MyCity » Ambulanta -> Arhiva Ambulante » Blokirao racunar

Blokirao racunar

Napisano na dan: 2.9.2012

Strana:
1
2

Blokirao racunar

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Alex_Alex Poslao: 02 Sep 2012 14:36 Idi na vrh
offline Alex_Alex Novi MyCity građanin Pridružio: 02 Sep 2012 Poruke: 10	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Htjela sam racunar skenirati sa Anti-Malware i u tom trenutku mi se pojavilo da napravim apdejt Adobe flash playera. To sam zavrsila i vjerovatno napravila gresku. Nakon skeniranja sa Anti-Malware i brisanja par stavki koje je pronasao, Malware mi javlja gresku. Restartovala sam racunar i od tada ne mogu nista otvoriti. Na koju god ikonu kliknem samo stoji pjescani sat i nista se ne desava. Usla sam u safe mode i krenula sa skeniranjem svim i svacim. ATF-cleaner, super antispyware, ccleaner...Od zastite koristim avast i on nista nije pronasao. Skinula sam i kaspersky ni on nije nista pronasao. Na kraju sam jos jednom skenirala sa Malware i on je nasao PUP.blabbers u D:\System Volume Information\_restore{7CA4DF12-92B6-44F7-9B7B-B9C98F95A04A}\RP564\A0998347.exe To sam obrisala ali situacija sa racunarom je i dalje ista. Sta jos da pokusam? . DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_30 Run by Sandra at 14:35:24 on 2012-09-02 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.1023.530 [GMT 2:00] . AV: avast! Antivirus Enabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: avast! Antivirus Disabled . ============== Running Processes =============== . D:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe D:\WINDOWS\system32\svchost.exe -k netsvcs svchost.exe svchost.exe D:\WINDOWS\Explorer.EXE D:\Program Files\Google\Chrome\Application\chrome.exe D:\Program Files\Google\Chrome\Application\chrome.exe D:\Program Files\Google\Chrome\Application\chrome.exe D:\Program Files\Google\Chrome\Application\chrome.exe D:\Program Files\Google\Chrome\Application\chrome.exe D:\Program Files\Google\Chrome\Application\chrome.exe D:\Program Files\Google\Chrome\Application\chrome.exe D:\WINDOWS\system32\NOTEPAD.EXE D:\WINDOWS\system32\NOTEPAD.EXE . ============== Pseudo HJT Report =============== . uStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10002 mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10002 uInternet Connection Wizard,ShellNext = iexplore mSearchAssistant = hxxp://start.funmoods.com/results.php?f=4&a=fmtgl&q={searchTerms} uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - d:\program files\ask.com\GenericAskToolbar.dll uURLSearchHooks: Winamp Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - d:\program files\winamp toolbar\winamptb.dll uURLSearchHooks: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - d:\program files\softonic-eng7\prxtbSof2.dll uURLSearchHooks: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - d:\program files\brothersoft_extreme\prxtbBro0.dll mURLSearchHooks: Winamp Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - d:\program files\winamp toolbar\winamptb.dll BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - d:\program files\winamp toolbar\winamptb.dll BHO: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - d:\program files\softonic-eng7\prxtbSof2.dll BHO: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - d:\program files\brothersoft_extreme\prxtbBro0.dll BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - d:\program files\java\jre6\bin\ssv.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - d:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - d:\program files\ask.com\GenericAskToolbar.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - d:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - d:\program files\winamp toolbar\winamptb.dll TB: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - d:\program files\softonic-eng7\prxtbSof2.dll TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - d:\program files\ask.com\GenericAskToolbar.dll TB: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - d:\program files\brothersoft_extreme\prxtbBro0.dll TB: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No File uRun: [CTFMON.EXE] d:\windows\system32\ctfmon.exe uRun: [MSMSGS] "d:\program files\messenger\msmsgs.exe" /background uRun: [EA Core] "d:\program files\electronic arts\eadm\Core.exe" -silent uRun: [Skype] "d:\program files\skype\phone\Skype.exe" /minimized /regrun uRun: [AutoStartNPSAgent] d:\program files\samsung\samsung new pc studio\NPSAgent.exe uRun: [AdobeBridge] mRun: [SoundMan] SOUNDMAN.EXE mRun: [EPSON Stylus D88 Series] d:\windows\system32\spool\drivers\w32x86\3\E_FATIABE.EXE /P23 "EPSON Stylus D88 Series" /O5 "LPT1:" /M "Stylus D88" mRun: [WinampAgent] "d:\program files\winamp\winampa.exe" mRun: [<NO NAME>] mRun: [ApnUpdater] "d:\program files\ask.com\updater\Updater.exe" mRun: [avast] "d:\program files\alwil software\avast5\avastUI.exe" /nogui mRun: [SunJavaUpdateSched] "d:\program files\common files\java\java update\jusched.exe" mRun: [NPSStartup] mRun: [AdobeAAMUpdater-1.0] "d:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe" mRun: [SwitchBoard] d:\program files\common files\adobe\switchboard\SwitchBoard.exe mRun: [AdobeCS5.5ServiceManager] "d:\program files\common files\adobe\cs5.5servicemanager\CS5.5ServiceManager.exe" -launchedbylogin dRun: [CTFMON.EXE] d:\windows\system32\CTFMON.EXE StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - d:\program files\winzip\WZQKPICK.EXE IE: &Search - tbedits.ourbabymaker.com/one-toolbaredits/m.....2011030809 IE: &Winamp Search - d:\documents and settings\all users\application data\winamp toolbar\ietoolbar\resources\en-us\local\search.html IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - d:\program files\skype\toolbars\internet explorer\skypeieplugin.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.1.20 TCP: Interfaces\{6D511550-B997-41A3-BA2C-D6BCFDD358AB} : DhcpNameServer = 192.168.1.20 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - d:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - d:\progra~1\common~1\skype\SKYPE4~1.DLL . ================= FIREFOX =================== . FF - ProfilePath - d:\documents and settings\sandra\application data\mozilla\firefox\profiles\ubuz7ob1.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: browser.search.selectedEngine - SweetIM Search FF - prefs.js: browser.startup.homepage - hxxp://home.sweetim.com/?crg=3.1010000.10002 FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=2&q= FF - component: d:\documents and settings\sandra\application data\mozilla\firefox\profiles\ubuz7ob1.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll FF - component: d:\documents and settings\sandra\application data\mozilla\firefox\profiles\ubuz7ob1.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll FF - component: d:\documents and settings\sandra\application data\mozilla\firefox\profiles\ubuz7ob1.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll FF - plugin: d:\documents and settings\sandra\application data\mozilla\firefox\profiles\ubuz7ob1.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\plugins\np-mswmp.dll FF - plugin: d:\documents and settings\sandra\application data\mozilla\firefox\profiles\ubuz7ob1.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\plugins\np-mswmp.dll FF - plugin: d:\documents and settings\sandra\application data\mozilla\firefox\profiles\ubuz7ob1.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\plugins\np-mswmp.dll FF - plugin: d:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: d:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: d:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: d:\program files\mozilla firefox\plugins\npwachk.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.funmoods_i.hmpg - true FF - user.js: extensions.funmoods_i.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=fmtgl FF - user.js: extensions.funmoods_i.dfltSrch - true FF - user.js: extensions.funmoods_i.srchPrvdr - Search FF - user.js: extensions.funmoods_i.dnsErr - true FF - user.js: extensions.funmoods_i.newTab - true FF - user.js: extensions.funmoods_i.newTabUrl - hxxp://start.funmoods.com/?f=2&a=fmtgl FF - user.js: extensions.funmoods_i.tlbrSrchUrl - hxxp://start.funmoods.com/results.php?f=3&a=fmtgl&q= FF - user.js: extensions.funmoods_i.id - c04ca04300000000000000e04c2c0b35 FF - user.js: extensions.funmoods_i.instlDay - 15432 FF - user.js: extensions.funmoods_i.vrsn - 1.5.11.16 FF - user.js: extensions.funmoods_i.vrsni - 1.5.11.16 FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.11.1617:51:14 FF - user.js: extensions.funmoods_i.prtnrId - funmoods FF - user.js: extensions.funmoods_i.prdct - funmoods FF - user.js: extensions.funmoods_i.aflt - fmtgl FF - user.js: extensions.funmoods_i.smplGrp - none FF - user.js: extensions.funmoods_i.tlbrId - base FF - user.js: extensions.funmoods_i.instlRef - FF - user.js: extensions.funmoods_i.dfltLng - FF - user.js: extensions.funmoods_i.excTlbr - false . ============= SERVICES / DRIVERS =============== . S0 rbmys;rbmys;d:\windows\system32\drivers\gqtrtwbp.sys --> d:\windows\system32\drivers\gqtrtwbp.sys [?] S0 sstkahst;sstkahst;d:\windows\system32\drivers\ogwddm.sys --> d:\windows\system32\drivers\ogwddm.sys [?] S1 aswSnx;aswSnx;d:\windows\system32\drivers\aswSnx.sys [2002-5-15 729752] S1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [2010-10-7 355632] S2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [2010-10-7 21256] S2 avast! Antivirus;avast! Antivirus;d:\program files\alwil software\avast5\AvastSvc.exe [2010-10-7 44768] S2 FsUsbExService;FsUsbExService;d:\windows\system32\FsUsbExService.Exe [2012-4-2 233472] S2 Skype C2C Service;Skype C2C Service;d:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-8-13 3064000] S2 SkypeUpdate;Skype Updater;d:\program files\skype\updater\Updater.exe [2012-2-15 158856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;d:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-8-31 250568] S3 cpuz132;cpuz132;\??\d:\docume~1\sandra\locals~1\temp\cpuz132\cpuz132_x32.sys --> d:\docume~1\sandra\locals~1\temp\cpuz132\cpuz132_x32.sys [?] S3 FsUsbExDisk;FsUsbExDisk;d:\windows\system32\FsUsbExDisk.Sys [2012-4-2 36608] S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);d:\windows\system32\drivers\ss_bbus.sys [2012-4-2 90112] S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);d:\windows\system32\drivers\ss_bmdfl.sys [2012-4-2 14976] S3 ss_bmdm;SAMSUNG USB Mobile Modem;d:\windows\system32\drivers\ss_bmdm.sys [2012-4-2 121856] S3 SwitchBoard;SwitchBoard;d:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096] . =============== Created Last 30 ================ . 2012-09-02 00:13:11 -------- d-----w- d:\program files\CCleaner 2012-09-02 00:13:11 -------- d-----w- d:\documents and settings\all users\application data\PC Tools 2012-09-01 21:54:33 22344 ----a-w- d:\windows\system32\drivers\mbam.sys 2012-09-01 19:12:02 -------- d-----w- d:\documents and settings\sandra\application data\TestApp 2012-08-31 16:46:53 696520 ----a-w- d:\windows\system32\FlashPlayerApp.exe 2012-08-13 11:35:32 5115584 ----a-w- d:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll . ==================== Find3M ==================== . 2012-08-31 16:46:52 73416 ----a-w- d:\windows\system32\FlashPlayerCPLApp.cpl 2012-08-21 09:13:15 729752 ----a-w- d:\windows\system32\drivers\aswSnx.sys 2012-08-21 09:12:33 41224 ----a-w- d:\windows\avastSS.scr . ============= FINISH: 14:35:38,01 ===============

Profil

TwinHeadedEagle Poslao: 02 Sep 2012 15:15 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Alex_Alex Ponovo isprati uputstvo i dostavi nam: - Attach.txt - Gmer1.log - Gmer2.log - Gmer3.log Zatim: Start -> Run -> %AppData%\Malwarebytes\Malwarebytes' Anti-Malware\Logs -> Enter Dostavi sve logove koje nadjes u tom folderu.

Profil

Alex_Alex Poslao: 02 Sep 2012 20:42 Idi na vrh
offline Alex_Alex Novi MyCity građanin Pridružio: 02 Sep 2012 Poruke: 10	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zaboravila sam u prethodnom postu napisati da cim kliknem na Gmer restartuje mi se racunar tako da to nisam uspjela napraviti. I nesto sam novo otkrila, kada iskljucim Avast sve se odblokira i mogu normalno raditi na racunaru. Malwarebytes Anti-Malware 1.62.0.1300 malwarebytes.org Verzija baze: v2012.09.01.06 Windows XP Service Pack 2 x86 NTFS (Bezbedni režim) Internet Explorer 6.0.2900.2180 Sandra :: SANDRA-80037425 [administrator] 2.9.2012 3:22:35 mbam-log-2012-09-02 (03-22-35).txt Način skeniranja: Kompletno skeniranje (C:\\|D:\ Omogućene opcije skeniranja: Memorija \| Automatsko pokretanje \| Registar \| Datotečni sistem \| Heuristika/Dodatno \| Heuristika/Shuriken \| PUP \| PUM Onemogućene opcije skeniranja: P2P Skeniranih objekata 229319 Proteklo vreme 32 minuta(e), 16 sekundi Detektovani procesi u memoriji: 0 (Maliciozne stavke nisu pronađene) Detektovani moduli u memoriji: 0 (Maliciozne stavke nisu pronađene) Detektovani ključevi u registru: 0 (Maliciozne stavke nisu pronađene) Detektovane vrednosti u registru: 0 (Maliciozne stavke nisu pronađene) Detektovani podaci u registru: 0 (Maliciozne stavke nisu pronađene) Detektovane fascikle: 0 (Maliciozne stavke nisu pronađene) Detektovane datoteke: 0 (Maliciozne stavke nisu pronađene) (kraj) Malwarebytes Anti-Malware 1.62.0.1300 malwarebytes.org Verzija baze: v2012.09.01.06 Windows XP Service Pack 2 x86 NTFS (Bezbedni režim/Bezbedni režim sa umrežavanjem) Internet Explorer 6.0.2900.2180 Sandra :: SANDRA-80037425 [administrator] 1.9.2012 23:56:56 mbam-log-2012-09-01 (23-56-56).txt Način skeniranja: Kompletno skeniranje (C:\\|D:\ Omogućene opcije skeniranja: Memorija \| Automatsko pokretanje \| Registar \| Datotečni sistem \| Heuristika/Dodatno \| Heuristika/Shuriken \| PUP \| PUM Onemogućene opcije skeniranja: P2P Skeniranih objekata 232767 Proteklo vreme 17 minuta(e), 40 sekundi Detektovani procesi u memoriji: 0 (Maliciozne stavke nisu pronađene) Detektovani moduli u memoriji: 0 (Maliciozne stavke nisu pronađene) Detektovani ključevi u registru: 0 (Maliciozne stavke nisu pronađene) Detektovane vrednosti u registru: 0 (Maliciozne stavke nisu pronađene) Detektovani podaci u registru: 0 (Maliciozne stavke nisu pronađene) Detektovane fascikle: 0 (Maliciozne stavke nisu pronađene) Detektovane datoteke: 1 D:\System Volume Information\_restore{7CA4DF12-92B6-44F7-9B7B-B9C98F95A04A}\RP564\A0998347.exe (PUP.Blabbers) -> Nikakva akcija nije poduzeta. (kraj) Malwarebytes Anti-Malware 1.61.0.1400 malwarebytes.org Verzija baze: v2012.08.31.06 Windows XP Service Pack 2 x86 NTFS (Bezbedni režim) Internet Explorer 6.0.2900.2180 Sandra :: SANDRA-80037425 [administrator] 31.8.2012 21:29:43 mbam-log-2012-08-31 (21-29-43).txt Način skeniranja: Kompletno skeniranje Omogućene opcije skeniranja: Memorija \| Automatsko pokretanje \| Registar \| Datotečni sistem \| Heuristika/Dodatno \| Heuristika/Shuriken \| PUP \| PUM Onemogućene opcije skeniranja: P2P Skeniranih objekata 27615 Proteklo vreme 1 minuta(e), 4 sekundi [prekinuto] Detektovani procesi u memoriji: 0 (Maliciozne stavke nisu pronađene) Detektovani moduli u memoriji: 0 (Maliciozne stavke nisu pronađene) Detektovani ključevi u registru: 19 HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano HKCR\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano HKCR\wit4ie.WitBHO (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano HKCR\tdataprotocol.CTData (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano HKCR\Typelib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} (PUP.Funmoods) -> Stavljeno u karantin i uspešno obrisano HKCR\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} (PUP.Funmoods) -> Stavljeno u karantin i uspešno obrisano Detektovane vrednosti u registru: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\|Browser companion helper (PUP.Blabbers) -> Podatak: D:\Program Files\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej -> Stavljeno u karantin i uspešno obrisano Detektovani podaci u registru: 0 (Maliciozne stavke nisu pronađene) Detektovane fascikle: 0 (Maliciozne stavke nisu pronađene) Detektovane datoteke: 4 D:\Program Files\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano D:\Program Files\BrowserCompanion\jsloader.dll (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano D:\Program Files\BrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano D:\Program Files\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano (kraj) Malwarebytes' Anti-Malware 1.51.2.1300 malwarebytes.org Verzija baze: 8073 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 3.11.2011 13:50:43 mbam-log-2011-11-03 (13-50-43).txt Način skeniranja: Kompletno skeniranje (C:\\|D:\ Skeniranih objekata 207329 Proteklo vreme 1 sat(i), 45 minuta(e), 52 sekundi Inficirani procesi u memoriji: 0 Inficirani moduli u memoriji: 0 Inficirani ključevi u registru: 0 Inficirane vrednosti u registru: 0 Inficirani podaci u registru: 0 Inficirane fascikle: 0 Inficirane datoteke: 3 Inficirani procesi u memoriji: (Maliciozne stavke nisu pronađene) Inficirani moduli u memoriji: (Maliciozne stavke nisu pronađene) Inficirani ključevi u registru: (Maliciozne stavke nisu pronađene) Inficirane vrednosti u registru: (Maliciozne stavke nisu pronađene) Inficirani podaci u registru: (Maliciozne stavke nisu pronađene) Inficirane fascikle: (Maliciozne stavke nisu pronađene) Inficirane datoteke: d:\documents and settings\Sandra\my documents\???????\ourbabymaker(2).exe (Adware.FunWeb) -> Quarantined and deleted successfully. d:\documents and settings\Sandra\my documents\???????\ourbabymaker(3).exe (Adware.FunWeb) -> Quarantined and deleted successfully. d:\documents and settings\Sandra\my documents\???????\ourbabymaker.exe (Adware.FunWeb) -> Quarantined and deleted successfully. Malwarebytes' Anti-Malware 1.51.2.1300 malwarebytes.org Verzija baze: 8073 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 3.11.2011 15:20:05 mbam-log-2011-11-03 (15-20-05).txt Način skeniranja: Kompletno skeniranje (C:\\|D:\ Skeniranih objekata 178528 Proteklo vreme 1 sat(i), 25 minuta(e), 26 sekundi Inficirani procesi u memoriji: 0 Inficirani moduli u memoriji: 0 Inficirani ključevi u registru: 0 Inficirane vrednosti u registru: 0 Inficirani podaci u registru: 0 Inficirane fascikle: 0 Inficirane datoteke: 0 Inficirani procesi u memoriji: (Maliciozne stavke nisu pronađene) Inficirani moduli u memoriji: (Maliciozne stavke nisu pronađene) Inficirani ključevi u registru: (Maliciozne stavke nisu pronađene) Inficirane vrednosti u registru: (Maliciozne stavke nisu pronađene) Inficirani podaci u registru: (Maliciozne stavke nisu pronađene) Inficirane fascikle: (Maliciozne stavke nisu pronađene) Inficirane datoteke: (Maliciozne stavke nisu pronađene) Malwarebytes Anti-Malware 1.62.0.1300 malwarebytes.org Verzija baze: v2012.09.01.06 Windows XP Service Pack 2 x86 NTFS (Bezbedni režim/Bezbedni režim sa umrežavanjem) Internet Explorer 6.0.2900.2180 Sandra :: SANDRA-80037425 [administrator] 2.9.2012 0:38:01 mbam-log-2012-09-02 (00-38-01).txt Način skeniranja: Kompletno skeniranje (C:\\|D:\ Omogućene opcije skeniranja: Memorija \| Automatsko pokretanje \| Registar \| Datotečni sistem \| Heuristika/Dodatno \| Heuristika/Shuriken \| PUP \| PUM Onemogućene opcije skeniranja: P2P Skeniranih objekata 232789 Proteklo vreme 18 minuta(e), 2 sekundi Detektovani procesi u memoriji: 0 (Maliciozne stavke nisu pronađene) Detektovani moduli u memoriji: 0 (Maliciozne stavke nisu pronađene) Detektovani ključevi u registru: 0 (Maliciozne stavke nisu pronađene) Detektovane vrednosti u registru: 0 (Maliciozne stavke nisu pronađene) Detektovani podaci u registru: 0 (Maliciozne stavke nisu pronađene) Detektovane fascikle: 0 (Maliciozne stavke nisu pronađene) Detektovane datoteke: 1 D:\System Volume Information\_restore{7CA4DF12-92B6-44F7-9B7B-B9C98F95A04A}\RP564\A0998347.exe (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano (kraj) Malwarebytes Anti-Malware 1.61.0.1400 malwarebytes.org Verzija baze: v2012.08.31.06 Windows XP Service Pack 2 x86 NTFS (Bezbedni režim) Internet Explorer 6.0.2900.2180 Sandra :: SANDRA-80037425 [administrator] 31.8.2012 21:31:58 mbam-log-2012-08-31 (21-31-58).txt Način skeniranja: Kompletno skeniranje Omogućene opcije skeniranja: Memorija \| Automatsko pokretanje \| Registar \| Datotečni sistem \| Heuristika/Dodatno \| Heuristika/Shuriken \| PUP \| PUM Onemogućene opcije skeniranja: P2P Skeniranih objekata 223883 Proteklo vreme 40 minuta(e), 53 sekundi Detektovani procesi u memoriji: 0 (Maliciozne stavke nisu pronađene) Detektovani moduli u memoriji: 0 (Maliciozne stavke nisu pronađene) Detektovani ključevi u registru: 4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano Detektovane vrednosti u registru: 3 HKCR\protocols\Handler\base64\|CLSID (PUP.Blabbers) -> Podatak: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Stavljeno u karantin i uspešno obrisano HKCR\protocols\Handler\chrome\|CLSID (PUP.Blabbers) -> Podatak: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Stavljeno u karantin i uspešno obrisano HKCR\protocols\Handler\prox\|CLSID (PUP.Blabbers) -> Podatak: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Stavljeno u karantin i uspešno obrisano Detektovani podaci u registru: 0 (Maliciozne stavke nisu pronađene) Detektovane fascikle: 1 D:\Program Files\BrowserCompanion (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano Detektovane datoteke: 11 D:\Documents and Settings\Sandra\AppData\LocalLow\bbrs_002.tb\content\BCHelper.exe (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano D:\Documents and Settings\Sandra\My Documents\Downloads\adobeUbdate.exe (Backdoor.Agent) -> Stavljeno u karantin i uspešno obrisano D:\System Volume Information\_restore{7CA4DF12-92B6-44F7-9B7B-B9C98F95A04A}\RP564\A0998342.exe (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano D:\Program Files\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano D:\Program Files\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano D:\Program Files\BrowserCompanion\logo.ico (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano D:\Program Files\BrowserCompanion\sqlite3.dll (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano D:\Program Files\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano D:\Program Files\BrowserCompanion\uninstall.exe (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano D:\Program Files\BrowserCompanion\updater.ini (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano D:\Program Files\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> Stavljeno u karantin i uspešno obrisano (kraj)

Profil

TwinHeadedEagle Poslao: 02 Sep 2012 21:46 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U temi za otvaranje http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html , postoji alternativa GMER-u, koja se zove RootRepeal

Profil

Alex_Alex Poslao: 02 Sep 2012 22:49 Idi na vrh
offline Alex_Alex Novi MyCity građanin Pridružio: 02 Sep 2012 Poruke: 10	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Sve je lijepo pisalo a meni treba nacrtati. Izvini sto ne procitah do kraja. Imam jedan disk podjeljen na dvije particije, oznacila sam i C i D valjda nisam opet nesto zabrljala. mycity.rs/must-login.png

Profil

TwinHeadedEagle Poslao: 03 Sep 2012 14:14 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Korak 1 Preuzmi program CatchMe. Dvoklikom pokreni catchme.exe i klikni na tab Script. U (beli) prozor programa iskopiraj sledeći tekst: `files: d:\windows\system32\drivers\gqtrtwbp.sys d:\windows\system32\drivers\ogwddm.sys` Klikni na dugme Run. Kada se pojavi poruka sa obaveštenjem, klikni na dugme OK. Po završetku procesa, na Desktopu će se nalaziti datoteka catchme.zip. Tu datoteku je neophodno postaviti (uploadovati) na forum preko sledeće forme: http://www.mycity.rs/ambulanta-upload.php Korak 2 Idi u Start -> Control Panel -> Add or Remove Programs i deinstaliraj sledece programe: Softonic-Eng7 Toolbar BrotherSoft Extreme Toolbar Winamp Toolbar Loader Ask Toolbar Restartuj racunar. Korak 3 Preuzmi "Xplode"-ov AdwCleaner i sacuvaj ga na Desktop Dvoklikom pokreni program i klikni na dugme [Search] . Kada program zavrsi analizu otvorice notepad sa izvestajem. Zatvori taj notepad. Klikni na dugme [Delete] i pricekaj da program zavrsi. Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu. Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem. Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl" Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt Korak 4 Ponovo pokreni DDS i postavi oba izvestaja koje dobijes. TwinHeadedEagle (AMFTim)

Profil

Alex_Alex Poslao: 03 Sep 2012 20:04 Idi na vrh
offline Alex_Alex Novi MyCity građanin Pridružio: 02 Sep 2012 Poruke: 10	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Ovo je sve gore i gore. Prvo je bilo sve blokirano, onda sam shvatila da jedino avast mogu otvoriti i kada bih ga blokirala na 10 minuta sve drugo bi se odblokiralo. Sada sam uradila prvi i drugi korak po uputstvu i nakon toga vise uopste ne vidim ni start, ni sat dole je sve plavo a oko 80% ikona na desktopu stoji kao da racunar ne prepoznaje koji su programi. Uradila sam i ostalo. . DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_30 Run by Sandra at 19:55:10 on 2012-09-03 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.1023.625 [GMT 2:00] . AV: avast! Antivirus Enabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: avast! Antivirus Disabled . ============== Running Processes =============== . D:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe D:\WINDOWS\system32\svchost.exe -k netsvcs svchost.exe svchost.exe D:\WINDOWS\Explorer.EXE D:\Program Files\Google\Chrome\Application\chrome.exe D:\Program Files\Google\Chrome\Application\chrome.exe D:\Program Files\Google\Chrome\Application\chrome.exe D:\Program Files\Google\Chrome\Application\chrome.exe D:\Program Files\Google\Chrome\Application\chrome.exe D:\Program Files\Google\Chrome\Application\chrome.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com mStart Page = hxxp://www.google.com uInternet Connection Wizard,ShellNext = iexplore mSearchAssistant = hxxp://www.google.com BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - d:\program files\java\jre6\bin\ssv.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - d:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - d:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No File uRun: [CTFMON.EXE] d:\windows\system32\ctfmon.exe uRun: [MSMSGS] "d:\program files\messenger\msmsgs.exe" /background uRun: [EA Core] "d:\program files\electronic arts\eadm\Core.exe" -silent uRun: [Skype] "d:\program files\skype\phone\Skype.exe" /minimized /regrun uRun: [AutoStartNPSAgent] d:\program files\samsung\samsung new pc studio\NPSAgent.exe uRun: [AdobeBridge] uRunOnce: [Report] D:\AdwCleaner[S2].txt mRun: [SoundMan] SOUNDMAN.EXE mRun: [EPSON Stylus D88 Series] d:\windows\system32\spool\drivers\w32x86\3\E_FATIABE.EXE /P23 "EPSON Stylus D88 Series" /O5 "LPT1:" /M "Stylus D88" mRun: [WinampAgent] "d:\program files\winamp\winampa.exe" mRun: [avast] "d:\program files\alwil software\avast5\avastUI.exe" /nogui mRun: [SunJavaUpdateSched] "d:\program files\common files\java\java update\jusched.exe" mRun: [NPSStartup] mRun: [AdobeAAMUpdater-1.0] "d:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe" mRun: [SwitchBoard] d:\program files\common files\adobe\switchboard\SwitchBoard.exe mRun: [AdobeCS5.5ServiceManager] "d:\program files\common files\adobe\cs5.5servicemanager\CS5.5ServiceManager.exe" -launchedbylogin mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k dRun: [CTFMON.EXE] d:\windows\system32\CTFMON.EXE StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - d:\program files\winzip\WZQKPICK.EXE IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - d:\program files\skype\toolbars\internet explorer\skypeieplugin.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.1.20 TCP: Interfaces\{6D511550-B997-41A3-BA2C-D6BCFDD358AB} : DhcpNameServer = 192.168.1.20 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - d:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - d:\progra~1\common~1\skype\SKYPE4~1.DLL . ================= FIREFOX =================== . FF - ProfilePath - d:\documents and settings\sandra\application data\mozilla\firefox\profiles\ubuz7ob1.default\ FF - prefs.js: browser.search.defaulturl - FF - component: d:\documents and settings\sandra\application data\mozilla\firefox\profiles\ubuz7ob1.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll FF - component: d:\documents and settings\sandra\application data\mozilla\firefox\profiles\ubuz7ob1.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll FF - component: d:\documents and settings\sandra\application data\mozilla\firefox\profiles\ubuz7ob1.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll FF - plugin: d:\documents and settings\sandra\application data\mozilla\firefox\profiles\ubuz7ob1.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\plugins\np-mswmp.dll FF - plugin: d:\documents and settings\sandra\application data\mozilla\firefox\profiles\ubuz7ob1.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\plugins\np-mswmp.dll FF - plugin: d:\documents and settings\sandra\application data\mozilla\firefox\profiles\ubuz7ob1.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\plugins\np-mswmp.dll FF - plugin: d:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: d:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: d:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: d:\program files\mozilla firefox\plugins\npwachk.dll FF - plugin: d:\windows\system32\macromed\flash\NPSWF32_11_3_300_271.dll . ============= SERVICES / DRIVERS =============== . S0 rbmys;rbmys;d:\windows\system32\drivers\gqtrtwbp.sys --> d:\windows\system32\drivers\gqtrtwbp.sys [?] S0 sstkahst;sstkahst;d:\windows\system32\drivers\ogwddm.sys --> d:\windows\system32\drivers\ogwddm.sys [?] S1 aswSnx;aswSnx;d:\windows\system32\drivers\aswSnx.sys [2002-5-15 729752] S1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [2010-10-7 355632] S2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [2010-10-7 21256] S2 avast! Antivirus;avast! Antivirus;d:\program files\alwil software\avast5\AvastSvc.exe [2010-10-7 44768] S2 FsUsbExService;FsUsbExService;d:\windows\system32\FsUsbExService.Exe [2012-4-2 233472] S2 Skype C2C Service;Skype C2C Service;d:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-8-13 3064000] S2 SkypeUpdate;Skype Updater;d:\program files\skype\updater\Updater.exe [2012-2-15 158856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;d:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-8-31 250056] S3 cpuz132;cpuz132;\??\d:\docume~1\sandra\locals~1\temp\cpuz132\cpuz132_x32.sys --> d:\docume~1\sandra\locals~1\temp\cpuz132\cpuz132_x32.sys [?] S3 FsUsbExDisk;FsUsbExDisk;d:\windows\system32\FsUsbExDisk.Sys [2012-4-2 36608] S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);d:\windows\system32\drivers\ss_bbus.sys [2012-4-2 90112] S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);d:\windows\system32\drivers\ss_bmdfl.sys [2012-4-2 14976] S3 ss_bmdm;SAMSUNG USB Mobile Modem;d:\windows\system32\drivers\ss_bmdm.sys [2012-4-2 121856] S3 SwitchBoard;SwitchBoard;d:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096] . =============== Created Last 30 ================ . 2012-09-02 00:13:11 -------- d-----w- d:\program files\CCleaner 2012-09-02 00:13:11 -------- d-----w- d:\documents and settings\all users\application data\PC Tools 2012-09-01 21:54:33 22344 ----a-w- d:\windows\system32\drivers\mbam.sys 2012-09-01 19:12:02 -------- d-----w- d:\documents and settings\sandra\application data\TestApp 2012-08-31 16:46:53 426184 ----a-w- d:\windows\system32\FlashPlayerApp.exe 2012-08-13 11:35:32 5115584 ----a-w- d:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll . ==================== Find3M ==================== . 2012-09-02 20:19:37 70344 ----a-w- d:\windows\system32\FlashPlayerCPLApp.cpl 2012-08-21 09:13:15 729752 ----a-w- d:\windows\system32\drivers\aswSnx.sys 2012-08-21 09:12:33 41224 ----a-w- d:\windows\avastSS.scr . ============= FINISH: 19:55:41,48 =============== mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png

Profil

TwinHeadedEagle Poslao: 04 Sep 2012 15:38 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Korak 1. Preuzmi sledeci fajl na Desktop i pokreni ga. https://www.mycity.rs/must-login.png Ako se otvori Notepad, iskopiraj njegov sadrzaj u temu. Ukoliko se ne otvori, znaci da je sve proslo kako treba i potrebno je da to napomenes u poruci. U tom slucaju, na Desktop-u ce biti fajl log.txt, ciji je sadrzaj potrebno kopirati u temu. Korak 2. Idi u Start -> Control Panel -> Add or Remove Programs i deinstaliraj avast! Free Antivirus Zatim na Desktop preuzmi aswclear.exe. Zatim je potrebno da butujes racunar u Safe Mode po ovom uputstvu. Pokreni aswclear.exe i isprati instrukcije. Zatim restartuj racunar normalno, bez ulaska u Safe Mode. Uputstvo takodje moze pogledati ovde: http://www.avast.com/uninstall-utility Korak 3. - Preporucujem ti da instaliras Service Pack 3 za Windows XP tj. update-ujes svoj Operativni Sistem. Necu govoriti o njegovim prednostima u odnosu na Service Pack 2. Te informacije mozes naci na MS-ovom sajtu. Uglavnom, MS je 13.jula 2010 prekinuo podrsku za Service Pack 2 koji je instaliran na tvom racunaru. Sta to znaci? Pogledaj link: http://windows.microsoft.com/en-US/windows/help/what-does-end-of-support-mean; **** Ukoliko se odlucis na ovaj korak (instaliranje SP3), preporucujem ti da prethodno uradis backup svih bitnih podataka. Korak 4. Sada je potrebno da instaliras Antivirus. Mozes izabrati neki od besplatnih varijanti Microsoft Security Essentials avast! Free Antivirus Avira Free Antivirus Panda Antivirus Free AVG Free TwinHeadedEagle (AMFTim)

Profil

Alex_Alex Poslao: 06 Sep 2012 20:30 Idi na vrh
offline Alex_Alex Novi MyCity građanin Pridružio: 02 Sep 2012 Poruke: 10	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Bila sam u guzvi ovih dana, nisam stigla do racunara. Uradila sam ovo prvo i otvorio mi se notepad. [SC] DeleteService SUCCESS [SC] DeleteService SUCCESS Could Not Find d:\windows\system32\drivers\gqtrtwbp.sys Could Not Find d:\windows\system32\drivers\ogwddm.sys

Profil

TwinHeadedEagle Poslao: 06 Sep 2012 21:24 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U redu, isprati preostale korake...

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Blokirao racunar

Ko je trenutno na forumu

Ukupno su 973 korisnika na forumu :: 31 registrovanih, 2 sakrivenih i 940 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: ajo baba, aleksmajstor, AleksSE, Apok, bestguarder, Brana01, crnitrn, DPera, Frunze, galijot, goxin, joca83, krkalon, Kubovac, ladro, Levi, Lieutenant, marsovac 2, milos.cbr, MiroslavD, nextyamb, Panter, raketaš, Sirius, Srle993, tmanda323, Toper, Trpe Grozni, VJ, Vlada1389, zziko

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by