MyCity » Ambulanta -> Arhiva Ambulante » Zamrzava i ne sluša

Zamrzava i ne sluša

Napisano na dan: 25.9.2009

Strana:
1
2

Zamrzava i ne sluša

Sledeća strana

Pagination

Odgovori

Strana:
1
2

dvojkan Poslao: 25 Sep 2009 01:21 Idi na vrh
offline dvojkan Građanin Pridružio: 01 Mar 2008 Poruke: 245	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 25 Sep 2009 0:31 Ovako: Računar mi se blokira vrlo često i neće da otvara prozore na moju komandu, to se rešava samo restartom kad proradi ali posle kratkog vremena se ponavlja pa tako moram vrlo često da ga restartujem da bi funkcionisao. To što neće da sluša , tj ako kliknem da recimo otvori c particiju , dešava se da jednostavno ignoriše moju komandu što mogu da rešim samo restartom. Kasnije to radi ali se ponovi nakon nekog vremena, posle toga izbaci obaveštenje greške i nudi da pošaljem obaveštenje o grešci. Blokiranje se dešava bez nekog razloga, recimo ako otvorim više lista na browseru, onda mi blokira , ili ako otvorim više programa manje zahtevnih, i slično. Dakle bez nekog razumnog razloga. https://www.mycity.rs/must-login.png Dopuna: 25 Sep 2009 0:35 Ne znam da li sam ovo ispravno postavio ali pokušao sam da sledim uputstva, .... ,meni ovo ne liči na ono što treba ali ???? Dopuna: 25 Sep 2009 0:36 Takođe sam našao još jedan fajl koji je ostao posle OTL pa kačim i njega , možda treba.... https://www.mycity.rs/must-login.png Dopuna: 25 Sep 2009 0:53 Vidim da sam napravio grešku i izvinjavam se zbog toga, Ispravljam odmah. DDS (Ver_09-07-30.01) - NTFSx86 Run by VooDoo at 0:43:45,70 on pet 25.09.2009 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.767.448 [GMT 2:00] AV: avast! antivirus 4.8.1351 [VPS 090924-0] On-access scanning enabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\WINDOWS\system32\savedump.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE svchost.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Documents and Settings\VooDoo\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = about:blank uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = .local uURLSearchHooks: H - No File mURLSearchHooks: H - No File mWinlogon: UIHost=c:\windows\system32\logonuiX.exe BHO: Pomagalo za veze za Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: UrlHelper Class: {74322bf9-df26-493f-b0da-6d2fc5e6429e} - c:\program files\bearshare applications\bearshare\BearShareIEHelper.dll BHO: Windows Live pomagač za prijavljivanje: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll BHO: NitroPDFBHO Class: {cf070cb8-f02f-4af4-a7b7-8d45cad4bb54} - c:\program files\nitro pdf\pdf download\NitroPDF.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: BearShare MediaBar: {d3dee18f-db64-4beb-9ff1-e1f0a5033e4a} - c:\program files\bearshare applications\bearshare mediabar\BearShareMediaBar.dll TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File TB: {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - No File TB: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueso~1.lnk - c:\program files\ivt corporation\bluesoleil\BlueSoleil.exe IE: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSYYYYYYYYRS IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000 IE: Save Page As PDF ... - file://c:\program files\nitro pdf\pdf download\nitroweb.htm IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL IE: {AD9E6088-E00B-42f9-9F0C-8480525D234E} - {FF5073C0-28A0-4223-9BDF-59FF020FE77C} - c:\program files\nitro pdf\pdf download\NitroPDF.dll DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://messenger.zone.msn.com/EN-US/a-LUXR/mjolauncher.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/da2/PCPitStop2.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL AppInit_DLLs: c:\windows\system32\MsgPlusLoader.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\voodoo\applic~1\mozilla\firefox\profiles\b6x4i2ic.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://btjunkie.org FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - plugin: c:\documents and settings\voodoo\local settings\application data\google\update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: c:\program files\google\google earth plugin\npgeplugin.dll FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews..wholeText", "noAccess"); c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); ============= SERVICES / DRIVERS =============== R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-9 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-11-9 20560] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2008-11-9 138680] R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2008-11-9 254040] R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2008-11-9 352920] S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\screamingbaudio.sys --> c:\windows\system32\drivers\ScreamingBAudio.sys [?] =============== Created Last 30 ================ 2009-09-24 01:03 229,888 a------- c:\windows\PEV.exe 2009-09-24 01:03 161,792 a------- c:\windows\SWREG.exe 2009-09-24 01:03 98,816 a------- c:\windows\sed.exe 2009-09-23 21:17 <DIR> --dsh--- c:\documents and settings\voodoo\PrivacIE 2009-09-23 21:17 <DIR> --dsh--- c:\documents and settings\voodoo\IECompatCache 2009-09-23 21:15 <DIR> --dsh--- c:\documents and settings\voodoo\IETldCache 2009-09-23 21:05 100,352 -c------ c:\windows\system32\dllcache\iecompat.dll 2009-09-23 21:04 <DIR> --d----- c:\windows\ie8updates 2009-09-23 21:04 12,800 -c------ c:\windows\system32\dllcache\xpshims.dll 2009-09-23 21:04 246,272 -c------ c:\windows\system32\dllcache\ieproxy.dll 2009-09-23 21:02 <DIR> -cd-h--- c:\windows\ie8 2009-09-23 21:02 <DIR> --d----- c:\windows\system32\sr-Latn-CS 2009-09-07 20:28 152,088 a------- C:\img2-001.raw 2009-09-06 23:01 <DIR> --d----- c:\program files\Uniblue 2009-09-06 23:01 <DIR> --d----- c:\docume~1\alluse~1\applic~1\DriverScanner 2009-09-06 22:59 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{66E2F539-12B6-4870-A500-7689CDE75C5E} 2009-09-06 22:55 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PCPitstop 2009-09-06 22:55 <DIR> --d----- c:\program files\PCPitstop 2009-09-03 20:02 <DIR> --d----- c:\docume~1\voodoo\applic~1\MSNInstaller 2009-08-31 19:14 212,480 a------- c:\windows\system32\PCDLIB32.DLL 2009-08-31 19:14 21 a------- c:\windows\FH_setup.ini 2009-08-31 19:14 182,032 a------- c:\windows\system32\dxtmsft3.dll 2009-08-31 19:13 515,803 a------- c:\windows\system32\drivers\Ca533av.sys 2009-08-31 19:13 11,144 a------- c:\windows\system32\drivers\Bulk533.sys 2009-08-31 19:13 2,055 a------- c:\windows\CA533A.INI 2009-08-31 19:13 131,072 a------- c:\windows\system32\SP5X_32.DLL 2009-08-31 19:13 32,768 a------- c:\windows\system32\infcpy.dll 2009-08-31 19:13 16,384 a------- c:\windows\system32\Dext533.ax 2009-08-31 19:13 <DIR> --d----- c:\program files\common files\DigitalCam202 ==================== Find3M ==================== 2009-08-05 11:11 204,800 a------- c:\windows\system32\mswebdvd.dll 2009-07-17 20:55 58,880 a------- c:\windows\system32\atl.dll 2009-07-13 02:18 233,472 a------- c:\windows\system32\wmpdxm.dll 2009-07-03 19:09 915,456 -------- c:\windows\system32\wininet.dll ============= FINISH: 0:44:28,67 =============== https://www.mycity.rs/must-login.png Dopuna: 25 Sep 2009 1:02 Onaj poslednji korak ne mogu da uradim , sa programom GMER jer mi se na prvom skeniranju računar isključi i izbaci tekst na plavoj pozadini u kojem između ostalog piše ovako: DRIVER_IRQL_NOT_LES_OR_EQUAL i nakon toga moram da restartujem .... Dopuna: 25 Sep 2009 1:21 Ovo se takođe dešava , beskrajno dugo , ne mogu da čekam otvara prozor za preuzimanje programa , mislim da nikad ne bi otvorio jer koliko god da čekam nema ničega. Ovo je prilikom drugog programa , ko ji zamenjuje GMER , onaj ROOT ....

Profil

dvojkan Poslao: 25 Sep 2009 01:36 Idi na vrh
offline dvojkan Građanin Pridružio: 01 Mar 2008 Poruke: 245	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Napisano: 25 Sep 2009 0:31 Ovako: Računar mi se blokira vrlo često i neće da otvara prozore na moju komandu, to se rešava samo restartom kad proradi ali posle kratkog vremena se ponavlja pa tako moram vrlo često da ga restartujem da bi funkcionisao. To što neće da sluša , tj ako kliknem da recimo otvori c particiju , dešava se da jednostavno ignoriše moju komandu što mogu da rešim samo restartom. Kasnije to radi ali se ponovi nakon nekog vremena, posle toga izbaci obaveštenje greške i nudi da pošaljem obaveštenje o grešci. Blokiranje se dešava bez nekog razloga, recimo ako otvorim više lista na browseru, onda mi blokira , ili ako otvorim više programa manje zahtevnih, i slično. Dakle bez nekog razumnog razloga. https://www.mycity.rs/must-login.png Dopuna: 25 Sep 2009 0:35 Ne znam da li sam ovo ispravno postavio ali pokušao sam da sledim uputstva, .... ,meni ovo ne liči na ono što treba ali ???? Dopuna: 25 Sep 2009 0:36 Takođe sam našao još jedan fajl koji je ostao posle OTL pa kačim i njega , možda treba.... https://www.mycity.rs/must-login.png Dopuna: 25 Sep 2009 0:53 Vidim da sam napravio grešku i izvinjavam se zbog toga, Ispravljam odmah. DDS (Ver_09-07-30.01) - NTFSx86 Run by VooDoo at 0:43:45,70 on pet 25.09.2009 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.767.448 [GMT 2:00] AV: avast! antivirus 4.8.1351 [VPS 090924-0] On-access scanning enabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} ============== Running Processes =============== C:\WINDOWS\system32\savedump.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE svchost.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Documents and Settings\VooDoo\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = about:blank uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = .local uURLSearchHooks: H - No File mURLSearchHooks: H - No File mWinlogon: UIHost=c:\windows\system32\logonuiX.exe BHO: Pomagalo za veze za Adobe PDF Reader: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: UrlHelper Class: {74322bf9-df26-493f-b0da-6d2fc5e6429e} - c:\program files\bearshare applications\bearshare\BearShareIEHelper.dll BHO: Windows Live pomagač za prijavljivanje: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll BHO: NitroPDFBHO Class: {cf070cb8-f02f-4af4-a7b7-8d45cad4bb54} - c:\program files\nitro pdf\pdf download\NitroPDF.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: BearShare MediaBar: {d3dee18f-db64-4beb-9ff1-e1f0a5033e4a} - c:\program files\bearshare applications\bearshare mediabar\BearShareMediaBar.dll TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File TB: {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - No File TB: {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueso~1.lnk - c:\program files\ivt corporation\bluesoleil\BlueSoleil.exe IE: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSYYYYYYYYRS IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000 IE: Save Page As PDF ... - file://c:\program files\nitro pdf\pdf download\nitroweb.htm IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL IE: {AD9E6088-E00B-42f9-9F0C-8480525D234E} - {FF5073C0-28A0-4223-9BDF-59FF020FE77C} - c:\program files\nitro pdf\pdf download\NitroPDF.dll DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} - hxxp://messenger.zone.msn.com/EN-US/a-LUXR/mjolauncher.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/da2/PCPitStop2.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL AppInit_DLLs: c:\windows\system32\MsgPlusLoader.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\voodoo\applic~1\mozilla\firefox\profiles\b6x4i2ic.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://btjunkie.org FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - plugin: c:\documents and settings\voodoo\local settings\application data\google\update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: c:\program files\google\google earth plugin\npgeplugin.dll FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false); c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200); c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true); c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews..wholeText", "noAccess"); c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120); c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3); c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true); c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1); c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true); c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0); c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072); c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35"); c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror"); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false); c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json"); ============= SERVICES / DRIVERS =============== R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-9 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-11-9 20560] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2008-11-9 138680] R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2008-11-9 254040] R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2008-11-9 352920] S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\screamingbaudio.sys --> c:\windows\system32\drivers\ScreamingBAudio.sys [?] =============== Created Last 30 ================ 2009-09-24 01:03 229,888 a------- c:\windows\PEV.exe 2009-09-24 01:03 161,792 a------- c:\windows\SWREG.exe 2009-09-24 01:03 98,816 a------- c:\windows\sed.exe 2009-09-23 21:17 <DIR> --dsh--- c:\documents and settings\voodoo\PrivacIE 2009-09-23 21:17 <DIR> --dsh--- c:\documents and settings\voodoo\IECompatCache 2009-09-23 21:15 <DIR> --dsh--- c:\documents and settings\voodoo\IETldCache 2009-09-23 21:05 100,352 -c------ c:\windows\system32\dllcache\iecompat.dll 2009-09-23 21:04 <DIR> --d----- c:\windows\ie8updates 2009-09-23 21:04 12,800 -c------ c:\windows\system32\dllcache\xpshims.dll 2009-09-23 21:04 246,272 -c------ c:\windows\system32\dllcache\ieproxy.dll 2009-09-23 21:02 <DIR> -cd-h--- c:\windows\ie8 2009-09-23 21:02 <DIR> --d----- c:\windows\system32\sr-Latn-CS 2009-09-07 20:28 152,088 a------- C:\img2-001.raw 2009-09-06 23:01 <DIR> --d----- c:\program files\Uniblue 2009-09-06 23:01 <DIR> --d----- c:\docume~1\alluse~1\applic~1\DriverScanner 2009-09-06 22:59 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{66E2F539-12B6-4870-A500-7689CDE75C5E} 2009-09-06 22:55 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PCPitstop 2009-09-06 22:55 <DIR> --d----- c:\program files\PCPitstop 2009-09-03 20:02 <DIR> --d----- c:\docume~1\voodoo\applic~1\MSNInstaller 2009-08-31 19:14 212,480 a------- c:\windows\system32\PCDLIB32.DLL 2009-08-31 19:14 21 a------- c:\windows\FH_setup.ini 2009-08-31 19:14 182,032 a------- c:\windows\system32\dxtmsft3.dll 2009-08-31 19:13 515,803 a------- c:\windows\system32\drivers\Ca533av.sys 2009-08-31 19:13 11,144 a------- c:\windows\system32\drivers\Bulk533.sys 2009-08-31 19:13 2,055 a------- c:\windows\CA533A.INI 2009-08-31 19:13 131,072 a------- c:\windows\system32\SP5X_32.DLL 2009-08-31 19:13 32,768 a------- c:\windows\system32\infcpy.dll 2009-08-31 19:13 16,384 a------- c:\windows\system32\Dext533.ax 2009-08-31 19:13 <DIR> --d----- c:\program files\common files\DigitalCam202 ==================== Find3M ==================== 2009-08-05 11:11 204,800 a------- c:\windows\system32\mswebdvd.dll 2009-07-17 20:55 58,880 a------- c:\windows\system32\atl.dll 2009-07-13 02:18 233,472 a------- c:\windows\system32\wmpdxm.dll 2009-07-03 19:09 915,456 -------- c:\windows\system32\wininet.dll ============= FINISH: 0:44:28,67 =============== https://www.mycity.rs/must-login.png Dopuna: 25 Sep 2009 1:02 Onaj poslednji korak ne mogu da uradim , sa programom GMER jer mi se na prvom skeniranju računar isključi i izbaci tekst na plavoj pozadini u kojem između ostalog piše ovako: DRIVER_IRQL_NOT_LES_OR_EQUAL i nakon toga moram da restartujem .... Dopuna: 25 Sep 2009 1:21 Ovo se takođe dešava , beskrajno dugo , ne mogu da čekam otvara prozor za preuzimanje programa , mislim da nikad ne bi otvorio jer koliko god da čekam nema ničega. Ovo je prilikom drugog programa , ko ji zamenjuje GMER , onaj ROOT .... Dopuna: 25 Sep 2009 1:22 Dopuna: 25 Sep 2009 1:36 Uspeo sam nekako da ga prevarim i uradim i ovo poslednje, još jednom se izvinjavam zbog ove zavrzlame ali računar mi nikako ne funkcioniše. https://www.mycity.rs/must-login.png

Profil

argus Poslao: 25 Sep 2009 13:04 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pustao si combofix, imas li log. Ako imas postavi ga, nalazi se na C\Combofix.txt

Profil

dvojkan Poslao: 25 Sep 2009 14:26 Idi na vrh
offline dvojkan Građanin Pridružio: 01 Mar 2008 Poruke: 245	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: https://www.mycity.rs/must-login.png ComboFix 09-09-23.02 - VooDoo 24.09.2009 1:04.5.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.767.515 [GMT 2:00] Running from: c:\documents and settings\VooDoo\Desktop\ComboFix.exe AV: avast! antivirus 4.8.1351 [VPS 090923-0] On-access scanning disabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\ntSVc.ocx . ((((((((((((((((((((((((( Files Created from 2009-08-23 to 2009-09-23 ))))))))))))))))))))))))))))))) . 2009-09-23 19:17 . 2009-09-23 19:17 -------- d-sh--w- c:\documents and settings\VooDoo\PrivacIE 2009-09-23 19:17 . 2009-09-23 19:17 -------- d-sh--w- c:\documents and settings\VooDoo\IECompatCache 2009-09-23 19:15 . 2009-09-23 19:15 -------- d-sh--w- c:\documents and settings\VooDoo\IETldCache 2009-09-23 19:05 . 2009-08-07 08:48 100352 -c----w- c:\windows\system32\dllcache\iecompat.dll 2009-09-23 19:04 . 2009-09-23 19:05 -------- d-----w- c:\windows\ie8updates 2009-09-23 19:04 . 2009-07-03 17:09 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2009-09-23 19:04 . 2009-07-03 17:09 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2009-09-23 19:02 . 2009-09-23 19:04 -------- dc-h--w- c:\windows\ie8 2009-09-23 19:02 . 2009-09-23 19:03 -------- d-----w- c:\windows\system32\sr-Latn-CS 2009-09-06 21:01 . 2009-09-06 21:07 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverScanner 2009-09-06 21:01 . 2009-09-06 21:01 -------- d-----w- c:\program files\Uniblue 2009-09-06 20:59 . 2009-09-06 21:01 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{66E2F539-12B6-4870-A500-7689CDE75C5E} 2009-09-06 20:55 . 2009-09-06 20:55 -------- d-----w- c:\documents and settings\All Users\Application Data\PCPitstop 2009-09-06 20:55 . 2009-09-06 20:55 -------- d-----w- c:\program files\PCPitstop 2009-09-03 18:02 . 2009-09-03 18:02 -------- d-----w- c:\documents and settings\VooDoo\Application Data\MSNInstaller 2009-08-31 17:14 . 1995-07-31 11:44 212480 ----a-w- c:\windows\system32\PCDLIB32.DLL 2009-08-31 17:14 . 1998-08-27 04:51 182032 ----a-w- c:\windows\system32\dxtmsft3.dll 2009-08-31 17:13 . 2002-12-04 12:38 11144 ----a-w- c:\windows\system32\drivers\Bulk533.sys 2009-08-31 17:13 . 2002-10-21 09:37 515803 ----a-w- c:\windows\system32\drivers\Ca533av.sys 2009-08-31 17:13 . 2009-08-31 17:13 -------- d-----w- c:\program files\Common Files\DigitalCam202 2009-08-31 17:13 . 2003-08-25 14:12 32768 ----a-w- c:\windows\system32\infcpy.dll 2009-08-31 17:13 . 2002-01-19 13:33 131072 ----a-w- c:\windows\system32\SP5X_32.DLL . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-09-23 22:17 . 2008-11-15 15:18 -------- d-----w- c:\program files\Actual Drawing 2009-09-23 22:12 . 2008-11-15 15:14 -------- d-----w- c:\program files\iColorFolder 2009-09-23 19:23 . 2008-11-09 13:03 -------- d-----w- c:\documents and settings\VooDoo\Application Data\Skype 2009-09-23 19:21 . 2009-02-08 17:48 -------- d-----w- c:\documents and settings\VooDoo\Application Data\skypePM 2009-09-23 18:14 . 2009-02-16 16:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2009-09-10 10:59 . 2009-01-15 17:57 -------- d-----w- c:\program files\Lexmark X1100 Series 2009-09-09 18:54 . 2009-08-17 17:46 -------- d-----w- c:\program files\Microsoft Silverlight 2009-09-08 13:14 . 2008-11-09 15:22 -------- d-----w- c:\documents and settings\VooDoo\Application Data\uTorrent 2009-09-06 21:11 . 2008-11-09 12:41 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-09-06 21:01 . 2009-01-15 17:47 -------- d-----w- c:\documents and settings\VooDoo\Application Data\Uniblue 2009-09-03 18:04 . 2009-02-23 18:01 30 ----a-w- c:\windows\system32\mslck.dat 2009-08-31 17:16 . 2008-11-27 16:03 -------- d-----w- c:\documents and settings\VooDoo\Application Data\ArcSoft 2009-08-31 17:14 . 2008-11-09 12:41 -------- d-----w- c:\program files\ArcSoft 2009-08-17 16:10 . 2008-11-09 13:14 1279456 ----a-w- c:\windows\system32\aswBoot.exe 2009-08-17 16:06 . 2008-11-09 13:15 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-08-17 16:06 . 2008-11-09 13:15 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-08-17 16:05 . 2008-11-09 14:49 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-08-17 16:05 . 2008-11-09 14:49 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-08-17 16:04 . 2008-11-09 13:15 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-08-17 16:04 . 2008-11-09 13:15 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-08-17 16:03 . 2008-11-09 13:15 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-08-17 16:02 . 2008-11-09 13:14 97480 ----a-w- c:\windows\system32\AVASTSS.scr 2009-08-14 17:03 . 2009-08-14 17:03 -------- d-----w- c:\documents and settings\VooDoo\Application Data\WNR 2009-08-12 13:32 . 2009-01-16 19:47 524760 -c--a-w- c:\documents and settings\VooDoo\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-08-05 21:35 . 2009-08-05 21:35 -------- d-----w- c:\program files\MSBuild 2009-08-05 21:35 . 2009-08-05 21:35 -------- d-----w- c:\program files\Reference Assemblies 2009-08-05 21:30 . 2009-08-05 21:30 -------- d-----w- c:\program files\MSXML 6.0 2009-08-05 09:11 . 2002-12-31 10:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-08-04 12:48 . 2009-08-04 12:48 -------- d-----w- c:\program files\Paprikari 2009-08-03 18:09 . 2009-08-03 18:09 -------- d-----w- c:\documents and settings\VooDoo\Application Data\Screaming Bee 2009-08-03 18:09 . 2009-08-03 18:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Screaming Bee 2009-08-03 18:08 . 2009-08-03 18:08 -------- d-----w- c:\program files\Screaming Bee 2009-08-03 18:08 . 2009-08-03 18:08 -------- d-----w- c:\program files\Common Files\Screaming Bee 2009-07-27 17:43 . 2009-07-27 17:43 -------- d-----w- c:\program files\Xilisoft 2009-07-27 03:17 . 2009-07-27 03:17 -------- d-----w- c:\documents and settings\VooDoo\Application Data\Media Player Classic 2009-07-17 18:55 . 2002-12-31 10:00 58880 ----a-w- c:\windows\system32\atl.dll 2009-07-13 00:18 . 2002-12-31 10:00 233472 ----a-w- c:\windows\system32\wmpdxm.dll 2009-07-03 17:09 . 2002-12-31 10:00 915456 ----a-w- c:\windows\system32\wininet.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74322BF9-DF26-493f-B0DA-6D2FC5E6429E}] 2009-05-04 10:56 398776 ----a-w- c:\program files\BearShare Applications\BearShare\BearShareIEHelper.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "tscuninstall"="c:\windows\system32\tscupgrd.exe" [2002-12-31 44544] c:\documents and settings\All Users\Start Menu\Programs\Startup\ BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2009-7-16 1183744] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "UIHost"="c:\windows\system32\logonuiX.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\MsgPlusLoader.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\WINDOWS\\system32\\rtcshare.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"= "c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe"= "c:\\Program Files\\DC++\\DCPlusPlus.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5353:TCP"= 5353:TCP:Adobe CSI CS4 R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [9.11.2008 16:49 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9.11.2008 16:49 20560] S3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys --> c:\windows\system32\drivers\ScreamingBAudio.sys [?] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] "c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP . Contents of the 'Scheduled Tasks' folder 2009-07-31 c:\windows\Tasks\1-Click Maintenance.job - c:\program files\TuneUp Utilities 2007\SystemOptimizer.exe [2006-12-19 05:51] 2009-09-23 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-16 14:31] 2009-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-16 16:03] 2009-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-02-16 16:03] 2009-09-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-308236825-1801674531-1003Core.job - c:\documents and settings\VooDoo\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-09 22:12] 2009-09-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1123561945-308236825-1801674531-1003UA.job - c:\documents and settings\VooDoo\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-09 22:12] 2009-09-23 c:\windows\Tasks\User_Feed_Synchronization-{526CFF6D-2EC9-4015-9E0D-F420E0BBD7B0}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ------- Supplementary Scan ------- . uStart Page = about:blank uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyOverride = .local IE: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSYYYYYYYYRS IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 IE: Save Page As PDF ... - file://c:\program files\Nitro PDF\PDF Download\nitroweb.htm IE: {{AD9E6088-E00B-42f9-9F0C-8480525D234E} - {FF5073C0-28A0-4223-9BDF-59FF020FE77C} - c:\program files\Nitro PDF\PDF Download\NitroPDF.dll FF - ProfilePath - c:\documents and settings\VooDoo\Application Data\Mozilla\Firefox\Profiles\b6x4i2ic.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://btjunkie.org FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - plugin: c:\documents and settings\VooDoo\Local Settings\Application Data\Google\Update\1.2.183.7\npGoogleOneClick8.dll FF - plugin: c:\program files\Google\Google Earth Plugin\npgeplugin.dll FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . *********************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-09-24 01:10 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(500) c:\windows\system32\WININET.dll c:\windows\system32\msi.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\windows\system32\LEXBCES.EXE c:\windows\system32\LEXPPS.EXE c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe . ************************************************************************ . Completion time: 2009-09-23 1:18 - machine was rebooted ComboFix-quarantined-files.txt 2009-09-23 23:18 Pre-Run: 5.086.466.048 bytes free Post-Run: 5.052.952.576 bytes free Current=1 Default=1 Failed=0 LastKnownGood=3 Sets=,1,2,3 197 --- E O F --- 2009-09-23 19:05

Profil

argus Poslao: 25 Sep 2009 18:40 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Skini ovaj fajl na desktop, raspakuj ga i pokreni dvoklikom Dobices takodje na desktopu showreg.txt fajl, koji ces mi iskopirati ovde na forumu https://www.mycity.rs/must-login.png

Profil

dvojkan Poslao: 25 Sep 2009 20:03 Idi na vrh
offline dvojkan Građanin Pridružio: 01 Mar 2008 Poruke: 245	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: samo ovako je moglo ... https://www.mycity.rs/must-login.png

Profil

argus Poslao: 25 Sep 2009 21:27 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Skini ovaj fajl, pokreni ga dvoklikom, yes pa ok. https://www.mycity.rs/must-login.png

Profil

dvojkan Poslao: 26 Sep 2009 12:22 Idi na vrh
offline dvojkan Građanin Pridružio: 01 Mar 2008 Poruke: 245	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradio, šta dalje???

Profil

argus Poslao: 26 Sep 2009 12:27 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Na kompu vise nema tragova malware-a. Mozes obrisati C:\Qoobox i korišćene programe. Ukoliko i dalje imas problema otvori temu u Windows forumu.

Profil

dvojkan Poslao: 26 Sep 2009 12:34 Idi na vrh
offline dvojkan Građanin Pridružio: 01 Mar 2008 Poruke: 245	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! OK , Hvala. Mislim da još uvek ima problem a ali sad ako nema malwarea znam gde da tražim. Ako ne javiću se na win forum.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Zamrzava i ne sluša

Ko je trenutno na forumu

Ukupno su 1086 korisnika na forumu :: 29 registrovanih, 5 sakrivenih i 1052 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Bobrock1, cemix, Darko8, DeerHunter, DejanCG, eighty-one, Gargantua, GORDI, havoc995, HrcAk47, hvost, ivan979, jukeboxer, Karla, laurusri, Lord Nem, mercedesamg, Miki01, Milometer, nextyamb, platana., Prašinar, Recce, repac, ruma, StalniPromatrač, Stefan M, Vlad000, voja64

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by