|
| |||||||
| Registracija | Mapa Spy | Member List | Donacije | Pretraživanje | Today's Posts | Označi Sve Forume Kao Pročitane | Forum Rules |
 |
 |
| | Thread Tools |
|
#1
19. studenog 2008, 21:23
| |||
| |||
| Bok Tu je poruku o pogrešci koja je popping up svaki put kad sam čizma gore moj PC za neko vrijeme sada. Iako to nije stvarno mi smeta (i jednostavno gurnuti na "OK" i ona će nestati), mislim da je to razlog zašto sam imati poteškoća spaljivanje stvari na DVD. Ja ću opisati poruku. To je samo mali prozor u sredini zaslona nazivom 'RUNDLL'. Stvarna poruka kaže: "Error loading: C: \ programa ~ 1 \ bar \ 1.bin \ M3PLUGIN.DLL Navedeni modul nije mogao biti pronađen. " i onda mi samo omogućava kliknite 'U redu'. Bilo koji ideja što je to ili kako to škripac Internet? oh yeah, imam Windows XP Home Edition verzije 2002 Service Pack 2. Hvala, john |
|
#2
20. studenog 2008, 00:31
| ||||||||||||
| ||||||||||||
| M3PLUGIN.DLL je dio virus i / ili spyware koje je ostavljena na vašem sustavu.
__________________
Slijedite ovaj vodič i post log datoteke, tada jedna od zlonamjernih programa tim će Vam pomoći da se u potpunosti očistiti gore. http://www.computer-juice.com/forums...-posting-7476/ * Thread premjestiti na Virus / Spyware forum. My System: Hybr! D
|
|
#3
23. studenog 2008, 18:39
| |||
| |||
| bok Ja sam završio korake 1-6 i poruku o pogrešci na start up je zapravo nestao. I'll post tri logove samo u slučaju. Evo programa nisam sigurni u "Add Remove Programs" list: AC3 Filter AmpliTube LE 1,1 Ask Toolbar Bonjour Compatibility Pack za Office 2007 sustav Korisnički Iskustvo Enhancement DNA Multimedia Keyboard Enhanced Solution High Definition Audio Driver Package - KB888111 HP Boot Optimiser IncrediMail Xe LADSPA_plugins-pobijediti-0.4.15 Microsoft. NET Framework 1.1 Microsoft. NET Framework 1.1 Hotfix (KB928366) Microsoft. NET Framework 2.0 Service Pack 1 Microsoft Silverlight Microsoft Visual C + + 2005 Redistributable (2 od njih) MobileMe Control Panel MSXML 4.0 SP2 (KB925672) MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) PIF Designer Prime95 PS2 Python 2,2 pywin32 ekstenzije (Build 203) Python 2.2.3 Safari Windows Installer 3.1 (KB893803) Evo SUPERAntiSpyware log: SUPERAntiSpyware Scan Prijava http://www.superantispyware.com Generirano 11/22/2008 at 09:46 Application Version: 4/22/1014 Core Pravila Database Version: 3648 Trace Pravila Database Version: 1631 Scan type: Cijela Scan Ukupno Scan Vrijeme: 02:30:48 Memorija predmeta skenirane: 568 Memorija prijetnje otkrivena: 0 Registry stavke skenirane: 7140 Matični prijetnje otkrivena: 79 File skenirane podatke: 198486 File prijetnje otkrivena: 1 BearShare File Sharing klijente [BearShare] C: \ Program Files \ BEARSHARE \ BEARSHARE.EXE C: \ Program Files \ BEARSHARE \ BEARSHARE.EXE Adware.Vundo Varijanta HKLM \ Software \ Classes \ CLSID \ (994B5FB4-0103-44A6-B6B3-C73572B362BC) HKCR \ CLSID \ (994B5FB4-0103-44A6-B6B3-C73572B362BC) HKCR \ CLSID \ (994B5FB4-0103-44A6-B6B3-C73572B362BC) HKCR \ CLSID \ (994B5FB4-0103-44A6-B6B3-C73572B362BC) \ InprocServer32 HKCR \ CLSID \ (994B5FB4-0103-44A6-B6B3-C73572B362BC) \ InprocServer32 # ThreadingModel HKCR \ CLSID \ (994B5FB4-0103-44A6-B6B3-C73572B362BC) \ PROGID HKCR \ CLSID \ (994B5FB4-0103-44A6-B6B3-C73572B362BC) \ Programabilni HKCR \ CLSID \ (994B5FB4-0103-44A6-B6B3-C73572B362BC) \ TypeLib HKCR \ CLSID \ (994B5FB4-0103-44A6-B6B3-C73572B362BC) \ VersionIndependentProgID HKCR \ adzgalore.optimizer.1 HKCR \ adzgalore.optimizer.1 \ CLSID HKCR \ adzgalore.optimizer HKCR \ adzgalore.optimizer \ CLSID HKCR \ adzgalore.optimizer \ CurVer HKCR \ TypeLib \ (49BCC77A-79EB-4D50-A6DB-04E8202921C4) HKCR \ TypeLib \ (49BCC77A-79EB-4D50-A6DB-04E8202921C4) \ 1,0 HKCR \ TypeLib \ (49BCC77A-79EB-4D50-A6DB-04E8202921C4) \ 1.0 \ 0 HKCR \ TypeLib \ (49BCC77A-79EB-4D50-A6DB-04E8202921C4) \ 1.0 \ 0 \ Win32 HKCR \ TypeLib \ (49BCC77A-79EB-4D50-A6DB-04E8202921C4) \ 1.0 \ ZASTAVE HKCR \ TypeLib \ (49BCC77A-79EB-4D50-A6DB-04E8202921C4) \ 1.0 \ HELPDIR HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (994B5FB4-0103-44A6-B6B3-C73572B362BC) HKU \ S-1-5-21-2034642920-3615235737-3946141644-1008 \ Software \ Microsoft \ Windows \ CurrentVersion \ Ext \ Stats \ (994B5FB4-0103-44A6-B6B3-C73572B362BC) HKU \ S-1-5-21-2034642920-3615235737-3946141644-1008 \ Software \ Microsoft \ Windows \ CurrentVersion \ Ext \ Stats \ (BCA95E31-1FBF-4F84-8F23-1BA653007A1E) HKCR \ Interface \ (BD219B90-626B-40F4-BFDD-420240DFCA2C) HKCR \ Interface \ (BD219B90-626B-40F4-BFDD-420240DFCA2C) \ ProxyStubClsid HKCR \ Interface \ (BD219B90-626B-40F4-BFDD-420240DFCA2C) \ ProxyStubClsid32 HKCR \ Interface \ (BD219B90-626B-40F4-BFDD-420240DFCA2C) \ TypeLib HKCR \ Interface \ (BD219B90-626B-40F4-BFDD-420240DFCA2C) \ TypeLib # Version Adware.MyWebSearch HKU \ S-1-5-21-2034642920-3615235737-3946141644-1008 \ Software \ Microsoft \ Windows \ CurrentVersion \ Ext \ Stats \ (00A6FAF1-072E-44CF-8957-5838F569A31D) HKU \ S-1-5-21-2034642920-3615235737-3946141644-1008 \ Software \ Microsoft \ Windows \ CurrentVersion \ Ext \ Stats \ (07B18EA9-A523-4961-B6BB-170DE4475CCA) Adware.MyWebSearch / FunWebProducts HKU \ S-1-5-21-2034642920-3615235737-3946141644-1008 \ SOFTWARE \ FunWebProducts HKCR \ CLSID \ (9AFB8248-617F-460d-9366-D71CDEDA3179) HKCR \ CLSID \ (9AFB8248-617F-460d-9366-D71CDEDA3179) \ TreatAs HKCR \ TypeLib \ (D518921A-4A03-425E-9873-B9A71756821E) HKCR \ TypeLib \ (D518921A-4A03-425E-9873-B9A71756821E) \ 1,0 HKCR \ TypeLib \ (D518921A-4A03-425E-9873-B9A71756821E) \ 1.0 \ 0 HKCR \ TypeLib \ (D518921A-4A03-425E-9873-B9A71756821E) \ 1.0 \ 0 \ Win32 HKCR \ TypeLib \ (D518921A-4A03-425E-9873-B9A71756821E) \ 1.0 \ ZASTAVE HKCR \ TypeLib \ (D518921A-4A03-425E-9873-B9A71756821E) \ 1.0 \ HELPDIR HKCR \ Interface \ (CF54BE1C-9359-4395-8533-1657CF209CFE) HKCR \ Interface \ (CF54BE1C-9359-4395-8533-1657CF209CFE) \ ProxyStubClsid HKCR \ Interface \ (CF54BE1C-9359-4395-8533-1657CF209CFE) \ ProxyStubClsid32 HKCR \ Interface \ (CF54BE1C-9359-4395-8533-1657CF209CFE) \ TypeLib HKCR \ Interface \ (CF54BE1C-9359-4395-8533-1657CF209CFE) \ TypeLib # Version HKLM \ SYSTEM \ CurrentControlSet \ Enum \ root \ LEGACY_MYW EBSEARCHSERVICE HKLM \ SYSTEM \ CurrentControlSet \ Enum \ root \ LEGACY_MYW EBSEARCHSERVICE # NextInstance HKLM \ SYSTEM \ CurrentControlSet \ Enum \ root \ LEGACY_MYW EBSEARCHSERVICE \ 0000 HKLM \ SYSTEM \ CurrentControlSet \ Enum \ root \ LEGACY_MYW EBSEARCHSERVICE \ # 0000 Service HKLM \ SYSTEM \ CurrentControlSet \ Enum \ root \ LEGACY_MYW EBSEARCHSERVICE \ # 0000 Legacy HKLM \ SYSTEM \ CurrentControlSet \ Enum \ root \ LEGACY_MYW EBSEARCHSERVICE \ 0000 # ConfigFlags HKLM \ SYSTEM \ CurrentControlSet \ Enum \ root \ LEGACY_MYW EBSEARCHSERVICE \ Class 0000 # HKLM \ SYSTEM \ CurrentControlSet \ Enum \ root \ LEGACY_MYW EBSEARCHSERVICE \ 0000 # ClassGUID HKLM \ SYSTEM \ CurrentControlSet \ Enum \ root \ LEGACY_MYW EBSEARCHSERVICE \ 0000 # DeviceDesc HKLM \ SYSTEM \ CurrentControlSet \ Services \ Service MyWebSearch HKLM \ SYSTEM \ CurrentControlSet \ Services \ # MyWebSearch Service Type HKLM \ SYSTEM \ CurrentControlSet \ Services \ Service MyWebSearch # Započni HKLM \ SYSTEM \ CurrentControlSet \ Services \ Service MyWebSearch # ErrorControl HKLM \ SYSTEM \ CurrentControlSet \ Services \ Service MyWebSearch # ImagePath HKLM \ SYSTEM \ CurrentControlSet \ Services \ Service MyWebSearch # DisplayName HKLM \ SYSTEM \ CurrentControlSet \ Services \ Service MyWebSearch # ObjectName HKLM \ SYSTEM \ CurrentControlSet \ Services \ MyWebSearch Service \ Security HKLM \ SYSTEM \ CurrentControlSet \ Services \ MyWebSearch Service \ Sigurnost Sigurnost # HKLM \ SYSTEM \ CurrentControlSet \ Services \ MyWebSearch Service \ Enum HKLM \ SYSTEM \ CurrentControlSet \ Services \ MyWebSearch Service \ Enum # 0 HKLM \ SYSTEM \ CurrentControlSet \ Services \ MyWebSearch Service \ Enum Tačka # HKLM \ SYSTEM \ CurrentControlSet \ Services \ MyWebSearch Service \ Enum # NextInstance HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run # MyWebSearch Plugin [rundll32 C: \ programa ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ M3PLUGIN.DLL, UPF] Trojan.Unclassified / MSFox HKLM \ SOFTWARE \ Mozilla \ MSFox HKLM \ SOFTWARE \ Mozilla \ MSFox # Str4 HKLM \ SOFTWARE \ Mozilla \ MSFox # Str5 HKLM \ SOFTWARE \ Mozilla \ MSFox # Str9 HKLM \ SOFTWARE \ Mozilla \ MSFox # Str6 HKLM \ SOFTWARE \ Mozilla \ MSFox # Str7 HKLM \ SOFTWARE \ Mozilla \ MSFox # Str8 HKLM \ SOFTWARE \ Mozilla \ MSFox # Str1 HKLM \ SOFTWARE \ Mozilla \ MSFox # Str0 HKLM \ SOFTWARE \ Mozilla \ MSFox # Int2 HKLM \ SOFTWARE \ Mozilla \ MSFox # Int3 i ovdje je Malwarebyte's Anti-Maware log: Malwarebytes' Anti-zaštita od zlonamjernih programa 1,30 Database Version: 1417 5/1/2600 Windows Service Pack 2 23/11/2008 3:41:52 PM mbam-log-2008-11-23 (15-41-52). txt Scan type: Quick Scan Objekti skenirane: 55759 Vrijeme proteklo: 7 minute (s), 57 Drugi (a / e) Memory Processes zaraženih: 0 Memorijske module zaraženih: 3 Ključevi registra zaraženih: 43 Registry Values zaraženih: 3 Registry Data Items zaraženih: 0 Mape zaraženih: 0 Zaraženih datoteka: 5 Memory Processes zaraženih: (Nema stavki otkrivenih zlonamjernih) Memorijske module zaraženih: C: \ Program Files \ AskSBar \ bar \ 1.bin \ ASKSBAR.DLL (Adware.AskSBAR) -> Delete na ponovno podizanje sustava. C: \ Program Files \ Mozilla Firefox \ plugins \ NPAskSBr.dll (Trojan.Agent) -> Delete na ponovno podizanje sustava. C: \ Program Files \ AskSBar \ bar \ 1.bin \ A2PLUGIN.DLL (Adware.MyWebSearch) -> Delete na ponovno podizanje sustava. Ključevi registra zaraženih: HKEY_CLASSES_ROOT \ TypeLib \ (f0d4b230-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (f0d4b23a-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (f0d4b23c-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (b15fd82e-85bc-430d-90cb-65db1b030510) (Adware.AskSBAR) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (f0d4b231-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (f0d4b231-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (f0d4b231-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (f0d4b239-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (f0d4b239-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (f0d4b23b-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (f0d4b23b-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ xml.xml (Trojan.FakeAlert) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ xml.xml.1 (Trojan.FakeAlert) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (1601d447-7424-4866-8dcc-acf98a2a41e1) (Adware.BHO) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (1e404d48-670a-4085-a6a0-d195793ddd33) (Adware.BHO) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (9f593aac-ca4c-4a41-a7ff-a00812192d61) (Adware.BHO) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Interface \ (ceb9c60d-f0ad-4b73-a3ab-4fc822e38d66) (Adware.BHO) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ CLSID \ (1e404d48-670a-4085-a6a0-d195793ddd33) (Adware.BHO) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Typelib \ (749ec66f-a838-4b38-b8e5-e65d905fff74) (Adware.BHO) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Typelib \ (c3c0ec2c-2c1c-495c-9ad0-1f0ef833d7b5) (Adware.BHO) -> karanteni i uspješno izbrisan. HKEY_CLASSES_ROOT \ Typelib \ (9233c3c0-1472-4091-a505-5580a23bb4ac) (Trojan.FakeAlert) -> karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (055fd26d-3a88-4e15-963d-dc8493744b1d) (Adware.BHO) -> karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (9506910a-4ea1-0f94-b567-7070428b8b2b) (Adware.BHO) -> karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (07b18eab-a523-4961-b6bb-170de4475cca) (Adware.MyWebSearch) -> karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (25560540-9571-4d7b-9389-0f166788785a) (Adware.MyWebSearch) -> karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (3dc201fb-e9c9-499c-a11f-23c360d7c3f8) (Adware.MyWebSearch) -> karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (63d0ed2c-b45b-4458-8b3b-60c69bbbd83c) (Adware.MyWebSearch) -> karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (9ff05104-b030-46fc-94b8-81276e4e27df) (Adware.MyWebSearch) -> karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (1d4db7d2-6ec9-47a3-bd87-1e41684e07bb) (Adware.MyWebSearch) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (25560540-9571-4d7b-9389-0f166788785a) (Adware.MyWebSearch) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (3dc201fb-e9c9-499c-a11f-23c360d7c3f8) (Adware.MyWebSearch) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (63d0ed2c-b45b-4458-8b3b-60c69bbbd83c) (Adware.MyWebSearch) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (98d9753d-d73b-42d5-8c85-4469cda897ab) (Adware.MyWebSearch) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (9ff05104-b030-46fc-94b8-81276e4e27df) (Adware.MyWebSearch) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Niska prava \ ElevationPolicy \ (59c7fc09-1c83-4648-b3e6-003d2bbc7481) (Adware.MyWebSearch) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Niska prava \ ElevationPolicy \ (68af847f-6e91-45dd-9b68-d6a12c30e5d7) (Adware.MyWebSearch) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Niska prava \ ElevationPolicy \ (9170b96c-28d4-4626-8358-27e6caeef907) (Adware.MyWebSearch) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Niska prava \ ElevationPolicy \ (d1a71fa0-ff48-48dd-9b6d-7a13a3e42127) (Adware.MyWebSearch) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Niska prava \ ElevationPolicy \ (ddb1968e-ead6-40fd-8dae-ff14757f60c7) (Adware.MyWebSearch) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Niska prava \ ElevationPolicy \ (f138d901-86f0-4383-99b6-9cdd406036da) (Adware.MyWebSearch) -> karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ adzgalore (Adware.Agent) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Niska prava \ RunDll32Policy \ f3ScrCtr.dll (Adware.MyWay) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Multimedia \ W mplayer \ Sheme \ f3pss (Adware.MyWebSearch) -> karanteni i uspješno izbrisan. Registry Values zaraženih: HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Toolbar \ (f0d4b239-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karanteni i uspješno izbrisan. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Internet Explorer \ Toolbar \ WebBrowser \ (f0d4b239-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karanteni i uspješno izbrisan. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ MyWebSearch Email Plugin (Adware.MyWebSearch) -> karanteni i uspješno izbrisan. Registry Data Items zaraženih: (Nema stavki otkrivenih zlonamjernih) Mape zaraženih: (Nema stavki otkrivenih zlonamjernih) Zaražene datoteke: C: \ Program Files \ AskSBar \ bar \ 1.bin \ ASKSBAR.DLL (Adware.AskSBAR) -> Delete na ponovno podizanje sustava. C: \ Program Files \ Mozilla Firefox \ plugins \ NPAskSBr.dll (Trojan.Agent) -> Delete na ponovno podizanje sustava. C: \ Program Files \ AskSBar \ bar \ 1.bin \ A2PLUGIN.DLL (Adware.MyWebSearch) -> Delete na ponovno podizanje sustava. C: \ WINDOWS \ system32 \ WhoisCL.exe (Adware.BHO) -> karanteni i uspješno izbrisan. C: \ WINDOWS \ system32 \ mysidesearch_sidebar_uninstall. Exe (Adware.BHO) -> karanteni i uspješno izbrisan. puno problema, vidim ... hvala za bilo kakvu pomoć |
|
#4
23. studenog 2008, 20:09
| |||
| |||
| Im 'ne siguran ako želite zadržati ili ne. Ako je nešto ne koristite bih ga deinstalirati. Ne morate imati ga zauzimaju prostor ako se ne koristi. AmpliTube LE 1,1 -- http://www.sonomawireworks.com/guide...LE_for_Windows Deinstalacija: Ask Toolbar <- To je adware, trebali su uklonjene, ali do skeneri provjeriti kako bi bili sigurni. IncrediMail Xe <- Uključuje adware, deinstalirati ako ne koristite Incredimail. ---------- Slijedite upute ažirirajući Java i tada poslati HijackThis log da bismo mogli nastaviti dalje.
__________________  |
|
#5
23. studenog 2008, 21:19
| |||
| |||
| OK, dobili osloboditi od AmpliTube, ali je imao problema s druge dvije. Kad sam pritisnite 'Promijeni / ukloni' za 'Ask Toolbar', poruka pod nazivom "RUNDLL kaže: "Error loading C: \ programa ~ 1 \ AskSBar \ bar \ 1.bin \ AskSBar.dll Navedeni modul nije mogao biti pronađen. " A kada pritisnete "Promijeni / ukloni 'za' IncrediMail Xe 'poruku zove" Wise Deinstaliraj' kaže: "Ne mogu otvoriti datoteku INSTALL.LOG." Ovdje je Hijack Ova prijava: Logfile of Trend Micro HijackThis v2.0.2 Scan spremljena u 3:02:36, na 24/11/2008 Platforma: Windows XP SP2 (Winnt 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Pokretanje procesa: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ Winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ Svchost.exe C: \ Program Files \ Windows Defender \ MsMpEng.exe C: \ WINDOWS \ System32 \ Svchost.exe C: \ WINDOWS \ explorer.exe C: \ WINDOWS \ system32 \ spoolsv.exe C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ instaliranjem ~ 1 \ UPDATE ~ 1 \ issch.exe C: \ WINDOWS \ system32 \ RUNDLL32.EXE C: \ Program Files \ Andrea Elektronika \ AudioCommander \ AudioCommander.exe C: \ HP \ KBD \ KBD.EXE C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe C: \ Program Files \ Hp \ HP Software Update \ HPWuSchd2.exe C: \ Program Files \ Trend Micro \ Internet Security \ UfSeAgnt.exe C: \ Program Files \ Windows Defender \ MSASCui.exe C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe C: \ programa ~ 1 \ internirati ~ 2 \ mum.exe C: \ WINDOWS \ system32 \ Ctfmon.exe C: \ Program Files \ Windows Live \ Messenger \ MsnMsgr.Exe C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe C: \ Program Files \ Yahoo! \ Messenger \ YahooMessenger.exe C: \ Program Files \ Bonjour \ mDNSResponder.exe C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE C: \ WINDOWS \ system32 \ nvsvc32.exe C: \ Program Files \ Trend Micro \ Internet Security \ SfCtlCom.exe C: \ WINDOWS \ system32 \ Svchost.exe C: \ Program Files \ Trend Micro \ BM \ TMBMSRV.exe C: \ Program Files \ Canon \ CAL \ CALMAIN.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ programa ~ 1 \ TRENDM ~ 1 \ internirati ~ 3 \ TmPfw.exe C: \ Program Files \ Trend Micro \ Internet Security \ TmProxy.exe C: \ Program Files \ Trend Micro \ TrendSecure \ TSCFCommander.exe C: \ Program Files \ Trend Micro \ TrendSecure \ TSCFPlatformCOMSvr.exe C: \ WINDOWS \ system32 \ wuauclt.exe C: \ WINDOWS \ ALCXMNTR.EXE c: \ windows \ system \ hpsysdrv.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Program Files \ Mozilla Firefox \ firefox.exe C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr? Type = 3 & TP = iehome & locale = EN_AU & c = & Q106 BD presario = & f = p desktop R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr? Type = 3 & TP = iesearch & locale = EN_AU & c = & Q106 BD = & presario pf = desktop R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr? Type = 3 & TP = iesearch & locale = EN_AU & c = & Q106 BD = & presario pf = desktop R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Postavke, ProxyOverride = *. lokalne R3 - URLSearchHook: (no name) - (D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A) - (no file) R3 - URLSearchHook: (no name) - (0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2) -- C: \ Program Files \ AskSBar \ SrchAstt \ 1.bin \ A2SRCHAS.DLL R3 - URLSearchHook: (no name) - (855F3B16-6D32-4fe6-8A56-BBB695989046) - (no file) R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) -- C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn \ yt.dll O2 - BHO: Yahoo! Toolbar Helper - (02478D38-C3F9-4efb-9B51-7695ECA05670) -- C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn \ yt.dll O2 - BHO: Ask Search Assistant BHO - (0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2) -- C: \ Program Files \ AskSBar \ SrchAstt \ 1.bin \ A2SRCHAS.DLL O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D - 784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll (file missing) O2 - BHO: StumbleUpon Launcher - (145B29F4-A56B-4b90-BBAC-45784EBEBBB7) -- C: \ Program Files \ StumbleUpon \ StumbleUponIEBar.dll O2 - BHO: RealPlayer Download i Record Plugin za Internet Explorer -- (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll O2 - BHO: Java (tm) Plug-in SSV Helper - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre6 \ bin \ ssv.dll O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file) O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) -- c: \ program files \ google \ googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 4.1.805.4472 \ sw g.dll O2 - BHO: TSToolbarBHO - (C1656CCA-D2EA-4A32-94AE-AE0B180E6449) - C: \ Program Files \ Trend Micro \ TrendSecure \ TransactionProtector \ TSToolbar.d ll O2 - BHO: Java (tm) Plug-in 2 SSV Helper - (DBC80044-A445-435b-BC74 - 9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) -- C: \ Program Files \ Java \ jre6 \ lib \ rasporediti \ jqs \ ie \ jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - (E99421FB-68DD-40F0-B4AC-B7027CAE2F1A) -- C: \ Program Files \ EPSON \ EPSON Web-To-Page \ EPSON Web-To-Page.dll O2 - BHO: XBTP02634 Class - (F97DA966-F09D-4cab-BF29-75A0026986EA) -- C: \ programa ~ 1 \ BEARSH ~ 2 \ BEARSH ~ 2 \ MediaBar.dll (file missing) O3 - Toolbar: (no name) - (D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A) - (no file) O3 - Toolbar: EPSON Web-To-Page - (EE5D279F-081B-4404-994D-C6B60AAEBA6D) -- C: \ Program Files \ EPSON \ EPSON Web-To-Page \ EPSON Web-To-Page.dll O3 - Toolbar: StumbleUpon Toolbar - (5093EB4C-3E93-40AB-9266-B607BA87BDC8) -- C: \ Program Files \ StumbleUpon \ StumbleUponIEBar.dll O3 - Toolbar: Transaction protektor - (E7620C98-FCCC-40E5-92EC-C7685D2E1E40) -- C: \ Program Files \ Trend Micro \ TrendSecure \ TransactionProtector \ TSToolbar.d ll O3 - Toolbar: (no name) - (855F3B16-6D32-4fe6-8A56-BBB695989046) - (no file) O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - C: \ Program files \ google \ googletoolbar2.dll O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) -- C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn \ yt.dll O4 - HKLM \ .. \ Run: [IMJPMIG8.1] "C: \ WINDOWS \ IME \ imjp8_1 \ IMJPMIG.EXE" / ukvariti / RemAdvDef / Migration32 O4 - HKLM \ .. \ Run: [MSPY2002] C: \ Windows \ System32 \ IME \ PINTLGNT \ ImScInst.exe / Sync O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / Sync O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ Windows \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName O4 - HKLM \ .. \ Run: [HPBootOp] "C: \ Program Files \ Hewlett-Packard \ HP Boot Optimizator \ HPBootOp.exe "/ trčanje O4 - HKLM \ .. \ Run: [ISUSPM Startup] C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ instaliranjem ~ 1 \ UPDATE ~ 1 \ ISUSPM.exe-početni O4 - HKLM \ .. \ Run: [ISUSScheduler] "C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ instaliranjem ~ 1 \ UPDATE ~ 1 \ issch.exe "start O4 - HKLM \ .. \ Run: [SSBkgdUpdate] C: \ Program Files \ Common Files \ ScanSoft Shared \ SSBkgdUpdate \ SSBkgdupdate.exe-ugradnja-boot O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit O4 - HKLM \ .. \ Run: [AudioCommander] C: \ Program Files \ Andrea Elektronika \ AudioCommander \ AudioCommander.exe / poslužavnik O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KBD.EXE O4 - HKLM \ .. \ Run: [BearFlix] "C: \ Program Files \ BEARFLIX \ BEARFLIX.EXE" / stanka O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe " O4 - HKLM \ .. \ Run: [googletalk] C: \ Program Files \ Google \ Google Talk \ googletalk.exe / autostart O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ Hp \ HP Software Update \ HPWuSchd2.exe O4 - HKLM \ .. \ Run: [UfSeAgnt.exe] "C: \ Program Files \ Trend Micro \ Internet Security \ UfSeAgnt.exe " O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe "-hide O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe "-osboot O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe" -- atboottime O4 - HKLM \ .. \ Run: [AppleSyncNotifier] C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleSyncNotifier.exe O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8,0 \ Reader \ Reader_sl.exe " O4 - HKCU \ .. \ Run: [μTorrent] "C: \ Program Files \ UTORRENT \ UTORRENT.EXE" O4 - HKCU \ .. \ Run: [InternodeUsage] C: \ programa ~ 1 \ internirati ~ 2 \ mum.exe O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Program Files \ Windows Live \ Messenger \ MsnMsgr.Exe "/ background O4 - HKCU \ .. \ Run: [SpybotSD TeaTimer] C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe O4 - HKCU \ .. \ Run: [Messenger (Yahoo!)] "C: \ Program Files \ Yahoo! \ Messenger \ YahooMessenger.exe "-quiet O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (Korisnik 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (Korisnik 'NETWORK SERVICE') O8 - Extra kontekst meni stavka: & Search -? P = ZKxdm021YYAU O8 - Extra kontekst meni stavka: Add to Google Photos Screensa & ver -- res: / / C: \ WINDOWS \ system32 \ GPhotos.scr/200 O8 - Extra kontekst meni stavka: E & zvezi u Microsoft Excel - res: / / C: \ programa ~ 1 \ MICROS ~ 4 \ OFFICE11 \ EXCEL.EXE/3000 O8 - Extra kontekst meni stavka: fotoblog StumbleUpon It! -- res: / / StumbleUponIEBar.dll / blogimage O9 - Extra button: StumbleUpon - (75C9223A-409A-4795-A3CA-08DE6B075B4B) -- C: \ Program Files \ StumbleUpon \ StumbleUponIEBar.dll O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) -- C: \ programa ~ 1 \ MICROS ~ 4 \ OFFICE11 \ REFIEBAR.DLL O9 - Extra button: (no name) - (B205A35E-1FC4-4CE3-818B-899DBBB3388C) -- C: \ Program Files \ Common Files \ Microsoft Shared \ Encarta Search Bar \ ENCSBAR.DLL O9 - Extra button: Connection Pomoć - (E2D4D26B-0180-43a4-B05F-462D6D54C789) -- C: \ WINDOWS \ PCHEALTH \ HELPCTR \ Prodavateljima \ Hewlett-CN = Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support.htm O9 - Extra 'Tools' MENUITEM: Connection Pomoć - (E2D4D26B-0180-43a4-B05F - 462D6D54C789) - C: \ WINDOWS \ PCHEALTH \ HELPCTR \ Prodavateljima \ Hewlett-CN = Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support.htm O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) -- C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7 - f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) -- C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E - 00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O15 - Trusted Zone: *. stumbleupon.com O16 - DPF: (215B8138-A3CF-44C5-803F-8226143CFC0A) (Trend Micro ActiveX Scan Agent 6.6) -- http://housecall65.trendmicro.com/ho...86/win32/activ ex / hcImpl.cab O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (Installation Support) -- C: \ Program Files \ Yahoo! \ Common \ Yinsthelper.dll O16 - DPF: (F6676623-8BBD-479C-A51B-05868728708C) (DigitalDM) -- http://www.digitaldm.com/Plug-in/myebk/c/DIGITALDM2.cab O20 - Winlogon Obavijesti:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc -- C: \ Program Files \ Canon \ CAL \ CALMAIN.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd -- C: \ Program Files \ Common Files \ Macrovision Shared \ FLEXnet Izdavač \ FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1050 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: Quick Početničko Java (JavaQuickStarterService) - nedjelja Microsystems, Inc - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe O23 - Service: LightScribeService Direct Disc Označavanje Service (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -- C: \ WINDOWS \ system32 \ nvsvc32.exe O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc - C: \ Program Files \ Trend Micro \ Internet Security \ SfCtlCom.exe O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc - C: \ Program Files \ Trend Micro \ BM \ TMBMSRV.exe O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc -- C: \ programa ~ 1 \ TRENDM ~ 1 \ internirati ~ 3 \ TmPfw.exe O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc -- C: \ Program Files \ Trend Micro \ Internet Security \ TmProxy.exe -- End of file - 13563 bytes |
|
#6
23. studenog 2008, 22:43
| |||
| |||
| U redu mi ćemo se baviti dva programa koje nije mogao deinstalirati ali prvo mi treba da vrtite novu HijackThis skeniranja. Samo ovaj put kada zapisnik dolazi gore, prije nego što ga kopirate, u vrhu Notepad kliknite Oblik, a zatim kliknite riječ Prelomi. A zatim je kopirajte i zalijepite rezultate.
__________________ |
|
#7
23. studenog 2008, 22:52
| |||
| |||
| Hope to je pravo: Logfile of Trend Micro HijackThis v2.0.2 Scan spremljena u 4:51:04, na 24/11/2008 Platforma: Windows XP SP2 (Winnt 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Pokretanje procesa: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ Winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ Svchost.exe C: \ Program Files \ Windows Defender \ MsMpEng.exe C: \ WINDOWS \ System32 \ Svchost.exe C: \ WINDOWS \ explorer.exe C: \ WINDOWS \ system32 \ spoolsv.exe C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ instaliranjem ~ 1 \ UPDATE ~ 1 \ issch.exe C: \ WINDOWS \ system32 \ RUNDLL32.EXE C: \ Program Files \ Andrea Elektronika \ AudioCommander \ AudioCommander.exe C: \ HP \ KBD \ KBD.EXE C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe C: \ Program Files \ Hp \ HP Software Update \ HPWuSchd2.exe C: \ Program Files \ Trend Micro \ Internet Security \ UfSeAgnt.exe C: \ Program Files \ Windows Defender \ MSASCui.exe C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe C: \ programa ~ 1 \ internirati ~ 2 \ mum.exe C: \ WINDOWS \ system32 \ Ctfmon.exe C: \ Program Files \ Windows Live \ Messenger \ MsnMsgr.Exe C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe C: \ Program Files \ Yahoo! \ Messenger \ YahooMessenger.exe C: \ Program Files \ Bonjour \ mDNSResponder.exe C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE C: \ WINDOWS \ system32 \ nvsvc32.exe C: \ Program Files \ Trend Micro \ Internet Security \ SfCtlCom.exe C: \ WINDOWS \ system32 \ Svchost.exe C: \ Program Files \ Trend Micro \ BM \ TMBMSRV.exe C: \ Program Files \ Canon \ CAL \ CALMAIN.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ programa ~ 1 \ TRENDM ~ 1 \ internirati ~ 3 \ TmPfw.exe C: \ Program Files \ Trend Micro \ Internet Security \ TmProxy.exe C: \ Program Files \ Trend Micro \ TrendSecure \ TSCFCommander.exe C: \ Program Files \ Trend Micro \ TrendSecure \ TSCFPlatformCOMSvr.exe C: \ WINDOWS \ system32 \ wuauclt.exe C: \ WINDOWS \ ALCXMNTR.EXE c: \ windows \ system \ hpsysdrv.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ programa ~ 1 \ INCRED ~ 1 \ UNWISE.EXE C: \ Program Files \ Real \ RealPlayer \ RealPlay.exe C: \ Program Files \ Mozilla Firefox \ firefox.exe C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Postavke, ProxyOverride = *. lokalne R3 - URLSearchHook: (no name) - (D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A) - (no file) R3 - URLSearchHook: (no name) - (0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2) - C: \ Program Files \ AskSBar \ SrchAstt \ 1.bin \ A2SRCHAS.DLL R3 - URLSearchHook: (no name) - (855F3B16-6D32-4fe6-8A56-BBB695989046) - (no file) R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn \ yt.dll O2 - BHO: Yahoo! Toolbar Helper - (02478D38-C3F9-4efb-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn \ yt.dll O2 - BHO: Ask Search Assistant BHO - (0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2) - C: \ Program Files \ AskSBar \ SrchAstt \ 1.bin \ A2SRCHAS.DLL O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll (file missing) O2 - BHO: StumbleUpon Launcher - (145B29F4-A56B-4b90-BBAC-45784EBEBBB7) - C: \ Program Files \ StumbleUpon \ StumbleUponIEBar.dll O2 - BHO: RealPlayer Download i Record Plugin za Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll O2 - BHO: Java (tm) Plug-in SSV Helper - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre6 \ bin \ ssv.dll O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file) O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ program files \ google \ googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 4.1.805.4472 \ sw g.dll O2 - BHO: TSToolbarBHO - (C1656CCA-D2EA-4A32-94AE-AE0B180E6449) - C: \ Program Files \ Trend Micro \ TrendSecure \ TransactionProtector \ TSToolbar.d ll O2 - BHO: Java (tm) Plug-in 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ rasporediti \ jqs \ ie \ jqs_plugin.dll O2 - BHO: EpsonToolBandKicker Class - (E99421FB-68DD-40F0-B4AC-B7027CAE2F1A) - C: \ Program Files \ EPSON \ EPSON Web-To-Page \ EPSON Web-To-Page.dll O2 - BHO: XBTP02634 Class - (F97DA966-F09D-4cab-BF29-75A0026986EA) - C: \ programa ~ 1 \ BEARSH ~ 2 \ BEARSH ~ 2 \ MediaBar.dll (file missing) O3 - Toolbar: (no name) - (D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A) - (no file) O3 - Toolbar: EPSON Web-To-Page - (EE5D279F-081B-4404-994D-C6B60AAEBA6D) - C: \ Program Files \ EPSON \ EPSON Web-To-Page \ EPSON Web-To-Page.dll O3 - Toolbar: StumbleUpon Toolbar - (5093EB4C-3E93-40AB-9266-B607BA87BDC8) - C: \ Program Files \ StumbleUpon \ StumbleUponIEBar.dll O3 - Toolbar: Transaction protektor - (E7620C98-FCCC-40E5-92EC-C7685D2E1E40) - C: \ Program Files \ Trend Micro \ TrendSecure \ TransactionProtector \ TSToolbar.d ll O3 - Toolbar: (no name) - (855F3B16-6D32-4fe6-8A56-BBB695989046) - (no file) O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - c: \ program files \ google \ googletoolbar2.dll O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn \ yt.dll O4 - HKLM \ .. \ Run: [IMJPMIG8.1] "C: \ WINDOWS \ IME \ imjp8_1 \ IMJPMIG.EXE" / ukvariti / RemAdvDef / Migration32 O4 - HKLM \ .. \ Run: [MSPY2002] C: \ Windows \ System32 \ IME \ PINTLGNT \ ImScInst.exe / Sync O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ Windows \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / Sync O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ Windows \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName O4 - HKLM \ .. \ Run: [HPBootOp] "C: \ Program Files \ Hewlett-Packard \ HP Optimizator Boot \ HPBootOp.exe" / trčanje O4 - HKLM \ .. \ Run: [ISUSPM Startup] C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ instaliranjem ~ 1 \ UPDATE ~ 1 \ ISUSPM.exe-početni O4 - HKLM \ .. \ Run: [ISUSScheduler] "C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ instaliranjem ~ 1 \ UPDATE ~ 1 \ issch. Exe"-start O4 - HKLM \ .. \ Run: [SSBkgdUpdate] C: \ Program Files \ Common Files \ ScanSoft Shared \ SSBkgdUpdate \ SSBkgdupdate.exe-ugradnja-boot O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit O4 - HKLM \ .. \ Run: [AudioCommander] C: \ Program Files \ Andrea Elektronika \ AudioCommander \ AudioCommander.exe / poslužavnik O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KBD.EXE O4 - HKLM \ .. \ Run: [BearFlix] "C: \ Program Files \ BEARFLIX \ BEARFLIX.EXE" / stanka O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe" O4 - HKLM \ .. \ Run: [googletalk] C: \ Program Files \ Google \ Google Talk \ googletalk.exe / autostart O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ Hp \ HP Software Update \ HPWuSchd2.exe O4 - HKLM \ .. \ Run: [UfSeAgnt.exe] "C: \ Program Files \ Trend Micro \ Internet Security \ UfSeAgnt.exe" O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Run: [AppleSyncNotifier] C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleSyncNotifier.exe O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8,0 \ Reader \ Reader_sl.exe" O4 - HKCU \ .. \ Run: [μTorrent] "C: \ Program Files \ UTORRENT \ UTORRENT.EXE" O4 - HKCU \ .. \ Run: [InternodeUsage] C: \ programa ~ 1 \ internirati ~ 2 \ mum.exe O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Program Files \ Windows Live \ Messenger \ MsnMsgr.Exe" / background O4 - HKCU \ .. \ Run: [SpybotSD TeaTimer] C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe O4 - HKCU \ .. \ Run: [Messenger (Yahoo!)] "C: \ Program Files \ Yahoo! \ Messenger \ YahooMessenger.exe"-quiet O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'NETWORK SERVICE') O8 - Extra kontekst meni stavka: & Search -? P = ZKxdm021YYAU O8 - Extra kontekst meni stavka: Add to Google Photos Screensa & ver - res: / / C: \ WINDOWS \ system32 \ GPhotos.scr/200 O8 - Extra kontekst meni stavka: E & zvezi u Microsoft Excel - res: / / C: \ programa ~ 1 \ MICROS ~ 4 \ OFFICE11 \ EXCEL.EXE/3000 O8 - Extra kontekst meni stavka: fotoblog StumbleUpon It! - Res: / / StumbleUponIEBar.dll / blogimage O9 - Extra button: StumbleUpon - (75C9223A-409A-4795-A3CA-08DE6B075B4B) - C: \ Program Files \ StumbleUpon \ StumbleUponIEBar.dll O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ programa ~ 1 \ MICROS ~ 4 \ OFFICE11 \ REFIEBAR.DLL O9 - Extra button: (no name) - (B205A35E-1FC4-4CE3-818B-899DBBB3388C) - C: \ Program Files \ Common Files \ Microsoft Shared \ Encarta Search Bar \ ENCSBAR.DLL O9 - Extra button: Connection Pomoć - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHEALTH \ HELPCTR \ Prodavateljima \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support.htm O9 - Extra 'Tools' MENUITEM: Connection Pomoć - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHEALTH \ HELPCTR \ Prodavateljima \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support.htm O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O15 - Trusted Zone: *. stumbleupon.com O16 - DPF: (215B8138-A3CF-44C5-803F-8226143CFC0A) (Trend Micro ActiveX Scan Agent 6.6) -- http://housecall65.trendmicro.com/ho...vex/hcImpl.cab O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (Installation Support) - C: \ Program Files \ Yahoo! \ Common \ Yinsthelper.dll O16 - DPF: (F6676623-8BBD-479C-A51B-05868728708C) (DigitalDM) -- http://www.digitaldm.com/Plug-in/myebk/c/DIGITALDM2.cab O20 - Winlogon Obavijesti:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc - C: \ Program Files \ Canon \ CAL \ CALMAIN.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Program Files \ Common Files \ Macrovision Shared \ FLEXnet Izdavač \ FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1050 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: Quick Početničko Java (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe O23 - Service: LightScribeService Direct Disc Označavanje Service (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc - C: \ Program Files \ Trend Micro \ Internet Security \ SfCtlCom.exe O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc - C: \ Program Files \ Trend Micro \ BM \ TMBMSRV.exe O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc - C: \ programa ~ 1 \ TRENDM ~ 1 \ internirati ~ 3 \ TmPfw.exe O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc - C: \ Program Files \ Trend Micro \ Internet Security \ TmProxy.exe -- End of file - 13643 bytes |
|
#8
23. studenog 2008, 23:23
| |||
| |||
| To je vrsta dugačak popis, ali je samo nekoliko stvari koje treba napraviti i to je zaista potrebno. Vaše računalo će hvala.  Onemogući Spybot-a TeaTimer Dok TeaTimer je odličan alat za sprečavanje spywarea, može interferirati s ispravci HijackThis. Molimo vas onemogućiti TeaTimer za sada dok ne budete čisti. 1. Desnom tipkom miša kliknite Spybot u programskoj traci (izgleda kao s kalendarom katanac simbol). Izabrati Zatvorite Spybot S & D Resident 2. Pokrenuti Spybot S & D 3. Idite na Moda izbornikI uvjerite se Advanced Mode nije odabrano. 4. Na lijevoj strani, odaberite Alati > Resident isključite Resident TeaTimer i U redu bilo koji redak i Restart vašem računalu. Napomena: Ako TeaTimer vam daje upozorenje nakon što su neke promjene, omogućuju blokiranje ovog umjesto njega. Ako TeaTimer neće isključiti zatim uninstall Spybot dok smo učinili čišćenje. Ostavite TeaTimer off dok smo u potpunosti obaviti čišćenje. ---------- Disable Windows Defender Mi moramo onemogućiti Vaš Windows Defender Zaštita u stvarnom vremenu kao što svibanj interferirati s ispravci da je potrebno napraviti.
---------- Deinstaliraj spyware Molimo deinstalirali ovaj dok smo čišćenje. Ako se odlučite da ga natrag kada smo učinili da je do vas, ali ona će samo uzrokovati probleme za sada. Molimo otiđite na Dodaj / Ukloni programe i deinstalirati: (ako postoji)
Većina je to adware / spyware ali neki su samo nepotrebni startups. Programi će se ostvaruje ne samo da ćete trebati početi ih ručno kad želite ih koristiti. Vaše računalo će se izvoditi bolje bez njih izvodi sve vrijeme također. Otvori HijackThis i odaberite Da li je sustav skenirati samo. Stavite oznaku uz sljedeće stavke: (ako postoji)
Izlaz HijackThis. ---------- Brisanje AskSBar mapu C: \ Program Files \AskSBar ---------- Napomena: se upute u nastavku su izrađene specijalno za ovog korisnika. Ukoliko niste u ovom, NE slijedite ove smjerove, jer bi mogao oštetiti djelovanju vašeg sustava Idi na Start> Run i tip notepad.exe zatim pritisnite U redu Kopirajte i zalijepite niže u Notepad i spremite kao fixme.reg da svoju Desktop Code: REGEDIT4 [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run] "ISUSPM Startup" =- "ISUSScheduler" =- "TkBellExe" =- "QuickTime Task" =- "AppleSyncNotifier" =- "iTunesHelper" =- "Adobe Reader Speed Launcher "=- Pobrinite se da ćete mi reći ako primite poruku o uspjehu dodavši gore u registar. Ako ne dobijete poruku uspjeh, on nije 'funkcionirati. Brisanje fixme.reg iz Desktop. ---------- Preuzimanje Onemogući / Remove Windows Messenger na radnu površinu da uklonite Windows Messenger. Nemojte brkati Windows Messenger s MSN Messenger jer nisu isti. Windows Messenger jedan je od čestih uzroka popups. Otvoriti rajsfešlus datoteku na radnu površinu. Otvori MessengerDisable.exe dno, te odaberite okvir -- Deinstalirajte Windows Messenger i kliknite Primijeniti. Izlaz iz MessengerDisable zatim izbrišite dvije datoteke koje su stavili na radnoj površini. Pokreni CCleaner i ponovo pokrenite računalo. <- Važno korak. ---------- Download ComboFix © by sUBs jedan od linkova ispod. Budite sigurni da ste na vrhu u Desktop. Link # 1 Link # 2 ** Napomena: Važno je da se sprema izravno na svoj Desktop Zatvori otvoriti bilo koju web preglednicima. (Firefox, Internet Explorer, etc) prije početka ComboFix. Privremeno onemogućiti tvoj AntiVirus, A svaka protušpijunskih Zaštita u stvarnom vremenu prije obavlja scan. Kliknite ovaj link da biste vidjeli popis sigurnosne programe, koji bi trebao biti onemogućen i kako onemogućiti ih. Napomena: TrendMicro je ponekad teško isključiti. Ako je to slučaj samo pokrenuti ComboFix ionako sva upozorenja i omogućiti vam daje TrendMicro izvoditi. Dvaput kliknite combofix.exe i slijedite upute. Za instalaciju sustava Windows XP Recovery Console: - Ako koristite sustav Windows XP i već nemate instaliranu konzolu za oporavak, provjerite Vašu internetsku vezu je aktivna (ako je moguće) i kliknite na Da. - Ako za neki razlog Internet nije rad klik Ne. -- Ako ne koristite Windows XP, nećete biti upozoreni. - Kada se od vas zatraži da prihvatite LUKK-klikni U redu. - Prihvatiti Microsoft EULA (Klikni Da). - Kada su rekli da RC je ispravno instaliran kliknite DA da nastavi skeniranje za štetne sadržaje. Kada završite ComboFix će proizvesti prijava za vas. Objaviti ComboFix log i novu HijackThis log u sljedećem odgovoru. Važno: Ne mouseclick ComboFix's prozor dok je pokrenut. Svibanj uzrokovati da ga zatajiti. Ne zaboravite ponovo uključili vaš protuvirusni i protušpijunski ComboFix zaštita kada je završeno. ---------- Također javite mi bilo kakvih problema s vama su primjećujući računalo sada. I vjerojatno neće vratiti na ovo dok neko sutra je kasno uzimajući ovdje. Ne brinite, mi ćemo ga dobijete završio gore i nadamo se da će vaše računalo biti trčanje kao novo! 
__________________ |
