|
Poslao: 19 Okt 2012 23:01
|
offline
- dr_Bora
- Anti Malware Fighter
Rank 2
- Pridružio: 24 Jul 2007
- Poruke: 12280
- Gde živiš: Höganäs, SE
|
Znači, odradiš registraciju dll-a, ali tog ključa u registru i dalje nema?
Skini ova dva file-a.
https://www.mycity.rs/must-login.png
https://www.mycity.rs/must-login.png
Dvoklik na file-ove i potvrdi unos u registry.
Postoje li sada ovi ključevi u registru:
HKEY_CLASSES_ROOT\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}
|
|
|
|
|
Registruj se da bi učestvovao u diskusiji. Registrovanim korisnicima se NE prikazuju reklame unutar poruka.
|
|
|
|
|
Poslao: 20 Okt 2012 00:26
|
offline
- dr_Bora
- Anti Malware Fighter
Rank 2
- Pridružio: 24 Jul 2007
- Poruke: 12280
- Gde živiš: Höganäs, SE
|
Zatvoriš MCS (iz traya), pa opet pokreneš Real Time Monitor (u start meniju) ili prosto spojiš neki flash drive. Radi?
|
|
|
|
|
|
|
|
|
Poslao: 20 Okt 2012 11:32
|
offline
- dr_Bora
- Anti Malware Fighter
Rank 2
- Pridružio: 24 Jul 2007
- Poruke: 12280
- Gde živiš: Höganäs, SE
|
Hajde još nešto da pokušamo... Restartuj Windows u Safe Mode i tamo pokreni Real Time Monitor. Radi?
Ako ne... Start > cmd (desni klik - Run As Administrator)
regsvr32 vbscript.dll
Registracija uspešna? Probaj da pokreneš Real Time Monitor. Radi?
|
|
|
|
|
|
|
Poslao: 20 Okt 2012 20:17
|
offline
- djolew
- Elitni građanin
- Pridružio: 24 Dec 2011
- Poruke: 1638
- Gde živiš: Novi Banovci
|
I u safe modu se pojavljuje. Registracija je bila uspesna ali i dalje se pojavljuje
|
|
|
|
|
|
|
|
|
Poslao: 20 Okt 2012 20:50
|
offline
- djolew
- Elitni građanin
- Pridružio: 24 Dec 2011
- Poruke: 1638
- Gde živiš: Novi Banovci
|
SystemLook 30.07.11 by jpshortstuff
Log created at 20:50 on 20/10/2012 by admin
Administrator - Elevation successful
========== regfind ==========
Searching for "B54F3741-5B07-11cf-A4B0-00AA004A55E8"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit]
"LastKey"="Computer\HKEY_CLASSES_ROOT\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBS\CLSID]
@="{B54F3741-5B07-11cf-A4B0-00AA004A55E8}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBScript\CLSID]
@="{B54F3741-5B07-11cf-A4B0-00AA004A55E8}"
[HKEY_USERS\S-1-5-21-4232926109-2270386077-2592286719-1000\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit]
"LastKey"="Computer\HKEY_CLASSES_ROOT\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}"
-= EOF =-
|
|
|
|
|
|
|
Poslao: 20 Okt 2012 21:18
|
offline
- dr_Bora
- Anti Malware Fighter
Rank 2
- Pridružio: 24 Jul 2007
- Poruke: 12280
- Gde živiš: Höganäs, SE
|
:reg
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBS /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBScript /s
HKEY_CURRENT_USER\Environment /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment /s
:filefind
vbscript.dll
Iskopiraj u SystemLook i klikni Look. Postavi ovde log.
|
|
|
|
|
|
|
Poslao: 24 Okt 2012 14:26
|
offline
- djolew
- Elitni građanin
- Pridružio: 24 Dec 2011
- Poruke: 1638
- Gde živiš: Novi Banovci
|
Napisano: 20 Okt 2012 21:30
SystemLook 30.07.11 by jpshortstuff
Log created at 21:29 on 20/10/2012 by admin
Administrator - Elevation successful
========== reg ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}]
@="VB Script Language"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\Implemented Categories]
(No values found)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\Implemented Categories\{F0B7A1A1-9847-11CF-8F20-00805F2CD064}]
@= (REG_NONE)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\Implemented Categories\{F0B7A1A2-9847-11CF-8F20-00805F2CD064}]
@= (REG_NONE)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32]
@="%SystemRoot%\system32\vbscript.dll"
"ThreadingModel"="Both"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\OLEScript]
@= (REG_NONE)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\ProgID]
@="VBScript"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBS]
@="VB Script Language"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBS\CLSID]
@="{B54F3741-5B07-11cf-A4B0-00AA004A55E8}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBS\OLEScript]
@= (REG_NONE)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBScript]
@="VB Script Language"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBScript\CLSID]
@="{B54F3741-5B07-11cf-A4B0-00AA004A55E8}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VBScript\OLEScript]
@= (REG_NONE)
[HKEY_CURRENT_USER\Environment]
"TEMP"="%USERPROFILE%\AppData\Local\Temp"
"TMP"="%USERPROFILE%\AppData\Local\Temp"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment]
"ComSpec"="%SystemRoot%\system32\cmd.exe"
"FP_NO_HOST_CHECK"="NO"
"OS"="Windows_NT"
"Path"="C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared;C:\Program Files\Common Files\Acronis\SnapAPI\"
"PATHEXT"=".COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC"
"PROCESSOR_ARCHITECTURE"="x86"
"TEMP"="%SystemRoot%\TEMP"
"TMP"="%SystemRoot%\TEMP"
"USERNAME"="SYSTEM"
"windir"="%SystemRoot%"
"PSModulePath"="%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\"
"NUMBER_OF_PROCESSORS"="4"
"PROCESSOR_LEVEL"="6"
"PROCESSOR_IDENTIFIER"="x86 Family 6 Model 23 Stepping 10, GenuineIntel"
"PROCESSOR_REVISION"="170a"
"windows_tracing_logfile"="C:\BVTBin\Tests\installpackage\csilogfile.log"
"windows_tracing_flags"="3"
"SAN_DIR"="D:\Programi\SiSoftware Sandra Professional Home 2011"
"RGSCLauncher"="D:\Igrice\GTA4\Grand Theft Auto IV\Rockstar Games Social Club"
"RGSC"="D:\Igrice\GTA4\Grand Theft Auto IV\Rockstar Games Social Club\1_0_0_0"
========== filefind ==========
Searching for "vbscript.dll"
C:\Windows\System32\vbscript.dll --a---- 420864 bytes [23:46 22/09/2012] [06:47 24/08/2012] DBBBE5B64E2FE1AF8BE76CCAA2B54DFC
C:\Windows\winsxs\x86_microsoft-windows-scripting-vbscript_31bf3856ad364e35_6.1.7601.17514_none_4a616d3a8c291c54\vbscript.dll --a---- 427520 bytes [21:29 20/11/2010] [21:29 20/11/2010] B6C47E0FB844FDB75A8DAE5A6487CB8F
C:\Windows\winsxs\x86_microsoft-windows-scripting-vbscript_31bf3856ad364e35_6.1.7601.17562_none_4a295d0a8c53755b\vbscript.dll --a---- 428032 bytes [15:27 21/08/2011] [05:43 18/02/2011] 34C07D9BED227103E32E21FBCC2F1FBD
C:\Windows\winsxs\x86_microsoft-windows-scripting-vbscript_31bf3856ad364e35_6.1.7601.21663_none_4ab3fa1fa5702e7c\vbscript.dll --a---- 428032 bytes [15:27 21/08/2011] [05:16 18/02/2011] EED26FCE45CA530C3CEB4279FF5C306F
C:\Windows\winsxs\x86_microsoft-windows-scripting-vbscript_31bf3856ad364e35_9.4.8112.16421_none_60d9a60d482d54be\vbscript.dll --a---- 420864 bytes [18:01 14/02/2012] [18:01 14/02/2012] 5E7A2CF7719161C5E6C0E47D67AD45AE
C:\Windows\winsxs\x86_microsoft-windows-scripting-vbscript_31bf3856ad364e35_9.4.8112.16450_none_60b835ff48468f3a\vbscript.dll --a---- 420864 bytes [23:46 22/09/2012] [06:47 24/08/2012] DBBBE5B64E2FE1AF8BE76CCAA2B54DFC
C:\Windows\winsxs\x86_microsoft-windows-scripting-vbscript_31bf3856ad364e35_9.4.8112.20557_none_6148d4d0615de065\vbscript.dll --a---- 420864 bytes [23:46 22/09/2012] [07:08 24/08/2012] FD44BF4FB0FF0BE01AAAE82785B00F23
-= EOF =-
Dopuna: 24 Okt 2012 14:26
Moze pomoc?
|
|
|
|
|
|
