\Mozilla\Firefox\Profiles\k7fi2wmn.default\ FF - prefs.js: Keyword.Enabled - true FF - prefs.js: browser.search.selectedEngine - BearShare Web Search FF - prefs.js: browser.startup.homepage - hxxp://search.bearshare.com/ FF - prefs.js: keyword.URL - hxxp://search.bearshare.com/web?src=ffb&systemid=2&q= . - - - - ORPHANS REMOVED - - - - . URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file) BHO-{0974BA1E-64EC-11DE-B2A5-E43756D89593} - c:\progra~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll Toolbar-{0974BA1E-64EC-11DE-B2A5-E43756D89593} - c:\progra~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file) . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvvsvc.exe c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5f120bca41bba11b\STacSV.exe c:\program files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE c:\windows\system32\WLANExt.exe c:\windows\system32\conhost.exe c:\program files\Dell\Dell Wireless WLAN Card\bcmwltry.exe c:\windows\system32\nvvsvc.exe c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe c:\windows\system32\DRIVERS\o2flash.exe c:\program files\Microsoft\BingBar\SeaPort.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\taskhost.exe c:\windows\system32\conhost.exe c:\windows\System32\rundll32.exe c:\program files\DellTPad\ApMsgFwd.exe c:\program files\DellTPad\Apntex.exe c:\program files\DellTPad\HidFind.exe c:\windows\system32\conhost.exe c:\windows\system32\sppsvc.exe . ************************************************************************** . Completion time: 2012-04-10 15:12:17 - machine was rebooted ComboFix-quarantined-files.txt 2012-04-10 13:12 ComboFix2.txt 2012-04-09 18:39 . Pre-Run: 167.700.852.736 bytes free Post-Run: 167.409.508.352 bytes free . - - End Of File - - 25A4935FAF9BEFF0E5974BFC26BC5AE2 Dopuna: 10 Apr 2012 15:28 A sto se tice koraka 4 prilikom pokretanja catchme.exe otvorio mi se crni prozor koji se ubrzo sam zatvorio,na desktopu je bio sledeci izvestaj detected NTDLL code modification: ZwEnumerateKey 0 != 116, ZwQueryKey 0 != 244, ZwOpenKey 0 != 182, ZwClose 0 != 50, ZwEnumerateValueKey 0 != 119, ZwQueryValueKey 0 != 266, ZwOpenFile 0 != 179, ZwQueryDirectoryFile 0 != 223, ZwQuerySystemInformation 0 != 261Initialization error

Profil

Sass Drake Poslao: 10 Apr 2012 15:39 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Što se tiče četvrtog koraka, idemo ručno. Idi na sljedeći link: http://www.mycity.rs/ambulanta-upload.php Klikni na Browse U polje za unos imena fajla kopiraj sljedeći tekst `c:\windows\System32\ncci.dll` Klikni na Open, a onda na Upload!. Javi kad to uradiš i sačekaj dalja upustva.

Profil

malaprinceza Poslao: 10 Apr 2012 15:46 Idi na vrh
offline malaprinceza Građanin Pridružio: 01 Jan 2012 Poruke: 75	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 4 obavljen !

Profil

Sass Drake Poslao: 10 Apr 2012 17:13 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Još jednom isprati upustvo za uklanjanje ostataka Avast-a: Preuzmi na Desktop aswclear.exe. Pokreni sistem u Safe Mode-u. Kako ući u Safe Mode Pokreni aswclear.exe i prati upustva na ekranu. Restartuj sistem. Korak 2 Preuzmi svježu kopiju ComboFix-a sa sledeće adrese na Desktop: Bleeping Computer Zatim otvoriti Notepad i iskopirati sledeći tekst: `File:: c:\windows\unrar.exe c:\windows\System32\ncci.dll c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk Folder:: c:\program files\McAfee Security Scan C:\Program Files\BearShare Driver:: McComponentHostService Registry:: [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5E942F70-2AB9-659D-681F-0E0D1D2117A5}] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}]` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledećoj poruci log koji bude bio napravljen na kraju čišćenja/skeniranja.

Profil

malaprinceza Poslao: 10 Apr 2012 19:21 Idi na vrh
offline malaprinceza Građanin Pridružio: 01 Jan 2012 Poruke: 75	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! evo novog izvestaja ComboFix 12-04-10.01 - Altior 10.04.2012 19:08:19.3.2 - x86 Microsoft Windows 7 Professional 6.1.7600.0.1250.381.1033.18.3067.2155 [GMT 2:00] Running from: c:\users\Altior\Desktop\ComboFix.exe Command switches used :: c:\users\Altior\Desktop\CFScript.txt SP: Windows Defender Enabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk" "c:\windows\System32\ncci.dll" "c:\windows\unrar.exe" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk c:\windows\system32\drivers\etc\hosts.ics c:\windows\System32\ncci.dll c:\windows\unrar.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_McComponentHostService . . ((((((((((((((((((((((((( Files Created from 2012-03-10 to 2012-04-10 ))))))))))))))))))))))))))))))) . . 2012-04-10 17:13 . 2012-04-10 17:14 -------- d-----w- c:\users\Altior\AppData\Local\temp 2012-04-09 07:36 . 2012-04-10 08:14 -------- d-----w- c:\users\Altior\AppData\Local\Microsoft Games 2012-04-09 07:35 . 2012-04-09 07:35 -------- d-----w- c:\program files\Microsoft Games 2012-04-08 11:32 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr 2012-04-06 16:57 . 2012-04-06 16:57 -------- d-----w- c:\programdata\YTD YouTube Downloader & Converter 2012-03-30 10:27 . 2012-04-09 19:41 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-03-18 22:50 . 2012-03-18 22:50 592824 ----a-w- c:\program files\Mozilla Firefox\gkmedias.dll 2012-03-18 22:50 . 2012-03-18 22:50 44472 ----a-w- c:\program files\Mozilla Firefox\mozglue.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-09 19:41 . 2011-09-10 14:43 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-25 16:57 . 2010-11-13 14:01 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-18 22:50 . 2012-01-12 11:33 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-05-01 399736] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-06-29 217088] "SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-15 458844] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-11 13789728] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2009-06-11 92704] "Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4562944] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-07-12 74752] "OEM13Mon.exe"="c:\windows\OEM13Mon.exe" [2008-01-07 36864] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableSecureUIAPaths"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000001 "DisableThumbnailCache"=dword:00000001 . R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-09 135664] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 253600] R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560] R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-12-09 135664] R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x] R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [2008-12-30 103040] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-10 691696] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S3 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdg.sys [2009-05-22 58528] S3 O2SDGRDR;O2SDGRDR;c:\windows\system32\DRIVERS\o2sdg.sys [2009-05-07 41504] S3 OEM13Vfx;Creative Camera OEM013 Video VFX Driver;c:\windows\system32\DRIVERS\OEM13Vfx.sys [2007-03-05 7424] S3 OEM13Vid;Creative Camera OEM013 Driver;c:\windows\system32\DRIVERS\OEM13Vid.sys [2008-05-28 235840] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-17 167936] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336] . . Contents of the 'Scheduled Tasks' folder . 2012-04-10 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 19:41] . 2012-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-09 17:44] . 2012-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-09 17:44] . . ------- Supplementary Scan ------- . uStart Page = hxxp://home.allgameshome.com/ mStart Page = hxxp://home.allgameshome.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 192.168.1.1 FF - ProfilePath - c:\users\Altior\AppData\Roaming\Mozilla\Firefox\Profiles\k7fi2wmn.default\ FF - prefs.js: Keyword.Enabled - true FF - prefs.js: browser.search.selectedEngine - BearShare Web Search FF - prefs.js: browser.startup.homepage - hxxp://search.bearshare.com/ FF - prefs.js: keyword.URL - hxxp://search.bearshare.com/web?src=ffb&systemid=2&q= . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvvsvc.exe c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5f120bca41bba11b\STacSV.exe c:\program files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE c:\windows\system32\WLANExt.exe c:\windows\system32\conhost.exe c:\program files\Dell\Dell Wireless WLAN Card\bcmwltry.exe c:\windows\system32\nvvsvc.exe c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe c:\windows\system32\DRIVERS\o2flash.exe c:\program files\Microsoft\BingBar\SeaPort.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\taskhost.exe c:\windows\system32\conhost.exe c:\windows\System32\rundll32.exe c:\program files\DellTPad\ApMsgFwd.exe c:\program files\DellTPad\HidFind.exe c:\program files\DellTPad\Apntex.exe c:\windows\system32\conhost.exe c:\windows\system32\sppsvc.exe . ************************************************************************** . Completion time: 2012-04-10 19:17:27 - machine was rebooted ComboFix-quarantined-files.txt 2012-04-10 17:17 ComboFix2.txt 2012-04-10 13:12 ComboFix3.txt 2012-04-09 18:39 . Pre-Run: 166.976.589.824 bytes free Post-Run: 166.913.892.352 bytes free . - - End Of File - - F93104A5E141477D1582B4CBA50963CC

Profil

Sass Drake Poslao: 10 Apr 2012 20:28 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Otvori Notepad i kopiraj sljedeći tekst: `del /F /Q "c:\windows\avastSS.scr" pause` i snimi ga na Desktop pod imenom ukloniostatak.bat Obrati pažnju na ekstenziju .bat Zatim pokreni ukloniostatak.bat i prije nego što odradiš Press any key to continue provjeri da li je igdje prijavljena greška i ako jeste, reci. Korak 2 Otvoriti Notepad i iskopirati sledeći tekst: `DeQuarantine:: C:\Qoobox\Quarantine\C\programdata\Tarma Installer Quit::` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledećoj poruci log koji bude bio napravljen na kraju čišćenja/skeniranja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Kada pokusam da otvorim FACEBOOK otvara se VK

Ko je trenutno na forumu

Ukupno su 1104 korisnika na forumu :: 46 registrovanih, 3 sakrivenih i 1055 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Alibaba1981, amaterSRB, amstel, babaroga, bigfoot, bojank, Boris Bosiljčić, BORUTUS, Centauro, cifra, doom83, draganl, flash12, gorican, havoc995, ILGromovnik, Istman, Ivica1102, Joja, kinez88, KOV, kybonacci, macak44, mačković, MB120mm, Mercury, milenko crazy north, Misirac, Nemanja.M, ObelixSRB, radionica1, robert1979, Romibrat, rovac, slonic_tonic, Srle993, Stoilkovic, vathra, virked, Vlad000, wizzardone, wolverined4, ZetaMan, zixmix, zlaya011, 1107

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by