MyCity » Ambulanta -> Arhiva Ambulante » zamrzava mi se windovs

zamrzava mi se windovs

Napisano na dan: 4.2.2011

Strana:
1
2

zamrzava mi se windovs

Sledeća strana

Pagination

Odgovori

Strana:
1
2

njuskalo75 Poslao: 04 Feb 2011 10:06 Idi na vrh
offline njuskalo75 Ugledni građanin Dalibor Pridružio: 03 Feb 2011 Poruke: 447 Gde živiš: Nemačka	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Postovani vec odredjeni period mi se zamrzava tj.koci mi program na racunaru,ok mesec dana imam sa tim problem,skenirao sam sa spybotom,tuneup 2009,perfecdisk 11,anti malware,i posle svega mi se kao malo pokrene ceo sistem i nakon kratkog perioda ista stvar kocenje seckanje stranica tako da nemogu da napustim stranicu jednostavno se sve zablokira,pa vas molim ako mozete da mi pomognete... DDS (Ver_10-12-12.02) - NTFSx86 Run by MILANA at 21:38:28,15 on cet 03.02.2011 Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_23 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.508 [GMT 1:00] AV: avast! Antivirus Enabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\HDThemeEnabler.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe C:\WINDOWS\system32\Ati2evxx.exe svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\VMSnap3.EXE C:\WINDOWS\Domino.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\Cyberlink\Shared Files\brs.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe C:\Documents and Settings\MILANA\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe C:\Program Files\Raxco\PerfectDisk\PDAgent.exe C:\WINDOWS\system32\IoctlSvc.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\System32\TUProgSt.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Raxco\PerfectDisk\PDEngine.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Documents and Settings\MILANA\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\MILANA\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\MILANA\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\MILANA\My Documents\Downloads\dds (1).scr ============== Pseudo HJT Report =============== uStart Page = [Link mogu videti samo ulogovani korisnici] uSearch Page = [Link mogu videti samo ulogovani korisnici] uDefault_Search_URL = [Link mogu videti samo ulogovani korisnici] uSearch Bar = [Link mogu videti samo ulogovani korisnici] uSearchAssistant = [Link mogu videti samo ulogovani korisnici] uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici] uURLSearchHooks: SHOUTcast Toolbar Search Class: {14f0d511-36a2-41ca-ae01-ba4f87282c97} - c:\program files\shoutcast radio toolbar\shoutcasttb.dll uURLSearchHooks: H - No File mURLSearchHooks: SHOUTcast Toolbar Search Class: {14f0d511-36a2-41ca-ae01-ba4f87282c97} - c:\program files\shoutcast radio toolbar\shoutcasttb.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: {64182481-4F71-486b-A045-B233BD0DA8FC} - No File BHO: SHOUTcast Loader: {ccec60fc-2608-4e58-9659-3ffc159e8ea9} - c:\program files\shoutcast radio toolbar\shoutcasttb.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: SHOUTcast Radio Toolbar: {0457331d-8ca6-4f97-9c26-6a9ef2b2dba8} - c:\program files\shoutcast radio toolbar\shoutcasttb.dll TB: {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - No File TB: {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - No File TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [Google Update] "c:\documents and settings\milana\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe" uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [StartCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe mRun: [VMSnap3] c:\windows\VMSnap3.EXE mRun: [Domino] c:\windows\Domino.EXE mRun: [WinampAgent] "c:\program files\winamp\winampa.exe" mRun: [BDRegion] c:\program files\cyberlink\shared files\brs.exe mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\milana\startm~1\programs\startup\rocket~1.lnk - c:\windows\bricopacks\vista inspirat 2\rocketdock\RocketDock.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe uPolicies-explorer: TaskbarNoNotification = 1 (0x1) IE: &Search IE: &SHOUTcast Search - c:\documents and settings\all users\application data\shoutcast radio toolbar\ietoolbar\resources\en-us\local\search.html IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - [Link mogu videti samo ulogovani korisnici] Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll Hosts: 127.0.0.1 www.spywareinfo.com ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\milana\applic~1\mozilla\firefox\profiles\o4pc4r91.default\ FF - prefs.js: browser.search.defaulturl - [Link mogu videti samo ulogovani korisnici]{searchTerms} FF - prefs.js: browser.search.selectedEngine - Search FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici] FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici] FF - component: c:\documents and settings\milana\application data\mozilla\firefox\profiles\o4pc4r91.default\extensions\{12e4c684-c03e-4e4d-85bc-0c065e7a9489}\components\WinampPlayer.dll FF - component: c:\documents and settings\milana\application data\mozilla\firefox\profiles\o4pc4r91.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\FFExternalAlert.dll FF - component: c:\documents and settings\milana\application data\mozilla\firefox\profiles\o4pc4r91.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\RadioWMPCore.dll FF - component: c:\documents and settings\milana\application data\mozilla\firefox\profiles\o4pc4r91.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll FF - plugin: c:\documents and settings\milana\application data\mozilla\plugins\npgoogletalk.dll FF - plugin: c:\documents and settings\milana\application data\mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: c:\documents and settings\milana\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll FF - Ext: Earth From Orbit Toolbar: efotoolbar@earth-from-orbit - c:\program files\mozilla firefox\extensions\efotoolbar@earth-from-orbit FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Conduit Engine : [Link mogu videti samo ulogovani korisnici] - %profile%\extensions\engine@conduit.com FF - Ext: SHOUTcast Radio Toolbar: {12e4c684-c03e-4e4d-85bc-0c065e7a9489} - %profile%\extensions\{12e4c684-c03e-4e4d-85bc-0c065e7a9489} FF - Ext: FlashGot: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - %profile%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} FF - Ext: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - %profile%\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} FF - Ext: AddonFox: {ad48108d-92a6-4eb9-87e4-978aca1dbae4} - %profile%\extensions\{ad48108d-92a6-4eb9-87e4-978aca1dbae4} FF - Ext: Earth From Orbit Toolbar: efotoolbar@earth-from-orbit - %profile%\extensions\efotoolbar@earth-from-orbit FF - Ext: Java Quick Starter: [Link mogu videti samo ulogovani korisnici] - c:\program files\java\jre6\lib\deploy\jqs\ff ============= SERVICES / DRIVERS =============== R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-2-1 294608] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-2-1 17744] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-2-1 40384] R2 HdThemeEnabler;Hyperdesk Theme Enabler;c:\windows\HDThemeEnabler.exe [2008-7-1 102400] R3 NTProcDrv;Process creation detector for NT.;c:\windows\temp\drv1.tmp [2011-2-2 3584] R3 vmfilter303;vmfilter303;c:\windows\system32\drivers\vmfilter303.sys [2009-12-13 428160] S1 avgio;avgio;\??\c:\program files\avira\antivir desktop\avgio.sys --> c:\program files\avira\antivir desktop\avgio.sys [?] S2 AntiVirSchedulerService;Avira AntiVir Scheduler;"c:\program files\avira\antivir desktop\sched.exe" --> c:\program files\avira\antivir desktop\sched.exe [?] S2 AntiVirService;Avira AntiVir Guard;"c:\program files\avira\antivir desktop\avguard.exe" --> c:\program files\avira\antivir desktop\avguard.exe [?] S2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys --> c:\windows\system32\drivers\avgntflt.sys [?] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-8-19 136176] S3 SetupNTGLM7X;SetupNTGLM7X;\??\i:\ntglm7x.sys --> i:\NTGLM7X.sys [?] =============== Created Last 30 ================ 2011-02-01 09:41:30 38848 ----a-w- c:\windows\avastSS.scr 2011-02-01 08:40:39 3218 ----a-w- c:\windows\system32\PerfStringBackup.TMP 2011-02-01 08:31:39 -------- d-----w- c:\windows\system32\wbem\repository\FS 2011-02-01 08:31:39 -------- d-----w- c:\windows\system32\wbem\Repository 2011-01-31 20:48:59 65536 -c--a-w- c:\windows\system32\dllcache\EXCH_mailmsg.dll 2011-01-31 20:47:59 94208 -c--a-w- c:\windows\system32\dllcache\fpencode.dll 2011-01-31 20:37:59 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll 2011-01-31 20:37:59 24661 ----a-w- c:\windows\system32\spxcoins.dll 2011-01-31 20:37:59 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll 2011-01-31 20:37:59 13312 ----a-w- c:\windows\system32\irclass.dll 2011-01-31 20:37:53 13753 ----a-r- c:\windows\SET3E.tmp 2011-01-31 20:37:48 1086058 ----a-r- c:\windows\SET32.tmp 2011-01-31 20:37:47 1042903 ----a-r- c:\windows\SET2F.tmp 2011-01-31 19:29:39 -------- d-----w- c:\docume~1\milana\locals~1\applic~1\WMTools Downloaded Files 2011-01-24 14:30:41 25048 ----a-w- c:\program files\mozilla firefox\components\browserdirprovider.dll 2011-01-24 14:30:41 140248 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll 2011-01-23 10:35:43 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys ==================== Find3M ==================== 2010-12-06 07:31:14 237320 ----a-w- c:\windows\system32\PDBoot.exe 2010-11-12 17:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-11-12 15:34:10 73728 ----a-w- c:\windows\system32\javacpl.cpl ============= FINISH: 21:39:06,87 =============== [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici]

Profil

helen1 Poslao: 04 Feb 2011 13:55 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	1Ovo se svidja korisniku: njuskalo75 Registruj se da bi pohvalio/la poruku! Zdravo, Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop: Bleeping Computer Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: deaktiviraj zaštitni softver (uputstvo); zatvori pokrenute programe; dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

njuskalo75 Poslao: 07 Feb 2011 09:10 Idi na vrh
offline njuskalo75 Ugledni građanin Dalibor Pridružio: 03 Feb 2011 Poruke: 447 Gde živiš: Nemačka	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 11-02-06.01 - MILANA 07.02.2011 8:58.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.623 [GMT 1:00] Running from: c:\documents and settings\MILANA\Desktop\ComboFix.exe AV: avast! Antivirus Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\desktop.ini c:\documents and settings\All Users\Application Data\page c:\documents and settings\All Users\Application Data\page\page.ico c:\documents and settings\All Users\Application Data\page\page.URL c:\documents and settings\biljana\Application Data\facemoods.com c:\documents and settings\dalibor\Application Data\facemoods.com c:\documents and settings\MILANA\Application Data\EurekaLog c:\documents and settings\MILANA\Application Data\facemoods.com c:\windows\system32\Drivers\viinbe.sys c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_MYWEBSEARCHSERVICE ((((((((((((((((((((((((( Files Created from 2011-01-07 to 2011-02-07 ))))))))))))))))))))))))))))))) . 2011-02-01 09:41 . 2011-01-13 08:41 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-02-01 09:41 . 2011-01-13 08:37 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-02-01 09:41 . 2011-01-13 08:37 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-02-01 09:41 . 2011-01-13 08:40 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-02-01 09:41 . 2011-01-13 08:40 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2011-02-01 09:41 . 2011-01-13 08:39 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys 2011-02-01 09:41 . 2011-01-13 08:37 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-02-01 09:41 . 2011-01-13 08:47 38848 ----a-w- c:\windows\avastSS.scr 2011-02-01 09:41 . 2011-01-13 08:47 188216 ----a-w- c:\windows\system32\aswBoot.exe 2011-02-01 08:40 . 2011-02-01 08:40 3218 ----a-w- c:\windows\system32\PerfStringBackup.TMP 2011-02-01 08:31 . 2011-02-01 08:31 -------- d-----w- c:\windows\system32\wbem\Repository 2011-01-31 20:48 . 2004-08-03 22:56 22528 -c--a-w- c:\windows\system32\dllcache\lpdsvc.dll 2011-01-31 20:47 . 2003-03-24 15:52 94208 -c--a-w- c:\windows\system32\dllcache\fpencode.dll 2011-01-31 20:37 . 2001-08-23 12:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll 2011-01-31 20:37 . 2001-08-23 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll 2011-01-31 20:37 . 2001-08-23 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll 2011-01-31 20:37 . 2001-08-23 12:00 13312 ----a-w- c:\windows\system32\irclass.dll 2011-01-31 20:37 . 2004-08-03 23:58 13753 ----a-r- c:\windows\SET3E.tmp 2011-01-31 20:37 . 2004-08-03 23:57 1086058 ----a-r- c:\windows\SET32.tmp 2011-01-31 20:37 . 2004-08-04 00:03 1042903 ----a-r- c:\windows\SET2F.tmp 2011-01-31 19:29 . 2011-01-31 19:29 -------- d-----w- c:\documents and settings\MILANA\Local Settings\Application Data\WMTools Downloaded Files 2011-01-24 14:30 . 2010-12-03 20:01 25048 ----a-w- c:\program files\Mozilla Firefox\components\browserdirprovider.dll 2011-01-24 14:30 . 2010-12-03 20:01 140248 ----a-w- c:\program files\Mozilla Firefox\components\brwsrcmp.dll 2011-01-23 10:35 . 2004-08-03 22:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-06 07:31 . 2010-12-06 07:31 237320 ----a-w- c:\windows\system32\PDBoot.exe 2010-11-12 17:53 . 2010-05-07 19:09 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-11-12 15:34 . 2010-05-08 10:28 73728 ----a-w- c:\windows\system32\javacpl.cpl . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Update"="c:\documents and settings\MILANA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-06-15 136176] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2007-10-12 16384512] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "VMSnap3"="c:\windows\VMSnap3.EXE" [2006-08-30 49152] "Domino"="c:\windows\Domino.EXE" [2006-06-28 49152] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-12-09 74752] "BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2009-08-28 75048] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2008-05-28 570664] "avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] c:\documents and settings\dalibor\Start Menu\Programs\Startup\ RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-18 630784] c:\documents and settings\MILANA\Start Menu\Programs\Startup\ RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-18 630784] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-10-9 610365] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "TaskbarNoNotification"= 1 (0x1) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk * [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\SpacialAudio\\SAMBC\\SAMBC.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "c:\\Program Files\\Raptr\\raptr.exe"= "c:\\Program Files\\Raptr\\raptr_im.exe"= "c:\\Documents and Settings\\MILANA\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Winamp\\winamp.exe"= "c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.2.2011 10:41 294608] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.2.2011 10:41 17744] R2 HdThemeEnabler;Hyperdesk Theme Enabler;c:\windows\HDThemeEnabler.exe [1.7.2008 12:16 102400] R3 NTProcDrv;Process creation detector for NT.;c:\windows\Temp\drv1.tmp [7.2.2011 9:03 3584] R3 vmfilter303;vmfilter303;c:\windows\system32\drivers\vmfilter303.sys [13.12.2009 23:53 428160] S2 AntiVirSchedulerService;Avira AntiVir Scheduler;"c:\program files\Avira\AntiVir Desktop\sched.exe" --> c:\program files\Avira\AntiVir Desktop\sched.exe [?] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [19.8.2010 13:21 136176] S3 SetupNTGLM7X;SetupNTGLM7X;\??\i:\ntglm7x.sys --> i:\NTGLM7X.sys [?] . Contents of the 'Scheduled Tasks' folder 2011-02-07 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-11-16 15:54] 2011-02-05 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2011-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-19 12:21] 2011-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-19 12:21] 2011-02-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-789336058-839522115-1003Core.job - c:\documents and settings\MILANA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-06-15 21:53] 2011-02-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-789336058-839522115-1003UA.job - c:\documents and settings\MILANA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-06-15 21:53] 2011-02-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1229272821-839522115-1003Core.job - c:\documents and settings\dalibor\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-30 14:38] 2011-02-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1229272821-839522115-1003UA.job - c:\documents and settings\dalibor\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-30 14:38] . . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] uDefault_Search_URL = [Link mogu videti samo ulogovani korisnici] uSearchAssistant = [Link mogu videti samo ulogovani korisnici] uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici] IE: &SHOUTcast Search - c:\documents and settings\All Users\Application Data\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - ProfilePath - c:\documents and settings\MILANA\Application Data\Mozilla\Firefox\Profiles\o4pc4r91.default\ FF - prefs.js: browser.search.defaulturl - [Link mogu videti samo ulogovani korisnici]{searchTerms} FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici] FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici] FF - Ext: Earth From Orbit Toolbar: efotoolbar@earth-from-orbit - c:\program files\Mozilla Firefox\extensions\efotoolbar@earth-from-orbit FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Conduit Engine : [Link mogu videti samo ulogovani korisnici] - %profile%\extensions\engine@conduit.com FF - Ext: SHOUTcast Radio Toolbar: {12e4c684-c03e-4e4d-85bc-0c065e7a9489} - %profile%\extensions\{12e4c684-c03e-4e4d-85bc-0c065e7a9489} FF - Ext: FlashGot: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - %profile%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} FF - Ext: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - %profile%\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} FF - Ext: AddonFox: {ad48108d-92a6-4eb9-87e4-978aca1dbae4} - %profile%\extensions\{ad48108d-92a6-4eb9-87e4-978aca1dbae4} FF - Ext: Earth From Orbit Toolbar: efotoolbar@earth-from-orbit - %profile%\extensions\efotoolbar@earth-from-orbit FF - Ext: Java Quick Starter: [Link mogu videti samo ulogovani korisnici] - c:\program files\Java\jre6\lib\deploy\jqs\ff . - - - - ORPHANS REMOVED - - - - URLSearchHooks-{9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file) BHO-{64182481-4F71-486b-A045-B233BD0DA8FC} - (no file) Toolbar-{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2011-02-07 09:03 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NTProcDrv] "ImagePath"="\??\c:\windows\TEMP\drv1.tmp" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(724) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(2624) c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe c:\windows\RTHDCPL.EXE c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE c:\documents and settings\MILANA\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe c:\program files\Raxco\PerfectDisk\PDAgent.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe c:\windows\system32\IoctlSvc.exe c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE c:\windows\System32\TUProgSt.exe c:\program files\Canon\CAL\CALMAIN.exe c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe c:\program files\Raxco\PerfectDisk\PDEngine.exe c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe . ************************************************************************ . Completion time: 2011-02-07 09:07:23 - machine was rebooted ComboFix-quarantined-files.txt 2011-02-07 08:07 Pre-Run: 3.831.226.368 bytes free Post-Run: 4.415.660.032 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - 500D9D588D380D0FAD6824E738F3A43B

Profil

helen1 Poslao: 07 Feb 2011 12:52 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	1Ovo se svidja korisniku: njuskalo75 Registruj se da bi pohvalio/la poruku! Uploaduj mi: c:\windows\Temp\drv1.tmp preko sledeceg linka: [Link mogu videti samo ulogovani korisnici]

Profil

njuskalo75 Poslao: 07 Feb 2011 14:10 Idi na vrh
offline njuskalo75 Ugledni građanin Dalibor Pridružio: 03 Feb 2011 Poruke: 447 Gde živiš: Nemačka	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uspesno sam odradio tako mi je pisalo da napisem Vama

Profil

helen1 Poslao: 07 Feb 2011 14:40 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `Firefox:: FF - ProfilePath - c:\documents and settings\MILANA\Application Data\Mozilla\Firefox\Profiles\o4pc4r91.default\ FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=wbst FF - prefs.js: keyword.URL - hxxp://www.searchsave.com/index.php?sm=addbarsearch&source=1&term= DDS:: uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=ZCman000&ptb=aUvtWWpPf_mjpxm9qiZohg` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

njuskalo75 Poslao: 07 Feb 2011 16:50 Idi na vrh
offline njuskalo75 Ugledni građanin Dalibor Pridružio: 03 Feb 2011 Poruke: 447 Gde živiš: Nemačka	1Ovo se svidja korisniku: goran9888 Registruj se da bi pohvalio/la poruku! Napisano: 07 Feb 2011 16:43 Firefox:: FF - ProfilePath - c:\documents and settings\MILANA\Application Data\Mozilla\Firefox\Profiles\o4pc4r91.default\ FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici] FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici] DDS:: uStart Page = [Link mogu videti samo ulogovani korisnici] 11-02-06.02 - MILANA 07.02.2011 16:35:26.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.599 [GMT 1:00] Running from: c:\documents and settings\MILANA\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\MILANA\Desktop\CFScript.txt AV: Norton Internet Security Disabled/Updated {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton Internet Security Enabled {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} . ((((((((((((((((((((((((( Files Created from 2011-01-07 to 2011-02-07 ))))))))))))))))))))))))))))))) . 2011-02-07 10:37 . 2011-02-07 10:37 126512 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2011-02-07 10:37 . 2011-02-07 10:37 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL 2011-02-07 10:37 . 2011-02-07 11:32 -------- d-----w- c:\program files\Common Files\Symantec Shared 2011-02-07 10:37 . 2011-02-07 10:37 -------- d-----w- c:\program files\Symantec 2011-02-07 10:36 . 2011-02-07 11:08 -------- d-----w- c:\windows\system32\drivers\NIS 2011-02-07 10:36 . 2011-02-07 10:36 -------- d-----w- c:\program files\Norton Internet Security 2011-02-07 10:36 . 2011-02-07 10:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton 2011-02-07 10:36 . 2011-02-07 10:36 -------- d-----w- c:\program files\NortonInstaller 2011-02-01 08:40 . 2011-02-01 08:40 3218 ----a-w- c:\windows\system32\PerfStringBackup.TMP 2011-02-01 08:31 . 2011-02-01 08:31 -------- d-----w- c:\windows\system32\wbem\Repository 2011-01-31 20:48 . 2004-08-03 22:56 22528 -c--a-w- c:\windows\system32\dllcache\lpdsvc.dll 2011-01-31 20:47 . 2003-03-24 15:52 94208 -c--a-w- c:\windows\system32\dllcache\fpencode.dll 2011-01-31 20:37 . 2001-08-23 12:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll 2011-01-31 20:37 . 2001-08-23 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll 2011-01-31 20:37 . 2001-08-23 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll 2011-01-31 20:37 . 2001-08-23 12:00 13312 ----a-w- c:\windows\system32\irclass.dll 2011-01-31 20:37 . 2004-08-03 23:58 13753 ----a-r- c:\windows\SET3E.tmp 2011-01-31 20:37 . 2004-08-03 23:57 1086058 ----a-r- c:\windows\SET32.tmp 2011-01-31 20:37 . 2004-08-04 00:03 1042903 ----a-r- c:\windows\SET2F.tmp 2011-01-31 19:29 . 2011-01-31 19:29 -------- d-----w- c:\documents and settings\MILANA\Local Settings\Application Data\WMTools Downloaded Files 2011-01-24 14:30 . 2010-12-03 20:01 25048 ----a-w- c:\program files\Mozilla Firefox\components\browserdirprovider.dll 2011-01-24 14:30 . 2010-12-03 20:01 140248 ----a-w- c:\program files\Mozilla Firefox\components\brwsrcmp.dll 2011-01-23 10:35 . 2004-08-03 22:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-06 07:31 . 2010-12-06 07:31 237320 ----a-w- c:\windows\system32\PDBoot.exe 2010-11-12 17:53 . 2010-05-07 19:09 472808 ----a-w- c:\windows\system32\deployJava1.dll 2010-11-12 15:34 . 2010-05-08 10:28 73728 ----a-w- c:\windows\system32\javacpl.cpl . ((((((((((((((((((((((((((((( [Link mogu videti samo ulogovani korisnici] ))))))))))))))))))))))))))))))))))))))))) . + 2011-02-07 15:18 . 2011-02-07 15:18 16384 c:\windows\Temp\Perflib_Perfdata_6ac.dat + 2011-02-07 15:16 . 2011-02-07 15:16 16384 c:\windows\Temp\Perflib_Perfdata_458.dat + 2011-02-07 11:00 . 2010-11-23 04:08 50168 c:\windows\system32\drivers\NIS\1205000.07D\srtspx.sys + 2011-02-07 11:00 . 2010-12-01 05:23 330360 c:\windows\system32\drivers\NIS\1205000.07D\symtdiv.sys + 2011-02-07 11:00 . 2010-12-01 05:24 368248 c:\windows\system32\drivers\NIS\1205000.07D\symtdi.sys + 2011-02-07 11:00 . 2010-12-01 05:24 295032 c:\windows\system32\drivers\NIS\1205000.07D\symnets.sys + 2011-02-07 11:00 . 2010-11-18 02:59 652336 c:\windows\system32\drivers\NIS\1205000.07D\symefa.sys + 2011-02-07 11:00 . 2010-10-21 02:28 340016 c:\windows\system32\drivers\NIS\1205000.07D\symds.sys + 2011-02-07 11:00 . 2010-11-23 04:08 509560 c:\windows\system32\drivers\NIS\1205000.07D\srtsp.sys + 2011-02-07 11:00 . 2010-11-16 01:45 136312 c:\windows\system32\drivers\NIS\1205000.07D\ironx86.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Google Update"="c:\documents and settings\MILANA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-06-15 136176] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2007-10-12 16384512] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "VMSnap3"="c:\windows\VMSnap3.EXE" [2006-08-30 49152] "Domino"="c:\windows\Domino.EXE" [2006-06-28 49152] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-12-09 74752] "BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2009-08-28 75048] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2008-05-28 570664] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] c:\documents and settings\dalibor\Start Menu\Programs\Startup\ RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-18 630784] c:\documents and settings\MILANA\Start Menu\Programs\Startup\ RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-3-18 630784] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2005-10-9 610365] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "TaskbarNoNotification"= 1 (0x1) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk * [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"= "c:\\Program Files\\Raptr\\raptr.exe"= "c:\\Program Files\\Raptr\\raptr_im.exe"= "c:\\Documents and Settings\\MILANA\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Winamp\\winamp.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1205000.07D\symds.sys [7.2.2011 12:00 340016] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1205000.07D\symefa.sys [7.2.2011 12:00 652336] R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20110114.001\BHDrvx86.sys [23.11.2010 3:20 691248] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1205000.07D\ironx86.sys [7.2.2011 12:00 136312] R2 HdThemeEnabler;Hyperdesk Theme Enabler;c:\windows\HDThemeEnabler.exe [1.7.2008 12:16 102400] R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\18.5.0.125\ccsvchst.exe [7.2.2011 11:59 130000] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [7.2.2011 11:59 102448] R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20110204.001\IDSXpx86.sys [7.2.2011 12:00 341944] R3 NTProcDrv;Process creation detector for NT.;\??\c:\windows\TEMP\drv1.tmp --> c:\windows\TEMP\drv1.tmp [?] R3 vmfilter303;vmfilter303;c:\windows\system32\drivers\vmfilter303.sys [13.12.2009 23:53 428160] S2 AntiVirSchedulerService;Avira AntiVir Scheduler;"c:\program files\Avira\AntiVir Desktop\sched.exe" --> c:\program files\Avira\AntiVir Desktop\sched.exe [?] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [19.8.2010 13:21 136176] S3 SetupNTGLM7X;SetupNTGLM7X;\??\i:\ntglm7x.sys --> i:\NTGLM7X.sys [?] --- Other Services/Drivers In Memory --- NewlyCreated - ERASERUTILREBOOTDRV . Contents of the 'Scheduled Tasks' folder 2011-02-07 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-11-16 15:54] 2011-02-05 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34] 2011-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-19 12:21] 2011-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-08-19 12:21] 2011-02-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-789336058-839522115-1003Core.job - c:\documents and settings\MILANA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-06-15 21:53] 2011-02-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-789336058-839522115-1003UA.job - c:\documents and settings\MILANA\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-06-15 21:53] 2011-02-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1229272821-839522115-1003Core.job - c:\documents and settings\dalibor\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-30 14:38] 2011-02-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1844237615-1229272821-839522115-1003UA.job - c:\documents and settings\dalibor\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-30 14:38] . . ------- Supplementary Scan ------- . uDefault_Search_URL = [Link mogu videti samo ulogovani korisnici] uSearchAssistant = [Link mogu videti samo ulogovani korisnici] uSearchURL,(Default) = [Link mogu videti samo ulogovani korisnici] IE: &SHOUTcast Search - c:\documents and settings\All Users\Application Data\SHOUTcast Radio Toolbar\ieToolbar\resources\en-US\local\search.html IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - ProfilePath - c:\documents and settings\MILANA\Application Data\Mozilla\Firefox\Profiles\o4pc4r91.default\ FF - prefs.js: browser.search.defaulturl - [Link mogu videti samo ulogovani korisnici]{searchTerms} FF - Ext: Earth From Orbit Toolbar: efotoolbar@earth-from-orbit - c:\program files\Mozilla Firefox\extensions\efotoolbar@earth-from-orbit FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Conduit Engine : [Link mogu videti samo ulogovani korisnici] - %profile%\extensions\engine@conduit.com FF - Ext: SHOUTcast Radio Toolbar: {12e4c684-c03e-4e4d-85bc-0c065e7a9489} - %profile%\extensions\{12e4c684-c03e-4e4d-85bc-0c065e7a9489} FF - Ext: FlashGot: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - %profile%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} FF - Ext: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - %profile%\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} FF - Ext: AddonFox: {ad48108d-92a6-4eb9-87e4-978aca1dbae4} - %profile%\extensions\{ad48108d-92a6-4eb9-87e4-978aca1dbae4} FF - Ext: Earth From Orbit Toolbar: efotoolbar@earth-from-orbit - %profile%\extensions\efotoolbar@earth-from-orbit FF - Ext: Java Quick Starter: [Link mogu videti samo ulogovani korisnici] - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: Norton IPS: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn . - - - - ORPHANS REMOVED - - - - BHO-{64182481-4F71-486b-A045-B233BD0DA8FC} - (no file) ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2011-02-07 16:38 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS] "ImagePath"="\"c:\program files\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\18.5.0.125\diMaster.dll\" /prefetch:1" [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NTProcDrv] "ImagePath"="\??\c:\windows\TEMP\drv1.tmp" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(720) c:\windows\system32\Ati2evxx.dll . Completion time: 2011-02-07 16:40:59 ComboFix-quarantined-files.txt 2011-02-07 15:40 ComboFix2.txt 2011-02-07 08:07 Pre-Run: 3.935.174.656 bytes free Post-Run: 3.930.574.848 bytes free - - End Of File - - BA064C4F092890667F5B6A84535D063B Dopuna: 07 Feb 2011 16:45 Doktore bolje mi radi racunar...svaka cast... Dopuna: 07 Feb 2011 16:50 dali je moguce sve da se sredi...

Profil

helen1 Poslao: 07 Feb 2011 17:29 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Koje jos probleme imas?

Profil

njuskalo75 Poslao: 08 Feb 2011 07:47 Idi na vrh
offline njuskalo75 Ugledni građanin Dalibor Pridružio: 03 Feb 2011 Poruke: 447 Gde živiš: Nemačka	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 07 Feb 2011 17:41 Pa ove samo sto mi Vi resavate...dali cete uspeti da mi to sredite...Veliki pozdrav... Dopuna: 08 Feb 2011 7:47 Imam jedan problem jos poodavno,kada ubacim cd u kuciste i hocu da na njega narezujem pocne mi ponekada narezivati pa zablokira i javi mi se neka greska koja mi koci,a nekada mi neda da izbacim cd iz kucista van tek kada se racunar ohladi onda ga mogu izvaditi,ponekada i druge programe zablokira tako da je tesko sklonim sa desktopa,za narezivanje sam koristio cd burner i nero,ali sa oba ista prica

Profil

helen1 Poslao: 08 Feb 2011 13:51 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8652 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U folderu nadji sledeci fajl i posalji mi ga: C:\Qoobox\Quarantine\c\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll.vir preko: [Link mogu videti samo ulogovani korisnici]

Profil

MyCity » Ambulanta -> Arhiva Ambulante » zamrzava mi se windovs

Ko je trenutno na forumu

Ukupno su 641 korisnika na forumu :: 20 registrovanih, 2 sakrivenih i 619 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 20624 - dana 04 Apr 2026 04:18

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: acatomic, Baždaranac, Botovac, dejandr, Grochow, grunff2, hyla, Kawasaki1000, Koridor, lord sir giga, marsi, Michellefromrezistance, Mićko, Mzee, Naj-Turs, Podmukli neprijatelj, raster12, shaja1, shiro, Tastatura ratnik

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by