Igrice i igre

Indeks » MyCity » Ambulanta -> Arhiva Ambulante » windows cannot find recycler

windows cannot find recycler

Napisano na dan: 1.2.2009, pogledaj vesti za 01. Feb 2009.
1

windows cannot find recycler
Sledeća strana Pagination

Idi na vrh

Poslao: 01 Feb 2009 15:55 Idi na vrh
offline
  • Sha  Male
  • Novi MyCity građanin
  • Pridružio: 01 Feb 2009
  • Poruke: 19
Uloguj se preko Facebooka i postavi pitanje:
aj sacu da odratim to sve....

Dopuna: 01 Feb 2009 15:50


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:47:38 PM, on 2/1/2009
Platform: Windows XP SP3, v.3244 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.3244)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avcenter.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Premium\avscan.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Marko\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.rs/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.vektor.net:8080
R3 - URLSearchHook: (no name) - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing)
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Avira AntiVir Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Avira AntiVir Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 7338 bytes

Dopuna: 01 Feb 2009 15:51


jel to to ?

Dopuna: 01 Feb 2009 15:55


al na primer mogu da udjem u C:/ i u D:/

preko



1Start

2Search

preko toga mogu ali ovako ne mogu ....pomagaj e drugovi ocu da se ubijemmmmmmmmmmmmmmmmmmmm
Poslao: 01 Feb 2009 16:19 Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Diplomirani učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 6791
  • Gde živiš: Novi Beograd
  • Blog: Travian
Uloguj se preko Facebooka da bi video sliku:
Klikni desnim tasterom na Avira ikonicu ( ) u donjem, desnom uglu ekrana i deštikliraj AntiVir Guard Enable.

Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja.

---------------------------

Skini ComboFix sa jedne od sledecih adresa na Desktop:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.
Poslao: 01 Feb 2009 17:21 Idi na vrh
offline
  • Sha  Male
  • Novi MyCity građanin
  • Pridružio: 01 Feb 2009
  • Poruke: 19
Uloguj se preko Facebooka i postavi pitanje:
cek s...sad cu da odradim

Dopuna: 01 Feb 2009 17:20


ComboFix 09-01-31.03 - Marko 2009-02-01 17:15:18.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.895.596 [GMT 1:00]
Running from: c:\documents and settings\Marko\Desktop\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated)
AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Outdated)
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated)
FW: Kaspersky Internet Security *enabled*
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
c:\docume~1\Marko\LOCALS~1\Temp\tmp1.tmp
c:\docume~1\Marko\LOCALS~1\Temp\tmp2.tmp
c:\program files\FunWebProducts
c:\program files\FunWebProducts\ScreenSaver\Images\00A20461.urr
c:\program files\FunWebProducts\Shared\Cache\AvatarSmallBtn.html
c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
c:\program files\FunWebProducts\Shared\Cache\MailStampBtn.html
c:\program files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html
c:\program files\FunWebProducts\Shared\Cache\MyStationeryBtn.html
c:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
c:\program files\Mozilla Firefox\components\iamfamous.dll
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\1.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST
c:\program files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Cache\001B508D.bin
c:\program files\MyWebSearch\bar\Cache\001B52C0.bin
c:\program files\MyWebSearch\bar\Cache\001B54E3.bin
c:\program files\MyWebSearch\bar\Cache\001B630C.bin
c:\program files\MyWebSearch\bar\Cache\0036648F
c:\program files\MyWebSearch\bar\Cache\00A18405.bin
c:\program files\MyWebSearch\bar\Cache\00A185DA.bin
c:\program files\MyWebSearch\bar\Cache\00A18703.bin
c:\program files\MyWebSearch\bar\Cache\00A18926.bin
c:\program files\MyWebSearch\bar\Cache\00A1D2E1
c:\program files\MyWebSearch\bar\Cache\00A1DCC4
c:\program files\MyWebSearch\bar\Cache\00A1E10A.bin
c:\program files\MyWebSearch\bar\Cache\00A1F0C9.bin
c:\program files\MyWebSearch\bar\Cache\00A1F3C7.bin
c:\program files\MyWebSearch\bar\Cache\00A1F889.bin
c:\program files\MyWebSearch\bar\Cache\02F26ED3.bin
c:\program files\MyWebSearch\bar\Cache\02F27106.bin
c:\program files\MyWebSearch\bar\Cache\02F27432
c:\program files\MyWebSearch\bar\Cache\files.ini
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\History\search2
c:\program files\MyWebSearch\bar\icons\CM.ICO
c:\program files\MyWebSearch\bar\icons\MFC.ICO
c:\program files\MyWebSearch\bar\icons\PSS.ICO
c:\program files\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files\MyWebSearch\bar\icons\WB.ICO
c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files\MyWebSearch\bar\Settings\prevcfg2.htm
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\program files\MyWebSearch\bar\Settings\setting2.htm
c:\program files\MyWebSearch\bar\Settings\settings.dat
c:\recycler\S-5-7-11-100004074-100027629-100028457-4509.com
c:\recycler\S-7-4-46-100026353-100017830-100015188-6160.com
c:\windows\IE4 Error Log.txt
c:\windows\system32\drivers\gaopdxoayumaqo.sys
c:\windows\system32\drivers\gaopdxserv.sys
c:\windows\system32\drivers\gaopdxyuruxdpa.sys
c:\windows\system32\gaopdxmrxlypbn.dll
D:\Autorun.inf
d:\recycler\S-4-6-86-100009178-100031637-100030030-2017.com
d:\recycler\S-5-7-11-100004074-100027629-100028457-4509.com
d:\recycler\S-7-1-11-100008707-100030008-100010770-2215.com
d:\recycler\S-7-4-46-100026353-100017830-100015188-6160.com
d:\recycler\S-8-5-99-100027696-100031007-100027461-6333.com
d:\recycler\S-8-8-81-100008768-100031668-100008194-9193.com

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_gaopdxserv.sys


((((((((((((((((((((((((( Files Created from 2009-01-01 to 2009-02-01 )))))))))))))))))))))))))))))))
.

2009-02-01 15:16 . 2009-02-01 15:16 <DIR> d-------- c:\documents and settings\Marko\Application Data\Avira
2009-02-01 15:14 . 2009-02-01 15:14 <DIR> d-------- c:\program files\Avira
2009-02-01 15:14 . 2009-02-01 15:14 <DIR> d-------- c:\documents and settings\All Users\Application Data\Avira
2009-02-01 15:12 . 2009-02-01 15:12 <DIR> d-------- c:\program files\RogueRemover FREE
2009-02-01 14:25 . 2009-02-01 14:25 <DIR> d-------- c:\program files\MajorShare
2009-02-01 14:25 . 2009-02-01 14:25 <DIR> d-------- C:\MS Rapid Downloads
2009-02-01 14:25 . 2004-08-03 23:45 1,392,671 --a------ c:\windows\system32\msvbvm60.dll
2009-02-01 14:25 . 2000-05-22 16:58 1,066,176 --a------ c:\windows\system32\mscomctl.ocx
2009-02-01 14:25 . 2007-07-30 09:47 385,024 --a------ c:\windows\system32\XPControls.ocx
2009-02-01 14:25 . 2004-08-03 23:45 151,552 --a------ c:\windows\system32\scrrun.dll
2009-02-01 14:25 . 1998-05-22 00:00 112,648 --a------ c:\windows\system32\msinet.ocx
2009-02-01 14:25 . 2008-06-27 04:08 90,112 --a------ c:\windows\system32\MSXPButton.ocx
2009-02-01 14:25 . 1998-05-22 00:00 65,032 --a------ c:\windows\system32\sysinfo.ocx
2009-02-01 14:22 . 2009-02-01 16:17 4 --a------ c:\windows\system32\gaopdxcounter
2009-02-01 00:18 . 2009-02-01 14:53 691,744 --ahs---- c:\windows\system32\drivers\fidbox.dat
2009-02-01 00:18 . 2009-02-01 14:53 229,408 --ahs---- c:\windows\system32\drivers\fidbox2.dat
2009-02-01 00:18 . 2009-02-01 14:53 7,532 --ahs---- c:\windows\system32\drivers\fidbox.idx
2009-02-01 00:18 . 2009-02-01 14:53 1,864 --ahs---- c:\windows\system32\drivers\fidbox2.idx
2009-02-01 00:17 . 2009-02-01 00:17 <DIR> d-------- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-01-31 00:34 . 2009-01-31 00:34 268 --ah----- C:\sqmdata01.sqm
2009-01-31 00:34 . 2009-01-31 00:34 244 --ah----- C:\sqmnoopt01.sqm
2009-01-30 23:44 . 2009-01-30 23:44 <DIR> d-------- c:\documents and settings\Marko\Contacts
2009-01-30 23:43 . 2009-01-30 23:43 268 --ah----- C:\sqmdata00.sqm
2009-01-30 23:43 . 2009-01-30 23:43 244 --ah----- C:\sqmnoopt00.sqm
2009-01-30 16:59 . 2009-01-30 16:59 0 --a------ c:\windows\nsreg.dat
2009-01-30 15:39 . 2009-01-30 16:59 <DIR> d-------- c:\program files\CamStudio
2009-01-30 15:38 . 2009-01-30 16:18 <DIR> d-------- c:\documents and settings\Marko\Application Data\Winamp

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-01 15:16 27,262,976 ----a-w C:\VIRTPART.DAT
2009-01-30 14:35 --------- d-----w c:\program files\Valve
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-16 7630848]
"GhostStartTrayApp"="c:\program files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe" [2003-05-28 94208]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" [2008-06-12 266497]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2007-10-31 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"VIDC.HFYU"= huffyuv.dll
"vidc.ffds"= c:\program files\ffdshow\ffdshow.ax

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Marko^Start Menu^Programs^Startup^YouTube Uploader.lnk]
path=c:\documents and settings\Marko\Start Menu\Programs\Startup\YouTube Uploader.lnk
backup=c:\windows\pss\YouTube Uploader.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-01-11 22:16 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\adsnwm]
--a------ 2007-04-04 21:24 20480 c:\windows\system32\adsnwm.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2006-12-23 18:05 143360 c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2007-10-31 00:32 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
--a------ 2006-04-13 11:09 49152 c:\program files\CyberLink\PowerDVD\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-10-18 11:34 5724184 c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2006-01-12 15:40 155648 c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2006-08-16 08:35 7630848 c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2006-08-16 08:35 86016 c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
--a------ 2007-12-18 02:02 471040 c:\program files\Winamp Remote\bin\OrbTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-03-28 22:37 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--------- 2005-12-07 22:57 30208 c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2007-12-20 16:16 37376 c:\program files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
-r------- 2005-05-03 11:43 69632 c:\windows\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2006-08-16 08:35 1617920 c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
-r------- 2006-12-19 04:12 16062464 c:\windows\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
-r------- 2006-05-16 11:04 2879488 c:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"RichVideo"=2 (0x2)
"ose"=3 (0x3)
"odserv"=3 (0x3)
"LightScribeService"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R1 GhPciScan;GhostPciScanner;c:\program files\Symantec\Norton Ghost 2003\GhPciScan.sys [2003-05-28 5632]
R2 AntiVirMailService;Avira AntiVir Premium MailGuard;c:\program files\Avira\AntiVir PersonalEdition Premium\avmailc.exe [2009-02-01 164097]
R2 antivirwebservice;Avira AntiVir Premium WebGuard;c:\program files\Avira\AntiVir PersonalEdition Premium\avwebgrd.exe [2009-02-01 258305]
R2 AVEService;Avira AntiVir Premium MailGuard helper service;c:\program files\Avira\AntiVir PersonalEdition Premium\avesvc.exe [2009-02-01 41217]
R3 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [2008-05-19 4096]
S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys --> c:\windows\system32\DRIVERS\epfwtdir.sys [?]
S3 fsbl-standalone;F-Secure BlackLight Beta Engine Driver; [x]
S3 SetupNTGLM7X;SetupNTGLM7X; [x]
.
Contents of the 'Scheduled Tasks' folder

2009-01-31 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 16:57]

2009-02-01 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]

2009-01-31 c:\windows\Tasks\Uniblue SpeedUpMyPC Nag.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe []

2008-05-16 c:\windows\Tasks\Uniblue SpeedUpMyPC.job
- c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe []
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
BHO-{00A6FAF1-072E-44cf-8957-5838F569A31D} - c:\program files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
BHO-{07B18EA1-A523-4961-B6BB-170DE4475CCA} - c:\program files\MyWebSearch\bar\1.bin\MWSBAR.DLL
WebBrowser-{6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - (no file)
MSConfigStartUp-Google Update - c:\documents and settings\Marko\Local Settings\Application Data\Google\Update\1.1.25.0\GoogleUpdate.exe
MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
MSConfigStartUp-KiweeHook - c:\program files\Kiwee Toolbar2\1.2.114\kwtbaim.exe
MSConfigStartUp-Magentic - c:\progra~1\Magentic\bin\Magentic.exe
MSConfigStartUp-My Web Search Bar - c:\progra~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL
MSConfigStartUp-MySpaceIM - c:\program files\MySpace\IM\MySpaceIM.exe
MSConfigStartUp-Steam - c:\program files\Steam\Steam.exe
MSConfigStartUp-SweetIM - c:\program files\Macrogaming\SweetIM\SweetIM.exe
MSConfigStartUp-TrojanScanner - c:\program files\Trojan Remover\Trjscan.exe
MSConfigStartUp-Uniblue RegistryBooster 2 - c:\program files\Uniblue\RegistryBooster 2\RegistryBooster.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.rs/
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyServer = proxy.vektor.net:8080
uInternet Settings,ProxyOverride = <local>
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: avsda.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Marko\Application Data\Mozilla\Firefox\Profiles\bie118ih.default\
FF - prefs.js: network.proxy.ftp - proxy.vektor.net
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - proxy.vektor.net
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - proxy.vektor.net
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - proxy.vektor.net
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - proxy.vektor.net
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 1
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-01 17:16:46
Windows 5.1.2600 Service Pack 3, v.3244 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(848-)
c:\windows\system32\avsda.dll
.
Completion time: 2009-02-01 17:17:42
ComboFix-quarantined-files.txt 2009-02-01 16:17:40

Pre-Run: 26,664,751,104 bytes free
Post-Run: 26,746,200,064 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /usepmtimer /NoExecute=OptIn

296 --- E O F --- 2008-05-17 16:55:57

Dopuna: 01 Feb 2009 17:21


brate jel to to
Poslao: 01 Feb 2009 17:23 Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Diplomirani učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 6791
  • Gde živiš: Novi Beograd
  • Blog: Travian
Uloguj se preko Facebooka i postavi pitanje:
Za ime sveta, imas 3 antivirusa instalirana. Smile

Osatvi samo jedan, druga dva uninstaliraj.

Jos ti fali samo Vektorov Sophos antivirus. Mr. Green
Poslao: 01 Feb 2009 17:29 Idi na vrh
offline
  • Sha  Male
  • Novi MyCity građanin
  • Pridružio: 01 Feb 2009
  • Poruke: 19
Uloguj se preko Facebooka i postavi pitanje:
kad odem na "ADD or Remove Programs"

nevidi mi kaspersky i nod32....


ja sam ih pre nego st osam pokrenuo onaj program sto si mi dao unistalirao oba....
Poslao: 01 Feb 2009 17:32 Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Diplomirani učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 6791
  • Gde živiš: Novi Beograd
  • Blog: Travian
Uloguj se preko Facebooka i postavi pitanje:
Jel mozes sad da udjes normalno?
Poslao: 01 Feb 2009 17:35 Idi na vrh
offline
  • Sha  Male
  • Novi MyCity građanin
  • Pridružio: 01 Feb 2009
  • Poruke: 19
Uloguj se preko Facebooka da bi video sliku:
sad kad kliknem otvara mi ovakav prozor
Poslao: 01 Feb 2009 17:36 Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Diplomirani učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 6791
  • Gde živiš: Novi Beograd
  • Blog: Travian
Uloguj se preko Facebooka i postavi pitanje:
- Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa.
- Sacekaj koji sekund dok program izvrsi inicijalno skeniranje.
- Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi.
- Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak
- Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum.

Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd.
Poslao: 01 Feb 2009 17:40 Idi na vrh
offline
  • Sha  Male
  • Novi MyCity građanin
  • Pridružio: 01 Feb 2009
  • Poruke: 19
Uloguj se preko Facebooka da bi video sliku:
sta da ubacim od ocoga ??? nejasno mi


Poslao: 01 Feb 2009 17:48 Idi na vrh
offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Diplomirani učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 6791
  • Gde živiš: Novi Beograd
  • Blog: Travian
Uloguj se preko Facebooka i postavi pitanje:
Znaci, trebalo je da startujes program, sacekas koji sekund i onda ubacis jedan flash, pa sacekas 10 sekundi, pa drugi itd.

Kad zavrsis sa svim uredjajima, klikni desni klik u prozor tog programa i pojavice se opcija Save log. Kliknes na opciju Save log i postavis mi log ovde kad se otvori u Notepad-u.

Potreban je samo minut da se registrujete - da biste učestvovali u diskusiji:
Izaberite vaše korisničko ime [username] :
Vaša email adresa je [email] : Email adresa mora biti tačna!
Ukucajte željenu šifru [password] :
Ukucajte šifru ponovo [password again] :
Jezik [language] :



Ili se jednostavno uloguj preko Facebook-a:

Indeks » MyCity » Ambulanta -> Arhiva Ambulante » windows cannot find recycler

Ko je trenutno na forumu
 

Ukupno su 672 korisnika na forumu :: 88 registrovanih, 3 sakrivenih i 581 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 1311 - dana 15 Nov 2012 21:40

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Sale, Acid_Burn, aermedia.com, Aldin Balicevac, Aleksandar Tomić, Alien vs Predator, amoca, aramis s, boksi, Boris90, BSD2, CHARLIE JA., Chuck Norris, Cobi026, Crvena Petokraka, dakota, debeli2, dekao, djboj, DjordjeT, dobri covek, Dot-A, dragonserbia, drejk, drgnk, drummer, elias2, filiphr, focus2, Gama, gfactory, gloyer, gygy11, higuy, ilovephp, indja, ithacking, ivanb2, ivance95, Jelena Jovanovic 7, kaivmair, Khaless, Marko88, maxo95, mean_machine, Mercury, Milovan Dinic, MinerFull, mpman, nedjabanderas, nelson, nemezisx, nikoladim, OMD, Oxygen, padobranac75, panzerwaffe, paokjowanpfc, pdj, pein, petarnika, Punisa Radivojevic 2, rovac, royst33, RST, S-lash, Saleee2008, samsung2, Sass Drake, Siniša Guša, Skyrider, t84dar, Toni, torlak 1, Trpe Grozni, TwinHeadedEagle, ucenik32, VaRvArI 85, vasa.93, vasiljevic, vathra, Voja1978, vukasinpp, zlatko.lazio, Šid, Žan Klod vam dam, ĐUTA, 1252
VPS