[ ringeee @ 04.02.2011. 22:00 ] @
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:31:09 PM, on 2/4/2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\afwServ.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\IncrediMail\Bin\ImApp.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\WINDOWS\System32\TuneUpDefragService.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\PC\My Documents\Downloads\HijackThis (2).exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/home1
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: GOM Player + Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [PVR Agent] C:\Program Files\KWorld Multimedia\PVR Plus\TVR\Scheduled.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\PC\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Remote Control.lnk = C:\Program Files\KWorld Multimedia\PVR-TV 7131 Utilities\P3XRCtl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - ALWIL Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 5859 byte
[ magna86 @ 04.02.2011. 22:12 ] @
Idi u Control Panel i deinstaliraj Asc Toolbar.

Preuzmi DDS Program na Desktop
http://download.bleepingcomputer.com/sUBs/dds.com

Dvoklikom pokreni dds,kad zavrsi, DDS ce otvoriti dva loga:
1. DDS.txt
2. Attach.txt
Oba izvestaja sacuvaj na Desktop.
Kopiraj mi DDS.txt
[ monkeyjob @ 06.02.2011. 01:57 ] @
Bravo magna,
ovo je eksta. Zanima me da li znas da li ima ovako neki program koji moze da se pokrene na pr. sa mog racunara i da proverim neki drugi racunar u mrezi, samo naravno da je ukljucen?
hvala.
[ ringeee @ 06.02.2011. 12:32 ] @
Evo.. ako moze detaljno da mi analizirate sta je sve moguci problem?

DDS (Ver_10-12-12.02) - NTFSx86
Run by Igor at 13:30:28,57 on sub 06.06.2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.80 [GMT 2:00]

AV: ESET Smart Security 4.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *Enabled*

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Documents and Settings\Igor\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Igor\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Igor\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Igor\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Igor\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Igor\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Igor\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Igor\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.qword.com/?s=1
uURLSearchHooks: H - No File
mWinlogon: Taskman=c:\documents and settings\igor\gsyzq.exe
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: E-Zsoft VideoDownloaderToolBar: {4322a444-92f8-4c3e-bd4c-013ba51e2871} - c:\program files\versalsoft\internetdownload\VDTB.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: E-Zsoft VideoDownloaderToolBar: {4322a444-92f8-4c3e-bd4c-013ba51e2871} - c:\program files\versalsoft\internetdownload\VDTB.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
mRun: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [<NO NAME>]
dRun: [<NO NAME>]
dRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\aticat~1.lnk - c:\program files\ati technologies\ati.ace\CLI.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dslmon.lnk - c:\program files\sagem\sagem f@st 800-840\dslmon.exe
IE: Download by Versalsoft Internet Download - c:\program files\versalsoft\internetdownload\adddownload.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: qword.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
TCP: {4952984B-3DC3-4F01-BC42-640DC48AD2C5} = 80.74.164.249 80.74.160.26
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
Hosts: 127.0.0.1 www.spywareinfo.com

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\igor\applic~1\mozilla\firefox\profiles\pxal9t9i.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=616163&p=
FF - plugin: c:\documents and settings\igor\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - c:\program files\mozilla firefox\extensions\quickstores@quickstores.de
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: QuickStores-Toolbar: quickstores@quickstores.de - %profile%\extensions\quickstores@quickstores.de

============= SERVICES / DRIVERS ===============

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-4-28 114984]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2010-6-24 810144]
R3 DCamUSBET;ET USB 2760 Camera;c:\windows\system32\drivers\etDevice.sys [2007-11-29 121856]
R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [2009-1-19 104344]
R3 FiltUSBET;ET USB Device Lower Filter;c:\windows\system32\drivers\etFilter.sys [2007-9-12 217088]
R3 ScanUSBET;ET USB Still Image Capture Device;c:\windows\system32\drivers\etScan.sys [2007-9-7 6656]
R3 WFLR6654;WinFast TV2000 XP Global/Global TV (Video);c:\windows\system32\drivers\wfeaglxt.sys [2009-1-21 405504]
S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [2009-1-19 69656]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-3-20 136176]
S3 block_reader;MPR DRV;\??\c:\program files\multi password recovery\block_reader.sys --> c:\program files\multi password recovery\block_reader.sys [?]
S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?]

=============== Created Last 30 ================

2010-06-24 07:27:22 55256 ----a-w- c:\windows\system32\drivers\epfwtdi.sys
2010-06-24 07:26:24 140752 ----a-w- c:\windows\system32\drivers\eamon.sys
2010-04-28 06:17:46 32584 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2010-04-28 06:17:46 134488 ----a-w- c:\windows\system32\drivers\epfw.sys
2010-04-28 06:17:46 114984 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2010-03-16 14:28:22 344064 ----a-w- c:\windows\system32\msvcr70.dll
2010-03-16 14:28:20 487424 ----a-w- c:\windows\system32\msvcp70.dll
2010-03-02 07:14:30 45056 ----a-w- c:\windows\system32\Dll_CertExams.dll
2009-11-14 18:37:08 154112 ----a-w- c:\windows\system32\ts.dll
2009-11-14 18:33:40 357888 ----a-w- c:\windows\system32\gdsmux.exe
2009-11-14 18:33:38 249856 ----a-w- c:\windows\system32\dxr.dll
2009-11-14 18:12:02 550400 ----a-w- c:\windows\system32\splitter.ax
2009-11-14 18:11:50 93184 ----a-w- c:\windows\system32\avss.dll
2009-11-14 18:11:42 150016 ----a-w- c:\windows\system32\mkx.dll
2009-11-14 18:11:42 141824 ----a-w- c:\windows\system32\mp4.dll
2009-11-14 18:11:40 123392 ----a-w- c:\windows\system32\ogm.dll
2009-11-14 18:11:40 109568 ----a-w- c:\windows\system32\avi.dll
2009-11-14 18:11:38 97792 ----a-w- c:\windows\system32\avs.dll
2009-11-14 18:11:36 136704 ----a-w- c:\windows\system32\mkv2vfr.exe
2009-11-14 18:11:36 113152 ----a-w- c:\windows\system32\dsmux.exe
2009-11-14 18:11:32 80384 ----a-w- c:\windows\system32\mkzlib.dll
2009-11-14 18:11:32 24576 ----a-w- c:\windows\system32\mkunicode.dll
2009-08-11 21:21:26 87552 ----a-w- c:\windows\system32\ac3config.exe
2009-08-11 21:19:04 797184 ----a-w- c:\windows\system32\ac3filter.ax
2009-08-06 18:24:18 21728 ----a-w- c:\windows\system32\wucltui.dll.mui
2009-08-06 18:24:12 15072 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2009-08-06 18:24:06 15064 ----a-w- c:\windows\system32\wuapi.dll.mui
2009-08-06 18:24:00 17632 ----a-w- c:\windows\system32\wuaueng.dll.mui
2009-06-24 15:39:26 1003520 ----a-w- c:\windows\system32\VSFilter.dll
2009-06-02 19:40:32 -------- d-----w- c:\program files\aSkola
2009-06-02 19:37:34 299520 ----a-w- c:\windows\uninst.exe
2009-06-02 19:37:27 -------- d-----w- c:\documents and settings\igor\WINDOWS
2009-06-01 16:09:16 -------- d-----w- C:\Vozacki Testovi-Demo
2009-06-01 11:40:36 -------- d-----w- C:\ASkola
2009-05-29 21:40:38 -------- d-sh--r- C:\DebugDLL
2009-05-21 21:34:51 -------- d-----w- c:\docume~1\igor\locals~1\applic~1\ATI
2009-05-21 21:31:51 -------- d-----w- c:\windows\system32\URTTEMP
2009-05-21 21:29:57 516096 ------w- c:\windows\system32\ati2sgag.exe
2009-05-21 21:29:26 294912 ----a-r- c:\windows\system32\atiiiexx.dll
2009-05-21 21:29:25 151552 ----a-r- c:\windows\system32\ATIDEMGR.dll
2009-05-21 21:28:58 -------- d-----w- c:\program files\ATI Technologies
2009-05-21 21:28:17 212992 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ILog.dll
2009-05-21 17:57:33 -------- d-----w- c:\program files\Enigma Software Group
2009-05-21 17:56:05 -------- d-----w- c:\windows\41EBC322660F4D16A0DF53147210CBDB.TMP
2009-05-21 17:54:45 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2009-05-07 18:24:14 -------- d-----w- c:\program files\FunWebProducts
2009-05-07 18:23:56 -------- d-----w- c:\program files\MyWebSearch

==================== Find3M ====================

2010-04-09 16:47:38 1945600 ----a-w- c:\windows\NetworkCfg.exe
2009-12-12 14:15:30 178176 ----a-w- c:\windows\system32\unrar.dll
2009-10-29 10:34:24 874416 ----a-w- c:\windows\system32\Codejock.TaskPanel.v13.2.1.ocx
2009-10-29 10:34:16 808880 ----a-w- c:\windows\system32\Codejock.DockingPane.v13.2.1.ocx
2009-10-29 10:34:16 1808304 ----a-w- c:\windows\system32\Codejock.Controls.v13.2.1.ocx
2009-10-29 10:34:14 2344880 ----a-w- c:\windows\system32\Codejock.CommandBars.v13.2.1.ocx
2009-08-06 18:24:10 217816 ----a-w- c:\windows\system32\wuaucpl.cpl
2009-06-06 10:44:53 2 ----a-w- c:\windows\system32\Dvbpws.dll
2009-03-08 13:22:46 1241088 ----a-w- c:\windows\system32\ieframe.dll.mui
2009-03-08 13:22:30 49152 ------w- c:\windows\system32\msrating.dll.mui
2009-03-08 13:22:18 2560 ------w- c:\windows\system32\mshta.exe.mui
2009-03-08 13:21:06 4096 ------w- c:\windows\system32\ie4uinit.exe.mui
2009-03-08 13:21:06 10240 ----a-w- c:\windows\system32\advpack.dll.mui
2009-03-08 13:20:54 81920 ------w- c:\windows\system32\iedkcs32.dll.mui

============= FINISH: 13:31:26,84 ===============





############################################################################







UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 18.1.2009 23:32:34
System Uptime: 6.6.2009 11:25:30 (2 hours ago)

Motherboard: ASRock | | K8NF3-VSTA
Processor: AMD Sempron(tm) Processor 3000+ | CPUSocket | 1809/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 20 GiB total, 1,58 GiB free.
D: is FIXED (NTFS) - 37 GiB total, 0,289 GiB free.
E: is FIXED (NTFS) - 18 GiB total, 10,714 GiB free.
F: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1: 21.5.2009 22:50:47 - System Checkpoint
RP2: 21.5.2009 23:06:31 - Installed Connect Service
RP3: 21.5.2009 23:08:06 - Installed Connect Service
RP4: 21.5.2009 23:09:37 - Installed Connect Service
RP5: 21.5.2009 23:34:07 - Installed ATI Catalyst Control Center
RP6: 21.5.2009 23:34:32 - Installed Macromedia Flash Player
RP7: 21.5.2009 23:41:44 - Removed SpyHunter
RP8: 23.5.2009 15:42:32 - System Checkpoint
RP9: 24.5.2009 17:53:46 - System Checkpoint
RP10: 25.5.2009 18:17:52 - System Checkpoint
RP11: 26.5.2009 19:12:50 - System Checkpoint
RP12: 27.5.2009 20:01:41 - System Checkpoint
RP13: 28.5.2009 21:45:04 - System Checkpoint
RP14: 30.5.2009 13:52:44 - System Checkpoint
RP15: 1.6.2009 12:57:38 - System Checkpoint
RP16: 2.6.2009 17:26:55 - System Checkpoint
RP17: 3.6.2009 17:54:45 - System Checkpoint
RP18: 4.6.2009 20:56:08 - System Checkpoint
RP19: 5.6.2009 23:22:32 - System Checkpoint

==== Installed Programs ======================


ActiveX Download Control Trial Version
Adobe Flash Player 10 Plugin
Adobe Reader 8
AIMP2
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Control Panel
ATI Display Driver
ATI HydraVision
Auto Skola
Boson NetSim for CCNP 7.0
C-Media 6501 Sound
CCleaner
Cole2k Media - Codec Pack (Standard) 7.9.1
Counter-Strike 1.6
DVD Flick 1.3.0.7
Easy GIF Animator 5.1
ESET Smart Security
FormatFactory 2.50
GOM Player
Google Chrome
Google Earth
Google SketchUp 8
Google Update Helper
Graph 4.3
HijackThis 2.0.2
IncrediMail
IncrediMail 2.0
IsoBuster 2.8.5
Java(TM) 6 Update 15
JDownloader
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office XP Professional with FrontPage
Microsoft Producer for Microsoft Office PowerPoint
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6.10)
Nero 7 Premium
Network Simulator For CCNA 1.2.0
NVIDIA Drivers
Office Animation Runtime
PhotoScape
SAGEM F@st 800-840
Skype™ 4.2
Spybot - Search & Destroy
USB PC Camera device driver
Visual Prolog Examples
WebFldrs XP
Windows Internet Explorer 8
Windows Media Format 11 runtime
WinFast Multimedia Driver Installation
WinFast PVR2
WinRAR archiver

==== Event Viewer Messages From Past Week ========

4.6.2009 21:27:08, error: W32Time [34] - The time service has detected that the system time needs to be changed by +52707366 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com (ntp.m|0x1|212.69.7.211:123->207.46.232.182:123) is working properly.
30.5.2009 11:46:27, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: atapi PCIIde
30.5.2009 11:41:51, error: NetBT [4311] - Initialization failed because the driver device could not be created.
30.5.2009 11:37:47, error: Service Control Manager [7000] - The General Purpose USB Driver (e4ldr.sys) service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
2.6.2009 21:41:53, information: Windows File Protection [64001] - File replacement was attempted on the protected system file c:\windows\system32\ver.dll. This file was restored to the original version to maintain system stability. The file version of the bad file is 0.1998.4.10, the version of the system file is 0.103.3.10.

==== End Of File ===========================
[ magna86 @ 06.02.2011. 12:59 ] @
@ringeee

Odradi sledece:

* Preuzmi ComboFix program na Desktop.
Poseti ovu stranicu za download linki Uputstvo za koriscenje Combofix programa:

http://www.elitesecurity.org/t...e-programa-HijackThis-ComboFix
ili
http://www.bleepingcomputer.com/combofix/how-to-use-combofix


* Privremeno iskljuci svoj AntiVirus program.
Poseti ovu stranicu za uputstvo:
http://www.bleepingcomputer.com/forums/topic114351.html

* Pokreni Combofix!
Kad alat zavrsi skeniranje otvorice notepad sa izvestajem (log).
--> Kopiraj taj izvestaj ovde. (tipicna lokacija loga: C:\ComboFix.txt)

==================

@monkeyjob
http://www.bleepingcomputer.com/download/anti-virus/dds

Evo ovde je objasnjeno sta je DDS i cemu sluzi. Ukratko ovo je dijagnosticki alat.
Ti ako imas problema sa neki racunarom,otvori novu temu i tamo izjasni problem. ;)