Malwarebytes anti malware problem
Izdana ti je nova verzija 1.45, ako koristiš staru 1.44 pokušaj s novom verzijom možda to pomogne.
Poruka je uređivana zadnji put sri 31.3.2010 8:42 (abt).
Malwarebytes anti malware problem
- poruka: 48
- |
- čitano: 17.686
- |
- moderatori:
pirat, Lazarus Long, XXX-Man, vincimus
RE: Malwarebytes anti malware problem
imam malwarebytes pro s licencom već jedno 6 mjeseci i nikakvih problema nemam s njegovom upotrebom. na stranu to što je razvikan i definitivno precijenjen, ali radi dobro, funkcionalnost mu nije upitna. čak i prelaz s 1.44 na 1.45 obavio je protiv moje volje, ništa nisam radio osim redovito kliknu na provjeri nadogradnju, update-ao se, sam se restartao, licenca je ostala, extra feature sam dobio, real time protection radi...
no stavio sam ga u pričuvu, skenirat ću jednom mjesečno s njim ako se sjetim ima i boljih programa.
karma slijepom daje vid
16 godina
offline
Malwarebytes anti malware problem
Jel vi uopće čitate o čemu je tema ili samo pričate bezveze, off topic, ono nako da nešto kažete?
Poruka je uređivana zadnji put sri 31.3.2010 15:20 (brixy).
RE: Malwarebytes anti malware problem
karakteran kaže...
imam malwarebytes pro s licencom već jedno 6 mjeseci i nikakvih problema nemam s njegovom upotrebom. na stranu to što je razvikan i definitivno precijenjen, ali radi dobro, funkcionalnost mu nije upitna. čak i prelaz s 1.44 na 1.45 obavio je protiv moje volje, ništa nisam radio osim redovito kliknu na provjeri nadogradnju, update-ao se, sam se restartao, licenca je ostala, extra feature sam dobio, real time protection radi...
no stavio sam ga u pričuvu, skenirat ću jednom mjesečno s njim ako se sjetim ima i boljih programa.
Tebi nekako sve precijenjeno i razvikano ( osim SpySweepera ).
Bez zamjerke. A ako ti slučajno smeta što to obavlja protiv tvoje volje onda jednostavno "otkvači" tu opciju u Postavkama nadogradnje.
17 godina
neaktivan
offline
RE: Malwarebytes anti malware problem
brixy kaže...
Stavit ću pod ovu temu
Danas napravim update mbam 1.44 i pokušam ga pokrenuti ali mi javi nekakvu grešku,
deinstaliram ga i odem na službene stranice i vidim da je izašla verzija 1.45, skinem je i pokušam instalirati
i sve se čini u redu ali kad treba pokrenuti i napraviti update javi mi sljedeće:
MBAM ERROR EXPANDING VARIABLES (0,9)
MBAM MISSING FILE (3,0, mbam swissarmy.sys)
Da napomenem da je deinstaliran sa your uninstaller, pročešljano sa ccleanerom i tune up utilities
Guglajući nisam ništa pametno našao za riješenje
Napravit skeniranje sa HijackThis te zatim napravi Copy-Paste Loga na forum da vidimo da li je sve 100% čisto.
''...nisam možda siguran što me uistinu zanima, ali sam posve siguran što me ne zanima.''
17 godina
neaktivan
offline
RE: Malwarebytes anti malware problem
brixy kaže...
Stavit ću pod ovu temu
Danas napravim update mbam 1.44 i pokušam ga pokrenuti ali mi javi nekakvu grešku,
deinstaliram ga i odem na službene stranice i vidim da je izašla verzija 1.45, skinem je i pokušam instalirati
i sve se čini u redu ali kad treba pokrenuti i napraviti update javi mi sljedeće:
MBAM ERROR EXPANDING VARIABLES (0,9)
MBAM MISSING FILE (3,0, mbam swissarmy.sys)
Da napomenem da je deinstaliran sa your uninstaller, pročešljano sa ccleanerom i tune up utilities
Guglajući nisam ništa pametno našao za riješenje
Napravit skeniranje s HijackThis te zatim napravi Copy-Paste Loga na forum da vidimo da li je sve 100% čisto. Također ga možeš još jednom izbrisati i restartati PC. Nakon restarta pokreni mbam-clean.exe te kada te pita za restar dozvoli mu. Kada sve to obaviš, isključi svoj antivirusni program privremeno i instaliraj Malwarebytes ispočetka.
''...nisam možda siguran što me uistinu zanima, ali sam posve siguran što me ne zanima.''
Poruka je uređivana zadnji put čet 1.4.2010 11:08 (Razer_Copperhead).
16 godina
neaktivan
offline
RE: Malwarebytes anti malware problem
Razer_Copperhead kaže...
Napravit skeniranje s HijackThis te zatim napravi Copy-Paste Loga na forum da vidimo da li je sve 100% čisto.
..da, nije loša ideja ali ne znamo ni koji OS ima..
ne bi bilo loše još malo podataka od autora teme,da li ima još kakve probleme osim toga..
16 godina
offline
Malwarebytes anti malware problem
Imam win 7 x32, problema dosada nikakvih, instalirani sredinom 12. mj. - napominjem malwarebytes je bio registriran pomoću keygena(mislim da su to provalili prilikom upgrade-a).
Uredno skenirano sa avirom personal, superantispyware, imam i threatfire - sve čisto.
Deinstalirano svim mogućim čudima, pa i onim mbam-clean.exe koji traži restart i pritom (deinstalacije i instalacije) isključeni avira i threat fire.
Evo skenirano sa hijackThis(nisan ga nikad koristija ali valjda na ovo mislite):
Poruka je uređivana zadnji put čet 1.4.2010 14:00 (brixy).
15 godina
offline
RE: Malwarebytes anti malware problem
brixy kaže...
seneka kaže...
pa upiši malwarebytes..
pretpostavljam da ga trenutno nemaš na kompu,da si sve obrisao šta si mogao..
Hm, evo šta javlja , aneda se ručno izbrisati
tu si instaliraj lock hunter...imas verzije za x86 i x64 bitne sustave http://lockhunter.com/
njega instaliraj i desni klik na pojedini folder i kliknes na What is locking this folder? , nakon toga ce ti otvorit prozor di imas ponudene opcije Unlock it , delete...prvo odaberi unlock it da ga "otkljuca" tj osolobodi onoga radi ceg ga nemres obrisat pa onda delete...javi dal ide tak
16 godina
offline
RE: Malwarebytes anti malware problem
Nocio kaže...
brixy kaže...
seneka kaže...
pa upiši malwarebytes..
pretpostavljam da ga trenutno nemaš na kompu,da si sve obrisao šta si mogao..
Hm, evo šta javlja , aneda se ručno izbrisati
tu si instaliraj lock hunter...imas verzije za x86 i x64 bitne sustave http://lockhunter.com/
njega instaliraj i desni klik na pojedini folder i kliknes na What is locking this folder? , nakon toga ce ti otvorit prozor di imas ponudene opcije Unlock it , delete...prvo odaberi unlock it da ga "otkljuca" tj osolobodi onoga radi ceg ga nemres obrisat pa onda delete...javi dal ide tak
To je u međuvremenu obrisano, svejedno hvala.
17 godina
neaktivan
offline
RE: Malwarebytes anti malware problem
brixy kaže...
Imam win 7 x32, problema dosada nikakvih, instalirani sredinom 12. mj. - napominjem malwarebytes je bio registriran pomoću keygena(mislim da su to provalili prilikom upgrade-a).
Uredno skenirano sa avirom personal, superantispyware, imam i threatfire - sve čisto.
Deinstalirano svim mogućim čudima, pa i onim mbam-clean.exe koji traži restart i pritom (deinstalacije i instalacije) isključeni avira i threat fire.
Evo skenirano sa hijackThis(nisan ga nikad koristija ali valjda na ovo mislite):
Prekopiraj to iz tog text documenta ovdje na forum, a ne sliku.
''...nisam možda siguran što me uistinu zanima, ali sam posve siguran što me ne zanima.''
Poruka je uređivana zadnji put čet 1.4.2010 17:46 (Razer_Copperhead).
16 godina
offline
Malwarebytes anti malware problem
Evo:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:20:16, on 1.4.2010.
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Program Files\ThreatFire\TFService.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Sandboxie\SandboxieRpcSs.exe
C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\ThreatFire\TFUN.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = localhost:100
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Diskeeper - Unknown owner - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe (file missing)
O23 - Service: PDAgent - Unknown owner - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe (file missing)
O23 - Service: PDEngine - Unknown owner - C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 7018 bytes
16 godina
offline
Malwarebytes anti malware problem
Čini mi se da ovaj problem neće biti gotov do reinstalacije winsa!
17 godina
neaktivan
offline
RE: Malwarebytes anti malware problem
brixy kaže...
Evo:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:20:16, on 1.4.2010.
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
...
Trebalo bi popraviti ''O20 - AppInit_DLLs:'' (u HijackThisu stavi kvačicu ispred ovog naziva i zatim pritisni na ''Fix''), ali prije toga napravi backup za svaki slučaj. Također skeniraj PC s ovim programom.
''...nisam možda siguran što me uistinu zanima, ali sam posve siguran što me ne zanima.''
Poruka je uređivana zadnji put pet 2.4.2010 13:25 (Razer_Copperhead).
16 godina
offline
RE: Malwarebytes anti malware problem
Razer_Copperhead kaže...
Trebalo bi popraviti (u HijackThisu stavi kvačicu ispred ovog naziva i zatim pritisni na ''Fix''), ali prije toga napravi backup za svaki slučaj. Također skeniraj PC s ovim programom.
Popravljeno ''O20 - AppInit_DLLs:'', također skeniran pc s hitman pro (javi samo nešto da IE8 koristi proxy za spajanje na net ili tako nešto...) i krenem instalirati malwarebytes i sve po starom.
Dakle isti problem je još uvijek tu!
To sada ovako izgleda(malwarebytes instaliran):
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:53:45, on 2.4.2010.
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\ThreatFire\TFService.exe
C:\Windows\system32\conhost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Sandboxie\SandboxieRpcSs.exe
C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 6364 bytes
Nakon deinstalacije i svih mogućih brisanja i čišćenja ovako:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:12:39, on 2.4.2010.
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\ThreatFire\TFService.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Windows\system32\conhost.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Sandboxie\SandboxieRpcSs.exe
C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 6370 bytes
Poruka je uređivana zadnji put pet 2.4.2010 14:16 (brixy).
RE: Malwarebytes anti malware problem
brixy kaže...
Razer_Copperhead kaže...
Trebalo bi popraviti (u HijackThisu stavi kvačicu ispred ovog naziva i zatim pritisni na ''Fix''), ali prije toga napravi backup za svaki slučaj. Također skeniraj PC s ovim programom.
Popravljeno ''O20 - AppInit_DLLs:'', također skeniran pc s hitman pro (javi samo nešto da IE8 koristi proxy za spajanje na net ili tako nešto...) i krenem instalirati malwarebytes i sve po starom.
Dakle isti problem je još uvijek tu!
Možda ovo boldirano i podcrtano ima kakve veze s problemom. Stvarno ne znam. Ne razumijem se u to. Naletio na ovaj post na forumu malwarebytesa. Link Post#10. Step01,02 i 03.
16 godina
offline
RE: Malwarebytes anti malware problem
BlackFoot kaže...
brixy kaže...
Razer_Copperhead kaže...
Trebalo bi popraviti (u HijackThisu stavi kvačicu ispred ovog naziva i zatim pritisni na ''Fix''), ali prije toga napravi backup za svaki slučaj. Također skeniraj PC s ovim programom.
Popravljeno ''O20 - AppInit_DLLs:'', također skeniran pc s hitman pro (javi samo nešto da IE8 koristi proxy za spajanje na net ili tako nešto...) i krenem instalirati malwarebytes i sve po starom.
Dakle isti problem je još uvijek tu!
Možda ovo boldirano i podcrtano ima kakve veze s problemom. Stvarno ne znam. Ne razumijem se u to. Naletio na ovaj post na forumu malwarebytesa. Link Post#10. Step01,02 i 03.
Problem riješen!
@BlackFoot, fala stari jer si me ohrabrija na ovaj potez
http://forums.malwarebytes.org/index.php?showtopic=45064&pid=225843&st=0&#entry225843
Dakle Post #10. step 01 i 02 su bili dovoljni (mada su postavke IE8 već bile kako stoji u postu)
17 godina
offline
RE: Malwarebytes anti malware problem
MBAM je sada prešao na verziju 1.45 te ima novi scan (Flash scan) koji skenira samo autorun i memoriju. Svakako ga nadogradite :)