MyCity » Ambulanta -> Arhiva Ambulante » Problema ima više

Problema ima više

Napisano na dan: 19.10.2011

Strana:
1
2

Problema ima više

Sledeća strana

Pagination

Odgovori

Strana:
1
2

anamarija14 Poslao: 19 Okt 2011 20:14 Idi na vrh
offline anamarija14 Građanin Pridružio: 22 Jul 2011 Poruke: 169	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Pre nekolko dana instalirala sam nešta i tada su nastali prodlemi. 1. POKAZUJE da je opterećen kada radis neke stvari koje nisu komplikovane. samo počne da radi nesta a ne prikazuje šta. 2. Nemoze da ode na hibernaciju. a pre te instalacije mogao je bez problema 3.Zaledi se slika često nap kada sam na netu. . DDS (Ver_11-05-19.01) - NTFSx86 Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_27 Run by Vladan at 17:26:35 on 2011-10-19 Microsoft Windows XP Professional 5.1.2600.3.1250.381.1033.18.1023.389 [GMT 2:00] . AV: avast! Antivirus Enabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\D-Link\Bluetooth Software\bin\btwdins.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Vladan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Vladan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Vladan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Vladan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Vladan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Vladan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Vladan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Vladan\My Documents\Downloads\dds.scr C:\WINDOWS\system32\WSCRIPT.exe . ============== Pseudo HJT Report =============== . uStart Page = [Link mogu videti samo ulogovani korisnici] uSearch Bar = [Link mogu videti samo ulogovani korisnici] uSearchAssistant = [Link mogu videti samo ulogovani korisnici]{searchTerms} mSearchAssistant = [Link mogu videti samo ulogovani korisnici]{searchTerms} BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\datamngr\toolbar\searchqudtx.dll BHO: SearchCore for Browsers: {9d717f81-9148-4f12-8568-69135f087db0} - c:\progra~1\search~1\search~1\BROWSE~1.DLL BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi371a~1\datamngr\toolbar\searchqudtx.dll uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE uPolicies-explorer: New Value #1 = 0 (0x0) mPolicies-system: EnableSecureUIAPaths = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: Send to &Bluetooth Device... - c:\program files\d-link\bluetooth software\btsendto_ie_ctx.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\d-link\bluetooth software\btsendto_ie.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL LSP: mswsock.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [Link mogu videti samo ulogovani korisnici] Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll AppInit_DLLs: c:\progra~1\search~1\search~1\datamngr.dll c:\progra~1\search~1\search~1\IEBHO.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\vladan\application data\mozilla\firefox\profiles\oc38iv22.default\ FF - prefs.js: browser.search.selectedEngine - iLivid Web Search FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici] FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici] FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\documents and settings\vladan\application data\mozilla\firefox\profiles\oc38iv22.default\extensions\{7d2fb79e-e58c-4db5-a36f-ac1c73967f4d}\plugins\npqbc.dll FF - plugin: c:\documents and settings\vladan\local settings\application data\google\update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll . ============= SERVICES / DRIVERS =============== . R0 fasttrak;fasttrak;c:\windows\system32\drivers\Fasttrak.sys [2011-6-1 73088] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-6-1 442200] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-6-1 320856] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-6-1 20568] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-7-21 44768] S4 0113731313089885mcinstcleanup;McAfee Application Installer Cleanup (0113731313089885);c:\docume~1\vladan\locals~1\temp\011373~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service --> c:\docume~1\vladan\locals~1\temp\011373~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?] . =============== Created Last 30 ================ . 2011-10-19 00:44:40 100864 ----a-w- C:\kwqiafoc.sys 2011-10-13 20:36:19 -------- d-----w- c:\documents and settings\vladan\local settings\application data\Facebook 2011-10-09 22:54:54 -------- d-----w- c:\documents and settings\vladan\application data\searchqutoolbar 2011-10-09 20:48:21 -------- d-----w- c:\documents and settings\vladan\local settings\application data\Ilivid Player 2011-10-09 20:46:18 -------- d-----w- c:\program files\Windows iLivid Toolbar 2011-10-09 20:46:15 -------- d-----w- c:\program files\SearchCore for Browsers 2011-10-08 23:05:07 -------- d-----w- c:\documents and settings\vladan\application data\BSplayer 2011-10-08 22:53:41 -------- d-----w- c:\documents and settings\vladan\application data\BSplayer Pro 2011-10-08 22:53:39 -------- d-----w- c:\program files\Webteh 2011-10-07 18:16:50 -------- d-----w- c:\program files\Defraggler 2011-10-04 13:18:33 -------- d-----w- c:\documents and settings\all users\application data\KONAMI 2011-10-04 12:35:28 -------- d-----w- c:\program files\KONAMI 2011-10-03 20:29:11 785368 ----a-w- c:\program files\mozilla firefox\sqlite3.dll 2011-10-03 20:28:32 -------- d-----w- c:\documents and settings\all users\application data\Premium 2011-10-03 20:28:30 -------- d-----w- c:\documents and settings\all users\application data\InstallMate 2011-10-02 20:03:06 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-10-02 17:35:57 -------- d-----w- c:\documents and settings\vladan\application data\Qualys . ==================== Find3M ==================== . 2011-10-02 20:31:26 404640 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-02 20:02:48 472808 -c--a-w- c:\windows\system32\deployJava1.dll 2011-09-06 20:45:29 41184 ----a-w- c:\windows\avastSS.scr 2011-09-06 20:38:05 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-08-31 15:00:50 22216 -c--a-w- c:\windows\system32\drivers\mbam.sys . ============= FINISH: 17:30:46,64 =============== [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici]

Profil

NIx Car Poslao: 19 Okt 2011 20:57 Idi na vrh
offline NIx Car Legendarni građanin Més que un club Glavni vokal @ Harpun Pridružio: 27 Feb 2009 Poruke: 3898 Gde živiš: Novi Sad,Klisa	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav anamarija14 U toku resavanja slucaja, zamolio bih te da se pridrzavas sledeceg: Detaljno citati moja uputstva ( ili uputstva kolega koji ce me zamenjivati) i raditi iskljucivo po njima; Ne traziti istovremeno pomoc na drugom mestu; Nemoj koristiti druge programe za uklanjanje malware-a, osim onih za koje budes dobio uputstvo; U toku intervencije ne koristiti USB memorijske uredjaje, dok to ne budem zatrazio; Ukoliko ne odgovorim u roku od 48h, osvezi temu novim post-om; Ukoliko se ne javis u roku od 5 dana, zatvoricemo slucaj. Za vise informacija o pravilima Ambulante MyCity foruma: LINK ------------------------------------------------------------------------------------- Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix; u prozoru koji se otvori klikni "I Agree". U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku. NIx Car (AMF Tim)

Profil

anamarija14 Poslao: 22 Okt 2011 01:24 Idi na vrh
offline anamarija14 Građanin Pridružio: 22 Jul 2011 Poruke: 169	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 20 Okt 2011 17:11 [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] ComboFix 11-10-20.05 - Vladan 20.10.2011 16:45:26.4.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.381.1033.18.1023.747 [GMT 2:00] Running from: c:\documents and settings\Vladan\My Documents\Downloads\ComboFix.exe AV: avast! Antivirus Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\$NtUninstallKB59891$ c:\windows\$NtUninstallKB59891$\2605704765 c:\windows\$NtUninstallKB59891$\3773499672\@ c:\windows\$NtUninstallKB59891$\3773499672\bckfg.tmp c:\windows\$NtUninstallKB59891$\3773499672\cfg.ini c:\windows\$NtUninstallKB59891$\3773499672\Desktop.ini c:\windows\$NtUninstallKB59891$\3773499672\kwrd.dll c:\windows\$NtUninstallKB59891$\3773499672\L\mgiuektk c:\windows\$NtUninstallKB59891$\3773499672\U\00000001.@ c:\windows\$NtUninstallKB59891$\3773499672\U\00000002.@ c:\windows\$NtUninstallKB59891$\3773499672\U\80000000.@ c:\windows\$NtUninstallKB59891$\3773499672\U\80000032.@ c:\windows\geoiplist c:\windows\geoiplist.rar . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_SRVBTCCLIENT . . ((((((((((((((((((((((((( Files Created from 2011-09-20 to 2011-10-20 ))))))))))))))))))))))))))))))) . . 2011-10-20 12:40 . 2011-10-20 12:40 -------- d-----w- c:\documents and settings\Vladan\Application Data\searchqutoolbar 2011-10-19 00:44 . 2011-10-19 00:44 100864 ----a-w- C:\kwqiafoc.sys 2011-10-13 20:36 . 2011-10-13 20:36 -------- d-----w- c:\documents and settings\Vladan\Local Settings\Application Data\Facebook 2011-10-09 20:48 . 2011-10-09 20:48 -------- d-----w- c:\documents and settings\Vladan\Local Settings\Application Data\Ilivid Player 2011-10-09 20:46 . 2011-10-09 20:46 -------- d-----w- c:\program files\Windows iLivid Toolbar 2011-10-09 20:46 . 2011-10-20 12:40 -------- d-----w- c:\program files\SearchCore for Browsers 2011-10-08 23:05 . 2011-10-08 23:10 -------- d-----w- c:\documents and settings\Vladan\Application Data\BSplayer 2011-10-08 22:53 . 2011-10-08 22:53 -------- d-----w- c:\documents and settings\Vladan\Application Data\BSplayer Pro 2011-10-08 22:53 . 2011-10-08 22:53 -------- d-----w- c:\program files\Webteh 2011-10-07 18:16 . 2011-10-07 18:16 -------- d-----w- c:\program files\Defraggler 2011-10-05 19:48 . 2011-10-05 19:49 -------- d-----w- c:\documents and settings\Vladan\Application Data\vlc 2011-10-04 13:18 . 2011-10-04 13:18 -------- d-----w- c:\documents and settings\All Users\Application Data\KONAMI 2011-10-04 12:35 . 2011-10-04 12:35 -------- d-----w- c:\program files\KONAMI 2011-10-04 10:58 . 2011-10-15 18:07 -------- d-----w- c:\documents and settings\Vladan\Application Data\Media Player Classic 2011-10-03 20:29 . 2011-09-11 09:25 785368 ----a-w- c:\program files\Mozilla Firefox\sqlite3.dll 2011-10-03 20:28 . 2011-10-03 20:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Premium 2011-10-03 20:28 . 2011-10-14 22:25 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallMate 2011-10-02 20:03 . 2011-10-02 20:03 -------- d-----w- c:\program files\Common Files\Java 2011-10-02 20:03 . 2011-10-02 20:02 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-10-02 20:02 . 2011-10-02 20:02 -------- d-----w- c:\program files\Java 2011-10-02 17:35 . 2011-10-02 17:35 -------- d-----w- c:\documents and settings\Vladan\Application Data\Qualys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-02 20:31 . 2011-07-29 10:55 404640 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-02 20:02 . 2011-06-15 20:28 472808 -c--a-w- c:\windows\system32\deployJava1.dll 2011-09-06 20:45 . 2011-06-01 15:13 41184 ----a-w- c:\windows\avastSS.scr 2011-09-06 20:45 . 2011-06-01 14:52 199304 ----a-w- c:\windows\system32\aswBoot.exe 2011-09-06 20:38 . 2011-06-01 15:13 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-09-06 20:37 . 2011-06-01 14:53 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-09-06 20:36 . 2011-06-01 14:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-09-06 20:36 . 2011-06-01 14:52 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-09-06 20:36 . 2011-06-01 14:52 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2011-09-06 20:36 . 2011-06-01 14:52 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys 2011-09-06 20:36 . 2011-06-01 14:53 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-09-06 20:33 . 2011-06-01 14:52 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-08-31 15:00 . 2011-06-01 16:15 22216 -c--a-w- c:\windows\system32\drivers\mbam.sys 2011-09-11 09:25 . 2011-08-31 12:50 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableSecureUIAPaths"= 0 (0x0) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "New Value #1"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 00:12 1695232 -c----w- c:\program files\Messenger\msmsgs.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000001 "DisableThumbnailCache"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . R0 fasttrak;fasttrak;c:\windows\system32\drivers\Fasttrak.sys [1.6.2011 16:34 73088] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [1.6.2011 17:13 442200] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.6.2011 16:53 320856] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.6.2011 16:53 20568] S4 0113731313089885mcinstcleanup;McAfee Application Installer Cleanup (0113731313089885);c:\docume~1\Vladan\LOCALS~1\Temp\011373~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> c:\docume~1\Vladan\LOCALS~1\Temp\011373~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?] S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?] . Contents of the 'Scheduled Tasks' folder . 2011-10-15 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1614895754-152049171-725345543-1003Core1cc8b40f5ce2f40.job - c:\documents and settings\Vladan\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2011-10-13 13:47] . . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] uSearchAssistant = [Link mogu videti samo ulogovani korisnici]{searchTerms} IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Send to &Bluetooth Device... - c:\program files\D-Link\Bluetooth Software\btsendto_ie_ctx.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\Vladan\Application Data\Mozilla\Firefox\Profiles\oc38iv22.default\ FF - prefs.js: browser.search.selectedEngine - iLivid Web Search FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici] FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici] FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . Toolbar-10 - (no file) . . . ************************************************************************ . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2011-10-20 16:57 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . . C:\## aswSnx private storage . scan completed successfully hidden files: 1 . ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(628-) c:\windows\system32\Ati2evxx.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files\D-Link\Bluetooth Software\bin\btwdins.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\wdfmgr.exe c:\windows\system32\wscntfy.exe c:\progra~1\SEARCH~1\SEARCH~1\DATAMN~1.EXE . ************************************************************************ . Completion time: 2011-10-20 17:03:36 - machine was rebooted ComboFix-quarantined-files.txt 2011-10-20 15:03 ComboFix2.txt 2011-07-23 17:22 . Pre-Run: 58.692.091.904 bytes free Post-Run: 58.665.308.160 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=AlwaysOff /fastdetect . - - End Of File - - 9BA2459F1F454368B8D79AE41A40C269 Dopuna: 21 Okt 2011 14:40 .............................................................................................................................................................. Dopuna: 22 Okt 2011 1:24 .............----------------------------------------...........................

Profil

1l padr1n0 Poslao: 22 Okt 2011 05:34 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav anamarija14! Izvinjavam se sto kasnimo sa odgovorom. Prati redom korake ... Korak 1 Start -> Control Panel -> Add or Remove programs -> deinstaliraj SearchCore for Browsers Korak 2 Start -> Control Panel -> Windows Firewall -> On Korak 3 Otvoriti Notepad i iskopirati sledeci tekst: Folder:: c:\documents and settings\Vladan\Application Data\searchqutoolbar File:: C:\kwqiafoc.sys Registry:: [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "New Value #1"=- DDS:: uStart Page = hxxp://www.searchqu.com/406 uSearchAssistant = hxxp://www.searchqu.com/web?src=ieb&appid=113&systemid=406&sr=0&q={searchTerms} Firefox:: FF - ProfilePath - c:\documents and settings\Vladan\Application Data\Mozilla\Firefox\Profiles\oc38iv22.default\ FF - prefs.js: browser.search.selectedEngine - iLivid Web Search FF - prefs.js: browser.startup.homepage - hxxp://www.searchqu.com/406 FF - prefs.js: keyword.URL - hxxp://www.searchqu.com/web?src=ffb&appid=113&systemid=406&sr=0&q= Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja. Korak 4 Preuzmi instalaciju za program Malwarebytes Anti-Malware sa sledećeg linka: [Link mogu videti samo ulogovani korisnici] Dvoklikom pokreni instalaciju - na samom kraju procesa, proveri da su obeležene opcije: Update Malwarebytes' Anti-Malware; Launch Malwarebytes Anti-Malware; a zatim klikni Finish. Nakon završenog ažuriranja program će se pokrenuti. Izaberi opciju Perform Quick Scan i klikni Scan. Po završetku procesa klikni OK, Show Results: u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected. Po završetku procesa, logfile će se otvoriti u Notepad-u; iskopiraj ga u temu na forumu. Ukoliko program zatraži restart kako bi se završio proces čišćenja, obavezno ga dozvoliti. Napomena: ako dođe do restarta na kraju procesa čišćenja, logfile će biti dostupan na Logs kartici (obeleži ga i klikni Open). goran9888 (AMF Tim)

Profil

anamarija14 Poslao: 22 Okt 2011 15:36 Idi na vrh
offline anamarija14 Građanin Pridružio: 22 Jul 2011 Poruke: 169	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Ma nista goran9888 nema problema. ComboFix 11-10-21.06 - Vladan 22.10.2011 15:01:03.5.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1250.381.1033.18.1023.560 [GMT 2:00] Running from: c:\documents and settings\Vladan\My Documents\Downloads\ComboFix.exe Command switches used :: c:\documents and settings\Vladan\Desktop\CFScript.txt AV: avast! Antivirus Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} . FILE :: "C:\kwqiafoc.sys" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Vladan\Application Data\searchqutoolbar c:\documents and settings\Vladan\Application Data\searchqutoolbar\dtx.ini c:\documents and settings\Vladan\Application Data\searchqutoolbar\geoip.xml c:\documents and settings\Vladan\Application Data\searchqutoolbar\guid.dat c:\documents and settings\Vladan\Application Data\searchqutoolbar\setupCfg.xml C:\kwqiafoc.sys c:\windows\help\tours\htmltour\unlock_playing.htm . . ((((((((((((((((((((((((( Files Created from 2011-09-22 to 2011-10-22 ))))))))))))))))))))))))))))))) . . 2011-10-21 15:52 . 2011-10-21 15:52 19416 ----a-w- c:\program files\Mozilla Firefox\AccessibleMarshal.dll 2011-10-21 15:52 . 2011-10-21 15:52 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2011-10-21 15:52 . 2011-10-21 15:52 134104 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll 2011-10-21 15:51 . 2011-10-21 15:51 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll 2011-10-21 15:51 . 2011-10-21 15:51 125912 ----a-w- c:\program files\Mozilla Firefox\crashreporter.exe 2011-10-13 20:36 . 2011-10-21 15:22 -------- d-----w- c:\documents and settings\Vladan\Local Settings\Application Data\Facebook 2011-10-09 20:48 . 2011-10-09 20:48 -------- d-----w- c:\documents and settings\Vladan\Local Settings\Application Data\Ilivid Player 2011-10-09 20:46 . 2011-10-09 20:46 -------- d-----w- c:\program files\Windows iLivid Toolbar 2011-10-08 23:05 . 2011-10-08 23:10 -------- d-----w- c:\documents and settings\Vladan\Application Data\BSplayer 2011-10-08 22:53 . 2011-10-08 22:53 -------- d-----w- c:\documents and settings\Vladan\Application Data\BSplayer Pro 2011-10-08 22:53 . 2011-10-08 22:53 -------- d-----w- c:\program files\Webteh 2011-10-07 18:16 . 2011-10-07 18:16 -------- d-----w- c:\program files\Defraggler 2011-10-05 19:48 . 2011-10-05 19:49 -------- d-----w- c:\documents and settings\Vladan\Application Data\vlc 2011-10-04 13:18 . 2011-10-04 13:18 -------- d-----w- c:\documents and settings\All Users\Application Data\KONAMI 2011-10-04 12:35 . 2011-10-04 12:35 -------- d-----w- c:\program files\KONAMI 2011-10-04 10:58 . 2011-10-15 18:07 -------- d-----w- c:\documents and settings\Vladan\Application Data\Media Player Classic 2011-10-03 20:28 . 2011-10-03 20:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Premium 2011-10-03 20:28 . 2011-10-14 22:25 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallMate 2011-10-02 20:03 . 2011-10-02 20:03 -------- d-----w- c:\program files\Common Files\Java 2011-10-02 20:03 . 2011-10-02 20:02 73728 ----a-w- c:\windows\system32\javacpl.cpl 2011-10-02 20:02 . 2011-10-02 20:02 -------- d-----w- c:\program files\Java 2011-10-02 17:35 . 2011-10-02 17:35 -------- d-----w- c:\documents and settings\Vladan\Application Data\Qualys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-02 20:31 . 2011-07-29 10:55 404640 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-10-02 20:02 . 2011-06-15 20:28 472808 -c--a-w- c:\windows\system32\deployJava1.dll 2011-09-06 20:45 . 2011-06-01 15:13 41184 ----a-w- c:\windows\avastSS.scr 2011-09-06 20:45 . 2011-06-01 14:52 199304 ----a-w- c:\windows\system32\aswBoot.exe 2011-09-06 20:38 . 2011-06-01 15:13 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-09-06 20:37 . 2011-06-01 14:53 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-09-06 20:36 . 2011-06-01 14:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-09-06 20:36 . 2011-06-01 14:52 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-09-06 20:36 . 2011-06-01 14:52 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2011-09-06 20:36 . 2011-06-01 14:52 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys 2011-09-06 20:36 . 2011-06-01 14:53 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-09-06 20:33 . 2011-06-01 14:52 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-08-31 15:00 . 2011-06-01 16:15 22216 -c--a-w- c:\windows\system32\drivers\mbam.sys 2011-10-21 15:52 . 2011-10-21 15:52 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( [Link mogu videti samo ulogovani korisnici] ))))))))))))))))))))))))))))))))))))))))) . + 2011-10-22 12:56 . 2011-10-22 12:56 16384 c:\windows\Temp\Perflib_Perfdata_1c4.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableSecureUIAPaths"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 00:12 1695232 -c----w- c:\program files\Messenger\msmsgs.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "FirewallOverride"=dword:00000001 "DisableThumbnailCache"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2012\\pes2012.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . R0 fasttrak;fasttrak;c:\windows\system32\drivers\Fasttrak.sys [1.6.2011 16:34 73088] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [1.6.2011 17:13 442200] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.6.2011 16:53 320856] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.6.2011 16:53 20568] S4 0113731313089885mcinstcleanup;McAfee Application Installer Cleanup (0113731313089885);c:\docume~1\Vladan\LOCALS~1\Temp\011373~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> c:\docume~1\Vladan\LOCALS~1\Temp\011373~1.EXE c:\progra~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?] S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?] . . ------- Supplementary Scan ------- . uSearchAssistant = [Link mogu videti samo ulogovani korisnici]{searchTerms} IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Send to &Bluetooth Device... - c:\program files\D-Link\Bluetooth Software\btsendto_ie_ctx.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\Vladan\Application Data\Mozilla\Firefox\Profiles\oc38iv22.default\ FF - prefs.js: network.proxy.type - 0 . . ************************************************************************ . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2011-10-22 15:09 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(624) c:\windows\system32\Ati2evxx.dll . Completion time: 2011-10-22 15:12:47 ComboFix-quarantined-files.txt 2011-10-22 13:12 ComboFix2.txt 2011-10-20 15:03 ComboFix3.txt 2011-07-23 17:22 . Pre-Run: 56.962.867.200 bytes free Post-Run: 56.946.495.488 bytes free . - - End Of File - - 893E90E25C472F7F88C59B3D050B0264 [Link mogu videti samo ulogovani korisnici]**

Profil

1l padr1n0 Poslao: 22 Okt 2011 16:27 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odradi Korak 4 i postavi mi izvestaj da pogledam. Kakvo je sada stanje sistema? goran9888 (AMF Tim)

Profil

anamarija14 Poslao: 22 Okt 2011 16:53 Idi na vrh
offline anamarija14 Građanin Pridružio: 22 Jul 2011 Poruke: 169	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: [Link mogu videti samo ulogovani korisnici]

Profil

1l padr1n0 Poslao: 22 Okt 2011 17:40 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pitao sam te nesto.

Profil

anamarija14 Poslao: 22 Okt 2011 18:40 Idi na vrh
offline anamarija14 Građanin Pridružio: 22 Jul 2011 Poruke: 169	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! 1 i 3 problem neispoljavaju se više bar do sada nisam primetila. a 2 nisam još probala. sada kada sam pošla da objavim poče da radi nešta ali neznam sta. ali nije dugo

Profil

1l padr1n0 Poslao: 22 Okt 2011 19:22 Idi na vrh
offline 1l padr1n0 Anti Malware Fighter Rank 2 Pridružio: 02 Feb 2008 Poruke: 14018 Gde živiš: Nish	1Ovo se svidja korisniku: ThePhilosopher Registruj se da bi pohvalio/la poruku! Tvoj sistem je cist sto se malware-a tice. Isprati sledeca uputstva i to je to. Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop. Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje. Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Dozvoli mu. Napomena: Kada zavrsis sa ciscenjem temp fajlova,program mozes obrisati ili ga sacuvati za kasniju upotrebu. Preporucujem da za zastitu USB memorijskih uredjaja koristis MCShield. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja. Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan. Home Page MCShield-a: [Link mogu videti samo ulogovani korisnici] Vise o MCShield-u mozes saznati u ovoj temi: [Link mogu videti samo ulogovani korisnici]

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Problema ima više

Ko je trenutno na forumu

Ukupno su 1205 korisnika na forumu :: 84 registrovanih, 8 sakrivenih i 1113 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 13297 - dana 20 Jan 2026 17:42

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., alexbr, amaterSRB, Aristotle2002, ArmFPGA, Aska, Bahuss, bobo85, bokisha253, brandža84, Brankojle, Demi87, Dežurni_Automatičar, dozorni, drimer, DrNeoCortex, Dzoni2412, foksmolder, GH69, Hans Gajger, Hardenberg, hatman, Hemi, Igor Antonic, In_hero, jalos, Jeremiah, JK, jodzula, Kajzer Soze, karjatid, Koridor, kreker, Laluvr, larix, laurusri, lord sir giga, MB120mm, Mcdado, melkior026, mercedesamg, Miki01, mikrimaus, milanpb, milanstankovic087, milenko crazy north, MILO-VAN, mir, MiroslavD, Mirsen, Mićko, nemkea71, nenad81, Niki2024, Nmr, nuke92, Obrenovic, orfanel, Papadubi, Pavk3, peradetlić, Permaldar, Pilence, Povratak1912, Pururin, raketaš, royst33, S.Palestinac, sale76, Shajlok, Singidunumac, SOM, sosko, Srna, sspp, Stoilkovic, taomaster, TTN, Uros Cuore Sportivo, Vlado82, VX1, x011, zeka013, zlaya011

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by