MyCity » Ambulanta -> Arhiva Ambulante » pomoc,ne znam sta je u pitanju

pomoc,ne znam sta je u pitanju

Napisano na dan: 8.1.2013

Strana:
1
2

pomoc,ne znam sta je u pitanju

Pagination

Prethodna strana

Odgovori

Strana:
1
2

Dashko_90 Poslao: 19 Jan 2013 00:04 Idi na vrh
offline Dashko_90 Građanin Pridružio: 23 Sep 2007 Poruke: 124	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: jos uvek imam iste probleme samo sto je sada poceo i sam da me prebacuje na druge sajtove ako mogu da vas zaolim opet za proveru? DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.11.2 Run by Administrator at 23:58:38 on 2013-01-18 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.247.75 [GMT 1:00] . AV: avast! Antivirus Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} . ============== Running Processes ================ . C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre7\bin\jqs.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MCShield\mcshieldrtm.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Opera\opera.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService . ============== Pseudo HJT Report =============== . uStart Page = hxxp://searchya.com/?chnl=dcom-100&s=0&cr=797552488&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDyCtDtB BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned> BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll uRun: [Google Update] "c:\documents and settings\administrator\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe mRun: [igfxpers] c:\windows\system32\igfxpers.exe mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 TCP: NameServer = 192.168.1.1 TCP: Interfaces\{956E1B92-D4E1-400F-8190-938CF3DCF5F7} : DHCPNameServer = 192.168.1.1 Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll mASetup: {FC88681F-4735-4f2f-9514-C21BAC737CF8} - rundll32.exe advpack.dll,LaunchINFSection MU.inf,MUWeb.Install Hosts: 127.0.0.1 mpa.one.microsoft.com . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-6-12 738504] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-6-2 361032] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-6-2 21256] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2012-6-2 44808] . =============== Created Last 30 ================ . 2013-01-13 22:15:36 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2013-01-08 22:35:52 -------- d-----w- c:\documents and settings\all users\application data\MCShield 2013-01-08 22:35:51 -------- d-----w- c:\program files\MCShield 2013-01-02 15:13:44 -------- d-----w- c:\program files\Winamp Detect 2013-01-02 15:13:20 126448 ------w- c:\windows\system32\pxinsi64.exe 2013-01-02 15:13:20 123888 ------w- c:\windows\system32\pxcpyi64.exe 2013-01-02 15:13:19 59888 ------w- c:\windows\system32\pxwma.dll 2012-12-22 17:49:53 -------- d-----w- c:\program files\IrfanView . ==================== Find3M ==================== . 2012-12-12 08:36:56 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-12-12 08:36:56 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-11-28 09:35:43 859072 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-11-28 09:35:38 779704 ----a-w- c:\windows\system32\deployJava1.dll 2012-10-30 22:51:58 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-10-30 22:51:07 41224 ----a-w- c:\windows\avastSS.scr . ============= FINISH: 23:59:05,82 =============== mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png mycity.rs/must-login.png

Profil

Sass Drake Poslao: 19 Jan 2013 00:17 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	1Ovo se svidja korisniku: MarKhan Registruj se da bi pohvalio/la poruku! Sa kojih stranica je počeo da te prebacuje i na koju stranicu je počeo da te prebacuje? Preuzmi program OTL sa donjeg linka na Desktop: download link Dvoklikom pokreni OTL; klikni Run Scan; po završetku skeniranja, izveštaj (koji će biti automatski sačuvan na Desktop-u kao OTL.Txt) će se otvoriti u Notepad-u. Kopiraj dobijeni izvještaj u poruku.

Profil

Dashko_90 Poslao: 19 Jan 2013 00:33 Idi na vrh
offline Dashko_90 Građanin Pridružio: 23 Sep 2007 Poruke: 124	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: malo pre sa domaceg sajta za upoznavanje(ne bih da reklamiram) na mobilnisvet.com pre toga prebacio me je sa infostuda(trazio sam da downloadujem CV) na neki sajt ali uspeo sam odmah da zatvorim tab jos pre nego sto je ocitao celu stranicu nikada do sada nisam imao taj problem OTL logfile created on: 19.1.2013 0:28:48 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Administrator\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 0000081A \| Country: Serbia and Montenegro \| Language: SRL \| Date Format: d.M.yyyy 246,73 Mb Total Physical Memory \| 40,18 Mb Available Physical Memory \| 16,28% Memory free 605,61 Mb Paging File \| 352,58 Mb Available in Paging File \| 58,22% Paging File free Paging file location(s): C:\pagefile.sys 372 744 [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\WINDOWS \| %ProgramFiles% = C:\Program Files Drive C: \| 15,93 Gb Total Space \| 8,16 Gb Free Space \| 51,19% Space Free \| Partition Type: NTFS Drive D: \| 58,59 Gb Total Space \| 41,84 Gb Free Space \| 71,41% Space Free \| Partition Type: NTFS Computer Name: IVANA \| User Name: Administrator \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.01.19 00:28:36 \| 000,602,112 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe PRC - [2013.01.12 03:27:33 \| 000,170,912 \| ---- \| M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe PRC - [2013.01.04 23:23:29 \| 000,879,080 \| ---- \| M] (Opera Software) -- C:\Program Files\Opera\opera.exe PRC - [2012.12.19 19:02:54 \| 003,273,136 \| ---- \| M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe PRC - [2012.12.16 10:38:44 \| 000,605,184 \| ---- \| M] (MyCity) -- C:\Program Files\MCShield\MCShieldRTM.exe PRC - [2012.10.30 23:50:59 \| 004,297,136 \| ---- \| M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2012.10.30 23:50:59 \| 000,044,808 \| ---- \| M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2002.12.31 13:00:00 \| 001,033,728 \| ---- \| M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe ========== Modules (No Company Name) ========== MOD - [2013.01.18 21:59:25 \| 002,045,952 \| ---- \| M] () -- C:\Program Files\Alwil Software\Avast5\defs\13011802\algo.dll MOD - [2012.12.20 00:03:50 \| 000,045,056 \| ---- \| M] () -- C:\Program Files\CCleaner\Lang\lang-2074.dll MOD - [2002.12.31 13:00:00 \| 000,059,904 \| ---- \| M] () -- C:\WINDOWS\system32\devenum.dll MOD - [2002.12.31 13:00:00 \| 000,014,336 \| ---- \| M] () -- C:\WINDOWS\system32\msdmo.dll ========== Services (SafeList) ========== SRV - File not found [Disabled \| Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ) SRV - [2013.01.12 03:27:33 \| 000,170,912 \| ---- \| M] (Oracle Corporation) [Auto \| Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService) SRV - [2012.10.30 23:50:59 \| 000,044,808 \| ---- \| M] (AVAST Software) [Auto \| Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (WDICA) DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (PDRELI) DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (PDFRAME) DRV - File not found [Kernel \| On_Demand \| Stopped] -- -- (PDCOMP) DRV - File not found [Kernel \| System \| Stopped] -- -- (PCIDump) DRV - File not found [Kernel \| System \| Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel \| System \| Stopped] -- -- (i2omgmt) DRV - File not found [Kernel \| System \| Stopped] -- -- (Changer) DRV - [2012.10.30 23:51:58 \| 000,738,504 \| ---- \| M] (AVAST Software) [File_System \| System \| Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012.10.30 23:51:58 \| 000,361,032 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012.10.30 23:51:58 \| 000,054,232 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012.10.30 23:51:58 \| 000,035,928 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr) DRV - [2012.10.30 23:51:57 \| 000,097,608 \| ---- \| M] (AVAST Software) [File_System \| Auto \| Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2) DRV - [2012.10.30 23:51:56 \| 000,025,256 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4) DRV - [2012.10.30 23:51:56 \| 000,021,256 \| ---- \| M] (AVAST Software) [File_System \| Auto \| Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2008.04.13 23:05:40 \| 000,020,992 \| ---- \| M] (Realtek Semiconductor Corporation) [Kernel \| On_Demand \| Running] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) DRV - [2002.12.31 13:00:00 \| 000,016,877 \| ---- \| M] (Adaptec) [Kernel \| Auto \| Running] -- C:\WINDOWS\System32\drivers\aspi32.sys -- (Aspi32) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = searchya.com/?chnl=dcom-100&s=0&cr=79755248.....tBtDyCtDtB IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F9 52 BD 6E E2 40 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {444A304B-9928-440B-B7DF-524838594F3F} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC IE - HKCU\..\SearchScopes\{444A304B-9928-440B-B7DF-524838594F3F}: "URL" = searchya.com/?chnl=dcom-100&s=1&cr=79755248.....DyCtDtB&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2027: C:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1040: C:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2002.01.01 00:12:51 \| 000,000,000 \| ---D \| M] ========== Chrome ========== CHR - homepage: searchya.com/?chnl=dcom-100&s=0&cr=79755248.....tBtDyCtDtB CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: searchya.com/?chnl=dcom-100&s=0&cr=79755248.....tBtDyCtDtB CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.52\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\24.0.1312.52\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll CHR - plugin: Microsoft DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll O1 HOSTS File: ([2002.01.01 01:10:28 \| 000,000,781 \| RHS- \| M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software) O4 - HKCU..\Run: [MCShield Monitor] C:\Program Files\MCShield\MCShieldRTM.exe (MyCity) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{956E1B92-D4E1-400F-8190-938CF3DCF5F7}: DhcpNameServer = 192.168.1.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2002.01.01 00:44:31 \| 000,000,000 \| ---- \| M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk ) O35 - HKLM\..comfile [open] -- "%1" % O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.01.19 00:28:36 \| 000,602,112 \| ---- \| C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe [2013.01.19 00:08:01 \| 000,000,000 \| RH-D \| C] -- C:\Documents and Settings\Administrator\Recent [2013.01.13 23:15:36 \| 000,174,496 \| ---- \| C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013.01.13 23:15:36 \| 000,174,496 \| ---- \| C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013.01.13 23:15:36 \| 000,094,112 \| ---- \| C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013.01.08 23:35:57 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Start Menu\Programs\MCShield [2013.01.08 23:35:52 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\All Users\Application Data\MCShield [2013.01.08 23:35:51 \| 000,000,000 \| ---D \| C] -- C:\Program Files\MCShield [2013.01.08 23:21:53 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Common Files\Adobe [2013.01.08 23:21:53 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Adobe [2013.01.08 20:47:03 \| 000,000,000 \| ---D \| C] -- C:\WINDOWS\Minidump [2013.01.08 20:39:59 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Administrator\My Documents\My Videos [2013.01.08 20:39:59 \| 000,000,000 \| R--D \| C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Administrative Tools [2013.01.02 16:13:45 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Winamp Detector Plug-in [2013.01.02 16:13:44 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Winamp Detect [2013.01.02 16:13:20 \| 000,126,448 \| ---- \| C] (Sonic Solutions) -- C:\WINDOWS\System32\pxinsi64.exe [2013.01.02 16:13:20 \| 000,123,888 \| ---- \| C] (Sonic Solutions) -- C:\WINDOWS\System32\pxcpyi64.exe [2013.01.02 16:13:19 \| 000,059,888 \| ---- \| C] (Sonic Solutions) -- C:\WINDOWS\System32\pxwma.dll [2012.12.27 14:30:12 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Desktop\New Folder [2012.12.22 18:50:02 \| 000,000,000 \| ---D \| C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\IrfanView [2012.12.22 18:49:53 \| 000,000,000 \| ---D \| C] -- C:\Program Files\IrfanView [1 C:\WINDOWS\System32\.tmp files -> C:\WINDOWS\System32\.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.01.19 00:28:36 \| 000,602,112 \| ---- \| M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe [2013.01.19 00:12:00 \| 000,001,052 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-261903793-1644491937-500UA.job [2013.01.19 00:09:21 \| 000,000,896 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.01.19 00:09:12 \| 000,002,048 \| --S- \| M] () -- C:\WINDOWS\bootstat.dat [2013.01.19 00:09:11 \| 000,247,904 \| ---- \| M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.01.18 23:37:45 \| 000,000,900 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.01.18 15:12:17 \| 000,001,000 \| ---- \| M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1993962763-261903793-1644491937-500Core.job [2013.01.15 20:43:33 \| 000,000,049 \| ---- \| M] () -- C:\WINDOWS\NeroDigital.ini [2013.01.13 22:22:30 \| 000,002,362 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2013.01.12 03:30:20 \| 000,094,112 \| ---- \| M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [2013.01.12 03:26:16 \| 000,174,496 \| ---- \| M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe [2013.01.12 03:24:49 \| 000,174,496 \| ---- \| M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe [2013.01.11 12:18:07 \| 000,002,278 \| ---- \| M] () -- C:\WINDOWS\System32\wpa.dbl [2012.12.31 19:30:26 \| 001,511,424 \| ---- \| M] () -- C:\Documents and Settings\Administrator\Desktop\Video0000.3gp [1 C:\WINDOWS\System32\.tmp files -> C:\WINDOWS\System32\.tmp -> ] ========== Files Created - No Company Name ========== [2013.01.19 00:09:11 \| 000,247,904 \| ---- \| C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2013.01.15 16:51:05 \| 001,511,424 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Desktop\Video0000.3gp [2013.01.08 23:23:23 \| 000,001,804 \| ---- \| C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk [2012.06.04 12:26:59 \| 000,000,049 \| ---- \| C] () -- C:\WINDOWS\NeroDigital.ini [2012.06.04 12:26:55 \| 000,028,672 \| ---- \| C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.06.02 19:41:46 \| 000,000,376 \| ---- \| C] () -- C:\WINDOWS\ODBC.INI [2012.06.02 18:58:15 \| 000,000,044 \| ---- \| C] () -- C:\WINDOWS\System32\msssc.dll [2012.06.02 18:39:16 \| 000,002,666 \| ---- \| C] () -- C:\WINDOWS\Ascd_tmp.ini [2012.06.02 18:39:15 \| 000,005,824 \| ---- \| C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2012.06.02 18:15:20 \| 000,000,664 \| ---- \| C] () -- C:\WINDOWS\System32\d3d9caps.dat ========== ZeroAccess Check ========== [2002.01.01 00:45:50 \| 000,000,227 \| RHS- \| M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shdocvw.dll -- [2002.12.31 13:00:00 \| 001,499,136 \| ---- \| M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2002.12.31 13:00:00 \| 000,472,064 \| ---- \| M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2002.12.31 13:00:00 \| 000,273,920 \| ---- \| M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > mycity.rs/must-login.png

Profil

Sass Drake Poslao: 19 Jan 2013 00:49 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Samo na tom sajtu ti se desilo to preusmjeravanje ili na još nekom?

Profil

Dashko_90 Poslao: 19 Jan 2013 00:51 Idi na vrh
offline Dashko_90 Građanin Pridružio: 23 Sep 2007 Poruke: 124	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! za sada samo na ova dva

Profil

Sass Drake Poslao: 19 Jan 2013 00:59 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Svi dosad postavljeni izvještaji ne pokazuju tragove aktivne infekcije pa ćemo uraditi još jednu provjeru da budemo sigurni. Preuzmi TDSSKiller sa sljedeće adrese na Desktop: TDSSKiller Kad preuzimanje bude završeno: Preimenuj TDSSKiller.exe u MyCity.exe Pokreni MyCity.exe i klikni na Change parametres. U dijelu Additional options štrikliraj opcije Verify driver signatures i Detect TDLFS file system, a zatim klikni na OK. Klikni na Start scan. Kad završi prikazaće ti rezultate skeniranja. Za sve ponađene objekte odaberi akciju Skip. Klikni na Continue. Prikači uz poruku izvještaj koji se nalazi na sljedećoj lokaciji: C:\TDSSKiller_verzija programa_DD.MM.GG_HH.MM.SS.txt (DD-dan, MM-mesec, GG-godina, HH-sat, MM-minut, SS-sekunda; datum i vrijeme kada je log napravljen)

Profil

Dashko_90 Poslao: 19 Jan 2013 01:11 Idi na vrh
offline Dashko_90 Građanin Pridružio: 23 Sep 2007 Poruke: 124	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 19 Jan 2013 1:07 mycity.rs/must-login.png 19.januar 2013 01:08 Dopuna: 19 Jan 2013 1:11 pardon,ispravka 01:05:49

Profil

Sass Drake Poslao: 19 Jan 2013 01:49 Idi na vrh
offline Sass Drake Anti Malware Fighter Rank 2 Pridružio: 26 Avg 2010 Poruke: 10622 Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building	1Ovo se svidja korisniku: g[h]ost Registruj se da bi pohvalio/la poruku! Čist si. Otvaranje onih strana na dotičnim sajtovima je vjerovatno rezultat agresivnog reklamiranja istih, a ne rezultat infekcije. Ponovo pokreni OTL i klikni na dugme CleanUp. Ostale korišćenje alate možeš obrisati kao i njihove izvještaje. Uradi ono što sam ti predložio prošli put ako već nisi i otvori temu u Windows forumu i u njoj iznesi svoj problem.

Profil

Dashko_90 Poslao: 19 Jan 2013 01:58 Idi na vrh
offline Dashko_90 Građanin Pridružio: 23 Sep 2007 Poruke: 124	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! hvala vam puno

Profil

MyCity » Ambulanta -> Arhiva Ambulante » pomoc,ne znam sta je u pitanju

Ko je trenutno na forumu

Ukupno su 1022 korisnika na forumu :: 46 registrovanih, 7 sakrivenih i 969 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, 5.56, anbeast, avijacija, babaroga, Bobrock1, Boris90, BraneS, damirZR, Dežurni pod palubom, dragan_mig31, DragoslavS, Duh sa sekirom, goxin, havoc995, Hexe, ikan, JimmyNapoli, Još malo pa deda, kokodakalo, krkalon, kubura91, kuntalo, ladro, Lieutenant, ljuba, Mi lao shu, Millennium, minmatar34957, raptorsi, RED4G-304, Reddot, repac, Romibrat, ser.hill, theNedjeljko, tomigun, Trpe Grozni, Tvrtko I, Vlad000, vladas87, wizzardone, wolf431, Wrangler, zdrebac, zzapNDjuric99

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by