MyCity » Ambulanta -> Arhiva Ambulante » Problem-blokira mi pristup internetu

Problem-blokira mi pristup internetu

Napisano na dan: 12.1.2012

Problem-blokira mi pristup internetu

Sledeća strana

Pagination

Odgovori

lanmi1983 Poslao: 13 Jan 2012 18:34 Idi na vrh
offline lanmi1983 Građanin Pridružio: 28 Feb 2009 Poruke: 190 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 12 Jan 2012 23:18 Ne znam ni sam sta se desilo. Da li je do toga sto sam pokusao da instaliram jedan codec ili je problem nastao prilikom apdejta windowsa ne znam. Deinstalirao sam ceo apdejt koji je odradjen juce ali isto se ponavlja. Jednostavno ne mogu da se nakacim na net. Tacnije net nestane posle par minuta. Nije do operatera, proverio sam. AV nije nasao nista. Net je 2mb. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_29 Run by Milan at 22:37:50 on 2012-01-12 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3071.1785 [GMT 1:00] . AV: avast! Antivirus Enabled/Updated {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus Enabled/Updated {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\Windows\system32\atieclxx.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Windows\PixArt\PAC7302\Monitor.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files\WinFast\WFDTV\DTVSchdl.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Real\RealPlayer\Update\realsched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\WinFast\WFDTV\WFWIZ.exe C:\Users\Milan\AppData\Local\Google\Update\GoogleUpdate.exe C:\Program Files\System Explorer\SystemExplorer.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Samsung\Kies\KiesTrayAgent.exe C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Program Files\Clip2Net\clip2net.exe C:\Program Files\Innovative Solutions\DriverMax\devices.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\msiexec.exe C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://mystart.incredimail.com/ BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [WinFast Schedule] c:\program files\winfast\wfdtv\WFWIZ.exe uRun: [Google Update] "c:\users\milan\appdata\local\google\update\GoogleUpdate.exe" /c uRun: [SystemExplorerAutoStart] "c:\program files\system explorer\SystemExplorer.exe" /TRAY uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [KiesHelper] c:\program files\samsung\kies\KiesHelper.exe /s uRun: [KiesTrayAgent] c:\program files\samsung\kies\KiesTrayAgent.exe uRun: [KiesPDLR] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe uRun: [Clip2Net] c:\program files\clip2net\clip2net.exe uRun: [DriverMax] "c:\program files\innovative solutions\drivermax\devices.exe" -agent uRun: [DriverMax_RESTART] mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe mRun: [WinFastDTV] c:\program files\winfast\wfdtv\DTVSchdl.exe mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript mRun: [TaskTray] mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab DPF: {7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} - hxxps://browsercheck.qualys.com/qbc_ax.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 89.216.1.30 89.216.1.50 TCP: Interfaces\{18C13F6D-16F3-4DFD-9B4E-C569B5D397F8} : DhcpNameServer = 89.216.1.30 89.216.1.50 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\milan\appdata\roaming\mozilla\firefox\profiles\44i97uce.default\ FF - prefs.js: browser.search.selectedEngine - ChatVibes Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - prefs.js: keyword.URL - hxxp://search.ChatVibes.com/?q= FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll FF - component: c:\programdata\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll FF - plugin: c:\users\milan\appdata\local\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\users\milan\appdata\roaming\mozilla\firefox\profiles\44i97uce.default\extensions\{7d2fb79e-e58c-4db5-a36f-ac1c73967f4d}\plugins\npqbc.dll . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-4-11 435032] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-6-24 314456] R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files\hwinfo32\HWiNFO32.SYS [2011-9-19 21112] R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2011-6-6 64952] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-5-27 176128] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-6-24 20568] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-6-24 55128] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-12-3 44768] R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2010-8-4 6096384] R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-8-4 214016] R3 SrvHsfPCI;SrvHsfPCI;c:\windows\system32\drivers\VSTBS23.SYS [2009-7-13 266752] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504] R3 WFLR6654;WinFast TV2000 XP Expert (FM1216MK3);c:\windows\system32\drivers\wfeaglxt.sys [2009-10-21 433920] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-6-5 136176] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [2011-7-9 30312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2011-7-21 23456] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-6-5 136176] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-6-24 22216] S3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\system32\svchost.exe -k nosGetPlusHelper [2009-7-14 20992] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-6-15 15872] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2011-7-9 121064] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2011-7-9 12776] S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2011-7-9 136808] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [2011-7-9 114280] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-15 52224] S4 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-11-6 366152] . =============== Created Last 30 ================ . 2012-01-11 17:11:30 48648 ----a-w- c:\programdata\microsoft\ehome\packages\mceclientux\updateablemarkup-2\Markup.dll 2012-01-11 17:11:28 42776 ----a-w- c:\programdata\microsoft\ehome\packages\mceclientux\dsm-2\StartResources.dll 2012-01-11 01:13:39 -------- d-----w- c:\program files\common files\xing shared 2012-01-11 01:06:18 -------- d-----w- c:\program files\Xvid 2012-01-11 00:55:33 737072 ----a-w- c:\programdata\microsoft\ehome\packages\sportsv2\sportstemplatecore\Microsoft.MediaCenter.Sports.UI.dll 2012-01-11 00:55:23 4283672 ----a-w- c:\programdata\microsoft\ehome\packages\mceclientux\updateablemarkup\markup.dll 2012-01-11 00:55:03 42776 ----a-w- c:\programdata\microsoft\ehome\packages\mceclientux\dsm\StartResources.dll 2012-01-11 00:54:59 539984 ----a-w- c:\programdata\microsoft\ehome\packages\mcespotlight\mcespotlight\SpotlightResources.dll 2012-01-11 00:52:59 -------- d-----w- c:\users\milan\appdata\roaming\RealNetworks 2012-01-02 15:38:58 -------- d-----w- c:\windows\system32\System32 . ==================== Find3M ==================== . 2012-01-11 01:13:01 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-01-11 01:13:01 348160 ----a-w- c:\windows\system32\msvcr71.dll 2011-12-02 16:49:40 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-28 18:01:25 41184 ----a-w- c:\windows\avastSS.scr 2011-11-28 17:53:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-11-28 17:52:07 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-11-24 04:25:27 2342912 ----a-w- c:\windows\system32\win32k.sys 2011-11-05 04:35:00 981504 ----a-w- c:\windows\system32\wininet.dll 2011-11-05 04:26:03 2048 ----a-w- c:\windows\system32\tzres.dll 2011-11-05 02:48:51 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2011-10-26 04:47:40 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-26 04:47:40 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-26 04:28:12 38912 ----a-w- c:\windows\system32\csrsrv.dll 2011-10-15 05:38:59 534528 ----a-w- c:\windows\system32\EncDec.dll . ============= FINISH: 22:39:47.89 =============== mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png Dopuna: 13 Jan 2012 18:34 ostao sam skroz bez internet konekcije znam da imate guzvu i ovde i u rl ali se nadam nekom brzom resenju

Profil

dr_Bora Poslao: 13 Jan 2012 21:35 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Ne bi se reklo da ovde postoji aktivan malware. Preporučujem da potražiš savete u http://www.mycity.rs/Kablovski-provajderi/ Kada rešiš problem sa konekcijom, možemo izvršiti neke dodatne provere (čini se da je ranije bilo nekih infekcija, pa da to uklonimo).

Profil

lanmi1983 Poslao: 13 Jan 2012 21:48 Idi na vrh
offline lanmi1983 Građanin Pridružio: 28 Feb 2009 Poruke: 190 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sta se desava ni sam ne znam U poslednjih pola sata dva puta se pojavila konekcija i nestajala. Sad ponovo imam. Zvao sam provajder i rekose da ce poslati nekog da proveru sta se desava. Pa ajde da odradim ovo sto ste rekli vezano za ciscenje ako ima nesto, dok jos uvek imam net

Profil

dr_Bora Poslao: 13 Jan 2012 21:54 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	1Ovo se svidja korisniku: Springfield Registruj se da bi pohvalio/la poruku! Da bacimo pogled iz drugog ugla... Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

lanmi1983 Poslao: 13 Jan 2012 22:19 Idi na vrh
offline lanmi1983 Građanin Pridružio: 28 Feb 2009 Poruke: 190 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 12-01-13.03 - Milan 01/13/2012 22:06:37.1.2 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3071.1954 [GMT 1:00] Running from: c:\users\Milan\Desktop\ComboFix.exe AV: avast! Antivirus Disabled/Updated {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus Disabled/Updated {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Milan\AppData\Local\Temp\bad4021e-8b96-4726-a482-7caebf5bc001\CliSecureRT.dll c:\users\Milan\AppData\Roaming\mIRC\logs\status.log c:\windows\system32\muzapp.exe c:\windows\system32\system32 c:\windows\system32\system32\3DAudio.ax c:\windows\system32\system32\avrt.dll c:\windows\system32\system32\cis-2.4.dll c:\windows\system32\system32\issacapi_bs-2.3.dll c:\windows\system32\system32\issacapi_pe-2.3.dll c:\windows\system32\system32\issacapi_se-2.3.dll c:\windows\system32\system32\MACXMLProto.dll c:\windows\system32\system32\MaDRM.dll c:\windows\system32\system32\MaJGUILib.dll c:\windows\system32\system32\MAMACExtract.dll c:\windows\system32\system32\MASetupCleaner.exe c:\windows\system32\system32\MaXMLProto.dll c:\windows\system32\system32\mfplat.dll c:\windows\system32\system32\MK_Lyric.dll c:\windows\system32\system32\MSCLib.dll c:\windows\system32\system32\MSFLib.dll c:\windows\system32\system32\MSLUR71.dll c:\windows\system32\system32\msvcp60.dll c:\windows\system32\system32\MTTELECHIP.dll c:\windows\system32\system32\MTXSYNCICON.dll c:\windows\system32\system32\muzaf1.dll c:\windows\system32\system32\muzapp.dll c:\windows\system32\system32\muzapp.exe c:\windows\system32\system32\muzdecode.ax c:\windows\system32\system32\muzeffect.ax c:\windows\system32\system32\muzmp4sp.ax c:\windows\system32\system32\muzmpgsp.ax c:\windows\system32\system32\muzoggsp.ax c:\windows\system32\system32\muzwmts.dll c:\windows\system32\system32\psapi.dll . . ((((((((((((((((((((((((( Files Created from 2011-12-13 to 2012-01-13 ))))))))))))))))))))))))))))))) . . 2012-01-13 21:12 . 2012-01-13 21:12 -------- d-----w- c:\users\Guest\AppData\Local\temp 2012-01-13 21:12 . 2012-01-13 21:12 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-01-13 17:44 . 2012-01-13 17:44 388096 ----a-r- c:\users\Milan\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-01-13 17:44 . 2012-01-13 17:44 -------- d-----w- c:\program files\Trend Micro 2012-01-12 19:51 . 2012-01-13 16:38 -------- d-----w- c:\users\Guest\AppData\Local\Diagnostics 2012-01-11 17:11 . 2012-01-11 17:11 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll 2012-01-11 17:11 . 2012-01-11 17:11 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2012-01-11 01:13 . 2012-01-11 01:13 -------- d-----w- c:\program files\Common Files\xing shared 2012-01-11 01:06 . 2012-01-11 23:08 -------- d-----w- c:\program files\Xvid 2012-01-11 00:55 . 2012-01-11 00:55 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2012-01-11 00:55 . 2012-01-11 00:55 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2012-01-11 00:55 . 2012-01-11 00:55 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2012-01-11 00:54 . 2012-01-11 00:54 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-01-11 00:52 . 2012-01-11 00:52 -------- d-----w- c:\users\Milan\AppData\Roaming\RealNetworks . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-11 01:13 . 2011-12-01 16:52 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-01-11 01:13 . 2011-12-01 16:52 348160 ----a-w- c:\windows\system32\msvcr71.dll 2011-12-02 16:49 . 2011-07-21 15:51 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-11-28 18:01 . 2010-06-30 06:23 41184 ----a-w- c:\windows\avastSS.scr 2011-11-28 18:01 . 2010-06-24 06:44 199816 ----a-w- c:\windows\system32\aswBoot.exe 2011-11-28 17:53 . 2011-04-11 21:03 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-11-28 17:53 . 2010-06-24 06:44 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-11-28 17:52 . 2010-06-24 06:44 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-11-28 17:52 . 2010-06-24 06:44 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-11-28 17:52 . 2010-06-24 06:44 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-11-28 17:51 . 2010-06-24 06:44 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-11-24 04:25 . 2011-12-13 20:00 2342912 ----a-w- c:\windows\system32\win32k.sys 2011-11-05 04:35 . 2011-12-13 20:00 981504 ----a-w- c:\windows\system32\wininet.dll 2011-11-05 04:26 . 2011-12-13 19:59 2048 ----a-w- c:\windows\system32\tzres.dll 2011-11-05 02:48 . 2011-12-13 20:00 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2011-10-26 04:47 . 2011-12-13 19:59 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-10-26 04:47 . 2011-12-13 19:59 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-10-26 04:28 . 2011-12-13 19:59 38912 ----a-w- c:\windows\system32\csrsrv.dll 2011-09-10 13:08 . 2011-05-06 19:46 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] "WinFast Schedule"="c:\program files\WinFast\WFDTV\WFWIZ.exe" [2010-08-11 2920448] "SystemExplorerAutoStart"="c:\program files\System Explorer\SystemExplorer.exe" [2011-07-13 3253576] "KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-12-27 937360] "KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-12-27 3508624] "KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-12-27 21392] "Clip2Net"="c:\program files\Clip2Net\clip2net.exe" [2009-10-07 1635328] "DriverMax"="c:\program files\Innovative Solutions\DriverMax\devices.exe" [2011-08-22 9250728] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-06-08 9267816] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304] "PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584] "ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424] "WinFastDTV"="c:\program files\WinFast\WFDTV\DTVSchdl.exe" [2010-06-09 101888] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2012-01-11 296056] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux4"=wdmaud.drv . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Milan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] path=c:\users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare] 2010-03-04 12:31 311296 ----a-w- c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax] 2011-08-22 11:53 9250728 ----a-w- c:\program files\Innovative Solutions\DriverMax\devices.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverMax_RESTART] 2011-08-22 11:53 9250728 ----a-w- c:\program files\Innovative Solutions\DriverMax\devices.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail] 2010-07-26 14:15 353736 ----a-w- c:\program files\IncrediMail\Bin\IncMail.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper] 2011-12-27 14:21 937360 ----a-w- c:\program files\Samsung\Kies\KiesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR] 2011-12-27 14:21 21392 ----a-w- c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] 2011-12-27 14:21 3508624 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] 2010-06-01 08:17 5252408 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2010-04-16 20:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2011-06-09 11:06 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2012-01-11 01:13 296056 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] 2011-07-11 21:47 74752 ----a-w- c:\program files\Winamp\winampa.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFast Schedule] 2010-08-11 14:11 2920448 ----a-w- c:\program files\WinFast\WFDTV\WFWIZ.exe . R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-06-05 136176] R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 30312] R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x] R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2011-07-21 23456] R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-06-05 136176] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216] R3 nosGetPlusHelper;getPlus(R) Helper 3004;c:\windows\System32\svchost.exe [2009-07-14 20992] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872] R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 121064] R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 12776] R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 136808] R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-06-02 114280] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R4 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [2011-08-23 21112] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-03 176128] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-04 6096384] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-03 214016] S3 SrvHsfPCI;SrvHsfPCI;c:\windows\system32\DRIVERS\VSTBS23.SYS [2009-07-13 266752] S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992] S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504] S3 WFLR6654;WinFast TV2000 XP Expert (FM1216MK3);c:\windows\system32\drivers\wfeaglxt.sys [2009-10-21 433920] . . --- Other Services/Drivers In Memory --- . NewlyCreated - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper . Contents of the 'Scheduled Tasks' folder . 2012-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-06-05 18:28] . 2012-01-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-06-05 18:28] . 2012-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4088880799-2092540738-2467576278-1001Core.job - c:\users\Milan\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-10 18:22] . 2012-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4088880799-2092540738-2467576278-1001UA.job - c:\users\Milan\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-10 18:22] . . ------- Supplementary Scan ------- . uStart Page = hxxp://mystart.incredimail.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 89.216.1.30 89.216.1.50 FF - ProfilePath - c:\users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\44i97uce.default\ FF - prefs.js: browser.search.selectedEngine - ChatVibes Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.com FF - prefs.js: keyword.URL - hxxp://search.ChatVibes.com/?q= . - - - - ORPHANS REMOVED - - - - . WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-DriverMax_RESTART - (no file) HKLM-Run-TaskTray - (no file) MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe MSConfigStartUp-UpdateMyDrivers - c:\program files\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe AddRemove-Angel Script v2.0 - c:\users\Milan\Desktop\Angel scr\Uninstal.exe AddRemove-Professional §©®ÎÞt v.2 - c:\users\Milan\Desktop\ProfSkr\Uninstal.exe AddRemove-Samsung Mobile phone USB driver Drive - c:\windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe AddRemove-mTv Sk®ipT v2.0 - c:\users\Milan\Desktop\mtv scr\Uninstal.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\atieclxx.exe c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe c:\program files\CDBurnerXP\NMSAccessU.exe c:\windows\system32\taskhost.exe c:\windows\system32\conhost.exe c:\windows\system32\sppsvc.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Completion time: 2012-01-13 22:18:17 - machine was rebooted ComboFix-quarantined-files.txt 2012-01-13 21:18 . Pre-Run: 18,060,951,552 bytes free Post-Run: 17,890,230,272 bytes free . - - End Of File - - 4EEA52F383435CEC77939BA1EA32CE9E

Profil

dr_Bora Poslao: 13 Jan 2012 23:44 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `DeQuarantine:: C:\Qoobox\Quarantine\C\WINDOWS\system32\System32 C:\Qoobox\Quarantine\C\WINDOWS\system32\muzapp.exe.vir Quit::` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

lanmi1983 Poslao: 14 Jan 2012 00:23 Idi na vrh
offline lanmi1983 Građanin Pridružio: 28 Feb 2009 Poruke: 190 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! C:\Qoobox\Quarantine\C\WINDOWS\system32\muzapp.exe.vir -> C:\WINDOWS\system32\muzapp.exe ( 172032 bytes ) C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\3DAudio.ax -> C:\WINDOWS\system32\System32\3DAudio.ax C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\avrt.dll -> C:\WINDOWS\system32\System32\avrt.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\cis-2.4.dll -> C:\WINDOWS\system32\System32\cis-2.4.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\issacapi_bs-2.3.dll -> C:\WINDOWS\system32\System32\issacapi_bs-2.3.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\issacapi_pe-2.3.dll -> C:\WINDOWS\system32\System32\issacapi_pe-2.3.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\issacapi_se-2.3.dll -> C:\WINDOWS\system32\System32\issacapi_se-2.3.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\MACXMLProto.dll -> C:\WINDOWS\system32\System32\MACXMLProto.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\MaDRM.dll -> C:\WINDOWS\system32\System32\MaDRM.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\MaJGUILib.dll -> C:\WINDOWS\system32\System32\MaJGUILib.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\MAMACExtract.dll -> C:\WINDOWS\system32\System32\MAMACExtract.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\MASetupCleaner.exe -> C:\WINDOWS\system32\System32\MASetupCleaner.exe C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\MaXMLProto.dll -> C:\WINDOWS\system32\System32\MaXMLProto.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\mfplat.dll -> C:\WINDOWS\system32\System32\mfplat.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\MK_Lyric.dll -> C:\WINDOWS\system32\System32\MK_Lyric.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\MSCLib.dll -> C:\WINDOWS\system32\System32\MSCLib.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\MSFLib.dll -> C:\WINDOWS\system32\System32\MSFLib.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\MSLUR71.dll -> C:\WINDOWS\system32\System32\MSLUR71.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\msvcp60.dll -> C:\WINDOWS\system32\System32\msvcp60.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\MTTELECHIP.dll -> C:\WINDOWS\system32\System32\MTTELECHIP.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\MTXSYNCICON.dll -> C:\WINDOWS\system32\System32\MTXSYNCICON.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\muzaf1.dll -> C:\WINDOWS\system32\System32\muzaf1.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\muzapp.dll -> C:\WINDOWS\system32\System32\muzapp.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\muzapp.exe -> C:\WINDOWS\system32\System32\muzapp.exe C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\muzdecode.ax -> C:\WINDOWS\system32\System32\muzdecode.ax C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\muzeffect.ax -> C:\WINDOWS\system32\System32\muzeffect.ax C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\muzmp4sp.ax -> C:\WINDOWS\system32\System32\muzmp4sp.ax C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\muzmpgsp.ax -> C:\WINDOWS\system32\System32\muzmpgsp.ax C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\muzoggsp.ax -> C:\WINDOWS\system32\System32\muzoggsp.ax C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\muzwmts.dll -> C:\WINDOWS\system32\System32\muzwmts.dll C:\Qoobox\Quarantine\C\WINDOWS\system32\System32\psapi.dll -> C:\WINDOWS\system32\System32\psapi.dll 30 File(s) copied

Profil

dr_Bora Poslao: 14 Jan 2012 12:50 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! OK, to je sve. Ovde nema malware, a ono što je bilo sumnjivo ipak pripada legitimnom programu (vrlo čudan izbor foldera, ali ipak legitimno). Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. Možeš obrisati i sve ostale korišćene programe.

Profil

lanmi1983 Poslao: 14 Jan 2012 13:30 Idi na vrh
offline lanmi1983 Građanin Pridružio: 28 Feb 2009 Poruke: 190 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odradjeno sve. Hvala puno na pomoci. Cini mi se da se delom i net konekcija poboljsala. Videcu do kad ce biti tako. Zvao sam ponovo sbb i rekose da ce poslati nekog od tehnicara da pogleda ruter, posto su primetio sam menjali ip adrese. Mada je meni dinamicka ali sinoc mi je komp izbacio da windows ne prepoznaje automatsko podesavanje ip adrese. To cu videti u win podforumu. Tebi hvala na ovoj pomoci.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Problem-blokira mi pristup internetu

Ko je trenutno na forumu

Ukupno su 744 korisnika na forumu :: 2 registrovanih, 0 sakrivenih i 742 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: hyla, Koridor

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by