hs_err_pid3056

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:39:44, on 16/04/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\htpatch.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\dexon\Desktop\New Folder (3)\TR3.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [VampCenter] C:\PROGRA~1\VAMP\\vampcenter.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 6461 bytes
Imam problem od kad mi se pojavio sledeci dokument na desktopu kao notepad file i u njemu se nalazi ovo:
#
# An unexpected error has been detected by HotSpot Virtual Machine:
#
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x7c9010f3, pid=3056, tid=3920
#
# Java VM: Java HotSpot(TM) Client VM (1.5.0_06-b05 mixed mode)
# Problematic frame:
# C [ntdll.dll+0x10f3]
#

--------------- T H R E A D ---------------

Current thread (0x09047008-): JavaThread "AWT-EventQueue-3" [_thread_in_native, id=3920]

siginfo: ExceptionCode=0xc0000005, writing address 0x095a3024

Registers:
EAX=0x00000000, EBX=0x191e9d20, ECX=0x0b42f458, EDX=0x095a301c
ESP=0x0b42f468, EBP=0x0b42f4a0, ESI=0x095a3008, EDI=0x095a301c
EIP=0x7c9010f3, EFLAGS=0x00010246

Top of Stack: (sp=0x0b42f468-)
0x0b42f468: 6d0d7ce2 095a301c 09047008 090470c8
0x0b42f478: 6d0c80a3 09047008 191e9d20 191e9d20
0x0b42f488: 135a03e8 00000000 0b42f47c 0b42fae4
0x0b42f498: 6d0f34d0 00000000 0b42f4d4 1105899c
0x0b42f4a8: 090470c8 0b42f4e4 00000009 135a03e8
0x0b42f4b8: 0b42f4b0 00000000 0b42f4e4 191ec418
0x0b42f4c8: 00000000 191e9d20 0b42f4e4 0b42f504
0x0b42f4d8: 11052923 00000000 11056449 135a03e8

Instructions: (pc=0x7c9010f3)
0x7c9010e3: 24 00 00 00 00 90 90 90 90 90 8b 54 24 04 33 c0
0x7c9010f3: ff 4a 08 75 26 89 42 0c f0 ff 4a 04 7d 03 c2 04


Stack: [0x0b330000,0x0b430000), sp=0x0b42f468, free space=1021k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C [ntdll.dll+0x10f3]
j sun.awt.windows.WComponentPeer._dispose()V+0
j sun.awt.windows.WComponentPeer.disposeImpl()V+23
j sun.awt.windows.WObjectPeer.dispose()V+42
j java.awt.Component.removeNotify()V+211
j java.awt.Container.removeNotify()V+38
j java.awt.Container.removeNotify()V+38
j java.awt.Container.removeNotify()V+38
j java.awt.Container.removeNotify()V+38
j java.awt.Frame.removeNotify()V+51
j java.awt.Window$1DisposeAction.run()V+105
j java.awt.Window.doDispose()V+16
j java.awt.Window.dispose()V+1
j c.windowClosing(Ljava/awt/event/WindowEvent;)V+5
j java.awt.Window.processWindowEvent(Ljava/awt/event/WindowEvent;)V+68
j java.awt.Window.processEvent(Ljava/awt/AWTEvent;)V+69
J java.awt.Component.dispatchEventImpl(Ljava/awt/AWTEvent;)V
j java.awt.Container.dispatchEventImpl(Ljava/awt/AWTEvent;)V+42
j java.awt.Window.dispatchEventImpl(Ljava/awt/AWTEvent;)V+19
J java.awt.EventQueue.dispatchEvent(Ljava/awt/AWTEvent;)V
J java.awt.EventDispatchThread.pumpOneEventForHierarchy(ILjava/awt/Component;)Z
J java.awt.EventDispatchThread.pumpEventsForHierarchy(ILjava/awt/Conditional;Ljava/awt/Component;)V
v ~RuntimeStub::alignment_frame_return Runtime1 stub
j java.awt.EventDispatchThread.pumpEvents(ILjava/awt/Conditional;)V+4
j java.awt.EventDispatchThread.pumpEvents(Ljava/awt/Conditional;)V+3
j java.awt.EventDispatchThread.run()V+9
v ~StubRoutines::call_stub
C 0x6d6f45a9
C 0x6d749317
C 0x6d6f447a
C 0x6d6f41d7
C 0x6d70ed69
C 0x6d779fe3
C 0x6d779fb1
C [msvcrt.dll+0x2a3b0]
C [kernel32.dll+0xb683]

Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
j sun.awt.windows.WComponentPeer._dispose()V+0
j sun.awt.windows.WComponentPeer.disposeImpl()V+23
j sun.awt.windows.WObjectPeer.dispose()V+42
j java.awt.Component.removeNotify()V+211
j java.awt.Container.removeNotify()V+38
j java.awt.Container.removeNotify()V+38
j java.awt.Container.removeNotify()V+38
j java.awt.Container.removeNotify()V+38
j java.awt.Frame.removeNotify()V+51
j java.awt.Window$1DisposeAction.run()V+105
j java.awt.Window.doDispose()V+16
j java.awt.Window.dispose()V+1
j c.windowClosing(Ljava/awt/event/WindowEvent;)V+5
j java.awt.Window.processWindowEvent(Ljava/awt/event/WindowEvent;)V+68
j java.awt.Window.processEvent(Ljava/awt/AWTEvent;)V+69
J java.awt.Component.dispatchEventImpl(Ljava/awt/AWTEvent;)V
j java.awt.Container.dispatchEventImpl(Ljava/awt/AWTEvent;)V+42
j java.awt.Window.dispatchEventImpl(Ljava/awt/AWTEvent;)V+19
J java.awt.EventQueue.dispatchEvent(Ljava/awt/AWTEvent;)V
J java.awt.EventDispatchThread.pumpOneEventForHierarchy(ILjava/awt/Component;)Z
J java.awt.EventDispatchThread.pumpEventsForHierarchy(ILjava/awt/Conditional;Ljava/awt/Component;)V
v ~RuntimeStub::alignment_frame_return Runtime1 stub
j java.awt.EventDispatchThread.pumpEvents(ILjava/awt/Conditional;)V+4
j java.awt.EventDispatchThread.pumpEvents(Ljava/awt/Conditional;)V+3
j java.awt.EventDispatchThread.run()V+9
v ~StubRoutines::call_stub

--------------- P R O C E S S ---------------

Java Threads: ( => current thread )
0x03cb4330 JavaThread "IRC Protocal Engine Thread" [_thread_in_native, id=364]
=>0x09047008 JavaThread "AWT-EventQueue-3" [_thread_in_native, id=3920]
0x09435158 JavaThread "thread applet-Chat.class" [_thread_blocked, id=2104]
0x0634fbd0 JavaThread "AWT-EventQueue-0" [_thread_blocked, id=3720]
0x06220908 JavaThread "AWT-Shutdown" [_thread_blocked, id=1332]
0x065ae4a0 JavaThread "traceMsgQueueThread" daemon [_thread_blocked, id=3296]
0x03b4c2a8 JavaThread "AWT-Windows" daemon [_thread_in_native, id=644]
0x0905db40 JavaThread "Java2D Disposer" daemon [_thread_blocked, id=1128]
0x03b89520 JavaThread "Low Memory Detector" daemon [_thread_blocked, id=712]
0x03ab0c68 JavaThread "CompilerThread0" daemon [_thread_blocked, id=1736]
0x03b3fa40 JavaThread "Signal Dispatcher" daemon [_thread_blocked, id=3376]
0x03b3f660 JavaThread "Finalizer" daemon [_thread_blocked, id=3372]
0x03a6a4a0 JavaThread "Reference Handler" daemon [_thread_blocked, id=3284]
0x062f5fc8 JavaThread "main" [_thread_in_native, id=3060]

Other Threads:
0x0905faa0 VMThread [id=756]
0x03d36780 WatcherThread [id=3356]

VM state:not at safepoint (normal execution)

VM Mutex/Monitor currently owned by a thread: None

Heap
def new generation total 5440K, used 1544K [0x13050000, 0x13630000, 0x137b0000)
eden space 4864K, 28% used [0x13050000, 0x131a9f20, 0x13510000)
from space 576K, 27% used [0x135a0000, 0x135c82e0, 0x13630000)
to space 576K, 0% used [0x13510000, 0x13510000, 0x135a0000)
tenured generation total 71808K, used 54891K [0x137b0000, 0x17dd0000, 0x19050000)
the space 71808K, 76% used [0x137b0000, 0x16d4aea8, 0x16d4b000, 0x17dd0000)
compacting perm gen total 8192K, used 7950K [0x19050000, 0x19850000, 0x1d050000)
the space 8192K, 97% used [0x19050000, 0x19813828, 0x19813a00, 0x19850000)
No shared spaces configured.

Dynamic libraries:
0x00400000 - 0x00419000 C:\Program Files\Internet Explorer\IEXPLORE.EXE
0x7c900000 - 0x7c9b0000 C:\WINDOWS\system32\ntdll.dll
0x7c800000 - 0x7c8f5000 C:\WINDOWS\system32\kernel32.dll
0x77c10000 - 0x77c68000 C:\WINDOWS\system32\msvcrt.dll
0x7e410000 - 0x7e4a0000 C:\WINDOWS\system32\USER32.dll
0x77f10000 - 0x77f58000 C:\WINDOWS\system32\GDI32.dll
0x77f60000 - 0x77fd6000 C:\WINDOWS\system32\SHLWAPI.dll
0x77dd0000 - 0x77e6b000 C:\WINDOWS\system32\ADVAPI32.dll
0x77e70000 - 0x77f02000 C:\WINDOWS\system32\RPCRT4.dll
0x77fe0000 - 0x77ff1000 C:\WINDOWS\system32\Secur32.dll
0x7e290000 - 0x7e3ff000 C:\WINDOWS\system32\SHDOCVW.dll
0x77a80000 - 0x77b14000 C:\WINDOWS\system32\CRYPT32.dll
0x77b20000 - 0x77b32000 C:\WINDOWS\system32\MSASN1.dll
0x754d0000 - 0x75550000 C:\WINDOWS\system32\CRYPTUI.dll
0x76c30000 - 0x76c5e000 C:\WINDOWS\system32\WINTRUST.dll
0x76c90000 - 0x76cb8000 C:\WINDOWS\system32\IMAGEHLP.dll
0x77120000 - 0x771ab000 C:\WINDOWS\system32\OLEAUT32.dll
0x774e0000 - 0x7761d000 C:\WINDOWS\system32\ole32.dll
0x5b860000 - 0x5b8b4000 C:\WINDOWS\system32\NETAPI32.dll
0x771b0000 - 0x77256000 C:\WINDOWS\system32\WININET.dll
0x76f60000 - 0x76f8c000 C:\WINDOWS\system32\WLDAP32.dll
0x77c00000 - 0x77c08000 C:\WINDOWS\system32\VERSION.dll
0x773d0000 - 0x774d3000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
0x7c9c0000 - 0x7d1d6000 C:\WINDOWS\system32\SHELL32.dll
0x5d090000 - 0x5d12a000 C:\WINDOWS\system32\comctl32.dll
0x74720000 - 0x7476b000 C:\WINDOWS\system32\MSCTF.dll
0x75f80000 - 0x7607d000 C:\WINDOWS\system32\BROWSEUI.dll
0x20000000 - 0x20012000 C:\WINDOWS\system32\browselc.dll
0x77b40000 - 0x77b62000 C:\WINDOWS\system32\appHelp.dll
0x76fd0000 - 0x7704f000 C:\WINDOWS\system32\CLBCATQ.DLL
0x77050000 - 0x77115000 C:\WINDOWS\system32\COMRes.dll
0x7e1e0000 - 0x7e281000 C:\WINDOWS\system32\urlmon.dll
0x5ad70000 - 0x5ada8000 C:\WINDOWS\system32\UxTheme.dll
0x77a20000 - 0x77a74000 C:\WINDOWS\System32\cscui.dll
0x76600000 - 0x7661d000 C:\WINDOWS\System32\CSCDLL.dll
0x77920000 - 0x77a13000 C:\WINDOWS\system32\SETUPAPI.dll
0x62900000 - 0x629cb000 C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
0x71ad0000 - 0x71ad9000 C:\WINDOWS\system32\WSOCK32.dll
0x71ab0000 - 0x71ac7000 C:\WINDOWS\system32\WS2_32.dll
0x71aa0000 - 0x71aa8000 C:\WINDOWS\system32\WS2HELP.dll
0x76b40000 - 0x76b6d000 C:\WINDOWS\system32\WINMM.dll
0x76380000 - 0x76385000 C:\WINDOWS\system32\MSIMG32.dll
0x76d60000 - 0x76d79000 C:\WINDOWS\system32\iphlpapi.dll
0x6bd00000 - 0x6bd0d000 C:\WINDOWS\system32\SYNCOR11.DLL
0x10000000 - 0x10044000 C:\Program Files\AskBarDis\bar\bin\askBar.dll
0x60000000 - 0x6004a000 C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
0x763b0000 - 0x763f9000 C:\WINDOWS\system32\comdlg32.dll
0x4ec50000 - 0x4edf6000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\gdiplus.dll
0x7c3a0000 - 0x7c41b000 C:\WINDOWS\system32\MSVCP71.dll
0x7c340000 - 0x7c396000 C:\WINDOWS\system32\MSVCR71.dll
0x6d600000 - 0x6d62d000 C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
0x5edd0000 - 0x5ede7000 C:\WINDOWS\system32\OLEPRO32.DLL
0x29500000 - 0x29567000 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
0x27500000 - 0x2761a000 C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll
0x74c80000 - 0x74cac000 C:\WINDOWS\system32\OLEACC.dll
0x76080000 - 0x760e5000 C:\WINDOWS\system32\MSVCP60.dll
0x722b0000 - 0x722b5000 C:\WINDOWS\system32\SensApi.dll
0x76bf0000 - 0x76bfb000 C:\WINDOWS\system32\PSAPI.DLL
0x0ffd0000 - 0x0fff8000 C:\WINDOWS\system32\rsaenh.dll
0x01430000 - 0x017af000 c:\program files\google\googletoolbar1.dll
0x7d1e0000 - 0x7d49e000 C:\WINDOWS\system32\msi.dll
0x76390000 - 0x763ad000 C:\WINDOWS\system32\IMM32.dll
0x018e0000 - 0x01998000 C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
0x019b0000 - 0x01c75000 C:\WINDOWS\system32\xpsp2res.dll
0x769c0000 - 0x76a73000 C:\WINDOWS\system32\userenv.dll
0x75e60000 - 0x75e73000 C:\WINDOWS\system32\cryptnet.dll
0x4d4f0000 - 0x4d548000 C:\WINDOWS\system32\WINHTTP.dll
0x74980000 - 0x74a94000 C:\WINDOWS\system32\msxml3.dll
0x75e90000 - 0x75f40000 C:\WINDOWS\system32\SXS.DLL
0x325c0000 - 0x325d2000 C:\Program Files\Microsoft Office\OFFICE11\msohev.dll
0x71b20000 - 0x71b32000 C:\WINDOWS\system32\MPR.dll
0x75f60000 - 0x75f67000 C:\WINDOWS\System32\drprov.dll
0x71c10000 - 0x71c1e000 C:\WINDOWS\System32\ntlanman.dll
0x71cd0000 - 0x71ce7000 C:\WINDOWS\System32\NETUI0.dll
0x71c90000 - 0x71cd0000 C:\WINDOWS\System32\NETUI1.dll
0x71c80000 - 0x71c87000 C:\WINDOWS\System32\NETRAP.dll
0x71bf0000 - 0x71c03000 C:\WINDOWS\System32\SAMLIB.dll
0x75f70000 - 0x75f79000 C:\WINDOWS\System32\davclnt.dll
0x5a500000 - 0x5a550000 C:\Program Files\Windows Live\Messenger\fsshext.8.5.1302.1018.dll
0x78130000 - 0x781cb000 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll
0x73d70000 - 0x73d83000 C:\WINDOWS\system32\shgina.dll
0x75970000 - 0x75a67000 C:\WINDOWS\system32\MSGINA.dll
0x76360000 - 0x76370000 C:\WINDOWS\system32\WINSTA.dll
0x74320000 - 0x7435d000 C:\WINDOWS\system32\ODBC32.dll
0x018b0000 - 0x018c7000 C:\WINDOWS\system32\odbcint.dll
0x593f0000 - 0x59482000 C:\WINDOWS\system32\wiashext.dll
0x73ba0000 - 0x73bb3000 C:\WINDOWS\system32\sti.dll
0x74ae0000 - 0x74ae7000 C:\WINDOWS\system32\CFGMGR32.dll
0x02d10000 - 0x02d98000 C:\WINDOWS\system32\shdoclc.dll
0x75cf0000 - 0x75d81000 C:\WINDOWS\system32\mlang.dll
0x71a50000 - 0x71a8f000 C:\WINDOWS\system32\mswsock.dll
0x662b0000 - 0x66308000 C:\WINDOWS\system32\hnetcfg.dll
0x71a90000 - 0x71a98000 C:\WINDOWS\System32\wshtcpip.dll
0x76ee0000 - 0x76f1c000 C:\WINDOWS\system32\RASAPI32.DLL
0x76e90000 - 0x76ea2000 C:\WINDOWS\system32\rasman.dll
0x76eb0000 - 0x76edf000 C:\WINDOWS\system32\TAPI32.dll
0x76e80000 - 0x76e8e000 C:\WINDOWS\system32\rtutils.dll
0x77c70000 - 0x77c93000 C:\WINDOWS\system32\msv1_0.dll
0x76f20000 - 0x76f47000 C:\WINDOWS\system32\DNSAPI.dll
0x76fc0000 - 0x76fc6000 C:\WINDOWS\system32\rasadhlp.dll
0x7dc30000 - 0x7df21000 C:\WINDOWS\system32\mshtml.dll
0x746c0000 - 0x746e7000 C:\WINDOWS\system32\msls31.dll
0x746f0000 - 0x7471a000 C:\WINDOWS\system32\msimtf.dll
0x75c50000 - 0x75cbf000 C:\WINDOWS\system32\jscript.dll
0x66880000 - 0x6688c000 C:\WINDOWS\system32\ImgUtil.dll
0x5e310000 - 0x5e31c000 C:\WINDOWS\system32\pngfilt.dll
0x76200000 - 0x76271000 C:\WINDOWS\system32\mshtmled.dll
0x6bdd0000 - 0x6be06000 C:\WINDOWS\system32\dxtrans.dll
0x76b20000 - 0x76b31000 C:\WINDOWS\system32\ATL.DLL
0x6d430000 - 0x6d43a000 C:\WINDOWS\system32\ddrawex.dll
0x73760000 - 0x737a9000 C:\WINDOWS\system32\DDRAW.dll
0x73bc0000 - 0x73bc6000 C:\WINDOWS\system32\DCIMAN32.dll
0x6be10000 - 0x6be6a000 C:\WINDOWS\system32\dxtmsft.dll
0x72d20000 - 0x72d29000 C:\WINDOWS\system32\wdmaud.drv
0x72d10000 - 0x72d18000 C:\WINDOWS\system32\msacm32.drv
0x77be0000 - 0x77bf5000 C:\WINDOWS\system32\MSACM32.dll
0x77bd0000 - 0x77bd7000 C:\WINDOWS\system32\midimap.dll
0x06600000 - 0x06a75000 C:\WINDOWS\system32\macromed\flash\Flash10a.ocx
0x73b30000 - 0x73b45000 C:\WINDOWS\system32\mscms.dll
0x73000000 - 0x73026000 C:\WINDOWS\system32\WINSPOOL.DRV
0x767f0000 - 0x76817000 C:\WINDOWS\system32\schannel.dll
0x74d90000 - 0x74dfb000 C:\WINDOWS\system32\USP10.dll
0x00ca0000 - 0x00cab000 C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
0x66e50000 - 0x66e90000 C:\WINDOWS\system32\iepeers.dll
0x71d40000 - 0x71d5c000 C:\WINDOWS\system32\actxprxy.dll
0x6cc60000 - 0x6cc6b000 C:\WINDOWS\system32\dispex.dll
0x6d590000 - 0x6d5a2000 C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
0x6d400000 - 0x6d417000 C:\Program Files\Java\jre1.5.0_06\bin\jpiexp32.dll

VM Arguments:
jvm_args: -Xbootclasspath/a:C:\PROGRA~1\Java\JRE15~1.0_0\lib\deploy.jar;C:\PROGRA~1\Java\JRE15~1.0_0\lib\plugin.jar -Xmx96m -Djavaplugin.maxHeapSize=96m -Xverify:remote -Djavaplugin.version=1.5.0_06 -Djavaplugin.nodotversion=150_06 -Dbrowser=sun.plugin -DtrustProxy=true -Dapplication.home=C:\PROGRA~1\Java\JRE15~1.0_0 -Djava.protocol.handler.pkgs=sun.plugin.net.protocol -Djavaplugin.vm.options=-Djava.class.path=C:\PROGRA~1\Java\JRE15~1.0_0\classes -Xbootclasspath/a:C:\PROGRA~1\Java\JRE15~1.0_0\lib\deploy.jar;C:\PROGRA~1\Java\JRE15~1.0_0\lib\plugin.jar -Xmx96m -Djavaplugin.maxHeapSize=96m -Xverify:remote -Djavaplugin.version=1.5.0_06 -Djavaplugin.nodotversion=150_06 -Dbrowser=sun.plugin -DtrustProxy=true -Dapplication.home=C:\PROGRA~1\Java\JRE15~1.0_0 -Djava.protocol.handler.pkgs=sun.plugin.net.protocol vfprintf
java_command: <unknown>
Launcher Type: generic

Environment Variables:
PATH=C:\PROGRA~1\Java\JRE15~1.0_0\bin;C:\Program Files\Internet Explorer;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\PC Connectivity Solution;.
OS=Windows_NT
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel



--------------- S Y S T E M ---------------

OS: Windows XP Build 2600 Service Pack 2

CPU:total 1 family 15, cmov, cx8, fxsr, mmx, sse, sse2, ht

Memory: 4k page, physical 228896k(12320k free), swap 765168k(227824k free)

vm_info: Java HotSpot(TM) Client VM (1.5.0_06-b05) for windows-x86, built on Nov 10 2005 11:12:14 by "java_re" with MS VC++ 6.0

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav...


Citat:Imam problem od kad mi se pojavio sledeci dokument na desktopu kao notepad file

Kako se ispoljava taj problem?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pa od kad mi se pojavilo jako slabo mi otvara stranice na kompjuteru i na internetu.Pustao sam avast nekoliko puta da skenira ali ne pronalazi nista...A konekcija mi je uzasno usporena i citav rad kompjutera...
Sta da preduzem povodom toga?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi gmer.zip sa ovog linka i sačuvaj na Desktopu.
Raspakuj ga u neki folder.

Dupli klik na gmer.exe za početak: Izaberi Rootkit/Malware Tab na vrhu.
Klikni na Scan.
Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati rezultate skeniranja u Clipboard.
Iskoristi opciju Paste u Notepad-u da bi to prebacio u tekst. Snimi taj tekst iz Notepada kao file1.txt.
Ponovi ovo isto sa Autostart Tab-om. Snimi taj tekst iz Notepada kao file2.txt.

Iskoristi opciju Prikači fajl ispod polja za pisanje poruke na forumu, i prikači nam ovde ta dva fajla koja smo malopre snimili.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 16 Apr 2009 20:55

Nikako ne mogu da nadjem opciju Clipboard.Gde se nalazi taj file?

Dopuna: 16 Apr 2009 21:02

U redu je shvatio sam i odradeo sve kako si mi naveo u uputstvu.Evo okacio sam fajlove.


mycity.rs/must-login.png


mycity.rs/must-login.png

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ovde ne bi trebalo biti malware-a.


File koji se pojavio na Desktopu... Objašnjenje je ovde:

http://java.com/en/download/help/5000041400.xml


Ukratko, treba da deinstaliraš trenutnu/staru verziju Jave (Control Panel > Add/Remove Programs) a zatim da instaliraš novu:

http://www.java.com/en/download/index.jsp



Što se tiče brzine rada komplutera... Deinstaliraj nepotrebne programe, obriši privremene file-ove, defragmentuj hard disk. Verujem da će to malo da pomogne.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

U redu hvala ti puno na trudu i vremenu.Imao bih jos jedno pitanje da ti postavim ako je ovde kompetntno za tako nesto da se pita...Izgubio sam drajvere koje sam dobio kad sam kupovao kompjuter,pa me zanima da li mozda znas gde mogu da pogledam na racunaru ako je ikako moguce koji su ti drajveri jer su mi oni potrebni za reinstalaciji kompjutera...bio bih ti veoma zahvalan ako znas da mi objasnis...Naklon veliki i pozdrav!

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zamolio bih te da to pitanje postaviš u forumu Windows (nije da ne želim pomoći, već se u Ambulanti rešavaju samo problemi vezani za malware, tako da...).

Poštovanje...