Rucno brisanje "myplaycity.com" browser hijackera

1

Rucno brisanje "myplaycity.com" browser hijackera

offline
  • Pridružio: 02 Feb 2013
  • Poruke: 82
  • Gde živiš: Beograd

Veliki pozdrav za sve nesebicne pomagace u borbi protiv komp."gamadi".
Pazljivo sam procitao sve na Vasem sajtu sto je vezano za moj problem
pokusao sam da ga resim,ali nisam uspeo.
_WXp pro Sp3_32 bita_IE 8_FF 3.6_eset smart security 4.2
kablovski net 4mb i muzejski primerak Intel Celeron 1,7GHz_256MB_RAM
Uz besplatnu igricu,nepaznjom sam instalirao i njihov toolbar u FFoxu.Naravno to sam
deinstalirao (about:config),vratio pocetnu stranu na google,skenirao ceo komp
Esetom,Malwarebytes Anti-malware-om i Spaybot-om.Nijedan nije pronasao malware
(inace sam prilicno pazljiv)."Rucno"sam pregledao registar,Windows,My documents,
_nista nisam pronaso.Pomocu wIn.search-a otkrio sam neki ostatak "myplycity.dll"
i njega obrisao.
Tek sada pocinje smaranje GUZ - Glavom U Zid
Nadogradio sam SP2 na SP3 sa svim sigurnosnim zakrpama,i po defaultu IE6 na IE8,
u kome je sada na moje veliko iznenadjenje default search engine,pogadjate _myplaycity Shocked
U medjuvremenu je dobri strari FF "pobrljavio",koliko se zaljubio u MypCity toolbar
(odbija da se ugasi ,osim iz Task managera, zamisljen je i otvara strane vekovima Crying or Very sad )
Pa cu morati da ga reinstaliram,jer ja bez njega ne mogu,ali se bojim da ni on nece moci
bez myplaycity toolbara.
Stoga vas molim,ukoliko je neko imao slicno iskustvo,da mi pomogne
da ga trajno uklonim sa racunara,ali ako je ikako moguce bez instalacije dodatnih AV programa,
ne samo zbog bezuspesnog skeniranja sa predhodna tri,veci sto necu moci da radim nista
drugo dok neki od alata skenira.(256 RAM-a)
Hvala unapred

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Pozdrav i dobro dosao na forum.

Za pocetak potrebno je da ispratis uputstvo za 32 bit. Windows i dostavis nam potrebne logove da bi mogli da ti pomognemo.

Kako otvoriti temu u Ambulanti

offline
  • Pridružio: 02 Feb 2013
  • Poruke: 82
  • Gde živiš: Beograd

Hvala _ovo je jedan od retkih foruma gde sam odlucio da postujem,
jer smatram da ovde mogu mnogo toga da naucim,a mozda i ja nekom da pomognem,ko zna?
Trenutno FF ovih nekoliko recenica ucitava eonima,pa cu postaviti log fajlove sutra,kada budem prestao da mrzim lisice.
PS_@ argus, samo jos jedno pitanje ,da li bi pomogla reinstalacija FF,odnosno da li ce se ponovo
myplaycity toolbar implantirati,bez uklanjanja nekim od AV alata?
Hvala

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Reinstalacijom Firefoxa ne resavas problem.
Imas dva dijagnosticka alata koja moras pokrenuti, to su DDS i Gmer. Ni jedan ni drugi nemaju nikakve veze sa Antivirus programima.
Dijagnostika nam je potrebna da bi znali koje korake dalje da preduzmemo, ovde nista ne radimo napamet.

Da si sada postavio logove verovatno ne bi proslo puno vremena i resili bismo problem.
Ovako cekamo da nam dostavis logove.

offline
  • Pridružio: 02 Feb 2013
  • Poruke: 82
  • Gde živiš: Beograd

Evo fajlova

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.9.2
Run by OEM at 21:41:13 on 2013-02-09
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.255.8 [GMT 1:00]
.
AV: ESET Smart Security 4.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *Enabled*
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.rs/
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1353710941843
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1354034893546
TCP: NameServer = 109.122.98.116 109.122.98.117
TCP: Interfaces\{5FAF7E19-BAB6-42EC-BC59-20182C8EF921} : DHCPNameServer = 109.122.98.116 109.122.98.117
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\oem\application data\mozilla\firefox\profiles\ghtgj204.default\
FF - prefs.js: Keyword.Enabled - true
FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs/
FF - prefs.js: keyword.URL -
FF - plugin: c:\program files\java\jre7\bin\npjpi170_09.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
============= SERVICES / DRIVERS ===============
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-4-28 114984]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2010-6-24 810144]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2009-10-29 1021256]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S3 cpudrv;cpudrv;\??\c:\program files\systemrequirementslab\cpudrv.sys --> c:\program files\systemrequirementslab\cpudrv.sys [?]
S3 Installer Service;Installer Service;c:\documents and settings\all users\application data\nokiainstallercache\productcache\{d5878294-c113-43c5-a24f-fc333c52015a}\{33ebf075-8593-4698-bdaf-cf8ded80bb5b}\installer\installerservice.exe --> c:\documents and settings\all users\application data\nokiainstallercache\productcache\{d5878294-c113-43c5-a24f-fc333c52015a}\{33ebf075-8593-4698-bdaf-cf8ded80bb5b}\installer\InstallerService.exe [?]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2012-11-22 27064]
.
=============== Created Last 30 ================
.
2013-02-09 12:04:51 -------- d-----w- c:\documents and settings\oem\application data\Malwarebytes
2013-02-09 12:04:18 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2013-02-09 12:04:14 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-09 12:04:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-08 21:27:37 -------- d--h--w- c:\windows\system32\GroupPolicy
2013-02-07 15:33:32 -------- d-----w- c:\documents and settings\oem\local settings\application data\Help
2013-02-02 22:16:00 -------- d-sh--w- c:\documents and settings\oem\PrivacIE
2013-02-02 22:02:48 -------- d-sh--w- c:\documents and settings\oem\IETldCache
2013-02-02 21:39:00 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2013-02-02 21:35:32 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll
2013-02-02 21:33:26 -------- d-----w- c:\windows\ie8updates
2013-02-02 21:31:27 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2013-02-02 21:31:20 630272 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2013-02-02 21:31:20 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2013-02-02 21:31:18 2000384 -c----w- c:\windows\system32\dllcache\iertutil.dll
2013-02-02 21:31:17 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2013-02-02 21:31:13 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2013-02-02 21:31:13 11111424 -c----w- c:\windows\system32\dllcache\ieframe.dll
2013-02-02 21:26:59 -------- dc-h--w- c:\windows\ie8
2013-02-02 19:18:05 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2013-02-02 19:16:24 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2013-02-02 19:14:58 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2013-02-02 19:13:18 290560 -c----w- c:\windows\system32\dllcache\atmfd.dll
2013-02-02 19:13:13 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2013-02-02 19:12:17 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2013-02-02 19:12:12 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2013-02-02 19:12:11 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2013-02-02 19:10:28 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2013-02-02 19:09:59 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2013-02-02 19:09:54 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2013-02-02 19:09:40 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2013-02-02 19:08:33 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2013-02-02 19:07:00 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2013-02-02 19:06:31 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2013-02-02 19:06:29 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2013-02-02 19:06:29 110592 -c----w- c:\windows\system32\dllcache\services.exe
2013-02-02 19:06:28 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2013-02-02 19:06:27 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2013-02-02 19:06:26 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2013-02-02 19:06:23 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll
2013-02-02 19:02:10 536576 -c----w- c:\windows\system32\dllcache\msado15.dll
2013-02-02 18:58:14 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2013-02-02 18:58:07 139784 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2013-02-02 18:55:20 758784 -c--a-w- c:\windows\system32\dllcache\vgx.dll
2013-02-02 18:54:52 718336 -c----w- c:\windows\system32\dllcache\ntdll.dll
2013-02-02 18:54:49 2148864 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2013-02-02 18:54:48 2192896 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2013-02-02 18:54:44 2027520 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2013-02-02 18:54:43 2069632 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2013-02-02 18:54:34 218112 -c----w- c:\windows\system32\dllcache\wordpad.exe
2013-02-02 18:54:09 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2013-02-02 18:54:00 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2013-02-02 18:54:00 3072 ------w- c:\windows\system32\iacenc.dll
2013-02-02 18:49:26 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2013-02-02 18:48:57 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2013-02-02 18:48:56 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2013-02-02 14:22:15 -------- d-----w- c:\windows\system32\PreInstall
2013-02-02 14:22:11 -------- d--h--w- c:\windows\$hf_mig$
2013-02-02 14:16:09 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2013-02-02 14:16:08 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2013-02-02 14:16:07 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2013-02-02 14:16:06 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2013-02-02 14:16:06 -------- d-----w- c:\windows\system32\SoftwareDistribution
2013-02-02 12:33:49 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2013-02-02 12:33:49 1371648 -c----w- c:\windows\system32\dllcache\msxml6.dll
2013-02-02 12:33:43 33792 ------w- c:\program files\messenger\custsat.dll
2013-02-02 12:33:43 -------- d-----w- c:\program files\Messenger
2013-02-02 12:33:29 102912 -c----w- c:\windows\system32\dllcache\dpcdll.dll
2013-02-02 12:33:03 9728 ------w- c:\windows\system32\rwnh.dll
2013-02-02 12:33:03 9728 ------w- c:\windows\system32\comsdupd.exe
2013-02-02 12:33:03 46592 ------w- c:\windows\system32\drivers\irbus.sys
2013-02-02 12:33:03 10752 ------w- c:\windows\system32\smtpapi.dll
2013-02-02 12:26:24 -------- d-----w- c:\windows\ServicePackFiles
2013-02-02 12:25:51 294912 ------w- c:\program files\windows media player\dlimport.exe
2013-02-02 12:25:41 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe
2013-02-02 12:18:44 19569 ----a-w- c:\windows\002864_.tmp
2013-01-29 22:51:18 212992 ----a-w- c:\windows\ALCHUNIN.EXE
2013-01-27 00:01:06 -------- d-----w- c:\documents and settings\oem\application data\ultrastardx
2013-01-26 22:33:09 60416 ----a-w- c:\windows\ALCFDRTM.EXE
2013-01-26 22:32:58 60416 ----a-w- c:\windows\ALCFDRTM.VER
2013-01-26 22:32:51 -------- d-----w- c:\windows\system32\Lang
2013-01-26 17:57:16 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll
2013-01-26 17:57:16 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll
2013-01-26 17:57:16 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll
2013-01-26 17:57:15 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll
2013-01-26 17:57:15 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
2013-01-26 17:57:10 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll
2013-01-26 17:57:09 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll
2013-01-26 17:47:02 -------- d-----w- c:\windows\system32\NtmsData
2013-01-23 21:58:37 -------- d-----w- c:\documents and settings\oem\local settings\application data\ESET
2013-01-23 21:58:37 -------- d-----w- c:\documents and settings\oem\application data\ESET
2013-01-23 21:52:34 -------- d-----w- c:\program files\ESET
2013-01-20 21:23:22 -------- d-----w- c:\documents and settings\oem\application data\Thinstall
2013-01-18 13:56:16 -------- d-----w- c:\documents and settings\all users\application data\InterAction studios
2013-01-18 13:55:01 -------- d-----w- c:\program files\Steveredrum
2013-01-16 09:20:32 -------- d-----w- c:\program files\common files\Gretech Corporation
2013-01-16 09:20:31 -------- d-----w- c:\documents and settings\all users\application data\GRETECH
2013-01-15 19:42:33 -------- d-----w- c:\program files\UltraStar Creator
2013-01-15 12:46:11 -------- d-----w- c:\program files\KaraFun
2013-01-15 12:46:11 -------- d-----w- c:\documents and settings\all users\application data\Recisio
2013-01-13 17:56:07 -------- d-----w- c:\windows\nview
2013-01-13 17:56:06 172032 ----a-w- c:\windows\system32\nvudisp.exe
2013-01-13 17:55:36 -------- d-----w- c:\windows\system32\ReinstallBackups
2013-01-13 17:55:10 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iuser.dll
2013-01-13 17:55:09 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\ctor.dll
2013-01-13 17:55:09 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe
2013-01-13 17:55:09 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iscript.dll
2013-01-13 17:55:08 729088 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iKernel.dll
2013-01-13 17:55:02 188548 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll
2013-01-13 17:55:00 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll
2013-01-13 17:12:46 -------- d-----w- c:\program files\UltraStar Deluxe
.
==================== Find3M ====================
.
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-04 21:10:37 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-04 21:10:37 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-23 21:24:49 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-23 21:24:20 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-11-23 21:24:13 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-11-23 21:24:12 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-16 18:00:00 112640 ----a-w- c:\windows\system32\ff_vfw.dll
2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 21:43:27.98 ===============



mycity.rs/must-login.png


Gmer


mycity.rs/must-login.png

mycity.rs/must-login.png

Gmer3.log nedostaje,jer mi je autorun iskljucen,ako trba da ga ukljucim ponovo pa da skeniram ili
ne?

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Preuzmi "Xplode"-ov AdwCleaner i sacuvaj ga na Desktop
Dvoklikom pokreni program i klikni na dugme [Search] .
Kada program zavrsi analizu otvorice notepad sa izvestajem. Zatvori taj notepad.

Klikni na dugme [Delete] i pricekaj da program zavrsi.
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok

Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt

offline
  • Pridružio: 02 Feb 2013
  • Poruke: 82
  • Gde živiš: Beograd

Izuzetno,sve pohvale za znanje i trud

Iz IE je obrisan,kako da ga nikada nije ni bilo,
a FF je ponovo stao na noge,cak je "nasilno" implantiranu MS OneNote izbacio i vratio
default vrednosti
Argus,molim te samo jos par pitanja
-adwcleaner je "clod scener"?_da li mogu da ga koristim po potrebi ?
-samo u par reci gde se iz DDS logoa vidi nepravilnost?

Jos 1x puno hvala i duzan sam ti...
Veliki pozdrav Very Happy

PS_evo i fajla
mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Napisano: 09 Feb 2013 23:56

AdwCleaner ces ponovo pokrenuti i kliknuti na opciju Uninstall.
Po potrebi mozes da ga koristis, ali uvek preuzmi novu verziju jer se softver redovno azurira.

Uvek prvo deinstaliras toolbare regularno, pa tek onda pokrenes AdwC.




Jos jedan softver mozes koristiti i u buduce, isprati sada uputstvo.


Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop.
Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje.
Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Dozvoli mu.

Napomena: Kada zavrsis sa ciscenjem temp fajlova,program mozes obrisati ili ga sacuvati za kasniju upotrebu.

Dopuna: 10 Feb 2013 0:00

Citat:-samo u par reci gde se iz DDS logoa vidi nepravilnost?

Ne vidi se u DDS logu, ali znao sam da ce AdwC brisati registry unose, ti si vecinu posla obavio.

offline
  • Pridružio: 02 Feb 2013
  • Poruke: 82
  • Gde živiš: Beograd

OK_skinuo sam i TFC
Jos jednom hvala_sve preporuke za znanje,trud i sajt

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

- Preporucujem da za zastitu USB memorijskih uredjaja koristis MCShield v2. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja. Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan.


Home Page MCShield-a ::Anti-Malware Tool:: v2: http://amf.mycity.rs/mcshield/

Vise o MCShield-u mozes saznati u ovim temama:
v1: http://www.mycity.rs/MyCity-Laboratorija/MCShield.html
v2: http://www.mycity.rs/MyCity-Laboratorija/MCShield-v2.html

Ko je trenutno na forumu
 

Ukupno su 513 korisnika na forumu :: 32 registrovanih, 3 sakrivenih i 478 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _commandos_, A.R.Chafee.Jr., amaterSRB, black_arrow, bojanbabic2013, bojankrstc, bojanM84, cezar 35, Cirkon, crnitrn, darkangel, Dorcolac, gagidjuric, Ilija Grubor, Konda, kybonacci, mean_machine, mercedesamg, milimoj, milos.cbr, ostoja, rovac, sakota79, Sale.S, Smiljke, stug, suton, Toni, vlvl, x9, xJeremijAx, zlaya011