MyCity » Ambulanta -> Arhiva Ambulante » Malver zbog kog otkazuje Google Chrome

Malver zbog kog otkazuje Google Chrome

Napisano na dan: 28.11.2013

Strana:
1
2

Malver zbog kog otkazuje Google Chrome

Sledeća strana

Pagination

Odgovori

Strana:
1
2

TheSpringEagle Poslao: 28 Nov 2013 01:23 Idi na vrh
offline TheSpringEagle AMF student Anunnaki Pridružio: 20 Apr 2012 Poruke: 1645	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Ima malver zbog koga mi otkazuje non stop Chrome,onda sam otisao do chrome://conflicts/ i tu mi je izaslo 149 modula i 3 confilcta onda sam usao Learn more i tu mi je izbacilo ovo https://support.google.com/chrome/answer/1093113?p=24555d74&rd=1&hl=sr skinuo sam Antivirus Malwarebytes i poceo sa skeniranjem https://www.mycity.rs/must-login.png Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.11.27.10 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 10.0.9200.16618 Luta :: LUTA-PC [administrator] 28.11.2013 0:55:44 MBAM-log-2013-11-28 (01-20-18).txt Scan type: Quick scan Scan options enabled: Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken \| PUP \| PUM Scan options disabled: P2P Objects scanned: 200588 Time elapsed: 24 minute(s), 5 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 25 HKCR\CLSID\{1621E034-16E3-A5B1-0B34-7651E79D7AF0} (PUP.Optional.MultiPlug.A) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1621E034-16E3-A5B1-0B34-7651E79D7AF0} (PUP.Optional.MultiPlug.A) -> No action taken. HKCR\CLSID\{73060457-9EA9-48B7-BDAD-85D70C5A5E5C} (PUP.Optional.MultiPlug.A) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73060457-9EA9-48B7-BDAD-85D70C5A5E5C} (PUP.Optional.MultiPlug.A) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{73060457-9EA9-48B7-BDAD-85D70C5A5E5C} (PUP.Optional.MultiPlug.A) -> No action taken. HKCR\CLSID\{C7A7B220-870B-01DC-19B8-B563EC382293} (PUP.Optional.MultiPlug.A) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7A7B220-870B-01DC-19B8-B563EC382293} (PUP.Optional.MultiPlug.A) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7A7B220-870B-01DC-19B8-B563EC382293} (PUP.Optional.MultiPlug.A) -> No action taken. HKCR\CLSID\{C11CAF9B-BEDE-D244-2F50-5CA6A017D11C} (PUP.Optional.MultiPlug.A) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C11CAF9B-BEDE-D244-2F50-5CA6A017D11C} (PUP.Optional.MultiPlug.A) -> No action taken. HKCR\CLSID\{ECAFF00B-8329-7B3E-A55F-A45D4372320C} (PUP.Optional.MultiPlug.A) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ECAFF00B-8329-7B3E-A55F-A45D4372320C} (PUP.Optional.MultiPlug.A) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ECAFF00B-8329-7B3E-A55F-A45D4372320C} (PUP.Optional.MultiPlug.A) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{924C3DC2-8E4E-432E-F973-9A2174A39774} (PUP.Optional.SilentInstall.A) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C1A27135-69EB-8D44-7358-34727DD7B820} (PUP.Optional.MultiPlug.A) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{62D82EC1-0D3A-DF54-8E3E-07E1337A5311} (PUP.Optional.MultiPlug.A) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD} (PUP.Optional.MultiPlug.A) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker (PUP.Optional.Somoto.A) -> No action taken. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} (PUP.Optional.WebSearchInfo) -> No action taken. HKCU\Software\AppDataLow\SProtector (PUP.Optional.SProtector.A) -> No action taken. HKCU\SOFTWARE\BI (PUP.Optional.FilesFrog.A) -> No action taken. HKCU\SOFTWARE\SOMOTO\SDP (PUP.Optional.Somoto.A) -> No action taken. HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} (PUP.Optional.SearchNewTab) -> No action taken. HKCR\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} (PUP.Optional.SearchNewTab) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1 (PUP.Optional.EZDownloader.A) -> No action taken. Registry Values Detected: 3 HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\|DefaultScope (PUP.Optional.WebSearchInfo) -> Data: {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} -> No action taken. HKCU\Software\BI\|ui_path_filesfrog (PUP.Optional.FilesFrog.A) -> Data: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker -> No action taken. HKCU\Software\Somoto\SDP\|affid (PUP.Optional.Somoto.A) -> Data: nokiafreeunlockcalculator -> No action taken. Registry Data Items Detected: 5 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\|AppInit_DLLs (PUP.Optional.SProtect.A) -> Bad: (c:\progra~1\safesa~1\sprote~1.dll) Good: () -> No action taken. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\|AppInit_DLLs (PUP.Optional.SProtect.A) -> Bad: (c:\progra~1\sshelp~1\sprote~1.dll) Good: () -> No action taken. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\|AppInit_DLLs (PUP.Optional.SProtect.A) -> Bad: (c:\progra~1\websea~1\sprote~1.dll) Good: () -> No action taken. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\|Start Page (PUP.Optional.WebSearchInfo) -> Bad: (http://websearch.searchere.info/?pid=821&r=2013/10/01&hid=16038363930489775096&lg=EN&cc=RS&unqvl=37) Good: (http://www.google.com) -> No action taken. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\|Start Page (PUP.Optional.WebSearchInfo) -> Bad: (http://websearch.searchere.info/?pid=821&r=2013/10/01&hid=16038363930489775096&lg=EN&cc=RS&unqvl=37) Good: (http://www.google.com) -> No action taken. Folders Detected: 4 C:\ProgramData\SearchNewTab (PUP.Optional.SearchNewTab) -> No action taken. C:\Program Files\EZDownloader (PUP.Optional.EZDownloader.A) -> No action taken. C:\Users\Luta\AppData\Local\FilesFrog Update Checker (PUP.Optional.FilesFrog.A) -> No action taken. C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker (PUP.Optional.FilesFrog.A) -> No action taken. Files Detected: 52 C:\Program Files\SafeSaver\sprotector.dll (PUP.Optional.SProtect.A) -> No action taken. C:\Program Files\ss helper\sprotector.dll (PUP.Optional.SProtect.A) -> No action taken. C:\Program Files\WebSearch\sprotector.dll (PUP.Optional.SProtect.A) -> No action taken. C:\ProgramData\suaafe save\51dec5f96db46.dll (PUP.Optional.MultiPlug.A) -> No action taken. C:\ProgramData\SearchNewTab\AGTscL.dll (PUP.Optional.MultiPlug.A) -> No action taken. C:\ProgramData\savvensharE!\O.dll (PUP.Optional.MultiPlug.A) -> No action taken. C:\ProgramData\suaafe save\51dec62acd7ae.dll (PUP.Optional.MultiPlug.A) -> No action taken. C:\ProgramData\DownlioaeD kkeeper\8kuHs.dll (PUP.Optional.MultiPlug.A) -> No action taken. C:\ProgramData\DownlioaeD kkeeper\EPEW7O.exe (PUP.Optional.MultiPlug.A) -> No action taken. C:\ProgramData\savvensharE!\kV.exe (PUP.Optional.MultiPlug.A) -> No action taken. C:\ProgramData\SearchNewTab\dcCVuPL.exe (PUP.Optional.MultiPlug.A) -> No action taken. C:\ProgramData\suaafe save\uninstall.exe (PUP.Optional.SilentInstall.A) -> No action taken. C:\Users\Luta\AppData\Local\temp\UpdateCheckerSetup.exe (PUP.Optional.Somoto.A) -> No action taken. C:\Users\Luta\AppData\Local\temp\UpdUninstall.exe (PUP.Optional.Amonetize.A) -> No action taken. C:\Users\Luta\AppData\Local\temp\Subtitles13__2303_il186384.exe (PUP.Optional.Amonetize.A) -> No action taken. C:\Users\Luta\AppData\Local\temp\CDE420C3-BAB0-7891-8FF1-18513787BC32\CrxInstaller.dum (PUP.Optional.Babylon.A) -> No action taken. C:\Users\Luta\AppData\Local\temp\00294823\kV.exe (PUP.Optional.MultiPlug.A) -> No action taken. C:\Users\Luta\AppData\Local\temp\00294823\O.dll (PUP.Optional.MultiPlug.A) -> No action taken. C:\Users\Luta\AppData\Local\temp\{24BB939D-6F6A-4499-A672-2748FF58B16B}\Addons\ext_setup.exe (PUP.Optional.PreLoader.A) -> No action taken. C:\Users\Luta\AppData\Local\temp\{24BB939D-6F6A-4499-A672-2748FF58B16B}\Addons\EzDownloader_setup.exe (PUP.Optional.EZDownloader.A) -> No action taken. C:\Users\Luta\AppData\Local\temp\DC9DA727-BAB0-7891-91BD-E70676AE4513\CrxInstaller.dum (PUP.Optional.Babylon.A) -> No action taken. C:\Users\Luta\AppData\Local\temp\18be6784\8kuHs.dll (PUP.Optional.MultiPlug.A) -> No action taken. C:\Users\Luta\AppData\Local\temp\18be6784\EPEW7O.exe (PUP.Optional.MultiPlug.A) -> No action taken. C:\Users\Luta\AppData\Local\temp\4ae13d6c\AGTscL.dll (PUP.Optional.MultiPlug.A) -> No action taken. C:\Users\Luta\AppData\Local\temp\4ae13d6c\dcCVuPL.exe (PUP.Optional.MultiPlug.A) -> No action taken. C:\Users\Luta\AppData\Local\FilesFrog Update Checker\uninstall.exe (PUP.Optional.Somoto.A) -> No action taken. C:\Users\Luta\AppData\Local\FilesFrog Update Checker\update_checker.exe (PUP.Optional.FilesFrog.A) -> No action taken. C:\Users\Luta\Local Settings\Temporary Internet Files\Content.IE5\136QQFOX\o[1].exe (PUP.Optional.PreLoader.A) -> No action taken. C:\Users\Luta\Local Settings\Temporary Internet Files\Content.IE5\PLSCAJWP\search_defender_166[1].exe (PUP.Optional.SProtect.A) -> No action taken. C:\Users\Luta\Local Settings\Temporary Internet Files\Content.IE5\PLSCAJWP\search_defender_166[2].exe (PUP.Optional.SProtect.A) -> No action taken. C:\Users\Luta\Local Settings\Temporary Internet Files\Content.IE5\PLSCAJWP\search_defender_alternate_166[1].exe (PUP.Optional.SProtect.A) -> No action taken. C:\Users\Luta\Local Settings\Temporary Internet Files\Content.IE5\U0SW7OYF\3QhiY[1].exe (PUP.Optional.PreLoader.A) -> No action taken. C:\Users\Luta\Local Settings\Temporary Internet Files\Content.IE5\U0SW7OYF\51dec5f985748[1].exe (PUP.Adware.MultiPlug) -> No action taken. C:\Users\Luta\Local Settings\Temporary Internet Files\Content.IE5\U0SW7OYF\51dec62ae4276[1].exe (PUP.Adware.MultiPlug) -> No action taken. C:\Users\Luta\Local Settings\Temporary Internet Files\Content.IE5\U0SW7OYF\dcUyka[1].exe (PUP.Optional.PreLoader.A) -> No action taken. C:\Users\Luta\Local Settings\Temporary Internet Files\Content.IE5\U0SW7OYF\ezdownloader[1].exe (PUP.Optional.EZDownloader.A) -> No action taken. C:\Windows\System32\roboot.exe (PUP.Optional.PCPerformer.A) -> No action taken. C:\ProgramData\SearchNewTab\AGTscL.dat (PUP.Optional.SearchNewTab) -> No action taken. C:\ProgramData\SearchNewTab\AGTscL.tlb (PUP.Optional.SearchNewTab) -> No action taken. C:\ProgramData\SearchNewTab\dcCVuPL.dat (PUP.Optional.SearchNewTab) -> No action taken. C:\Program Files\EZDownloader\EZDownloader.Core.dll (PUP.Optional.EZDownloader.A) -> No action taken. C:\Program Files\EZDownloader\EZDownloader.exe (PUP.Optional.EZDownloader.A) -> No action taken. C:\Program Files\EZDownloader\EZDownloader.exe.config (PUP.Optional.EZDownloader.A) -> No action taken. C:\Program Files\EZDownloader\EZDownloader.Extension.dll (PUP.Optional.EZDownloader.A) -> No action taken. C:\Program Files\EZDownloader\EZDownloader.Spider.dll (PUP.Optional.EZDownloader.A) -> No action taken. C:\Program Files\EZDownloader\ICSharpCode.SharpZipLib.dll (PUP.Optional.EZDownloader.A) -> No action taken. C:\Program Files\EZDownloader\Interop.SHDocVw.dll (PUP.Optional.EZDownloader.A) -> No action taken. C:\Program Files\EZDownloader\TabStrip.dll (PUP.Optional.EZDownloader.A) -> No action taken. C:\Program Files\EZDownloader\unins000.dat (PUP.Optional.EZDownloader.A) -> No action taken. C:\Program Files\EZDownloader\unins000.exe (PUP.Optional.EZDownloader.A) -> No action taken. C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Check for Updates.lnk (PUP.Optional.FilesFrog.A) -> No action taken. C:\Users\Luta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker\Uninstall.lnk (PUP.Optional.FilesFrog.A) -> No action taken. (end) Unaprijed Hvala

Profil

magna86 Poslao: 28 Nov 2013 01:41 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	1Ovo se svidja korisniku: TheSpringEagle Registruj se da bi pohvalio/la poruku! Pozdrav, Nisi prvi put u Ambulanti. Postavi nam DDS logove da bi neko od AMF Tima imao osnovu za dalje korake. http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Profil

TheSpringEagle Poslao: 28 Nov 2013 02:33 Idi na vrh
offline TheSpringEagle AMF student Anunnaki Pridružio: 20 Apr 2012 Poruke: 1645	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Nisam prvi put ali sam pratio upustva sa Googla Chroma DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 10.0.9200.16611 Run by Luta at 2:25:38 on 2013-11-28 Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.1013.183 [GMT 1:00] . AV: Microsoft Security Essentials Enabled/Updated {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials Enabled/Updated {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\ProgramData\DatacardService\HWDeviceService.exe C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe C:\ProgramData\DatacardService\DCSHelper.exe C:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe C:\Program Files\HSPA USB MODEM\BackgroundService\ModemListener.exe C:\Program Files\MCShield\MCShieldRTM.exe C:\Users\Luta\AppData\Local\Google\Update\1.3.21.165\GoogleCrashHandler.exe C:\Users\Luta\AppData\Local\Torch\Update\TorchCrashHandler.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe c:\Program Files\Microsoft Security Client\NisSrv.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\WUDFHost.exe C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup . ============== Pseudo HJT Report =============== . uStart Page = hxxp://websearch.searchere.info/?pid=821&r=2013/10/01&hid=16038363930489775096&lg=EN&cc=RS&unqvl=37 mStart Page = hxxp://websearch.searchere.info/?pid=821&r=2013/10/01&hid=16038363930489775096&lg=EN&cc=RS&unqvl=37 BHO: suaafe save: {1621E034-16E3-A5B1-0B34-7651E79D7AF0} - c:\programdata\suaafe save\51dec5f96db46.dll BHO: SearchNewTab: {73060457-9EA9-48B7-BDAD-85D70C5A5E5C} - c:\programdata\searchnewtab\AGTscL.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: suaafe save: {C11CAF9B-BEDE-D244-2F50-5CA6A017D11C} - c:\programdata\suaafe save\51dec62acd7ae.dll BHO: savvensharE!: {C7A7B220-870B-01DC-19B8-B563EC382293} - c:\programdata\savvenshare!\O.dll BHO: DownlioaeD kkeeper: {ECAFF00B-8329-7B3E-A55F-A45D4372320C} - c:\programdata\downlioaed kkeeper\8kuHs.dll uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe uRun: [Google Update] "c:\users\luta\appdata\local\google\update\GoogleUpdate.exe" /c mRun: [MTel_ontenegro Imola ModemListener] c:\program files\hspa usb modem\backgroundservice\ModemListener.exe start mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent uPolicies-Explorer: NoDrives = dword:0 uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:4 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: Interfaces\{4D0392C3-801C-40A9-8D51-1D5BC1661963} : NameServer = 213.133.3.5 10.11.12.14 TCP: Interfaces\{66F411CF-B3DD-46BD-AD06-8C8E5420FBA9} : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{F5A3423C-50F7-4A8C-A90B-48CFFE968F53} : DHCPNameServer = 192.168.1.254 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: igfxcui - igfxdev.dll AppInit_DLLs= c:\progra~1\safesa~1\sprote~1.dll c:\progra~1\sshelp~1\sprote~1.dll c:\progra~1\websea~1\sprote~1.dll . ============= SERVICES / DRIVERS =============== . R0 BMLoad;Bytemobile Boot Time Load Driver;c:\windows\system32\drivers\BMLoad.sys [2013-9-21 13184] R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296] R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2013-9-21 76544] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2012-1-8 68208] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-5-26 78136] S3 EUCR;EUCR;c:\windows\system32\drivers\EUCR6SK.sys [2012-1-8 82768] S3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\drivers\ew_usbenumfilter.sys [2013-9-21 11136] S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2013-8-12 49664] S3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\drivers\ew_jucdcacm.sys [2013-9-21 95616] S3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\drivers\jrdusbser.sys [2013-7-2 106112] S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2012-7-20 9216] . =============== Created Last 30 ================ . 2013-11-27 23:31:54 -------- d-----w- c:\users\luta\appdata\roaming\Malwarebytes 2013-11-27 23:30:06 -------- d-----w- c:\programdata\Malwarebytes 2013-11-27 23:29:56 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-11-27 23:29:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-11-27 20:58:23 7772552 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{ecb61224-812f-4af3-91c4-cf2fba5c31f6}\mpengine.dll 2013-11-26 14:09:27 7772552 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2013-11-06 14:34:48 719224 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{59d6e460-e43c-407e-a3d2-ac969a2c9c14}\gapaengine.dll 2013-11-01 23:04:56 -------- d-----w- c:\programdata\TorchCrashHandler . ==================== Find3M ==================== . 2013-11-19 10:21:30 230048 ------w- c:\windows\system32\MpSigStub.exe 2013-09-21 12:24:16 132224 ----a-w- c:\windows\system32\bmdumpd.bin . ============= FINISH: 2:29:26,27 =============== https://www.mycity.rs/must-login.png

Profil

magna86 Poslao: 28 Nov 2013 13:59 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Da li koristis EZDownloader? Deinstaliraj sledece: Start > ControlPanel> Programs and Features `DownlioaeD kkeeper SafeSaver 1.74 savvensharE! Search Assistant WebSearch 1.74 SearchNewTab ss helper 1.74 suaafe save Torch` Restartuj racunar. --------------------------------------------------- Preuzmi smeenk-ov zoek.zip ili zoek.rar () sa ovog ili ovog linka i sačuvaj ga na Desktop. Raspakuj arhivu u neki folder (uputstvo), a zatim: zatvori browser i ostale pokrenute programe; privremeno deaktiviraj zaštitni softver ( ukoliko je to potrebno ) Uputstvo ; dvoklikom pokreni zoek na ikonicu programa ; pričekaj da se alat startuje ... U beli okvir prozora iskopiraj sledeći tekst: createsrpoint; emptyfolderscheck;delete emptyclsid; c:\programdata\suaafe save;fs c:\programdata\searchnewtab;fs c:\programdata\savvenshare!;fs c:\programdata\downlioaed kkeeper;fs [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows];r "AppInit_DLLs"=-;r c:\programdata\TorchCrashHandler;fs DownlioaeD kkeeper;u SafeSaver 1.74;u savvensharE!;u Search Assistant WebSearch 1.74;u SearchNewTab;u ss helper 1.74;u suaafe save;u Torch;u ipconfig /flushdns >> %temp%\log.txt;b autoclean; Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku. --------------------------------------------------- Ponovo pokreni DDS i postavi mi svez DDS.txt log

Profil

TheSpringEagle Poslao: 28 Nov 2013 22:07 Idi na vrh
offline TheSpringEagle AMF student Anunnaki Pridružio: 20 Apr 2012 Poruke: 1645	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zoek.exe Version 4.0.0.5 Updated 24-November-2013 Tool run by Luta on źet 28.11.2013 at 21:51:28,18. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Luta\Desktop\zoek\zoek.com [Script inserted] ==== System Restore Info ====================== 28.11.2013 21:55:28 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\Intel deleted successfully C:\Users\Luta\AppData\Roaming\Media Player Classic deleted successfully C:\Users\Luta\AppData\Local\SISContents deleted successfully

Profil

magna86 Poslao: 28 Nov 2013 22:13 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Trebas da sacekas da zoek zavrsi rad, restartuje racunar a tek onda da kopiras izvestaj da bih video sta je uradio, nikako obrnuto. Hajde sada kada je zoek restartovao racunar, proveri da li imas zoek log na C:\ particiji pa je ponovo iskopiraj

Profil

TheSpringEagle Poslao: 28 Nov 2013 22:26 Idi na vrh
offline TheSpringEagle AMF student Anunnaki Pridružio: 20 Apr 2012 Poruke: 1645	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 28 Nov 2013 22:14 DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 10.0.9200.16611 Run by Luta at 22:10:37 on 2013-11-28 Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.1013.194 [GMT 1:00] . AV: Microsoft Security Essentials Disabled/Updated {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials Disabled/Updated {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\HSPA USB MODEM\BackgroundService\ModemListener.exe C:\Program Files\MCShield\MCShieldRTM.exe C:\Users\Luta\AppData\Local\Google\Update\1.3.21.165\GoogleCrashHandler.exe C:\Windows\System32\WUDFHost.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Luta\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = hxxp://websearch.searchere.info/?pid=821&r=2013/10/01&hid=16038363930489775096&lg=EN&cc=RS&unqvl=37 mStart Page = hxxp://websearch.searchere.info/?pid=821&r=2013/10/01&hid=16038363930489775096&lg=EN&cc=RS&unqvl=37 BHO: suaafe save: {1621E034-16E3-A5B1-0B34-7651E79D7AF0} - BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe uRun: [Google Update] "c:\users\luta\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [Facebook Update] "c:\users\luta\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver mRun: [MTel_ontenegro Imola ModemListener] c:\program files\hspa usb modem\backgroundservice\ModemListener.exe start uPolicies-Explorer: NoDrives = dword:0 uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:4 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: Interfaces\{4D0392C3-801C-40A9-8D51-1D5BC1661963} : NameServer = 213.133.3.5 10.11.12.14 TCP: Interfaces\{66F411CF-B3DD-46BD-AD06-8C8E5420FBA9} : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{F5A3423C-50F7-4A8C-A90B-48CFFE968F53} : DHCPNameServer = 192.168.1.254 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: igfxcui - igfxdev.dll AppInit_DLLs= . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296] R2 MTel_ontenegro Imola Modem Device Helper;MTel_ontenegro Imola Modem Device Helper;c:\program files\hspa usb modem\backgroundservice\servicemanager.exe -start --> c:\program files\hspa usb modem\backgroundservice\ServiceManager.exe -start [?] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2012-1-8 68208] R3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2012-1-8 6766080] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-5-26 78136] S3 EUCR;EUCR;c:\windows\system32\drivers\EUCR6SK.sys [2012-1-8 82768] S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2013-8-12 49664] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2013-2-5 1512448] S3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\drivers\jrdusbser.sys [2013-7-2 106112] S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2012-7-20 9216] S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-3-20 100328] S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-1-27 295232] S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [2012-3-28 32377] S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2012-7-21 15576] S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2012-7-21 10200] S3 qcusbser;Mobile Connector USB Device for Legacy Serial Communication;c:\windows\system32\drivers\cmusbser.sys [2013-5-24 97408] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-1-9 14848] S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2012-5-26 98432] S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2012-5-26 14848] S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2012-5-26 123648] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2012-5-26 181432] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-1-9 49664] S4 UI Assistant Service;UI Assistant Service;c:\program files\join air\AssistantServices.exe [2013-6-6 252784] . =============== Created Last 30 ================ . 2013-11-28 21:01:46 62576 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{30dbea48-6db2-4267-880a-05368faf78a6}\offreg.dll 2013-11-28 20:47:07 -------- d-----w- C:\zoek_backup 2013-11-28 05:14:30 7772552 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{30dbea48-6db2-4267-880a-05368faf78a6}\mpengine.dll 2013-11-27 23:31:54 -------- d-----w- c:\users\luta\appdata\roaming\Malwarebytes 2013-11-27 23:30:06 -------- d-----w- c:\programdata\Malwarebytes 2013-11-27 23:29:56 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-11-27 23:29:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-11-27 20:58:23 7772552 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2013-11-06 14:34:48 719224 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{59d6e460-e43c-407e-a3d2-ac969a2c9c14}\gapaengine.dll . ==================== Find3M ==================== . 2013-11-19 10:21:30 230048 ------w- c:\windows\system32\MpSigStub.exe 2013-09-21 12:25:36 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll 2013-09-21 12:25:36 1112288 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll . ============= FINISH: 22:12:39,77 =============== https://www.mycity.rs/must-login.png Dopuna: 28 Nov 2013 22:26 Evo opet sam uradio Zoek.exe Version 4.0.0.5 Updated 24-November-2013 Tool run by Luta on źet 28.11.2013 at 21:51:28,18. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Luta\Desktop\zoek\zoek.com [Script inserted] ==== System Restore Info ====================== 28.11.2013 21:55:28 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\Intel deleted successfully C:\Users\Luta\AppData\Roaming\Media Player Classic deleted successfully C:\Users\Luta\AppData\Local\SISContents deleted successfully

Profil

magna86 Poslao: 28 Nov 2013 22:31 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zoek log nije ceo. Mozda nesto ne radis kako treba ali bitno je da je zoek odradio ono sto je trebalo. Sudeci po DDS-u i jeste. Ponovo pokreni zoek.exe ali preko ove skripte: `{1621E034-16E3-A5B1-0B34-7651E79D7AF0};c autoclean;` Tek kada zoek zavrsi rad ( u medjuvremenu ce zatraziti restart sistema ) pokaci mi C:\zoek-results.log kao i svez DDS.txt log, pokretajuci DDS alat.

Profil

TheSpringEagle Poslao: 28 Nov 2013 23:53 Idi na vrh
offline TheSpringEagle AMF student Anunnaki Pridružio: 20 Apr 2012 Poruke: 1645	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Ma nisam dobro radio ali sad zadnji put mislim da sam dobro uradio evo izvjestaja Zoek.exe Version 4.0.0.5 Updated 24-November-2013 Tool run by Luta on źet 28.11.2013 at 23:21:23,09. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Luta\Desktop\zoek\zoek.exe [Script inserted] ==== Older Logs ====================== C:\zoek-results2013-11-28-205758.log 638 bytes C:\zoek-results2013-11-28-211923.log 648 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2787396597-1344915912-1888278398-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully HKEY_CLASSES_ROOT\CLSID\{1621E034-16E3-A5B1-0B34-7651E79D7AF0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1621E034-16E3-A5B1-0B34-7651E79D7AF0} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files\ss helper deleted C:\ProgramData\YTD Video Downloader deleted C:\ProgramData\Package Cache deleted C:\Users\Luta\AppData\Local\SwvUpdater deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader deleted C:\Windows\system32\tasks\Go for FilesUpdate deleted C:\Windows\system32\roboot.exe deleted C:\Users\Public\Desktop\YTD Video Downloader.lnk deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{336D0C35-8A85-403a-B9D2-65C292C39087}"="C:\Program Files\Web Assistant\Firefox" [] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions adchnndejpglemhfcabnlbggadpkmfca - C:\ProgramData\Bcool\adchnndejpglemhfcabnlbggadpkmfca.crx[] jfmjfhklogoienhpfnppmbcbjfjnkonk - No path found[] kiplfnciaokpcennlkldkdaeaaomamof - C:\Users\Luta\AppData\Local\Torch\Plugins\TorchPlugin.crx[] ==== Chrome Fix ====================== C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage-journal deleted successfully C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://websearch.searchere.info/?pid=821&r=2013/10/01&hid=16038363930489775096&lg=EN&cc=RS&unqvl=37" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://websearch.searchere.info/?pid=821&r=2013/10/01&hid=16038363930489775096&lg=EN&cc=RS&unqvl=37" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0AFCB63A-6AD0-AB34-998E-0B5D5CB23DB9} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4D34A60C-BBFE-FDEF-0B8A-F6E869BA6D44} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{65278BA4-87A5-2D4E-4B75-A09B08132168} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B9834653-5AEA-23AE-1FFD-9BC1155360D8} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D6D24BBE-C194-BA0F-848B-3B217D4A596F} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\adchnndejpglemhfcabnlbggadpkmfca deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MiniBin deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDP deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe deleted successfully ==== Empty IE Cache ====================== C:\Users\Luta\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Luta\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Luta\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on źet 28.11.2013 at 23:42:51,66 ====================== DDS izvjestaj DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 10.0.9200.16611 Run by Luta at 23:44:06 on 2013-11-28 Microsoft Windows 7 Ultimate 6.1.7601.1.1250.381.1033.18.1013.415 [GMT 1:00] . AV: Microsoft Security Essentials Disabled/Updated {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials Disabled/Updated {84E27563-E198-C6D6-D9BC-D9F020245508} . ============== Running Processes ================ . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe C:\Program Files\Skype\Updater\Updater.exe C:\Windows\system32\sppsvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\HSPA USB MODEM\BackgroundService\ModemListener.exe C:\Program Files\MCShield\MCShieldRTM.exe C:\Users\Luta\AppData\Local\Google\Update\1.3.21.165\GoogleCrashHandler.exe c:\Program Files\Microsoft Security Client\MpCmdRun.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe uRun: [Google Update] "c:\users\luta\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [Facebook Update] "c:\users\luta\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver mRun: [MTel_ontenegro Imola ModemListener] c:\program files\hspa usb modem\backgroundservice\ModemListener.exe start uPolicies-Explorer: NoDrives = dword:0 uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:4 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: Interfaces\{66F411CF-B3DD-46BD-AD06-8C8E5420FBA9} : DHCPNameServer = 192.168.1.254 TCP: Interfaces\{F5A3423C-50F7-4A8C-A90B-48CFFE968F53} : DHCPNameServer = 192.168.1.254 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: igfxcui - igfxdev.dll AppInit_DLLs= . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-1-20 195296] R2 MTel_ontenegro Imola Modem Device Helper;MTel_ontenegro Imola Modem Device Helper;c:\program files\hspa usb modem\backgroundservice\servicemanager.exe -start --> c:\program files\hspa usb modem\backgroundservice\ServiceManager.exe -start [?] R2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2012-1-8 68208] R3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2012-1-8 6766080] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-5-26 78136] S3 EUCR;EUCR;c:\windows\system32\drivers\EUCR6SK.sys [2012-1-8 82768] S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2013-8-12 49664] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2013-2-5 1512448] S3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\drivers\jrdusbser.sys [2013-7-2 106112] S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2012-7-20 9216] S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-3-20 100328] S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-1-27 295232] S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [2012-3-28 32377] S3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2012-7-21 15576] S3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2012-7-21 10200] S3 qcusbser;Mobile Connector USB Device for Legacy Serial Communication;c:\windows\system32\drivers\cmusbser.sys [2013-5-24 97408] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-1-9 14848] S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2012-5-26 98432] S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2012-5-26 14848] S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2012-5-26 123648] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2012-5-26 181432] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-1-9 49664] S4 UI Assistant Service;UI Assistant Service;c:\program files\join air\AssistantServices.exe [2013-6-6 252784] . =============== Created Last 30 ================ . 2013-11-28 22:42:58 -------- d-sh--w- C:\$RECYCLE.BIN 2013-11-28 22:42:41 62576 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{30dbea48-6db2-4267-880a-05368faf78a6}\offreg.dll 2013-11-28 22:38:30 24064 ----a-w- c:\windows\zoek-delete.exe 2013-11-28 22:38:29 -------- d-----w- c:\users\luta\appdata\local\Temp 2013-11-28 20:47:07 -------- d-----w- C:\zoek_backup 2013-11-28 05:14:30 7772552 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{30dbea48-6db2-4267-880a-05368faf78a6}\mpengine.dll 2013-11-27 23:31:54 -------- d-----w- c:\users\luta\appdata\roaming\Malwarebytes 2013-11-27 23:30:06 -------- d-----w- c:\programdata\Malwarebytes 2013-11-27 23:29:56 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-11-27 23:29:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2013-11-27 20:58:23 7772552 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2013-11-06 14:34:48 719224 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{59d6e460-e43c-407e-a3d2-ac969a2c9c14}\gapaengine.dll . ==================== Find3M ==================== . 2013-11-19 10:21:30 230048 ------w- c:\windows\system32\MpSigStub.exe 2013-09-21 12:25:36 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll 2013-09-21 12:25:36 1112288 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll . ============= FINISH: 23:46:48,08 =============== https://www.mycity.rs/must-login.png

Profil

magna86 Poslao: 29 Nov 2013 00:33 Idi na vrh
offline magna86 Anti Malware Fighter Rank 2 Pridružio: 21 Jun 2008 Poruke: 6103	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovo sad izgleda dobro. Ponovo pokreni Malwarebytes i izvrsi azuriranje (update). Izaberi opciju Perform Quick Scan i klikni Scan. Po završetku procesa klikni OK, Show Results: => u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected. Po završetku procesa, logfile će se otvoriti u Notepad-u; iskopiraj ga u temu na forumu. Ukoliko program zatraži restart kako bi se završio proces čišćenja, obavezno ga dozvoliti. Napomena: ako dođe do restarta na kraju procesa čišćenja, logfile će biti dostupan na Logs kartici (obeleži ga i klikni Open). ----------------------------------------------------- Preuzmite program GMER sa donjeg linka na Desktop: GMER download Kliknite dati link; Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save. Dvoklikom pokrenite GMER. Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No; kliknite Scan i sačekajte da skeniranje bude završeno; kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom ARK); kliknite taster >>> i odaberite Autostart karticu; po završetku kratkotrajnog skeniranja, kliknite Copy; otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom autostart); Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Malver zbog kog otkazuje Google Chrome

Ko je trenutno na forumu

Ukupno su 831 korisnika na forumu :: 25 registrovanih, 6 sakrivenih i 800 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: amaterSRB, Andrija357, antonije64, bankulen, cifra, comi_pfc, Excalibur13, galerija, Ivica1102, JimmyNapoli, Krusarac, Krvava Devetka, ladro, mercedesamg, mik7, panzerwaffe, raptorsi, Recce, RJ, royst33, Stanlio, Stoilkovic, Trpe Grozni, Vlada78, zlaya011

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by