MyCity » Ambulanta -> Arhiva Ambulante » Kako da upalim Security u Windows 7

Kako da upalim Security u Windows 7

Napisano na dan: 29.1.2011

Strana:
1
2
3
4
5

Kako da upalim Security u Windows 7

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3
4
5

strucnjak96 Poslao: 06 Feb 2011 15:33 Idi na vrh
offline strucnjak96 Super građanin Miloš Pridružio: 26 Jan 2011 Poruke: 1390 Gde živiš: Beograd, Zvezdara	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 05 Feb 2011 21:57 uspeo sam nekako da uvatim sliku cim ga upalim nesto mi skenira CMD pa mi se iskljuci poslednje sto se moze videti(na 2 sec.) je : Dopuna: 06 Feb 2011 15:33 jel moze neko da pomogne

Profil

helen1 Poslao: 06 Feb 2011 16:19 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Idi u Safe Mode pa pokusaj odande da pokrenes Combo Fix i skeniras.

Profil

strucnjak96 Poslao: 06 Feb 2011 22:25 Idi na vrh
offline strucnjak96 Super građanin Miloš Pridružio: 26 Jan 2011 Poruke: 1390 Gde živiš: Beograd, Zvezdara	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ne moze je moze jos nesto da se ucini

Profil

helen1 Poslao: 06 Feb 2011 23:54 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sta ti pise na opciji Show details i Why can't these files be opened?

Profil

strucnjak96 Poslao: 07 Feb 2011 19:09 Idi na vrh
offline strucnjak96 Super građanin Miloš Pridružio: 26 Jan 2011 Poruke: 1390 Gde živiš: Beograd, Zvezdara	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! nista mi ne izbacuje

Profil

1l padr1n0 Poslao: 07 Feb 2011 19:35 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	1Ovo se svidja korisniku: strucnjak96 Registruj se da bi pohvalio/la poruku! Pozdrav strucnjak96! Kolega ima neodlozne privatne obaveze tako da cu ja preuzeti tvoj slucaj. Pritisni dugme i R ; Ukucaj regedit -> pritisni Enter; Sa leve strane, klikci na + prateci sledecu putanju: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ Kada stignes do kljuca Zones, klikni desni klik -> Export. Sacuvaj fajl na Desktop i upload-uj mi u sledecoj poruci opcijom Prikaci fajl. Preuzmi AVZ Antiviral Toolkit sa sledećeg linka : http://devbuilds.kaspersky-labs.com/devbuilds/AVZ/avz4.zip Raspakuj arhivu u neki folder (uputstvo), a zatim: pokreni AVZ (dvoklikom na ikonicu); u meniju izaberi File > Standard Scripts; u prozoru koji se otvori štikliraj opciju 2 i klikni Execute Selected Scripts; klikni Yes; po završetku skeniranja dobićeš obaveštenje: Script Executed; izađi iz programa. Uploaduj fajl virusinfo_syscheck.zip koji se nalazi u avz\log folderu na forum. goran9888 (AMF Tim)

Profil

strucnjak96 Poslao: 07 Feb 2011 20:05 Idi na vrh
offline strucnjak96 Super građanin Miloš Pridružio: 26 Jan 2011 Poruke: 1390 Gde živiš: Beograd, Zvezdara	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png

Profil

1l padr1n0 Poslao: 07 Feb 2011 21:06 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Snimi sledeci .reg fajl na Desktop: https://www.mycity.rs/must-login.png Desni klik na .reg fajl -> Merge -> Yes -> Ok. Restartuj racunar. Pokusaj sada da pokrenes ComboFix i postavi log koji dobijes u sledecoj poruci. Uputstvo za pokretanje ComboFix-a isprati iz ove poruke: http://www.mycity.rs/Ambulanta/Kako-da-upalim-Security-u-Windows-7.html#1121341 goran9888 (AMF Tim)

Profil

strucnjak96 Poslao: 07 Feb 2011 23:28 Idi na vrh
offline strucnjak96 Super građanin Miloš Pridružio: 26 Jan 2011 Poruke: 1390 Gde živiš: Beograd, Zvezdara	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 11-02-06.02 - lelic 02/07/2011 23:09:36.1.2 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2046.1234 [GMT 1:00] Running from: c:\users\lelic\Downloads\ComboFix.exe AV: avast! Antivirus Enabled/Updated {C37D8F93-0602-E43C-40AA-47DAD597F308} AV: ESET NOD32 Antivirus 4.2 Enabled/Updated {77DEAFED-8149-104B-25A1-21771CA47CD1} SP: avast! Antivirus Enabled/Updated {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5} SP: ESET NOD32 Antivirus 4.2 Enabled/Updated {CCBF4E09-A773-1FC5-1F11-1A056723366C} SP: Windows Defender Enabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Install.exe c:\program files\DaemonTools_WhenUSave_Installer c:\program files\DaemonTools_WhenUSave_Installer\DaemonTools_WhenUSave_Installer.exe c:\program files\facemoods.com c:\program files\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll c:\program files\facemoods.com\facemoods\1.4.17.3\facemoods.crx c:\program files\facemoods.com\facemoods\1.4.17.3\facemoods.png c:\program files\facemoods.com\facemoods\1.4.17.3\facemoodsApp.dll c:\program files\facemoods.com\facemoods\1.4.17.3\facemoodsEng.dll c:\program files\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe c:\program files\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll c:\program files\facemoods.com\facemoods\1.4.17.3\uninstall.exe c:\program files\FunWebProducts c:\program files\MyWebSearch c:\program files\MyWebSearch\bar\1.bin\CHROME.MANIFEST c:\program files\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR c:\program files\MyWebSearch\bar\1.bin\F3BKGERR.JPG c:\program files\MyWebSearch\bar\1.bin\F3CJpeg.dll c:\program files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL c:\program files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL c:\program files\MyWebSearch\bar\1.bin\F3HTtpct.dll c:\program files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL c:\program files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR c:\program files\MyWebSearch\bar\1.bin\F3REGHK.DLL c:\program files\MyWebSearch\bar\1.bin\F3REPROX.DLL c:\program files\MyWebSearch\bar\1.bin\F3RESTUB.DLL c:\program files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL c:\program files\MyWebSearch\bar\1.bin\F3SPACER.WMV c:\program files\MyWebSearch\bar\1.bin\F3WALLPP.DAT c:\program files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL c:\program files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG c:\program files\MyWebSearch\bar\1.bin\INSTALL.RDF c:\program files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL c:\program files\MyWebSearch\bar\1.bin\M3DLGHK.DLL c:\program files\MyWebSearch\bar\1.bin\M3FFTBPR.DLL c:\program files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE c:\program files\MyWebSearch\bar\1.bin\M3HTml.dll c:\program files\MyWebSearch\bar\1.bin\M3IDLE.DLL c:\program files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE c:\program files\MyWebSearch\bar\1.bin\M3MEDINT.EXE c:\program files\MyWebSearch\bar\1.bin\M3MSg.dll c:\program files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL c:\program files\MyWebSearch\bar\1.bin\M3PATCH.DLL c:\program files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL c:\program files\MyWebSearch\bar\1.bin\M3SKIN.DLL c:\program files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE c:\program files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE c:\program files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE c:\program files\MyWebSearch\bar\1.bin\MWSBAR.DLL c:\program files\MyWebSearch\bar\1.bin\MWSMLBTN.DLL c:\program files\MyWebSearch\bar\1.bin\MWSOEMON.EXE c:\program files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL c:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL c:\program files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL c:\program files\MyWebSearch\bar\1.bin\MWSSVC.EXE c:\program files\MyWebSearch\bar\1.bin\MWSUABTN.DLL c:\program files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S c:\program files\MyWebSearch\bar\Game\CHESS.F3S c:\program files\MyWebSearch\bar\Game\REVERSI.F3S c:\program files\MyWebSearch\bar\icons\CM.ICO c:\program files\MyWebSearch\bar\icons\MFC.ICO c:\program files\MyWebSearch\bar\icons\PSS.ICO c:\program files\MyWebSearch\bar\icons\SMILEY.ICO c:\program files\MyWebSearch\bar\icons\WB.ICO c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO c:\program files\MyWebSearch\bar\Message\COMMON.F3S c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S c:\program files\MyWebSearch\bar\Notifier\DOG.F3S c:\program files\MyWebSearch\bar\Notifier\FISH.F3S c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S c:\program files\MyWebSearch\bar\Notifier\MAID.F3S c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S c:\program files\MyWebSearch\bar\Overlay\COMMON.F3S c:\program files\MyWebSearch\bar\Settings\s_pid.dat c:\system volume information\Microsoft c:\system volume information\Microsoft\services.exe c:\system volume information\Microsoft\smss.exe c:\system volume information\SystemRestore c:\users\lelic\AppData\Local\Microsoft\Windows\Temporary Internet Files\Silverlight.exe c:\users\lelic\AppData\Roaming\completescan c:\users\lelic\AppData\Roaming\install c:\windows\system\d3d10core.dll c:\windows\system\d3d8.dll c:\windows\system\d3d9.dll c:\windows\system\D3DX10d_39.dll c:\windows\system32\f3PSSavr.scr c:\windows\system32\lssexp2.dll c:\windows\system32\ReadMe.txt c:\windows\system32\twunk_32.exe c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job . \\.\PhysicalDrive0 - Bootkit Whistler was found and disinfected . \\.\PhysicalDrive0 - Bootkit Whistler was found and disinfected . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_MyWebSearchService ((((((((((((((((((((((((( Files Created from 2011-01-07 to 2011-02-07 ))))))))))))))))))))))))))))))) . 2011-02-07 22:16 . 2011-02-07 22:18 -------- d-----w- c:\users\lelic\AppData\Local\temp 2011-02-07 22:16 . 2011-02-07 22:16 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-02-07 22:08 . 2011-02-03 09:10 137216 ----a-w- c:\windows\Xtahyg.exe 2011-02-07 21:49 . 2011-02-07 21:51 -------- d-----w- C:\32788R22FWJFW 2011-02-07 14:38 . 2011-02-07 14:38 -------- d-----w- c:\users\lelic\AppData\Local\{C077B9DF-16E7-49D2-941B-B2987FF10DC2} 2011-02-07 14:38 . 2011-02-03 09:10 137216 ----a-w- c:\windows\Xtahyf.exe 2011-02-07 13:52 . 2011-02-07 13:52 -------- d-----w- c:\users\lelic\Sisanje (2) 2011-02-07 13:48 . 2011-02-07 13:48 -------- d-----w- c:\users\lelic\AppData\Local\{317A4183-8F68-4ABF-A3B2-FE45403B4E7B} 2011-02-07 13:48 . 2011-02-03 09:10 137216 ----a-w- c:\windows\Xtahye.exe 2011-02-07 10:08 . 2011-02-07 10:12 -------- d-----w- c:\users\lelic\New folder 2011-02-07 09:06 . 2011-02-07 09:06 -------- d-sh--w- c:\windows\system32\%APPDATA% 2011-02-07 09:06 . 2011-02-07 09:06 -------- d-----w- c:\users\lelic\AppData\Local\{436EFF75-7F23-490A-8405-47DC7E5104B3} 2011-02-07 09:06 . 2011-02-03 09:10 137216 ----a-w- c:\windows\Xtahyd.exe 2011-02-06 14:37 . 2011-02-06 14:37 -------- d-----w- c:\program files\My Lockbox 2011-02-06 14:37 . 2010-07-22 15:13 41912 ----a-w- c:\windows\system32\drivers\FSPFltd.sys 2011-02-06 11:39 . 2011-02-06 11:39 -------- d-----w- c:\users\lelic\AppData\Local\{2ECF135B-FE7E-4F2A-8303-D826992FEFF0} 2011-02-06 11:39 . 2011-02-03 09:10 137216 ----a-w- c:\windows\Xtahyc.exe 2011-02-05 21:20 . 2011-02-05 21:20 -------- d-----w- c:\users\lelic\AppData\Roaming\Publish Providers 2011-02-05 20:44 . 2011-02-05 20:44 -------- d-----w- c:\users\lelic\AppData\Local\{E9349233-3960-44C9-86D8-AFD6BB6A9A88} 2011-02-05 19:53 . 2011-02-05 19:54 -------- d-----w- c:\users\lelic\AppData\Local\{B60F1F44-14E6-4A5C-B34D-248AE4CDD4D7} 2011-02-05 17:44 . 2011-02-05 17:44 -------- d-----w- c:\users\lelic\AppData\Local\{F599234E-8557-42A5-B273-6CCD1F4E06A0} 2011-02-05 14:20 . 2011-02-05 14:20 -------- d-----w- c:\users\lelic\AppData\Local\{566D7D25-CB59-416F-B87E-CC81C12465D2} 2011-02-05 10:25 . 2011-02-05 10:25 -------- d-----w- C:\$AVG 2011-02-05 10:08 . 2011-02-05 10:08 -------- d--h--w- c:\programdata\Common Files 2011-02-05 10:06 . 2011-02-05 20:39 -------- d-----w- c:\programdata\AVG10 2011-02-05 10:05 . 2011-02-05 20:37 -------- d-----w- c:\program files\AVG 2011-02-05 09:36 . 2011-02-05 20:39 -------- d-----w- c:\programdata\MFAData 2011-02-05 09:21 . 2011-02-05 09:21 -------- d-----w- c:\users\lelic\AppData\Local\{8C613668-C84A-4C54-8898-D79CFB5A19AD} 2011-02-04 18:08 . 2011-02-05 20:39 -------- d-----w- c:\program files\PC Tools Security 2011-02-04 18:08 . 2011-02-05 20:39 -------- d-----w- c:\program files\Common Files\PC Tools 2011-02-04 17:40 . 2011-02-03 09:10 137216 ----a-w- c:\windows\Xtahyb.exe 2011-02-04 17:31 . 1997-07-19 16:00 604432 ----a-w- c:\windows\system32\COMCTL32.OCX 2011-02-04 17:31 . 2011-02-05 20:37 -------- d-----w- c:\program files\WebSite X5 v8 - Evolution 2011-02-04 17:30 . 2001-08-31 13:00 1355776 ----a-w- c:\windows\system32\MSVBVM50.dll 2011-02-04 17:30 . 1997-01-15 23:00 29696 ----a-w- c:\windows\system32\VB5STKIT.DLL 2011-02-04 17:30 . 2009-03-15 16:35 207872 ----a-w- c:\windows\system32\iwpsetup.exe 2011-02-04 17:24 . 2011-02-05 09:27 -------- d-----w- c:\programdata\jFlJhAn08501 2011-02-04 10:10 . 2011-02-04 10:10 -------- d-----w- c:\users\lelic\AppData\Local\{1BD4063F-0603-4089-AC00-45A851328FD8} 2011-02-04 08:18 . 2011-02-04 08:18 -------- d-----w- c:\users\lelic\AppData\Local\{5C995F05-E648-427D-9E56-E85F48698FB7} 2011-02-04 08:18 . 2011-02-03 09:10 137216 ----a-w- c:\windows\Xtahya.exe 2011-02-03 09:04 . 2011-02-03 09:07 -------- d-----w- C:\My Folder 2011-02-03 01:16 . 2011-02-03 01:16 -------- d-----w- c:\users\lelic\AppData\Local\{20F7ABCA-2B79-4C87-A56B-5B7AFDF22CE5} 2011-02-03 01:16 . 2011-02-03 01:16 -------- d-----w- c:\users\lelic\AppData\Local\Windows Live Writer 2011-02-03 01:16 . 2011-02-03 01:16 -------- d-----w- c:\users\lelic\AppData\Roaming\Windows Live Writer 2011-02-02 18:55 . 2011-02-02 18:55 -------- d-----w- c:\users\lelic\AppData\Local\{903A3E21-124D-422A-B02C-A2E5540AC892} 2011-02-02 09:34 . 2011-02-02 09:34 -------- d-----w- c:\users\lelic\AppData\Local\{D66A4F2B-C835-4C3C-87F6-DF05199971A1} 2011-02-01 08:25 . 2011-02-01 08:25 -------- d-----w- c:\users\lelic\AppData\Local\{FBA7577F-E27B-4692-BEC7-C8CEA1706D90} 2011-01-31 08:39 . 2011-01-31 08:39 -------- d-----w- c:\users\lelic\AppData\Local\{AA20A132-1B5A-4145-B466-2F4645C51170} 2011-01-31 08:39 . 2011-01-31 08:39 -------- d-----w- c:\users\lelic\AppData\Local\{73BA6324-1E08-4E2E-B713-D544D6BF45ED} 2011-01-30 16:11 . 2011-01-30 16:11 -------- d-----w- c:\users\lelic\AppData\Local\{B7AA6E90-5A14-46BF-AE60-B59DB3C23652} 2011-01-30 13:53 . 2011-02-05 20:48 -------- d-----w- C:\wamp 2011-01-30 13:00 . 2011-02-05 20:39 -------- d-----w- c:\program files\trend micro 2011-01-30 13:00 . 2011-01-30 13:01 -------- d-----w- C:\rsit 2011-01-30 09:47 . 2011-01-30 09:47 -------- d-----w- c:\users\lelic\AppData\Local\{CFF29529-05D9-4EEF-AC56-9FC1BF341568} 2011-01-29 17:54 . 2011-02-05 20:37 -------- d-----w- c:\program files\Counter-Strike Source 2011-01-29 10:06 . 2011-01-29 10:06 -------- d-----w- c:\users\lelic\AppData\Local\{0F143118-022F-4734-988A-0D18A64CFABB} 2011-01-29 09:46 . 2011-01-29 09:46 -------- d-----w- c:\users\lelic\AppData\Local\{E224A9D2-9A80-45F0-AB9A-CE346DA7BA55} 2011-01-28 20:26 . 2011-01-28 20:26 -------- d-----w- c:\users\lelic\AppData\Local\{DC32CDAC-8B9D-484F-8193-02D3FE416EAF} 2011-01-28 20:25 . 2011-02-07 22:18 -------- d-----w- c:\users\lelic\Tracing 2011-01-28 19:21 . 2011-02-05 20:37 -------- d-----w- c:\program files\Windows Live 2011-01-28 19:21 . 2011-01-28 19:21 -------- d-----w- c:\windows\PCHEALTH 2011-01-28 19:18 . 2011-02-06 16:39 -------- d-----w- c:\users\lelic\AppData\Local\Windows Live 2011-01-28 19:18 . 2011-02-05 20:37 -------- d-----w- c:\program files\Common Files\Windows Live 2011-01-21 11:31 . 2011-02-05 20:37 -------- d-----w- c:\program files\Game House 2011-01-21 11:30 . 2011-01-21 11:30 -------- d-----w- c:\programdata\PopCap Games 2011-01-19 19:54 . 2011-02-05 20:37 -------- d-----w- c:\program files\KONAMI 2011-01-19 19:54 . 2011-01-19 19:54 -------- d-----w- c:\programdata\KONAMI 2011-01-17 15:05 . 2011-02-05 20:37 -------- d-----w- c:\program files\Counter-Strike 2011-01-17 13:47 . 2011-02-05 20:37 -------- d-----w- c:\program files\REDEMAX 2011-01-16 12:27 . 2011-01-16 12:27 -------- d-----w- c:\program files\BitTorrent 2011-01-16 10:16 . 2011-02-05 20:37 -------- d-----w- c:\program files\NJ Soft 2011-01-14 11:52 . 2011-02-05 20:37 -------- d-----w- c:\programdata\Sony . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-01-07 22:27 . 2010-12-20 20:06 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2011-01-07 22:26 . 2010-12-20 20:05 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2011-01-07 21:26 . 2010-08-09 17:26 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2011-01-07 21:25 . 2010-08-09 17:26 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2011-01-07 21:24 . 2010-08-09 17:25 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2010-12-30 19:08 . 2010-09-26 20:37 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2010-12-30 19:08 . 2010-09-26 20:37 183112 ----a-w- c:\windows\system32\PnkBstrB.exe 2010-12-20 20:07 . 2010-12-20 20:07 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll 2010-12-09 19:06 . 2010-12-09 19:06 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2010-11-10 04:33 . 2010-12-17 09:14 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F1C40715-2362-48D8-9A5E-A8A4A4BF1B21}\mpengine.dll 2010-11-10 01:54 . 2010-11-10 01:54 49016 ----a-w- c:\windows\system32\sirenacm.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712] "{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-10-10 3906656] [HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}] [HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 2010-10-10 14:51 3906656 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] 2010-10-10 14:51 3906656 ----a-w- c:\program files\Softonic-Eng7\tbSoft.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2010-09-28 20:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712] "{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-10-10 3906656] "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-10 3906656] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712] "{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\tbSoft.dll" [2010-10-10 3906656] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 153136] "BitTorrent"="c:\program files\BitTorrent\BitTorrent.exe" [2011-01-16 4771184] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] "Steam"="c:\program files\Steam\Steam.exe" [2011-01-05 1242448] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "BroadCam"="c:\program files\NCH Software\BroadCam\broadcam.exe" [2010-08-23 1052676] "MFARestart"="c:\programdata\MFAData\pack\avgrunasx.exe" [2010-11-24 241504] "mylbx"="c:\program files\My Lockbox\mylbx.exe" [2010-11-09 1792224] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer5"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-09-20 22:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-09-23 03:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] 2010-08-07 17:10 136176 ----atw- c:\users\lelic\AppData\Local\Google\Update\GoogleUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-11-10 21:08 417792 ----a-w- c:\program files\QuickTime\QTTask.exe R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-12-01 34384] S0 FSProFilter;FSPro File Filter;c:\windows\System32\Drivers\FSPFltd.sys [2010-07-22 41912] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-10-14 691696] S2 BroadCamService;BroadCam Video Streaming Server;c:\program files\NCH Software\BroadCam\broadcam.exe [2010-08-23 1052676] S2 gupdate;?????? Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-07 136176] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-03-22 278560] S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [2008-12-26 17792] . Contents of the 'Scheduled Tasks' folder 2011-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-04 17:10] 2011-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-04 17:10] 2010-10-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-83685119-447350358-3884237969-1000Core.job - c:\users\lelic\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-07 17:10] 2011-02-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-83685119-447350358-3884237969-1000UA.job - c:\users\lelic\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-07 17:10] . . ------- Supplementary Scan ------- . uStart Page = hxxp://start.facemoods.com/?a=wbst FF - ProfilePath - c:\users\lelic\AppData\Roaming\Mozilla\Firefox\Profiles\rcmc0tal.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Ask.com FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=wbst FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=ZLman000&ptb=5TNF9DFAo.9gt1GP0UVApA&psa=&ind=2010111506&ptnrS=ZLman000&si=&st=kwd&n=77cfde12&searchfor= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com FF - Ext: Facemoods: ffxtlbr@Facemoods.com - %profile%\extensions\ffxtlbr@Facemoods.com FF - Ext: Ask Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com FF - Ext: YouTube to MP3: youtube2mp3@mondayx.de - %profile%\extensions\youtube2mp3@mondayx.de FF - Ext: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - %profile%\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} FF - Ext: Stylish: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - %profile%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8} FF - Ext: Metal3D: {48e23fba-bb14-4745-b768-382150cd83fb} - %profile%\extensions\{48e23fba-bb14-4745-b768-382150cd83fb} FF - Ext: Oskar: {5b175400-2368-11de-8c30-0800200c9a66} - %profile%\extensions\{5b175400-2368-11de-8c30-0800200c9a66} . - - - - ORPHANS REMOVED - - - - BHO-{64182481-4F71-486b-A045-B233BD0DA8FC} - c:\program files\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll Toolbar-{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - c:\program files\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll HKCU-Run-BitTorrent DNA - c:\users\lelic\Program Files\DNA\btdna.exe HKCU-Run-Device Detection - c:\program files\FUJIFILM\MyFinePix Studio\dd.exe HKLM-Run-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe MSConfigStartUp-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.1\facemoodssrv.exe MSConfigStartUp-My Web Search Bar Search Scope Monitor - c:\progra~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe MSConfigStartUp-MyWebSearch Email Plugin - c:\progra~1\MYWEBS~1\bar\1.bin\mwsoemon.exe AddRemove-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.3\uninstall.exe AddRemove-BitTorrent DNA - c:\users\lelic\Program Files\DNA\btdna.exe . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d8,9e,da,34,95,c5,50,4c,b7,1a,cf,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d8,9e,da,34,95,c5,50,4c,b7,1a,cf,\ [HKEY_USERS\S-1-5-21-83685119-447350358-3884237969-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" [HKEY_USERS\S-1-5-21-83685119-447350358-3884237969-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\rundll32.exe c:\windows\system32\taskhost.exe c:\windows\Xtahyg.exe c:\windows\system32\conhost.exe c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe c:\windows\system32\sppsvc.exe . ************************************************************************** . Completion time: 2011-02-07 23:21:12 - machine was rebooted ComboFix-quarantined-files.txt 2011-02-07 22:21 Pre-Run: 97,977,405,440 bytes free Post-Run: 102,469,791,744 bytes free - - End Of File - - A8AD5B300646F82BFAE9F41C3A9C8C94

Profil

1l padr1n0 Poslao: 08 Feb 2011 00:08 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	1Ovo se svidja korisniku: strucnjak96 Registruj se da bi pohvalio/la poruku! U toku resavanja slucaja, zamolio bih te da se pridrzavas sledeceg: Detaljno citati moja uputstva (ili uputstva kolega koji ce me zamenjivati) i raditi iskljucivo po njima; Ne traziti istovremeno pomoc na drugom mestu; Nemoj koristiti druge programe za uklanjanje malware-a, osim onih za koje budes dobio uputstvo; U toku intervencije ne koristiti USB memorijske uredjaje, dok to ne budem zatrazio; Ukoliko ne odgovorim u roku od 48h, osvezi temu novim post-om; Ukoliko se ne javis u roku od 5 dana, zatvoricemo slucaj. ------------------------------------------------------------------------------------- Arhiviraj (zip, rar) folder C:\QooBox\Quarantine i upload-uj ga preko sledećeg link-a: http://www.mycity.rs/ambulanta-upload.php Putem istog linka, upload-uj mi ovaj fajl: c:\windows\Xtahya.exe goran9888 (AMF Tim)

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Kako da upalim Security u Windows 7

Ko je trenutno na forumu

Ukupno su 794 korisnika na forumu :: 23 registrovanih, 3 sakrivenih i 768 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: _Sale, A.R.Chafee.Jr., Ben Roj, djboj, hooraay, Ilija Cvorovic, jackreacher011011, kokan0905, Kubovac, libellule_dk, mercedesamg, mrav pesadinac, naki011, nikoladim, nuke92, Panonsky, raptorsi, rodoljub, stegonosa, vathra, VJ, vlajkox, wolverined4

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by