MyCity » Ambulanta -> Arhiva Ambulante » Vec par dana pronalazim tolbar pup delta search,kako da ga uklonim

Vec par dana pronalazim tolbar pup delta search,kako da ga uklonim

Napisano na dan: 3.6.2013
2

Vec par dana pronalazim tolbar pup delta search,kako da ga uklonim
Pagination Prethodna strana

Idi na vrh

Poslao: 22 Jun 2013 10:29
Idi na vrh
offline
  • Dalibor
  • Pridružio: 03 Feb 2011
  • Poruke: 445
  • Gde živiš: Nemačka

https://www.mycity.rs/must-login.png
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Microsoft Windows XP x86
Ran by Dalibor on sub 22.06.2013 at 10:20:33,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on sub 22.06.2013 at 10:26:16,10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Poslao: 22 Jun 2013 11:10
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Postavi mi jos jednom GMER i DDS izvestaje...imas u prethodnim porukama uputstvo za GMER...

Poslao: 22 Jun 2013 12:34
Idi na vrh
offline
  • Dalibor
  • Pridružio: 03 Feb 2011
  • Poruke: 445
  • Gde živiš: Nemačka

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.25.2
Run by Dalibor at 12:30:53 on 2013-06-22
Microsoft Windows XP Professional 5.1.2600.3.1250.381.1033.18.1023.487 [GMT 2:00]
.
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\VMSnap3.EXE
C:\WINDOWS\Domino.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\MCShield\mcshieldrtm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Maxthon3\Bin\Maxthon.exe
C:\Program Files\Maxthon3\Bin\Maxthon.exe
C:\Program Files\Maxthon3\Bin\Maxthon.exe
C:\Program Files\Maxthon3\Bin\Maxthon.exe
C:\Program Files\Maxthon3\Bin\Maxthon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
dURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - <orphaned>
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - c:\program files\iobit\advanced systemcare ultimate\browerprotect\ASCPlugin_Protection.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\dalibor\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [VMSnap3] c:\windows\VMSnap3.EXE
mRun: [Domino] c:\windows\Domino.EXE
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\dalibor\startm~1\programs\startup\yahoo!~1.lnk - c:\program files\yahoo!\widgets\YahooWidgets.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1367043419484
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{9F4E3ED5-5E40-425C-BD51-990C50442851} : DHCPNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\dalibor\application data\mozilla\firefox\profiles\6e0jhsd5.default\
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=800236&p=
FF - plugin: c:\documents and settings\dalibor\local settings\application data\google\update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\documents and settings\dalibor\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\iobit\advanced systemcare ultimate\browerprotect\np_Asc_plugin.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_224.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-05-27 12:45; {65030561-c150-4370-836c-7c9d04f7a1b4}; c:\documents and settings\dalibor\application data\mozilla\firefox\profiles\6e0jhsd5.default\extensions\{65030561-c150-4370-836c-7c9d04f7a1b4}
FF - ExtSQL: 2013-06-01 10:13; wrc@avast.com; c:\program files\avast software\avast\webrep\FF
FF - ExtSQL: 2013-06-02 06:26; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - ExtSQL: 2013-06-09 11:09; ascsurfingprotection@iobit.com; c:\documents and settings\dalibor\application data\mozilla\firefox\profiles\6e0jhsd5.default\extensions\ascsurfingprotection@iobit.com
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-6-1 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-6-1 174664]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2013-6-1 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2013-6-1 368944]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-8-12 116608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2013-6-1 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-6-1 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2013-6-1 46808]
R3 vmfilter303;vmfilter303;c:\windows\system32\drivers\vmfilter303.sys [2013-4-24 428160]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-6-3 162408]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2013-4-28 1691480]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\i:\ntglm7x.sys --> i:\NTGLM7X.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-4 14336]
.
=============== Created Last 30 ================
.
2013-06-20 07:27:12 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-06-20 07:27:08 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-14 07:17:09 -------- d-----w- c:\program files\Unlocker
2013-06-12 07:10:17 -------- d-----w- c:\documents and settings\dalibor\application data\TuneUp Software
2013-06-12 07:09:57 -------- d-----w- c:\documents and settings\all users\application data\TuneUp Software
2013-06-12 07:09:38 -------- d-sh--w- c:\documents and settings\all users\application data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-12 07:09:38 -------- d--h--w- c:\documents and settings\all users\application data\Common Files
2013-06-12 06:45:43 74752 -c----w- c:\windows\system32\dllcache\cryptdlg.dll
2013-06-12 06:45:08 -------- d-----w- c:\windows\system32\winrm
2013-06-12 06:45:08 -------- d-----w- c:\windows\system32\GroupPolicy
2013-06-12 06:44:57 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2013-06-09 07:09:26 -------- d-----w- c:\documents and settings\all users\application data\{D76294E6-03B8-4971-AF2E-3F846161A690}
2013-06-09 07:09:22 -------- d-----w- c:\documents and settings\dalibor\AppData
2013-06-09 07:09:15 -------- d-----w- c:\documents and settings\all users\application data\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
2013-06-09 07:06:05 -------- d-----w- c:\documents and settings\dalibor\SyncFolder
2013-06-09 07:01:58 -------- d-----w- c:\program files\MyPC Backup
2013-06-07 11:04:24 -------- d-----w- c:\program files\FastStone Capture
2013-06-02 04:25:14 -------- d-----w- c:\windows\system32\XPSViewer
2013-06-02 04:24:44 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2013-06-02 04:24:28 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2013-06-02 04:24:28 117760 ------w- c:\windows\system32\prntvpt.dll
2013-06-02 04:24:27 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2013-06-02 04:24:27 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2013-06-02 04:24:27 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2013-06-02 04:24:27 575488 ------w- c:\windows\system32\xpsshhdr.dll
2013-06-02 04:24:27 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2013-06-02 04:24:27 1676288 ------w- c:\windows\system32\xpssvcs.dll
2013-06-01 20:01:32 -------- d-----w- c:\documents and settings\dalibor\local settings\application data\VS Revo Group
2013-06-01 08:13:18 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-01 08:13:17 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-06-01 08:13:17 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-01 08:13:16 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-06-01 08:12:49 41664 ----a-w- c:\windows\avastSS.scr
2013-06-01 08:12:46 35088 ----a-w- c:\windows\system32\drivers\tap0901.sys
2013-05-27 10:06:14 -------- d-----w- c:\program files\Hitman Pro 3.5
.
==================== Find3M ====================
.
2013-06-22 04:30:56 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2013-06-20 07:26:55 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-20 07:26:55 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-12 03:18:55 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-12 03:18:54 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-10 07:57:53 12872 ----a-w- c:\windows\system32\bootdelete.exe
2013-05-07 22:30:06 920064 ----a-w- c:\windows\system32\wininet.dll
2013-05-07 22:30:05 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-07 22:30:05 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-07 21:53:29 385024 ----a-w- c:\windows\system32\html.iec
2013-05-03 01:30:20 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-03 00:38:17 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-10 01:31:19 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-04-02 14:09:52 4550656 ----a-w- c:\windows\system32\GPhotos.scr
2013-03-26 22:53:57 74752 ----a-w- c:\windows\system32\cryptdlg.dll
.
============= FINISH: 12:31:33,04 ===============

Poslao: 22 Jun 2013 12:52
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Malware nije prisutan, a ono sto je SAS prijavljivao jeste u okviru System Restore-a sto je bezopasno po sistem. Kakvo je sada stanje...

Poslao: 22 Jun 2013 16:23
Idi na vrh
offline
  • Dalibor
  • Pridružio: 03 Feb 2011
  • Poruke: 445
  • Gde živiš: Nemačka

Sada radi mnogo bolje

MyCity » Ambulanta -> Arhiva Ambulante » Vec par dana pronalazim tolbar pup delta search,kako da ga uklonim

Ko je trenutno na forumu
 

Ukupno su 1131 korisnika na forumu :: 48 registrovanih, 7 sakrivenih i 1076 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Rade, A.R.Chafee.Jr., Aleksandar Tomić, Alibaba1981, Apok, avijacija, babaroga, bbogdan, Belac91, Bluper, bojankrstc, Brana01, bufanje, cinoeye, darcaud, DonRumataEstorski, Excalibur13, FOX, Frunze, Hans Gajger, Insan, Još malo pa deda, kikisp, kolle.the.kid, Komentator, koom0001, Koridor, Kubovac, ladro, Leonov, Mi lao shu, milenko crazy north, milutin134, nebkv, nikoladim, Parker, pein, proka89, RED4G-304, royst33, Smiljke, sombrero, theNedjeljko, vladas87, Webb, Zoca, Žrnov, Čivi