MyCity » Ambulanta -> Arhiva Ambulante » facebook virus

facebook virus

Napisano na dan: 12.9.2011

facebook virus
Sledeća strana Pagination

Idi na vrh

Poslao: 12 Sep 2011 10:50
Idi na vrh
offline
  • Pridružio: 24 Feb 2008
  • Poruke: 148
  • Gde živiš: np

komp je zarazen virusom receno mi je da se javim u ambulantu sta sad

Poslao: 12 Sep 2011 10:56
Idi na vrh
offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3897
  • Gde živiš: Novi Sad,Klisa

Pozdrav bato33

U ovom potforumu postoje uputsva za otvaranje teme.Uputsva se nalaze na sledecoj adresi:
http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Zamolio bih te da ih procitas i shodno tome postavis odgovarajuce logove.



NIx Car (AMF Tim)

Poslao: 12 Sep 2011 11:59
Idi na vrh
offline
  • Pridružio: 24 Feb 2008
  • Poruke: 148
  • Gde živiš: np

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by J at 11:02:01 on 2011-09-12
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2048.1124 [GMT 2:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
C:\Windows\update.7.1\svchostdriver.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Windows\system32\FsUsbExService.Exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
"C:\Windows\update.tray-3-0\svchost.exe"
C:\Windows\l1rezerv.exe
C:\Windows\systemup.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\iTunes\iTunesHelper.exe
"C:\Windows\update.tray-2-0\svchost.exe"
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\MSI\BToes Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Windows\update.5.0\svchost.exe srv
C:\PROGRA~1\MSI\BTOESB~1\BTSTAC~1.EXE
C:\Windows\update.2\svchost.exe srv
"C:\Windows\update.5.0\svchost.exe" stand
C:\Windows\sysdriver32.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\update.1\svchost.exe srv
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
"C:\Windows\update.2\svchost.exe" stand
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
"C:\Windows\update.tray-3-0-lnk\svchost.exe" tray 3-0 1
C:\Windows\ufa\ufa.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Opera\opera.exe
C:\Windows\update.7.1\svchostdriver.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
uInternet Settings,ProxyOverride = *.local
mSearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=94226aae0000000000000014c25a82ab&tlver=1.4.19.19&ss=1&affID=17981
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
mURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\prxtbDVDV.dll
mURLSearchHooks: YuMp3 Toolbar: {efa7eae5-73fc-462a-b242-b2f657d3effb} - c:\program files\yump3\prxtbYuM0.dll
mURLSearchHooks: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\prxtbSof2.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: CescrtHlpr Object: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.4.23.10\bh\BabylonToolbar.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\prxtbSof2.dll
BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - c:\program files\startnow toolbar\Toolbar32.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Window Shopper: {74f475fa-6c75-43bd-aab9-ecda6184f600} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll
BHO: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\prxtbDVDV.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.6209.1142\swg.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
BHO: Downius Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: YuMp3 Toolbar: {efa7eae5-73fc-462a-b242-b2f657d3effb} - c:\program files\yump3\prxtbYuM0.dll
BHO: Social Extras Plugin: {ff4e1d1d-705b-4379-ab33-22d98c1abf55} - c:\program files\socialextras\socialx.dll
TB: Downius Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
TB: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\prxtbDVDV.dll
TB: YuMp3 Toolbar: {efa7eae5-73fc-462a-b242-b2f657d3effb} - c:\program files\yump3\prxtbYuM0.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.4.23.10\BabylonToolbarTlbr.dll
TB: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - c:\program files\softonic-eng7\prxtbSof2.dll
TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - c:\program files\startnow toolbar\Toolbar32.dll
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [AutoStartNPSAgent] c:\program files\samsung\samsung new pc studio\NPSAgent.exe
uRun: [Google Update] "c:\users\j\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [WebcamMaxAutoRun] "c:\program files\webcammax\wcmmon.exe" -a
uRun: [PC Suite Tray] "c:\program files\nokia\nokia pc suite 7\PCSuite.exe" -onlytray
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [NPSStartup]
mRun: [TNOD UP] "c:\program files\tnod user & password finder\TNODUP.exe" /i
mRun: [BabylonToolbar] "c:\program files\babylontoolbar\babylontoolbar\1.4.23.10\BabylonToolbarsrv.exe" /md I
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [wxpdrv] c:\windows\services32.exe
mRun: [tray_ico]
mRun: [tray_ico1] c:\windows\update.tray-3-0\svchost.exe
mRun: [tray_ico2]
mRun: [tray_ico3]
mRun: [tray_ico4]
mRun: [sysdriver32.exe] "c:\windows\sysdriver32.exe" rezerv
mRun: [sysdriver32_.exe] "c:\windows\sysdriver32_.exe" rezerv
mRun: [l1rezerv.exe] "c:\windows\l1rezerv.exe"
mRun: [systemup] "c:\windows\systemup.exe" stand
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [5134095.exe] "c:\windows\temp\5134095.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [tray_ico0] c:\windows\update.tray-2-0\svchost.exe
dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10e.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\bttray.lnk - c:\program files\msi\btoes bluetooth software\BTTray.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableSecureUIAPaths = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\j\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\j\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Send To &Bluetooth - c:\program files\msi\btoes bluetooth software\btsendto_ie_ctx.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{32311261-DD0B-49B4-9246-70BFAE13D996} : DhcpNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - c:\windows\system32\BTXPPanel.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\j\appdata\roaming\mozilla\firefox\profiles\n1a5ua18.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.startskins.com/startpage/1052915118/
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\users\j\appdata\local\google\update\1.3.21.65\npGoogleUpdate3.dll
.
============= SERVICES / DRIVERS ===============
.
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952]
R2 ddservice;ddservice;c:\windows\update.7.1\svchostdriver.exe srv --> c:\windows\update.7.1\svchostdriver.exe srv [?]
R2 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2010-12-21 41336]
R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2010-12-21 95384]
R2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2011-3-29 233472]
R2 srvbtcclient;srvbtcclient;c:\windows\update.5.0\svchost.exe srv --> c:\windows\update.5.0\svchost.exe srv [?]
R2 srviecheck;srviecheck;c:\windows\update.2\svchost.exe srv --> c:\windows\update.2\svchost.exe srv [?]
R2 srvsysdriver32;srvsysdriver32;c:\windows\sysdriver32.exe srv --> c:\windows\sysdriver32.exe srv [?]
R2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;c:\program files\startnow toolbar\ToolbarUpdaterService.exe [2011-5-20 210144]
R2 wxpdrivers;wxpdrivers;c:\windows\update.1\svchost.exe srv --> c:\windows\update.1\svchost.exe srv [?]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2011-3-29 36608]
S2 ekrn;ESET Service;"c:\program files\eset\eset smart security\ekrn.exe" --> c:\program files\eset\eset smart security\ekrn.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-3-14 136176]
S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]
S3 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-12-21 137144]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-3-14 136176]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [2011-3-29 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [2011-3-29 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [2011-3-29 121856]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2011-5-2 11232]
.
=============== Created Last 30 ================
.
2011-09-12 08:05:13 -------- d--h--w- c:\windows\update.tray-3-0-lnk
2011-09-12 08:05:13 -------- d--h--w- c:\windows\update.tray-3-0
2011-09-12 07:32:42 -------- d-----w- c:\users\j\appdata\local\{45A44A42-F829-423B-9153-C717102220E7}
2011-09-12 07:32:30 -------- d-----w- c:\users\j\appdata\local\{01E31604-BDE3-4BAB-ABE4-0F414FA9DCD1}
2011-09-11 13:22:42 -------- d-----w- c:\users\j\appdata\local\{5528557A-4574-48B3-9D54-6F498A12A0E8}
2011-09-11 13:22:30 -------- d-----w- c:\users\j\appdata\local\{2255C7FC-2569-447C-B9FC-850C6E0A5817}
2011-09-10 22:00:07 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-10 21:37:20 -------- d-----w- c:\users\j\appdata\local\{58875B02-A95E-4B97-90AB-4DD6AEE05784}
2011-09-10 21:37:08 -------- d-----w- c:\users\j\appdata\local\{831D0DD6-26E5-441B-912A-4D860700F7E1}
2011-09-07 10:15:48 -------- d-----w- c:\users\j\appdata\local\{7A559A92-9605-4D27-9D70-29A2CB2AE753}
2011-09-07 10:15:36 -------- d-----w- c:\users\j\appdata\local\{25D174F0-BD25-4C94-89FB-DCC1241FFF24}
2011-09-05 08:27:14 -------- d-----w- c:\users\j\appdata\local\{02464A6E-6C9B-4F3E-8131-91A8DF4696EA}
2011-09-05 08:27:01 -------- d-----w- c:\users\j\appdata\local\{6D49CFDE-0D1A-4F5A-BD45-433C845C0B2E}
2011-09-04 11:13:23 -------- d-----w- c:\users\j\appdata\local\{9FC281C0-7D50-4BCC-B94B-1000E26A5EFC}
2011-09-04 11:13:11 -------- d-----w- c:\users\j\appdata\local\{D5CB0BCF-2025-44ED-B67A-D20C4486F05F}
2011-09-03 22:33:44 -------- d-----w- c:\users\j\appdata\local\{CB35268C-2C1A-411C-97E1-17EA9113B9C7}
2011-09-03 10:33:17 -------- d-----w- c:\users\j\appdata\local\{BB986E59-0639-4105-A50A-FAF2502B5126}
2011-09-03 10:33:05 -------- d-----w- c:\users\j\appdata\local\{6A55B68B-7332-4B03-9234-A34DE1E1F806}
2011-09-02 17:49:35 -------- d-----w- c:\users\j\appdata\local\{20208092-2AD2-44CA-985E-A830FEB2BFE1}
2011-09-02 17:49:22 -------- d-----w- c:\users\j\appdata\local\{C453C6BC-7CD1-4A6F-8FFC-715F510D2124}
2011-09-01 10:13:35 -------- d-----w- c:\users\j\appdata\local\{41E1251D-F92F-4492-82E0-EEBFCFF65C08}
2011-09-01 10:13:22 -------- d-----w- c:\users\j\appdata\local\{19F14616-3325-4674-AD2F-5B753BCA37EB}
2011-08-31 09:43:38 -------- d-----w- c:\users\j\appdata\local\{E8D37952-3F24-4CCE-A4F5-E914C04AF925}
2011-08-31 09:43:26 -------- d-----w- c:\users\j\appdata\local\{E5C251BA-3411-47C0-A55A-76A4C3691501}
2011-08-30 21:40:25 -------- d-----w- c:\users\j\appdata\local\{A50CEA82-0DAE-4683-B910-A0895176B7B9}
2011-08-30 21:40:13 -------- d-----w- c:\users\j\appdata\local\{B1EA2859-424B-4CAF-8AA3-B590701E9E27}
2011-08-30 09:39:46 -------- d-----w- c:\users\j\appdata\local\{1AA171DC-A884-407F-90EB-8257715B2079}
2011-08-30 09:39:34 -------- d-----w- c:\users\j\appdata\local\{736263A8-F2C2-415C-AFCE-4B5E4BB928B9}
2011-08-29 13:36:45 -------- d-----w- c:\users\j\appdata\local\{5695F2ED-C6B8-4E71-9F4F-B76F2303ABFD}
2011-08-29 13:36:33 -------- d-----w- c:\users\j\appdata\local\{9E5B6726-DC21-472E-AE73-220AFD2620B8}
2011-08-29 00:32:59 -------- d-----w- c:\users\j\appdata\local\{6A4295BE-43C3-454D-8E50-764EAC81E3E1}
2011-08-28 12:32:33 -------- d-----w- c:\users\j\appdata\local\{C609CCEB-5099-4008-86CA-B541E5B3FCBF}
2011-08-28 12:32:20 -------- d-----w- c:\users\j\appdata\local\{6F4A3D56-2643-4CCA-B5D1-9A056983E676}
2011-08-27 20:36:02 -------- d-----w- c:\users\j\appdata\local\{A0382ADC-7F46-454F-B238-595E1A2D6B9A}
2011-08-27 20:35:51 -------- d-----w- c:\users\j\appdata\local\{4CD8A30F-5EA7-4644-87C9-EC6F8C8D7B1F}
2011-08-27 08:35:24 -------- d-----w- c:\users\j\appdata\local\{0EFE73D6-769A-460D-9753-C07168D02BA2}
2011-08-27 08:35:13 -------- d-----w- c:\users\j\appdata\local\{F47EE3BC-B784-4A8A-B865-216396947F96}
2011-08-26 20:46:02 -------- d-----w- c:\program files\SocialExtras
2011-08-26 13:01:48 -------- d-----w- c:\users\j\appdata\local\{5D43195D-7429-42CB-A629-A5962A43311B}
2011-08-26 13:01:37 -------- d-----w- c:\users\j\appdata\local\{4D1E1E71-DEAC-4410-B5C7-00D7E0EB6AB9}
2011-08-25 15:16:11 -------- d--h--w- c:\windows\update.8.1
2011-08-25 11:18:48 2048 ----a-w- c:\windows\system32\tzres.dll
2011-08-25 11:05:53 -------- d-----w- c:\users\j\appdata\local\{AA661343-A17C-4759-B719-57579513770D}
2011-08-25 11:05:41 -------- d-----w- c:\users\j\appdata\local\{BEA0B118-3625-462E-A926-B03DD30B4B96}
2011-08-24 08:34:07 -------- d-----w- c:\users\j\appdata\local\{E64522FC-E5A4-4E33-9A0B-A622B9CBC8D4}
2011-08-24 08:33:55 -------- d-----w- c:\users\j\appdata\local\{5E146230-FA86-4775-B666-344388D5DD52}
2011-08-23 10:35:29 -------- d-----w- c:\users\j\appdata\local\{07285BA4-C238-41C1-B1EE-F66B2AB428AA}
2011-08-23 10:35:17 -------- d-----w- c:\users\j\appdata\local\{A122274B-B659-4C83-9EE1-6F753EF51135}
2011-08-22 20:28:32 -------- d-----w- c:\program files\iPod
2011-08-22 20:28:31 -------- d-----w- c:\program files\iTunes
2011-08-22 20:17:53 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2011-08-22 20:17:53 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2011-08-22 20:17:53 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2011-08-22 20:17:53 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2011-08-22 20:17:53 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2011-08-22 20:17:53 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2011-08-22 20:17:53 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2011-08-22 18:41:57 -------- d-----w- c:\users\j\appdata\local\Apple Computer
2011-08-22 18:41:47 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-08-22 18:41:47 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-08-22 18:41:10 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-08-22 18:39:13 -------- d-----w- c:\users\j\appdata\local\Apple
2011-08-22 18:38:29 -------- d-----w- c:\program files\Bonjour
2011-08-22 15:09:48 -------- d-----w- c:\users\j\appdata\local\{C1EB8149-1CEE-40C2-8542-765BEEF602E2}
2011-08-22 15:09:36 -------- d-----w- c:\users\j\appdata\local\{E48D370C-ADC9-4704-BDBC-3FD8731D0BE0}
2011-08-21 21:52:36 -------- d-----w- c:\users\j\appdata\local\{B214A97A-0574-421F-803A-8BF8903A76B6}
2011-08-21 21:52:23 -------- d-----w- c:\users\j\appdata\local\{2CBCB909-3AA3-410D-921A-41A20D0B3775}
2011-08-21 09:51:55 -------- d-----w- c:\users\j\appdata\local\{DBC3756E-94E2-4A88-89BF-F79E0FCCE98F}
2011-08-21 09:51:43 -------- d-----w- c:\users\j\appdata\local\{03F27909-D6FA-4452-98EE-72E775D8F463}
2011-08-20 21:51:16 -------- d-----w- c:\users\j\appdata\local\{73B0D071-4DB3-4C9E-A9FD-EE0413D96016}
2011-08-20 21:51:03 -------- d-----w- c:\users\j\appdata\local\{AACE898A-E31B-467E-8D4E-9EB83A92A8BC}
2011-08-20 09:50:29 -------- d-----w- c:\users\j\appdata\local\{CE0D7871-EF35-448A-8C20-DD8D0C68E9DD}
2011-08-20 09:50:14 -------- d-----w- c:\users\j\appdata\local\{79F6C56C-C6FD-4D19-A2DD-5213D1E72FC7}
2011-08-19 11:34:57 -------- d--h--w- c:\windows\update.7.1
2011-08-19 08:55:26 -------- d-----w- c:\users\j\appdata\local\{B606629C-1134-4E7F-880C-75EE155C6598}
2011-08-19 08:55:12 -------- d-----w- c:\users\j\appdata\local\{151BCE0F-542E-40C0-AFA2-025D832A3BEB}
2011-08-18 12:42:39 -------- d-----w- c:\users\j\appdata\local\{2C1535F7-9A7E-4CFE-9FA7-7943F11A726C}
2011-08-18 12:42:26 -------- d-----w- c:\users\j\appdata\local\{A44B70C9-C4EB-45FE-87E8-C54804B8D145}
2011-08-18 09:02:22 -------- d-----w- c:\users\j\appdata\local\{3E2E1D06-FB77-4246-BE11-7666AFC8D9ED}
2011-08-18 09:02:09 -------- d-----w- c:\users\j\appdata\local\{B9BCEBFD-7A1F-4056-A254-84D720D858EA}
2011-08-17 08:20:18 -------- d-----w- c:\users\j\appdata\local\{2E355B8A-52BC-40E6-85E6-6B07AFEB1DCB}
2011-08-17 08:20:05 -------- d-----w- c:\users\j\appdata\local\{5D1332C4-82BC-4730-B519-F3B29F488893}
2011-08-16 22:50:57 -------- d-----w- c:\users\j\appdata\local\{2F522573-E89A-4DC4-91FD-F517926466F9}
2011-08-16 22:50:44 -------- d-----w- c:\users\j\appdata\local\{B7DEFE1C-F47E-4C55-9D1F-6C5F6EFD7555}
2011-08-16 11:52:48 -------- d-----w- c:\users\j\appdata\local\{B993C319-C2DD-4565-B21C-2A13B6599BE9}
2011-08-16 11:52:35 -------- d-----w- c:\users\j\appdata\local\{C29A7767-04D7-4F54-9A82-53D35634B062}
2011-08-15 19:03:31 -------- d-----w- c:\users\j\appdata\local\{3E450976-7668-4B48-8CF3-645BAEC074F0}
2011-08-15 19:03:18 -------- d-----w- c:\users\j\appdata\local\{B7890EE7-5C47-4872-AC26-65259DF33D50}
2011-08-15 11:44:39 -------- d-----w- c:\users\j\appdata\local\{382F2F25-A9CE-43AE-9018-F73836E506AB}
2011-08-14 10:33:52 -------- d-----w- c:\users\j\appdata\local\{D69B2508-F9A9-4F9B-A461-94D4CBE783BA}
2011-08-14 10:33:39 -------- d-----w- c:\users\j\appdata\local\{44BD4D4C-B2A5-4DB8-99A4-49EB2CCF2F5F}
2011-08-13 21:35:58 -------- d-----w- c:\users\j\appdata\roaming\WebcamMax
2011-08-13 21:35:58 -------- d-----w- c:\programdata\WebcamMax
2011-08-13 21:35:32 -------- d-----w- c:\program files\WebcamMax
2011-08-13 20:25:07 -------- d-----w- c:\users\j\appdata\local\{41C2BE00-A1FF-4A91-ABD1-E9CB98929508}
2011-08-13 20:24:54 -------- d-----w- c:\users\j\appdata\local\{CBB2CE11-C593-4DBD-B913-C8B03A04E13F}
2011-08-13 11:13:15 -------- d-----w- c:\users\j\appdata\local\{8653458C-5FAD-4370-B850-4685E05A9857}
2011-08-13 11:13:02 -------- d-----w- c:\users\j\appdata\local\{3731323E-F401-41A7-90B4-490030ABA971}
.
==================== Find3M ====================
.
2011-08-28 13:58:51 130560 ----a-w- c:\windows\systemup.exe
2011-07-25 13:37:10 256000 ----a-w- c:\windows\sysdriver32_.exe
2011-07-25 13:37:10 256000 ----a-w- c:\windows\sysdriver32.exe
2011-07-24 11:21:17 246272 ----a-w- c:\windows\unrar.exe
2011-07-24 11:18:53 232960 ----a-w- c:\windows\l1rezerv.exe
2011-07-24 10:59:06 1174016 ----a-w- c:\windows\services32.exe
2011-07-22 02:54:43 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-07-22 02:48:26 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-07-22 02:44:36 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-16 04:37:32 169984 ----a-w- c:\windows\system32\winsrv.dll
2011-07-16 04:34:28 290816 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 04:31:12 271360 ----a-w- c:\windows\system32\conhost.exe
2011-07-16 02:21:47 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:21:47 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:21:47 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:21:47 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-12 09:20:54 83816 ----a-w- c:\windows\system32\dns-sd.exe
2011-07-12 09:20:54 73064 ----a-w- c:\windows\system32\dnssd.dll
2011-07-12 09:20:54 50536 ----a-w- c:\windows\system32\jdns_sd.dll
2011-07-12 09:20:54 178536 ----a-w- c:\windows\system32\dnssdX.dll
2011-07-09 02:26:10 222720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-07-05 16:37:00 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-07-05 16:37:00 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-06-23 04:38:05 3957120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-06-23 04:38:04 3902336 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-06-21 05:39:53 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-15 09:04:46 86016 ----a-w- c:\windows\system32\odbccu32.dll
2011-06-15 09:04:46 81920 ----a-w- c:\windows\system32\odbccr32.dll
2011-06-15 09:04:46 319488 ----a-w- c:\windows\system32\odbcjt32.dll
2011-06-15 09:04:46 163840 ----a-w- c:\windows\system32\odbctrac.dll
2011-06-15 09:04:46 122880 ----a-w- c:\windows\system32\odbccp32.dll
2011-06-03 14:25:52 625984 ----a-w- c:\program files\common files\ZugoInstaller.exe
2006-11-02 05:23:02 2472913 ----a-w- c:\program files\Do not run me just copy in program folder.exe
.
============= FINISH: 11:03:05.10 ===============

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

Poslao: 12 Sep 2011 20:17
Idi na vrh
offline
  • Més que un club
  • Glavni vokal @ Harpun
  • Pridružio: 27 Feb 2009
  • Poruke: 3897
  • Gde živiš: Novi Sad,Klisa

Arrow
U toku resavanja slucaja, zamolio bih te da se pridrzavas sledeceg:
Detaljno citati moja uputstva ( ili uputstva kolega koji ce me zamenjivati) i raditi iskljucivo po njima;
Ne traziti istovremeno pomoc na drugom mestu;
Nemoj koristiti druge programe za uklanjanje malware-a, osim onih za koje budes dobio uputstvo;
U toku intervencije ne koristiti USB memorijske uredjaje, dok to ne budem zatrazio;
Ukoliko ne odgovorim u roku od 48h, osvezi temu novim post-om;
Ukoliko se ne javis u roku od 5 dana, zatvoricemo slucaj.
Za vise informacija o pravilima Ambulante MyCity foruma: LINK

-------------------------------------------------------------------------------------






Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.



Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix;
u prozoru koji se otvori klikni "I Agree".
U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.

Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

NIx Car (AMF Tim)

MyCity » Ambulanta -> Arhiva Ambulante » facebook virus

Ko je trenutno na forumu
 

Ukupno su 1029 korisnika na forumu :: 48 registrovanih, 4 sakrivenih i 977 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: anta, Belac91, bestguarder, BlekMen, Boris Bosiljčić, brundo65, Buda Baba, ccoogg123, croato, djordje92sm, Dorcolac, dule10savic, dulleo, goxin, havoc995, karevski, Koridor, krasta, Kruger, Kubovac, lord sir giga, mackenzie, marsovac 2, mercedesamg, mikrimaus, mile23, milenko crazy north, Outis, Paja Pajser, pajkan, prle122, Rogan33, ruger357, S-lash, Shinobi, slonic_tonic, taomaster, Toper, Tragač, Trpe Grozni, Vatreni Zmaj, Viceroy, VJ, wexy, YugoSlav, Zadonbas, zodiac94, zziko