moke
sub 12.9.2009 12:37
Razni hardverski problemi
Desktop kompjutera - zamrznut i velike ikone
moke
sub 12.9.2009 12:37
moke
sub 12.9.2009 12:39
oprostite, mozete ovu temu ubaciti u softver, premasio sam forum :)
Aerendyl
sub 12.9.2009 23:53
Jesi skenirao viruse? Preporučujem ti korištenje NOD32 + Malwarebytes + Spybot Search & Destroy. Kada utvrdiš da nema nikakvih napasti na računalu idemo dalje.
moke
pon 14.9.2009 12:49
nisam, hvala, ok skinut cu te programe na laptopu pa cu prebaciti preko usb-a na kompjuter u safe mode-u jer komp u normalnom stanju je zablokiran...
kada skeniram, javit cu...
moke
pon 14.9.2009 15:32
sada se vratio u stanje gdje mogu raditi na njemu ali su opet ikone na desktopu velike i sve ostalo je povecano...takodjer ne pokrece pojedine programe i sve je teze raditi
skinuo sam te programe, jedini koji se moze pokrenuti je malware i izbrisao je par nekih virusa ali je opet ista situacija, ostale nisam mogao instalirati jer se prikazao eror, sigurno zbog ovoga
rambox
pon 14.9.2009 16:44
moke kaže...
sada se vratio u stanje gdje mogu raditi na njemu ali su opet ikone na desktopu velike i sve ostalo je povecano...takodjer ne pokrece pojedine programe i sve je teze raditi
skinuo sam te programe, jedini koji se moze pokrenuti je malware i izbrisao je par nekih virusa ali je opet ista situacija, ostale nisam mogao instalirati jer se prikazao eror, sigurno zbog ovoga
Nema koristi od trpanja silnih programam na komp uopce u ovoj situaciji osim Malwarebites ostali ti uopce ne trebaju bas. Skini preimenovani Combofix s ovog linka dole na desktop i nakon toga iskljuci browser mjuzu i torrente isto i najvaznije moras iskljucit svu antivirusnu zastitu, znaci deski klik na program antivirusni tj ikonu njegovu koji imas pa Exit ili Shutdown ili Disable Protection to je najvaznije ak imas poseban firewall iskljuci i njega isto!!!. Nakon toga pokreni Combofix koji je u ovom slucaju preimenovan ak zatreba pa ga pokreni i kad ti ponudi instalaciju Recovery Console klikni NO a sve ostalo potvrdi i kad pocne skenirat ne smijes dirat misa niti tipkovnicu dok ne zavrsi ostavi ga da radi kolko god treba kad se komp Restarta izbact ce Log koji Copy-Paste pa ga postavi tu na forum onda. Ak se slucajno ne zeli pokrenut u normalnom modu onda odi u Safe Mode pa napravi isto tako kak je gore napisano isti postupak pa ga tamo pokreni i nek odradi svoje!
moke
pon 14.9.2009 21:03
hvala ti! pokrenuo sam ga i uradio sve sto si napisao, ali mi nije pisalo Recovery Console...sam je sve radio i kratko zavrsio
evo onaj log...
ComboFix 09-09-14.01 - Monika 14.09.2009 20:31.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1250.385.1033.18.2046.1651 [GMT 2:00]
Running from: c:\documents and settings\Monika\My Documents\Zagreb.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\AskSearch\bin\DefaultSearch.dll
c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1013
c:\windows\Fonts\unwise_.exe
E:\Autorun.inf
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_WINDOWS_HOSTS_CONTROLLER
-------\Service_Windows Hosts Controller
((((((((((((((((((((((((( Files Created from 2009-08-14 to 2009-09-14 )))))))))))))))))))))))))))))))
.
2009-09-14 11:55 . 2009-09-14 11:55 -------- d-----w- c:\documents and settings\Monika\Application Data\AVG8
2009-09-14 11:04 . 2009-09-14 11:04 -------- d-----w- c:\documents and settings\Monika\Application Data\Malwarebytes
2009-09-14 11:04 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-14 11:04 . 2009-09-14 11:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-09-14 11:04 . 2009-09-14 11:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-14 11:04 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-10 09:22 . 2009-09-10 09:22 -------- d--h--w- c:\windows\PIF
2009-09-07 21:41 . 2009-09-07 21:49 1280470 ----a-w- C:\systb.exe
2009-09-03 09:26 . 2009-09-14 13:06 253908 ----a-w- C:\fgsys.exe
2009-08-26 10:03 . 2009-08-26 10:03 -------- d-----w- c:\documents and settings\All Users\Application Data\ZoomBrowser
2009-08-26 10:03 . 2009-08-26 10:04 -------- d-----w- c:\program files\Canon
2009-08-26 10:00 . 2009-08-26 10:00 -------- d-----w- C:\Restoration
2009-08-26 09:39 . 2009-08-26 09:39 -------- d-----w- c:\program files\Common Files\Canon
2009-08-21 22:37 . 2009-09-10 15:04 -------- d-----w- c:\documents and settings\Monika\Application Data\HPAppData
2009-08-21 22:25 . 2004-08-03 20:58 5504 -c--a-w- c:\windows\system32\dllcache\mstee.sys
2009-08-21 22:25 . 2004-08-03 20:58 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2009-08-21 22:25 . 2004-08-03 21:10 10880 -c--a-w- c:\windows\system32\dllcache\ndisip.sys
2009-08-21 22:25 . 2004-08-03 21:10 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2009-08-21 22:25 . 2004-08-03 21:10 15360 -c--a-w- c:\windows\system32\dllcache\streamip.sys
2009-08-21 22:25 . 2004-08-03 21:10 15360 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2009-08-21 22:25 . 2004-08-03 21:10 11136 -c--a-w- c:\windows\system32\dllcache\slip.sys
2009-08-21 22:25 . 2004-08-03 21:10 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2009-08-21 22:24 . 2004-08-03 21:10 19328 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys
2009-08-21 22:24 . 2004-08-03 21:10 19328 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2009-08-21 22:24 . 2004-08-03 21:10 85376 -c--a-w- c:\windows\system32\dllcache\nabtsfec.sys
2009-08-21 22:24 . 2004-08-03 21:10 85376 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2009-08-21 22:24 . 2004-08-03 21:10 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys
2009-08-21 22:24 . 2004-08-03 21:10 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2009-08-21 22:24 . 2009-08-21 22:24 -------- d-----w- c:\windows\PixArt
2009-08-21 22:24 . 2004-08-03 22:56 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2009-08-21 22:24 . 2004-08-03 22:56 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2009-08-20 20:37 . 2009-08-23 15:49 1280474 ----a-w- C:\Ias.exe
2009-08-20 19:57 . 2009-08-20 19:57 -------- d-----w- c:\windows\Cache
2009-08-20 19:56 . 2009-08-20 19:56 -------- d-----w- c:\windows\Album
2009-08-20 19:56 . 2009-08-20 19:56 -------- d-----w- c:\program files\KYE
2009-08-20 19:54 . 2007-11-02 09:07 6656 ----a-w- c:\windows\system32\CoInst_071029.dll
2009-08-20 19:54 . 2007-10-29 14:25 458112 ----a-w- c:\windows\system32\drivers\PAC7302.SYS
2009-08-20 19:54 . 2009-08-20 19:54 -------- d-----w- c:\program files\Common Files\iLook300
2009-08-20 15:12 . 2009-08-20 15:12 319456 ----a-w- c:\windows\system32\man8.exe
2009-08-19 12:46 . 2009-08-19 12:46 196653 ----a-w- C:\srers.exe
2009-08-19 11:21 . 2009-08-19 11:21 -------- d-----w- c:\documents and settings\All Users\Application Data\WEBREG
2009-08-19 11:19 . 2009-08-19 11:20 -------- d-----w- c:\documents and settings\Monika\Application Data\HP
2009-08-19 11:19 . 2009-08-19 11:19 -------- d-----w- c:\documents and settings\Monika\Local Settings\Application Data\HP
2009-08-19 11:13 . 2009-08-19 11:13 -------- d-----w- c:\documents and settings\All Users\Application Data\HP
2009-08-19 11:13 . 2009-08-19 11:13 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2009-08-19 11:13 . 2009-08-19 11:13 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2009-08-19 11:13 . 2009-08-19 11:13 -------- d-----w- c:\program files\Common Files\HP
2009-08-19 11:11 . 2008-04-08 05:39 974848 ----a-r- c:\windows\system32\hpost_p01d.dll
2009-08-19 11:11 . 2008-04-08 05:39 729088 ----a-r- c:\windows\system32\hposwia_p01d.dll
2009-08-19 11:11 . 2008-02-28 10:08 303104 ----a-r- c:\windows\system32\hposc_p01a.dll
2009-08-19 11:09 . 2009-08-19 11:21 166503 ----a-w- c:\windows\hpoins31.dat
2009-08-19 11:09 . 2008-06-17 09:23 1691 ------w- c:\windows\hpomdl31.dat
2009-08-19 10:59 . 2009-08-19 11:15 -------- d-----w- c:\program files\HP
2009-08-19 10:58 . 2008-04-16 04:05 16496 ----a-r- c:\windows\system32\drivers\HPZipr12.sys
2009-08-19 10:58 . 2008-04-16 04:05 49920 ----a-r- c:\windows\system32\drivers\HPZid412.sys
2009-08-19 10:57 . 2008-06-06 18:49 118272 ----a-w- c:\windows\system32\hpz3l692.dll
2009-08-19 10:57 . 2008-04-08 05:39 271704 ----a-r- c:\windows\system32\hpzids01.dll
2009-08-19 10:57 . 2008-04-16 04:05 309760 ----a-r- c:\windows\system32\difxapi.dll
2009-08-19 10:57 . 2008-04-16 04:05 21568 ----a-r- c:\windows\system32\drivers\HPZius12.sys
2009-08-19 10:57 . 2008-04-16 04:05 372736 ----a-r- c:\windows\system32\hppldcoi.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-10 14:50 . 2009-07-25 14:29 -------- d-----w- c:\documents and settings\Monika\Application Data\vlc
2009-09-07 20:10 . 2008-12-11 23:04 -------- d-----w- c:\documents and settings\Monika\Application Data\LimeWire
2009-09-01 15:04 . 2009-07-24 15:30 -------- d-----w- c:\documents and settings\Monika\Application Data\BitTorrent
2009-08-20 19:56 . 2008-10-22 18:55 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-10 11:43 . 2009-08-10 11:43 376 ----a-w- c:\windows\mozregistry.dat
2009-08-10 11:43 . 2009-08-10 11:42 -------- d-----w- c:\program files\Hewlett-Packard
2009-08-10 11:05 . 2009-08-10 11:05 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters
2009-08-05 23:06 . 2008-10-23 16:19 -------- d-----w- c:\documents and settings\Monika\Application Data\DNA
2009-08-05 16:18 . 2009-07-27 19:44 -------- d-----w- c:\documents and settings\Monika\Application Data\dvdcss
2009-08-05 13:16 . 2008-10-21 07:51 67296 ----a-w- c:\documents and settings\Monika\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-05 13:00 . 2008-10-23 16:19 -------- d-----w- c:\program files\DNA
2009-07-25 14:28 . 2009-07-25 14:28 -------- d-----w- c:\program files\VideoLAN
2009-07-24 15:30 . 2009-07-24 15:30 -------- d-----w- c:\program files\BitTorrent
2009-07-24 15:30 . 2009-07-24 15:30 -------- d-----w- c:\program files\AskSearch
2009-07-24 15:12 . 2009-07-24 15:12 -------- d-----w- c:\program files\CCleaner
2009-07-21 13:40 . 2008-11-16 12:52 -------- d-----w- c:\program files\Strategic Command Demo
2009-07-20 14:55 . 2008-11-16 13:02 -------- d-----w- c:\program files\Call of Duty United Offensive Single Player Demo
2009-07-20 14:54 . 2008-11-16 13:05 -------- d-----w- c:\program files\Mortyr 2 Demo
2009-07-20 14:54 . 2008-11-16 12:48 -------- d-----w- c:\program files\Duke Nukem - Manhattan Project (DEMO)
2009-07-20 14:54 . 2008-11-16 13:03 -------- d-----w- c:\program files\Doom 3 Demo
2004-08-03 23:56 . 2004-08-03 23:56 160146 --sha-w- c:\windows\system32\pxeqog.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5902296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSConfig"="c:\windows\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-03 158208]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^802.11g USB Wireless Network Utility .lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\802.11g USB Wireless Network Utility .lnk
backup=c:\windows\pss\802.11g USB Wireless Network Utility .lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Monika^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=c:\documents and settings\Monika\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Monika^Start Menu^Programs^Startup^GIGABYTE VGA Utility.lnk]
path=c:\documents and settings\Monika\Start Menu\Programs\Startup\GIGABYTE VGA Utility.lnk
backup=c:\windows\pss\GIGABYTE VGA Utility.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Monika^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\documents and settings\Monika\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"usnjsvc"=3 (0x3)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1588:TCP"= 1588:TCP:zwatf
"427:UDP"= 427:UDP:SLP_Port(427)
"9991:TCP"= 9991:TCP:PORT2
"1013:TCP"= 1013:TCP:BS
"9999:TCP"= 9999:TCP:PORT1
"3269:TCP"= 3269:TCP:FD
"8450:TCP"= 8450:TCP:FD
"12821:TCP"= 12821:TCP:FD
"57613:TCP"= 57613:TCP:FD
"46751:TCP"= 46751:TCP:FD
"49000:TCP"= 49000:TCP:FD
"24805:TCP"= 24805:TCP:FD
"26685:TCP"= 26685:TCP:FD
"51599:TCP"= 51599:TCP:FD
"56494:TCP"= 56494:TCP:FD
"19639:TCP"= 19639:TCP:FD
"51860:TCP"= 51860:TCP:FD
"21221:TCP"= 21221:TCP:FD
"55702:TCP"= 55702:TCP:FD
"26428:TCP"= 26428:TCP:FD
"5112:TCP"= 5112:TCP:FD
"19170:TCP"= 19170:TCP:FD
"53268:TCP"= 53268:TCP:FD
"16266:TCP"= 16266:TCP:FD
"27853:TCP"= 27853:TCP:FD
"40894:TCP"= 40894:TCP:FD
"61173:TCP"= 61173:TCP:FD
"28138:TCP"= 28138:TCP:FD
"23858:TCP"= 23858:TCP:FD
"19093:TCP"= 19093:TCP:FD
"44120:TCP"= 44120:TCP:FD
"51466:TCP"= 51466:TCP:FD
"30398:TCP"= 30398:TCP:FD
"39063:TCP"= 39063:TCP:FD
"25954:TCP"= 25954:TCP:FD
"61560:TCP"= 61560:TCP:FD
"38557:TCP"= 38557:TCP:FD
"14157:TCP"= 14157:TCP:FD
"58778:TCP"= 58778:TCP:FD
"57945:TCP"= 57945:TCP:FD
"26818:TCP"= 26818:TCP:FD
"19770:TCP"= 19770:TCP:FD
"39847:TCP"= 39847:TCP:FD
"20505:TCP"= 20505:TCP:FD
"41158:TCP"= 41158:TCP:FD
"27004:TCP"= 27004:TCP:FD
"62552:TCP"= 62552:TCP:FD
"62316:TCP"= 62316:TCP:FD
"27141:TCP"= 27141:TCP:FD
"40438:TCP"= 40438:TCP:FD
"22939:TCP"= 22939:TCP:FD
"20354:TCP"= 20354:TCP:FD
"34657:TCP"= 34657:TCP:FD
"25365:TCP"= 25365:TCP:FD
"10276:TCP"= 10276:TCP:FD
"8895:TCP"= 8895:TCP:FD
"56398:TCP"= 56398:TCP:FD
"57718:TCP"= 57718:TCP:FD
"41461:TCP"= 41461:TCP:FD
"7333:TCP"= 7333:TCP:FD
"43605:TCP"= 43605:TCP:FD
"2852:TCP"= 2852:TCP:FD
"9918:TCP"= 9918:TCP:FD
"13177:TCP"= 13177:TCP:FD
"42163:TCP"= 42163:TCP:FD
"30320:TCP"= 30320:TCP:FD
"58643:TCP"= 58643:TCP:FD
"55397:TCP"= 55397:TCP:FD
"50089:TCP"= 50089:TCP:FD
"61202:TCP"= 61202:TCP:FD
"49186:TCP"= 49186:TCP:FD
"3853:TCP"= 3853:TCP:FD
"53145:TCP"= 53145:TCP:FD
"42851:TCP"= 42851:TCP:FD
"38536:TCP"= 38536:TCP:FD
"29982:TCP"= 29982:TCP:FD
"39445:TCP"= 39445:TCP:FD
R3 RTLWUSB;802.11g USB2.0 WLAN Dongle;c:\windows\system32\drivers\RTL8187.sys [24.10.2008 20:34 169472]
S?2 coewlbomw;System Universal;c:\windows\system32\svchost.exe -k netsvcs [4.8.2004 1:56 14336]
S?2 jjbqkgkv;Time Helper;c:\windows\system32\svchost.exe -k netsvcs [4.8.2004 1:56 14336]
S3 PAC7302;iLook 300;c:\windows\system32\drivers\PAC7302.SYS [20.8.2009 21:54 458112]
S3 SjyPkt;SjyPkt;c:\windows\system32\drivers\SjyPkt.sys [24.10.2008 20:34 13532]
S3 yumpk;yumpk;\??\c:\windows\system32\01.tmp - c:\windows\system32\01.tmp [?]
S4 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\Windows Live\Messenger\usnsvc.exe [18.10.2007 11:31 276436]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - COEWLBOMW
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
jjbqkgkv
coewlbomw
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.ask.com/?o=101764&l=dis
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {6DDDAE53-E556-48DF-8DBB-ABBAD3F1756B} = 195.222.32.10 195.222.32.20
FF - ProfilePath - c:\documents and settings\Monika\Application Data\Mozilla\Firefox\Profiles\0h43d60w.default\
FF - prefs.js: browser.startup.homepage - www.google.ba
FF - prefs.js: network.proxy.type - 4
.
- - - - ORPHANS REMOVED - - - -
AddRemove-HP Photosmart Essential - c:\program files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
AddRemove-HP Solution Center & Imaging Support Tools - c:\program files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
AddRemove-HPExtendedCapabilities - c:\program files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
AddRemove-{C8732DC3-1736-44b2-B741-2D636DE58605} - c:\program files\HP\Digital Imaging\{C8732DC3-1736-44b2-B741-2D636DE58605}\setup\hpzscr01.exe -datfile hposcr31.dat
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-14 20:36
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\yumpk]
"ImagePath"="\??\c:\windows\system32\01.tmp"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\coewlbomw]
"ServiceDll"="c:\program files\Movie Maker\pxeqog.dll"
--
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\jjbqkgkv]
"ServiceDll"="c:\windows\system32\pxeqog.dll"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(2584)
c:\docume~1\Monika\LOCALS~1\Temp\pra2.tmp
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\wdfmgr.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-09-14 20:38 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-14 18:38
Pre-Run: 33.180.430.336 bytes free
Post-Run: 33.154.490.368 bytes free
304
moke
pon 14.9.2009 21:20
e da, ista je situacija, povecane su ikone, uglavnom, sve je povecano i nikako ne mogu vratiti na normalno stanje, display settings ne pomaze
rambox
pon 14.9.2009 21:20
Kakvo je sad stanje na kompu Combofix je nekaj obrisal par stvari nije naso neku gadnu gamad bas, daj otvori CCleaner pa odi na Alate pa Pokretanje Sa Racunalom pa uslikaj sve tamo pa onda postavi fotku tu na forum da vidim kaj sve imas na startapu. Jos skini Process Explorer pa ga otvori i razvuci sve isto uslikaj i postavi sliku tu na forum. Imao si Worma na kompu koji ti je usput zeznuo fontove tj ovaj fajl dole to je obisao Combofix!
http://download.cnet.com/Process-Explorer/3000-2094_4-10223605.html
c:\windows\Fonts\unwise_.exe
petkovicroby
sri 16.9.2009 15:50
Sta da kazem moja 3 frenda imali taj problem.U istom danu popusili virus.Srusili win sve radi bez problema.To je neki virus ;)
Vec pet dana imam problema s kompjuterom, nedavno kada sam upalio kompjuter (XP Professional) prikaze mi se desktop ali nista se ne pokrece, zamrznut je, nista ne mogu kliknuti i kada ga restartujem ista stvar se desi...otisao sam poslije u safe mode. Nisam nista posebno radio u safe mode-u, pa sam opet restartovao. Kada sam se vratio na normalno stanje poslije safe mode, prikazale su se velike ikone (povecane) a ostali dokumenti koje imam na desktopu se se prikazali polovicno a ostali se cak nisu prikazali (jer su ikone dosta povecane).
Mogao sam ici na internet i photoshop i ostale stvari, ali zanimljiva stvar je da me nije pustao na Msn messenger. Danas sam ga upalio i totalno je zablokirao, ne mogu nista raditi na njemu, stoji ista stvar sa velikim ikonama i nista se ne pokrece...pisem vam preko laptopa
Znam za ono properties, pa display settings i bla bla, ali to nije pomoglo...