Problem sa windows media player-om

1

Problem sa windows media player-om

offline
  • Pridružio: 10 Dec 2007
  • Poruke: 40

Imam jedan problem, wmp nece da reprodukuje video klipove, kada se ucita video klip, slika se zamrzne, a zatim, po izlasku iz wmp-ja, ceo komjuter se ukoci, dakle ne znam sta da radim? Napominjem da je u pitanju wmp 11, ako je od ikakvog znacaja.




mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Pozdrav.

Molim te isprati uputstvo sa sledeceg linka

http://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

offline
  • Pridružio: 10 Dec 2007
  • Poruke: 40

Pozdrav.

Evo ovako, ako sam razumeo, mislite da problem nema veze sa virusima? Ali meni se to desilo nakon reinstalacije windowsa i ponovnog aktiviranja interneta. Pre problema, antivirus nije bio instaliran, dakle ja prilikom pustanja klipa na netu, to je pocelo da se desava.

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Nista ja ne mislim, moras da ispratis uputstvo sa gore postavljenog linka, pa tek onda mozemo da znamo da li ima, ili nema malware-a u tvom sistemu.

offline
  • Pridružio: 10 Dec 2007
  • Poruke: 40

Ne razumem, za 64-bitni windows, ima 2 korka, opis problema, i postavljanje loga.... Sta jos?

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Izvini, ja sam prevideo 64-bitni, ok je Smile

offline
  • Pridružio: 10 Dec 2007
  • Poruke: 40

Smile , ma nema veze, samo sta dalje? Smile

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix.

U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
prikazati DISCLAIMER OF WARRANTY ON SOFTWARE:
klikni Yes kako bi proces bio nastavljen.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

offline
  • Pridružio: 10 Dec 2007
  • Poruke: 40

Napisano: 30 Avg 2009 9:54

evo log-a:


ComboFix 09-08-29.01 - Ilija 08/30/2009 9:47.2.1 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.309 [GMT 2:00]
Running from: c:\documents and settings\Ilija\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.

((((((((((((((((((((((((( Files Created from 2009-07-28 to 2009-08-30 )))))))))))))))))))))))))))))))
.

2009-08-29 07:04 . 2009-08-29 07:04 -------- d-sh--w- C:\FOUND.011
2009-08-28 14:57 . 2009-08-28 14:57 -------- d-----w- c:\program files\Eidos Interactive
2009-08-28 13:55 . 2009-08-28 13:55 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-08-28 13:54 . 2009-08-28 13:54 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-08-28 13:54 . 2009-08-28 13:54 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-08-28 13:54 . 2009-08-28 13:54 -------- d-----w- c:\documents and settings\Ilija\Application Data\DAEMON Tools Lite
2009-08-28 13:45 . 2009-08-28 13:45 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Pro
2009-08-28 13:45 . 2009-08-28 13:45 -------- d-----w- c:\program files\DAEMON Tools Pro
2009-08-28 13:43 . 2009-08-28 13:43 722416 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-08-28 13:43 . 2009-08-28 13:43 -------- d-----w- c:\documents and settings\Ilija\Application Data\DAEMON Tools Pro
2009-08-28 01:15 . 2009-08-28 01:15 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2009-08-28 01:04 . 2009-08-28 01:05 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2009-08-28 01:03 . 2009-07-14 00:17 120056 ------w- c:\windows\system32\pxcpyi64.exe
2009-08-28 01:03 . 2009-07-14 00:17 118520 ------w- c:\windows\system32\pxinsi64.exe
2009-08-28 00:55 . 2009-08-28 00:55 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-08-28 00:55 . 2009-08-28 00:55 -------- d-----w- c:\program files\DivX
2009-08-27 22:03 . 2001-08-17 11:48 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2009-08-27 22:03 . 2001-08-17 11:48 12160 ----a-w- c:\windows\system32\dllcache\mouhid.sys
2009-08-27 22:03 . 2001-08-17 12:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-08-27 22:03 . 2001-08-17 12:02 9600 ----a-w- c:\windows\system32\dllcache\hidusb.sys
2009-08-27 16:18 . 2009-08-27 16:18 -------- d-sh--w- c:\documents and settings\Ilija\IECompatCache
2009-08-27 15:29 . 2009-08-30 02:31 983040 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-08-27 15:29 . 2009-08-30 02:31 24608 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2009-08-27 15:29 . 2009-08-27 15:29 -------- d-----w- c:\program files\Kaspersky Lab
2009-08-27 15:29 . 2009-08-27 15:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-08-27 15:28 . 2009-08-27 15:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-08-27 15:00 . 2009-08-15 15:11 121020 ----a-w- c:\documents and settings\Ilija\Application Data\TuneUp Software\TuneUp Utilities\StartUp Manager\Disabled objects\officexp.exe
2009-08-27 14:58 . 2008-02-27 11:15 28416 ----a-w- c:\windows\system32\uxtuneup.dll
2009-08-27 14:58 . 2009-08-27 14:58 307968 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2009-08-27 14:58 . 2009-08-27 14:58 -------- d-----w- c:\documents and settings\Ilija\Application Data\TuneUp Software
2009-08-27 14:58 . 2009-08-27 14:58 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-08-27 14:58 . 2009-08-27 14:58 -------- d-----w- c:\program files\TuneUp Utilities 2008
2009-08-27 14:56 . 2009-08-27 14:56 -------- d-sh--w- C:\FOUND.010
2009-08-27 14:45 . 2006-10-18 19:47 10834432 ----a-w- c:\windows\system32\dllcache\wmp.dll
2009-08-27 14:05 . 2009-08-27 14:05 -------- d-sh--w- c:\documents and settings\Ilija\PrivacIE
2009-08-27 14:04 . 2009-08-27 14:04 -------- d-sh--w- c:\documents and settings\Ilija\IETldCache
2009-08-27 13:58 . 2009-08-27 13:58 -------- d--h--w- c:\windows\ie8
2009-08-26 17:34 . 2009-08-26 17:34 -------- d-sh--w- C:\FOUND.009
2009-08-26 15:27 . 2009-08-26 15:27 -------- d-----w- c:\documents and settings\Ilija\Application Data\PacificPoker
2009-08-26 15:27 . 2009-08-26 15:27 -------- d-----w- c:\program files\PacificPoker
2009-08-26 15:23 . 2009-08-26 15:23 -------- d-----w- c:\documents and settings\Ilija\Application Data\Search Settings
2009-08-26 15:23 . 2009-08-26 15:23 -------- d-----w- c:\documents and settings\Ilija\Application Data\Dealio
2009-08-26 12:25 . 2009-08-26 12:25 -------- d-----w- c:\program files\YouTube Downloader
2009-08-25 21:03 . 2009-08-25 21:03 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-08-25 19:12 . 2004-08-03 23:07 388608 ----a-w- c:\windows\system32\msregsv.exe
2009-08-25 17:06 . 2009-08-25 17:06 -------- d-sh--w- C:\FOUND.008
2009-08-25 16:31 . 2009-08-25 16:31 -------- d-sh--w- C:\FOUND.007
2009-08-25 15:50 . 2009-08-25 15:50 -------- d-sh--w- C:\FOUND.006
2009-08-25 08:56 . 2009-08-25 08:56 -------- d-sh--w- C:\FOUND.005
2009-08-23 11:47 . 2009-08-23 11:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2009-08-23 10:59 . 2009-08-23 10:59 -------- d-sh--w- C:\FOUND.004
2009-08-22 14:45 . 2009-08-22 14:45 1961720 ----a-w- c:\documents and settings\Ilija\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2009-08-22 14:36 . 2009-08-22 14:36 -------- d-----w- c:\documents and settings\Ilija\Local Settings\Application Data\Opera
2009-08-22 14:36 . 2009-08-22 14:36 -------- d-----w- c:\program files\Opera
2009-08-22 14:24 . 2009-08-22 14:24 -------- d-sh--w- C:\FOUND.003
2009-08-22 14:18 . 2009-08-22 14:18 0 ----a-w- c:\windows\nsreg.dat
2009-08-22 14:18 . 2009-08-22 14:18 -------- d-----w- c:\documents and settings\Ilija\Local Settings\Application Data\Mozilla
2009-08-20 07:55 . 2009-08-20 07:55 -------- d-sh--w- C:\FOUND.002
2009-08-19 16:49 . 2009-08-19 16:49 1924440 ----a-w- c:\documents and settings\Ilija\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
2009-08-19 10:11 . 2004-08-03 23:07 25600 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-08-19 10:11 . 2009-08-19 10:11 -------- d-----w- c:\program files\Windows Media Connect 2
2009-08-19 09:52 . 2009-08-19 09:52 -------- d-----w- c:\documents and settings\Ilija\Contacts
2009-08-19 09:51 . 2009-08-19 09:51 -------- d-----w- c:\program files\MSN Messenger
2009-08-19 09:25 . 2009-08-19 09:25 -------- d-----w- c:\documents and settings\Ilija\Local Settings\Application Data\Temp
2009-08-19 09:24 . 2009-08-19 09:24 -------- d-----w- c:\documents and settings\Ilija\Local Settings\Application Data\Deployment
2009-08-15 13:57 . 2009-08-15 13:57 -------- d-----w- c:\documents and settings\Ilija\Application Data\PC Suite
2009-08-15 13:57 . 2009-08-15 13:57 -------- d-----w- c:\documents and settings\Ilija\Local Settings\Application Data\IsolatedStorage
2009-08-15 13:57 . 2009-08-15 13:57 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Nokia
2009-08-15 13:57 . 2009-08-15 13:57 -------- d-----w- c:\documents and settings\Ilija\Local Settings\Application Data\Nokia
2009-08-15 13:55 . 2009-08-15 13:55 -------- d-----w- c:\documents and settings\Ilija\Application Data\Nokia
2009-08-15 13:50 . 2009-08-15 13:50 -------- d-----w- c:\documents and settings\All Users\Application Data\NokiaMusic
2009-08-15 13:48 . 2009-08-15 13:48 -------- d-----w- c:\windows\Globalization
2009-08-15 13:47 . 2009-08-15 13:47 -------- d-----w- c:\program files\DIFX
2009-08-15 13:47 . 2008-08-26 07:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2009-08-15 13:46 . 2009-08-15 13:46 -------- d-----w- c:\program files\Nokia
2009-08-15 13:46 . 2008-02-01 13:17 90624 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-08-15 13:45 . 2009-08-15 13:56 132600 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-08-15 13:45 . 2009-08-15 13:45 -------- d-----w- c:\windows\system32\XPSViewer
2009-08-15 13:45 . 2009-08-15 13:45 -------- d-----w- c:\program files\MSBuild
2009-08-15 13:45 . 2009-08-15 13:45 -------- d-----w- c:\program files\Reference Assemblies
2009-08-15 13:44 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-08-15 13:44 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-08-15 13:44 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-08-15 13:44 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-08-15 13:44 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-08-15 13:44 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-08-15 13:44 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2009-08-15 13:44 . 2009-08-15 13:44 -------- d-----w- C:\b21d803b36616274c646ac
2009-08-15 13:42 . 2009-08-15 13:42 -------- d-----w- c:\program files\MSXML 6.0
2009-08-02 12:34 . 2009-08-02 12:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia
2009-07-31 11:01 . 2009-07-31 11:01 -------- d-sh--w- C:\FOUND.001
2009-07-31 10:32 . 2009-07-31 10:32 -------- d-sh--w- C:\FOUND.000

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-30 02:31 . 2009-08-27 15:29 6636 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-08-30 02:31 . 2009-08-27 15:29 1164 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2009-08-27 16:10 . 2009-08-27 16:10 -------- d-----w- c:\program files\Google
2009-08-27 16:10 . 2008-01-29 16:29 33808 ----a-w- c:\windows\system32\drivers\klbg.sys
2009-08-27 16:10 . 2009-08-27 15:31 94643 ----a-w- c:\windows\system32\drivers\klick.dat
2009-08-27 16:10 . 2009-08-27 15:31 105395 ----a-w- c:\windows\system32\drivers\klin.dat
2009-08-27 16:10 . 2009-08-27 16:10 33808 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\klbg.sys
2009-08-27 16:10 . 2009-08-27 16:10 213520 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\XP\klif.sys
2009-08-27 16:09 . 2009-08-27 16:09 21256 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\vkbd.dll
2009-08-27 16:09 . 2009-08-27 16:09 861448 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\updater.dll
2009-08-27 16:09 . 2009-08-27 16:09 83208 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\mzvkbd.dll
2009-08-27 16:09 . 2009-08-27 16:09 62728 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\ievkbd.dll
2009-08-27 16:08 . 2009-08-27 16:08 43784 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\fssync.dll
2009-08-27 16:08 . 2009-08-27 16:08 365832 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\ckahum.dll
2009-08-27 16:08 . 2009-08-27 16:08 201992 ----a-w- c:\documents and settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\Updater\Temporary Files\temporaryFolder\AutoPatches\kav8exec\8.0.0.357\avp.exe
2009-08-27 15:11 . 2009-07-13 20:55 12328 ----a-w- c:\documents and settings\Ilija\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-27 14:00 . 2009-08-27 14:00 -------- d-----w- c:\program files\Winamp
2009-08-27 14:00 . 2009-08-27 14:00 -------- d-----w- c:\documents and settings\Ilija\Application Data\Winamp
2009-08-25 21:04 . 2009-08-25 21:04 271360 ----a-w- c:\windows\system32\drivers\atksgt.sys
2009-08-25 21:04 . 2009-08-25 21:04 18048 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2009-07-23 16:43 . 2009-07-23 16:43 666 ----a-w- c:\windows\EReg515.dat
2009-07-23 16:42 . 2009-07-23 16:42 -------- d-----w- c:\program files\Disney Interactive
2009-07-20 14:01 . 2009-07-20 14:01 -------- d-----w- c:\documents and settings\Ilija\Application Data\Apple Computer
2009-07-15 17:35 . 2009-07-15 17:35 62760 ----a-w- c:\documents and settings\Ilija\Application Data\Mozilla\Firefox\Profiles\6ckxqsmr.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
2009-07-15 13:07 . 2009-07-15 13:07 -------- d-----w- c:\documents and settings\Ilija\Application Data\Ahead
2009-07-15 13:06 . 2009-07-15 13:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-07-15 13:06 . 2009-07-15 13:06 -------- d-----w- c:\program files\Nero
2009-07-15 13:06 . 2009-07-15 13:06 -------- d-----w- c:\program files\Common Files\Ahead
2009-07-14 15:04 . 2009-07-14 15:04 -------- d-----w- c:\documents and settings\Ilija\Application Data\ATI
2009-07-14 15:04 . 2009-07-14 15:04 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2009-07-14 15:00 . 2009-07-14 15:00 -------- d-----w- c:\program files\Sony
2009-07-14 14:58 . 2009-07-14 14:58 -------- d-----w- c:\program files\QuickTime
2009-07-14 14:58 . 2009-07-14 14:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-07-14 14:57 . 2009-07-14 14:57 -------- d-----w- c:\program files\Apple Software Update
2009-07-14 14:57 . 2009-07-14 14:57 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-07-14 14:37 . 2009-07-14 14:37 -------- d-----w- c:\program files\Sony Ericsson
2009-07-14 14:37 . 2009-07-14 14:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony Ericsson
2009-07-14 14:37 . 2009-07-14 14:37 -------- d-----w- c:\documents and settings\Ilija\Application Data\InstallShield
2009-07-14 00:15 . 2009-07-14 00:15 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-07-14 00:15 . 2009-07-14 00:15 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-07-14 00:15 . 2009-07-14 00:15 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-07-14 00:15 . 2009-07-14 00:15 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-07-14 00:15 . 2009-07-14 00:15 811008 ----a-w- c:\windows\system32\divx_xx16.dll
2009-07-14 00:15 . 2009-07-14 00:15 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-07-14 00:15 . 2009-07-14 00:15 685056 ----a-w- c:\windows\system32\DivX.dll
2009-07-13 21:00 . 2009-07-13 21:00 0 ----a-w- c:\windows\ativpsrm.bin
2009-07-13 17:10 . 2009-07-13 17:10 -------- d-----w- c:\program files\Labtec
2009-07-13 17:08 . 2009-07-13 14:51 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-07-13 17:06 . 2009-07-13 17:06 -------- d-----w- c:\program files\AskTBar
2009-07-13 17:02 . 2009-07-13 17:02 -------- d-----w- c:\program files\Common Files\Adobe
2009-07-13 15:53 . 2009-07-13 11:34 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-07-13 15:20 . 2009-07-13 15:20 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-07-13 15:20 . 2009-07-13 15:20 -------- d--h--r- c:\documents and settings\Ilija\Application Data\SecuROM
2009-07-13 15:03 . 2009-07-13 15:03 -------- d-----w- c:\program files\ATI Technologies
2009-07-13 11:44 . 2009-07-13 11:44 -------- d-----w- c:\program files\Realtek AC97
2009-07-13 11:44 . 2009-07-13 11:44 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-13 11:44 . 2009-07-13 11:44 -------- d-----w- c:\program files\Common Files\InstallShield
2009-07-13 11:35 . 2009-07-13 11:35 -------- d-----w- c:\program files\microsoft frontpage
2009-07-13 11:31 . 2009-07-13 11:31 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2007-11-28 19:12 . 2009-08-22 14:18 67696 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2007-11-28 19:12 . 2009-08-22 14:18 54376 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2007-11-28 19:12 . 2009-08-22 14:18 34952 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2007-11-28 19:12 . 2009-08-22 14:18 46720 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2007-11-28 19:12 . 2009-08-22 14:18 172144 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
2009-07-14 00:16 . 2009-07-14 00:16 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-07-14 00:16 . 2009-07-14 00:16 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-07-14 00:16 . 2009-07-14 00:16 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-07-14 00:16 . 2009-07-14 00:16 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{9CB65206-89C4-402c-BA80-02D8C59F9B1D}"= "c:\program files\AskTBar\SrchAstt\2.bin\A5SRCHAS.DLL" [2009-07-15 57344]

[HKEY_CLASSES_ROOT\clsid\{9cb65206-89c4-402c-ba80-02d8c59f9b1d}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-08-27 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-27 61440]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2009-08-27 201992]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-08-27 122368]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" /background
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"ctfmon.exe"=c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"WinampAgent"="c:\program files\Winamp\winampa.exe"
"SoundMan"=SOUNDMAN.EXE
"FLMOFFICE4DMOUSE"=c:\program files\Labtec\moffice.exe
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"d:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"d:\\Program Files\\XTCS Counter-Strike 1.6 Final Release\\cstrike.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\english\\setup.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [1/29/2008 6:29 PM 33808]
R3 KLFLTDEV;Kaspersky Lab KLFltDev;c:\windows\system32\drivers\klfltdev.sys [3/13/2008 7:02 PM 26640]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [3/25/2008 8:07 PM 24592]
S2 gupdate1ca277b85f8ef28;Google Update Service (gupdate1ca277b85f8ef28-);c:\program files\Google\Update\GoogleUpdate.exe [8/28/2009 3:04 AM 133104]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [7/14/2009 4:40 PM 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [7/14/2009 4:40 PM 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [7/14/2009 4:40 PM 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3017mgmt.sys [7/14/2009 4:40 PM 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\drivers\s3017nd5.sys [7/14/2009 4:40 PM 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [7/14/2009 4:40 PM 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [7/14/2009 4:40 PM 110120]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-08-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 12:57]

2009-08-30 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-02-29 12:24]

2009-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-28 00:55]

2009-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-28 00:55]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.daemon-search.com/startpage
FF - ProfilePath - c:\documents and settings\Ilija\Application Data\Mozilla\Firefox\Profiles\6ckxqsmr.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=966134&p=
FF - prefs.js: browser.startup.homepage - hxxp://www.daemon-search.com/startpage
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components\DealioToolbarFF.dll
FF - component: c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-08-30 09:50
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(904)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\klogon.dll

- - - - - - - > 'explorer.exe'(596)
c:\program files\Google\Quick Search Box\bin\1.2.1137.3514\qsb.dll
c:\program files\Common Files\Ahead\Lib\NeroSearchBar.dll
c:\program files\Common Files\Ahead\Lib\MFC71U.DLL
c:\program files\Common Files\Ahead\Lib\BCGCBPRO860un71.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-08-30 9:51
ComboFix-quarantined-files.txt 2009-08-30 07:51
ComboFix2.txt 2009-08-29 18:02

Pre-Run: 7,902,085,120 bytes free
Post-Run: 8,011,530,240 bytes free

305

Dopuna: 30 Avg 2009 9:56

mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Otvoriti Notepad i iskopirati sledeci tekst:

File::
c:\program files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components\DealioToolbarFF.dll
c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll
c:\documents and settings\Ilija\Application Data\TuneUp Software\TuneUp Utilities\StartUp Manager\Disabled objects\officexp.exe
c:\windows\system32\msregsv.exe

Folder::
c:\documents and settings\Ilija\Application Data\Search Settings
c:\documents and settings\Ilija\Application Data\Dealio

Firefox::
FF - ProfilePath - c:\documents and settings\Ilija\Application Data\Mozilla\Firefox\Profiles\6ckxqsmr.default\
FF - component: c:\program files\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}\components\DealioToolbarFF.dll
FF - component: c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll


Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Ko je trenutno na forumu
 

Ukupno su 835 korisnika na forumu :: 3 registrovanih, 0 sakrivenih i 832 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Bubimir, Dorcolac, voja64