offline
- snoop
- Genghis Khan
- Pridružio: 18 Apr 2003
- Poruke: 8134
- Gde živiš: U kesici gumenih bombona...
|
Problem je iz ove teme
http://www.mycity.rs/Windows/Cudan-problem-sa-win7.html
A logovi od dds su prikaceni.
Za gmer mi se avira buni, a njegova zamena ne radi nikako.
https://www.mycity.rs/must-login.png
DDS (Ver_10-03-17.01) - NTFSx86
Run by admin at 15:16:18.19 on Wed 08/04/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_20
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.1023.331 [GMT 2:00]
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\svchost.exe -k HsfXAudioService
C:\Windows\system32\conhost.exe
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Program Files\Microsoft SQL Server\MSSQL10_50.HIVE\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\uTorrent\uTorrent.exe
D:\_Active\FSCapture\FSCapture.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\admin\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uInternet Settings,ProxyOverride = *.local
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Microsoft Web Test Recorder 9.0 Helper: {e31ce47f-c268-41ba-897b-b415e613947d} - c:\program files\microsoft visual studio 9.0\common7\ide\privateassemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO90.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: Web Test Recorder 9.0: {3c7adade-d1e8-45d2-bdcd-7f8d8b99b2a2} - mscoree.dll
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
uRun: [Google Update] "c:\users\admin\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [Enterra Icon Keeper] "c:\program files\enterra\icon keeper\IcnKeepr.exe" ssp /s
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
StartupFolder: c:\users\admin\appdata\roaming\micros~1\windows\startm~1\programs\startup\fastst~1.lnk - d:\_active\fscapture\FSCapture.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\mif5ba~1\office12\GR469A~1.DLL
================= FIREFOX ===================
FF - ProfilePath - c:\users\admin\appdata\roaming\mozilla\firefox\profiles\akrm5r97.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: c:\users\admin\appdata\roaming\mozilla\firefox\profiles\akrm5r97.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - component: c:\users\admin\appdata\roaming\mozilla\firefox\profiles\akrm5r97.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}\platform\winnt_x86-msvc\components\pagespeed.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\programdata\id software\quakelive\npquakezero.dll
FF - plugin: c:\users\admin\appdata\local\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
============= SERVICES / DRIVERS ===============
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2010-6-17 135336]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2010-6-17 267432]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2010-6-17 60936]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2009-7-14 20992]
R2 MSSQL$HIVE;SQL Server (HIVE);c:\program files\microsoft sql server\mssql10_50.hive\mssql\binn\sqlservr.exe [2010-4-3 42884448]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 SrvHsfPCI;SrvHsfPCI;c:\windows\system32\drivers\VSTBS23.SYS [2009-7-14 266752]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-14 661504]
S3 VSPerfDrv90;Performance Tools Driver 9.0;c:\program files\microsoft visual studio 9.0\team tools\performance tools\VSPerfDrv90.sys [2007-9-4 55664]
S3 yukonx86;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter;c:\windows\system32\drivers\yukonx86.sys [2010-6-19 176256]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2010-4-3 44896]
S4 RsFx0150;RsFx0150 Driver;c:\windows\system32\drivers\RsFx0150.sys [2010-4-3 240608]
S4 SQLAgent$HIVE;SQL Server Agent (HIVE);c:\program files\microsoft sql server\mssql10_50.hive\mssql\binn\SQLAGENT.EXE [2010-4-3 367456]
=============== Created Last 30 ================
2010-08-04 00:34:08 0 d-----w- c:\program files\Trend Micro
2010-08-04 00:32:08 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-08-03 18:34:21 1611801 ----a-w- C:\_DSC0113.jpg
2010-08-03 18:32:20 0 d-----w- c:\program files\ReaConverter 5.5 Pro
2010-08-03 18:24:26 0 d-----w- c:\program files\FreeTime
2010-08-02 16:44:38 9934 ----a-w- C:\asd.sql
2010-08-01 15:21:02 188968 ---ha-w- c:\windows\system32\mlfcache.dat
2010-07-28 16:54:26 32592 ----a-w- c:\windows\system32\msonpmon.dll
2010-07-28 16:45:57 0 d-----w- c:\program files\Microsoft Visual Studio 8
2010-07-25 19:48:10 0 d-----w- c:\program files\8BallClub
2010-07-25 19:39:41 0 d-----w- c:\program files\Kenny's Adventure Demo
2010-07-25 13:51:14 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-07-20 13:03:05 0 d-----w- c:\windows\system32\Adobe
2010-07-14 20:14:45 1225142 ----a-w- c:\windows\system32\CurrentWallpaper.Bmp
2010-07-14 08:14:44 292864 ----a-w- c:\windows\system32\apphelp.dll
2010-07-11 16:46:23 0 d-----w- c:\program files\Microsoft Visual Studio .NET
2010-07-11 16:46:22 0 d-----w- C:\DX90SDK
2010-07-07 21:24:12 0 d-----w- c:\programdata\WhereIsIt
2010-07-07 21:24:12 0 d-----w- c:\program files\WhereIsIt
2010-07-06 10:07:14 0 d-----w- c:\program files\CCleaner
==================== Find3M ====================
2010-08-03 17:50:40 139336 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-08-03 17:50:26 214720 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-07-04 09:06:38 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-25 21:27:36 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2010-06-22 10:27:00 60672 ----a-w- c:\windows\fonts\ctimes_0.ttf
2010-06-22 10:27:00 60672 ----a-w- c:\windows\fonts\ctimes.ttf
2010-06-17 12:20:26 60416 ----a-w- c:\windows\ALCFDRTM.EXE
2010-06-17 11:15:08 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-06-17 11:15:08 2373712 ----a-w- c:\windows\system32\pbsvc.exe
2010-06-07 15:48:04 66664 ----a-w- c:\windows\system32\nvshext.dll
2010-06-07 15:48:04 13917800 ----a-w- c:\windows\system32\nvcpl.dll
2010-06-07 15:48:04 1331816 ----a-w- c:\windows\system32\nvsvc.dll
2010-06-07 15:48:04 129640 ----a-w- c:\windows\system32\nvvsvc.exe
2010-06-07 15:48:04 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-06-02 02:55:30 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-06-02 02:55:30 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-06-02 02:55:30 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-05-27 07:24:13 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-05-27 03:49:37 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-05-26 09:41:02 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-05-26 09:41:02 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-05-26 09:41:02 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-05-26 09:41:02 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-05-26 09:41:02 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-05-23 10:15:36 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2010-05-23 10:11:50 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2010-05-23 10:11:48 3181568 ----a-w- c:\windows\system32\mf.dll
2010-05-21 12:14:28 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-21 05:18:06 977920 ----a-w- c:\windows\system32\wininet.dll
2010-05-12 14:09:06 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-05-09 09:18:43 804864 ----a-w- c:\windows\system32\FntCache.dll
2010-05-09 09:18:41 1076224 ----a-w- c:\windows\system32\DWrite.dll
2010-05-09 09:18:39 737280 ----a-w- c:\windows\system32\d2d1.dll
2010-05-09 09:18:39 218624 ----a-w- c:\windows\system32\d3d10_1core.dll
2010-05-09 09:18:39 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2010-05-09 09:15:10 279552 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2010-05-09 09:15:10 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
============= FINISH: 15:17:07.42 ===============
|