problem sa ucitawanjem facebook - a

1

problem sa ucitawanjem facebook - a

offline
  • Pridružio: 19 Jul 2011
  • Poruke: 22

ok.... sta dalje da radimmmm - - - - - GUZ - Glavom U Zid

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Potrebno je da detaljno (recenicu po recenicu) procitas sledece Uputstvo: http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Isprati sve sto tamo pise i postavi dijagnosticke izvestaje.





Ukoliko imas nekih nedoumica, pogledaj par tema u Ambulanti ne bi li video kako su ostali clanovi otvarali temu.







goran9888 (AMF Tim)

offline
  • Pridružio: 19 Jul 2011
  • Poruke: 22

Napisano: 20 Jul 2011 1:21

DDS (Ver_2011-07-14.01) - NTFS_x86
Internet Explorer: 7.0.5730.13
Run by Administrator at 15:18:52 on 2011-07-01
.
============== Running Processes ================
.
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\Explorer.EXE
C:\Users\Administrator\Application Data\dwm.exe
C:\Users\Administrator\Application Data\Microsoft\conhost.exe
C:\Windows\Temp\csrss.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\BisonCam\BisonHK.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\windows\AGRSMMSG.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Onda Connection Manager\UIMain.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\windows\update.5.0\svchost.exe
C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
C:\windows\update.5.0\svchost.exe
C:\windows\System32\alg.exe
C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\windows\ufa\ufa.exe
C:\Program Files\System\CPL Bonus\pserv2.exe
C:\windows\System32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k WudfServiceGroup
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uWindow Title = IE
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://www.bigseekpro.com/facesmooch3/{E0BA5896-372C-440F-B14E-34317B2ED4DC}
uProxyServer = hxxp=127.0.0.1:56889
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://start.facemoods.com/?a=grupo&s={searchTerms}&f=4
uURLSearchHooks: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} -
uURLSearchHooks: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\youtube downloader toolbar\ie\4.4\youtubedownloaderToolbarIE.dll
uURLSearchHooks: DVDVideoSoftTB Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - c:\program files\dvdvideosoft\prxtbDVD2.dll
uURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\prxtbDVD0.dll
dURLSearchHooks: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} -
uWinlogon: Shell = explorer.exe,c:\users\administrator\application data\dwm.exe
uWindows: Load = c:\windows\temp\csrss.exe
mWinlogon: Userinit = c:\windows\system32\userinit.exe,c:\windows\system32\mpk\mpk.exe
mWinlogon: TaskMan = c:\users\administrator\ctfmon.exe
mWinlogon: SFCDisable = dword:-99
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
BHO: E-Zsoft VideoDownloaderToolBar: {4322A444-92F8-4C3E-BD4C-013BA51E2871} - c:\program files\e-zsoft\youtubedownloader\VDTB.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - <orphaned>
BHO: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\prxtbDVD0.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} -
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - LocalServer32 - <no file>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {de4e75d3-60aa-4f02-a0e4-c8a40576574c} - <orphaned>
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: DVDVideoSoftTB Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - c:\program files\dvdvideosoft\prxtbDVD2.dll
BHO: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\youtube downloader toolbar\ie\4.4\youtubedownloaderToolbarIE.dll
BHO: SMTTB2009 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} -
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - LocalServer32 - <no file>
TB: DVDVideoSoftTB Toolbar: {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - c:\program files\dvdvideosoft\prxtbDVD2.dll
TB: DVDVideoSoftTB Toolbar: {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - c:\program files\dvdvideosofttb\prxtbDVD0.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - LocalServer32 - <no file>
TB: E-Zsoft VideoDownloaderToolBar: {4322A444-92F8-4C3E-BD4C-013BA51E2871} - c:\program files\e-zsoft\youtubedownloader\VDTB.dll
TB: DVDVideoSoftTB Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - c:\program files\dvdvideosoft\prxtbDVD2.dll
TB: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\prxtbDVD0.dll
TB: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\youtube downloader toolbar\ie\4.4\youtubedownloaderToolbarIE.dll
TB: AVG Security Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -
TB: HyperCam Toolbar: {338B4DFE-2E2C-4338-9E41-E176D497299E} - LocalServer32 - <no file>
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [BisonHK] c:\windows\bisoncam\BisonHK.exe
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [CanonSolutionMenuEx] c:\program files\canon\solution menu ex\CNSEMAIN.EXE /logon
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [conhost] c:\users\administrator\application data\microsoft\conhost.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
dRunOnce: [NewUser] c:\windows\lastxp\NewUser.cmd
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoSMHelp = dword:1
uPolicies-Explorer: NoSMConfigurePrograms = dword:1
mPolicies-Explorer: NoSMConfigurePrograms = dword:1
mPolicies-System: SynchronousMachineGroupPolicy = dword:0
mPolicies-System: SynchronousUserGroupPolicy = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableSecureUIAPaths = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoSMHelp = dword:1
mPolicies-Explorer: NoSMConfigurePrograms = dword:1
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office11\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\administrator\application data\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
TCP: Interfaces\{225DBB18-2646-4BEF-8224-C6B3EBB431E2} : NameServer = 193.70.152.25 193.70.192.25
TCP: Interfaces\{DB83E9E8-22D7-47F5-94A0-DBD9E03C26BB} : NameServer = 77.105.0.18,77.105.0.19
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
Handler: ipp - <Clsid value has no data>
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: msdaipp - <Clsid value has no data>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\windows\system32\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "c:\program files\outlook express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
mASetup: {7790769C-0471-11d2-AF11-00C04FA35D02} - "c:\program files\outlook express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
IFEO: avnotify.exe - c:\program files\avira\antivir personaledition classic\NoNotify.exe
IFEO: Your Image File Name Here without a path - ntsd -d
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\administrator\application data\mozilla\firefox\profiles\jm2qpstb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=18837
FF - prefs.js: browser.search.selectedEngine - Facemoods Search
FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=grupo
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 56889
FF - prefs.js: network.proxy.type - 1
FF - component: c:\program files\common files\spigot\wtxpcom\components\WidgiToolbarFF.dll
FF - component: c:\users\administrator\application data\mozilla\firefox\profiles\jm2qpstb.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\components\FFExternalAlert.dll
FF - component: c:\users\administrator\application data\mozilla\firefox\profiles\jm2qpstb.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\components\RadioWMPCore.dll
FF - component: c:\users\administrator\application data\mozilla\firefox\profiles\jm2qpstb.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\FFExternalAlert.dll
FF - component: c:\users\administrator\application data\mozilla\firefox\profiles\jm2qpstb.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCore.dll
FF - component: c:\users\administrator\application data\mozilla\firefox\profiles\jm2qpstb.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\FFExternalAlert.dll
FF - component: c:\users\administrator\application data\mozilla\firefox\profiles\jm2qpstb.default\extensions\ffxtlbr@babylon.com\components\FFHst.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\users\administrator\local settings\application data\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - Ext: Adblock Filterset.G Updater: filtersetg@updater - c:\program files\mozilla firefox\extensions\filtersetg@updater
FF - Ext: PDF Download: {37E4D8EA-8BDA-4831-8EA1-89053939A250} - c:\program files\mozilla firefox\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
FF - Ext: IE View: {6e84150a-d526-41f1-a480-a67d3fed910d} - c:\program files\mozilla firefox\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - c:\program files\mozilla firefox\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com
FF - Ext: BrotherSoft Extreme Community Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - %profile%\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}
FF - Ext: HyperCamToolbar: {75656794-AB59-4712-BFBC-5D816D56F3BC} - %profile%\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
FF - Ext: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: DVDVideoSoft Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - %profile%\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
FF - Ext: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - %profile%\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
.
=============== File Associations ===============
.
ShellExec: PortraitProfessional.exe: open="c:\program files\portrait professional 10 trial\PortraitProfessionalTrial.exe" /P "%1"
ShellExec: x3m Player.exe: X3MPlay="c:\program files\x3m player\x3m Player.exe""%1"
.
=============== Created Last 30 ================
.
2011-11-30 23:28:31 -------- d--h--w- c:\users\all users\application data\Common Files
2011-11-30 23:26:12 -------- d-----w- c:\windows\system32\drivers\AVG
2011-11-30 23:16:43 -------- d-----w- c:\users\all users\application data\MFAData
2011-11-13 02:56:16 -------- d-----w- c:\users\administrator\application data\Search Settings
2011-11-13 02:56:12 -------- d-----w- c:\program files\Application Updater
2011-11-13 02:56:11 -------- d-----w- c:\program files\YouTube Downloader Toolbar
2011-11-13 02:56:11 -------- d-----w- c:\program files\common files\Spigot
2011-11-13 01:55:28 -------- d-----w- c:\users\administrator\local settings\application data\Corel
2011-11-09 09:32:09 -------- d-----w- c:\users\all users\application data\CanonIJEGV
2011-11-09 09:03:20 -------- d-----w- c:\users\all users\application data\CanonIJ
2011-11-09 08:25:01 -------- d-----w- c:\users\all users\application data\CanonIJEPPEX
2011-11-09 08:25:00 -------- d-----w- c:\users\administrator\local settings\application data\Canon Easy-PhotoPrint EX
2011-11-09 08:20:26 -------- d-----w- c:\users\all users\application data\CanonIJSolutionMenuEX
2011-11-09 08:20:24 -------- d-----w- c:\users\all users\application data\CanonIJEPPEX2
2011-11-09 08:20:24 -------- d-----w- c:\users\all users\application data\CanonEPP
2011-11-09 08:20:17 -------- d-----w- c:\users\all users\application data\CanonIJMyPrinter
2011-11-09 08:18:17 -------- d-----w- c:\users\all users\application data\CanonIJPLM
2011-11-09 08:17:19 -------- d-----w- c:\users\all users\application data\CanonIJMSetup
2011-11-09 08:04:41 -------- d-----w- c:\program files\common files\CANON
2011-11-09 08:04:27 -------- d-----w- c:\users\all users\application data\CanonIJWSpt
2011-11-09 07:57:44 -------- d-----w- c:\program files\Canon
2011-11-06 06:43:55 -------- d-----w- c:\users\administrator\application data\PriceGong
2011-07-19 20:32:01 -------- d-----w- c:\program files\YouTube Downloader
2011-07-19 20:31:14 -------- d-----w- c:\windows\services32
2011-07-19 20:31:09 -------- d-----w- c:\users\administrator\application data\dwm
2011-07-19 20:09:00 -------- d-----w- c:\users\all users\application data\Avira
2011-07-17 06:55:29 -------- d-----w- c:\windows\pss
2011-07-17 00:44:03 -------- d-----w- c:\windows\system32\NtmsData
2011-07-16 23:46:03 -------- d-----w- c:\users\administrator\application data\Sammsoft
2011-07-16 23:03:01 -------- d-----w- c:\program files\ATI
2011-07-16 22:57:48 -------- d-----w- C:\ATI
2011-07-16 22:56:16 -------- d-----w- c:\users\administrator\application data\YouTube Downloader
2011-07-16 22:51:58 -------- d-----w- c:\windows\ufa
2011-07-16 22:51:58 -------- d-----w- c:\windows\rpcminer
2011-07-16 22:51:58 -------- d-----w- c:\windows\phoenix
2011-07-16 22:51:57 246272 ----a-w- c:\windows\unrar.exe
2011-07-16 22:51:57 114176 ----a-w- c:\windows\systemup.exe
2011-07-16 22:51:32 169472 ----a-w- c:\program files\internet explorer\conhost.exe
2011-07-16 22:51:32 -------- d--h--w- c:\windows\update.3
2011-07-16 22:51:32 -------- d-----w- C:\Microsoft
2011-07-16 22:51:22 169472 ----a-w- c:\windows\gbot111.exe
2011-07-16 22:51:13 -------- d--h--w- c:\windows\update.2
2011-07-16 22:51:04 -------- d--h--w- c:\windows\update.5.0
2011-07-16 22:49:11 -------- d-----w- c:\windows\av_ico
2011-07-16 22:47:14 -------- d--h--w- c:\windows\update.1
2011-07-16 22:46:52 -------- d--h--w- c:\windows\update.tray-12-0-lnk
2011-07-16 22:46:52 -------- d--h--w- c:\windows\update.tray-12-0
2011-07-16 22:35:52 180736 ----a-w- c:\users\administrator\application data\dwm.exe
2011-07-16 22:35:32 171520 ----a-w- c:\users\administrator\application data\microsoft\conhost.exe
2011-07-16 22:35:24 1154048 ----a-w- c:\windows\services32.exe
2011-07-15 00:18:29 724992 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iKernel.dll
2011-07-15 00:18:29 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\ctor.dll
2011-07-15 00:18:29 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\DotNetInstaller.exe
2011-07-15 00:18:29 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2011-07-15 00:18:29 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iscript.dll
2011-07-15 00:18:29 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iuser.dll
2011-07-15 00:18:27 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\Setup.dll
2011-07-15 00:18:27 184452 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iGdi.dll
2011-07-11 23:35:39 -------- d-----w- C:\games
2011-07-05 23:43:16 -------- d--h--w- C:\$AVG
2011-06-30 23:59:07 -------- d-----w- c:\program files\Onda Connection Manager
2011-06-30 23:51:17 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-06-30 23:51:17 -------- d-----w- c:\windows\system32\wbem\Repository
.
==================== Find3M ====================
.
2011-05-24 10:44:26 59904 ----a-w- c:\windows\system32\OVDecode.dll
2011-05-24 10:44:10 51712 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-24 10:43:50 12798976 ----a-w- c:\windows\system32\amdocl.dll
2011-04-14 08:28:42 134480 ----a-w- c:\windows\system32\drivers\AVGIDSDriver.sys
2011-04-13 22:40:10 4284416 ----a-w- c:\windows\system32\GPhotos.scr
2011-04-04 11:59:56 297168 ----a-w- c:\windows\system32\drivers\avgtdix.sys
.
============= FINISH: 15:19:30,98 ===============

Dopuna: 20 Jul 2011 1:32

mycity.rs/must-login.png

Dopuna: 20 Jul 2011 1:38

Ne mogu nikako da skinem GMR, kada pok izbaci mi owo ''The webpage at www2.gmer.net/download.php might be temporarily down or it may have moved permanently to a new web address.
Error 321 (net::ERR_INVALID_CHUNKED_ENCODING): Unknown error.''

Dopuna: 20 Jul 2011 1:43

mycity.rs/must-login.png

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Samo da proverim nesto ...



Ajde namesti sat i danasnji datum u Control Panel-u i ponovo pokreni DDS. Postavi mi sveze DDS i Attach izvestaje da pogledam u sledecoj poruci.



Takodje, pokusaj opet da skines GMER. Ukoliko ne uspes, citaj dalje Uputstvo. Postoji program koji se zove RootRepeal i koji se koristi kao zamena GMER-u. Samo procitaj Uputstvo.





goran9888 (AMF Tim)

offline
  • Pridružio: 19 Jul 2011
  • Poruke: 22

ok - ewo odmah (wreme sam pomerio zato sto sam isao na restore system) :/
snasao sam se i za GMR - - - -odmah cu poslati izwestaje

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

SrdjanM989 ::ok - ewo odmah (wreme sam pomerio zato sto sam isao na restore system) :/
snasao sam se i za GMR - - - -odmah cu poslati izwestaje




Radi iskljucivo sta ti ja pisem. Nemoj raditi nista na svoju ruku ukoliko zelis da resimo problem.
Skeniranje GMER-om moze da potraje, no nigde ne zurimo.









goran9888 (AMF Tim)

offline
  • Pridružio: 19 Jul 2011
  • Poruke: 22

Napisano: 20 Jul 2011 1:55

DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 7.0.5730.13
Run by Administrator at 1:54:24 on 2011-07-20
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uWindow Title = IE
uSearch Page =
uSearch Bar =
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.bigseekpro.com/facesmooch3/{E0BA5896-372C-440F-B14E-34317B2ED4DC}
uInternet Settings,ProxyServer = http=127.0.0.1:56889
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://start.facemoods.com/?a=grupo&s={searchTerms}&f=4
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
uURLSearchHooks: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\4.4\youtubedownloaderToolbarIE.dll
uURLSearchHooks: DVDVideoSoftTB Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - c:\program files\dvdvideosoft\prxtbDVD2.dll
uURLSearchHooks: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\prxtbDVD0.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
mWinlogon: Userinit=c:\windows\system32\userinit.exe,c:\windows\system32\mpk\mpk.exe
mWinlogon: SfcDisable=-99 (0xffffff9d)
mWinlogon: Taskman=c:\users\administrator\ctfmon.exe
uWinlogon: Shell=explorer.exe,c:\users\administrator\application data\dwm.exe
uWindows: load=c:\windows\temp\csrss.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: E-Zsoft VideoDownloaderToolBar: {4322a444-92f8-4c3e-bd4c-013ba51e2871} - c:\program files\e-zsoft\youtubedownloader\VDTB.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\prxtbDVD0.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
BHO: Ask Toolbar BHO: {d4027c7f-154a-4066-a1ad-4243d8127440} - Ask Toolbar
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {de4e75d3-60aa-4f02-a0e4-c8a40576574c} - No File
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: DVDVideoSoftTB Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - c:\program files\dvdvideosoft\prxtbDVD2.dll
BHO: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\4.4\youtubedownloaderToolbarIE.dll
BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\hypercam toolbar\tbcore3.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} -
TB: E-Zsoft VideoDownloaderToolBar: {4322a444-92f8-4c3e-bd4c-013ba51e2871} - c:\program files\e-zsoft\youtubedownloader\VDTB.dll
TB: DVDVideoSoftTB Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - c:\program files\dvdvideosoft\prxtbDVD2.dll
TB: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - c:\program files\dvdvideosofttb\prxtbDVD0.dll
TB: YouTube Downloader Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\youtube downloader toolbar\ie\4.4\youtubedownloaderToolbarIE.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg10\toolbar\IEToolbar.dll
TB: HyperCam Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} -
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [DW6] "c:\program files\the weather channel fw\desktop\DesktopWeather.exe"
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [BisonHK] c:\windows\bisoncam\BisonHK.exe
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [CanonSolutionMenuEx] c:\program files\canon\solution menu ex\CNSEMAIN.EXE /logon
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [conhost] c:\users\administrator\application data\microsoft\conhost.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
dRunOnce: [NewUser] c:\windows\lastxp\NewUser.cmd
uPolicies-explorer: NoSMHelp = 1 (0x1)
uPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
mPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
mPolicies-system: SynchronousMachineGroupPolicy = 0 (0x0)
mPolicies-system: SynchronousUserGroupPolicy = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableSecureUIAPaths = 0 (0x0)
dPolicies-explorer: NoSMHelp = 1 (0x1)
dPolicies-explorer: NoSMConfigurePrograms = 1 (0x1)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office11\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\administrator\application data\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
TCP: Interfaces\{225DBB18-2646-4BEF-8224-C6B3EBB431E2} : NameServer = 193.70.152.25 193.70.192.25
TCP: Interfaces\{DB83E9E8-22D7-47F5-94A0-DBD9E03C26BB} : NameServer = 77.105.0.18,77.105.0.19
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\windows\system32\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
IFEO: avnotify.exe - c:\program files\avira\antivir personaledition classic\NoNotify.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\administrator\application data\mozilla\firefox\profiles\jm2qpstb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=18837
FF - prefs.js: browser.search.selectedEngine - Facemoods Search
FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=grupo
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 56889
FF - prefs.js: network.proxy.type - 1
FF - component: c:\program files\common files\spigot\wtxpcom\components\WidgiToolbarFF.dll
FF - component: c:\users\administrator\application data\mozilla\firefox\profiles\jm2qpstb.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\components\FFExternalAlert.dll
FF - component: c:\users\administrator\application data\mozilla\firefox\profiles\jm2qpstb.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\components\RadioWMPCore.dll
FF - component: c:\users\administrator\application data\mozilla\firefox\profiles\jm2qpstb.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\FFExternalAlert.dll
FF - component: c:\users\administrator\application data\mozilla\firefox\profiles\jm2qpstb.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCore.dll
FF - component: c:\users\administrator\application data\mozilla\firefox\profiles\jm2qpstb.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\FFExternalAlert.dll
FF - component: c:\users\administrator\application data\mozilla\firefox\profiles\jm2qpstb.default\extensions\ffxtlbr@babylon.com\components\FFHst.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\users\administrator\local settings\application data\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - Ext: Adblock Filterset.G Updater: filtersetg@updater - c:\program files\mozilla firefox\extensions\filtersetg@updater
FF - Ext: PDF Download: {37E4D8EA-8BDA-4831-8EA1-89053939A250} - c:\program files\mozilla firefox\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
FF - Ext: IE View: {6e84150a-d526-41f1-a480-a67d3fed910d} - c:\program files\mozilla firefox\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - c:\program files\mozilla firefox\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com
FF - Ext: BrotherSoft Extreme Community Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - %profile%\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}
FF - Ext: HyperCamToolbar: {75656794-AB59-4712-BFBC-5D816D56F3BC} - %profile%\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
FF - Ext: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: DVDVideoSoft Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - %profile%\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
FF - Ext: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - %profile%\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2011-11-30 23:28:31 -------- d--h--w- c:\users\all users\application data\Common Files
2011-11-30 23:26:12 -------- d-----w- c:\windows\system32\drivers\AVG
2011-11-30 23:16:43 -------- d-----w- c:\users\all users\application data\MFAData
2011-11-13 02:56:16 -------- d-----w- c:\users\administrator\application data\Search Settings
2011-11-13 02:56:12 -------- d-----w- c:\program files\Application Updater
2011-11-13 02:56:11 -------- d-----w- c:\program files\YouTube Downloader Toolbar
2011-11-13 02:56:11 -------- d-----w- c:\program files\common files\Spigot
2011-11-13 01:55:28 -------- d-----w- c:\users\administrator\local settings\application data\Corel
2011-11-09 09:32:09 -------- d-----w- c:\users\all users\application data\CanonIJEGV
2011-11-09 09:03:20 -------- d-----w- c:\users\all users\application data\CanonIJ
2011-11-09 08:25:01 -------- d-----w- c:\users\all users\application data\CanonIJEPPEX
2011-11-09 08:25:00 -------- d-----w- c:\users\administrator\local settings\application data\Canon Easy-PhotoPrint EX
2011-11-09 08:20:26 -------- d-----w- c:\users\all users\application data\CanonIJSolutionMenuEX
2011-11-09 08:20:24 -------- d-----w- c:\users\all users\application data\CanonIJEPPEX2
2011-11-09 08:20:24 -------- d-----w- c:\users\all users\application data\CanonEPP
2011-11-09 08:20:17 -------- d-----w- c:\users\all users\application data\CanonIJMyPrinter
2011-11-09 08:18:17 -------- d-----w- c:\users\all users\application data\CanonIJPLM
2011-11-09 08:17:19 -------- d-----w- c:\users\all users\application data\CanonIJMSetup
2011-11-09 08:04:41 -------- d-----w- c:\program files\common files\CANON
2011-11-09 08:04:27 -------- d-----w- c:\users\all users\application data\CanonIJWSpt
2011-11-09 07:57:44 -------- d-----w- c:\program files\Canon
2011-11-06 06:43:55 -------- d-----w- c:\users\administrator\application data\PriceGong
2011-07-19 20:32:01 -------- d-----w- c:\program files\YouTube Downloader
2011-07-19 20:31:14 -------- d-----w- c:\windows\services32
2011-07-19 20:31:09 -------- d-----w- c:\users\administrator\application data\dwm
2011-07-19 20:09:00 -------- d-----w- c:\users\all users\application data\Avira
2011-07-17 06:55:29 -------- d-----w- c:\windows\pss
2011-07-17 00:44:03 -------- d-----w- c:\windows\system32\NtmsData
2011-07-16 23:46:03 -------- d-----w- c:\users\administrator\application data\Sammsoft
2011-07-16 23:03:01 -------- d-----w- c:\program files\ATI
2011-07-16 22:57:48 -------- d-----w- C:\ATI
2011-07-16 22:56:16 -------- d-----w- c:\users\administrator\application data\YouTube Downloader
2011-07-16 22:51:58 -------- d-----w- c:\windows\ufa
2011-07-16 22:51:58 -------- d-----w- c:\windows\rpcminer
2011-07-16 22:51:58 -------- d-----w- c:\windows\phoenix
2011-07-16 22:51:57 246272 ----a-w- c:\windows\unrar.exe
2011-07-16 22:51:57 114176 ----a-w- c:\windows\systemup.exe
2011-07-16 22:51:32 169472 ----a-w- c:\program files\internet explorer\conhost.exe
2011-07-16 22:51:32 -------- d--h--w- c:\windows\update.3
2011-07-16 22:51:32 -------- d-----w- C:\Microsoft
2011-07-16 22:51:22 169472 ----a-w- c:\windows\gbot111.exe
2011-07-16 22:51:13 -------- d--h--w- c:\windows\update.2
2011-07-16 22:51:04 -------- d--h--w- c:\windows\update.5.0
2011-07-16 22:49:11 -------- d-----w- c:\windows\av_ico
2011-07-16 22:47:14 -------- d--h--w- c:\windows\update.1
2011-07-16 22:46:52 -------- d--h--w- c:\windows\update.tray-12-0-lnk
2011-07-16 22:46:52 -------- d--h--w- c:\windows\update.tray-12-0
2011-07-16 22:35:52 180736 ----a-w- c:\users\administrator\application data\dwm.exe
2011-07-16 22:35:32 171520 ----a-w- c:\users\administrator\application data\microsoft\conhost.exe
2011-07-16 22:35:24 1154048 ----a-w- c:\windows\services32.exe
2011-07-15 00:18:29 724992 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iKernel.dll
2011-07-15 00:18:29 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\ctor.dll
2011-07-15 00:18:29 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\DotNetInstaller.exe
2011-07-15 00:18:29 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2011-07-15 00:18:29 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iscript.dll
2011-07-15 00:18:29 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iuser.dll
2011-07-15 00:18:27 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\Setup.dll
2011-07-15 00:18:27 184452 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iGdi.dll
2011-07-11 23:35:39 -------- d-----w- C:\games
2011-07-05 23:43:16 -------- d--h--w- C:\$AVG
2011-07-01 02:40:33 -------- d--h--w- c:\windows\PIF
2011-06-30 23:59:07 -------- d-----w- c:\program files\Onda Connection Manager
2011-06-30 23:51:17 -------- d-----w- c:\windows\system32\wbem\repository\FS
2011-06-30 23:51:17 -------- d-----w- c:\windows\system32\wbem\Repository
.
==================== Find3M ====================
.
2011-05-24 10:44:26 59904 ----a-w- c:\windows\system32\OVDecode.dll
2011-05-24 10:44:10 51712 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-24 10:43:50 12798976 ----a-w- c:\windows\system32\amdocl.dll
.
============= FINISH: 1:54:39,45 ===============

mycity.rs/must-login.png

Dopuna: 20 Jul 2011 1:56

mycity.rs/must-login.png


Dopuna: 20 Jul 2011 2:35




mycity.rs/must-login.png

offline
  • Pridružio: 19 Jul 2011
  • Poruke: 22

Napisano: 20 Jul 2011 2:40

mycity.rs/must-login.png

Dopuna: 20 Jul 2011 2:42


mycity.rs/must-login.png

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

U toku resavanja slucaja, zamolio bih te da se pridrzavas sledeceg:
Detaljno citati moja uputstva ( ili uputstva kolega koji ce me zamenjivati) i raditi iskljucivo po njima;
Ne traziti istovremeno pomoc na drugom mestu;
Nemoj koristiti druge programe za uklanjanje malware-a, osim onih za koje budes dobio uputstvo;
U toku intervencije ne koristiti USB memorijske uredjaje, dok to ne budem zatrazio;
Ukoliko ne odgovorim u roku od 48h, osvezi temu novim post-om;
Ukoliko se ne javis u roku od 5 dana, zatvoricemo slucaj.

Za vise informacija o pravilima Ambulante MyCity foruma: LINK

-------------------------------------------------------------------------------------



Arrow


Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix;
u prozoru koji se otvori klikni "I Agree".

U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.








goran9888 (AMF Tim)

offline
  • Pridružio: 19 Jul 2011
  • Poruke: 22

Napisano: 20 Jul 2011 3:56

ComboFix 11-07-19.04 - Administrator 20.07.2011 14:33:50.1.2 - x86
Running from: c:\users\Administrator\Desktop\ComboFix.exe
* Created a new restore point
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Microsoft
c:\program files\Internet Explorer\conhost.exe
c:\users\Administrator\Application Data\Administratorlog.dat
c:\users\Administrator\Application Data\dwm.exe
c:\users\Administrator\Application Data\Microsoft\conhost.exe
c:\users\Administrator\Application Data\Microsoft\Internet Explorer\Desktop.htt
c:\users\Administrator\Application Data\PriceGong
c:\users\Administrator\Application Data\PriceGong\Data\1.xml
c:\users\Administrator\Application Data\PriceGong\Data\a.xml
c:\users\Administrator\Application Data\PriceGong\Data\b.xml
c:\users\Administrator\Application Data\PriceGong\Data\c.xml
c:\users\Administrator\Application Data\PriceGong\Data\d.xml
c:\users\Administrator\Application Data\PriceGong\Data\e.xml
c:\users\Administrator\Application Data\PriceGong\Data\f.xml
c:\users\Administrator\Application Data\PriceGong\Data\g.xml
c:\users\Administrator\Application Data\PriceGong\Data\h.xml
c:\users\Administrator\Application Data\PriceGong\Data\i.xml
c:\users\Administrator\Application Data\PriceGong\Data\j.xml
c:\users\Administrator\Application Data\PriceGong\Data\k.xml
c:\users\Administrator\Application Data\PriceGong\Data\l.xml
c:\users\Administrator\Application Data\PriceGong\Data\m.xml
c:\users\Administrator\Application Data\PriceGong\Data\n.xml
c:\users\Administrator\Application Data\PriceGong\Data\o.xml
c:\users\Administrator\Application Data\PriceGong\Data\p.xml
c:\users\Administrator\Application Data\PriceGong\Data\q.xml
c:\users\Administrator\Application Data\PriceGong\Data\r.xml
c:\users\Administrator\Application Data\PriceGong\Data\s.xml
c:\users\Administrator\Application Data\PriceGong\Data\t.xml
c:\users\Administrator\Application Data\PriceGong\Data\u.xml
c:\users\Administrator\Application Data\PriceGong\Data\v.xml
c:\users\Administrator\Application Data\PriceGong\Data\w.xml
c:\users\Administrator\Application Data\PriceGong\Data\x.xml
c:\users\Administrator\Application Data\PriceGong\Data\y.xml
c:\users\Administrator\Application Data\PriceGong\Data\z.xml
c:\users\Administrator\WINDOWS
c:\users\All Users\Application Data\MPK
c:\users\All Users\Application Data\MPK\1\D0000
c:\users\All Users\Application Data\MPK\1\I40552_0782718403
c:\users\All Users\Application Data\MPK\1\I40552_0783318866
c:\users\All Users\Application Data\MPK\1\I40552_0785000694
c:\users\All Users\Application Data\MPK\1\I40552_0789315625
c:\users\All Users\Application Data\MPK\1\I40552_0794518519
c:\users\All Users\Application Data\MPK\1\I40552_0822820718
c:\users\All Users\Application Data\MPK\1\I40554_0724283796
c:\users\All Users\Application Data\MPK\1\I40554_0726141088
c:\users\All Users\Application Data\MPK\1\I40554_0733203125
c:\users\All Users\Application Data\MPK\1\I40554_0734713079
c:\users\All Users\Application Data\MPK\1\I40554_0737568634
c:\users\All Users\Application Data\MPK\1\I40554_0742176620
c:\users\All Users\Application Data\MPK\1\I40554_0743918171
c:\users\All Users\Application Data\MPK\1\I40554_0748828125
c:\users\All Users\Application Data\MPK\1\I40554_0766608796
c:\users\All Users\Application Data\MPK\1\I40554_0772522338
c:\users\All Users\Application Data\MPK\1\I40554_0786183449
c:\users\All Users\Application Data\MPK\1\I40554_0787754977
c:\users\All Users\Application Data\MPK\1\I40554_0792887269
c:\users\All Users\Application Data\MPK\1\I40558_8810411227
c:\users\All Users\Application Data\MPK\1\I40558_8812089468
c:\users\All Users\Application Data\MPK\1\I40559_7561921296
c:\users\All Users\Application Data\MPK\1\I40598_0536709606
c:\users\All Users\Application Data\MPK\1\S0000
c:\users\All Users\Application Data\MPK\CPDM\cpfm.bin
c:\users\All Users\Application Data\MPK\etilqs_azUGCHE0g33aKlF20I6Z
c:\users\All Users\Application Data\MPK\etilqs_EPgGyHctWrjQUT5aLD95
c:\users\All Users\Application Data\MPK\etilqs_lhVchSnnGO5cR4KeR7qD
c:\users\All Users\Application Data\MPK\M0000
c:\users\All Users\Application Data\MPK\REFOG Free Keylogger.lnk
c:\users\All Users\Application Data\MPK\REFOG Free Keylogger\ REFOG Free Keylogger on the Web.lnk
c:\users\All Users\Application Data\MPK\REFOG Free Keylogger\Get discount!.lnk
c:\users\All Users\Application Data\MPK\REFOG Free Keylogger\Order now!.lnk
c:\users\All Users\Application Data\MPK\REFOG Free Keylogger\REFOG Free Keylogger.lnk
c:\users\All Users\Application Data\MPK\S0000
C:\Win
c:\win\names.txt
c:\windows\btc_client_iplist.txt
c:\windows\ddh_iplist.txt
c:\windows\front_ip_list.txt
c:\windows\gbot111.exe
c:\windows\iecheck_iplist.txt
c:\windows\info1
c:\windows\iplist.txt
c:\windows\loader2.exe_ok
c:\windows\phoenix.rar
c:\windows\proc_list1.log
c:\windows\rpcminer.rar
c:\windows\services32
c:\windows\services32.exe
c:\windows\services32\services32.exe
c:\windows\system32\drivers\etc\HSTS~1
c:\windows\system32\install
c:\windows\system32\MPK
c:\windows\system32\MPK\Help\English\alarms.htm
c:\windows\system32\MPK\Help\English\clipboard.htm
c:\windows\system32\MPK\Help\English\computer.htm
c:\windows\system32\MPK\Help\English\delivery.htm
c:\windows\system32\MPK\Help\English\file.htm
c:\windows\system32\MPK\Help\English\filters.htm
c:\windows\system32\MPK\Help\English\imhelp.htm
c:\windows\system32\MPK\Help\English\internet.htm
c:\windows\system32\MPK\Help\English\invisible.htm
c:\windows\system32\MPK\Help\English\keyboard.htm
c:\windows\system32\MPK\Help\English\log_size.htm
c:\windows\system32\MPK\Help\English\logging.htm
c:\windows\system32\MPK\Help\English\need_update_net.htm
c:\windows\system32\MPK\Help\English\password.htm
c:\windows\system32\MPK\Help\English\programs.htm
c:\windows\system32\MPK\Help\English\screenshot.htm
c:\windows\system32\MPK\Help\English\settings_node.htm
c:\windows\system32\MPK\Help\English\update.htm
c:\windows\system32\MPK\Help\English\users_node.htm
c:\windows\system32\MPK\Help\German\alarms.htm
c:\windows\system32\MPK\Help\German\clipboard.htm
c:\windows\system32\MPK\Help\German\computer.htm
c:\windows\system32\MPK\Help\German\delivery.htm
c:\windows\system32\MPK\Help\German\file.htm
c:\windows\system32\MPK\Help\German\filters.htm
c:\windows\system32\MPK\Help\German\imhelp.htm
c:\windows\system32\MPK\Help\German\internet.htm
c:\windows\system32\MPK\Help\German\invisible.htm
c:\windows\system32\MPK\Help\German\keyboard.htm
c:\windows\system32\MPK\Help\German\log_size.htm
c:\windows\system32\MPK\Help\German\logging.htm
c:\windows\system32\MPK\Help\German\need_update_net.htm
c:\windows\system32\MPK\Help\German\password.htm
c:\windows\system32\MPK\Help\German\programs.htm
c:\windows\system32\MPK\Help\German\screenshot.htm
c:\windows\system32\MPK\Help\German\settings_node.htm
c:\windows\system32\MPK\Help\German\users_node.htm
c:\windows\system32\MPK\Help\Spanish\alarms.htm
c:\windows\system32\MPK\Help\Spanish\clipboard.htm
c:\windows\system32\MPK\Help\Spanish\computer.htm
c:\windows\system32\MPK\Help\Spanish\delivery.htm
c:\windows\system32\MPK\Help\Spanish\filters.htm
c:\windows\system32\MPK\Help\Spanish\internet.htm
c:\windows\system32\MPK\Help\Spanish\invisible.htm
c:\windows\system32\MPK\Help\Spanish\keyboard.htm
c:\windows\system32\MPK\Help\Spanish\log_size.htm
c:\windows\system32\MPK\Help\Spanish\logging.htm
c:\windows\system32\MPK\Help\Spanish\password.htm
c:\windows\system32\MPK\Help\Spanish\programs.htm
c:\windows\system32\MPK\Help\Spanish\screenshot.htm
c:\windows\system32\MPK\Help\Spanish\settings_node.htm
c:\windows\system32\MPK\Help\Spanish\users_node.htm
c:\windows\system32\MPK\icon_1.ico
c:\windows\system32\MPK\Images\vista_hide.bmp
c:\windows\system32\MPK\Images\xp_hide.bmp
c:\windows\system32\MPK\Lang\Brazilian.frc
c:\windows\system32\MPK\Lang\Brazilian.lng
c:\windows\system32\MPK\Lang\English.frc
c:\windows\system32\MPK\Lang\French.frc
c:\windows\system32\MPK\Lang\French.lng
c:\windows\system32\MPK\Lang\German.frc
c:\windows\system32\MPK\Lang\German.lng
c:\windows\system32\MPK\Lang\Italian.frc
c:\windows\system32\MPK\Lang\Italian.lng
c:\windows\system32\MPK\Lang\Japanese.frc
c:\windows\system32\MPK\Lang\Japanese.lng
c:\windows\system32\MPK\Lang\Polish.lng
c:\windows\system32\MPK\Lang\Portuguese.frc
c:\windows\system32\MPK\Lang\Portuguese.lng
c:\windows\system32\MPK\Lang\Romanian.frc
c:\windows\system32\MPK\Lang\Romanian.lng
c:\windows\system32\MPK\Lang\Russian.frc
c:\windows\system32\MPK\Lang\Spanish.frc
c:\windows\system32\MPK\Lang\Spanish.lng
c:\windows\system32\MPK\lnkmst.exe
c:\windows\system32\MPK\Mpk.dll
c:\windows\system32\MPK\Mpk64.dll
c:\windows\system32\MPK\MPK64.exe
c:\windows\system32\MPK\MPKView.exe
c:\windows\system32\MPK\sqlite3.dll
c:\windows\system32\MPK\unins000.dat
c:\windows\system32\MPK\unins000.exe
c:\windows\system32\MPK\unins000.msg
c:\windows\systemup.exe
c:\windows\ufa.rar
c:\windows\update.1
c:\windows\update.1\svchost.exe
c:\windows\update.2
c:\windows\update.5.0
c:\windows\update.5.0\svchost.exe
c:\windows\winlog-dirs.txt
c:\windows\winlog-ids.txt
D:\9g86.exe
D:\autorun.inf
.
c:\windows\system32\logonui.exe . . . is infected!!
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_6TO4
-------\Service_6to4
-------\Service_usnjsvc
-------\Legacy_srvbtcclient
-------\Legacy_srvbtcclient
-------\Service_srvbtcclient
-------\Service_srvbtcclient
.
.
((((((((((((((((((((((((( Files Created from 2011-06-20 to 2011-07-20 )))))))))))))))))))))))))))))))
.
.
2011-11-30 23:28 . 2011-11-30 23:28 -------- d--h--w- c:\users\All Users\Application Data\Common Files
2011-11-30 23:26 . 2011-11-30 23:31 -------- d-----w- c:\windows\system32\drivers\AVG
2011-11-30 23:16 . 2011-07-16 23:41 -------- d-----w- c:\users\All Users\Application Data\MFAData
2011-11-13 02:56 . 2011-11-13 02:56 -------- d-----w- c:\users\Administrator\Application Data\Search Settings
2011-11-13 02:56 . 2011-11-13 02:56 -------- d-----w- c:\program files\Application Updater
2011-11-13 02:56 . 2011-11-13 02:56 -------- d-----w- c:\program files\YouTube Downloader Toolbar
2011-11-13 02:56 . 2011-11-13 02:56 -------- d-----w- c:\program files\Common Files\Spigot
2011-11-13 01:55 . 2011-11-13 01:55 -------- d-----w- c:\users\Administrator\Local Settings\Application Data\Corel
2011-11-13 01:55 . 2011-11-13 01:55 -------- d-----w- c:\users\Administrator\Application Data\Corel
2011-11-09 09:03 . 2011-11-09 09:03 -------- d-----w- c:\users\All Users\Application Data\CanonIJ
2011-11-09 08:25 . 2011-11-09 08:25 -------- d-----w- c:\users\Administrator\Local Settings\Application Data\Canon Easy-PhotoPrint EX
2011-11-09 08:20 . 2011-11-09 08:20 -------- d-----w- c:\users\All Users\Application Data\CanonEPP
2011-11-09 08:04 . 2011-11-09 08:04 -------- d-----w- c:\program files\Common Files\CANON
2011-11-09 07:57 . 2011-11-09 08:04 -------- d-----w- c:\program files\Canon
2011-07-19 20:32 . 2011-07-19 20:32 -------- d-----w- c:\program files\YouTube Downloader
2011-07-19 20:31 . 2011-07-19 20:31 -------- d-----w- c:\users\Administrator\Application Data\dwm
2011-07-19 20:09 . 2011-07-19 20:09 -------- d-----w- c:\users\All Users\Application Data\Avira
2011-07-17 00:44 . 2011-07-17 12:49 -------- d-----w- c:\windows\system32\NtmsData
2011-07-16 23:46 . 2011-07-16 23:46 -------- d-----w- c:\users\Administrator\Application Data\Sammsoft
2011-07-16 23:03 . 2011-07-16 23:03 -------- d-----w- c:\program files\ATI
2011-07-16 22:57 . 2011-07-16 22:57 -------- d-----w- C:\ATI
2011-07-16 22:56 . 2011-07-16 23:33 -------- d-----w- c:\users\Administrator\Application Data\YouTube Downloader
2011-07-16 22:51 . 2011-07-16 22:51 -------- d-----w- c:\windows\ufa
2011-07-16 22:51 . 2011-07-16 22:51 -------- d-----w- c:\windows\rpcminer
2011-07-16 22:51 . 2011-07-16 22:51 -------- d-----w- c:\windows\phoenix
2011-07-16 22:51 . 2011-07-16 22:51 246272 ----a-w- c:\windows\unrar.exe
2011-07-16 22:51 . 2011-07-16 22:51 -------- d--h--w- c:\windows\update.3
2011-07-16 22:49 . 2011-07-16 22:49 -------- d-----w- c:\windows\av_ico
2011-07-16 22:46 . 2011-07-16 22:46 -------- d--h--w- c:\windows\update.tray-12-0
2011-07-16 22:46 . 2011-07-16 22:46 -------- d--h--w- c:\windows\update.tray-12-0-lnk
2011-07-15 00:18 . 2003-09-02 13:28 724992 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iKernel.dll
2011-07-15 00:18 . 2003-09-02 13:27 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\ctor.dll
2011-07-15 00:18 . 2003-09-02 13:26 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iscript.dll
2011-07-15 00:18 . 2003-09-02 13:26 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iuser.dll
2011-07-15 00:18 . 2003-09-02 13:25 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
2011-07-15 00:18 . 2003-09-02 13:23 32768 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-07-15 00:18 . 2011-07-15 00:18 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\Setup.dll
2011-07-15 00:18 . 2011-07-15 00:18 184452 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\iGdi.dll
2011-07-11 23:35 . 2011-07-14 03:14 -------- d-----w- C:\games
2011-07-05 23:43 . 2011-07-05 23:43 -------- d-----w- C:\$AVG
2011-07-01 02:40 . 2011-07-01 02:40 -------- d--h--w- c:\windows\PIF
2011-06-30 23:59 . 2011-07-01 00:00 -------- d-----w- c:\program files\Onda Connection Manager
2011-06-30 23:51 . 2011-06-30 23:51 -------- d-----w- c:\windows\system32\wbem\Repository
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-24 10:44 . 2011-05-24 10:44 59904 ----a-w- c:\windows\system32\OVDecode.dll
2011-05-24 10:44 . 2011-05-24 10:44 51712 ----a-w- c:\windows\system32\OpenCL.dll
2011-05-24 10:43 . 2011-05-24 10:43 12798976 ----a-w- c:\windows\system32\amdocl.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
Cryptography Services Error !!
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\program files\DVDVideoSoft\prxtbDVD2.dll" [2011-01-17 175912]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2011-01-17 14:54 175912 ----a-w- c:\program files\DVDVideoSoftTB\prxtbDVD0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
2011-01-17 14:54 175912 ----a-w- c:\program files\DVDVideoSoft\prxtbDVD2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}"= "c:\program files\DVDVideoSoft\prxtbDVD2.dll" [2011-01-17 175912]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}"= "c:\program files\DVDVideoSoft\prxtbDVD2.dll" [2011-01-17 175912]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\program files\DVDVideoSoftTB\prxtbDVD0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}]
.
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2008-06-10 785520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2008-05-14 344064]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"BisonHK"="c:\windows\BisonCam\BisonHK.exe" [2007-03-15 32768]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2516296]
"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-01 1185112]
"AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 89541]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-02 35696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2009-03-08 37376]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2009-03-08 124928]
"NewUser"="c:\windows\LastXP\NewUser.cmd" [2009-02-18 2375]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
"EnableSecureUIAPaths"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgchsvx.exe /sync\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\windows\\system32\\sessmgr.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R2 ONDA_MW823UP_cpo;ONDA MW823UP Install;c:\windows\system32\DRIVERS\ONDA_MW823UP_cpo.sys [2010-01-27 9728]
R3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\Drivers\VMUVC.sys [x]
R3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [x]
R4 Avgfwdx;Avgfwdx;c:\windows\system32\DRIVERS\avgfwdx.sys [2010-07-11 30432]
R4 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwdx.sys [2010-07-11 30432]
R4 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-04-14 134480]
R4 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-21 22992]
R4 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-09 24144]
R4 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-02-09 27216]
R4 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2011-01-06 248656]
R4 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2011-03-16 32592]
R4 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2011-04-04 297168]
S0 ahci6xx;ahci6xx; [x]
S0 amdide1;amdide1; [x]
S2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [2011-05-06 393112]
S2 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-12-27 51816]
S3 ONDA_MW823UP_cdc_acm;ONDA MW823UP CDC-ACM driver;c:\windows\system32\DRIVERS\ONDA_MW823UP_cdc_acm.sys [2010-01-27 86016]
S3 ONDA_MW823UP_cdc_ecm;ONDA_MW823UP_cdc_ecm;c:\windows\system32\DRIVERS\ONDA_MW823UP_cdc_ecm.sys [2010-01-27 49920]
S3 ONDA_MW823UP_dc_enum;ONDA MW823UP DC Enumerator;c:\windows\system32\DRIVERS\ONDA_MW823UP_dc_enum.sys [2010-01-27 80000]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-01-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-29 23:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://www.bigseekpro.com/facesmooch3/{E0BA5896-372C-440F-B14E-34317B2ED4DC}
uInternet Settings,ProxyServer = http=127.0.0.1:56889
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\Administrator\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: Interfaces\{DB83E9E8-22D7-47F5-94A0-DBD9E03C26BB}: NameServer = 77.105.0.18,77.105.0.19
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -
FF - ProfilePath - c:\users\Administrator\Application Data\Mozilla\Firefox\Profiles\jm2qpstb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=18837
FF - prefs.js: browser.search.selectedEngine - Facemoods Search
FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=grupo
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 56889
FF - prefs.js: network.proxy.type - 1
FF - Ext: Adblock Filterset.G Updater: filtersetg@updater - c:\program files\Mozilla Firefox\extensions\filtersetg@updater
FF - Ext: PDF Download: {37E4D8EA-8BDA-4831-8EA1-89053939A250} - c:\program files\Mozilla Firefox\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
FF - Ext: IE View: {6e84150a-d526-41f1-a480-a67d3fed910d} - c:\program files\Mozilla Firefox\extensions\{6e84150a-d526-41f1-a480-a67d3fed910d}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - c:\program files\Mozilla Firefox\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com
FF - Ext: BrotherSoft Extreme Community Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - %profile%\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}
FF - Ext: HyperCamToolbar: {75656794-AB59-4712-BFBC-5D816D56F3BC} - %profile%\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
FF - Ext: DVDVideoSoftTB Toolbar: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - %profile%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
FF - Ext: DVDVideoSoft Menu: {ACAA314B-EEBA-48e4-AD47-84E31C44796C} - %profile%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF - Ext: DVDVideoSoft Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - %profile%\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
FF - Ext: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - %profile%\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
BHO-{A3BC75A2-1F87-4686-AA43-5347D756017C} - c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
BHO-{de4e75d3-60aa-4f02-a0e4-c8a40576574c} - (no file)
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - c:\program files\AVG\AVG10\Toolbar\IEToolbar.dll
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
SafeBoot-Wdf01000.sys
AddRemove-Counter Strike 1.6 FULL v42 - c:\games\CS 1.6 v42 FULL\Uninstall.exe
AddRemove-Counter-Strike 1.6 - D:\Uninstal.exe
AddRemove-LimeWire - c:\program files\LimeWire\uninstall.exe
AddRemove-Picasa 3 - c:\program files\Google\Picasa3\Uninstall.exe
AddRemove-PortraitProfessional10Trial_is1 - c:\program files\Portrait Professional 10 Trial\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2011-07-20 14:42
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1096)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
.
- - - - - - - > 'lsass.exe'(1152)
c:\windows\system32\setupapi.dll
.
- - - - - - - > 'explorer.exe'(3664)
c:\windows\system32\SHDOCVW.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\windows\system32\msi.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
c:\windows\system32\credui.dll
c:\windows\system32\MSVCP60.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\rundll32.exe
c:\windows\AGRSMMSG.exe
c:\windows\system32\agrsmsvc.exe
c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2011-07-20 14:43:18 - machine was rebooted
ComboFix-quarantined-files.txt 2011-07-20 01:43
.
Pre-Run: 2.862.682.112 bytes free
Post-Run: 3.074.519.040 bytes free
.
- - End Of File - - B6382E588785BA6FDFC7F7C199373D38

Dopuna: 20 Jul 2011 4:08

druze, ispratio sam swa twoja uputstwa..... dostawio sam wam izwestaj sa combofix -a.... posle njegowog zawrsetka rada i skeniranja u donjem desnom uglu mi se pojawio ''windows security alerts'' i jos jedna ikonica koja me obawestawa da mi je ''automatic updates'' ''of''....... inace sto se tice programa antiwirusa koristio sam ''avg'', nakon sto mi je stwarao razne probleme presao sam na ''aviru'' medjutim i nju sam deinstalirao.... trenutno nemam ni jedan program protiw wirusa jer zelim da me posawetujes za koji da se odlucim...... i premiteo sam da mi je sistem dosta puno zarazen, na zalost zbog mog nestrucnog koriscenja lap-topa i celog sistema//////

P.S. sada mi google ucitawa facebook stranicu
kada budes imao wremena pogledaj owe izwestaje koje sam ti dostawio i narawno HWALA NA POMOCI
ako imas jos neki sawet - - - ti slobodno reci - - - HWALA JOS JEDNOM :DDDDD HAPPYYYYYYY

23 Jul 2011 17:31 1l padr1n0 Zaključavanje topica Razlog: Već je odgovoreno, dalja diskusija nema svrhu  
Ko je trenutno na forumu
 

Ukupno su 1137 korisnika na forumu :: 55 registrovanih, 10 sakrivenih i 1072 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, AleksSE, amaterSRB, aramis s, babaroga, Bluper, bobomicek, bojan_t, bojank, bokisha253, bufanje, CrazyDiablo, darionis, Denaya, djuradj, Gargantua, HogarStrashni, Istman, ivicasimo, Još malo pa deda, kokodakalo, kolle.the.kid, kunktator, LastTsar, Leonov, Metanoja, mile09, milimoj, milos.cbr, Nemanja.M, nick79, novator, Panter, Posmatrac77OKB, predragc, repac, Romibrat, royst33, Srky Boy, styg, Tas011, tomigun, trajkoni018, vathra, vlad4, vladas87, voja64, wolverined4, x9, yrraf, YugoSlav, zixmix, Zmaj Ognjeni Vuk, Žrnov, šumar bk2