Problem pri instaliranju sp3

Problem pri instaliranju sp3

offline
  • Mirra  Female
  • Novi MyCity građanin
  • Pridružio: 24 Jan 2013
  • Poruke: 14

Pri pokusaju da instaliram sp3 javila mi se sledeca greska:



Nisam pokusala da resim problem, jer ne znam kako, pa se obracam vama.
Koristim ADSL internet protok 1.5G.
Pokusavam da instaliram sp3 da bih isnstalirala drajvere za usb, posto nakod reinstalacije to nije uradjeno. Trenutno imam sp2 koji.

DDS:

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 6.0.2900.2180
Run by Milos at 13:48:16 on 2013-01-28
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.447.144 [GMT 1:00]
.
AV: ESET Smart Security 5.2 *Disabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Ask.com\Updater\Updater.exe
C:\PROGRA~1\IMESHA~1\Mediabar\Datamngr\DATAMN~1.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Documents and Settings\All Users.WINDOWS\Application Data\IBUpdaterService\ibsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\Milos\Local Settings\Application Data\Opera\Opera\temporary_downloads\WindowsXP-KB936929-SP3-x86-ENU.exe
e:\5860516e5ac9b2419d\i386\update\update.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.bearshare.com/
uSearch Bar = hxxp://dts.search-results.com/sidebar.html?src=ssb&gct=ds&appid=20&systemid=2
uSearch Page = ${URL_SEARCHPAGE}
mSearch Page = ${URL_SEARCHPAGE}
uSearchAssistant = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=20&systemid=2&apn_dtid=IME002&apn_ptnrs=AG2&o=APN10641&apn_uid=5276148281224316&q={searchTerms}
mSearchAssistant = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=286&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=7685078909144430&q={searchTerms}
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: {E634228A-03CF-4BC8-B0AB-668257F1FD8C} - <orphaned>
uURLSearchHooks: ST-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\prxtbSof0.dll
uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll
uURLSearchHooks: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - <orphaned>
BHO: Complitly: {0FB6A909-6086-458F-BD92-1F8EE10042A0} - c:\documents and settings\milos\application data\complitly\Complitly.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: ShoppingReport2: {258C9770-1713-4021-8D7E-1F184A2BD754} -
BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} -
BHO: ST-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\prxtbSof0.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll
BHO: Incredibar.com Helper Object: {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - c:\program files\incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
BHO: Window Shopper: {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll
BHO: Smiley Bar for Facebook: {944FEDFD-C4FD-441D-8275-9C651A9FFBDE} - c:\program files\smiley bar for facebook\ScriptHost.dll
BHO: GamePlayLabsBHO Class: {984A9162-8891-4D19-8CFE-17648BB4E1EC} - c:\documents and settings\milos\local settings\application data\gameplaylabs plugin\BHO.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} -
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: DataMngr: {BE7A24F5-69CB-4708-B77B-B1EDA6043B95} - c:\program files\imesh applications\mediabar\datamngr\BrowserConnection.dll
BHO: Search-Results Toolbar: {bff6b2ca-366c-4a90-b685-d87776deb0d2} - c:\program files\imesh applications\mediabar\datamngr\srtool~1\searchresultsDx.dll
BHO: Wincore Mediabar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} -
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: wxDownload: {E25D0529-C783-805F-03FA-70486F4D16DA} - c:\documents and settings\all users.windows\application data\wxdownload\51007036acc45.dll
TB: ST-Eng7 Toolbar: {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - c:\program files\softonic-eng7\prxtbSof0.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: ST-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\prxtbSof0.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Incredibar Toolbar: {F9639E4A-801B-4843-AEE3-03D9DA199E77} - c:\program files\incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
TB: Wincore Mediabar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} -
TB: Search-Results Toolbar: {bff6b2ca-366c-4a90-b685-d87776deb0d2} - c:\program files\imesh applications\mediabar\datamngr\srtool~1\searchresultsDx.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} -
EB: ShopperReports: {BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} -
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [DriverFinder] c:\program files\driverfinder\DriverFinder.exe
uRun: [limewire plus+] "c:\program files\limewire plus+\limewire.exe" -h
uRun: [Registry Reviver] c:\program files\reviversoft\registry reviver\RegistryReviver.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [PDFPrint] c:\program files\pdf24\pdf24.exe
mRun: [DATAMNGR] c:\progra~1\imesha~1\mediabar\datamngr\DATAMN~1.EXE
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll
IE: {DB38E21A-0133-419d-92AD-ECDFD5244D6D} - {3E2DFD6A-4E20-4d4c-AA8B-E1F9DBEF3C80} -
IE: {EB620C54-E229-4942-87CE-E717109FC8C6} - {714E0876-FCEE-49ce-A429-B9AD8AEFCB56} -
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1358956775937
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{907AB799-8CC3-4F5C-A536-A081B2A86491} : DHCPNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: AtiExtEvent - <no file>
AppInit_DLLs= c:\docume~1\alluse~1.win\applic~1\browse~1\23796~1.11\{16cdf~1\browse~1.dll c:\progra~1\wxdown~1\sprote~1.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.56\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2012-3-14 120152]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2012-3-14 104160]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2013-1-27 20712]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2012-7-26 794560]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2012-3-7 913144]
R2 IBUpdaterService;Updater Service;c:\documents and settings\all users.windows\application data\ibupdaterservice\ibsvc.exe [2013-1-23 636192]
S2 Browser Manager;Browser Manager;c:\documents and settings\all users.windows\application data\browser manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe --> c:\documents and settings\all users.windows\application data\browser manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [?]
S2 gupdate1cacf78a426248e;Google Update Service (gupdate1cacf78a426248e);c:\program files\google\update\GoogleUpdate.exe [2010-3-29 133104]
S2 ScanQuery Service;ScanQuery Service;"c:\documents and settings\all users.windows\application data\scanquery\scanquery157.exe" "c:\program files\scanquery\scanquery.dll" pebuvosa dotojupe --> c:\documents and settings\all users.windows\application data\scanquery\scanquery157.exe [?]
S3 esihdrv;esihdrv;\??\c:\docume~1\milos\locals~1\temp\esihdrv.sys --> c:\docume~1\milos\locals~1\temp\esihdrv.sys [?]
S3 FXDrv32;FXDrv32;\??\f:\fxdrv32.sys --> f:\FXDrv32.sys [?]
.
=============== Created Last 30 ================
.
2013-01-27 22:59:39 -------- d-----w- c:\windows\NV2763520.TMP
2013-01-27 13:41:06 -------- d-----w- c:\windows\system32\CatRoot_bak
2013-01-27 12:20:39 20712 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2013-01-27 12:19:58 -------- d-----w- c:\program files\HWiNFO32
2013-01-23 22:57:27 -------- d-----w- c:\documents and settings\all users.windows\application data\CLSoft LTD
2013-01-23 22:57:25 -------- d-----w- c:\program files\wxDownload Fast
2013-01-23 22:56:57 -------- d-----w- c:\program files\WxDownload
2013-01-23 22:56:40 -------- d-----w- c:\documents and settings\all users.windows\application data\wxDownload
2013-01-23 22:55:41 -------- d-----w- C:\TEMP
2013-01-23 22:50:09 -------- d-----w- C:\CFUSB_Signed_Drivers_XP
2013-01-23 17:36:22 -------- d-----w- c:\documents and settings\milos\application data\StatusWinks
2013-01-23 16:04:48 -------- d-----w- c:\documents and settings\milos\application data\PerformerSoft
2013-01-23 16:04:14 -------- d-----w- c:\program files\Smiley Bar for Facebook
2013-01-23 16:04:05 -------- d-----w- c:\program files\Haali
2013-01-23 16:03:57 79360 ----a-w- c:\windows\system32\ff_vfw.dll
2013-01-23 16:03:24 -------- d-----w- c:\documents and settings\all users.windows\application data\IBUpdaterService
2013-01-20 14:03:31 -------- d-----w- c:\documents and settings\all users.windows\application data\1F271
2013-01-20 14:03:11 -------- d-----w- c:\documents and settings\all users.windows\application data\Wincert
2013-01-20 13:57:47 -------- d-----w- c:\documents and settings\all users.windows\application data\BearShare
2013-01-20 13:54:49 -------- dc----w- c:\documents and settings\all users.windows\application data\{1404D05A-7021-4140-B3F7-EFE7CE759178}
.
==================== Find3M ====================
.
2013-01-09 18:12:51 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-09 18:12:50 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-19 14:53:32 18096 ----a-w- c:\windows\system32\roboot.exe
.
============= FINISH: 13:48:57,26 ===============



mycity.rs/must-login.png

Gmer izvestaji:




mycity.rs/must-login.png



mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Pozdrav, Mirra



Korak 1.

Pokreni Control Panel --> Add or Remove Programs i deinstaliraj sledece:
- 1ClickDownloader
- 50 FREE MP3s +1 Free Audiobook!
- Ask Toolbar
- Ask Toolbar Updater
- Babylon toolbar
- BabylonObjectInstaller
- iLivid
- Incredibar Toolbar on IE
- ScanQuery 1.0 build 157 powered by FIRST SEARCHBAR
- Search-Results Toolbar
- Searchqu Toolbar
- ShopperReports
- Smiley Bar for Facebook
- Softonic-Eng7 Toolbar
- uTorrentControl2 Toolbar
- Window Shopper

Kada obrises sve, restartuj racunar.



Korak 2.

Preuzmi "Xplode"-ov AdwCleaner i sacuvaj ga na Desktop
Dvoklikom pokreni program i klikni na dugme [Search] .
Kada program zavrsi analizu otvorice notepad sa izvestajem. Zatvori taj notepad.

Klikni na dugme [Delete] i pricekaj da program zavrsi.
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok

Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt



Korak 3.

Ponovo pokreni DDS i dostavi mi novi DDS.txt izvestaj.

offline
  • Mirra  Female
  • Novi MyCity građanin
  • Pridružio: 24 Jan 2013
  • Poruke: 14

Podrav TwinHeadedEagle,
Ne mogu da deinstaliram jedino uTorrentControl2 Toolbar. Kada kliknem na Change\remove ne reaguje.

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Ok, nastavi sa ostalim koracima...

offline
  • Mirra  Female
  • Novi MyCity građanin
  • Pridružio: 24 Jan 2013
  • Poruke: 14

Ipak sam uspela da deinstaliram...
Izvestaji:


mycity.rs/must-login.png



DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 6.0.2900.2180
Run by Milos at 15:45:39 on 2013-01-28
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.447.112 [GMT 1:00]
.
AV: ESET Smart Security 5.2 *Disabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.bearshare.com/
uSearch Bar = hxxp://www.google.com
uSearch Page = ${URL_SEARCHPAGE}
mSearch Page = ${URL_SEARCHPAGE}
uSearchAssistant = hxxp://www.google.com
mSearchAssistant = hxxp://www.google.com
uURLSearchHooks: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: GamePlayLabsBHO Class: {984A9162-8891-4D19-8CFE-17648BB4E1EC} - c:\documents and settings\milos\local settings\application data\gameplaylabs plugin\BHO.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: wxDownload: {E25D0529-C783-805F-03FA-70486F4D16DA} - c:\documents and settings\all users.windows\application data\wxdownload\51007036acc45.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [DriverFinder] c:\program files\driverfinder\DriverFinder.exe
uRun: [limewire plus+] "c:\program files\limewire plus+\limewire.exe" -h
uRun: [Registry Reviver] c:\program files\reviversoft\registry reviver\RegistryReviver.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [PDFPrint] c:\program files\pdf24\pdf24.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1358956775937
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{907AB799-8CC3-4F5C-A536-A081B2A86491} : DHCPNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: AtiExtEvent - <no file>
AppInit_DLLs= c:\progra~1\wxdown~1\sprote~1.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.56\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2012-3-14 120152]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2012-3-14 104160]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2013-1-27 20712]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2012-3-7 913144]
S2 gupdate1cacf78a426248e;Google Update Service (gupdate1cacf78a426248e);c:\program files\google\update\GoogleUpdate.exe [2010-3-29 133104]
S3 esihdrv;esihdrv;\??\c:\docume~1\milos\locals~1\temp\esihdrv.sys --> c:\docume~1\milos\locals~1\temp\esihdrv.sys [?]
S3 FXDrv32;FXDrv32;\??\f:\fxdrv32.sys --> f:\FXDrv32.sys [?]
.
=============== Created Last 30 ================
.
2013-01-27 22:59:39 -------- d-----w- c:\windows\NV2763520.TMP
2013-01-27 13:41:06 -------- d-----w- c:\windows\system32\CatRoot_bak
2013-01-27 12:20:39 20712 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2013-01-27 12:19:58 -------- d-----w- c:\program files\HWiNFO32
2013-01-23 22:57:27 -------- d-----w- c:\documents and settings\all users.windows\application data\CLSoft LTD
2013-01-23 22:57:25 -------- d-----w- c:\program files\wxDownload Fast
2013-01-23 22:56:57 -------- d-----w- c:\program files\WxDownload
2013-01-23 22:56:40 -------- d-----w- c:\documents and settings\all users.windows\application data\wxDownload
2013-01-23 22:55:41 -------- d-----w- C:\TEMP
2013-01-23 22:50:09 -------- d-----w- C:\CFUSB_Signed_Drivers_XP
2013-01-23 17:36:22 -------- d-----w- c:\documents and settings\milos\application data\StatusWinks
2013-01-23 16:04:05 -------- d-----w- c:\program files\Haali
2013-01-23 16:03:57 79360 ----a-w- c:\windows\system32\ff_vfw.dll
2013-01-20 14:03:31 -------- d-----w- c:\documents and settings\all users.windows\application data\1F271
2013-01-20 14:03:11 -------- d-----w- c:\documents and settings\all users.windows\application data\Wincert
2013-01-20 13:57:47 -------- d-----w- c:\documents and settings\all users.windows\application data\BearShare
2013-01-20 13:54:49 -------- dc----w- c:\documents and settings\all users.windows\application data\{1404D05A-7021-4140-B3F7-EFE7CE759178}
.
==================== Find3M ====================
.
2013-01-09 18:12:51 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-09 18:12:50 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-19 14:53:32 18096 ----a-w- c:\windows\system32\roboot.exe
.
============= FINISH: 15:46:04,42 ===============




mycity.rs/must-login.png

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Arrow Da li si sada probala da instaliras SP3?




Arrow Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop.
Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje.
Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Dozvoli mu.

offline
  • Mirra  Female
  • Novi MyCity građanin
  • Pridružio: 24 Jan 2013
  • Poruke: 14

Napisano: 29 Jan 2013 1:51

Instalacija je uspela.
Hvala na pomoci!

Dopuna: 29 Jan 2013 2:16

Instalacija je uspela.
Hvala puno na pomoci!

offline
  • Research Engineer @MalwareBytes
  • Pridružio: 09 Avg 2011
  • Poruke: 15877
  • Gde živiš: Beograd

Arrow Ok, to bi bilo to. Potrebno je da ispratis sledece korake...



Arrow Ponovo pokreni AdwCleaner
Klikni na dugme [Uninstall] i pricekaj da se postupak uninstallacije završi.
TFC mozes rucno obrisati ili ga ostaviti za buducu upotrebu i ciscenje Temporary fajlova




Arrow Preporučujem da za zaštitu USB memorijskih uredjaja koristiš MCShield v2. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad, a pokazao se kao jedan od najboljih vidova zaštite od malware-a koji se prenosi putem USB mem. uređaja. Skineš, instaliraš, ubodeš USB mem. uređaj, izvrši se skeniranje nakon čega dobiješ obaveštenje da je uređaj čist (ukoliko je stvarno tako); ili dobiješ log u kome vidiš informacije o malware-u koji je nađen i obrisan.


Home Page MCShield-a ::Anti-Malware Tool:: v2: http://amf.mycity.rs/mcshield/

Više o MCShield-u možeš saznati u ovim temama:
v1: http://www.mycity.rs/MyCity-Laboratorija/MCShield.html
v2: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html




Arrow Obavezno poseti temu "Testirajte da li vam je pretraživač ranjiv", pročitaj i isprati link koji stoji u njoj.
Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html



Arrow Takode, isprati i temu "Kako izbeci i ukloniti toolbar-ove" , procitaj i isprati korake u njoj, kako bi ubuduce izbegla ovakav problem. Link do teme je: http://www.mycity.rs/Zastita/Kako-izbeci-i-ukloniti-toolbar-ove.html



TwinHeadedEagle (AMF Tim)

Ko je trenutno na forumu
 

Ukupno su 1036 korisnika na forumu :: 47 registrovanih, 8 sakrivenih i 981 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., AF-1, airsuba, amaterSRB, bojank, bojcistv, Boris BM, Chainsaw, CikaKURE, comi_pfc, Dimitrise93, DonRumataEstorski, draganl, HogarStrashni, hooraay, HrcAk47, ILGromovnik, Ilija Cvorovic, JOntra, Karla, Krvava Devetka, Kvazar, kybonacci, ladro, Lieutenant, Luka Blažević, milenko crazy north, Milometer, milos.cbr, mocnijogurt, nemkea71, nick79, novator, nuke92, Parker, pein, procesor, sasa87, Shinobi, Sirius, sovanova95, Srle993, stegonosa, vathra, VP6919, vukovi, |_MeD_|