MyCity » Ambulanta -> Arhiva Ambulante » start windows problem

start windows problem

Napisano na dan: 17.6.2008

start windows problem

Sledeća strana

Pagination

Odgovori

canke Poslao: 17 Jun 2008 13:04 Idi na vrh
offline canke Građanin Pridružio: 06 Maj 2008 Poruke: 90	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kod podizanja windowsa XP ikonice se pojave 3 puta na kratko. Posle toga desktop ostaje prazan. Skeniro sam iz safe moda sa NOD-om .Pronasao je: C:\windows\system32\CBXQHATQ.dll-AVARIAT OF WIN 32...

Profil

helen1 Poslao: 17 Jun 2008 13:45 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradi kako je u ovoj temi receno: http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

Profil

canke Poslao: 17 Jun 2008 14:42 Idi na vrh
offline canke Građanin Pridružio: 06 Maj 2008 Poruke: 90	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of HijackThis v1.99.1 Scan saved at 2:32:08 PM, on 17-Jun-08 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\System32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\acs.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\pctspk.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\ATK0100\Hcontrol.exe C:\WINDOWS\ATK0100\ATKOSD.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe c:\program files\winamp toolbar\WinampTbServer.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\stamenko\Desktop\Lek\TR3.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.rs/ R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {444FC7D1-8F08-4377-B39B-4D75AE0E9F70} - C:\WINDOWS\system32\ssqOFUNH.dll O2 - BHO: (no name) - {73F91148-79C0-4BC6-8427-EDD3737C1C08} - C:\WINDOWS\system32\cbXQHAtQ.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.0.0.0\PDFCreator_Toolbar.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKLM\..\Run: [Windows Sound] svdhost.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TWCU\TWCU.exe" -nogui O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe" O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [Flashget] C:\Program Files\FlashGet\flashget.exe /min O4 - HKLM\..\Run: [BM39412636] Rundll32.exe "C:\WINDOWS\system32\kywaeboh.dll",s O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [3a7215aa] rundll32.exe "C:\WINDOWS\system32\nweiifjq.dll",b O4 - HKLM\..\RunServices: [Windows Sound] svdhost.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O4 - Global Startup: Picture Package VCD Maker.lnk = ? O4 - Global Startup: Picture Package Menu.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\inetrepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\inetrepl.dll O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\inetrepl.dll O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{DC33E2EC-BDAB-485B-9C5F-9C0423EB064B}: NameServer = 77.46.137.2 O20 - Winlogon Notify: ssqOFUNH - C:\WINDOWS\SYSTEM32\ssqOFUNH.dll O23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C:\WINDOWS\System32\acs.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InCD Helper (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe O23 - Service: Service - Unknown owner - C:\Program Files\BIEN Soft\dxflines\dxflines.exe (file missing)

Profil

helen1 Poslao: 17 Jun 2008 14:50 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

canke Poslao: 17 Jun 2008 15:26 Idi na vrh
offline canke Građanin Pridružio: 06 Maj 2008 Poruke: 90	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-06-16.2 - stamenko 2008-06-17 15:08:39.4 - FAT32x86 Running from: C:\Documents and Settings\stamenko\Desktop\ComboFix.exe * Created a new restore point * Resident AV is active WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\BM39412636.xml C:\WINDOWS\pskt.ini C:\WINDOWS\system32\Cache C:\WINDOWS\system32\cbXQHAtQ.dll C:\WINDOWS\system32\drivers\npf.sys C:\WINDOWS\system32\fccbASih.dll C:\WINDOWS\system32\fccBSigh.dll C:\WINDOWS\system32\fccCvtTM.dll C:\WINDOWS\system32\jkklmMET.dll C:\WINDOWS\system32\ljJBTMFy.dll C:\WINDOWS\system32\mcrh.tmp C:\WINDOWS\system32\MSINET.oca C:\WINDOWS\system32\packet.dll C:\WINDOWS\system32\qjfiiewn.ini C:\WINDOWS\system32\QtAHQXbc.ini C:\WINDOWS\system32\QtAHQXbc.ini2 C:\WINDOWS\system32\rqRHBRKA.dll C:\WINDOWS\system32\rqRIxUmk.dll C:\WINDOWS\system32\ssqOFUNH.dll C:\WINDOWS\system32\svdhost.exe C:\WINDOWS\system32\vtUMfGwU.dll C:\WINDOWS\system32\wpcap.dll C:\WINDOWS\system32\yayvWomJ.dll C:\WINDOWS\system32\yaywvsqN.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_IPRIP -------\Service_Iprip -------\Service_NPF ((((((((((((((((((((((((( Files Created from 2008-05-17 to 2008-06-17 ))))))))))))))))))))))))))))))) . 2008-06-16 23:19 . 2008-06-16 23:19 <DIR> d---s---- C:\Documents and Settings\Administrator 2008-06-16 22:59 . 2004-08-03 23:04 156,672 --a------ C:\WINDOWS\system32\dllcache\winzm.ime 2008-06-16 22:59 . 2004-08-03 23:04 156,672 --a------ C:\WINDOWS\system32\dllcache\winsp.ime 2008-06-16 22:59 . 2004-08-03 23:04 156,672 --a------ C:\WINDOWS\system32\dllcache\winpy.ime 2008-06-16 22:59 . 2004-08-03 23:04 79,360 --a------ C:\WINDOWS\system32\dllcache\winar30.ime 2008-06-16 22:59 . 2001-08-23 14:00 69,120 --a------ C:\WINDOWS\system32\dllcache\wingb.ime 2008-06-16 22:59 . 2004-08-03 23:04 65,536 --a------ C:\WINDOWS\system32\dllcache\winime.ime 2008-06-16 22:59 . 2001-08-23 14:00 28,288 --a------ C:\WINDOWS\system32\dllcache\xjis.nls 2008-06-16 22:57 . 2001-08-23 14:00 13,463,552 --a------ C:\WINDOWS\system32\dllcache\hwxjpn.dll 2008-06-16 22:53 . 2008-06-16 22:53 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest 2008-06-16 22:52 . 2008-06-16 22:52 749 -rah----- C:\WINDOWS\WindowsShell.Manifest 2008-06-16 22:52 . 2008-06-16 22:52 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest 2008-06-16 22:52 . 2008-06-16 22:52 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest 2008-06-16 22:52 . 2008-06-16 22:52 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest 2008-06-16 22:52 . 2008-06-16 22:52 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest 2008-06-16 22:41 . 2004-08-04 00:56 363,520 --a------ C:\WINDOWS\system32\dllcache\w3svc.dll 2008-06-16 22:41 . 2004-08-04 00:56 259,072 --a------ C:\WINDOWS\system32\dllcache\snmpcl.dll 2008-06-16 22:41 . 2004-08-04 00:56 61,440 --a------ C:\WINDOWS\system32\dllcache\httpod51.dll 2008-06-16 22:41 . 2004-08-04 00:56 46,592 --a------ C:\WINDOWS\system32\dllcache\sspifilt.dll 2008-06-16 22:41 . 2004-08-04 00:56 40,448 --a------ C:\WINDOWS\system32\dllcache\snmpthrd.dll 2008-06-16 22:41 . 2004-08-04 00:56 8,192 --a------ C:\WINDOWS\system32\dllcache\httpmb51.dll 2008-06-16 22:41 . 2001-08-23 14:00 7,680 --a------ C:\WINDOWS\system32\dllcache\inetmgr.exe 2008-06-16 22:40 . 2004-08-04 00:56 152,576 --a------ C:\WINDOWS\system32\irftp.exe 2008-06-16 22:40 . 2004-08-03 23:00 87,424 --a------ C:\WINDOWS\system32\drivers\irda.sys 2008-06-16 22:40 . 2004-08-04 00:56 27,136 --a------ C:\WINDOWS\system32\irmon.dll 2008-06-16 22:40 . 2004-08-04 00:56 8,192 --a------ C:\WINDOWS\system32\wshirda.dll 2008-06-16 22:25 . 2001-08-17 13:51 19,584 --a------ C:\WINDOWS\system32\drivers\rasirda.sys 2008-06-16 22:23 . 2004-08-04 01:57 1,086,058 -ra------ C:\WINDOWS\SET4D.tmp 2008-06-16 22:23 . 2004-08-04 02:03 1,042,903 -ra------ C:\WINDOWS\SET4A.tmp 2008-06-16 22:23 . 2004-08-04 01:58 13,753 -ra------ C:\WINDOWS\SET5A.tmp 2008-06-14 22:28 . 2008-06-14 22:28 <DIR> d-------- C:\Program Files\bevel gear 2008-06-14 17:12 . 2008-06-14 17:12 <DIR> d-------- C:\Documents and Settings\stamenko\WLSCompanion 2008-06-14 05:33 . 2008-06-14 05:33 <DIR> d-------- C:\Program Files\Winamp Toolbar 2008-06-14 05:33 . 2008-06-14 05:33 <DIR> d-------- C:\Program Files\Winamp Remote 2008-06-14 05:33 . 2008-06-14 05:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Winamp Toolbar 2008-06-14 05:33 . 2008-06-14 05:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks 2008-06-13 16:14 . 2008-06-13 16:14 <DIR> d-------- C:\Program Files\Rainbow Technologies 2008-06-13 16:09 . 2008-06-13 16:09 <DIR> d-------- C:\Program Files\ArtCAM Pro 8 2008-06-12 16:11 . 2008-06-12 16:11 <DIR> d-------- C:\CNC XYZ 2008-06-11 12:35 . 2008-06-11 12:35 <DIR> d--hs---- C:\FOUND.013 2008-06-11 10:04 . 2006-06-13 08:44 <DIR> d-------- C:\Program Files\TurnAddons 2008-06-11 10:04 . 2006-08-20 10:31 <DIR> d-------- C:\Program Files\Addons 2008-06-11 10:03 . 2008-06-11 10:03 <DIR> d-------- C:\Program Files\Subroutines 2008-06-11 10:03 . 2008-06-11 10:03 <DIR> d-------- C:\Program Files\SETUP 2008-06-11 10:03 . 2006-06-30 09:01 <DIR> d-------- C:\Program Files\macros 2008-06-11 10:03 . 2008-06-11 10:03 <DIR> d-------- C:\Program Files\Help 2008-06-11 10:03 . 2008-06-11 10:03 <DIR> d-------- C:\Program Files\GCode 2008-06-11 10:03 . 2006-02-21 10:29 <DIR> d-------- C:\Program Files\Bitmaps 2008-06-11 10:03 . 2006-08-18 20:25 5,040 --a------ C:\Program Files\LazyCamsDocs.zip 2008-06-11 10:03 . 2004-11-27 20:23 1,280 --a------ C:\Program Files\Outputs.bin 2008-06-11 10:03 . 2004-11-27 20:23 1,280 --a------ C:\Program Files\Inputs.bin 2008-06-11 10:03 . 2004-11-27 20:23 1,280 --a------ C:\Program Files\Data.bin 2008-06-11 00:58 . 2008-06-11 00:58 <DIR> d-------- C:\Program Files\New Folder(2) 2008-06-10 21:38 . 2008-06-10 21:38 <DIR> d-------- C:\DELCAM.ARTCAM.PRO.V2008-MAGNiTUDE 2008-06-10 15:21 . 2008-06-10 15:21 <DIR> d-------- C:\Program Files\a2 2008-06-10 14:06 . 2008-06-10 14:07 <DIR> d-------- C:\Program Files\free-downloads.net 2008-06-10 06:11 . 2008-06-10 06:11 <DIR> d-------- C:\Documents and Settings\stamenko\Application Data\Thinstall 2008-06-10 06:04 . 2008-06-10 06:04 <DIR> d-------- C:\Artsoft Mach3 + (zabranjeno) 2008-06-07 08:03 . 2008-06-07 08:03 <DIR> d-------- C:\Program Files\Alcohol Soft 2008-06-03 21:36 . 2008-06-03 21:36 <DIR> d-------- C:\Program Files\Optimik 2008-06-03 14:52 . 2008-06-03 14:52 <DIR> d-------- C:\Program Files\Blender Foundation 2008-06-03 14:52 . 2008-06-03 14:52 <DIR> d-------- C:\Documents and Settings\stamenko\Application Data\Blender Foundation 2008-05-24 00:51 . 2008-05-24 00:51 <DIR> d-------- C:\Program Files\gCAD3D 2008-05-20 09:24 . 2008-05-20 09:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adobe(2) 2008-05-17 23:20 . 2008-06-17 15:06 41 --a------ C:\WINDOWS\Filzip.ini 2008-05-17 22:55 . 2008-05-17 22:55 <DIR> d-------- C:\Program Files\Filzip . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-12 14:32 397 ----a-w C:\Program Files\CNC 3d Upravljac.lnk 2008-06-12 12:40 8,704 --sha-w C:\Program Files\Thumbs.db 2008-06-11 10:13 55 ----a-w C:\Program Files\LastErrors.txt 2008-06-11 10:13 37,340 ----a-w C:\Program Files\Mach3Mill.xml 2008-06-11 10:08 9 ----a-w C:\Program Files\Profile.txt 2008-06-11 10:04 19,636 ----a-w C:\Program Files\.xml 2008-03-28 21:05 774,144 ----a-w C:\Program Files\RngInterstitial.dll 2008-03-25 13:28 264,097 ----a-w C:\WINDOWS\PDFCreator_Toolbar_Uninstaller_4679.exe 2008-03-15 22:30 2,449 ----a-w C:\Program Files\Microsoft FrontPage.lnk 2007-12-09 05:24 2,492 ----a-w C:\Documents and Settings\stamenko\Application Data\ViewerApp.dat 2006-08-17 03:11 104,096 ----a-w C:\Program Files\Mach3.noapic 2006-08-16 11:16 44,744 ------w C:\Program Files\Mach3_4axis.xml 2006-07-14 02:15 99,505 ----a-w C:\Program Files\1024.set 2006-07-13 21:19 50,487 ----a-w C:\Program Files\1024.lset 2006-05-04 06:00 30,054 ----a-w C:\Program Files\LegacyYellow.bmp 2006-05-04 06:00 30,054 ----a-w C:\Program Files\LegacyRed.bmp 2006-05-04 06:00 30,054 ----a-w C:\Program Files\LegacyGreen.bmp 2006-04-29 00:25 30,054 ----a-w C:\Program Files\LegacyRedGreen.bmp 2006-02-06 21:03 633 ----a-w C:\Program Files\Leds.txt 2006-02-06 20:44 386 ----a-w C:\Program Files\Buttons.txt 2006-02-06 20:01 501 ----a-w C:\Program Files\DROs.txt 2005-12-08 13:53 979 ----a-w C:\Program Files\ReadMe.txt 2005-10-18 00:23 42,804 ----a-w C:\Program Files\Mach3Turn.xml 2005-07-13 06:47 10,479 ----a-w C:\Program Files\m1076.m1s 2004-10-19 06:57 7,234 ----a-w C:\Program Files\MachTurn.txt 2004-05-09 01:30 136,124 ----a-w C:\Program Files\diags.wav 2003-09-11 04:59 44 ----a-w C:\Program Files\TurnJogIncs.txt 2003-09-11 04:59 44 ----a-w C:\Program Files\MillJogIncs.txt . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}] 2008-03-20 00:36 1267040 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= "C:\Program Files\Winamp Toolbar\winamptb.dll" [2008-03-20 00:36 1267040] [HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2008-03-20 00:36 1267040] [HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-15 10:40 68856] "Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" [2008-04-01 03:54 507904] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 22:56 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Hcontrol"="C:\WINDOWS\ATK0100\Hcontrol.exe" [2004-01-19 11:07 65536] "ATIModeChange"="Ati2mdxx.exe" [2004-04-01 21:43 28672 C:\WINDOWS\system32\Ati2mdxx.exe] "MsmqIntCert"="regsvr32 /s mqrt.dll" [] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-04-01 20:49 36352] "TWCU"="C:\Program Files\TP-LINK\TWCU\TWCU.exe" [2005-07-14 11:40 413696] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-28 21:28 185896] "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2003-10-24 09:23 110592] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2003-10-24 09:23 618496] "RemoteControl"="C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe" [2003-10-31 19:42 32768] "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2006-11-28 16:50 917504] "NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 16:30 81920] "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [ ] "Flashget"="C:\Program Files\FlashGet\flashget.exe" [2007-09-25 10:29 2007088] "BM39412636"="C:\WINDOWS\system32\kywaeboh.dll" [ ] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-08-25 21:10 335872] "3a7215aa"="C:\WINDOWS\system32\nweiifjq.dll" [ ] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-03 22:59 44544] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2006-11-21 11:00:02 394856] Picture Package VCD Maker.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Applications\Residence.exe [2005-05-03 16:15:29 106496] Picture Package Menu.lnk - C:\Program Files\Sony Corporation\Picture Package\Picture Package Menu\SonyTray.exe [2005-05-03 16:15:32 151552] Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 12:05:56 65588] AutoCAD Startup Accelerator.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe [2004-02-25 02:35:22 10872] Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696] Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-04-26 13:33:18 98304] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "MSACM.CEGSM"= mobilev.acm "SENTINEL"= snti386.dll [HKLM\~\startupfolder\C:^Documents and Settings^stamenko^Start Menu^Programs^Startup^ubisoft register.lnk] path=C:\Documents and Settings\stamenko\Start Menu\Programs\Startup\ubisoft register.lnk backup=C:\WINDOWS\pss\ubisoft register.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "FreezeScreenSaver"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\FlashGet\\FlashGet.exe"= "C:\\Program Files\\ASUS\\AP Utilities\\Wireless.exe"= "C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"= "C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"= "C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"= "C:\\Documents and Settings\\STAMENKO\\Application Data\\Thinstall\\CatiaV5Lite\\400000c00002i\\CNEXT.EXE"= "C:\\Program Files\\uTorrent\\uTorrent.exe"= R1 hwinterface;hwinterface;C:\WINDOWS\system32\Drivers\hwinterface.sys [2005-10-31 17:50] R2 ddnt;ddnt;C:\WINDOWS\system32\drivers\ddnt.sys [2006-06-02 22:48] R2 DLPortIO;DriverLINX Port I/O Driver;C:\WINDOWS\System32\DRIVERS\DLPortIO.SYS [1999-01-10 19:00] R2 io.sys;IO.DLL Driver;C:\WINDOWS\System32\drivers\io.sys [2006-01-25 03:27] R2 Pctspk;PCTEL Speaker Phone;C:\WINDOWS\system32\pctspk.exe [2001-08-17 22:36] R3 Mach2;Mach2 Pulseing Service;C:\WINDOWS\system32\Drivers\Mach2.sys [2003-11-08 02:44] R3 Mach3;Mach3 Pulseing Service;C:\WINDOWS\system32\Drivers\Mach3.sys [2006-03-16 06:07] R3 Pulser;CNC Pulseing Service;C:\WINDOWS\system32\Drivers\Pulser.sys [2002-05-02 23:49] S3 Ptserli;PCTEL Serial Device Driver for INTEL;C:\WINDOWS\system32\DRIVERS\ptserli.sys [2001-08-17 13:28] S3 zlportio;zlportio;C:\Program Files\cp09632\temp\zlportio.sys [] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] \Shell\AutoRun\command - E:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23c7e1c0-37a0-11dd-9230-00112fde9b0a}] \Shell\AutoRun\command - E:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4f240481-072b-11dd-91ea-00112fde9b0a}] \Shell\AutoRun\command - E:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{52931fd0-0d84-11dd-91ef-00112fde9b0a}] \Shell\AutoRun\command - E:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d0e8d0b1-0150-11dd-91d9-00112fde9b0a}] \Shell\AutoRun\command - E:\AutoRun.exe . Contents of the 'Scheduled Tasks' folder "2008-06-15 19:29:02 C:\WINDOWS\Tasks\{016E2323-7D1D-49B1-8431-57F665BC6E08}_TRADICIJ-PHDH6Y_stamenko.job" - C:\WINDOWS\system32\mobsync.exe "2008-06-13 07:00:08 C:\WINDOWS\Tasks\{530A5723-BBAF-4112-AB67-22168A3C95BF}_TRADICIJ-PHDH6Y_stamenko.job" - C:\WINDOWS\system32\mobsync.exeM /Schedule= "2008-06-16 14:00:02 C:\WINDOWS\Tasks\{97F2A16A-507D-4D7C-A9E6-AB9CE53792DD}_TRADICIJ-PHDH6Y_stamenko.job" - C:\WINDOWS\system32\mobsync.exeM /Schedule= "2008-06-13 14:00:02 C:\WINDOWS\Tasks\{EDCBC54F-DDE2-4E5B-B274-DE8192C27494}_TRADICIJ-PHDH6Y_stamenko.job" - C:\WINDOWS\system32\mobsync.exeM /Schedule= . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-06-17 15:16:28 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE C:\WINDOWS\SYSTEM32\ACS.EXE C:\WINDOWS\SYSTEM32\MSDTC.EXE C:\WINDOWS\SYSTEM32\INETSRV\INETINFO.EXE C:\PROGRAM FILES\AHEAD\INCD\INCDSRV.EXE C:\PROGRAM FILES\ESET\NOD32KRN.EXE C:\WINDOWS\SYSTEM32\TCPSVCS.EXE C:\WINDOWS\SYSTEM32\SNMP.EXE C:\WINDOWS\SYSTEM32\WSCNTFY.EXE C:\WINDOWS\ATK0100\ATKOSD.EXE C:\Program Files\Real\RealPlayer\RealPlay.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\program files\winamp toolbar\WinampTbServer.exe . ************************************************************************ . Completion time: 2008-06-17 15:20:32 - machine was rebooted ComboFix2.txt 2008-05-07 18:21:14 ComboFix-quarantined-files.txt 2008-06-17 13:20:26 Pre-Run: 30,708,826,112 bytes free Post-Run: 31,316,639,744 bytes free 273 --- E O F --- 2008-05-02 20:03:52

Profil

dr_Bora Poslao: 18 Jun 2008 20:32 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Poz... helen1 je zauzet, stoga ću ti ja dati dalja upustva. Pokreni HijackThis, skeniraj i čekiraj sledeće linije: O4 - HKLM\..\Run: [BM39412636] Rundll32.exe "C:\WINDOWS\system32\kywaeboh.dll",s O4 - HKLM\..\Run: [3a7215aa] rundll32.exe "C:\WINDOWS\system32\nweiifjq.dll",b Klikni Fix checked. Kakvo je sada stanje? Primetiš li neke probleme?

Profil

canke Poslao: 18 Jun 2008 21:52 Idi na vrh
offline canke Građanin Pridružio: 06 Maj 2008 Poruke: 90	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradijo sam ovo. Juce mi se stanje popravilo kada sam deistaliro Mozilu. Dali je smijem ponovo istalirati Dopuna: 18 Jun 2008 21:52 Uradijo sam ovo. Juce mi se stanje popravilo kada sam deistaliro Mozilu. Dali je smijem ponovo istalirati? Sad je racunar usporijo

Profil

dr_Bora Poslao: 18 Jun 2008 22:34 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl:

Profil

MyCity » Ambulanta -> Arhiva Ambulante » start windows problem

Ko je trenutno na forumu

Ukupno su 1133 korisnika na forumu :: 34 registrovanih, 3 sakrivenih i 1096 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., anbeast, Boris BM, darionis, DonRumataEstorski, dulleo, dushan, esx66, Fog of War, galerija, krkalon, Kubovac, Leonov, Litostroton, mercedesamg, Milos82, nikoladim, Oscar, ostoja, ozzy, panzerwaffe, procesor, raptorsi, ruger357, Srle993, stegonosa, Trpe Grozni, vathra, vladetije, vladulns, vukovi, Wrangler, yrraf, zeo

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by