MyCity » Ambulanta -> Arhiva Ambulante » win32:sirefef-ZT problem

win32:sirefef-ZT problem

Napisano na dan: 19.4.2013

Strana:
1
2

win32:sirefef-ZT problem

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Blue Poslao: 19 Apr 2013 15:34 Idi na vrh
offline Blue Elitni građanin Pridružio: 06 Avg 2003 Poruke: 2214	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: instalirao sam neku igru i prilikom toga uleteo mi je uljez ... win32:sirefef-ZT ,imam avast nikako ne mogu da ga obrisem ili izlecim ... mislim da na pravom mestu postavljam temu https://www.mycity.rs/must-login.png

Profil

TwinHeadedEagle Poslao: 19 Apr 2013 15:38 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nedostaje ti i DDS.txt

Profil

Blue Poslao: 19 Apr 2013 15:39 Idi na vrh
offline Blue Elitni građanin Pridružio: 06 Avg 2003 Poruke: 2214	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: https://www.mycity.rs/must-login.png DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16446 Run by vinko at 15:28:53 on 2013-04-19 Microsoft Windows 7 Home Premium 6.1.7601.1.1250.381.1033.18.6046.3712 [GMT 2:00] . AV: avast! Antivirus Disabled/Updated {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus Disabled/Updated {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender Disabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\vcsFPService.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files\DigitalPersona\Bin\DpHostW.exe C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\Conexant\SA3\CxUtilSvc.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\ProgramData\DatacardService\HWDeviceService64.exe c:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe C:\Windows\Explorer.EXE C:\ProgramData\DatacardService\DCSHelper.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\DigitalPersona\Bin\DPAgent.exe C:\Program Files\Conexant\SA3\SmartAudio3.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\ProgramData\DatacardService\DCSHelper.exe C:\Program Files (x86)\mts mobilni internet\mts mobilni internet.exe C:\Program Files (x86)\Winamp\winampa.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Windows\SysWOW64\PnkBstrA.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Elantech\ETDCtrlHelper.exe C:\Program Files\Elantech\ETDGesture.exe C:\Windows\system32\WUDFHost.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe C:\Windows\system32\msiexec.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv "C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns "C:\Windows\SysWOW64\svchost.exe" -g no -t 7 -o http://ooyohrmebh9qfof.com/ -u Ceaxznowc -p Kvspcmsmek C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.dell.com uDefault_Page_URL = hxxp://www.dell.com mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" mRun: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} LSP: mswsock.dll TCP: Interfaces\{061DF22E-C383-4A65-88C0-2B5310AD8C54} : DHCPNameServer = 178.79.22.6 178.79.0.3 TCP: Interfaces\{180B05E2-BE8F-4D8A-ACC8-70AF1FEEA749} : DHCPNameServer = 178.79.22.6 178.79.0.3 TCP: Interfaces\{467EDBCC-FB8C-442A-8D6D-ED4E9EFF588A} : NameServer = 195.178.38.3 195.178.38.8 TCP: Interfaces\{47A8B75B-7993-4F3E-8A36-B6073C560767} : NameServer = 195.178.38.3 195.178.38.8 TCP: Interfaces\{884AF92C-3E0E-4464-B8E1-A7352D83A02B} : NameServer = 195.178.38.3 195.178.38.8 TCP: Interfaces\{900C9A5D-A9CE-4B48-9F58-AD94B3D6AB6B} : NameServer = 195.178.38.3 195.178.38.8 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll LSA: Notification Packages = DPPassFilter scecli mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe, x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe /sa3 /nv:3.0 /dne /s x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned> x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\ FF - prefs.js: browser.startup.homepage - about:home FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll . ============= SERVICES / DRIVERS =============== . R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-8-15 31872] R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-8-15 16152] R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2012-8-15 22128] R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-11-22 984144] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-11-22 370288] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-8-15 235520] R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-1-9 659968] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-11-22 25232] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-11-22 71600] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-11-22 44808] R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-5-15 1014096] R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-5-15 1104208] R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-1-17 135952] R2 CxUtilSvc;CxUtilSvc;C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe [2012-8-15 109184] R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-8-15 13592] R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-11 627936] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-8-15 1695040] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-1-31 3289208] R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-8-15 363800] R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2011-8-18 3175728] R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-3-29 2669840] R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584] R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2012-2-13 95232] R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2012-2-13 747008] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2012-8-15 176000] R3 ETD;Dell Touchpad;C:\Windows\System32\drivers\ETD.sys [2012-8-15 201008] R3 ewusbmbb;HUAWEI USB-WWAN miniport;C:\Windows\System32\drivers\ewusbwwan.sys [2012-12-7 421376] R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2012-12-7 86016] R3 ibtfltcoex;ibtfltcoex;C:\Windows\System32\drivers\iBtFltCoex.sys [2012-3-21 60928] R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-8-15 331264] R3 intelkmd;intelkmd;C:\Windows\System32\drivers\igdpmd64.sys [2012-8-15 14745600] R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-8-15 356120] R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-8-15 787736] R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2012-1-27 25496] R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUVStor.sys [2012-8-15 313448] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-8-15 646248] R3 ST_ACCEL;STMicroelectronics Accelerometer Service;C:\Windows\System32\drivers\ST_ACCEL.sys [2012-8-15 67184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-19 138576] S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-4-10 166912] S2 mts mobilni internet. RunOuc;mts mobilni internet. OUC;C:\Program Files (x86)\mts mobilni internet\UpdateDog\ouc.exe [2012-12-7 239968] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944] S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\System32\drivers\AmpPal.sys [2012-1-9 195584] S3 athur;Wireless Network Adapter Service;C:\Windows\System32\drivers\athurx.sys [2012-11-22 1847296] S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-5-15 1304912] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2012-12-7 117248] S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2012-12-7 13952] S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-3 1432400] S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2012-1-27 34200] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-3-29 273168] S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2011-12-14 25072] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184] . =============== Created Last 30 ================ . 2013-04-19 11:14:11 -------- d-----w- C:\R.G. Catalyst 2013-04-19 08:09:32 -------- d-----w- C:\ProgramData\Media Center Programs 2013-04-19 07:00:08 -------- d-----w- C:\Users\vinko\AppData\Local\Sniper Elite Nazi Zombie Army 2013-04-19 06:53:46 -------- d-----w- C:\Program Files (x86)\Sniper Elite Nazi Zombie Army 2013-04-19 06:46:11 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation 2013-04-08 06:41:27 -------- d-----w- C:\Program Files (x86)\The Walking Dead Survival Instinct 2013-04-06 10:27:37 -------- d-----w- C:\steamapps 2013-04-06 10:27:36 -------- d-----w- C:\ProgramData\Steam 2013-04-06 09:52:43 -------- d-----w- C:\Program Files (x86)\AGB-GT 2013-04-05 10:39:11 -------- d-----w- C:\Users\vinko\AppData\Roaming\XRay Engine 2013-04-03 09:12:59 -------- d-----w- C:\Users\vinko\AppData\Local\Diagnostics 2013-03-30 17:06:20 -------- d-----w- C:\Users\vinko\AppData\Local\Microsoft Games . ==================== Find3M ==================== . 2013-03-13 12:33:04 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-03-13 12:33:03 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-13 12:32:46 16486616 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2013-02-20 07:13:26 103736 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2013-02-20 07:13:18 669184 ----a-w- C:\Windows\SysWow64\pbsvc.exe 2013-02-20 07:13:18 66872 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2013-02-08 09:00:22 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll . ============= FINISH: 15:29:14,30 ===============

Profil

TwinHeadedEagle Poslao: 19 Apr 2013 15:39 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Takodje, isprati i sledece uputstvo Preuzmite program GMER sa donjeg linka na Desktop: GMER download Kliknite dati link; Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save. Dvoklikom pokrenite GMER. Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No; kliknite Scan i sačekajte da skeniranje bude završeno; kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1); kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan; po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2); kliknite taster >>> i odaberite Autostart karticu; po završetku kratkotrajnog skeniranja, kliknite Copy; otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3); Slikoviti prikaz postupka Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

Profil

Blue Poslao: 19 Apr 2013 16:16 Idi na vrh
offline Blue Elitni građanin Pridružio: 06 Avg 2003 Poruke: 2214	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png

Profil

TwinHeadedEagle Poslao: 19 Apr 2013 16:21 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi RogueKiller i sačuvaj ga na Desktop Privremeno zatvori sve aktivne programe. Dvoklikom pokreni RogueKiller i pričekaj da se inicijalno skeniranje završi. Klikni na dugme Scan Po završenom skeniranju, biće kreiran izveštaj na desktopu pod nazivom RKreport.txt Klikni na dugme Delete Po završetku, biće kreiran izveštaj na desktopu pod nazivom RKreport.txt Klikni na dugme ShortcutsFix Takođe, po završetku, biće kreiran izveštaj na desktopu pod nazivom RKreport.txt Potrebno je priloziti sve RK report.txt izvestaje na uvid (koristeći opciju Prikači fajl).

Profil

Blue Poslao: 19 Apr 2013 16:31 Idi na vrh
offline Blue Elitni građanin Pridružio: 06 Avg 2003 Poruke: 2214	1Ovo se svidja korisniku: magna86 Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png https://www.mycity.rs/must-login.png

Profil

TwinHeadedEagle Poslao: 19 Apr 2013 16:43 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1. Ponovo pokreni RogueKiller i klikni na Fix DNS. Nakon restarta racunara dostavi izvestaj koji ti izbaci. Korak 2. Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix; u prozoru koji se otvori klikni "I Agree". U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku; Nemoj kliktati u okviru ComboFix prozora dok radi jer to može usporiti rad alata; Nemoj ponovo pokretati ComboFix na svoju ruku - javi se u temi bilo kakav problem da imaš tokom prvog pokretanja alata; Ako nakon restarta dobijaš grešku prilikom startovanja pojedinih programa da su označeni za brisanje (Illegal operation attempted on a registry key that has been marked for deletion), onda ponovo restartuj sistem i to ce rešiti problem.

Profil

Blue Poslao: 20 Apr 2013 08:14 Idi na vrh
offline Blue Elitni građanin Pridružio: 06 Avg 2003 Poruke: 2214	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: nisam imao juce vremena da se posvetim resenju zbog posla ... evo report... https://www.mycity.rs/must-login.png RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : vinko [Admin rights] Mode : DNSFix -- Date : 04/20/2013 07:40:46 \| ARK \|\| FAK \|\| MBR \| ¤¤¤ Bad processes : 1 ¤¤¤ [SUSP PATH] ouc.exe -- C:\ProgramData\mts mobilni internet\OnlineUpdate\ouc.exe [7] -> KILLED [TermProc] ¤¤¤ Registry Entries : 8 ¤¤¤ [DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{467EDBCC-FB8C-442A-8D6D-ED4E9EFF588A} : NameServer (195.178.38.3 195.178.38.8) -> REPLACED () [DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{47A8B75B-7993-4F3E-8A36-B6073C560767} : NameServer (195.178.38.3 195.178.38.8) -> REPLACED () [DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{884AF92C-3E0E-4464-B8E1-A7352D83A02B} : NameServer (195.178.38.3 195.178.38.8) -> REPLACED () [DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{900C9A5D-A9CE-4B48-9F58-AD94B3D6AB6B} : NameServer (195.178.38.3 195.178.38.8) -> REPLACED () [DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{467EDBCC-FB8C-442A-8D6D-ED4E9EFF588A} : NameServer (195.178.38.3 195.178.38.8) -> REPLACED () [DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{47A8B75B-7993-4F3E-8A36-B6073C560767} : NameServer (195.178.38.3 195.178.38.8) -> REPLACED () [DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{884AF92C-3E0E-4464-B8E1-A7352D83A02B} : NameServer (195.178.38.3 195.178.38.8) -> REPLACED () [DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{900C9A5D-A9CE-4B48-9F58-AD94B3D6AB6B} : NameServer (195.178.38.3 195.178.38.8) -> REPLACED () ¤¤¤ Driver : [NOT LOADED] ¤¤¤ Finished : << RKreport[4]_DN_04202013_02d0740.txt >> RKreport[1]_S_04192013_02d1626.txt ; RKreport[2]_D_04192013_02d1627.txt ; RKreport[3]_SC_04192013_02d1628.txt ; RKreport[4]_DN_04202013_02d0740.txt https://www.mycity.rs/must-login.png ComboFix 13-04-19.01 - vinko 20.04.2013 8:00.1.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1250.381.1033.18.6046.3989 [GMT 2:00] Running from: c:\users\vinko\Desktop\ComboFix.exe AV: avast! Antivirus Disabled/Updated {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus Disabled/Updated {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender Enabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\install.exe c:\programdata\Roaming c:\windows\assembly\GAC_32\Desktop.ini c:\windows\assembly\GAC_64\Desktop.ini c:\windows\SysWow64\URTTemp c:\windows\SysWow64\URTTemp\regtlib.exe . . ((((((((((((((((((((((((( Files Created from 2013-03-20 to 2013-04-20 ))))))))))))))))))))))))))))))) . . 2013-04-20 06:04 . 2013-04-20 06:04 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-04-19 18:34 . 2013-04-19 18:34 -------- d-----w- c:\users\vinko\AppData\Roaming\LavasoftStatistics 2013-04-19 18:25 . 2013-04-19 18:25 -------- d-----w- c:\programdata\Downloaded Installations 2013-04-19 18:25 . 2013-04-20 05:35 -------- d-----w- c:\programdata\Search Protection 2013-04-19 18:25 . 2013-04-19 18:25 -------- d-----w- c:\users\vinko\AppData\Local\adawarebp 2013-04-19 18:25 . 2013-04-19 18:25 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection 2013-04-19 18:22 . 2013-04-19 18:22 14456 ----a-w- c:\windows\system32\drivers\gfibto.sys 2013-04-19 14:27 . 2009-07-14 01:39 328704 ----a-w- c:\windows\system32\services.exe 2013-04-19 14:20 . 2013-04-19 14:20 27256 ----a-w- c:\windows\system32\drivers\FixZeroAccess.sys 2013-04-19 11:14 . 2013-04-19 11:14 -------- d-----w- C:\R.G. Catalyst 2013-04-19 08:09 . 2013-04-19 09:09 -------- d-----w- c:\programdata\Media Center Programs 2013-04-19 07:00 . 2013-04-19 07:02 -------- d-----w- c:\users\vinko\AppData\Local\Sniper Elite Nazi Zombie Army 2013-04-19 06:53 . 2013-04-19 06:57 -------- d-----w- c:\program files (x86)\Sniper Elite Nazi Zombie Army 2013-04-19 06:46 . 2013-04-19 06:46 -------- d-----w- c:\program files (x86)\AGEIA Technologies 2013-04-19 06:46 . 2013-04-19 06:46 -------- d-----w- c:\program files (x86)\NVIDIA Corporation 2013-04-08 06:41 . 2013-04-11 07:27 -------- d-----w- c:\program files (x86)\The Walking Dead Survival Instinct 2013-04-06 10:27 . 2013-04-06 10:27 -------- d-----w- C:\steamapps 2013-04-06 10:27 . 2013-04-06 10:27 -------- d-----w- c:\programdata\Steam 2013-04-06 09:52 . 2013-04-08 06:36 -------- d-----w- c:\program files (x86)\AGB-GT 2013-04-05 10:39 . 2013-04-05 10:39 -------- d-----w- c:\users\vinko\AppData\Roaming\XRay Engine 2013-04-03 09:12 . 2013-04-03 09:12 -------- d-----w- c:\users\vinko\AppData\Local\Diagnostics 2013-03-30 17:06 . 2013-03-30 17:56 -------- d-----w- c:\users\vinko\AppData\Local\Microsoft Games . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-03-13 12:33 . 2012-08-15 03:29 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-03-13 12:33 . 2012-08-15 03:29 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-13 12:32 . 2013-03-13 12:32 16486616 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2013-02-20 07:13 . 2012-12-01 18:16 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2013-02-20 07:13 . 2013-02-20 07:13 669184 ----a-w- c:\windows\SysWow64\pbsvc.exe 2013-02-20 07:13 . 2012-12-01 18:16 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2013-02-08 09:00 . 2013-02-08 09:00 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-02-29 56088] "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-17 291608] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-03-05 343168] "RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336] "PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-17 50472] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2012-03-06 577024] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-16 35736] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-16 932288] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136] "WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-12-09 74752] "PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2012-08-24 336992] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2013-01-31 542632] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer3"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ DPPassFilter scecli . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-02-01 13592] R2 mts mobilni internet. RunOuc;mts mobilni internet. OUC;c:\program files (x86)\mts mobilni internet\UpdateDog\ouc.exe [2012-12-07 239968] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944] R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-01-21 363800] R3 ALSysIO;ALSysIO;c:\users\vinko\AppData\Local\Temp\ALSysIO64.sys [x] R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2012-01-09 195584] R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296] R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2012-05-15 1304912] R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2012-12-07 117248] R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2012-12-07 13952] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-03 1432400] R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2012-01-26 34200] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2012-03-29 273168] R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2011-12-14 25072] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys [2012-02-01 31872] S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [2013-04-19 14456] S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys [2012-01-28 16152] S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [2011-07-16 22128] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-03-04 235520] S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-01-09 659968] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600] S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-05-15 1014096] S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2012-05-15 1104208] S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-01-17 135952] S2 CxUtilSvc;CxUtilSvc;c:\program files\Conexant\SA3\CxUtilSvc.exe [2011-10-11 109184] S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-04-10 166912] S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [2011-03-14 346976] S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-01-11 627936] S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2012-02-16 1695040] S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-01-31 3289208] S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2011-08-18 3175728] S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-03-29 2669840] S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-01-09 195584] S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2012-02-13 95232] S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2012-02-13 747008] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-06-16 176000] S3 ETD;Dell Touchpad;c:\windows\system32\DRIVERS\ETD.sys [2012-03-14 201008] S3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [2012-12-07 421376] S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2012-12-07 86016] S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2012-03-21 60928] S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-05 331264] S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2012-03-19 14745600] S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-01-28 356120] S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-01-28 787736] S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2012-01-26 25496] S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys [2012-02-01 313448] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-11-29 646248] S3 ST_ACCEL;STMicroelectronics Accelerometer Service;c:\windows\system32\DRIVERS\ST_ACCEL.sys [2012-01-04 67184] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-04-11 06:46 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-04-19 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 12:33] . 2013-04-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-22 19:26] . 2013-04-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-22 19:26] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ETDCtrl"="c:\program files\Elantech\ETDCtrl.exe" [2012-03-14 2894640] "SmartAudio"="c:\program files\CONEXANT\SA3\SACpl.exe" [2011-09-08 1628288] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-19 170264] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-19 398616] "Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-19 439064] "BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-03-15 178960] . ------- Supplementary Scan ------- . uStart Page = hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=BBAC53DF2359BC138B138051718C01CC IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 Trusted Zone: autodesk.com\www TCP: Interfaces\{47A8B75B-7993-4F3E-8A36-B6073C560767}: NameServer = 195.178.38.3 195.178.38.8 FF - ProfilePath - c:\users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\ FF - prefs.js: browser.search.selectedEngine - SecureSearch FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= FF - ExtSQL: 2013-04-19 20:25; jid1-yZwVFzbsyfMrqQ@jetpack; c:\users\vinko\AppData\Roaming\Mozilla\Firefox\Profiles\f8luua6q.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe Wow6432Node-HKLM-Run-NBKeyScan - c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe Wow6432Node-HKLM-Run-SearchProtection - c:\programdata\Search Protection\_run.bat Toolbar-Locked - (no file) AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0] "ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\programdata\mts mobilni internet\OnlineUpdate\ouc.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE c:\program files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe c:\program files\AVAST Software\Avast\AvastEmUpdate.exe c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe . ************************************************************************** . Completion time: 2013-04-20 08:08:22 - machine was rebooted ComboFix-quarantined-files.txt 2013-04-20 06:08 . Pre-Run: 304.525.152.256 bytes free Post-Run: 307.774.521.344 bytes free . - - End Of File - - AE466524E8E0B616E1F2CE0D1CFCE7BD

Profil

TwinHeadedEagle Poslao: 20 Apr 2013 16:57 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Malware je uklonjen, kakvo je stanje sada?

Profil

MyCity » Ambulanta -> Arhiva Ambulante » win32:sirefef-ZT problem

Ko je trenutno na forumu

Ukupno su 1117 korisnika na forumu :: 55 registrovanih, 10 sakrivenih i 1052 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: _Rade, A.R.Chafee.Jr., Apok, babaroga, Battlehammer, bestguarder, bojank, Bokiboks, BRATORIII, ccoogg123, Dimitrije Paunovic, Dimitrise93, dmdr, dragoljub11987, flash12, Georgius, gorican, goxin, ILGromovnik, Karla, kjkszpj, Koridor 11, Lucije Kvint, Marko Marković, MB120mm, mercedesamg, Mi lao shu, milutin134, nemkea71, Neutral-M, nuke92, ObelixSRB, opt1, Parker, pavlo, Pohovani_00, Polemarchoi, raso7, rasok, Rogan33, sasa87, sevenino, SlaKoj, Smiljke, Srky Boy, Tvrtko I, vathra, voja64, W123, wizzardone, YugoSlav, zbazin, ZetaMan, žeks62, 1107

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by