MyCity » Ambulanta -> Arhiva Ambulante » Ma sta me ovo snaslo?

Ma sta me ovo snaslo?

Napisano na dan: 16.10.2007

Strana:
1
2

Ma sta me ovo snaslo?

Sledeća strana

Pagination

Odgovori

Strana:
1
2

cat007 Poslao: 16 Okt 2007 11:26 Idi na vrh
offline cat007 Novi MyCity građanin Pridružio: 16 Okt 2007 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Imam problem (koji sam delom resio): Na desktop mi nakon pokretanja izlazi sledeca slika(prozor kao desktop2) i dobivam link u IE (http://yourprivacyguard.com/privacy/index.php?040a110f41464002583d5056023a69555d6a5d5c4a0213555a44580c0e0c0369040c3c010508053c053d0600565369515c6a6759576f060e0b013a0968040201563c025d6d175305475f47423e540e0104000e010903071f5644580811450d0055524558420c03) koji mu nisam dozvolio. a Alt+Ctr+Del nije dostupan. Ovaj fajl Index.html se smesta u (c:\win\privacy_danger) ZoneAlarm mi ne prijavljuje da postoji neki nov prg. izuzev da sam blokirao ALG service port 1031,1302 koji mi se nudio. Nod32 mi ne prijavljuje nista, jedino par puta mi je blokirao (ponudio terminate za) adersu koju nisam zapisao. a kod skeniranja mi je nasao niz fajlova koje ne moze da sredi...(u LOCALS~1 \ Temp ) AdAware mi je nasao sledece stvari (fajl-log) i uklonio. AshampooAntiSpyWare2 mi je nasao niz stvari od kojih i (cmd.exe /c "C: \ DOCUME~1 \ Dejan \ LOCALS~1 \ Temp \ install-privacy-danger.bat "C: \ DOCUME~1 \ Dejan \ LOCALS~1 \ Temp"") Ja sam posle sve iz (LOCALS~1 \ Temp...) uklonio preko 2 kor.naloga (jer iz toga nije bilo moguce del.), medjutim tamo mi se svakih 1-2 min pokrece DOS prozor gde se pokusava pristup na fajlove (bndsrmnf.dll i regsvr32.) ostalo ne mogu da procitam jer se momentalno zatvara. Moze te li mi preporuciti sta da skinem s neta da sredim problem odnosno da mi pojasnite sta me to snaslo. Pozdrav! mycity.rs/must-login.png

Profil

Everybodys_fool Poslao: 16 Okt 2007 11:44 Idi na vrh
offline Everybodys_fool Super građanin Pridružio: 06 Apr 2005 Poruke: 1023	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! procitaj sledecu temu http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html i po uputstvima otvori temu u ambulanti

Profil

cat007 Poslao: 16 Okt 2007 12:07 Idi na vrh
offline cat007 Novi MyCity građanin Pridružio: 16 Okt 2007 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of HijackThis v1.99.1 Scan saved at 11:58:33 AM, on 10/16/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZONELABS\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe C:\Program Files\Softver\ZoneAlarm\zlclient.exe C:\Program Files\Softver\NOD32\nod32kui.exe C:\Program Files\Softver\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe C:\Program Files\Softver\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe C:\Program Files\Softver\NOD32\nod32krn.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Softver\Maxthon\Maxthon.exe C:\Documents and Settings\Dejan\Desktop\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = red.clientapps.yahoo.com/customize/ptec/defaults/sb/http://www.yahoo.com/search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = red.clientapps.yahoo.com/customize/ptec/defaults/sp/http://www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = red.clientapps.yahoo.com/customize/ptec/defaults/su/*http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 17.17.29.29. O2 - BHO: MSVPS System - {15272B08-F6FE-4E71-B2BD-A59AD23EBE3C} - C:\WINDOWS\bndsrmnf.dll (file missing) O4 - HKLM\..\Run: [FinePrint Dispatcher v5] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v3] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe" /source=HKLM O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Softver\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [nod32] "C:\Program Files\Softver\NOD32\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [AntiSpyWare2Guard] C:\Program Files\Softver\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O10 - Broken Internet access because of LSP provider 'c:\windows\system32\reflection.dll' missing O17 - HKLM\System\CCS\Services\Tcpip\..\{D06597C3-3679-41C6-810A-A5EC47840B6E}: NameServer = 17.17.29.29 O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: mllmj - C:\WINDOWS\system32\mllmj.dll (file missing) O20 - Winlogon Notify: pmnnkhh - pmnnkhh.dll (file missing) O21 - SSODL: sysdx - {38D6A83F-22B6-44FC-AC9E-C6412DA4B115} - C:\WINDOWS\sysdx.dll (file missing) O21 - SSODL: msvb - {3A6D1C7A-AE85-4F9D-BFF3-67725B842981} - C:\WINDOWS\msvb.dll O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Softver\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Softver\NOD32\nod32krn.exe O23 - Service: SDService - Unknown owner - SDService.exe (file missing) O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe evo tog fajla. upravo mi se opet javila slika prokleta crvena slika. Adsl full

Profil

Everybodys_fool Poslao: 16 Okt 2007 17:07 Idi na vrh
offline Everybodys_fool Super građanin Pridružio: 06 Apr 2005 Poruke: 1023	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! - pronadji sledece fajlove i stavi ih u jedan zip: C:\WINDOWS\bndsrmnf.dll C:\WINDOWS\system32\mllmj.dll pmnnkhh.dll C:\WINDOWS\sysdx.dll C:\WINDOWS\msvb.dll c:\windows\system32\reflection.dll uploaduj taj zip preko sledece forme: http://www.mycity.rs/ambulanta-upload.php - posle toga uradi sledece: 1) Preuzmi program SmitfraudFix sa ovog linka. 2.) Extract-uj program na desktop. (Takodje na ovaj način pripremi i program Hijack This koje će se kasnije koristiti) 3.) Restartuj računar i podigni sistem u Safe Mode-u. [ Safe Mode info link 4.) Pronadji na desktop-u folder gde si raspakovao SmitfraudFix program i dvoklikom pokreni fajl SmitfraudFix.cmd. Kada se alat za uklanjanje prvi put startuje pokazaće ti se ekran za odobrenje. Jednostavno pretisni bilo koje dugme na tastaturi da bi prešao na sledeći nivo. 5.) 6.) Program će početi sa čišćenjem kompjutera. Posle završenog čišćenja SmitfraudFix-om pokrenuće ti se Windows-ov program Disk Cleanup. Nakon sto SmitFraudFix zavrsi svoj posao, postavi nam ovde log koji se nalazi na C:\rapport.txt i svez HJT log. Dopuna: 16 Okt 2007 17:07 kad buses radio sledeci sken sa HJ promeni HijackThis.exe u bilosta.exe (nesto sto ne podseca na hijackthis)

Profil

cat007 Poslao: 17 Okt 2007 09:41 Idi na vrh
offline cat007 Novi MyCity građanin Pridružio: 16 Okt 2007 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Odradio sam proceduru. Sada cu da vidimo dali deluje. Inace nakon restarta Ad-Watch mi je prijavio promene u reg. odbio sam. mycity.rs/must-login.png Logfile of HijackThis v1.99.1 Scan saved at 9:20:47 AM, on 10/17/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZONELABS\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe C:\Program Files\Softver\ZoneAlarm\zlclient.exe C:\Program Files\Softver\NOD32\nod32kui.exe C:\Program Files\Softver\Ad-Aware SE Professional\Ad-Watch.exe C:\Program Files\Softver\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe C:\Program Files\Softver\NOD32\nod32krn.exe C:\WINDOWS\system32\svchost.exe C:\SmitFraudFix\HijackThis\HijackThis01.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = red.clientapps.yahoo.com/customize/ptec/defaults/sb/http://www.yahoo.com/search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = red.clientapps.yahoo.com/customize/ptec/defaults/sp/http://www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = red.clientapps.yahoo.com/customize/ptec/defaults/su/*http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 17.17.29.29. O2 - BHO: MSVPS System - {15272B08-F6FE-4E71-B2BD-A59AD23EBE3C} - C:\WINDOWS\bndsrmnf.dll (file missing) O4 - HKLM\..\Run: [FinePrint Dispatcher v5] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v3] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe" /source=HKLM O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Softver\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [nod32] "C:\Program Files\Softver\NOD32\nod32kui.exe" /WAITSERVICE O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Softver\Ad-Aware SE Professional\Ad-Watch.exe" O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O10 - Broken Internet access because of LSP provider 'c:\windows\system32\reflection.dll' missing O17 - HKLM\System\CCS\Services\Tcpip\..\{D06597C3-3679-41C6-810A-A5EC47840B6E}: NameServer = 17.17.29.29 O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: mllmj - C:\WINDOWS\system32\mllmj.dll (file missing) O20 - Winlogon Notify: pmnnkhh - pmnnkhh.dll (file missing) O21 - SSODL: sysdx - {38D6A83F-22B6-44FC-AC9E-C6412DA4B115} - C:\WINDOWS\sysdx.dll (file missing) O21 - SSODL: msvb - {3A6D1C7A-AE85-4F9D-BFF3-67725B842981} - C:\WINDOWS\msvb.dll (file missing) O21 - SSODL: msmhost - {8C36BFE4-F7FD-4187-A38C-4B69461B9D00} - C:\WINDOWS\msmhost.dll (file missing) O21 - SSODL: msmdev - {2F5E88F5-DEF4-4581-BC10-FCC19664D4D3} - C:\WINDOWS\msmdev.dll (file missing) O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Softver\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Softver\NOD32\nod32krn.exe O23 - Service: SDService - Unknown owner - SDService.exe (file missing) O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe mycity.rs/must-login.png Pozdrav! Dopuna: 17 Okt 2007 9:41 Zaboravih da prikacim rapport SmitfraudFix. mycity.rs/must-login.png SmitFraudFix v2.240 Scan done at 9:12:25.62, Wed 10/17/2007 Run from C:\SmitFF\SmitfraudFix OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT The filesystem type is FAT32 Fix run in safe mode »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files C:\WINDOWS\privacy_danger\ Deleted C:\WINDOWS\wsremover.exe Deleted »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{D06597C3-3679-41C6-810A-A5EC47840B6E}: NameServer=17.17.29.29 HKLM\SYSTEM\CS1\Services\Tcpip\..\{D06597C3-3679-41C6-810A-A5EC47840B6E}: NameServer=17.17.29.29 HKLM\SYSTEM\CS2\Services\Tcpip\..\{D06597C3-3679-41C6-810A-A5EC47840B6E}: NameServer=17.17.29.29 »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, following keys are not inevitably infected!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning Registry Cleaning done. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» End

Profil

Everybodys_fool Poslao: 18 Okt 2007 01:14 Idi na vrh
offline Everybodys_fool Super građanin Pridružio: 06 Apr 2005 Poruke: 1023	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! uradi sledece: skini VundoFix: http://www.atribune.org/ccount/click.php?id=4 * Dvoklikom se startuje fajl VundoFix.exe. * Izabere opcija Scan for Vundo. * Posle završenog skeniranja i pojave poruke Done Searching for files klikne se na OK. * Sada, kada je skeniranje obavljeno potrebno je kliknuti na opciju Remove Vundo. * Po pojavljivanju upita o uklanjaju Vundo fajlova klikne se na Yes. * Pokretanje ove opcije učiniće Desktop privremeno praznim u cilju pripreme sistema za uklanjanje Vundo-a. * Po završetku, pojaviće se obaveštenje o gašnjenju računara, klikne se OK. * Uključi se računar i podigne sistem iznova. * Iskopira se sadržaj loga sa putanje C:\vundofix.txt i novi HiJackThis log u poruku na forumu. - promeni hijackthis.exe u cat007.exe - logove kopiraj u temu nemoj ih uploadovati.

Profil

cat007 Poslao: 18 Okt 2007 08:56 Idi na vrh
offline cat007 Novi MyCity građanin Pridružio: 16 Okt 2007 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradjeno! ************************************************* VundoFix V6.5.10 Checking Java version... Sun Java not detected Scan started at 8:29:07 AM 10/18/2007 Listing files found while scanning.... C:\WINDOWS\system32\jmllm.bak1 C:\WINDOWS\system32\jmllm.bak2 C:\WINDOWS\system32\jmllm.ini C:\WINDOWS\system32\mllmj.dll Beginning removal... Attempting to delete C:\WINDOWS\system32\jmllm.bak1 C:\WINDOWS\system32\jmllm.bak1 Has been deleted! Attempting to delete C:\WINDOWS\system32\jmllm.bak2 C:\WINDOWS\system32\jmllm.bak2 Has been deleted! Attempting to delete C:\WINDOWS\system32\jmllm.ini C:\WINDOWS\system32\jmllm.ini Has been deleted! Performing Repairs to the registry. Done! ************************************************* Logfile of HijackThis v1.99.1 Scan saved at 8:45:27 AM, on 10/18/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZONELABS\vsmon.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Softver\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe C:\Program Files\Softver\NOD32\nod32krn.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe C:\Program Files\Softver\ZoneAlarm\zlclient.exe C:\Program Files\Softver\NOD32\nod32kui.exe C:\Program Files\Softver\Ad-Aware SE Professional\Ad-Watch.exe C:\Ambolanta\HijackThis\HijackThis007.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = red.clientapps.yahoo.com/customize/ptec/defaults/sb/http://www.yahoo.com/search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = red.clientapps.yahoo.com/customize/ptec/defaults/sp/http://www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = red.clientapps.yahoo.com/customize/ptec/defaults/su/http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 17.17.29.29. O2 - BHO: MSVPS System - {15272B08-F6FE-4E71-B2BD-A59AD23EBE3C} - C:\WINDOWS\bndsrmnf.dll (file missing) O4 - HKLM\..\Run: [FinePrint Dispatcher v5] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v3] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe" /source=HKLM O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Softver\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [nod32] "C:\Program Files\Softver\NOD32\nod32kui.exe" /WAITSERVICE O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Softver\Ad-Aware SE Professional\Ad-Watch.exe" O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O10 - Broken Internet access because of LSP provider 'c:\windows\system32\reflection.dll' missing O17 - HKLM\System\CCS\Services\Tcpip\..\{D06597C3-3679-41C6-810A-A5EC47840B6E}: NameServer = 17.17.29.29 O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: mllmj - C:\WINDOWS\system32\mllmj.dll (file missing) O20 - Winlogon Notify: pmnnkhh - pmnnkhh.dll (file missing) O21 - SSODL: sysdx - {38D6A83F-22B6-44FC-AC9E-C6412DA4B115} - C:\WINDOWS\sysdx.dll (file missing) O21 - SSODL: msvb - {3A6D1C7A-AE85-4F9D-BFF3-67725B842981} - C:\WINDOWS\msvb.dll (file missing) O21 - SSODL: msmhost - {8C36BFE4-F7FD-4187-A38C-4B69461B9D00} - C:\WINDOWS\msmhost.dll (file missing) O21 - SSODL: msmdev - {2F5E88F5-DEF4-4581-BC10-FCC19664D4D3} - C:\WINDOWS\msmdev.dll (file missing) O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Softver\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Softver\NOD32\nod32krn.exe O23 - Service: SDService - Unknown owner - SDService.exe (file missing) O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe ************************************************** Pozdrav, Valjda je to SVE? ps. da li treba ukloniti putanje gde pise (file missing)?

Profil

Everybodys_fool Poslao: 18 Okt 2007 18:40 Idi na vrh
offline Everybodys_fool Super građanin Pridružio: 06 Apr 2005 Poruke: 1023	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! nisam bas siguran da smo zavrsili. jer to sto pise file missing ne mora da znaci da fajlova stvarno nema. skeniraj ponovo sa hj i cekiraj sledece linije: O2 - BHO: MSVPS System - {15272B08-F6FE-4E71-B2BD-A59AD23EBE3C} - C:\WINDOWS\bndsrmnf.dll (file missing) O20 - Winlogon Notify: mllmj - C:\WINDOWS\system32\mllmj.dll (file missing) O20 - Winlogon Notify: pmnnkhh - pmnnkhh.dll (file missing) O21 - SSODL: sysdx - {38D6A83F-22B6-44FC-AC9E-C6412DA4B115} - C:\WINDOWS\sysdx.dll (file missing) O21 - SSODL: msvb - {3A6D1C7A-AE85-4F9D-BFF3-67725B842981} - C:\WINDOWS\msvb.dll (file missing) O21 - SSODL: msmhost - {8C36BFE4-F7FD-4187-A38C-4B69461B9D00} - C:\WINDOWS\msmhost.dll (file missing) O21 - SSODL: msmdev - {2F5E88F5-DEF4-4581-BC10-FCC19664D4D3} - C:\WINDOWS\msmdev.dll (file missing) i klikni fix checked. - restartuj racunar i ponovo skeniraj HJ-om i postavi novi log (i molim te promeni HijackThis.exe u nesto sto u imenu nema HijackThis)

Profil

cat007 Poslao: 19 Okt 2007 08:32 Idi na vrh
offline cat007 Novi MyCity građanin Pridružio: 16 Okt 2007 Poruke: 13	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Odradio sam i ovo. (mada racun.se vise ne ponasa cudno). evo novog loga. (191919) ============================================== Logfile of HijackThis v1.99.1 Scan saved at 8:22:50 AM, on 10/19/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZONELABS\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe C:\Program Files\Softver\ZoneAlarm\zlclient.exe C:\Program Files\Softver\NOD32\nod32kui.exe C:\Program Files\Softver\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe C:\Program Files\Softver\NOD32\nod32krn.exe C:\WINDOWS\system32\svchost.exe C:\Documents and Settings\Dejan\Desktop\191919.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = red.clientapps.yahoo.com/customize/ptec/defaults/sb/http://www.yahoo.com/search/ie.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = red.clientapps.yahoo.com/customize/ptec/defaults/sp/http://www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = red.clientapps.yahoo.com/customize/ptec/defaults/su/*http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 10.10.10.20. O4 - HKLM\..\Run: [FinePrint Dispatcher v5] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v3] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe" /source=HKLM O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Softver\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [nod32] "C:\Program Files\Softver\NOD32\nod32kui.exe" /WAITSERVICE O4 - HKCU\..\Run: [AWMON] "C:\Program Files\Softver\Ad-Aware SE Professional\Ad-Watch.exe" O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O10 - Broken Internet access because of LSP provider 'c:\windows\system32\reflection.dll' missing O17 - HKLM\System\CCS\Services\Tcpip\..\{D06597C3-3679-41C6-810A-A5EC47840B6E}: NameServer = 17.17.29.29 O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O21 - SSODL: sysdx - {38D6A83F-22B6-44FC-AC9E-C6412DA4B115} - (no file) O21 - SSODL: msvb - {3A6D1C7A-AE85-4F9D-BFF3-67725B842981} - (no file) O21 - SSODL: msmhost - {8C36BFE4-F7FD-4187-A38C-4B69461B9D00} - (no file) O21 - SSODL: msmdev - {2F5E88F5-DEF4-4581-BC10-FCC19664D4D3} - (no file) O23 - Service: Ashampoo AntiSpyWare 2 Service (AASW2_Service) - Unknown owner - C:\Program Files\Softver\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Softver\NOD32\nod32krn.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe ============================================== ps. sta je sa linijama 21. (no file)? Pozdrav i Hvala za sve.

Profil

DEMIAN Poslao: 24 Okt 2007 19:49 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: cat007 ::Odradio sam i ovo. (mada racun.se vise ne ponasa cudno). evo novog loga. (191919) ============================================== ps. sta je sa linijama 21. (no file)? Pozdrav i Hvala za sve. Sudeci prema ovome sto citam u temi, radi se samo o zaostalim kljucevima koji bez fajlova na cije te je brisanje uputio kolega ne pretstavljaju neki poseban problem ili opasnost. Probaj da ih se resis tako sto ces ponovo stiklirati i brisati te linije preko HJT-a. Ako ne upali a dovoljno poznajes registry bazu da bi mogao da vrsisi promene u njoj (to naravno radis na sopstvenu odgovornost ), iskoristi [url=https://www.mycity.rs/must-login.png vbs skriptu[/url] da pronades kljuceve za brisanje. Za svaki slucaj prvo uradi bekap kompletne reg baze pre ovoga. Start -> Run -> Regedit U prozoru koji se otvori, klikni na My Computer, pa Export i sacuvaj celu bazu kao .reg fajl npr. na Desktop. Ako nesto ne stima posle ovih izmena lako ces dvoklikom na taj fajl vratiti registry bazu u ranije stanje. Sto se skripte tice: Pokreni je i u polje za unos koje ce se pojaviti kopiraj jedan po jedan od ovih dole navedenih CLSID-a i sacekaj da se pretraga zavrsi. 38D6A83F-22B6-44FC-AC9E-C6412DA4B115 3A6D1C7A-AE85-4F9D-BFF3-67725B842981 8C36BFE4-F7FD-4187-A38C-4B69461B9D00 2F5E88F5-DEF4-4581-BC10-FCC19664D4D3 Dobices txt fajl sa svim kljucevima vezanim za svaki od CLSID-a ponaosob. Pronadjes svaki i brises rucno.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Ma sta me ovo snaslo?

Ko je trenutno na forumu

Ukupno su 872 korisnika na forumu :: 5 registrovanih, 2 sakrivenih i 865 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., Bobrock1, Bubimir, Dorcolac, mnn2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by