the filename,directory name or volume label syntax is...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Kao sto sam naslov kaze, dobijam ovu vrstu poruke kada hocu nesto da instaliram (the filename,directory name or volume label syntax is incorrect).

Problem je poceo juce da se ispoljava kada sam htela da skinem jedan konvertor, tacnije iz pdf. to dwg. Kada sam htela da ga instaliram, doslo je do ove poruke. Kasnije sam probala bilo koji drugi program da instaliram i svaki put bi se pojavilo isto.
Pokusavala sam da udjem u Safe mode i da iz njega pokrenem bilo kakvu instalaciju ali bezuspesno.
Onda sam pustila na skener ceo kom(koristim Avast Professional) i nista nije nasao. Zatim sam skenirala sa Search&Destroy i sa Ad-aware i nista nije pronasao.
Nikada nisam imala slicnih problema.
Komp mi radi odlicno, ne koci, ma super kao i obicno - bez primedbi.

Pretpostavljam da je verovatno imam problem sa malicioznim programom, tj. da mi je nesto ugrozilo komp.

Sto se tice internet konekcije, imam Adsl, flat3.

Hvala unapred!

Pozdra od Hristine!



DDS (Ver_09-07-30.01) - NTFSx86
Run by Ljube at 22:50:18,70 on uto 22.09.2009
Internet Explorer: 6.0.2800.1106 BrowserJavaVersion: 1.6.0_15
Microsoft Windows XP Professional 5.1.2600.1.1250.381.1033.18.511.113 [GMT 2:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\AirLive\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Virtual CD v4\System\vcdsecs.exe
C:\Program Files\K-Lite Codec Pack\Media Player Classic\RealPlay.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\AirLive\Bluetooth Software\BTTray.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1755576
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Net Games Toolbar: {8a6264b5-a8f2-494b-8f37-cf898a763e42} - c:\program files\net_games\tbNet_.dll
BHO: Yahoo! Companion BHO: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\common\ycomp5_2_3_0.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IeCatch5 Class: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - c:\progra~1\flashget\jccatch.dll
BHO: : {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: WitBHO Class: {75ed56af-4dc9-4243-a30c-4ef4dd0ca28f} - c:\documents and settings\ljube\appdata\locallow\chameleontom for ie\wit4ie.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Net Games Toolbar: {8a6264b5-a8f2-494b-8f37-cf898a763e42} - c:\program files\net_games\tbNet_.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: gFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\progra~1\flashget\getflash.dll
TB: &Yahoo! Companion: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\common\ycomp5_2_3_0.dll
TB: FlashGet Bar: {e0e899ab-f487-11d5-8d29-0050ba6940e3} - c:\progra~1\flashget\fgiebar.dll
TB: Chameleon Tom Toolbar: {fc00cdd1-38e2-4a90-9805-bfc987777712} - c:\program files\chameleon tom toolbar\toolbar.dll
TB: Net Games Toolbar: {8a6264b5-a8f2-494b-8f37-cf898a763e42} - c:\program files\net_games\tbNet_.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
EB: Media Band: {32683183-48a0-441b-a342-7c2a440a9478} - %SystemRoot%\System32\browseui.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [RSD_HDDThermo] c:\program files\hdd thermometer\HDD Thermometer.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [WinampAgent] c:\program files\winamp\winampa.exe
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [BMISR] c:\program files\kye\webmate\BM.exe
mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [RealTray] c:\program files\k-lite codec pack\media player classic\RealPlay.exe SYSTEMBOOTHIDEPLAYER
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\airlive\bluetooth software\BTTray.exe
IE: &Search - edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZRxdm762YYME
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Preuzmi sa FlashGet-om - c:\program files\flashget\jc_link.htm
IE: Preuzmi sve sa FlashGet-om - c:\program files\flashget\jc_all.htm
IE: Send to &Bluetooth Device... - c:\program files\airlive\bluetooth software\btsendto_ie_ctx.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\airlive\bluetooth software\btsendto_ie.htm
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\progra~1\flashget\flashget.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/PopularScreenSaversInitialSetup1.0.1.1.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\ljube\applic~1\mozilla\firefox\profiles\dsm9rcm3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1755576&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Searchme
FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs/
FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZRxdm762YYME&fl=0&ptb=4.guKP9PZ0oUtEGrsYE5og&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=
FF - plugin: c:\program files\mozilla firefox\plugins\npRLCT4Player.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-4-26 114768]
R1 vcdmpdrv;vcdmpdrv;c:\windows\system32\drivers\vcdmpdrv.sys [2006-4-1 49168]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-8-26 138680]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-8-26 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-8-26 352920]
R3 ReallusionVirtualAudio;Reallusion Virtual Audio;c:\windows\system32\drivers\RLVrtAuCbl.sys [2009-4-26 31616]
S3 ids00035;ids00035;\??\c:\documents and settings\all users\application data\kaspersky anti-virus personal\5.0\bases\ids00035.sys --> c:\documents and settings\all users\application data\kaspersky anti-virus personal\5.0\bases\ids00035.sys [?]
S3 ids00118;ids00118;\??\c:\documents and settings\all users\application data\kaspersky anti-virus personal\5.0\bases\ids00118.sys --> c:\documents and settings\all users\application data\kaspersky anti-virus personal\5.0\bases\ids00118.sys [?]
S3 ids0014f;ids0014f;\??\c:\documents and settings\all users\application data\kaspersky anti-virus personal\5.0\bases\ids0014f.sys --> c:\documents and settings\all users\application data\kaspersky anti-virus personal\5.0\bases\ids0014f.sys [?]
S3 ids0015d;ids0015d;\??\c:\documents and settings\all users\application data\kaspersky anti-virus personal\5.0\bases\ids0015d.sys --> c:\documents and settings\all users\application data\kaspersky anti-virus personal\5.0\bases\ids0015d.sys [?]
S3 ids00180;ids00180;\??\c:\documents and settings\all users\application data\kaspersky anti-virus personal\5.0\bases\ids00180.sys --> c:\documents and settings\all users\application data\kaspersky anti-virus personal\5.0\bases\ids00180.sys [?]
S3 PAC7302;iLook 300;c:\windows\system32\drivers\PAC7302.SYS [2009-4-26 458112]
S3 Ssdtsu2;Ssdtsu2;c:\windows\system32\dfrgfat.exe [2002-8-29 76288]

============== File Associations ===============

inifile=%SystemRoot\%system32\NOTEPAD.EXE %1

=============== Created Last 30 ================

2009-09-22 22:50 <DIR> --d-h--- c:\windows\PIF
2009-09-22 14:48 <DIR> --d----- c:\program files\Lavasoft
2009-09-22 14:28 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-09-22 14:27 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-09-20 21:48 <DIR> --d----- C:\My Music
2009-09-20 21:47 24,576 a------- c:\windows\system32\prefscpl.cpl
2009-09-20 21:47 <DIR> --d----- c:\program files\common files\Real
2009-09-19 18:46 53,105 a------- c:\windows\FontData.fdb
2009-09-10 21:05 <DIR> --d----- c:\docume~1\ljube\applic~1\AVI ReComp
2009-09-10 21:04 <DIR> --d----- c:\program files\Xvid
2009-09-10 21:04 <DIR> --d----- c:\program files\AVI ReComp
2009-08-31 21:40 <DIR> --d----- c:\program files\Net_Games
2009-08-30 13:07 <DIR> --d----- c:\program files\Lavalys

==================== Find3M ====================

2009-07-25 05:23 411,368 a------- c:\windows\system32\deploytk.dll
2009-07-17 09:06 472,824 a------- c:\windows\system32\PerfStringBackup.TMP
2009-07-05 22:47 2,560 a------- c:\windows\_MSRSTRT.EXE
2009-03-22 14:40 3,001 a--sh--- c:\documents and settings\ljube\ppUser.dat
2002-01-11 07:00 8,196,148 a------- c:\program files\ArchiCAD.exe
2009-06-18 21:46 81 ---shr-- c:\windows\3DXCT.BIN
2009-04-26 21:26 81 ---shr-- c:\windows\CT4CET.bin
2005-05-13 17:12 217,073 a--shr-- c:\windows\meta4.exe
2005-10-24 11:13 66,560 a--shr-- c:\windows\MOTA113.exe
2005-10-13 21:27 422,400 a--shr-- c:\windows\x2.64.exe
2006-04-01 19:53 56 ---shr-- c:\windows\system32\0F12B5E650.sys
2005-10-07 19:14 308,224 a--shr-- c:\windows\system32\avisynth.dll
2005-07-14 12:31 27,648 a--shr-- c:\windows\system32\AVSredirect.dll
2005-06-26 15:32 616,448 a--shr-- c:\windows\system32\cygwin1.dll
2005-06-21 22:37 45,568 a--shr-- c:\windows\system32\cygz.dll
2004-01-25 00:00 70,656 a--shr-- c:\windows\system32\i420vfw.dll
2006-04-01 19:53 1,682 a--sh--- c:\windows\system32\KGyGaAvL.sys
2006-04-27 10:24 2,945,024 a--shr-- c:\windows\system32\Smab.dll
2005-02-28 13:16 240,128 a--shr-- c:\windows\system32\x.264.exe
2004-01-25 00:00 70,656 a--shr-- c:\windows\system32\yv12vfw.dll

============= FINISH: 22:50:49,51 ===============



mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Koristis li program Diskkeeper...?

Komp deluje cisto(malware free)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 23 Sep 2009 13:48

Ne koristim, ali probacu da ga skinem. Javicu sta sam uradila.

Dopuna: 23 Sep 2009 14:23

Evo ovako, tacno sam znala da ce se ovo desiti.
Skinula sam program Diskkeeper i pokusala da ga instaliram kad ono opet ista poruka.
Znaci, ne mogu nista sto skinem sa neta da instaliram.
Pored ove gore vec napomenute poruke sada mi je izasla i ova: Unable to open the self extracting fele. The fele is locked or in use by another process. The instalation will terminate.
Program sam skinula sa vaseg sajta.

Ne znam sta da radim?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Kao prvo..to sto sam te pitao za diskeeper ne znaci da je trebalo da ga instalras..

kao drugo na tvom problemu se radi u windows podforumu

kao trece.. aj da pokupimo ostatke jednog dosadnog adware-a (nista strasno)

Preuzmi instalaciju za program Malwarebytes Anti-Malware sa sledećeg linka:
http://www.besttechie.net/tools/mbam-setup.exe

Dvoklikom pokreni instalaciju - na samom kraju procesa, proveri da su obeležene opcije:
Update Malwarebytes' Anti-Malware;
Launch Malwarebytes Anti-Malware;
a zatim klikni Finish.

Nakon završenog ažuriranja program će se pokrenuti.

Izaberi opciju Perform Quick Scan i klikni Scan.

Po završetku procesa klikni OK, Show Results: u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected.

Po završetku procesa, logfile će se otvoriti u Notepad-u; iskopiraj ga u temu na forumu.
Ukoliko program zatraži restart kako bi se završio proces čišćenja, obavezno ga dozvoliti.

Napomena: ako dođe do restarta na kraju procesa čišćenja, logfile će biti dostupan na Logs kartici (obeleži ga i klikni Open).


Takođe, nakon svega, potrebno je postaviti i svež DDS logfile.

ako i ovde budes imala probleme pri instalaciji uslikaj mi gresku koju ti izbacuje..

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

E ovako, pre nego sto bilo sta napisem, samo da kazem sta sam otkrila, kada sam trebala da instaliram Malwarebytes Anti-Malware, naravno nije htelo, izasla je cuvena poruka: the filename,directory name or volume label syntax is incorrect).
Ja sam instalaciju tog programa prebacila na USB i sa njega pokusala da je pokrenem i uspela sam. Znaci sa cd-a i sa usb-a hoce, sa kompa nece.

Kada je poceo da skenira, nakon 10 sekundi je izao prozor Avasta :


Ja sam smestila u karantin.

Evo saljem Logfile:
Malwarebytes' Anti-Malware 1.41
Database version: 2852
Windows 5.1.2600 Service Pack 1

23.9.2009 23:04:41
mbam-log-2009-09-23 (23-04-41).txt

Scan type: Quick Scan
Objects scanned: 100895
Time elapsed: 11 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 23
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 8
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\FunWebProducts\ScreenSaver\Images\01E02089.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History\search3 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\setting2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successful

Ovo je svez DDS logfile:
DDS (Ver_09-07-30.01) - NTFSx86
Run by Ljube at 23:11:37,23 on sre 23.09.2009
Internet Explorer: 6.0.2800.1106 BrowserJavaVersion: 1.6.0_15
Microsoft Windows XP Professional 5.1.2600.1.1250.381.1033.18.511.72 [GMT 2:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\AirLive\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Virtual CD v4\System\vcdsecs.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\K-Lite Codec Pack\Media Player Classic\RealPlay.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\AirLive\Bluetooth Software\BTTray.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Mozilla Firefox\firefox.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1755576
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Net Games Toolbar: {8a6264b5-a8f2-494b-8f37-cf898a763e42} - c:\program files\net_games\tbNet_.dll
BHO: Yahoo! Companion BHO: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\common\ycomp5_2_3_0.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: IeCatch5 Class: {2f364306-aa45-47b5-9f9d-39a8b94e7ef7} - c:\progra~1\flashget\jccatch.dll
BHO: : {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: WitBHO Class: {75ed56af-4dc9-4243-a30c-4ef4dd0ca28f} - c:\documents and settings\ljube\appdata\locallow\chameleontom for ie\wit4ie.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Net Games Toolbar: {8a6264b5-a8f2-494b-8f37-cf898a763e42} - c:\program files\net_games\tbNet_.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: gFlash Class: {f156768e-81ef-470c-9057-481ba8380dba} - c:\progra~1\flashget\getflash.dll
TB: &Yahoo! Companion: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\common\ycomp5_2_3_0.dll
TB: FlashGet Bar: {e0e899ab-f487-11d5-8d29-0050ba6940e3} - c:\progra~1\flashget\fgiebar.dll
TB: Chameleon Tom Toolbar: {fc00cdd1-38e2-4a90-9805-bfc987777712} - c:\program files\chameleon tom toolbar\toolbar.dll
TB: Net Games Toolbar: {8a6264b5-a8f2-494b-8f37-cf898a763e42} - c:\program files\net_games\tbNet_.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
EB: Media Band: {32683183-48a0-441b-a342-7c2a440a9478} - %SystemRoot%\System32\browseui.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [RSD_HDDThermo] c:\program files\hdd thermometer\HDD Thermometer.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [WinampAgent] c:\program files\winamp\winampa.exe
mRun: [CanonSolutionMenu] c:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [BMISR] c:\program files\kye\webmate\BM.exe
mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [RealTray] c:\program files\k-lite codec pack\media player classic\RealPlay.exe SYSTEMBOOTHIDEPLAYER
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\airlive\bluetooth software\BTTray.exe
IE: &Search
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Preuzmi sa FlashGet-om - c:\program files\flashget\jc_link.htm
IE: Preuzmi sve sa FlashGet-om - c:\program files\flashget\jc_all.htm
IE: Send to &Bluetooth Device... - c:\program files\airlive\bluetooth software\btsendto_ie_ctx.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\airlive\bluetooth software\btsendto_ie.htm
IE: {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - c:\progra~1\flashget\flashget.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\ljube\applic~1\mozilla\firefox\profiles\dsm9rcm3.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1755576&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Searchme
FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs/
FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZRxdm762YYME&fl=0&ptb=4.guKP9PZ0oUtEGrsYE5og&url=http://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor=
FF - plugin: c:\program files\mozilla firefox\plugins\npRLCT4Player.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-4-26 114768]
R1 vcdmpdrv;vcdmpdrv;c:\windows\system32\drivers\vcdmpdrv.sys [2006-4-1 49168]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2009-8-26 138680]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2009-8-26 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2009-8-26 352920]
R3 ReallusionVirtualAudio;Reallusion Virtual Audio;c:\windows\system32\drivers\RLVrtAuCbl.sys [2009-4-26 31616]
S3 ids00035;ids00035;\??\c:\documents and settings\all users\application data\kaspersky anti-virus personal\5.0\bases\ids00035.sys --> c:\documents and settings\all users\application data\kaspersky anti-virus personal\5.0\bases\ids00035.sys [?]
S3 ids00118;ids00118;\??\c:\documents and settings\all users\application data\kaspersky anti-virus personal\5.0\bases\ids00118.sys --> c:\documents and settings\all users\application data\kaspersky anti-virus personal\5.0\bases\ids00118.sys [?]
S3 ids0014f;ids0014f;\??\c:\documents and settings\all users\application data\kaspersky anti-virus personal\5.0\bases\ids0014f.sys --> c:\documents and settings\all users\application data\kaspersky anti-virus personal\5.0\bases\ids0014f.sys [?]
S3 ids0015d;ids0015d;\??\c:\documents and settings\all users\application data\kaspersky anti-virus personal\5.0\bases\ids0015d.sys --> c:\documents and settings\all users\application data\kaspersky anti-virus personal\5.0\bases\ids0015d.sys [?]
S3 ids00180;ids00180;\??\c:\documents and settings\all users\application data\kaspersky anti-virus personal\5.0\bases\ids00180.sys --> c:\documents and settings\all users\application data\kaspersky anti-virus personal\5.0\bases\ids00180.sys [?]
S3 PAC7302;iLook 300;c:\windows\system32\drivers\PAC7302.SYS [2009-4-26 458112]
S3 Ssdtsu2;Ssdtsu2;c:\windows\system32\dfrgfat.exe [2002-8-29 76288]

=============== Created Last 30 ================

2009-09-23 22:43 <DIR> --d----- c:\docume~1\ljube\applic~1\Malwarebytes
2009-09-23 22:43 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-23 22:43 18,520 a------- c:\windows\system32\drivers\mbam.sys
2009-09-23 22:43 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-09-23 22:43 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-09-22 22:50 <DIR> --d-h--- c:\windows\PIF
2009-09-22 14:48 <DIR> --d----- c:\program files\Lavasoft
2009-09-22 14:28 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-09-22 14:27 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-09-20 21:48 <DIR> --d----- C:\My Music
2009-09-20 21:47 24,576 a------- c:\windows\system32\prefscpl.cpl
2009-09-20 21:47 <DIR> --d----- c:\program files\common files\Real
2009-09-19 18:46 53,105 a------- c:\windows\FontData.fdb
2009-09-10 21:05 <DIR> --d----- c:\docume~1\ljube\applic~1\AVI ReComp
2009-09-10 21:04 <DIR> --d----- c:\program files\Xvid
2009-09-10 21:04 <DIR> --d----- c:\program files\AVI ReComp
2009-08-31 21:40 <DIR> --d----- c:\program files\Net_Games
2009-08-30 13:07 <DIR> --d----- c:\program files\Lavalys

==================== Find3M ====================

2009-07-25 05:23 411,368 a------- c:\windows\system32\deploytk.dll
2009-07-17 09:06 472,824 a------- c:\windows\system32\PerfStringBackup.TMP
2009-07-05 22:47 2,560 a------- c:\windows\_MSRSTRT.EXE
2009-03-22 14:40 3,001 a--sh--- c:\documents and settings\ljube\ppUser.dat
2002-01-11 07:00 8,196,148 a------- c:\program files\ArchiCAD.exe
2009-06-18 21:46 81 ---shr-- c:\windows\3DXCT.BIN
2009-04-26 21:26 81 ---shr-- c:\windows\CT4CET.bin
2005-05-13 17:12 217,073 a--shr-- c:\windows\meta4.exe
2005-10-24 11:13 66,560 a--shr-- c:\windows\MOTA113.exe
2005-10-13 21:27 422,400 a--shr-- c:\windows\x2.64.exe
2006-04-01 19:53 56 ---shr-- c:\windows\system32\0F12B5E650.sys
2005-10-07 19:14 308,224 a--shr-- c:\windows\system32\avisynth.dll
2005-07-14 12:31 27,648 a--shr-- c:\windows\system32\AVSredirect.dll
2005-06-26 15:32 616,448 a--shr-- c:\windows\system32\cygwin1.dll
2005-06-21 22:37 45,568 a--shr-- c:\windows\system32\cygz.dll
2004-01-25 00:00 70,656 a--shr-- c:\windows\system32\i420vfw.dll
2006-04-01 19:53 1,682 a--sh--- c:\windows\system32\KGyGaAvL.sys
2006-04-27 10:24 2,945,024 a--shr-- c:\windows\system32\Smab.dll
2005-02-28 13:16 240,128 a--shr-- c:\windows\system32\x.264.exe
2004-01-25 00:00 70,656 a--shr-- c:\windows\system32\yv12vfw.dll

============= FINISH: 23:12:01,18 ===============


Kada sam to sve uradila, pokusala sam da pokrenem bilo koju instalaciju sa kompa i opet isto :

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Sorry sto kasnim tri dana

Uploaduj mi sledeci fajl


c:\windows\system32\dfrgfat.exe


Preko sledece forme :


http://www.mycity.rs/ambulanta-upload.php

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uradila sam to, tj. poslala sam!

P.S. Nema veze sto kasnis, taman posla, hvala u svakom slucaju.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ne znam sta da ti kazem...ovde nema malware-a..imalo je malo ostataka ali aktivnog nema..ne znam sta bi moglo da ti pravi problem