MyCity » Ambulanta -> Arhiva Ambulante » Kompijuter mi koči

Kompijuter mi koči

Napisano na dan: 25.10.2014

Strana:
1
2
3

Kompijuter mi koči

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

mandalena.ristic2126 Poslao: 25 Okt 2014 21:00 Idi na vrh
offline mandalena.ristic2126 Novi MyCity građanin Pridružio: 25 Okt 2014 Poruke: 17	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume2 Install Date: 03.07.2013 20:58:58 System Uptime: 25.10.2014 16:03:40 (4 hours ago) . Motherboard: LENOVO \| \| LENOVO Processor: Intel(R) Celeron(R) CPU 2.93GHz \| LGA775/PSC/TJS \| 2926/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 30 GiB total, 14,975 GiB free. D: is FIXED (NTFS) - 149 GiB total, 108,86 GiB free. E: is FIXED (NTFS) - 44 GiB total, 33,663 GiB free. F: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: Video Controller Device ID: PCI\VEN_1002&DEV_5B70&SUBSYS_0501174B&REV_00\4&29C08469&0&0108 Manufacturer: Name: Video Controller PNP Device ID: PCI\VEN_1002&DEV_5B70&SUBSYS_0501174B&REV_00\4&29C08469&0&0108 Service: . ==== System Restore Points =================== . RP368: 03.10.2014 14:23:08 - System Checkpoint RP369: 04.10.2014 19:50:09 - System Checkpoint RP370: 05.10.2014 20:33:23 - System Checkpoint RP371: 06.10.2014 20:55:27 - System Checkpoint RP372: 07.10.2014 11:10:48 - Installed Windows Media Player 11 RP373: 08.10.2014 17:12:23 - System Checkpoint RP374: 08.10.2014 19:13:19 - avast! antivirus system restore point RP375: 10.10.2014 15:37:33 - System Checkpoint RP376: 11.10.2014 18:55:06 - System Checkpoint RP377: 13.10.2014 01:52:35 - System Checkpoint RP378: 14.10.2014 17:43:27 - System Checkpoint RP379: 17.10.2014 10:38:29 - System Checkpoint RP380: 18.10.2014 11:28:03 - System Checkpoint RP381: 19.10.2014 12:24:44 - System Checkpoint RP382: 20.10.2014 17:40:09 - System Checkpoint RP383: 21.10.2014 18:13:34 - System Checkpoint RP384: 23.10.2014 18:22:17 - System Checkpoint . ==== Image File Execution Options ============= . IFEO: bitguard.exe - tasklist.exe IFEO: bprotect.exe - tasklist.exe IFEO: bpsvc.exe - tasklist.exe IFEO: browserdefender.exe - tasklist.exe IFEO: browserprotect.exe - tasklist.exe IFEO: browsersafeguard.exe - tasklist.exe IFEO: dprotectsvc.exe - tasklist.exe IFEO: jumpflip - tasklist.exe IFEO: protectedsearch.exe - tasklist.exe [Link mogu videti samo ulogovani korisnici]

Profil

argus Poslao: 25 Okt 2014 21:03 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kopiraj mi ponovo kompletan DDS.txt izvestaj, vise od polovine nije iskopirano na forumu. U stvari DDS.txt nisi uopste kopirala.

Profil

mandalena.ristic2126 Poslao: 25 Okt 2014 21:04 Idi na vrh
offline mandalena.ristic2126 Novi MyCity građanin Pridružio: 25 Okt 2014 Poruke: 17	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume2 Install Date: 03.07.2013 20:58:58 System Uptime: 25.10.2014 16:03:40 (4 hours ago) . Motherboard: LENOVO \| \| LENOVO Processor: Intel(R) Celeron(R) CPU 2.93GHz \| LGA775/PSC/TJS \| 2926/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 30 GiB total, 14,975 GiB free. D: is FIXED (NTFS) - 149 GiB total, 108,86 GiB free. E: is FIXED (NTFS) - 44 GiB total, 33,663 GiB free. F: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: Video Controller Device ID: PCI\VEN_1002&DEV_5B70&SUBSYS_0501174B&REV_00\4&29C08469&0&0108 Manufacturer: Name: Video Controller PNP Device ID: PCI\VEN_1002&DEV_5B70&SUBSYS_0501174B&REV_00\4&29C08469&0&0108 Service: . ==== System Restore Points =================== . RP368: 03.10.2014 14:23:08 - System Checkpoint RP369: 04.10.2014 19:50:09 - System Checkpoint RP370: 05.10.2014 20:33:23 - System Checkpoint RP371: 06.10.2014 20:55:27 - System Checkpoint RP372: 07.10.2014 11:10:48 - Installed Windows Media Player 11 RP373: 08.10.2014 17:12:23 - System Checkpoint RP374: 08.10.2014 19:13:19 - avast! antivirus system restore point RP375: 10.10.2014 15:37:33 - System Checkpoint RP376: 11.10.2014 18:55:06 - System Checkpoint RP377: 13.10.2014 01:52:35 - System Checkpoint RP378: 14.10.2014 17:43:27 - System Checkpoint RP379: 17.10.2014 10:38:29 - System Checkpoint RP380: 18.10.2014 11:28:03 - System Checkpoint RP381: 19.10.2014 12:24:44 - System Checkpoint RP382: 20.10.2014 17:40:09 - System Checkpoint RP383: 21.10.2014 18:13:34 - System Checkpoint RP384: 23.10.2014 18:22:17 - System Checkpoint . ==== Image File Execution Options ============= . IFEO: bitguard.exe - tasklist.exe IFEO: bprotect.exe - tasklist.exe IFEO: bpsvc.exe - tasklist.exe IFEO: browserdefender.exe - tasklist.exe IFEO: browserprotect.exe - tasklist.exe IFEO: browsersafeguard.exe - tasklist.exe IFEO: dprotectsvc.exe - tasklist.exe IFEO: jumpflip - tasklist.exe IFEO: protectedsearch.exe - tasklist.exe IFEO: searchinstaller.exe - tasklist.exe IFEO: searchprotection.exe - tasklist.exe IFEO: searchprotector.exe - tasklist.exe IFEO: searchsettings.exe - tasklist.exe IFEO: searchsettings64.exe - tasklist.exe IFEO: snapdo.exe - tasklist.exe IFEO: stinst32.exe - tasklist.exe IFEO: stinst64.exe - tasklist.exe IFEO: umbrella.exe - tasklist.exe IFEO: utiljumpflip.exe - tasklist.exe IFEO: volaro - tasklist.exe IFEO: vonteera - tasklist.exe IFEO: websteroids.exe - tasklist.exe IFEO: websteroidsservice.exe - tasklist.exe IFEO: Your Image File Name Here without a path - ntsd -d .

Profil

argus Poslao: 25 Okt 2014 21:06 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Samo polako, imas dva izvestaja DDS.txt i Attach.txt. Attach.txt si kopirala odnosno prilozila, a meni trreba i DDS.txt izvestaj.

Profil

mandalena.ristic2126 Poslao: 25 Okt 2014 21:07 Idi na vrh
offline mandalena.ristic2126 Novi MyCity građanin Pridružio: 25 Okt 2014 Poruke: 17	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 10.55.2 Run by Ristic at 20:48:05 on 2014-10-25 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2045.904 [GMT 2:00] . AV: AVG Internet Security 2013 Disabled/Updated {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: avast! Antivirus Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: avast! Antivirus Disabled . ============== Running Processes ================ . C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\iSafe\iSafeSvc.exe C:\Program Files\iSafe\iSafeSvc2.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files\AVAST Software\Avast\afwServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\WINDOWS\TEMP\nsv9.tmp\nsA.tmp C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Ristic\Application Data\BitTorrent\BitTorrent.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\iSafe\ipcdl.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Common Files\Java\Java Update\jucheck.exe C:\Program Files\Sitecom 3G MiFi\WCDMA_EjectCdrom.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe c:\windows\system32\svchost.exe -k netsvcs c:\windows\system32\svchost.exe -k networkservice c:\windows\system32\svchost.exe -k localservice c:\windows\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = [Link mogu videti samo ulogovani korisnici] uSearch Bar = [Link mogu videti samo ulogovani korisnici] uInternet Connection Wizard,ShellNext = [Link mogu videti samo ulogovani korisnici] mURLSearchHooks: <No Name>: - LocalServer32 - <no file> BHO: Object Browser: {11111111-1111-1111-1111-110311281150} - c:\program files\object browser\Object Browser-bho.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned> BHO: VAyuudix: {A3949BD9-DFFA-257F-785B-1A60004845DC} - c:\documents and settings\all users\application data\vayuudix\520785cc1718f.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [Facebook Update] "c:\documents and settings\ristic\local settings\application data\facebook\update\FacebookUpdate.exe" /c /nocrashserver uRun: [BitTorrent Sync] "c:\program files\bittorrent sync\BTSync.exe" /MINIMIZED uRun: [SpeedItupFree] "c:\program files\speeditup free\speeditupfree.exe" uRun: [YTDownloader] "c:\program files\ytdownloader\YTDownloader.exe" /boot uRun: [BitTorrent] "c:\documents and settings\ristic\application data\bittorrent\BitTorrent.exe" /MINIMIZED mRun: [SoundMAXPnP] c:\program files\analog devices\soundmax\SMax4PNP.exe mRun: [SoundMAX] "c:\program files\analog devices\soundmax\Smax4.exe" /tray mRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe" mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [mobilegeni daemon] c:\program files\mobogenie\DaemonProcess.exe mRun: [YTDownloader] "c:\program files\ytdownloader\YTDownloader.exe" /boot mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui mRun: [Sitecom 3G MiFi] <no file> dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\cataly~1.lnk - c:\program files\ati technologies\ati.ace\CLI.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe TCP: NameServer = 192.168.1.1 TCP: Interfaces\{496CDDAF-E2D7-456E-824B-FCBBE222A2CF} : DHCPNameServer = 192.168.1.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Notify: AtiExtEvent - Ati2evxx.dll SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll IFEO: bitguard.exe - tasklist.exe IFEO: bprotect.exe - tasklist.exe IFEO: bpsvc.exe - tasklist.exe IFEO: browserdefender.exe - tasklist.exe IFEO: browserprotect.exe - tasklist.exe . Note: multiple IFEO entries found. Please refer to Attach.txt . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\ristic\application data\mozilla\firefox\profiles\ufbxj3up.default\ FF - prefs.js: browser.startup.homepage - about:home FF - plugin: c:\documents and settings\ristic\local settings\application data\facebook\video\skype\npFacebookVideoCalling.dll FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll FF - plugin: c:\program files\globalupdate\update\1.3.25.0\npGoogleUpdate4.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1210150.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_15_0_0_152.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - 709018d60000000000000010c6a8d8dd FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15917 FF - user.js: extensions.delta.vrsn - 1.8.22.0 FF - user.js: extensions.delta.vrsni - 1.8.22.0 FF - user.js: extensions.delta.vrsnTs - 1.8.22.022:33:02 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - en FF - user.js: extensions.delta.excTlbr - false FF - user.js: extensions.delta.ffxUnstlRst - true FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta_i.babTrack - affID=120698&tsp=4960 FF - user.js: extensions.delta_i.babExt - FF - user.js: extensions.delta_i.srcExt - ss FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.newTab - false . . . . . . . . . . . ============= SERVICES / DRIVERS =============== . R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2014-10-8 12112] R0 aswNdis2;avast! Firewall NDIS Driver;c:\windows\system32\drivers\aswNdis2.sys [2014-10-8 252872] R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2014-9-8 49944] R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2014-9-8 192352] R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2014-10-8 26136] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-9-8 779536] R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2014-9-8 414520] R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-9-8 24184] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-9-8 67824] . =============== File Associations =============== . FileExt: .txt: txtfile=notepad.exe "%1" ShellExec: regsvr32.exe: RegDLL=regsvr32 %1 ShellExec: regsvr32.exe: UnRegDLL=regsvr32 /u %1 . =============== Created Last 30 ================ . 2014-10-25 18:33:06 -------- d-----w- c:\program files\SmartPCFixer 2014-10-25 17:56:26 -------- d-----w- c:\documents and settings\ristic\application data\WebExtend 2014-10-25 17:55:43 -------- d-----w- c:\documents and settings\ristic\application data\Gena01 2014-10-25 17:08:57 129536 ----a-w- c:\windows\system32\drivers\twusbnet.sys 2014-10-25 17:08:57 105984 ----a-w- c:\windows\system32\drivers\WCDMA_Datacard_Usb_Ser.sys 2014-10-25 17:08:56 -------- d-s---w- c:\program files\Sitecom 3G MiFi 2014-10-08 17:19:24 26136 ----a-w- c:\windows\system32\drivers\aswKbd.sys 2014-10-08 17:19:23 252872 ----a-w- c:\windows\system32\drivers\aswNdis2.sys 2014-10-08 17:17:14 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys . ==================== Find3M ==================== . 2014-09-26 14:00:38 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2014-09-26 14:00:38 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2014-09-08 16:05:30 779536 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2014-09-08 16:05:30 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2014-09-08 16:05:30 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2014-09-08 16:05:30 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys 2014-09-08 16:05:30 192352 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2014-09-08 16:05:28 43152 ----a-w- c:\windows\avastSS.scr . ============= FINISH: 20:50:16,21 ===============

Profil

argus Poslao: 25 Okt 2014 21:12 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! OK, idemo polako da resavamo problem. Avast ti iz nekog razloga ne radi, ako ga nisi ti iskljucila onda ga deinstaliraj dok ne resimo problem, da ne pravi probleme. Kasnije cu ti dati link da ga naknadno instaliras. Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix; u prozoru koji se otvori klikni "I Agree". U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku; Nemoj kliktati u okviru ComboFix prozora dok radi jer to može usporiti rad alata; Nemoj ponovo pokretati ComboFix na svoju ruku - javi se u temi bilo kakav problem da imaš tokom prvog pokretanja alata; Ako nakon restarta dobijaš grešku prilikom startovanja pojedinih programa da su označeni za brisanje (Illegal operation attempted on a registry key that has been marked for deletion), onda ponovo restartuj sistem i to ce rešiti problem.

Profil

mandalena.ristic2126 Poslao: 25 Okt 2014 22:38 Idi na vrh
offline mandalena.ristic2126 Novi MyCity građanin Pridružio: 25 Okt 2014 Poruke: 17	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: ComboFix 14-10-24.01 - Ristic 25.10.2014 22:05:35.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2045.1530 [GMT 2:00] Running from: c:\documents and settings\Ristic\My Documents\Downloads\ComboFix.exe AV: avast! Antivirus Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: AVG Internet Security 2013 Disabled/Updated {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: avast! Antivirus Disabled {7591DB91-41F0-48A3-B128-1A293FD8233D} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\ShopperPro c:\documents and settings\All Users\Application Data\ShopperPro\config.json c:\documents and settings\All Users\Application Data\ShopperPro\database1_0_0.json c:\documents and settings\Ristic\Application Data\7go.ico c:\documents and settings\Ristic\Application Data\SwvUpdater c:\documents and settings\Ristic\Application Data\SwvUpdater\status.cfg c:\documents and settings\Ristic\Application Data\SwvUpdater\Updater.xml c:\documents and settings\Ristic\Recent\Thumbs.db c:\windows\system32\Cache c:\windows\system32\Cache\04f4b6cc2f5abe1f.fb c:\windows\system32\Cache\0fc84be220a63832.fb c:\windows\system32\Cache\26c630d098e22dd5.fb c:\windows\system32\Cache\272512937d9e61a4.fb c:\windows\system32\Cache\278d0eeec766f4b4.fb c:\windows\system32\Cache\287204568329e189.fb c:\windows\system32\Cache\28bc8f716fd76a47.fb c:\windows\system32\Cache\31a0997e9a5b5eb3.fb c:\windows\system32\Cache\32c84fe32bb74d60.fb c:\windows\system32\Cache\3917078cb68ec657.fb c:\windows\system32\Cache\3dea4ad52e3ee835.fb c:\windows\system32\Cache\430b40736d53d8bd.fb c:\windows\system32\Cache\590ba23ce359fd0c.fb c:\windows\system32\Cache\5c6b97e350ce8be8.fb c:\windows\system32\Cache\610289e025a3ee9a.fb c:\windows\system32\Cache\632dbeeb72587954.fb c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb c:\windows\system32\Cache\6d03dad1035885d3.fb c:\windows\system32\Cache\83cc9186d77c28f7.fb c:\windows\system32\Cache\8a6c4eca7fc09480.fb c:\windows\system32\Cache\95f567698be8a182.fb c:\windows\system32\Cache\ad10a52aff5e038d.fb c:\windows\system32\Cache\c1fa887b03019701.fb c:\windows\system32\Cache\c4d28dca2e7648be.fb c:\windows\system32\Cache\d201ef9910cd39de.fb c:\windows\system32\Cache\d2e94710a5708128.fb c:\windows\system32\Cache\d79b9dfe81484ec4.fb c:\windows\system32\Cache\f5acaded4b0601d2.fb c:\windows\system32\Cache\f998975c9cc711ee.fb . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_GLOBALUPDATE -------\Legacy_PROTECTMONITOR -------\Service_globalUpdate -------\Service_ProtectMonitor . . ((((((((((((((((((((((((( Files Created from 2014-09-25 to 2014-10-25 ))))))))))))))))))))))))))))))) . . 2014-10-25 18:33 . 2014-10-25 18:33 -------- d-----w- c:\program files\SmartPCFixer 2014-10-25 17:56 . 2014-10-25 17:56 -------- d-----w- c:\documents and settings\Ristic\Application Data\WebExtend 2014-10-25 17:55 . 2014-10-25 17:55 -------- d-----w- c:\documents and settings\Ristic\Application Data\Gena01 2014-10-25 17:08 . 2013-07-31 15:14 129536 ----a-w- c:\windows\system32\drivers\twusbnet.sys 2014-10-25 17:08 . 2013-07-31 15:14 105984 ----a-w- c:\windows\system32\drivers\WCDMA_Datacard_Usb_Ser.sys 2014-10-25 17:08 . 2014-10-25 17:08 -------- d-s---w- c:\program files\Sitecom 3G MiFi 2014-10-08 17:19 . 2014-10-08 17:17 26136 ----a-w- c:\windows\system32\drivers\aswKbd.sys 2014-10-08 17:19 . 2014-10-08 17:17 252872 ----a-w- c:\windows\system32\drivers\aswNdis2.sys 2014-10-08 17:17 . 2014-10-08 17:17 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-09-26 14:00 . 2013-07-03 21:18 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2014-09-26 14:00 . 2013-07-03 21:18 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2014-09-08 16:11 . 2014-09-08 16:05 414520 ----a-w- c:\windows\system32\drivers\aswsp.sys 2014-09-08 16:05 . 2014-09-08 16:05 57800 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2014-09-08 16:05 . 2014-09-08 16:05 192352 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2014-09-08 16:05 . 2014-09-08 16:05 779536 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2014-09-08 16:05 . 2014-09-08 16:05 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2014-09-08 16:05 . 2014-09-08 16:05 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2014-09-08 16:05 . 2014-09-08 16:05 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys 2014-09-08 16:05 . 2014-09-08 16:05 55112 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2014-09-08 16:05 . 2014-09-08 16:05 276432 ----a-w- c:\windows\system32\aswBoot.exe 2014-09-08 16:05 . 2014-09-08 16:05 43152 ----a-w- c:\windows\avastSS.scr . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-01-24 . 9F960FAC5166F8626B9CDE4DD9A0EB84 . 1580544 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{A3949BD9-DFFA-257F-785B-1A60004845DC}] 2013-08-11 12:38 118784 ----a-w- c:\documents and settings\All Users\Application Data\VAyuudix\520785cc1718f.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2014-09-08 16:05 578240 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BitTorrent"="c:\documents and settings\Ristic\Application Data\BitTorrent\BitTorrent.exe" [2014-10-24 1388376] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 45056] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 32768] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-09-08 4085896] "SmartPCFixer"="c:\program files\SmartPCFixer\SmartPCFixer.exe" [2014-06-09 18933048] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ Catalyst System Tray.lnk - c:\program files\ATI Technologies\ATI.ACE\CLI.exe SystemTray [2005-8-12 45056] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Prompt Downloader\\PromptDownloader.exe"= "c:\\Documents and Settings\\Ristic\\Local Settings\\Temp\\b46og86\\ZulaGamesSetup"= "c:\\Documents and Settings\\Ristic\\Local Settings\\Temp\\b46og86\\SpeedanAlysisSetup"= "c:\\Documents and Settings\\Ristic\\Application Data\\BitTorrent\\BitTorrent.exe"= "c:\\Documents and Settings\\Ristic\\Local Settings\\Application Data\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"= . R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [08.10.2014 19:17 12112] R0 aswNdis2;avast! Firewall NDIS Driver;c:\windows\system32\drivers\aswNdis2.sys [08.10.2014 19:19 252872] R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [08.09.2014 18:05 49944] R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [08.09.2014 18:05 192352] R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [08.10.2014 19:19 26136] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [08.09.2014 18:05 779536] R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [08.09.2014 18:05 414520] R1 iSafeKrnl;iSafeKrnl Mini-Filter Driver;c:\program files\iSafe\iSafeKrnl.sys [05.12.2013 12:46 214592] R1 iSafeKrnlKit;iSafeKrnl Kit Driver;c:\program files\iSafe\iSafeKrnlKit.sys [22.04.2014 21:09 68288] R1 iSafeKrnlR3;iSafeKrnl Ring3 Driver;c:\program files\iSafe\iSafeKrnlR3.sys [18.07.2014 14:34 37696] R1 iSafeNetFilter;iSafeNetFilter NDIS Driver;c:\program files\iSafe\iSafeNetFilter.sys [05.12.2013 12:46 52056] R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [08.09.2014 18:05 24184] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [08.09.2014 18:05 67824] R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [08.10.2014 19:17 106488] R2 iSafeService;iSafeService;c:\program files\iSafe\iSafeSvc.exe [05.12.2013 12:46 118048] R2 Util SecretSauce;Util SecretSauce;c:\program files\SecretSauce\bin\utilSecretSauce.exe [26.01.2014 15:28 317728] S2 spdfrmon;spdfrmon;c:\program files\SpeedItup Free\spdfrmon.exe --> c:\program files\SpeedItup Free\spdfrmon.exe [?] S2 Update GreyGray;Update GreyGray;"c:\program files\GreyGray\updateGreyGray.exe" --> c:\program files\GreyGray\updateGreyGray.exe [?] S2 Update Kozaka;Update Kozaka;"c:\program files\Kozaka\updateKozaka.exe" --> c:\program files\Kozaka\updateKozaka.exe [?] S2 Update SecretSauce;Update SecretSauce;c:\program files\SecretSauce\updateSecretSauce.exe [17.01.2014 07:58 317728] S3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files\globalUpdate\Update\GoogleUpdate.exe [06.06.2014 12:32 68608] S3 iSafeKrnlBoot;iSafeKrnl Boot Driver;\??\system32\DRIVERS\iSafeKrnlBoot.sys --> system32\DRIVERS\iSafeKrnlBoot.sys [?] S3 twusbnet;WCDMA Data card Device driver for usb ethernet adapter;c:\windows\system32\drivers\twusbnet.sys [25.10.2014 19:08 129536] S3 WCDMA_Datacard_Usb_Ser;WCDMA Datacard Multimedia USB Driver;c:\windows\system32\drivers\WCDMA_Datacard_Usb_Ser.sys [25.10.2014 19:08 105984] . Contents of the 'Scheduled Tasks' folder . 2014-10-25 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-03 14:00] . 2014-10-25 c:\windows\Tasks\avast! Emergency Update.job - c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-08 16:05] . 2014-10-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2025429265-1336601894-839522115-1003Core.job - c:\documents and settings\Ristic\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2013-08-04 11:50] . 2014-10-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2025429265-1336601894-839522115-1003UA.job - c:\documents and settings\Ristic\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2013-08-04 11:50] . 2014-10-25 c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job - c:\program files\globalUpdate\Update\GoogleUpdate.exe [2014-06-06 14:10] . 2014-10-25 c:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job - c:\program files\globalUpdate\Update\GoogleUpdate.exe [2014-06-06 14:10] . . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] uInternet Connection Wizard,ShellNext = [Link mogu videti samo ulogovani korisnici] IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\Ristic\Application Data\Mozilla\Firefox\Profiles\ufbxj3up.default\ FF - prefs.js: browser.startup.homepage - about:home FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - 709018d60000000000000010c6a8d8dd FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15917 FF - user.js: extensions.delta.vrsn - 1.8.22.0 FF - user.js: extensions.delta.vrsni - 1.8.22.0 FF - user.js: extensions.delta.vrsnTs - 1.8.22.022:33 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - en FF - user.js: extensions.delta.excTlbr - false FF - user.js: extensions.delta.ffxUnstlRst - true FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta_i.babTrack - affID=120698&tsp=4960 FF - user.js: extensions.delta_i.babExt - FF - user.js: extensions.delta_i.srcExt - ss FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.newTab - false . . ------- File Associations ------- . txtfile=notepad.exe "%1" . - - - - ORPHANS REMOVED - - - - . BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) HKCU-Run-BitTorrent Sync - c:\program files\BitTorrent Sync\BTSync.exe HKCU-Run-SpeedItupFree - c:\program files\SpeedItup Free\speeditupfree.exe HKCU-Run-YTDownloader - c:\program files\YTDownloader\YTDownloader.exe HKLM-Run-mobilegeni daemon - c:\program files\Mobogenie\DaemonProcess.exe HKLM-Run-YTDownloader - c:\program files\YTDownloader\YTDownloader.exe HKLM-Run-Sitecom 3G MiFi - (no file) AddRemove-ffdshow_is1 - c:\program files\ffdshow\uninstall.exe . . . ************************************************************************ . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2014-10-25 22:21 Windows 5.1.2600 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . HKLM\Software\Microsoft\Windows\CurrentVersion\Run mobilegeni daemon = c:\program files\Mobogenie\DaemonProcess.exe????????????????????????????????????????????????????????????????????????????????????? . scanning hidden files ... . scan completed successfully hidden files: 0 . ********************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2025429265-1336601894-839522115-1003\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}"=hex:51,66,7a,6c,4c,1d,38,12,ab,c5,1e, a0,e2,37,c6,09,de,93,cc,b9,8c,f1,55,01 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(1028) c:\windows\system32\Ati2evxx.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\AVAST Software\Avast\AvastSvc.exe c:\windows\system32\Ati2evxx.exe c:\program files\Java\jre7\bin\jqs.exe c:\program files\Analog Devices\SoundMAX\SMAgent.exe c:\program files\iSafe\iSafeSvc2.exe c:\program files\iSafe\ipcdl.exe c:\windows\system32\wscntfy.exe c:\windows\system32\wbem\unsecapp.exe . ********************************************************************** . Completion time: 2014-10-25 22:26:30 - machine was rebooted ComboFix-quarantined-files.txt 2014-10-25 20:26 . Pre-Run: 15.957.573.632 bytes free Post-Run: 18.972.987.392 bytes free . - - End Of File - - 5C9057731E37BA73F0D881F43C1C42F7 8F558EB6672622401DA993E1E865C861 [Link mogu videti samo ulogovani korisnici]**

Profil

argus Poslao: 25 Okt 2014 23:04 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: Registry:: [-HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{A3949BD9-DFFA-257F-785B-1A60004845DC}] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Documents and Settings\\Ristic\\Local Settings\\Temp\\b46og86\\ZulaGamesSetup"=- "c:\\Documents and Settings\\Ristic\\Local Settings\\Temp\\b46og86\\SpeedanAlysisSetup"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "mobilegeni daemon"=- Folder:: c:\documents and settings\All Users\Application Data\VAyuudix c:\program files\GreyGray c:\program files\Kozaka c:\program files\SecretSauce c:\program files\globalUpdate c:\program files\Mobogenie Driver:: Update GreyGray Update Kozaka Update SecretSauce globalUpdatem ClearJavaCache:: Firefox:: FF - ProfilePath - c:\documents and settings\Ristic\Application Data\Mozilla\Firefox\Profiles\ufbxj3up.default\ FF - prefs.js: browser.startup.homepage - about:home FF - user.js: extensions.delta.tlbrSrchUrl - FF - user.js: extensions.delta.id - 709018d60000000000000010c6a8d8dd FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} FF - user.js: extensions.delta.instlDay - 15917 FF - user.js: extensions.delta.vrsn - 1.8.22.0 FF - user.js: extensions.delta.vrsni - 1.8.22.0 FF - user.js: extensions.delta.vrsnTs - 1.8.22.022:33 FF - user.js: extensions.delta.prtnrId - delta FF - user.js: extensions.delta.prdct - delta FF - user.js: extensions.delta.aflt - babsst FF - user.js: extensions.delta.smplGrp - none FF - user.js: extensions.delta.tlbrId - base FF - user.js: extensions.delta.instlRef - sst FF - user.js: extensions.delta.dfltLng - en FF - user.js: extensions.delta.excTlbr - false FF - user.js: extensions.delta.ffxUnstlRst - true FF - user.js: extensions.delta.admin - false FF - user.js: extensions.delta_i.babTrack - affID=120698&tsp=4960 FF - user.js: extensions.delta_i.babExt - FF - user.js: extensions.delta_i.srcExt - ss FF - user.js: extensions.delta.autoRvrt - false FF - user.js: extensions.delta.rvrt - false FF - user.js: extensions.delta.newTab - false DDS:: uStart Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=70900010C6A8D8DD&affID=120698&tsp=4960 SecCenter:: {17DDD097-36FF-435F-9E1B-52D74245D6BF} Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

mandalena.ristic2126 Poslao: 26 Okt 2014 01:48 Idi na vrh
offline mandalena.ristic2126 Novi MyCity građanin Pridružio: 25 Okt 2014 Poruke: 17	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 14-10-24.01 - Ristic 26.10.2014 1:25.3.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2045.1528 [GMT 2:00] Running from: c:\documents and settings\Ristic\My Documents\Downloads\ComboFix.exe Command switches used :: c:\documents and settings\Ristic\Desktop\CFScript.txt AV: avast! Antivirus Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: avast! Antivirus Disabled {7591DB91-41F0-48A3-B128-1A293FD8233D} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\VAyuudix c:\documents and settings\All Users\Application Data\VAyuudix\520785cc1718f.dll c:\documents and settings\All Users\Application Data\VAyuudix\520785cc1718f.tlb c:\documents and settings\All Users\Application Data\VAyuudix\520785cda29a6.dll c:\documents and settings\All Users\Application Data\VAyuudix\520785cda29a6.tlb c:\documents and settings\All Users\Application Data\VAyuudix\settings.ini c:\program files\globalUpdate c:\program files\globalUpdate\CrashReports\Update2-last.dmp c:\program files\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe c:\program files\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe c:\program files\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe c:\program files\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi c:\program files\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe c:\program files\globalUpdate\Update\1.3.25.0\goopdate.dll c:\program files\globalUpdate\Update\1.3.25.0\goopdateres_en.dll c:\program files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll c:\program files\globalUpdate\Update\1.3.25.0\psmachine.dll c:\program files\globalUpdate\Update\1.3.25.0\psuser.dll c:\program files\globalUpdate\Update\GoogleUpdate.exe c:\program files\GreyGray c:\program files\SecretSauce c:\program files\SecretSauce\bin\plugins\SecretSauce.Bromon.dll c:\program files\SecretSauce\bin\plugins\SecretSauce.BroStats.dll c:\program files\SecretSauce\bin\plugins\SecretSauce.BrowserAdapterS.dll c:\program files\SecretSauce\bin\plugins\SecretSauce.CompatibilityChecker.dll c:\program files\SecretSauce\bin\plugins\SecretSauce.PurBrowse.dll c:\program files\SecretSauce\bin\sqlite3.dll c:\program files\SecretSauce\bin\utilSecretSauce.exe c:\program files\SecretSauce\bin\utilSecretSauce.InstallState c:\program files\SecretSauce\SecretSauce.ico c:\program files\SecretSauce\updateSecretSauce.exe c:\program files\SecretSauce\updateSecretSauce.InstallState . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_UPDATE_GREYGRAY -------\Legacy_UPDATE_KOZAKA -------\Legacy_UPDATE_SECRETSAUCE -------\Service_globalUpdatem -------\Service_Update GreyGray -------\Service_Update Kozaka -------\Service_Update SecretSauce -------\Legacy_Util_SecretSauce -------\Legacy_Util_SecretSauce -------\Service_Util SecretSauce -------\Service_Util SecretSauce . . ((((((((((((((((((((((((( Files Created from 2014-09-25 to 2014-10-25 ))))))))))))))))))))))))))))))) . . 2014-10-25 18:33 . 2014-10-25 18:33 -------- d-----w- c:\program files\SmartPCFixer 2014-10-25 17:56 . 2014-10-25 17:56 -------- d-----w- c:\documents and settings\Ristic\Application Data\WebExtend 2014-10-25 17:55 . 2014-10-25 17:55 -------- d-----w- c:\documents and settings\Ristic\Application Data\Gena01 2014-10-25 17:08 . 2013-07-31 15:14 129536 ----a-w- c:\windows\system32\drivers\twusbnet.sys 2014-10-25 17:08 . 2013-07-31 15:14 105984 ----a-w- c:\windows\system32\drivers\WCDMA_Datacard_Usb_Ser.sys 2014-10-25 17:08 . 2014-10-25 17:08 -------- d-s---w- c:\program files\Sitecom 3G MiFi 2014-10-08 17:19 . 2014-10-08 17:17 26136 ----a-w- c:\windows\system32\drivers\aswKbd.sys 2014-10-08 17:19 . 2014-10-08 17:17 252872 ----a-w- c:\windows\system32\drivers\aswNdis2.sys 2014-10-08 17:17 . 2014-10-08 17:17 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-09-26 14:00 . 2013-07-03 21:18 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2014-09-26 14:00 . 2013-07-03 21:18 701104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2014-09-08 16:11 . 2014-09-08 16:05 414520 ----a-w- c:\windows\system32\drivers\aswsp.sys 2014-09-08 16:05 . 2014-09-08 16:05 57800 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2014-09-08 16:05 . 2014-09-08 16:05 192352 ----a-w- c:\windows\system32\drivers\aswVmm.sys 2014-09-08 16:05 . 2014-09-08 16:05 779536 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2014-09-08 16:05 . 2014-09-08 16:05 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys 2014-09-08 16:05 . 2014-09-08 16:05 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2014-09-08 16:05 . 2014-09-08 16:05 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys 2014-09-08 16:05 . 2014-09-08 16:05 55112 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2014-09-08 16:05 . 2014-09-08 16:05 276432 ----a-w- c:\windows\system32\aswBoot.exe 2014-09-08 16:05 . 2014-09-08 16:05 43152 ----a-w- c:\windows\avastSS.scr . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-01-24 . 9F960FAC5166F8626B9CDE4DD9A0EB84 . 1580544 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2014-09-08 16:05 578240 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BitTorrent"="c:\documents and settings\Ristic\Application Data\BitTorrent\BitTorrent.exe" [2014-10-24 1388376] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 1388544] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 45056] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 32768] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] "AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-09-08 4085896] "SmartPCFixer"="c:\program files\SmartPCFixer\SmartPCFixer.exe" [2014-06-09 18933048] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ Catalyst System Tray.lnk - c:\program files\ATI Technologies\ATI.ACE\CLI.exe SystemTray [2005-8-12 45056] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Prompt Downloader\\PromptDownloader.exe"= "c:\\Documents and Settings\\Ristic\\Application Data\\BitTorrent\\BitTorrent.exe"= "c:\\Documents and Settings\\Ristic\\Local Settings\\Application Data\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"= . R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [08.10.2014 19:17 12112] R0 aswNdis2;avast! Firewall NDIS Driver;c:\windows\system32\drivers\aswNdis2.sys [08.10.2014 19:19 252872] R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [08.09.2014 18:05 49944] R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [08.09.2014 18:05 192352] R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [08.10.2014 19:19 26136] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [08.09.2014 18:05 779536] R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [08.09.2014 18:05 414520] R1 iSafeKrnl;iSafeKrnl Mini-Filter Driver;c:\program files\iSafe\iSafeKrnl.sys [05.12.2013 12:46 214592] R1 iSafeKrnlKit;iSafeKrnl Kit Driver;c:\program files\iSafe\iSafeKrnlKit.sys [22.04.2014 21:09 68288] R1 iSafeKrnlR3;iSafeKrnl Ring3 Driver;c:\program files\iSafe\iSafeKrnlR3.sys [18.07.2014 14:34 37696] R1 iSafeNetFilter;iSafeNetFilter NDIS Driver;c:\program files\iSafe\iSafeNetFilter.sys [05.12.2013 12:46 52056] R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [08.09.2014 18:05 24184] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [08.09.2014 18:05 67824] R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [08.10.2014 19:17 106488] R2 iSafeService;iSafeService;c:\program files\iSafe\iSafeSvc.exe [05.12.2013 12:46 118048] S2 spdfrmon;spdfrmon;c:\program files\SpeedItup Free\spdfrmon.exe --> c:\program files\SpeedItup Free\spdfrmon.exe [?] S3 iSafeKrnlBoot;iSafeKrnl Boot Driver;\??\system32\DRIVERS\iSafeKrnlBoot.sys --> system32\DRIVERS\iSafeKrnlBoot.sys [?] S3 twusbnet;WCDMA Data card Device driver for usb ethernet adapter;c:\windows\system32\drivers\twusbnet.sys [25.10.2014 19:08 129536] S3 WCDMA_Datacard_Usb_Ser;WCDMA Datacard Multimedia USB Driver;c:\windows\system32\drivers\WCDMA_Datacard_Usb_Ser.sys [25.10.2014 19:08 105984] . Contents of the 'Scheduled Tasks' folder . 2014-10-25 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-03 14:00] . 2014-10-25 c:\windows\Tasks\avast! Emergency Update.job - c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-08 16:05] . 2014-10-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2025429265-1336601894-839522115-1003Core.job - c:\documents and settings\Ristic\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2013-08-04 11:50] . 2014-10-25 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2025429265-1336601894-839522115-1003UA.job - c:\documents and settings\Ristic\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [2013-08-04 11:50] . . ------- Supplementary Scan ------- . uInternet Connection Wizard,ShellNext = [Link mogu videti samo ulogovani korisnici] IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\Ristic\Application Data\Mozilla\Firefox\Profiles\ufbxj3up.default\ . . ************************************************************************ . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2014-10-26 01:37 Windows 5.1.2600 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ********************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2025429265-1336601894-839522115-1003\Software\Microsoft\Internet Explorer\Approved Extensions] @Denied: (2) (LocalSystem) "{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}"=hex:51,66,7a,6c,4c,1d,38,12,ab,c5,1e, a0,e2,37,c6,09,de,93,cc,b9,8c,f1,55,01 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(1028) c:\windows\system32\Ati2evxx.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files\Java\jre7\bin\jqs.exe c:\program files\Analog Devices\SoundMAX\SMAgent.exe c:\windows\system32\wscntfy.exe c:\windows\system32\Ati2evxx.exe c:\program files\iSafe\ipcdl.exe c:\program files\iSafe\iSafeSvc2.exe c:\windows\system32\wbem\unsecapp.exe . ************************************************************************ . Completion time: 2014-10-26 01:41:49 - machine was rebooted ComboFix-quarantined-files.txt 2014-10-25 23:41 ComboFix2.txt 2014-10-25 20:26 . Pre-Run: 18.999.697.408 bytes free Post-Run: 18.931.941.376 bytes free . - - End Of File - - D37D5D39C1923B807D2907E8D0C4545D 8F558EB6672622401DA993E1E865C861

Profil

argus Poslao: 26 Okt 2014 11:16 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imas li licencu za Avast Interner Security? Ako nemas deinstaliraj ga jer ti nije u funkciji, pretpostavljam da je trial verzija istekla. Na kraju cu ti dati link za Avast free verziju. Dakle udji u Control Panel > Add or Remove i deinstaliraj sledece programe: YAC Security Protection Avast Interner Security Korak 1. Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop Dvoklikom pokreni program. Klikni na dugme [Scan] i pricekaj da program zavrsi. Klikni na dugme [Clean] Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu. Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem. Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl" Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt Korak 2. Preuzmi sa donjeg linka XP Service Pack 3 na desktop, pokreni instalaciju i isprati uputstvo do kraja (doci ce do restarta). Instalacija moze da potraje i do pola sata, zavisi od brzine racunara. Svi programi i podaci ce ostati, za to ne brini. [Link mogu videti samo ulogovani korisnici] Korak 3. Preuzmi FRST 32-bit. verziju na desktop. [Link mogu videti samo ulogovani korisnici] Vodi racuna da bude cekirana opcija na slici Klikni Scan i sacekaj da se proces zavrsi. Dostavi mi oba loga.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Kompijuter mi koči

Ko je trenutno na forumu

Ukupno su 866 korisnika na forumu :: 24 registrovanih, 0 sakrivenih i 842 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Betty25, cikadeda, Georgius, goxin, havoc995, Jovan.D, kaskadija, lcc, Leonov, Litostroton, mile.ilic75, mlinar1v, nemkea71, Oblički, opt1, Pekman, pirke96, PrincipL, scimitar19, Slingshot, Taso, TRZH92, US_Rank_0, Đole64

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by