[ parmin @ 25.01.2008. 21:44 ] @
Imam w. xp i imao sam nod 32 instaliran. Ali dosta mi je kočio rad kompjutera. Zatim sam proširio memoriju sa 512, na 1GB, misleći da će biti brže. Međutim, ništa. Zatim sam izbrisao Nod, i instalirao Avast, međutim opet je bilo isto. Mozila je kočila i po čitav minut je trebalo da se otvori prozor. Drugi programi su se otvarali brzo, ali Mozila je kočila. Zatim mi je i incredi meil počeo da koči i da ne šalje poruke, mada je normalno primao pisma. Sada sam i avast deinstalirao. Primam poštu normalno i šaljem je normalno, mada mi Mozila opet koči. Gde može da bude problem.
[ kristi1 @ 25.01.2008. 22:17 ] @
Probaj ovim programom da ocistis komp pa javi. Program je fri, ima opciju ciscenja ram memorije i svega ostalog. Mozila dosta trosi memoriju. Program je izvanredan.

http://www.iobit.com/advancedwindowscareper.html?Str=download
[ Binary Mind @ 26.01.2008. 22:55 ] @
Kakva je konfiguracija u pitanju. Nabroj sav hardver. Takodje okachi HiJackThis! log kad si vec ovde na zastiti da vidimo da li si necim zarazen
[ parmin @ 27.01.2008. 12:55 ] @
Instalirao sam "http://www.iobit.com/advancedwindowscareper.html?Str=download" i on mi je skenirao kompjuter i našao je preko 550 problema. Ali nisam mogao da se konektujem na internet dok nisam i taj program izbrisao. Inače konfiguracija je:AMD Athlom Am2 64 3800+B Matična ploča je Asus M2N DH Socket AM2, 1GB ram. Grafička Leadtek PX 7600 GT- TDH. Kada imam instaliran neki AV program on mi pravi probleme. Sve radi dobro i brzo sem interneta. On koči, poštu ne mogu da šaljem. Skida poštu. Čim izbacim AV program sve se normalizuje. Kao da taj program blokira neku zaštitu.
[ parmin @ 27.01.2008. 12:57 ] @
Zaboravih da pogledam brisanje. Doduše, bio je i na srpskom, ali nisam uspeo tu opciju da nađem. Tako da nisam obrisao sve što ne valja. Da pojasnim, kada sam instalirao ovaj program, pustio sam da skenira, ali nisam našao opciju za brisanje problema, a u međuvremenu sam izbacio taj program, jer nisam mogao na internet.
[ Binary Mind @ 27.01.2008. 13:37 ] @
HiJackThis! log si zaboravio da okacis... Mozda si inficiran nekim trojancem ili slicnom gamdi. Takodje ovo je ponasanje koje moze biti intikator rootkit infekcije. Za tu svrhu skini AVG Anti-Rootkit Free Edition.
[ parmin @ 27.01.2008. 19:40 ] @
"HiJackThis! log si zaboravio da okacis." Da li ti stvarno misliš da ja znam šta si mi to napisao. Ne znam šta je to HiJack This ni kako se pravi, ni gde se nalazi. Moraš tu da mi pomogneš. Kako da to uradim.
[ kristi1 @ 27.01.2008. 20:14 ] @
http://www.elitesecurity.org/t243564-OBAVEZNO-PROCITATI
[ Binary Mind @ 27.01.2008. 20:32 ] @
Parmine, parmine ... Bar 5 ako ne i vise tema na prvoj stranici foruma "zastita" imaju neke veze sa HiJackThis!-om. Odradi Pretragu ovog foruma za "HiJackThis!" i siguran sam da ces se snaci.

Pozdrav
[ Danijel Krmar @ 06.02.2008. 20:53 ] @
Iako si pretragom mogao naci kako da dodjes do programa HiJackThis evo ti adresa odakle ga mozes skinuti : http://www.trendsecure.com/por...ools/security_tools/hijackthis. Kad ga pokrenes idi na "Do a system scan and save a log file" pa nam okaci log da vidimo da li imas kakav spyware ili nesto drugo sto bi moglo da ti usporava comp. Obicno spyware i rootkitovi prouzrokuju probleme kakve ti imas.
[ odakleznam @ 19.10.2008. 21:24 ] @
listao sam net...i naleteo na temu koja bas mene zanima, meni se mnogo koci ceo komp..sve se pokoci mozila i ucitavanje stranice...preinstalirao sam windows....winamp radio ko metak..msn isto..sve je super..1gb ram..ali kad pocnem sa otvaranjem stranica...refreshovanjem....nastaje kompletno kocenje..ostalo korisitm a ovo se skroz pokoci pa se posle po 1,2 minuta odkoci pa onda opet.....skinuo sam ovaj hijack...sto kazete...i sta sad on tu nesto skenira..kao sta mi je pokrenuto...i sta sad?niti ima nesto da se brise ...instalirao sam par programa samo da bih imao ziku,msn,acdsee...jos nesto sitno..znaci zasto se koci nije mi jasno... ?sta da se radi..da mi nije otisla ram memorija ?ili sta ja znam..ako neko zna ..svi iznad nisu nista konkretno napisali neko resenje...help...:P i pozz!
[ magna86 @ 19.10.2008. 21:42 ] @
@odakleznam
ovako...
HiJackThis imas? ako nemas mozes da skines sa sledeceg linka
http://www.majorgeeks.com/download5554.html

Stavi ga u zaseban folder na Desktop
Promeni naziv foldera i programa (opcija Rename) u Systav.exe

* Pokreni HijackThis
* Izaberi opciju "Do a system scan and save the logfile"
* Na kreju skeniranja program ce izbaciti tekstualni log.
* taj log kopiraj ovde ( opcije copy / paste)


otvori novu temu i postavi HijackThis logfile da vidimo o cemu se radi
[ odakleznam @ 20.10.2008. 02:46 ] @
evo ovo je izbacilo...u medjuvremenu sam instalirao zadnu mozilu...ali opet isto..


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:40:46, on 20/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{7FDECC2D-4AC0-4D83-8FFE-D7A922A68239}: NameServer = 92.60.224.20 92.60.224.30
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 1542 bytes
[ n1tr0 @ 20.10.2008. 03:35 ] @
@prva poruka: avast i NOD32 istovremeno??? Pa to zna da zapuca racunar, a ne mozes ih lepo ocistiti ako si ih samo uninstall...
Log izgleda ok.
[ Bi1ke @ 04.11.2008. 12:33 ] @
posto i ja imam isti problem sa kompom, bil obi super da neko izanalizila ovo... hvala E da, na jedno od onih ponudjenih sajtova za analizu mi je izbacilo da mi firewall nije aktivan, pa sam proverio i u nis-u pise da je sve ok..?


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:11:12 PM, on 11/4/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =

http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =

http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.icq.com/password
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program

Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common

Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common

Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -

C:\PROGRA~1\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program

Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program

Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program

Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader

9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ScreenPrint32] D:\Instalacione verzije\Novo\screen print&capture

32\ScreenPrint32.exe -startup
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common

Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\Microsoft

Office\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -

C:\PROGRA~1\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -

C:\PROGRA~1\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft

Office\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program

Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\Microsoft

Office\Office12\GrooveSystemServices.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program

Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program

Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program

Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation -

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common

Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program

Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation -

C:\PROGRA~1\Symantec\LiveUpdate\LuComServer_3_2.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation -

C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common

Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common

Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec

Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program

Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

--
End of file - 7583 bytes
[ magna86 @ 04.11.2008. 21:43 ] @
1. iskljuci automatic update (ako je ukljucen)
2.Skini program JavaRA:
http://sourceforge.net/project/downloading.php?gro.....irror=osdn
Uz pomoc njega deinstaliraj matore verzije Jave koje imas na kompu, i instaliraj najnoviju.
3. pokreni HjT i FIX uj sledece linije

Code:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.icq.com/password
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :


4. preporucujem ti da uninstaliras taj norton
on ne samo da koci taj komp o zla boga vec i neradi nista (los AV)
instaliraj Avast ili neki drugi (samo ne nod)

5.skini ovaj program
http://www.malwarebytes.org/startuplite.php
pokreni ga i uncekiraj sve sto ti netreba (a imas dosta gluposti)

6. skini ccleaner
skeniraj registry i obrisi kukie
http://www.ccleaner.com/download

7. obrisi toolbarove (oni ti dodju kao magnet za malware-re)
klasicno..control panel /add or remove programs

valjda je to to...log sam nabrzinu pregledao i mislim da je ~Ok...
ali ti odradi sve ovo pa postavi svez HjT log

srecno
[ magna86 @ 04.11.2008. 22:45 ] @
@odakleznam
izvini...tek sad vidim tvoj log..ako ti treba pomoc uradi sledece
1.promeni HijackThiis.exe i sve foldere nesto drugo..npr. u elite.exe
znaci..sad je ovako
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

treba da izgleda ovako nekako
C:\Program Files\elite.exe\elite.exe\elite.exe

pa posalji log da ga vidim jer ovaj em sto je sad mator em sto nije ceo
(mozda i da otvoris novu temu...)
pozz
[ Bi1ke @ 04.11.2008. 23:06 ] @
@magna86
Hvala puno za pomoc...
Pokusacu pa se javim.
[ Bi1ke @ 06.11.2008. 20:14 ] @
@magna
evo uradio sam nesto, pa ako mozes baci pogled..

skinuo nis :)
instalirao avast 4.8 pro
spybot s&d
Malwarebytes Anti-Malware v1.30
jv16 PowerTools 2008
od ranije imam AdvWinCare
skenirao komp sa svakim....


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:14:43 PM, on 11/6/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ScreenPrint32] D:\Instalacione verzije\Novo\screen print&capture 32\ScreenPrint32.exe -startup
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

--
End of file - 7212 bytes


i samo mi jos molim te prokomentarisi ovaj tekst: http://russelltexas.com/malware/teatimer.htm

HVALA!
[ magna86 @ 07.11.2008. 16:48 ] @
sto se tice tvog pitanja
1.Ja uvek preporucujem da se TeaTimer u Spybot Search & Destroy ugasi
po meni to samo smara i neiskusni korisnici nemaju nikakve vajde od toga...
2.Ove web adrese (u R linijama )su one koje se otvaraju kada radi tvoj interner pretrazivac ili su postavljenje kao tvoj
standardan URL za pretrazivanje. Ako ne prepoznajes adresu ili je to adresa koju ne zelis kao homepage
onda popravljamo to sa HijackThis-om ,
takodje,upravo ove linije znaju da prave problem,ili onemogucava konektovanje na net..itd..ima mnogo toga..
sto se tice BHO-a,
http://en.wikipedia.org/wiki/Browser_Helper_Object

sto se tice ovog dela...
Citat:
So basically the only solution is to disable those protection programs before attempting any change with Hijack This. Re-enabling it after the changes are made is of course mandatory.

da,tea timer bi trebalo da se ugasi kad se barata sa HjT -om,jer on menja registry
mada...nemoj to shvatati zdravo za gotovo,nije to toliko "strasno" ili opasno kao sto tu pise...
nema zbog ceka da se brines...,pa upozorio bi te ja,nebi tek tako davao savete


a sto se tice loga..cist je,nevidim nista maliciozno u njemu
u logu nema niceg sto bi ukazivalo na neku infekciju

pozz
[ Bi1ke @ 07.11.2008. 18:14 ] @
Ok onda iskljucujem i taj teatimer, a inace jeste da je billo malo posla ali mi brze radi komp otkad sam skinuo nis...
jos jednom hvala poz

[ odakleznam @ 02.12.2008. 18:59 ] @
dobro vece ponovo...evo posle nekog vremena ponovo sam na forumu uff ne iz dobrih razloga.....sto se tice ranijeg problema...u pitanju je bila verovali ili ne prasina..za koju mi ni na kraj pameti nije palo...kuler nije ni dopirao do procesora koji je imao 100C ,bio je usijan..ali skinuo sam kuler..oprao od prasine sloj 2 mm ...malo paste za zube...sve vraceno na svom mestu i sve radi kao ludo...ee sad..
i taman kada bi prica trebalo da ima srecan kraj...nastaje jos veci problem...koji nisam resio pa evo nekih 30-40 dana...no da ne duzim..

e ovako...kada god podignem sistem..windows mi izbacuje send/dnt send error..koja glasi..
generic host error win 32 services..zatim mi se gasi internet konekcija i da bih mogao ponovo da imam net...moram da restartujem komp i ponovo se konektujem...to bi kao bio prvi problem....

drugi problem jeste da koristim nod 32..koji mi javlja neku gresku svchost i prijavljuje nekog "worma" ali ja ne znam tacno koje mu je ime...ali opcije kao sto je delete ili quarantine su zatamnjene...hmmm..tako da nema resenja..

treci problem je..da mi je procesor...neprestano na 80-100% upotrebe "cpu usage" tako da je igranje igrica skoro pa nemoguce jer ide veoma sporo
\dakle kada neki program otvorim on radi predobro..brzo sve..ali posle kratkog vremena...komp kao da je u zivom pesku...ponekad i zvuk secka..sve je to posledica...opterecenja procesora...e sad sta bi moglo biti ne znam..

napominjem da sam obarao sistem..formatirao hard...ponovo ga delio ..sve to lepo..kako treba..ali se problem opet javlja..

zato sada postavljam HiJackThis,Combofix i Anti-malware rezultate..pa ako neko zna o cemu je problem..ako je neko to resio..neka pise...ovde ili na mail

crispy_kiss@hotmail.com

hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:41:23 PM, on 12/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{18D3E54A-E261-4E15-BF5F-2BA778D9B574}: NameServer = 92.60.224.20 92.60.224.30
O17 - HKLM\System\CS1\Services\Tcpip\..\{18D3E54A-E261-4E15-BF5F-2BA778D9B574}: NameServer = 92.60.224.20 92.60.224.30
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 2891 bytes



combofix:


ComboFix 08-12-01.03 - Duca 2008-12-02 18:56:32.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.758 [GMT 1:00]
Running from: c:\documents and settings\Duca\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Duca\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
* Created a new restore point
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\msssc.dll

.
((((((((((((((((((((((((( Files Created from 2008-11-02 to 2008-12-02 )))))))))))))))))))))))))))))))
.

2008-12-02 02:38 . 2008-12-02 02:38 <DIR> d--h----- c:\windows\$hf_mig$
2008-11-29 05:55 . 2008-11-29 05:55 <DIR> d-------- c:\program files\Switch Off
2008-11-29 00:40 . 2008-11-29 00:40 69 --a------ c:\windows\NeroDigital.ini
2008-11-27 19:01 . 2008-11-27 19:01 <DIR> d-------- c:\documents and settings\All Users\Application Data\Tages
2008-11-27 19:01 . 2008-11-27 19:01 278,728 --a------ c:\windows\system32\drivers\atksgt.sys
2008-11-27 19:01 . 2008-11-27 19:01 25,416 --a------ c:\windows\system32\drivers\lirsgt.sys
2008-11-27 18:55 . 2008-11-27 18:55 <DIR> d-------- C:\Microids
2008-11-26 22:04 . 2008-11-29 21:12 <DIR> d-------- c:\documents and settings\Duca\Application Data\Hamachi
2008-11-26 22:03 . 2008-11-26 22:04 <DIR> d-------- c:\program files\Hamachi
2008-11-26 22:03 . 2008-11-26 22:03 25,280 --a------ c:\windows\system32\drivers\hamachi.sys
2008-11-26 20:31 . 2001-08-23 11:00 605,696 --a------ c:\windows\system32\getuname.dll
2008-11-26 17:52 . 2008-11-26 17:52 <DIR> d-------- c:\documents and settings\Duca\Application Data\ACD Systems
2008-11-26 17:14 . 2008-10-27 18:37 4,499,280 --a------ c:\windows\system32\D3dx9d_40.dll
2008-11-26 17:14 . 2008-10-27 18:37 3,796,816 --a------ c:\windows\system32\d3dx9d_33.dll
2008-11-26 17:14 . 2008-10-27 18:37 3,084,624 --a------ c:\windows\system32\d3d9d.dll
2008-11-26 17:14 . 2008-10-27 18:37 906,576 --a------ c:\windows\system32\xaudioD2_3.dll
2008-11-26 17:14 . 2008-10-27 18:36 496,464 --a------ c:\windows\system32\D3DX10d_40.dll
2008-11-26 17:14 . 2008-10-27 18:39 360,784 --a------ c:\windows\system32\XactEngineA3_3.dll
2008-11-26 17:14 . 2008-10-27 18:39 359,760 --a------ c:\windows\system32\dinput8d.dll
2008-11-26 17:14 . 2008-10-27 18:39 349,520 --a------ c:\windows\system32\d3dref9.dll
2008-11-26 17:14 . 2008-10-27 18:39 286,032 --a------ c:\windows\system32\XactEngineD3_3.dll
2008-11-26 17:14 . 2008-10-27 18:39 123,216 --a------ c:\windows\system32\XAPOFXD1_2.dll
2008-11-26 17:14 . 2008-10-27 18:38 47,440 --a------ c:\windows\system32\X3DAudioD1_5.dll
2008-11-26 17:06 . 2008-11-26 17:14 <DIR> d-------- c:\program files\Microsoft DirectX SDK (November 200
2008-11-26 17:06 . 2008-11-26 17:06 119,120 --a------ c:\windows\dxsdkuninst.exe
2008-11-26 17:05 . 2008-11-26 17:05 <DIR> d-------- c:\documents and settings\All Users\Application Data\Sports Interactive
2008-11-26 17:02 . 2008-11-26 17:06 <DIR> d-------- c:\windows\Logs
2008-11-26 16:56 . 2008-11-26 17:02 <DIR> d--h----- c:\program files\Zero G Registry
2008-11-26 16:56 . 2008-11-26 16:56 <DIR> d-------- c:\program files\Sports Interactive
2008-11-26 16:56 . 2008-11-26 16:56 <DIR> d--h----- c:\documents and settings\Duca\InstallAnywhere
2008-11-26 16:55 . 2008-11-26 17:06 <DIR> d-------- c:\documents and settings\Duca\Application Data\Sports Interactive
2008-11-26 05:26 . 2008-11-26 05:26 <DIR> d--h----- c:\windows\system32\GroupPolicy

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-30 03:43 --------- d-----w c:\program files\ESET
2008-11-29 01:34 --------- d-----w c:\documents and settings\Duca\Application Data\Winamp
2008-11-29 01:25 --------- d-----w c:\program files\Mv2Player
2008-11-26 03:51 --------- d-----w c:\program files\Microsoft ActiveSync
2008-11-26 03:48 --------- d-----w c:\documents and settings\Duca\Application Data\uTorrent
2008-11-26 03:47 --------- d-----w c:\program files\uTorrent
2008-11-26 03:46 --------- d-----w c:\program files\Common Files\Adobe
2008-11-26 03:39 --------- d-----w c:\documents and settings\Duca\Application Data\Sony
2008-11-26 03:38 --------- d-----w c:\program files\Sony
2008-11-26 03:37 --------- d-----w c:\program files\Sony Setup
2008-11-26 03:36 --------- d-----w c:\program files\Common Files\Ahead
2008-11-26 03:36 --------- d-----w c:\program files\Ahead
2008-11-26 03:30 9,856 ----a-w c:\windows\system32\drivers\pfc.sys
2008-11-26 03:30 --------- d-----w c:\program files\Common Files\ACD Systems
2008-11-26 03:30 --------- d-----w c:\program files\ACD Systems
2008-11-26 03:30 --------- d-----w c:\documents and settings\All Users\Application Data\ACD Systems
2008-11-26 03:29 --------- d-----w c:\documents and settings\Duca\Application Data\LimeWire
2008-11-26 03:27 --------- d-----w c:\program files\LimeWire
2008-11-26 03:26 --------- d-----w c:\program files\Java
2008-11-26 03:25 --------- d-----w c:\program files\Common Files\Java
2008-11-26 03:24 --------- d-----w c:\program files\MSN Messenger
2008-11-26 03:22 --------- d-----w c:\program files\ffdshow
2008-11-26 03:20 --------- d-----w c:\program files\Winamp
2008-11-26 02:56 502,368 ----a-w c:\windows\system32\drivers\amon.sys
2008-11-26 02:56 274,432 ----a-w c:\windows\system32\imon.dll
2008-11-26 02:38 --------- d--h--w c:\program files\InstallShield Installation Information
2008-11-26 02:38 --------- d-----w c:\program files\Analog Devices
2008-11-26 02:35 --------- d-----w c:\program files\Common Files\InstallShield
2008-11-26 02:27 --------- d-----w c:\program files\microsoft frontpage
2008-10-27 09:04 70,992 ----a-w c:\windows\system32\XAPOFX1_2.dll
2008-10-27 09:04 514,384 ----a-w c:\windows\system32\XAudio2_3.dll
2008-10-27 09:04 235,856 ----a-w c:\windows\system32\xactengine3_3.dll
2008-10-27 09:04 23,376 ----a-w c:\windows\system32\X3DAudio1_5.dll
2008-10-10 03:52 452,440 ----a-w c:\windows\system32\d3dx10_40.dll
2008-10-10 03:52 4,379,984 ----a-w c:\windows\system32\D3DX9_40.dll
2008-10-10 03:52 2,036,576 ----a-w c:\windows\system32\D3DCompiler_40.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2006-09-14 921600]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoThumbnailCache"= 1 (0x1)

[HKLM\~\startupfolder\CDocuments and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2007-10-10 19:51 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 10:50 155648 c:\windows\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2006-10-22 12:22 7700480 c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2006-10-22 12:22 86016 c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
--a------ 2004-08-03 23:56 110592 c:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2006-10-22 12:22 1622016 c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Sports Interactive\\Football Manager 2009\\fm.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=

R0 ALiAGP;ALi AGP Bus Filter Driver;c:\windows\system32\DRIVERS\ALiAGP.sys [2008-11-26 29056]
R3 ALI5261;ALi Based Ethernet NT Driver;c:\windows\system32\DRIVERS\ALI5261.SYS [2008-11-26 27678]

*Newly Created Service* - PROCEXP90
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - c:\documents and settings\Duca\Application Data\Mozilla\Firefox\Profiles\xbngk1z1.default\
FF -: plugin - c:\program files\Java\jre1.5.0_01\bin\NPJava11.dll
FF -: plugin - c:\program files\Java\jre1.5.0_01\bin\NPJava12.dll
FF -: plugin - c:\program files\Java\jre1.5.0_01\bin\NPJava13.dll
FF -: plugin - c:\program files\Java\jre1.5.0_01\bin\NPJava14.dll
FF -: plugin - c:\program files\Java\jre1.5.0_01\bin\NPJava32.dll
FF -: plugin - c:\program files\Java\jre1.5.0_01\bin\NPJPI150_01.dll
FF -: plugin - c:\program files\Java\jre1.5.0_01\bin\NPOJI610.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-02 18:58:00
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(64
c:\windows\system32\imon.dll
.
Completion time: 2008-12-02 18:58:49
ComboFix-quarantined-files.txt 2008-12-02 17:58:34

Pre-Run: 14,046,736,384 bytes free
Post-Run: 14,109,458,432 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

163




anti-malware


Malwarebytes' Anti-Malware 1.30
Database version: 1446
Windows 5.1.2600 Service Pack 2

12/2/2008 7:24:13 PM
mbam-log-2008-12-02 (19-24-13).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 63440
Time elapsed: 13 minute(s), 32 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


DAKLE : niti antivirusi niti anti malwere programi nisu nista nasli..uvek je kao sve cisto..a ocigledno da ga nesto gusi i prekida mi net..
[ odakleznam @ 03.12.2008. 00:20 ] @
magna86 pomagaj...
[ parga @ 22.02.2015. 12:20 ] @
Postovani,

ako može neko da mi pomogne:

Kada puštam youtube u rezoluciji 720p ili 1080 p , ne mogu da gledam jer slika konstantno koči. Iako mi je full HD monitor . Pokušao sam sa obaranjem sistema , ali nije pomoglo. Takodđe, kada pokrećem chrome ili explorer ume da mi zaledi ekran, tako da moram da restartujem računar.

Moje perfomanse računara :



AMD Procesor 2,80 Ghz

RAM 2,00 GB

64-bit sistem,

windows 7

service pack 1


hvala svima na pomoći
[ KrkaCiC @ 22.02.2015. 18:44 ] @
Verovatno nemas flash player,i youtube ti otvara html5 koji je zahtevniji
[ iculibrk @ 22.02.2015. 19:22 ] @
U chrome je flash player integrisan, tako da mislim da problem nije do toga. Pre mislim da je do 2 gb ram memorije i 64-bitnog windows-a.
Pogledaj ovu temu.