gost 136592
Aktivan član
- Poruka
- 1.227
Nod32 ne moze ovako da radi beskonacno zato sto ima username i password koji se posle 30 dana deaktiviraju.
-
- Popularno:
- Nobelova nagrada naučnicima koji su...
- Moze li pomoc.
- Kaja Kalas: Moramo ukrasti ruske pare...
- Izraelci tukli Gretu Thunberg, terali...
- Raspad EU - Viktor Orban
- Aktivnost koja je uspela
- Nemacka dize uslov za penziju na 73...
- Zašto udbaši i BIA vole Rusiju?
- Kako znati da li je neko homoseksualac?
- Da li su danas muškarci manje muževni?
Tema za korisnike koji imaju zaražen računar
- Začetnik teme clan
- Datum pokretanja
Dobro, možda NOD ne može zbog toga, ali 100% može sa Kasperskim! Potvrđeno i u praksi. 
Boki
Buduća legenda
- Poruka
- 25.947
Dobro, možda NOD ne može zbog toga, ali 100% može sa Kasperskim! Potvrđeno i u praksi.
JAo Deki pa zasto mi to radis???
To nisam znao.
U svakom slucaju HVALA VELIKA
.
gost 46745
Veoma poznat
- Poruka
- 12.490
instalirala comboFix i dobila sledece , pomagajte , u raspadnom je stanju ...
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-26 68856]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"Google Update"="c:\documents and settings\Svetlana\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-01-18 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-04-18 5562368]
"SW20"="c:\windows\system32\sw20.exe" [2005-06-30 200704]
"SW24"="c:\windows\system32\sw24.exe" [2005-07-04 69632]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-04-18 86016]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-04-18 30192]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-10 136600]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"snppro"="c:\windows\vsnppro.exe" [2005-01-14 339968]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-05-27 413696]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2005-12-10 133016]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-03-09 37888]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-04-23 516440]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-16 2879488]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-05-18 16207872]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2005-04-18 1495040]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"iLike"="c:\program files\iLike\1.2.13\ilikesidebar.exe" [2008-09-10 63024]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office OneNote 2003 Quick Launch.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2003-8-6 51776]
WordWeb.lnk - c:\program files\WordWeb\wweb32.exe [2009-2-27 42168]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Metacafe.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Metacafe.lnk
backup=c:\windows\pss\Metacafe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Svetlana^Start Menu^Programs^Startup^Metacafe.lnk]
path=c:\documents and settings\Svetlana\Start Menu\Programs\Startup\Metacafe.lnk
backup=c:\windows\pss\Metacafe.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-26 68856]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408]
"Google Update"="c:\documents and settings\Svetlana\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-01-18 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-04-18 5562368]
"SW20"="c:\windows\system32\sw20.exe" [2005-06-30 200704]
"SW24"="c:\windows\system32\sw24.exe" [2005-07-04 69632]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-04-18 86016]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-04-18 30192]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-10 136600]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"snppro"="c:\windows\vsnppro.exe" [2005-01-14 339968]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-05-27 413696]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2005-12-10 133016]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-03-09 37888]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-04-23 516440]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
"SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2006-05-16 2879488]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2006-05-18 16207872]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2005-04-18 1495040]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"iLike"="c:\program files\iLike\1.2.13\ilikesidebar.exe" [2008-09-10 63024]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office OneNote 2003 Quick Launch.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2003-8-6 51776]
WordWeb.lnk - c:\program files\WordWeb\wweb32.exe [2009-2-27 42168]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Metacafe.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Metacafe.lnk
backup=c:\windows\pss\Metacafe.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Svetlana^Start Menu^Programs^Startup^Metacafe.lnk]
path=c:\documents and settings\Svetlana\Start Menu\Programs\Startup\Metacafe.lnk
backup=c:\windows\pss\Metacafe.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
gost 46745
Veoma poznat
- Poruka
- 12.490
Pa dalje....
"DisableNotifications"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe"=
"c:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"=
"c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Documents and Settings\\Svetlana\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\Svetlana\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"unwise_.exe"= unwise_.exe:SYSTEM
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9420:TCP"= 9420:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
"4147:TCP"= 4147:TCP:Akamai NetSession Interface
"4750:TCP"= 4750:TCP:Akamai NetSession Interface
"1043:TCP"= 1043:TCP:Akamai NetSession Interface
"1042:TCP"= 1042:TCP:Akamai NetSession Interface
"2266:TCP"= 2266:TCP:Akamai NetSession Interface
"1044:TCP"= 1044:TCP:Akamai NetSession Interface
"1143:TCP"= 1143:TCP:Akamai NetSession Interface
"1069:TCP"= 1069:TCP:Akamai NetSession Interface
"1040:TCP"= 1040:TCP:Akamai NetSession Interface
"1089:TCP"= 1089:TCP:Akamai NetSession Interface
"1104:TCP"= 1104:TCP:Akamai NetSession Interface
"1439:TCP"= 1439:TCP:Akamai NetSession Interface
"4424:TCP"= 4424:TCP:Akamai NetSession Interface
"4900:TCP"= 4900:TCP:Akamai NetSession Interface
"1190:TCP"= 1190:TCP:Akamai NetSession Interface
"1898:TCP"= 1898:TCP:Akamai NetSession Interface
"2141:TCP"= 2141:TCP:Akamai NetSession Interface
"2424:TCP"= 2424:TCP:Akamai NetSession Interface
"1078:TCP"= 1078:TCP:Akamai NetSession Interface
"1041:TCP"= 1041:TCP:Akamai NetSession Interface
"1071:TCP"= 1071:TCP:Akamai NetSession Interface
"1032:TCP"= 1032:TCP:Akamai NetSession Interface
"3546:TCP"= 3546:TCP:Akamai NetSession Interface
"3581:TCP"= 3581:TCP:Akamai NetSession Interface
"1065:TCP"= 1065:TCP:Akamai NetSession Interface
"1088:TCP"= 1088:TCP:Akamai NetSession Interface
"2675:TCP"= 2675:TCP:Akamai NetSession Interface
"2684:TCP"= 2684:TCP:Akamai NetSession Interface
"1037:TCP"= 1037:TCP:Akamai NetSession Interface
"1038:TCP"= 1038:TCP:Akamai NetSession Interface
"1075:TCP"= 1075:TCP:Akamai NetSession Interface
"1063:TCP"= 1063:TCP:Akamai NetSession Interface
"1112:TCP"= 1112:TCP:Akamai NetSession Interface
"1111:TCP"= 1111:TCP:Akamai NetSession Interface
"1064:TCP"= 1064:TCP:Akamai NetSession Interface
"1074:TCP"= 1074:TCP:Akamai NetSession Interface
"1039:TCP"= 1039:TCP:Akamai NetSession Interface
"1082:TCP"= 1082:TCP:Akamai NetSession Interface
"3733:TCP"= 3733:TCP:Akamai NetSession Interface
"1051:TCP"= 1051:TCP:Akamai NetSession Interface
"1339:TCP"= 1339:TCP:Akamai NetSession Interface
"2751:TCP"= 2751:TCP:Akamai NetSession Interface
"1036:TCP"= 1036:TCP:Akamai NetSession Interface
"9991:TCP"= 9991:TCP
ORT2
"9999:TCP"= 9999:TCPORT1
"1013:TCP"= 1013:TCP:BS
"12353:TCP"= 12353:TCP:FD
"8504:TCP"= 8504:TCP:FD
"1076:TCP"= 1076:TCP:Akamai NetSession Interface
"40985:TCP"= 40985:TCP:FD
"41776:TCP"= 41776:TCP:Akamai NetSession Interface
"1035:TCP"= 1035:TCP:Akamai NetSession Interface
"51878:TCP"= 51878:TCP:FD
"39857:TCP"= 39857:TCP:Akamai NetSession Interface
"4905:TCP"= 4905:TCP:Akamai NetSession Interface
"16061:TCP"= 16061:TCP:FD
"19658:TCP"= 19658:TCP:FD
"41609:TCP"= 41609:TCP:FD
"26963:TCP"= 26963:TCP:Akamai NetSession Interface
"1067:TCP"= 1067:TCP:Akamai NetSession Interface
"41439:TCP"= 41439:TCP:FD
"41617:TCP"= 41617:TCP:Akamai NetSession Interface
"1059:TCP"= 1059:TCP:Akamai NetSession Interface
"5463:TCP"= 5463:TCP:Akamai NetSession Interface
"1066:TCP"= 1066:TCP:Akamai NetSession Interface
"1582:TCP"= 1582:TCP:Akamai NetSession Interface
"2002:TCP"= 2002:TCP:Akamai NetSession Interface
"1054:TCP"= 1054:TCP:Akamai NetSession Interface
"2333:TCP"= 2333:TCP:Akamai NetSession Interface
"1215:TCP"= 1215:TCP:Akamai NetSession Interface
"1058:TCP"= 1058:TCP:Akamai NetSession Interface
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [1/29/2009 6:34 PM 64160]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2/6/2009 2:23 PM 106208]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2/6/2009 2:24 PM 93336]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2/6/2009 2:23 PM 727720]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [1/18/2009 11:34 PM 953168]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [1/14/2009 6:53 PM 226656]
R3 SNPPRO;USB PC Camera (snppro);c:\windows\system32\drivers\snppro.sys [5/8/2007 8:38 PM 8664448]
S2 Windows Hosts Controller;Windows Hosts Controller;"c:\windows\Fonts\unwise_.exe" --> c:\windows\Fonts\unwise_.exe [?]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [5/10/2007 12:02 AM 30192]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1490b0f2-8d83-11dc-8b95-0016e633ca37}]
\Shell\Auto\command - Cn911.exe
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Cn911.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{320b65ec-1758-11dc-8a6a-0016e633ca37}]
\Shell\Auto\command - Cn911.exe
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Cn911.exe
.
Contents of the 'Scheduled Tasks' folder
2009-05-04 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 15:43]
2009-05-07 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-09 18:58]
2009-05-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-573735546-1801674531-1003.job
- c:\documents and settings\Svetlana\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-01-18 12:55]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe
HKCU-Run-Messenger (Yahoo!) - ~c:\program files\Yahoo!\Messenger\YahooMessenger.exe
HKLM-Run-SCFTrayStartUp - c:\program files\Sophos\Sophos Client Firewall\SCFTray.exe
HKLM-Run-TkBellExe - realsched.exe
SafeBoot-SVCWINSPOOL
"DisableNotifications"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe"=
"c:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"=
"c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Documents and Settings\\Svetlana\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\Svetlana\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"unwise_.exe"= unwise_.exe:SYSTEM
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9420:TCP"= 9420:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
"4147:TCP"= 4147:TCP:Akamai NetSession Interface
"4750:TCP"= 4750:TCP:Akamai NetSession Interface
"1043:TCP"= 1043:TCP:Akamai NetSession Interface
"1042:TCP"= 1042:TCP:Akamai NetSession Interface
"2266:TCP"= 2266:TCP:Akamai NetSession Interface
"1044:TCP"= 1044:TCP:Akamai NetSession Interface
"1143:TCP"= 1143:TCP:Akamai NetSession Interface
"1069:TCP"= 1069:TCP:Akamai NetSession Interface
"1040:TCP"= 1040:TCP:Akamai NetSession Interface
"1089:TCP"= 1089:TCP:Akamai NetSession Interface
"1104:TCP"= 1104:TCP:Akamai NetSession Interface
"1439:TCP"= 1439:TCP:Akamai NetSession Interface
"4424:TCP"= 4424:TCP:Akamai NetSession Interface
"4900:TCP"= 4900:TCP:Akamai NetSession Interface
"1190:TCP"= 1190:TCP:Akamai NetSession Interface
"1898:TCP"= 1898:TCP:Akamai NetSession Interface
"2141:TCP"= 2141:TCP:Akamai NetSession Interface
"2424:TCP"= 2424:TCP:Akamai NetSession Interface
"1078:TCP"= 1078:TCP:Akamai NetSession Interface
"1041:TCP"= 1041:TCP:Akamai NetSession Interface
"1071:TCP"= 1071:TCP:Akamai NetSession Interface
"1032:TCP"= 1032:TCP:Akamai NetSession Interface
"3546:TCP"= 3546:TCP:Akamai NetSession Interface
"3581:TCP"= 3581:TCP:Akamai NetSession Interface
"1065:TCP"= 1065:TCP:Akamai NetSession Interface
"1088:TCP"= 1088:TCP:Akamai NetSession Interface
"2675:TCP"= 2675:TCP:Akamai NetSession Interface
"2684:TCP"= 2684:TCP:Akamai NetSession Interface
"1037:TCP"= 1037:TCP:Akamai NetSession Interface
"1038:TCP"= 1038:TCP:Akamai NetSession Interface
"1075:TCP"= 1075:TCP:Akamai NetSession Interface
"1063:TCP"= 1063:TCP:Akamai NetSession Interface
"1112:TCP"= 1112:TCP:Akamai NetSession Interface
"1111:TCP"= 1111:TCP:Akamai NetSession Interface
"1064:TCP"= 1064:TCP:Akamai NetSession Interface
"1074:TCP"= 1074:TCP:Akamai NetSession Interface
"1039:TCP"= 1039:TCP:Akamai NetSession Interface
"1082:TCP"= 1082:TCP:Akamai NetSession Interface
"3733:TCP"= 3733:TCP:Akamai NetSession Interface
"1051:TCP"= 1051:TCP:Akamai NetSession Interface
"1339:TCP"= 1339:TCP:Akamai NetSession Interface
"2751:TCP"= 2751:TCP:Akamai NetSession Interface
"1036:TCP"= 1036:TCP:Akamai NetSession Interface
"9991:TCP"= 9991:TCP
ORT2"9999:TCP"= 9999:TCP
ORT1"1013:TCP"= 1013:TCP:BS
"12353:TCP"= 12353:TCP:FD
"8504:TCP"= 8504:TCP:FD
"1076:TCP"= 1076:TCP:Akamai NetSession Interface
"40985:TCP"= 40985:TCP:FD
"41776:TCP"= 41776:TCP:Akamai NetSession Interface
"1035:TCP"= 1035:TCP:Akamai NetSession Interface
"51878:TCP"= 51878:TCP:FD
"39857:TCP"= 39857:TCP:Akamai NetSession Interface
"4905:TCP"= 4905:TCP:Akamai NetSession Interface
"16061:TCP"= 16061:TCP:FD
"19658:TCP"= 19658:TCP:FD
"41609:TCP"= 41609:TCP:FD
"26963:TCP"= 26963:TCP:Akamai NetSession Interface
"1067:TCP"= 1067:TCP:Akamai NetSession Interface
"41439:TCP"= 41439:TCP:FD
"41617:TCP"= 41617:TCP:Akamai NetSession Interface
"1059:TCP"= 1059:TCP:Akamai NetSession Interface
"5463:TCP"= 5463:TCP:Akamai NetSession Interface
"1066:TCP"= 1066:TCP:Akamai NetSession Interface
"1582:TCP"= 1582:TCP:Akamai NetSession Interface
"2002:TCP"= 2002:TCP:Akamai NetSession Interface
"1054:TCP"= 1054:TCP:Akamai NetSession Interface
"2333:TCP"= 2333:TCP:Akamai NetSession Interface
"1215:TCP"= 1215:TCP:Akamai NetSession Interface
"1058:TCP"= 1058:TCP:Akamai NetSession Interface
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [1/29/2009 6:34 PM 64160]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2/6/2009 2:23 PM 106208]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2/6/2009 2:24 PM 93336]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2/6/2009 2:23 PM 727720]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [1/18/2009 11:34 PM 953168]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [1/14/2009 6:53 PM 226656]
R3 SNPPRO;USB PC Camera (snppro);c:\windows\system32\drivers\snppro.sys [5/8/2007 8:38 PM 8664448]
S2 Windows Hosts Controller;Windows Hosts Controller;"c:\windows\Fonts\unwise_.exe" --> c:\windows\Fonts\unwise_.exe [?]
S3 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [5/10/2007 12:02 AM 30192]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1490b0f2-8d83-11dc-8b95-0016e633ca37}]
\Shell\Auto\command - Cn911.exe
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Cn911.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{320b65ec-1758-11dc-8a6a-0016e633ca37}]
\Shell\Auto\command - Cn911.exe
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Cn911.exe
.
Contents of the 'Scheduled Tasks' folder
2009-05-04 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 15:43]
2009-05-07 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-05-09 18:58]
2009-05-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-573735546-1801674531-1003.job
- c:\documents and settings\Svetlana\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-01-18 12:55]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe
HKCU-Run-Messenger (Yahoo!) - ~c:\program files\Yahoo!\Messenger\YahooMessenger.exe
HKLM-Run-SCFTrayStartUp - c:\program files\Sophos\Sophos Client Firewall\SCFTray.exe
HKLM-Run-TkBellExe - realsched.exe
SafeBoot-SVCWINSPOOL
gost 46745
Veoma poznat
- Poruka
- 12.490
I jos ovo....
------ Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearch Bar = hxxp://www.google.com/ie
mSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = proxy.vektor.net:8080
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Search - ?p=ZK
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Post Image to Blog
IE: Tag This Image
IE: Transload Image to ImageShack
IE: Upload All Images to ImageShack
IE: Upload Image to ImageShack
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
FF - ProfilePath - c:\documents and settings\Svetlana\Application Data\Mozilla\Firefox\Profiles\hucy0xr5.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: network.proxy.ftp - proxy.vektor.net
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - proxy.vektor.net
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - proxy.vektor.net
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - proxy.vektor.net
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - proxy.vektor.net
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 1
FF - component: c:\progra~1\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\documents and settings\Svetlana\Application Data\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\Svetlana\Local Settings\Application Data\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa2.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeploytk.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npnul32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOFFICE.DLL
FF - plugin: c:\program files\Mozilla Firefox\plugins\nppdf32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nppl3260.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin6.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nprjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
FF - plugin: c:\program files\Opera 9.5 beta\program\plugins\NPOFFICE.DLL
FF - plugin: c:\program files\Opera 9.5 beta\program\plugins\nppl3260.dll
FF - plugin: c:\program files\Opera 9.5 beta\program\plugins\npqtplugin.dll
FF - plugin: c:\program files\Opera 9.5 beta\program\plugins\npqtplugin2.dll
FF - plugin: c:\program files\Opera 9.5 beta\program\plugins\npqtplugin3.dll
FF - plugin: c:\program files\Opera 9.5 beta\program\plugins\npqtplugin4.dll
FF - plugin: c:\program files\Opera 9.5 beta\program\plugins\npqtplugin5.dll
FF - plugin: c:\program files\Opera 9.5 beta\program\plugins\npqtplugin6.dll
FF - plugin: c:\program files\Opera 9.5 beta\program\plugins\nprjplug.dll
FF - plugin: c:\program files\Opera 9.5 beta\program\plugins\nprpjplug.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-08 00:15
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(2508)
c:\progra~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
c:\windows\system32\Msi.dll
c:\progra~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
c:\program files\iTunes\iTunesMiniPlayer.dll
c:\program files\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll
c:\program files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll
c:\windows\system32\shdoclc.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-05-07 0:17 - machine was rebooted
ComboFix-quarantined-files.txt 2009-05-07 22:17
Pre-Run: 116,545,691,648 bytes free
Post-Run: 116,704,337,920 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
345
Hvala unapred ....
------ Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearch Bar = hxxp://www.google.com/ie
mSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyServer = proxy.vektor.net:8080
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Search - ?p=ZK
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Post Image to Blog
IE: Tag This Image
IE: Transload Image to ImageShack
IE: Upload All Images to ImageShack
IE: Upload Image to ImageShack
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
FF - ProfilePath - c:\documents and settings\Svetlana\Application Data\Mozilla\Firefox\Profiles\hucy0xr5.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: network.proxy.ftp - proxy.vektor.net
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - proxy.vektor.net
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - proxy.vektor.net
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - proxy.vektor.net
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - proxy.vektor.net
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 1
FF - component: c:\progra~1\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\documents and settings\Svetlana\Application Data\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\Svetlana\Local Settings\Application Data\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa2.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeploytk.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npnul32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOFFICE.DLL
FF - plugin: c:\program files\Mozilla Firefox\plugins\nppdf32.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nppl3260.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin4.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin5.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin6.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nprjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
FF - plugin: c:\program files\Opera 9.5 beta\program\plugins\NPOFFICE.DLL
FF - plugin: c:\program files\Opera 9.5 beta\program\plugins\nppl3260.dll
FF - plugin: c:\program files\Opera 9.5 beta\program\plugins\npqtplugin.dll
FF - plugin: c:\program files\Opera 9.5 beta\program\plugins\npqtplugin2.dll
FF - plugin: c:\program files\Opera 9.5 beta\program\plugins\npqtplugin3.dll
FF - plugin: c:\program files\Opera 9.5 beta\program\plugins\npqtplugin4.dll
FF - plugin: c:\program files\Opera 9.5 beta\program\plugins\npqtplugin5.dll
FF - plugin: c:\program files\Opera 9.5 beta\program\plugins\npqtplugin6.dll
FF - plugin: c:\program files\Opera 9.5 beta\program\plugins\nprjplug.dll
FF - plugin: c:\program files\Opera 9.5 beta\program\plugins\nprpjplug.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-08 00:15
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(2508)
c:\progra~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
c:\windows\system32\Msi.dll
c:\progra~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
c:\program files\iTunes\iTunesMiniPlayer.dll
c:\program files\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll
c:\program files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll
c:\windows\system32\shdoclc.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-05-07 0:17 - machine was rebooted
ComboFix-quarantined-files.txt 2009-05-07 22:17
Pre-Run: 116,545,691,648 bytes free
Post-Run: 116,704,337,920 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
345
Hvala unapred ....
Poslednja izmena:
@ivab10
Mislim da log fajl nije kompletan - fali početak.
Ali dobro, deinstaliraj ComboFix na sledeći način:
Ne bi bilo loše da se postavi i HijackThis log.
Mislim da log fajl nije kompletan - fali početak.
Ali dobro, deinstaliraj ComboFix na sledeći način:
- Klikni START a zatim RUN
- U liniju za unos teksta ukucaj Combofix /u, klikni OK i sačekaj da se proces završi.
- Obrisati sledeće:
- ComboFix i njegove file-ove i foldere
- VundoFix backup folder, ako postoji
- C:\Deckard folder, ako postoji
- C:\OtMoveIt folder, ako postoji
- Resetovati podešavanja sata na kompjuteru
- Sakriti ekstenzije file-ova, ako je potrebno
- Sakriti sistemske/skrivene file-ove, ako je potrebno
- Resetovati System Restore
Ne bi bilo loše da se postavi i HijackThis log.
gost 46745
Veoma poznat
- Poruka
- 12.490
Da , sad sam tek uporedila , fali ovo ..
ComboFix 09-05-07.06 - Svetlana 05/08/2009 0:08.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.404 [GMT 2:00]
Running from: c:\documents and settings\Svetlana\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated)
FW: Norton AntiVirus *disabled*
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\documents\setup.exe
c:\windows\IE4 Error Log.txt
c:\windows\system32\dumphive.exe
c:\windows\system32\i
c:\windows\system32\IEDFix.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SYSDRV32
-------\Service_sysdrv32
((((((((((((((((((((((((( Files Created from 2009-04-07 to 2009-05-07 )))))))))))))))))))))))))))))))
.
2009-04-25 12:14 . 2004-08-03 20:32 84480 -c--a-w c:\windows\system32\dllcache\ac97via.sys
2009-04-25 12:14 . 2004-08-03 20:32 84480 ----a-w c:\windows\system32\drivers\ac97via.sys
2009-04-23 01:57 . 2009-04-23 01:57 -------- d-----w c:\documents and settings\Svetlana\Application Data\FastStone
2009-04-23 01:57 . 2009-04-23 01:57 -------- d-----w c:\program files\FastStone Image Viewer
2009-04-12 20:22 . 2009-04-12 20:22 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2009-04-12 18:15 . 2009-04-12 18:15 -------- d-----w c:\documents and settings\Svetlana\Local Settings\Application Data\ESET
2009-04-12 18:14 . 2009-04-12 18:14 -------- d-----w c:\program files\ESET
2009-04-12 18:14 . 2009-04-12 18:14 -------- d-----w c:\documents and settings\All Users\Application Data\ESET
2009-04-10 14:00 . 2009-04-10 14:00 -------- d-----w c:\documents and settings\Svetlana\Local Settings\Application Data\Conduit
2009-04-10 14:00 . 2009-04-10 14:00 -------- d-----w c:\documents and settings\Svetlana\Local Settings\Application Data\TorrentMan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-23 16:04 . 2009-01-29 22:21 15688 ----a-w c:\windows\system32\lsdelete.exe
2009-04-23 15:53 . 2009-01-29 16:34 64160 ----a-w c:\windows\system32\drivers\Lbd.sys
2009-04-18 13:23 . 2007-05-09 22:00 -------- d-----w c:\program files\Winamp
2009-04-18 13:11 . 2008-12-03 00:54 -------- d-----w c:\program files\JLC's Software
2009-03-23 03:11 . 2009-03-23 02:49 -------- d-----w c:\program files\BitLord
2009-03-23 02:50 . 2009-03-23 02:50 -------- d-----w c:\program files\Conduit
2009-03-23 02:50 . 2009-03-23 02:50 -------- d-----w c:\program files\TorrentMan
2009-03-23 02:35 . 2007-08-15 00:57 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-03-10 08:44 . 2009-03-10 08:44 -------- d-----r c:\program files\Skype
2009-03-10 08:44 . 2009-03-10 08:44 -------- d-----w c:\program files\Common Files\Skype
2009-02-14 23:13 . 2007-05-09 11:08 54520 ----a-w c:\documents and settings\Svetlana\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2008-09-07 23:20 . 2007-07-04 16:57 363 ------w c:\program files\USetup.exe.txt
2007-07-04 16:47 . 2007-07-04 16:47 618496 ------w c:\program files\USetup.exe
2009-04-18 13:03 . 2008-09-05 08:24 122880 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
2008-05-20 23:43 1526296 ----a-w c:\program files\TorrentMan\tbTorr.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7c5c0f58-e061-457d-9033-77307f5ed00c}"= "c:\program files\TorrentMan\tbTorr.dll" [2008-05-20 1526296]
[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{7C5C0F58-E061-457D-9033-77307F5ED00C}"= "c:\program files\TorrentMan\tbTorr.dll" [2008-05-20 1526296]
[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
ComboFix 09-05-07.06 - Svetlana 05/08/2009 0:08.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1023.404 [GMT 2:00]
Running from: c:\documents and settings\Svetlana\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated)
FW: Norton AntiVirus *disabled*
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\documents\setup.exe
c:\windows\IE4 Error Log.txt
c:\windows\system32\dumphive.exe
c:\windows\system32\i
c:\windows\system32\IEDFix.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SYSDRV32
-------\Service_sysdrv32
((((((((((((((((((((((((( Files Created from 2009-04-07 to 2009-05-07 )))))))))))))))))))))))))))))))
.
2009-04-25 12:14 . 2004-08-03 20:32 84480 -c--a-w c:\windows\system32\dllcache\ac97via.sys
2009-04-25 12:14 . 2004-08-03 20:32 84480 ----a-w c:\windows\system32\drivers\ac97via.sys
2009-04-23 01:57 . 2009-04-23 01:57 -------- d-----w c:\documents and settings\Svetlana\Application Data\FastStone
2009-04-23 01:57 . 2009-04-23 01:57 -------- d-----w c:\program files\FastStone Image Viewer
2009-04-12 20:22 . 2009-04-12 20:22 -------- d-----w c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2009-04-12 18:15 . 2009-04-12 18:15 -------- d-----w c:\documents and settings\Svetlana\Local Settings\Application Data\ESET
2009-04-12 18:14 . 2009-04-12 18:14 -------- d-----w c:\program files\ESET
2009-04-12 18:14 . 2009-04-12 18:14 -------- d-----w c:\documents and settings\All Users\Application Data\ESET
2009-04-10 14:00 . 2009-04-10 14:00 -------- d-----w c:\documents and settings\Svetlana\Local Settings\Application Data\Conduit
2009-04-10 14:00 . 2009-04-10 14:00 -------- d-----w c:\documents and settings\Svetlana\Local Settings\Application Data\TorrentMan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-23 16:04 . 2009-01-29 22:21 15688 ----a-w c:\windows\system32\lsdelete.exe
2009-04-23 15:53 . 2009-01-29 16:34 64160 ----a-w c:\windows\system32\drivers\Lbd.sys
2009-04-18 13:23 . 2007-05-09 22:00 -------- d-----w c:\program files\Winamp
2009-04-18 13:11 . 2008-12-03 00:54 -------- d-----w c:\program files\JLC's Software
2009-03-23 03:11 . 2009-03-23 02:49 -------- d-----w c:\program files\BitLord
2009-03-23 02:50 . 2009-03-23 02:50 -------- d-----w c:\program files\Conduit
2009-03-23 02:50 . 2009-03-23 02:50 -------- d-----w c:\program files\TorrentMan
2009-03-23 02:35 . 2007-08-15 00:57 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-03-10 08:44 . 2009-03-10 08:44 -------- d-----r c:\program files\Skype
2009-03-10 08:44 . 2009-03-10 08:44 -------- d-----w c:\program files\Common Files\Skype
2009-02-14 23:13 . 2007-05-09 11:08 54520 ----a-w c:\documents and settings\Svetlana\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2008-09-07 23:20 . 2007-07-04 16:57 363 ------w c:\program files\USetup.exe.txt
2007-07-04 16:47 . 2007-07-04 16:47 618496 ------w c:\program files\USetup.exe
2009-04-18 13:03 . 2008-09-05 08:24 122880 ----a-w c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
2008-05-20 23:43 1526296 ----a-w c:\program files\TorrentMan\tbTorr.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7c5c0f58-e061-457d-9033-77307f5ed00c}"= "c:\program files\TorrentMan\tbTorr.dll" [2008-05-20 1526296]
[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{7C5C0F58-E061-457D-9033-77307F5ED00C}"= "c:\program files\TorrentMan\tbTorr.dll" [2008-05-20 1526296]
[HKEY_CLASSES_ROOT\clsid\{7c5c0f58-e061-457d-9033-77307f5ed00c}]
gost 46745
Veoma poznat
- Poruka
- 12.490
Da ne bude da sam bezveze pitala , jos uvek sam u problemu ali dosta radim i nisam pri mom kompu .
Javljam se cim uradim to sto si rekao .
Poz...
Javljam se cim uradim to sto si rekao .
Poz...
I postavi HijackThis log (uputstvo na ovoj temi 
http://forum.krstarica.com/threads/167305)
http://forum.krstarica.com/threads/167305)
gost 46745
Veoma poznat
- Poruka
- 12.490
Evo , uradila ....
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:17:08, on 5/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\WINDOWS\vsnppro.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Svetlana\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\WordWeb\wweb32.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.vektor.net:8080
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE.....................i daljeeeee....
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:17:08, on 5/11/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\WINDOWS\vsnppro.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\Svetlana\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\WordWeb\wweb32.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.vektor.net:8080
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - C:\Program Files\TorrentMan\tbTorr.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE.....................i daljeeeee....
gost 46745
Veoma poznat
- Poruka
- 12.490
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [snppro] C:\WINDOWS\vsnppro.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SCFTrayStartUp] c:\Program Files\Sophos\Sophos Client Firewall\SCFTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Svetlana\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [iLike] C:\Program Files\iLike\1.2.13\ilikesidebar.exe /checkforupdate (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [iLike] C:\Program Files\iLike\1.2.13\ilikesidebar.exe /checkforupdate (User 'Default user')
O4 - Startup: Babuki.lnk = C:\Program Files\Babuki\Babuki.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O8 - Extra context menu item: &Search - ?p=ZK
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1218548873828
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} -
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Windows Hosts Controller - Unknown owner - C:\WINDOWS\Fonts\unwise_.exe (file missing)
O24 - Desktop Component 0: (no name) - http://forum.krstarica.com/image.php?u=72721&dateline=1180086622
O24 - Desktop Component 1: (no name) - http://www.euroturs-nis.co.yu/images/LETO2007.jpg
--
End of file - 10799 bytes
Nadam se da je sve tu sada ...poz
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [snppro] C:\WINDOWS\vsnppro.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SCFTrayStartUp] c:\Program Files\Sophos\Sophos Client Firewall\SCFTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Svetlana\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [iLike] C:\Program Files\iLike\1.2.13\ilikesidebar.exe /checkforupdate (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [iLike] C:\Program Files\iLike\1.2.13\ilikesidebar.exe /checkforupdate (User 'Default user')
O4 - Startup: Babuki.lnk = C:\Program Files\Babuki\Babuki.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O8 - Extra context menu item: &Search - ?p=ZK
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1218548873828
O16 - DPF: {6932D140-ABC4-4073-A44C-D4A541665E35} -
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Desktop Manager 5.8.809.23506 (GoogleDesktopManager-092308-165331) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Windows Hosts Controller - Unknown owner - C:\WINDOWS\Fonts\unwise_.exe (file missing)
O24 - Desktop Component 0: (no name) - http://forum.krstarica.com/image.php?u=72721&dateline=1180086622
O24 - Desktop Component 1: (no name) - http://www.euroturs-nis.co.yu/images/LETO2007.jpg
--
End of file - 10799 bytes
Nadam se da je sve tu sada ...poz
Nisi baš ispratila uputstvo, tamo lepo piše da se folder i sam izvršni fajl HijackThisa PREIMENUJU, a ne ovako...
__________________
Dobro, ovako ćemo... isključi System Restore (desni klik na My Comp > Properties > System Restore tab > čekiraš kućicu Turn off System Restore...). Restartuj komp, uđi u Safe mode (na F8), pokreni još jednom HijackThis program i kad završi skeniranje, čekiraj sledeće linije...
Restartuj komp ponovo u Normal modu, uključi System Restore, skini program Malwarebytes' AntiMalware, ažuriraj mu bazu i uradi Quick scan sa njim, pa postavi i njegov log fajl.
__________________
Dobro, ovako ćemo... isključi System Restore (desni klik na My Comp > Properties > System Restore tab > čekiraš kućicu Turn off System Restore...). Restartuj komp, uđi u Safe mode (na F8), pokreni još jednom HijackThis program i kad završi skeniranje, čekiraj sledeće linije...
- O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
- O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
- O8 - Extra context menu item: &Search - ?p=ZK
- O23 - Service: Windows Hosts Controller - Unknown owner - C:\WINDOWS\Fonts\unwise_.exe (file missing)
Restartuj komp ponovo u Normal modu, uključi System Restore, skini program Malwarebytes' AntiMalware, ažuriraj mu bazu i uradi Quick scan sa njim, pa postavi i njegov log fajl.
Poslednja izmena:
gost 46745
Veoma poznat
- Poruka
- 12.490
Hvala tebi sto se trudis da mi pomognes .
Shvatila sam sta sam uradila cim sam poslala ..
Elem , sad evo novog loga po uputstvu ( nadam se da sam dobro ispratila )
Malwarebytes' Anti-Malware 1.36
Database version: 2110
Windows 5.1.2600 Service Pack 2
5/11/2009 11:21:00 PM
mbam-log-2009-05-11 (23-20-20).txt
Scan type: Quick Scan
Objects scanned: 99422
Time elapsed: 4 minute(s), 18 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> No action taken.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Mislim da su nevolje krenule kad sam prvi i jedini put upotrebila Torent za neki AV i od tada nemam ni VIA AC'97 Audio Controller i stalno trazi da se instalira software za PC device ........
i ko zna sta se tu jos desilo ..
Hvala
Shvatila sam sta sam uradila cim sam poslala ..
Elem , sad evo novog loga po uputstvu ( nadam se da sam dobro ispratila )
Malwarebytes' Anti-Malware 1.36
Database version: 2110
Windows 5.1.2600 Service Pack 2
5/11/2009 11:21:00 PM
mbam-log-2009-05-11 (23-20-20).txt
Scan type: Quick Scan
Objects scanned: 99422
Time elapsed: 4 minute(s), 18 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{07aa283a-43d7-4cbe-a064-32a21112d94d} (Adware.Zango) -> No action taken.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Mislim da su nevolje krenule kad sam prvi i jedini put upotrebila Torent za neki AV i od tada nemam ni VIA AC'97 Audio Controller i stalno trazi da se instalira software za PC device ........
i ko zna sta se tu jos desilo ..Hvala
Ok, vidim da je Malwarebytes pronašao neke inficirane stavke, ali me buni ovo... No action taken! Verovatno ih nisi čekirala i kliknula na Remove Selected. Ako je tako, uradi Scan ponovo, čekiraj inficirane fajlove i klikni na Remove Selected. Pa javi šta se dešava, ili postavi novi log. Mora da ukloni to što nađe.
gost 46745
Veoma poznat
- Poruka
- 12.490
Jesam , uklonila i restartovala , ali sam log uzela pre toga .
Sad radim full scan , pa cu postaviti novi log
Sad radim full scan , pa cu postaviti novi log
gost 46745
Veoma poznat
- Poruka
- 12.490
E sad bi ovo trebalo da je u redu
jos da pronadjem software izgubljeni i
Malwarebytes' Anti-Malware 1.36
Database version: 2110
Windows 5.1.2600 Service Pack 2
5/12/2009 12:48:46 AM
mbam-log-2009-05-12 (00-48-46).txt
Scan type: Full Scan (C:\|)
Objects scanned: 177146
Time elapsed: 33 minute(s), 47 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
i 
jos da pronadjem software izgubljeni i
Malwarebytes' Anti-Malware 1.36
Database version: 2110
Windows 5.1.2600 Service Pack 2
5/12/2009 12:48:46 AM
mbam-log-2009-05-12 (00-48-46).txt
Scan type: Full Scan (C:\|)
Objects scanned: 177146
Time elapsed: 33 minute(s), 47 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
i Log je čist, mada se uvek može još nešto probati. Pa sad...
Samo kad bi malo pobliže objasnila još i ovo...
Samo kad bi malo pobliže objasnila još i ovo...
... i koje greške pokazuje, možda bi i to mogli da popravimo.
gost 46745
Veoma poznat
- Poruka
- 12.490
Sad bas gledam temu '' ima slike nema ton '', pa pokusavam da pronadjem nesto za moj problem
Nema tona nikakvog
U Device menageru , VIA AC'97 audio controller (WDM) je pod zutim usklicnikom
i posle PCI device takodje
Nema tona nikakvog
U Device menageru , VIA AC'97 audio controller (WDM) je pod zutim usklicnikom
i posle PCI device takodje
Probaj ovo, desni klik na taj VIA AC'97 audio controller > Uninstall > pa Restart kompa. Nakon toga sistem bi sam trebao da instalira drajver za zvuk (ukoliko je sa njim sve u redu), uostalom čuće se onaj karakteristični zvuk prilikom podizanja Wina. Ukoliko se zvuk ne povrati, treba instalirati drajver za zvuk ili sa CD-a od matične, ili ga skinuti sa net-a prema modelu tvoje matične ploče. Kaži tačan model pa da potražimo.
gost 46745
Veoma poznat
- Poruka
- 12.490
Prva varijanta nije uspela...
A maticna glasi ovako , na kutiji pise ,
Gigabyte
Sseries support intel core 2 duo processor
GA-945PL-S3
ali
uz to sam dobila CD na kome pise intel 955X/945
i probala al ne moze da pronadje taj driver za zvuk
A maticna glasi ovako , na kutiji pise ,
Gigabyte
Sseries support intel core 2 duo processor
GA-945PL-S3
ali
uz to sam dobila CD na kome pise intel 955X/945
i probala al ne moze da pronadje taj driver za zvuk
Probaj ovaj drajver da skineš, to je sa Gigabyte-ovog sajta http://europe.giga-byte.com/FileList/Driver/motherboard_driver_audio_realtek_azalia.exe
http://europe.giga-byte.com/FileList/Driver/motherboard_driver_audio_realtek_azalia.exe
gost 46745
Veoma poznat
- Poruka
- 12.490
Skinula i dalje me sramota da pitam , al moram
Sta sad ?
Sta sad ?
Pa pokreni ga, trebalo bi da se instalira.
gost 46745
Veoma poznat
- Poruka
- 12.490
Nece nikako ...
ni meni nije jasno i vise puta sam vracala i probala ..
e sad , cini mi se da je to za vistu ako ima nekog znacaja i jednostavno ga ne prepoznaje
ili je neki drugi problem
ni meni nije jasno i vise puta sam vracala i probala ..
e sad , cini mi se da je to za vistu ako ima nekog znacaja i jednostavno ga ne prepoznaje
ili je neki drugi problem
