Restartovanje kompa

1

Restartovanje kompa

offline
  • Luka Varagic
  • Pridružio: 08 Jul 2008
  • Poruke: 181
  • Gde živiš: Pirot

Ljudi treba mi pomoc komp mi se od juche restartuje odjednom...Nekada nekoliko puta zaredom,a nekada nema 1-2 sata pa se restartuje,u chemu je problem....???Hwala Unapred...Ewo dole moj hijack log fajl....
--------------------------------------------------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:33:18 PM, on 2/25/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\Documents and Settings\User\Desktop\New Folder\vargamc.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 5128 bytes
----------------------------------------------------------------------------------

Dopuna: 26 Feb 2009 0:01

Ljudi pomagajte sada sam pokrenuo komp u "safe mode with networking" zato sto kad se restartuje pojawi se "plawi ekran" i odma nestane i komp se ponowo restartuje i swe tako u krug....Sta da radim...Molim was pomagajte... Sad

Dopuna: 26 Feb 2009 14:04

Ajde oce neko da pomogne poludeo sam !?!?!

online
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8444
  • Gde živiš: Novi Beograd

A, da nemas problema sa hardverom? Jesi li skoro nesto instalirao od hardvera?

offline
  • Luka Varagic
  • Pridružio: 08 Jul 2008
  • Poruke: 181
  • Gde živiš: Pirot

Instalirao sam program "Nuendo 3" a uz njega idu neki drajweri za muzichku karticu...Nistra drugo...

Dopuna: 26 Feb 2009 16:23

A sada je pochelo i owo...Kad upalim neki program pojawi mi se owo (slika)....



Dopuna: 26 Feb 2009 16:23

E da obrisao sam owe drajwere sto sam bio instalirao...Mislio sam da je to u ptanju,ali nije...

online
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8444
  • Gde živiš: Novi Beograd

Pogledacemo:

* Klikni desnim tasterom miša na AVG ikonicu ( ) u donjem, desnom uglu ekrana.
* Kada se pokrene AVG Control Center, dvoklikni na AVG Resident Shield komponentu.
* U prozoru koji se otvori, deštikliraj opciju Turn on AVG Resident Shield i klikni OK.

Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja.


---------------------------------


Skini ComboFix sa jedne od sledecih adresa na Desktop:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

offline
  • Luka Varagic
  • Pridružio: 08 Jul 2008
  • Poruke: 181
  • Gde živiš: Pirot

ComboFix 09-02-25.02 - User 2009-02-26 18:31:33.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.512.309 [GMT 1:00]
Running from: c:\documents and settings\User\Desktop\ComboFix.exe
AV: AVG Anti-Virus *On-access scanning disabled* (Outdated)
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\User\Application Data\.#
c:\documents and settings\User\Application Data\.#\MBX@540@3839B0.###
c:\documents and settings\User\Application Data\.#\MBX@540@3839C0.###
c:\windows\system32\msssc.dll
c:\windows\system32\pncrt.dll
.
---- Previous Run -------
.
c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013
c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini

.
((((((((((((((((((((((((( Files Created from 2009-01-26 to 2009-02-26 )))))))))))))))))))))))))))))))
.

2009-02-26 16:30 . 2009-02-26 16:30 <DIR> d-------- c:\documents and settings\Administrator\Application Data\URSoft
2009-02-26 16:18 . 2009-02-26 16:18 <DIR> d-------- c:\program files\Spybot - Search & Destroy
2009-02-26 16:18 . 2009-02-26 18:30 <DIR> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-26 15:42 . 2009-02-26 15:42 90,112 --a------ C:\sys.exe
2009-02-26 14:09 . 2009-02-26 14:09 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Steinberg
2009-02-26 08:01 . 2009-02-26 08:01 49 --a------ c:\windows\bsclient.INI
2009-02-25 23:48 . 2009-02-26 16:13 <DIR> d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2009-02-25 23:48 . 2009-02-26 16:13 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-02-25 23:37 . 2009-02-26 14:28 <DIR> d-------- c:\program files\SensiveGuard
2009-02-25 22:02 . 2009-02-25 22:03 <DIR> d-------- c:\program files\Common Files\Macromedia
2009-02-25 22:00 . 2009-02-25 22:00 <DIR> d-------- c:\windows\Downloaded Installations
2009-02-25 21:55 . 2009-02-25 22:35 284 --a------ c:\windows\wcx_ftp.ini
2009-02-25 21:54 . 2009-02-25 22:29 <DIR> d-------- C:\totalcmd
2009-02-25 21:54 . 2009-02-25 22:35 816 --a------ c:\windows\wincmd.ini
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\UC.PIF
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\RAR.PIF
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\PKZIP.PIF
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\PKUNZIP.PIF
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\NOCLOSE.PIF
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\LHA.PIF
2009-02-25 21:54 . 2008-08-08 07:04 545 --a------ c:\windows\ARJ.PIF
2009-02-25 16:58 . 2009-02-26 15:24 <DIR> d--h----- C:\$AVG8.VAULT$
2009-02-25 15:00 . 2009-02-26 16:00 <DIR> d-------- c:\windows\system32\drivers\Avg
2009-02-25 15:00 . 2009-02-25 15:00 <DIR> d-------- c:\program files\AVG
2009-02-25 15:00 . 2009-02-25 21:20 <DIR> d-------- c:\documents and settings\User\Application Data\AVGTOOLBAR
2009-02-25 15:00 . 2009-02-26 18:20 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-02-25 15:00 . 2009-02-25 15:00 325,128 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-02-25 15:00 . 2009-02-25 15:00 107,272 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-02-25 15:00 . 2009-02-25 15:00 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-02-23 22:35 . 2009-02-25 21:58 <DIR> d-------- c:\program files\Common Files\Adobe
2009-02-23 14:18 . 2009-02-23 14:18 12,124 --a------ c:\windows\system32\rundll32.rar
2009-02-23 14:13 . 2000-05-22 22:58 608,448 --a------ c:\windows\system32\comctl32.ocx
2009-02-23 14:12 . 2009-02-23 14:14 <DIR> d-------- c:\program files\Total Video Converter
2009-02-23 13:57 . 2009-02-23 13:57 <DIR> d-------- c:\program files\DVDVideoSoft
2009-02-23 13:57 . 2009-02-23 13:57 <DIR> d-------- c:\program files\Common Files\DVDVideoSoft
2009-02-23 13:00 . 2009-02-23 13:00 <DIR> d-------- c:\program files\Alcohol Soft
2009-02-23 12:56 . 2009-02-23 12:56 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2009-02-22 23:17 . 2009-02-22 23:17 <DIR> d-------- c:\program files\FreeByte
2009-02-22 17:53 . 2009-02-25 15:00 <DIR> d-------- c:\documents and settings\Administrator
2009-02-22 11:01 . 2009-02-22 11:01 <DIR> d-------- C:\Team17
2009-02-22 10:38 . 2009-02-22 10:39 <DIR> d-------- c:\documents and settings\User\Application Data\Steinberg
2009-02-22 10:34 . 2005-06-04 09:08 487,936 --a------ c:\windows\system32\rmbe3260.dll
2009-02-22 10:34 . 2005-06-04 09:08 487,424 --a------ c:\windows\system32\msvcp70.dll
2009-02-22 10:34 . 2005-06-04 09:09 352,768 --a------ c:\windows\system32\pngu3263.dll
2009-02-22 10:34 . 2005-06-04 09:08 344,064 --a------ c:\windows\system32\msvcr70.dll
2009-02-22 10:34 . 2005-06-04 09:09 131,072 --a------ c:\windows\system32\pneng50.dll
2009-02-22 10:34 . 2005-06-04 09:09 130,560 --a------ c:\windows\system32\pnc3250.dll
2009-02-22 10:34 . 2005-06-04 09:08 87,040 --a------ c:\windows\system32\ra32sipr.dll
2009-02-22 10:34 . 2005-06-04 09:11 85,504 --a------ c:\windows\system32\encdnet.dll
2009-02-22 10:34 . 2005-06-04 09:09 81,920 --a------ c:\windows\system32\ra3214_4.dll
2009-02-22 10:34 . 2005-06-04 09:09 72,704 --a------ c:\windows\system32\ra3228_8.dll
2009-02-22 10:34 . 2005-06-04 09:09 61,952 --a------ c:\windows\system32\decdnet.dll
2009-02-22 10:34 . 2005-06-04 09:09 21,504 --a------ c:\windows\system32\ra32dnet.dll
2009-02-22 10:32 . 2009-02-26 16:06 <DIR> d-------- c:\program files\Steinberg
2009-02-22 01:38 . 2005-05-09 20:08 33,792 --a------ c:\windows\system32\drivers\cledx.sys
2009-02-22 01:37 . 2002-11-25 14:46 16,896 --a------ c:\windows\system32\drivers\synasUSB.sys
2009-02-21 19:05 . 2009-02-21 19:05 <DIR> d-------- c:\windows\Sun
2009-02-21 18:30 . 2009-02-25 13:19 3,036 --a------ C:\rollback.ini
2009-02-21 17:11 . 2008-10-16 14:06 268,648 --a------ c:\windows\system32\mucltui.dll
2009-02-21 17:11 . 2008-10-16 14:06 208,744 --a------ c:\windows\system32\muweb.dll
2009-02-21 17:11 . 2008-10-16 14:06 27,496 --a------ c:\windows\system32\mucltui.dll.mui
2009-02-21 14:13 . 2009-02-22 10:12 <DIR> d-------- c:\documents and settings\All Users\Application Data\MailFrontier
2009-02-21 13:09 . 2009-02-21 13:09 53,248 --a------ c:\windows\system32\suppdll.dll
2009-02-21 13:09 . 2009-02-21 13:09 35,363 --a------ c:\windows\system32\windrvNT.sys
2009-02-21 12:24 . 2009-02-23 13:14 <DIR> d-------- c:\program files\Windows Media Connect 2
2009-02-21 12:13 . 2009-02-21 12:13 <DIR> d-------- c:\windows\system32\LogFiles
2009-02-21 12:13 . 2009-02-21 12:17 <DIR> d-------- c:\windows\system32\drivers\UMDF
2009-02-21 12:10 . 2008-04-14 05:42 221,184 --a------ c:\windows\system32\wmpns.dll
2009-02-21 12:02 . 2005-10-16 08:00 12,928 --a------ c:\windows\system32\drivers\filedisk.sys
2009-02-21 11:47 . 2009-02-21 11:47 <DIR> d-------- c:\program files\Java
2009-02-21 11:47 . 2009-02-21 11:47 410,984 --a------ c:\windows\system32\deploytk.dll
2009-02-21 11:47 . 2009-02-21 11:47 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-02-21 11:21 . 2009-02-21 11:21 <DIR> d-------- c:\program files\BitLord
2009-02-21 10:11 . 2009-02-21 10:11 <DIR> d---s---- c:\documents and settings\User\UserData
2009-02-21 03:06 . 2009-02-21 03:06 <DIR> d-------- c:\documents and settings\All Users\Application Data\InstallShield
2009-02-21 03:06 . 2002-11-02 09:53 57,344 --a------ c:\windows\system32\WNASPINT.DLL
2009-02-21 03:05 . 2009-02-21 03:05 <DIR> d-------- c:\program files\Common Files\InstallShield Shared
2009-02-21 02:15 . 2006-09-28 13:10 11,648 --a------ c:\windows\system32\drivers\ggsemc.sys
2009-02-21 02:15 . 2006-09-28 13:10 11,648 --a------ c:\windows\system32\drivers\gggen.sys
2009-02-21 01:17 . 2009-02-21 01:20 <DIR> d-------- c:\program files\Your Uninstaller 2008
2009-02-21 01:17 . 2009-02-21 01:17 <DIR> d-------- c:\documents and settings\User\Application Data\URSoft
2009-02-21 01:17 . 2009-02-26 16:30 <DIR> d-a------ c:\documents and settings\All Users\Application Data\TEMP
2009-02-20 21:57 . 2009-02-26 18:30 <DIR> d-------- c:\documents and settings\User\Tracing
2009-02-20 21:56 . 2009-02-20 21:56 <DIR> d-------- c:\program files\Windows Live SkyDrive
2009-02-20 21:56 . 2009-02-20 21:56 <DIR> d-------- c:\program files\Microsoft
2009-02-20 21:55 . 2009-02-20 21:56 <DIR> d-------- c:\program files\Windows Live
2009-02-20 21:47 . 2009-02-20 21:47 <DIR> d-------- c:\program files\Common Files\Windows Live
2009-02-20 21:10 . 2009-02-20 21:10 <DIR> d-------- c:\windows\system32\Nexus Radio
2009-02-20 21:10 . 2009-02-25 14:17 <DIR> d-------- c:\program files\Nexus Radio
2009-02-20 21:10 . 2009-02-20 21:10 <DIR> d-------- c:\program files\AskSearch
2009-02-20 21:10 . 2009-02-20 21:10 <DIR> d-------- c:\program files\AskBarDis
2009-02-20 21:10 . 2009-02-20 21:10 <DIR> d-------- C:\My Saved Files
2009-02-20 21:10 . 2009-02-20 21:10 <DIR> d-------- C:\My Recorded Files
2009-02-20 21:02 . 2009-02-20 21:02 <DIR> d-------- c:\program files\Opera
2009-02-20 20:24 . 2008-06-13 12:05 272,128 -----c--- c:\windows\system32\dllcache\bthport.sys
2009-02-20 20:21 . 2008-10-16 02:00 1,499,136 -----c--- c:\windows\system32\dllcache\shdocvw.dll
2009-02-20 20:21 . 2008-10-16 02:00 666,112 -----c--- c:\windows\system32\dllcache\wininet.dll
2009-02-20 20:21 . 2008-10-16 02:00 619,520 -----c--- c:\windows\system32\dllcache\urlmon.dll
2009-02-20 20:20 . 2008-08-14 11:11 2,189,184 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2009-02-20 20:20 . 2008-08-14 11:09 2,145,280 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-02-20 20:20 . 2008-08-14 10:33 2,066,048 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-02-20 20:20 . 2008-08-14 10:33 2,023,936 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2009-02-20 20:20 . 2008-09-15 13:12 1,846,400 -----c--- c:\windows\system32\dllcache\win32k.sys
2009-02-20 20:19 . 2008-12-12 18:01 3,067,904 -----c--- c:\windows\system32\dllcache\mshtml.dll
2009-02-20 20:19 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2009-02-20 20:19 . 2008-12-11 11:57 333,952 -----c--- c:\windows\system32\dllcache\srv.sys
2009-02-20 20:19 . 2008-05-08 15:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys
2009-02-20 20:18 . 2008-09-04 18:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2009-02-20 20:18 . 2008-04-11 20:04 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll
2009-02-20 20:18 . 2008-10-15 17:34 337,408 -----c--- c:\windows\system32\dllcache\netapi32.dll
2009-02-20 20:18 . 2008-05-01 15:33 331,776 -----c--- c:\windows\system32\dllcache\msadce.dll
2009-02-20 20:13 . 2009-02-25 11:12 <DIR> d--h----- c:\windows\$hf_mig$
2009-02-20 19:40 . 2009-02-25 18:10 <DIR> d-------- c:\windows\system32\ZoneLabs
2009-02-20 19:40 . 2009-02-22 17:47 4,212 -rah----- c:\windows\system32\zllictbl.dat
2009-02-20 19:17 . 2009-02-20 19:20 <DIR> d-------- c:\program files\Avanquest update
2009-02-20 19:17 . 2009-02-20 19:17 <DIR> d-------- c:\documents and settings\All Users\Application Data\BVRP Software
2009-02-20 19:16 . 2009-02-21 02:15 <DIR> d-------- c:\program files\Sony Ericsson
2009-02-20 19:16 . 2009-02-20 19:16 <DIR> d-------- c:\documents and settings\All Users\Application Data\Sony Ericsson
2009-02-20 19:15 . 2009-02-20 19:15 <DIR> d-------- c:\windows\system32\scripting
2009-02-20 19:15 . 2009-02-20 19:15 <DIR> d-------- c:\documents and settings\User\Application Data\InstallShield
2009-02-20 19:12 . 2009-02-20 19:15 <DIR> d-------- c:\windows\ServicePackFiles
2009-02-20 19:12 . 2008-04-14 05:42 294,912 -----c--- c:\windows\system32\dllcache\dlimport.exe
2009-02-20 19:07 . 2007-08-10 20:46 26,488 --a------ c:\windows\system32\spupdsvc.exe
2009-02-20 18:48 . 2009-02-25 18:10 <DIR> d-------- c:\windows\Internet Logs
2009-02-20 18:39 . 2009-02-20 18:39 0 --a------ c:\windows\nsreg.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-26 15:14 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-25 13:35 163,501 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_02_25_14_35_13_small.dmp.zip
2009-02-25 13:34 137,673 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_02_25_14_32_42_small.dmp.zip
2009-02-25 13:28 131,088 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_02_25_14_27_48_small.dmp.zip
2009-02-25 13:27 146,190 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_02_25_14_27_09_small.dmp.zip
2009-02-25 13:26 149,349 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_02_25_14_24_40_small.dmp.zip
2009-02-25 12:50 173,339 ----a-w c:\windows\Internet Logs\vsmon_2nd_2009_02_25_13_49_32_small.dmp.zip
2009-02-20 08:22 --------- d-----w c:\program files\Common Files\InstallShield
2009-02-19 16:13 --------- d-----w c:\program files\VIA
2009-02-19 16:07 --------- d-----w c:\program files\Mv2Player
2009-02-19 16:06 --------- d-----w c:\program files\ffdshow
2009-02-19 16:06 --------- d-----w c:\program files\Analog Devices
2009-02-19 15:51 --------- d-----w c:\program files\microsoft frontpage
2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll
.

------- Sigcheck -------

2004-08-04 00:56 14336 8f078ae4ed187aaabc0a305146de6716 c:\windows\$NtServicePackUninstall$\svchost.exe
2008-04-14 05:42 14336 27c6d03bcdb8cfeb96b716f3d8be3e18 c:\windows\ServicePackFiles\i386\svchost.exe
2008-04-14 05:42 14336 27c6d03bcdb8cfeb96b716f3d8be3e18 c:\windows\system32\svchost.exe

2004-08-04 00:56 108032 c6ce6eec82f187615d1002bb3bb50ed4 c:\windows\$NtServicePackUninstall$\services.exe
2008-04-14 05:42 108544 0e776ed5f7cc9f94299e70461b7b8185 c:\windows\ServicePackFiles\i386\services.exe
2008-04-14 05:42 108544 0e776ed5f7cc9f94299e70461b7b8185 c:\windows\system32\services.exe

2004-08-04 00:56 24576 39b1ffb03c2296323832acbae50d2aff c:\windows\$NtServicePackUninstall$\userinit.exe
2008-04-14 05:42 26112 a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\ServicePackFiles\i386\userinit.exe
2008-04-14 05:42 26112 a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-11-23 203720]
"windows service firewall"="c:\recycler\S-1-5-21-2360512680-8165555793-455549005-6702\isl.exe" [2009-02-26 90112]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-04-16 7569408]
"SW24"="c:\windows\system32\sw24.exe" [2006-05-17 69632]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-04-16 86016]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-25 1601304]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-21 148888]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
VIA RAID TOOL.lnk - c:\program files\VIA\RAID\raid_tool.exe [2009-02-19 565248]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-25 15:00 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= c:\program files\ffdshow\ffdshow.ax

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
--a------ 2006-10-09 11:28 139264 c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2008-04-14 05:42 1695232 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2009-02-06 18:51 3885408 c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2006-01-12 16:40 155648 c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2004-11-02 20:24 32768 c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
--------- 2008-06-18 17:15 393216 c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SW20]
-ra------ 2006-05-18 02:15 208896 c:\windows\system32\sw20.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
--a------ 2004-06-29 09:06 88363 c:\windows\AGRSMMSG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2006-04-16 15:51 1519616 c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Valve\\hl.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"d:\\Garena\\Garena.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=

R0 viasraid;viasraid;c:\windows\system32\drivers\viasraid.sys [2009-02-19 77312]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-02-25 107272]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-02-25 325128]
S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-25 298264]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\User\LOCALS~1\Temp\JIL20D.tmp --> c:\docume~1\User\LOCALS~1\Temp\JIL20D.tmp [?]
S3 gggen;Generic USB Flash Driver;c:\windows\system32\drivers\gggen.sys [2009-02-21 11648]
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-H2O - c:\program files\SyncroSoft\Pos\H2O\cledx.exe


.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\yf03em3y.default\
FF - prefs.js: browser.startup.homepage - google.rs
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-02-26 18:34:05
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


C:\sccfg.sys 20 bytes

scan completed successfully
hidden files: 1

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\User\LOCALS~1\Temp\JIL20D.tmp"
.
Completion time: 2009-02-26 18:35:43
ComboFix-quarantined-files.txt 2009-02-26 17:35:40

Pre-Run: 18,021,965,824 bytes free
Post-Run: 18,020,397,056 bytes free

275 --- E O F --- 2009-02-25 14:18:35

online
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8444
  • Gde živiš: Novi Beograd

- Preuzmi USBNoRisk na Desktop i pokreni ga duplim klikom na ikonicu programa.
- Sacekaj koji sekund dok program izvrsi inicijalno skeniranje.
- Ubacuj sve USB memorijske uredjaje redom u USB slot i svaki zadrzi u slotu po 10 sekundi.
- Ukoliko imas vise uredjaja za proveru, onda na parcetu papira zapisi kojim redom su ubacivani jer ce nam kasnije trebati taj podatak
- Kada zavrsis sa svim uredjajima, klikni desno dugme misa na sred prozora programa i odaberi opciju Save log. To ce automatski otvoriti log u Notepadu. Iskopiraj nam taj log iz Notepada na forum.

Objasnjenje: U USB memorijske uredjaje spadaju svi oni uredjaji koji po prikljucivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uredjaji itd.

offline
  • Luka Varagic
  • Pridružio: 08 Jul 2008
  • Poruke: 181
  • Gde živiš: Pirot

Ewo sad cu da okachim log,ali sta je pa sad owo...(slika)




Dopuna: 26 Feb 2009 20:29

Eo ga log....
-----------------------------------------------------------------------------
USBNoRisk 1.5 by bobby

Started at 2/26/2009 8:21:48 PM

Scanning for connected USB Mass storage...
----------------------------------------
========================================

Scanning for other storage...
----------------------------------------
C: {0f4e6b5f-fea2-11dd-8111-806d6172696f}
D: {0f4e6b60-fea2-11dd-8111-806d6172696f}
========================================


Scanning fixed storage for autorun.inf files...
----------------------------------------
Autorun.inf on C: - None
----------------------------------------

Sanitizing Shell Menu...
----------------------------------------
No key found for C:
No key found for 0f4e6b5f-fea2-11dd-8111-806d6172696f
========================================

Autorun.inf on D: - None
----------------------------------------

Sanitizing Shell Menu...
----------------------------------------
No key found for D:
No key found for 0f4e6b60-fea2-11dd-8111-806d6172696f
========================================



New device connected at 2/26/2009 8:22:30 PM

Scanning for connected USB mass storage...
----------------------------------------

========================================
New drive connected, but USBNoRisk can't find it
========================================



New device connected at 2/26/2009 8:22:40 PM

Scanning for connected USB mass storage...
----------------------------------------

========================================
New drive connected, but USBNoRisk can't find it
========================================

========================================

========================================


New device connected at 2/26/2009 8:22:43 PM

Scanning for connected USB mass storage...
----------------------------------------

========================================
New drive connected, but USBNoRisk can't find it
========================================



New device connected at 2/26/2009 8:23:04 PM

Scanning for connected USB mass storage...
----------------------------------------

========================================
New drive connected, but USBNoRisk can't find it
========================================

========================================

========================================
========================================

========================================


New device connected at 2/26/2009 8:24:18 PM

Scanning for connected USB mass storage...
----------------------------------------
J: {e24274cc-0410-11de-b04d-001d0fc39ae6}
Added J:
========================================

Scanning USB mass storage for files...
----------------------------------------
----------------------------------------
autorun.inf found on J:
----------------------------------------
File J:\autorun.inf renamed successfully

Content of J:\autorun.inf.blocked
----------------------------------------
[autorun]
open=RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe
icon=%SystemRoot%\system32\SHELL32.dll,4
action=Open folder to view files
shell\open=Open
shell\open\command=RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe
shell\open\default=1
----------------------------------------

Files referenced from J:\autorun.inf.blocked
----------------------------------------
None
----------------------------------------

Sanitizing Shell Menu...
----------------------------------------
Sanitized e24274cc-0410-11de-b04d-001d0fc39ae6
========================================

----------------------------------------

Desktop.ini on J: - None
----------------------------------------

========================================

========================================
Removed J:
========================================


New device connected at 2/26/2009 8:25:10 PM

Scanning for connected USB mass storage...
----------------------------------------
H: {29207f00-0103-11de-b025-001d0fc39ae6}
Added H:
========================================

Scanning USB mass storage for files...
----------------------------------------
----------------------------------------
Autorun.inf on H: - None
----------------------------------------

Sanitizing Shell Menu...
----------------------------------------
No key found for 29207f00-0103-11de-b025-001d0fc39ae6
========================================

----------------------------------------

desktop.ini found on H:
----------------------------------------

Content of H:\Aggro Berlin\desktop.ini
----------------------------------------

----------------------------------------

Files referenced from H:\Aggro Berlin\desktop.ini
----------------------------------------
None
----------------------------------------


Content of H:\Aggro Berlin\Aggro Ansage Nr. 5\desktop.ini
----------------------------------------

----------------------------------------

Files referenced from H:\Aggro Berlin\Aggro Ansage Nr. 5\desktop.ini
----------------------------------------
None
----------------------------------------


Content of H:\desktop.ini
----------------------------------------
[.ShellClassInfo]
HTMLInfoTipFile=file://Comment.htt
ConfirmFileOp = 0
----------------------------------------

Files referenced from H:\desktop.ini
----------------------------------------
None
----------------------------------------

========================================

========================================
Removed H:
========================================
---------------------------------------------------------------------------------------

Dopuna: 26 Feb 2009 20:39

E owo mi se i dalje pojawljuje kad pokrenem neki prog....I restartuje mi se komp...



Dopuna: 26 Feb 2009 20:40

E owo mi se i dalje pojawljuje kad pokrenem neki prog....I restartuje mi se komp...

online
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8444
  • Gde živiš: Novi Beograd

Koje si ovo uredjaje na pocetku kacio, a USBNoRisk nije mogao da ih pronadje?

Prikaci ovaj poslednju uredjaj ponovo, i otvori fajl Comment.htt uz pomoc Notepad-a i sadrzaj nam iskopiraj ovde.

Mozda ce biti potrebno da aktiviras prikaz skrivenih fajlova:

Windows XP
Klikni Start taster (u levom donjem uglu).
Izaberi My Computer.
Selektuj Tools meni i klikni na Folder Options.
Selektuj View na vrhu, unutar Hidden files and folders grupe selektuj Show hidden files and folders.
Skini kvačicu sa Hide file extensions for known types.
Skini kvačicu sa Hide protected operating system files (recommended).
Klikni YES.
Klikni OK.



Uz posecivanje sajtova poput ovog sa tvoje poslednje slike, nije ni cudo sto si se zarazio.

offline
  • Luka Varagic
  • Pridružio: 08 Jul 2008
  • Poruke: 181
  • Gde živiš: Pirot

Prwo sam ubaciwao mob,pa fleshku,pa drugu fleshku...Sta sad da radim ?!

online
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8444
  • Gde živiš: Novi Beograd

Da uradis ovo:

Citat:Prikaci ovaj poslednju uredjaj ponovo, i otvori fajl Comment.htt uz pomoc Notepad-a i sadrzaj nam iskopiraj ovde.

Ko je trenutno na forumu
 

Ukupno su 805 korisnika na forumu :: 44 registrovanih, 5 sakrivenih i 756 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., aleksmajstor, Andrija357, Apok, ArmyBoss, babaroga, BlekMen, cikadeda, Deneb, djboj, dragon986, Drug pukovnik, Dukelander, Džordžino, gagidjuric, helen1, HrcAk47, Konda, Koridor 11, Krusarac, kybonacci, LeGrandCharles, lidija2011, ljuba, lovac12, mercedesamg, Mercury, mikrimaus, Milan A. Nikolic, milekNS, Milos ZA, mrvica78, nedeljkovici, nemkea71, novator, pedja.st, repac, Sirius, Sr.Stat., vathra, vlvl, Voivoda, vranjanac29, Čivi