Problem sa windows media player-om

1

Problem sa windows media player-om

offline
  • Pridružio: 10 Dec 2007
  • Poruke: 40

Imam jedan problem, wmp nece da reprodukuje video klipove, kada se ucita video klip, slika se zamrzne, a zatim, po izlasku iz wmp-ja, ceo komjuter se ukoci, dakle ne znam sta da radim? Napominjem da je u pitanju wmp 11, ako je od ikakvog znacaja.




mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Pozdrav.

Molim te isprati uputstvo sa sledeceg linka

http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

offline
  • Pridružio: 10 Dec 2007
  • Poruke: 40

Pozdrav.

Evo ovako, ako sam razumeo, mislite da problem nema veze sa virusima? Ali meni se to desilo nakon reinstalacije windowsa i ponovnog aktiviranja interneta. Pre problema, antivirus nije bio instaliran, dakle ja prilikom pustanja klipa na netu, to je pocelo da se desava.

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Nista ja ne mislim, moras da ispratis uputstvo sa gore postavljenog linka, pa tek onda mozemo da znamo da li ima, ili nema malware-a u tvom sistemu.

offline
  • Pridružio: 10 Dec 2007
  • Poruke: 40

Ne razumem, za 64-bitni windows, ima 2 korka, opis problema, i postavljanje loga.... Sta jos?

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Izvini, ja sam prevideo 64-bitni, ok je Smile

offline
  • Pridružio: 10 Dec 2007
  • Poruke: 40

Smile , ma nema veze, samo sta dalje? Smile

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix.

U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
prikazati DISCLAIMER OF WARRANTY ON SOFTWARE:
klikni Yes kako bi proces bio nastavljen.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

offline
  • Pridružio: 10 Dec 2007
  • Poruke: 40

Napisano: 30 Avg 2009 9:54

evo log-a:


ComboFix 09-08-29.01 - Ilija 08/30/2009 9:47.2.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.309 [GMT 2:00]
Running from: c:\documents and settings\Ilija\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.

((((((((((((((((((((((((( Files Created from 2009-07-28 to 2009-08-30 )))))))))))))))))))))))))))))))
.

2009-08-29 07:04 . 2009-08-29 07:04 -------- d-sh--w- C:\FOUND.011
2009-08-28 14:57 . 2009-08-28 14:57 -------- d-----w- c:\program files\Eidos Interactive
2009-08-28 13:55 . 2009-08-28 13:55 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-08-28 13:54 . 2009-08-28 13:54 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-08-28 13:54 . 2009-08-28 13:54 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-08-28 13:54 . 2009-08-28 13:54 -------- d-----w- c:\documents and settings\Ilija\Application Data\DAEMON Tools Lite
2009-08-28 13:45 . 2009-08-28 13:45 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Pro
2009-08-28 13:45 . 2009-08-28 13:45 -------- d-----w- c:\program files\DAEMON Tools Pro
2009-08-28 13:43 . 2009-08-28 13:43 722416 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-08-28 13:43 . 2009-08-28 13:43 -------- d-----w- c:\documents and settings\Ilija\Application Data\DAEMON Tools Pro
2009-08-28 01:15 . 2009-08-28 01:15 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-08-28 01:04 . 2009-08-28 01:05 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-08-28 01:03 . 2009-07-14 00:17 120056 ------w- c:\windows\system32\pxcpyi64.exe
2009-08-28 01:03 . 2009-07-14 00:17 118520 ------w- c:\windows\system32\pxinsi64.exe
2009-08-28 00:55 . 2009-08-28 00:55 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-08-28 00:55 . 2009-08-28 00:55 -------- d-----w- c:\program files\DivX
2009-08-27 22:03 . 2001-08-17 11:48 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-08-27 22:03 . 2001-08-17 11:48 12160 ----a-w- c:\windows\system32\dllcache\mouhid.sys
2009-08-27 22:03 . 2001-08-17 12:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-08-27 22:03 . 2001-08-17 12:02 9600 ----a-w- c:\windows\system32\dllcache\hidusb.sys
2009-08-27 16:18 . 2009-08-27 16:18 -------- d-sh--w- c:\documents and settings\Ilija\IECompatCache
2009-08-27 15:29 . 2009-08-30 02:31 983040 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-08-27 15:29 . 2009-08-30 02:31 24608 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-08-27 15:29 . 2009-08-27 15:29 -------- d-----w- c:\program files\Kaspersky Lab
2009-08-27 15:29 . 2009-08-27 15:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-08-27 15:28 . 2009-08-27 15:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-08-27 15:00 . 2009-08-15 15:11 121020 ----a-w- c:\documents and settings\Ilija\Application Data\TuneUp Software\TuneUp Utilities\StartUp Manager\Disabled objects\officexp.exe
2009-08-27 14:58 . 2008-02-27 11:15 28416 ----a-w- c:\windows\system32\uxtuneup.dll
2009-08-27 14:58 . 2009-08-27 14:58 307968 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-08-27 14:58 . 2009-08-27 14:58 -------- d-----w- c:\documents and settings\Ilija\Application Data\TuneUp Software
2009-08-27 14:58 . 2009-08-27 14:58 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-08-27 14:58 . 2009-08-27 14:58 -------- d-----w- c:\program files\TuneUp Utilities 2008
2009-08-27 14:56 . 2009-08-27 14:56 -------- d-sh--w- C:\FOUND.010
2009-08-27 14:45 . 2006-10-18 19:47 10834432 ----a-w- c:\windows\system32\dllcache\wmp.dll
2009-08-27 14:05 . 2009-08-27 14:05 -------- d-sh--w- c:\documents and settings\Ilija\PrivacIE
2009-08-27 14:04 . 2009-08-27 14:04 -------- d-sh--w- c:\documents and settings\Ilija\IETldCache
2009-08-27 13:58 . 2009-08-27 13:58 -------- d--h--w- c:\windows\ie8
2009-08-26 17:34 . 2009-08-26 17:34 -------- d-sh--w- C:\FOUND.009
2009-08-26 15:27 . 2009-08-26 15:27 -------- d-----w- c:\documents and settings\Ilija\Application Data\PacificPoker
2009-08-26 15:27 . 2009-08-26 15:27 -------- d-----w- c:\program files\PacificPoker
2009-08-26 15:23 . 2009-08-26 15:23 -------- d-----w- c:\documents and settings\Ilija\Application Data\Search Settings
2009-08-26 15:23 . 2009-08-26 15:23 -------- d-----w- c:\documents and settings\Ilija\Application Data\Dealio
2009-08-26 12:25 . 2009-08-26 12:25 -------- d-----w- c:\program files\YouTube Downloader
2009-08-25 21:03 . 2009-08-25 21:03 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-08-25 19:12 . 2004-08-03 23:07 388608 ----a-w- c:\windows\system32\msregsv.exe
2009-08-25 17:06 . 2009-08-25 17:06 -------- d-sh--w- C:\FOUND.008
2009-08-25 16:31 . 2009-08-25 16:31 -------- d-sh--w- C:\FOUND.007
2009-08-25 15:50 . 2009-08-25 15:50 -------- d-sh--w- C:\FOUND.006
2009-08-25 08:56 . 2009-08-25 08:56 -------- d-sh--w- C:\FOUND.005
2009-08-23 11:47 . 2009-08-23 11:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-08-23 10:59 . 2009-08-23 10:59 -------- d-sh--w- C:\FOUND.004
2009-08-22 14:45 . 2009-08-22 14:45 1961720 ----a-w- c:\documents and settings\Ilija\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-08-22 14:36 . 2009-08-22 14:36 -------- d-----w- c:\documents and settings\Ilija\Local Settings\Application Data\Opera
2009-08-22 14:36 . 2009-08-22 14:36 -------- d-----w- c:\program files\Opera
2009-08-22 14:24 . 2009-08-22 14:24 -------- d-sh--w- C:\FOUND.003
2009-08-22 14:18 . 2009-08-22 14:18 0 ----a-w- c:\windows\nsreg.dat
2009-08-22 14:18 . 2009-08-22 14:18 -------- d-----w- c:\documents and settings\Ilija\Local Settings\Application Data\Mozilla
2009-08-20 07:55 . 2009-08-20 07:55 -------- d-sh--w- C:\FOUND.002
2009-08-19 16:49 . 2009-08-19 16:49 1924440 ----a-w- c:\documents and settings\Ilija\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
2009-08-19 10:11 . 2004-08-03 23:07 25600 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-08-19 10:11 . 2009-08-19 10:11 -------- d-----w- c:\program files\Windows Media Connect 2
2009-08-19 09:52 . 2009-08-19 09:52 -------- d-----w- c:\documents and settings\Ilija\Contacts
2009-08-19 09:51 . 2009-08-19 09:51 -------- d-----w- c:\program files\MSN Messenger
2009-08-19 09:25 . 2009-08-19 09:25 -------- d-----w- c:\documents and settings\Ilija\Local Settings\Application Data\Temp
2009-08-19 09:24 . 2009-08-19 09:24 -------- d-----w- c:\documents and settings\Ilija\Local Settings\Application Data\Deployment
2009-08-15 13:57 . 2009-08-15 13:57 -------- d-----w- c:\documents and settings\Ilija\Application Data\PC Suite
2009-08-15 13:57 . 2009-08-15 13:57 -------- d-----w- c:\documents and settings\Ilija\Local Settings\Application Data\IsolatedStorage
2009-08-15 13:57 . 2009-08-15 13:57 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Nokia
2009-08-15 13:57 . 2009-08-15 13:57 -------- d-----w- c:\documents and settings\Ilija\Local Settings\Application Data\Nokia
2009-08-15 13:55 . 2009-08-15 13:55 -------- d-----w- c:\documents and settings\Ilija\Application Data\Nokia
2009-08-15 13:50 . 2009-08-15 13:50 -------- d-----w- c:\documents and settings\All Users\Application Data\NokiaMusic
2009-08-15 13:48 . 2009-08-15 13:48 -------- d-----w- c:\windows\Globalization
2009-08-15 13:47 . 2009-08-15 13:47 -------- d-----w- c:\program files\DIFX
2009-08-15 13:47 . 2008-08-26 07:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2009-08-15 13:46 . 2009-08-15 13:46 -------- d-----w- c:\program files\Nokia
2009-08-15 13:46 . 2008-02-01 13:17 90624 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-08-15 13:45 . 2009-08-15 13:56 132600 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-08-15 13:45 . 2009-08-15 13:45 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-15 13:45 . 2009-08-15 13:45 -------- d-----w- c:\program files\MSBuild
2009-08-15 13:45 . 2009-08-15 13:45 -------- d-----w- c:\program files\Reference Assemblies
2009-08-15 13:44 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-15 13:44 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-15 13:44 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-15 13:44 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-15 13:44 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-15 13:44 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-08-15 13:44 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-15 13:44 . 2009-08-15 13:44 -------- d-----w- C:\b21d803b36616274c646ac
2009-08-15 13:42 . 2009-08-15 13:42 -------- d-----w- c:\program files\MSXML 6.0
2009-08-02 12:34 . 2009-08-02 12:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia
2009-07-31 11:01 . 2009-07-31 11:01 -------- d-sh--w- C:\FOUND.001
2009-07-31 10:32 . 2009-07-31 10:32 -------- d-sh--w- C:\FOUND.000

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-30 02:31 . 2009-08-27 15:29 6636 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-08-30 02:31 . 2009-08-27 15:29 1164 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-08-27 16:10 . 2009-08-27 16:10 -------- d-----w- c:\program files\Google
2009-08-27 16:10 . 2008-01-29 16:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-08-27 16:10 . 2009-08-27 15:31 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-08-27 16:10 . 2009-08-27 15:31 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-08-27 16:10 . 2009-08-27 16:10 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\klbg.sys
2009-08-27 16:10 . 2009-08-27 16:10 213520 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\XP\klif.sys
2009-08-27 16:09 . 2009-08-27 16:09 21256 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\vkbd.dll
2009-08-27 16:09 . 2009-08-27 16:09 861448 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\updater.dll
2009-08-27 16:09 . 2009-08-27 16:09 83208 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\mzvkbd.dll
2009-08-27 16:09 . 2009-08-27 16:09 62728 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\ievkbd.dll
2009-08-27 16:08 . 2009-08-27 16:08 43784 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\fssync.dll
2009-08-27 16:08 . 2009-08-27 16:08 365832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\ckahum.dll
2009-08-27 16:08 . 2009-08-27 16:08 201992 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\avp.exe
2009-08-27 15:11 . 2009-07-13 20:55 12328 ----a-w- c:\documents and settings\Ilija\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-27 14:00 . 2009-08-27 14:00 -------- d-----w- c:\program files\Winamp
2009-08-27 14:00 . 2009-08-27 14:00 -------- d-----w- c:\documents and settings\Ilija\Application Data\Winamp
2009-08-25 21:04 . 2009-08-25 21:04 271360 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-08-25 21:04 . 2009-08-25 21:04 18048 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-07-23 16:43 . 2009-07-23 16:43 666 ----a-w- c:\windows\EReg515.dat
2009-07-23 16:42 . 2009-07-23 16:42 -------- d-----w- c:\program files\Disney Interactive
2009-07-20 14:01 . 2009-07-20 14:01 -------- d-----w- c:\documents and settings\Ilija\Application Data\Apple Computer
2009-07-15 17:35 . 2009-07-15 17:35 62760 ----a-w- c:\documents and settings\Ilija\Application Data\Mozilla\Firefox\Profiles\6ckxqsmr.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
2009-07-15 13:07 . 2009-07-15 13:07 -------- d-----w- c:\documents and settings\Ilija\Application Data\Ahead
2009-07-15 13:06 . 2009-07-15 13:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-07-15 13:06 . 2009-07-15 13:06 -------- d-----w- c:\program files\Nero
2009-07-15 13:06 . 2009-07-15 13:06 -------- d-----w- c:\program files\Common Files\Ahead
2009-07-14 15:04 . 2009-07-14 15:04 -------- d-----w- c:\documents and settings\Ilija\Application Data\ATI
2009-07-14 15:04 . 2009-07-14 15:04 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2009-07-14 15:00 . 2009-07-14 15:00 -------- d-----w- c:\program files\Sony
2009-07-14 14:58 . 2009-07-14 14:58 -------- d-----w- c:\program files\QuickTime
2009-07-14 14:58 . 2009-07-14 14:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-07-14 14:57 . 2009-07-14 14:57 -------- d-----w- c:\program files\Apple Software Update
2009-07-14 14:57 . 2009-07-14 14:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-07-14 14:37 . 2009-07-14 14:37 -------- d-----w- c:\program files\Sony Ericsson
2009-07-14 14:37 . 2009-07-14 14:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony Ericsson
2009-07-14 14:37 . 2009-07-14 14:37 -------- d-----w- c:\documents and settings\Ilija\Application Data\InstallShield
2009-07-14 00:15 . 2009-07-14 00:15 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-07-14 00:15 . 2009-07-14 00:15 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-07-14 00:15 . 2009-07-14 00:15 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-07-14 00:15 . 2009-07-14 00:15 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-07-14 00:15 . 2009-07-14 00:15 811008 ----a-w- c:\windows\system32\divx_xx16.dll
2009-07-14 00:15 . 2009-07-14 00:15 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-07-14 00:15 . 2009-07-14 00:15 685056 ----a-w- c:\windows\system32\DivX.dll
2009-07-13 21:00 . 2009-07-13 21:00 0 ----a-w- c:\windows\ativpsrm.bin
2009-07-13 17:10 . 2009-07-13 17:10 -------- d-----w- c:\program files\Labtec
2009-07-13 17:08 . 2009-07-13 14:51 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-07-13 17:06 . 2009-07-13 17:06 -------- d-----w- c:\program files\AskTBar
2009-07-13 17:02 . 2009-07-13 17:02 -------- d-----w- c:\program files\Common Files\Adobe
2009-07-13 15:53 . 2009-07-13 11:34 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-07-13 15:20 . 2009-07-13 15:20 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-07-13 15:20 . 2009-07-13 15:20 -------- d--h--r- c:\documents and settings\Ilija\Application Data\SecuROM
2009-07-13 15:03 . 2009-07-13 15:03 -------- d-----w- c:\program files\ATI Technologies
2009-07-13 11:44 . 2009-07-13 11:44 -------- d-----w- c:\program files\Realtek AC97
2009-07-13 11:44 . 2009-07-13 11:44 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-13 11:44 . 2009-07-13 11:44 -------- d-----w- c:\program files\Common Files\InstallShield
2009-07-13 11:35 . 2009-07-13 11:35 -------- d-----w- c:\program files\microsoft frontpage
2009-07-13 11:31 . 2009-07-13 11:31 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2007-11-28 19:12 . 2009-08-22 14:18 67696 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2007-11-28 19:12 . 2009-08-22 14:18 54376 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2007-11-28 19:12 . 2009-08-22 14:18 34952 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2007-11-28 19:12 . 2009-08-22 14:18 46720 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2007-11-28 19:12 . 2009-08-22 14:18 172144 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
2009-07-14 00:16 . 2009-07-14 00:16 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-07-14 00:16 . 2009-07-14 00:16 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-07-14 00:16 . 2009-07-14 00:16 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-07-14 00:16 . 2009-07-14 00:16 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{9CB65206-89C4-402c-BA80-02D8C59F9B1D}"= "c:\program files\AskTBar\SrchAstt\2.bin\A5SRCHAS.DLL" [2009-07-15 57344]

[HKEY_CLASSES_ROOT\clsid\{9cb65206-89c4-402c-ba80-02d8c59f9b1d}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-27 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-27 61440]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-08-27 201992]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-08-27 122368]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" /background
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"ctfmon.exe"=c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"WinampAgent"="c:\program files\Winamp\winampa.exe"
"SoundMan"=SOUNDMAN.EXE
"FLMOFFICE4DMOUSE"=c:\program files\Labtec\moffice.exe
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"d:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"d:\\Program Files\\XTCS Counter-Strike 1.6 Final Release\\cstrike.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\english\\setup.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [1/29/2008 6:29 PM 33808]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [3/13/2008 7:02 PM 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [3/25/2008 8:07 PM 24592]
S2 gupdate1ca277b85f8ef28;Google Update Service (gupdate1ca277b85f8ef28-);c:\program files\Google\Update\GoogleUpdate.exe [8/28/2009 3:04 AM 133104]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [7/14/2009 4:40 PM 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [7/14/2009 4:40 PM 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [7/14/2009 4:40 PM 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3017mgmt.sys [7/14/2009 4:40 PM 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\drivers\s3017nd5.sys [7/14/2009 4:40 PM 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [7/14/2009 4:40 PM 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [7/14/2009 4:40 PM 110120]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-08-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 12:57]

2009-08-30 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-02-29 12:24]

2009-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-28 00:55]

2009-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-28 00:55]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.daemon-search.com/startpage
FF - ProfilePath - c:\documents and settings\Ilija\Application Data\Mozilla\Firefox\Profiles\6ckxqsmr.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=966134&p=
FF - prefs.js: browser.startup.homepage - hxxp://www.daemon-search.com/startpage
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components\DealioToolbarFF.dll
FF - component: c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-08-30 09:50
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(904)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\klogon.dll

- - - - - - - > 'explorer.exe'(596)
c:\program files\Google\Quick Search Box\bin\1.2.1137.3514\qsb.dll
c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll
c:\program files\Common Files\Ahead\Lib\MFC71U.DLL
c:\program files\Common Files\Ahead\Lib\BCGCBPRO860un71.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-08-30 9:51
ComboFix-quarantined-files.txt 2009-08-30 07:51
ComboFix2.txt 2009-08-29 18:02

Pre-Run: 7,902,085,120 bytes free
Post-Run: 8,011,530,240 bytes free

305

Dopuna: 30 Avg 2009 9:56

mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Otvoriti Notepad i iskopirati sledeci tekst:

File::
c:\program files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components\DealioToolbarFF.dll
c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll
c:\documents and settings\Ilija\Application Data\TuneUp Software\TuneUp Utilities\StartUp Manager\Disabled objects\officexp.exe
c:\windows\system32\msregsv.exe

Folder::
c:\documents and settings\Ilija\Application Data\Search Settings
c:\documents and settings\Ilija\Application Data\Dealio

Firefox::
FF - ProfilePath - c:\documents and settings\Ilija\Application Data\Mozilla\Firefox\Profiles\6ckxqsmr.default\
FF - component: c:\program files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components\DealioToolbarFF.dll
FF - component: c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll


Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Ko je trenutno na forumu
 

Ukupno su 887 korisnika na forumu :: 31 registrovanih, 5 sakrivenih i 851 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 8u47, airsuba, amaterSRB, Apok, Bluper, Boris Bosiljčić, bozo13, DejanSt, dejoglina, Draganeli, Dukelander, FOX, Georgius, Još malo pa deda, Lošmi, mercedesamg, milan.vukovic, milutin134, mkukoleca, Noks, Panter, pedja.st, Romibrat, sasa87, Sass Drake, Srle993, stegonosa, theNedjeljko, vasa.93, vathra, zbazin