MyCity » Ambulanta -> Arhiva Ambulante » Problem so restartiranje!

Problem so restartiranje!

Napisano na dan: 20.3.2009

Problem so restartiranje!

Sledeća strana

Pagination

Odgovori

BaDMaN19 Poslao: 20 Mar 2009 21:21 Idi na vrh
offline BaDMaN19 Građanin Pridružio: 21 Avg 2007 Poruke: 56	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Imam problem so kompjuterot.. stom se vkluci ne zavisno kolku vreme raboti mi prikaze plav ekran i odma se restartira.. ne e zavisno vremeto moze da se sluci na 5 min. ili na nekolku casa... inaku ramot imase problem bese zamenet.. i mislam deka hardverski e reseno eve log od hijack pa pisete mi do sto e mozno Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:13:39, on 20.03.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\savedump.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\igfxtray.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = securityresponse.symantec.com/avcenter/fix_homepage R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q= R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q= R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=%s R3 - URLSearchHook: DefaultSearchHook Class - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - C:\Program Files\AskSearch\bin\DefaultSearch.dll O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: vulcjj.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- End of file - 6251 bytes

Profil

diarno Poslao: 20 Mar 2009 21:32 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! * Klikni desnim tasterom na Norton Antivirus ikonicu () u donjem, desnom uglu ekrana i izaberi Disable Auto Protect. * Zatim izaberi željeno trajanje (npr. 5 sati) i klikni OK. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

BaDMaN19 Poslao: 20 Mar 2009 21:42 Idi na vrh
offline BaDMaN19 Građanin Pridružio: 21 Avg 2007 Poruke: 56	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-03-19.02 - Administrator 2009-03-20 21:34:50.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1251.1.1033.18.1015.358 [GMT 1:00] Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe AV: Symantec AntiVirus Corporate Edition On-access scanning disabled (Updated) * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2009-02-20 to 2009-03-20 ))))))))))))))))))))))))))))))) . 2009-03-20 21:26 . 2009-03-20 21:31 <DIR> d--h----- c:\windows\$hf_mig$ 2009-03-20 21:20 . 2009-03-20 21:26 <DIR> d-------- c:\windows\LastGood 2009-03-20 21:13 . 2009-03-20 21:13 <DIR> d-------- c:\program files\Trend Micro 2009-03-19 17:46 . 2009-03-19 17:46 <DIR> d-------- c:\documents and settings\All Users\Application Data\Messenger Plus! 2009-03-19 17:22 . 2009-03-19 17:22 <DIR> d-------- c:\program files\Messenger Plus! Live 2009-03-19 02:23 . 2009-03-19 02:23 <DIR> d-------- c:\program files\K-Lite Codec Pack 2009-03-19 00:58 . 2009-03-19 00:58 0 --a------ c:\windows\vpc32.INI 2009-03-19 00:51 . 2009-03-20 21:33 <DIR> d-------- c:\program files\Symantec AntiVirus 2009-03-19 00:51 . 2009-03-19 00:51 <DIR> d-------- c:\program files\Symantec 2009-03-19 00:51 . 2009-03-19 00:57 <DIR> d-------- c:\program files\Common Files\Symantec Shared 2009-03-19 00:51 . 2009-03-19 00:51 <DIR> d-------- c:\documents and settings\All Users\Application Data\Symantec 2009-03-19 00:51 . 2005-04-01 20:36 123,200 --a------ c:\windows\system32\drivers\SYMEVENT.SYS 2009-03-19 00:51 . 2005-04-01 20:36 91,856 --a------ c:\windows\system32\S32EVNT1.DLL 2009-03-18 22:54 . 2009-03-18 22:54 <DIR> d-------- c:\program files\TeamViewer 2009-03-18 22:54 . 2009-03-18 22:54 <DIR> d-------- c:\documents and settings\Administrator\temp 2009-03-18 22:54 . 2009-03-18 22:54 <DIR> d-------- c:\documents and settings\Administrator\Application Data\TeamViewer 2009-03-18 21:28 . 2009-03-18 21:28 56 --ah----- c:\windows\system32\ezsidmv.dat 2009-03-18 21:27 . 2009-03-20 00:09 <DIR> d-------- c:\documents and settings\Administrator\Application Data\skypePM 2009-03-18 21:02 . 2009-03-19 02:37 69 --a------ c:\windows\NeroDigital.ini 2009-03-18 19:31 . 2009-03-19 09:09 <DIR> d-------- c:\program files\XoftSpySE 2009-03-18 18:15 . 2009-03-18 18:15 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware 2009-03-18 18:15 . 2009-03-18 18:15 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-03-18 18:15 . 2009-03-18 18:15 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Malwarebytes 2009-03-18 18:15 . 2009-02-11 10:19 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys 2009-03-18 18:15 . 2009-02-11 10:19 15,504 --a------ c:\windows\system32\drivers\mbam.sys 2009-03-18 17:15 . 2009-03-18 17:15 410,984 --a------ c:\windows\system32\deploytk.dll 2009-03-18 16:24 . 2009-03-20 21:35 <DIR> dr------- C:\CS27 2009-03-18 15:52 . 2009-03-18 15:52 <DIR> d-------- c:\program files\Sun 2009-03-18 15:51 . 2009-03-18 17:15 73,728 --a------ c:\windows\system32\javacpl.cpl 2009-03-18 15:50 . 2009-03-18 17:15 <DIR> d-------- c:\program files\Java 2009-03-18 15:50 . 2009-03-18 15:50 <DIR> d-------- c:\program files\Common Files\Java 2009-03-18 15:37 . 2009-03-18 15:37 <DIR> d-------- c:\program files\Webteh 2009-03-18 15:37 . 2009-03-18 19:44 <DIR> d-------- c:\documents and settings\Administrator\Application Data\BSplayer PRO 2009-03-18 15:34 . 2009-03-18 15:35 <DIR> d-------- c:\program files\Winamp 2009-03-18 15:34 . 2009-03-18 15:35 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Winamp 2009-03-18 15:33 . 2009-03-20 21:10 <DIR> d-------- c:\program files\DNA 2009-03-18 15:33 . 2009-03-18 15:33 <DIR> d-------- c:\program files\BitTorrent 2009-03-18 15:33 . 2009-03-18 15:33 <DIR> d-------- c:\program files\AskSearch 2009-03-18 15:33 . 2009-03-18 15:33 <DIR> d-------- c:\program files\AskBarDis 2009-03-18 15:33 . 2009-03-20 21:30 <DIR> d-------- c:\documents and settings\Administrator\Application Data\DNA 2009-03-18 15:33 . 2009-03-20 20:45 <DIR> d-------- c:\documents and settings\Administrator\Application Data\BitTorrent 2009-03-18 15:13 . 2009-03-18 15:13 <DIR> d-------- c:\documents and settings\Administrator\Contacts 2009-03-18 15:11 . 2001-08-17 13:48 12,160 --a------ c:\windows\system32\drivers\mouhid.sys 2009-03-18 15:11 . 2001-08-17 13:48 12,160 --a--c--- c:\windows\system32\dllcache\mouhid.sys 2009-03-18 15:10 . 2001-08-17 14:02 9,600 --a------ c:\windows\system32\drivers\hidusb.sys 2009-03-18 15:10 . 2001-08-17 14:02 9,600 --a--c--- c:\windows\system32\dllcache\hidusb.sys 2009-03-17 16:33 . 2009-03-17 16:33 0 --a------ c:\windows\nsreg.dat 2009-03-17 14:37 . 2009-03-17 14:37 940,794 --a------ c:\windows\system32\LoopyMusic.wav 2009-03-17 14:37 . 2007-01-13 02:45 172,032 -ra------ c:\windows\system32\igfxres.dll 2009-03-17 14:37 . 2009-03-17 14:37 146,650 --a------ c:\windows\system32\BuzzingBee.wav 2009-03-17 14:35 . 2009-03-17 14:35 <DIR> d-------- c:\windows\OPTIONS 2009-03-17 14:35 . 2009-03-17 14:35 <DIR> d-------- c:\documents and settings\Administrator\Application Data\InstallShield 2009-03-17 14:35 . 2008-07-01 04:27 108,800 -ra------ c:\windows\system32\drivers\Rtenicxp.sys 2009-03-17 14:35 . 2008-07-21 17:14 9,728 -ra------ c:\windows\system32\RtNicProp32.dll 2009-03-17 14:33 . 2007-11-22 09:40 16,858,112 -r------- c:\windows\RTHDCPL.exe 2009-03-17 14:33 . 2007-03-23 12:19 9,715,200 -r------- c:\windows\RTLCPL.exe 2009-03-17 14:33 . 2007-11-27 13:06 4,630,016 -r------- c:\windows\system32\drivers\RtkHDAud.sys 2009-03-17 14:33 . 2006-05-04 09:26 2,808,832 -r------- c:\windows\alcwzrd.exe 2009-03-17 14:33 . 2007-06-28 09:44 2,165,760 -r------- c:\windows\MicCal.exe 2009-03-17 14:33 . 2007-11-20 11:15 1,826,816 -r------- c:\windows\SkyTel.exe 2009-03-17 14:33 . 2007-11-07 10:31 1,191,936 -r------- c:\windows\RtlUpd.exe 2009-03-17 14:33 . 2006-08-17 23:58 282,624 -ra------ c:\windows\system32\RTSndMgr.cpl 2009-03-17 14:33 . 2006-07-21 09:14 86,016 -r------- c:\windows\SoundMan.exe 2009-03-17 14:33 . 2005-05-03 11:43 69,632 -r------- c:\windows\Alcmtr.exe 2009-03-17 14:33 . 2005-02-25 04:35 22,752 --a------ c:\windows\system32\spupdsvc.exe 2009-03-17 14:32 . 2009-03-17 14:32 <DIR> d-------- c:\program files\Realtek 2009-03-17 14:31 . 2009-03-17 14:31 <DIR> d-------- c:\windows\system32\Lang 2009-03-17 14:31 . 2007-01-18 04:22 389,120 -ra------ c:\windows\system32\igxpun.exe 2009-03-17 14:31 . 2006-11-10 01:25 319,456 -ra------ c:\windows\system32\difxapi.dll 2009-03-17 14:31 . 2006-01-23 03:29 121,232 -ra------ c:\windows\system32\IScrNBR.bmp 2009-03-17 14:31 . 2006-01-23 03:29 121,232 -ra------ c:\windows\system32\IScrNB.bmp 2009-03-17 14:30 . 2009-03-17 14:30 <DIR> d-------- c:\program files\Intel 2009-03-17 14:30 . 2008-07-16 09:05 53,248 -ra------ c:\windows\system32\CSVer.dll 2009-03-17 14:29 . 2009-03-17 14:29 <DIR> d-------- C:\Intel 2009-03-17 14:29 . 2006-10-11 04:33 10,288 --a------ c:\windows\system32\drivers\ASUSHWIO.SYS 2009-03-17 14:29 . 2009-03-17 14:29 5,537 --a------ c:\windows\Ascd_tmp.ini 2009-03-17 14:06 . 2009-03-17 14:06 268 --ah----- C:\sqmdata00.sqm 2009-03-17 14:06 . 2009-03-17 14:06 244 --ah----- C:\sqmnoopt00.sqm 2009-03-17 14:06 . 2009-03-17 14:06 172 --ah----- C:\sqmnoopt01.sqm 2009-03-17 14:06 . 2009-03-17 14:06 172 --ah----- C:\sqmdata01.sqm . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-20 20:36 --------- d-----w c:\documents and settings\Administrator\Application Data\Skype 2009-03-17 13:35 --------- d--h--w c:\program files\InstallShield Installation Information 2009-03-17 13:32 315,392 ----a-w c:\windows\HideWin.exe 2009-03-17 13:32 --------- d-----w c:\program files\Common Files\InstallShield . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}] 2008-09-29 17:24 325000 --a------ c:\program files\AskBarDis\bar\bin\askBar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-09-29 325000] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-09-29 325000] [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}] [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2002-12-31 15360] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-03-18 342848] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-10-31 32768] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-01-13 131072] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-01-13 163840] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-01-13 135168] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-01-15 37376] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-18 136600] "ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2005-04-08 48752] "vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2005-04-17 85184] "RTHDCPL"="RTHDCPL.EXE" [2007-11-22 c:\windows\RTHDCPL.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2002-12-31 15360] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "c:\\CS27\\mIRC.exe"= "c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [2005-04-17 124608] --- Other Services/Drivers In Memory --- Deregistered - EraserUtilDrv10910 . Contents of the 'Scheduled Tasks' folder 2009-03-20 c:\windows\Tasks\XoftSpySE 2.job - c:\program files\XoftSpySE\XoftSpy.exe [2009-03-11 15:05] 2009-03-18 c:\windows\Tasks\XoftSpySE.job - c:\program files\XoftSpySE\XoftSpy.exe [2009-03-11 15:05] . . ------- Supplementary Scan ------- . uStart Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gpb2ccl0.default\ FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-03-20 21:35:55 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2009-03-20 21:37:10 ComboFix-quarantined-files.txt 2009-03-20 20:37:01 Pre-Run: 18.641.362.944 bytes free Post-Run: 18,694,656,000 bytes free 177 --- E O F --- 2009-03-20 20:26:30

Profil

diarno Poslao: 20 Mar 2009 22:03 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pokreni ponovo Hijackthis i postavi log ovde.

Profil

BaDMaN19 Poslao: 20 Mar 2009 22:03 Idi na vrh
offline BaDMaN19 Građanin Pridružio: 21 Avg 2007 Poruke: 56	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:59:12, on 20.03.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\igfxtray.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\CS27\mIRC.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Winamp\winamp.exe C:\WINDOWS\SoftwareDistribution\Download\2bc0b3c55e0c166e04844934d1c7c342\update\update.exe C:\Documents and Settings\Administrator\Desktop\EVERESTltimateEE\everestultimate\everest.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = securityresponse.symantec.com/avcenter/fix_homepage R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- End of file - 6193 bytes

Profil

diarno Poslao: 20 Mar 2009 23:00 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nista... Ovde je sve cisto... Ovo nije do malware-a...

Profil

BaDMaN19 Poslao: 20 Mar 2009 23:30 Idi na vrh
offline BaDMaN19 Građanin Pridružio: 21 Avg 2007 Poruke: 56	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok, vi blagodaram mnogu ... pozdrav

Profil

diarno Poslao: 20 Mar 2009 23:45 Idi na vrh
offline diarno Anti Malware Fighter Rank 2 Pridružio: 15 Jun 2007 Poruke: 5572	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! nema na cemu Uradi jos ovo : Klikni START a zatim RUN U liniju za unos teksta ukucaj Combofix /u i klikni OK Sačekaj da se proces deinstalacije završi Gornja procedura će: Obrisati sledeće: ComboFix i njegove file-ove i foldere VundoFix Backups folder, ako postoji C:\Deckard folder, ako postoji C:\OtMoveIt folder, ako postoji Resetovati podešavanja sata na kompjuteru Sakriti ekstenzije file-ova, ako je potrebno Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno Resetovati System Restore Pozzz Mozes potraziti pomoc na nekom drugom podforumu.. na primer windows.

Profil

BaDMaN19 Poslao: 21 Mar 2009 00:32 Idi na vrh
offline BaDMaN19 Građanin Pridružio: 21 Avg 2007 Poruke: 56	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ok, go izbrisav Combofix... sega mislam deka si e se vo red.. . Blagodaram, pozdrav do site clenovi na forumot...

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Problem so restartiranje!

Ko je trenutno na forumu

Ukupno su 494 korisnika na forumu :: 5 registrovanih, 1 sakriven i 488 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: milenko crazy north, Panonsky, S-lash, Sančo, vladaa012

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by