eto neki virusi napali i blokirali task manager (ne mogu ga uključiti u gpedit) i ne mogu instalitari neke programe (npr. malwarebytes)

lavca adaware i avira ne pomažu (kao i obično), superantyspyware ne nalazi niš...

skenirao sa hijack this:

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\gearsec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.hr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [P17Helper] Rundll32 SPIRun.dll,RunDLLEntry
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [EPSON Stylus D88 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABE.EXE /P23 "EPSON Stylus D88 Series" /O6 "USB001" /M "Stylus D88"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ErrorSmart] C:\Program Files\ErrorSmart\ErrorSmart.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "C:\Program Files\Common Files\Wise Installation Wizard\WISDD1865F0AD7340FBB23E1822E02396FF_9_09_0203.MSI" TRANSFORMS="C:\Program Files\Common Files\Wise Installation Wizard\WISDD1865F0AD7340FBB23E1822E02396FF_9_09_0203.MST" WISE_SETUP_EXE_PATH="h:\win2kxp\PhysX_9.09.0203_SystemSoftware.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15110/CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 7680 bytes

evo što mi izbaci kad treba instalirati malwarebytes:

I meni se dogodila ista stvar nedavno.

Ja nisam uopće mogao u računalo

Morao sam sa erd commander 2005 cd-om napraviti restore.

Tek sam tada mogao ući u Win.

Sa trojan removerom sam dobio natrag task manager ali nemogućnost instaliranja mi je ostala.

Nisam uspio to riješiti za sada.

Na godišnjem sam

na godišnjem zbog virusa??

samo da ne moram ponovo reinstall...uvijek nešto zaboravim back-upirati pa ostanem bez toga

a što je najsmiješnije, uopće ne idem na XXX stranice i ne otvaram sumnjive fileove..

restore sam probao nekoliko puta i svaki puta nije uspjelo pa sam morao kompletan novi install tako da tu opciju ne želim.

Za sad izbaci sa startapa ovo dole tj Onemoguci sa CCleaner ak ga vec nemas na kompu. Nakon toga deinstaliraj Errorsmart Pro program ak ga imas instaliranog jel ne valja nista a umjesto Task Managera imas Process Explorer koji je puno bolji i pregledniji ionak i nema instalacije uopce.

http://www.ccleaner.com/

http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

O4 - HKLM\..\Run: [ErrorSmart] C:\Program Files\ErrorSmart\ErrorSmart.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

A jel koristiš facebook, msn, twiter

ne.

 nema te opciju u startup-u. probao sa CCcleanerom.

Pokušaj instalirari MB u safe modu. Ako uspije instalacija onda možeš i odma skenirat.

Probaj s Hiren's Boot CD-om, na njemu imaš Malwarebytes !

neda u safe modu.

Imas conficker 1000 posto....

Ako je confiker u pitanju bilo je vijesti na BUG online: ovdje

COMBOFIX Nije potrebna instalacija, samo pokreni i sačekaj 10min.

meni su virusi shebali start menu tako da skoro nikoje programe nevidin u njemu....ako mislite da će pomoć system rystore neće jer neman točke vraćanja.....šta da radin

Da samo nit on nije cudotvorac nekad pa ne moze pomoc a i vrlo je opasan program ak se ne koristi kak spada. Uglavno treba iskljucit antivirus obavezno prije nego kaj se pocne s njim skenirat i kad skenira ne smije se dirat niti mis niti tipkovnica. Prvo nek ga skine na Desktop i to ovu preimenovanu verziju s linka dole pa onda nek skenira prvo u Safe Mode. Kad se pokrene treba kliknut No kad se nudu instalacija Recovery Console i onda dalje sve prihvatiti kaj nudi a Log na kraju koji izbaci treba kopirat i postavit tu na forum.

http://www.box.net/shared/rgko7anncy

evo sa combofix: sve mi je još zamršenije nego sa hijjackthis:

ComboFix 09-12-31.08 - allen 01.01.2010  18:43:58.2.1 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2046.1606 [GMT 1:00]
Running from: c:\documents and settings\allen\My Documents\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\recycler\S-1-5-21-1645522239-2146860749-839522115-1003

.
(((((((((((((((((((((((((   Files Created from 2009-12-01 to 2010-01-01  )))))))))))))))))))))))))))))))
.

2010-01-01 11:39 . 2010-01-01 11:39 -------- d-----w- c:\program files\T-Com MAXadsl CD-ROM
2009-12-31 22:11 . 2004-02-20 17:26 39424 ----a-r- c:\windows\system32\GsiDi32.dll
2009-12-31 21:53 . 2009-12-31 21:54 -------- d-----w- c:\documents and settings\allen\Application Data\GlarySoft
2009-12-31 21:53 . 2009-12-31 21:53 -------- d-----w- c:\program files\Glary Registry Repair
2009-12-31 21:39 . 2009-12-31 21:39 -------- d-----w- c:\program files\Panda Security
2009-12-31 18:41 . 2009-12-31 18:41 -------- d-----w- c:\program files\Trend Micro
2009-12-31 11:24 . 2009-12-31 11:24 -------- d-----w- c:\program files\IEToolbar404
2009-12-27 19:09 . 2009-12-31 22:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-27 18:58 . 2009-12-02 13:19 15880 ----a-w- c:\windows\system32\lsdelete.exe
2009-12-27 18:36 . 2009-12-02 13:19 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-12-27 18:36 . 2009-12-27 18:36 862040 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\threatwork.exe
2009-12-27 18:36 . 2009-12-27 18:36 206944 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavamessage.dll
2009-12-27 18:29 . 2009-12-27 18:29 -------- d-----w- c:\program files\Lavasoft
2009-12-27 18:23 . 2009-12-27 18:29 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}
2009-12-27 17:35 . 2009-12-27 17:35 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Microsoft
2009-12-22 20:09 . 2009-12-22 20:09 -------- d-----w- c:\documents and settings\allen\Application Data\SUPERAntiSpyware.com
2009-12-20 12:43 . 2009-12-27 18:36 -------- dc----w- c:\windows\system32\DRVSTORE
2009-12-20 12:43 . 2009-12-20 12:43 -------- d-----w- c:\windows\system32\AGEIA
2009-12-20 12:43 . 2009-12-20 12:43 -------- d-----w- c:\program files\AGEIA Technologies
2009-12-20 12:28 . 2009-12-20 12:28 -------- d-----w- c:\program files\505games
2009-12-20 09:35 . 2008-04-14 00:12 343040 -c--a-w- c:\windows\system32\dllcache\mspaint.exe
2009-12-20 09:35 . 2008-04-14 00:12 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-20 09:35 . 2009-12-20 09:35 -------- d--h--w- c:\windows\PIF
2009-12-20 09:33 . 2009-12-20 09:33 1206048 ----a-w- c:\windows\system32\paintnt.exe
2009-12-16 19:47 . 2009-12-16 19:47 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-12-16 11:04 . 2004-08-03 22:56 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-12-15 22:56 . 2009-12-18 17:56 -------- d-----w- c:\documents and settings\allen\Application Data\dvdcss
2009-12-15 22:08 . 2009-12-15 22:08 -------- d-----w- c:\program files\RAR Password Cracker
2009-12-15 08:21 . 2009-12-15 08:21 -------- d-----w- c:\windows\system32\XPSViewer
2009-12-15 08:21 . 2009-12-15 08:21 -------- d-----w- c:\program files\Reference Assemblies
2009-12-15 08:20 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2009-12-15 08:20 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-12-15 08:20 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-12-15 08:20 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-12-15 08:20 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-12-15 08:20 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-12-15 08:20 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-12-15 08:20 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-12-15 08:20 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2009-12-14 10:05 . 2009-12-14 10:05 -------- d-----w- c:\program files\Pcsx2
2009-12-14 08:08 . 2009-12-14 08:08 -------- d-----w- c:\program files\PS2_PC
2009-12-08 20:38 . 2009-12-08 20:55 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-12-08 20:37 . 2009-12-08 20:37 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
2009-12-08 20:37 . 2008-08-20 15:24 2925576 -c--a-w- c:\documents and settings\All Users\Application Data\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}\setup.exe
2009-12-08 20:34 . 2009-12-08 20:34 -------- d-----w- C:\ProgramData
2009-12-08 20:34 . 2009-12-08 20:34 -------- d-----w- c:\documents and settings\allen\Local Settings\Application Data\Downloaded Installations
2009-12-06 14:24 . 2009-12-06 14:24 -------- d-----w- C:\VersalSoft
2009-12-06 14:24 . 2009-12-06 14:24 -------- d-----w- c:\program files\VersalSoft
2009-12-06 14:24 . 2009-12-06 14:24 -------- d-----w- c:\program files\Universal
2009-12-05 21:12 . 2009-10-18 11:54 73728 ----a-w- c:\windows\system\vdremote.dll
2009-12-05 21:12 . 2009-10-18 11:53 65536 ----a-w- c:\windows\system\vdsvrlnk.dll
2009-12-04 21:27 . 2009-12-04 21:27 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-04 21:26 . 2009-12-04 21:26 152576 ----a-w- c:\documents and settings\allen\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-12-04 21:26 . 2009-12-04 21:26 79488 ----a-w- c:\documents and settings\allen\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-12-02 18:37 . 2009-12-02 18:37 -------- d-----w- c:\documents and settings\allen\Incomplete
2009-12-02 18:36 . 2009-12-02 19:25 -------- d-----w- c:\documents and settings\allen\.limewire
2009-12-02 18:36 . 2009-12-04 21:27 -------- d-----w- c:\program files\Java
2009-12-02 18:35 . 2009-12-02 18:35 -------- d-----w- c:\program files\Common Files\Java
2009-12-02 18:35 . 2009-12-02 18:36 -------- d-----w- c:\program files\LimeWire

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-31 19:58 . 2009-12-22 20:10 52224 ----a-w- c:\documents and settings\allen\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2009-12-31 19:58 . 2009-12-22 20:10 117760 ----a-w- c:\documents and settings\allen\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-12-29 22:28 . 2009-12-01 18:02 -------- d-----w- c:\documents and settings\allen\Application Data\vlc
2009-12-27 18:36 . 2009-12-27 18:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-12-27 18:36 . 2009-12-27 18:36 390288 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\lavalicense.dll
2009-12-27 18:36 . 2009-12-27 18:36 537576 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\aawapi.dll
2009-12-27 18:36 . 2009-12-27 18:36 370744 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\UpdateManager.dll
2009-12-27 18:36 . 2009-12-27 18:36 194104 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Savapibridge.dll
2009-12-27 18:35 . 2009-12-27 18:35 6296864 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Resources.dll
2009-12-27 18:35 . 2009-12-27 18:35 933120 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\CEAPI.dll
2009-12-27 18:35 . 2009-12-27 18:35 816272 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe
2009-12-27 18:35 . 2009-12-27 18:35 822904 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2009-12-27 18:35 . 2009-12-27 18:35 1643272 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-Aware.exe
2009-12-27 18:35 . 2009-12-27 18:35 788880 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWTray.exe
2009-12-27 18:35 . 2009-12-27 18:35 1181328 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe
2009-12-27 17:36 . 2009-12-27 17:36 52224 ----a-w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2009-12-27 17:36 . 2009-12-27 17:36 117760 ----a-w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-12-27 17:35 . 2009-12-27 17:35 -------- d-----w- c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2009-12-27 17:35 . 2009-12-22 20:09 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-12-22 20:10 . 2009-12-22 20:10 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-12-22 20:09 . 2009-11-22 07:17 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-20 13:14 . 2009-11-22 10:43 -------- d-----w- c:\program files\PowerISO
2009-12-16 15:44 . 2009-11-22 07:35 80552 ----a-w- c:\documents and settings\allen\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-15 08:21 . 2009-11-22 07:45 -------- d-----w- c:\program files\MSBuild
2009-12-09 19:59 . 2009-11-22 07:19 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-09 19:59 . 2009-11-22 11:18 -------- d-----w- c:\program files\Electronic Arts
2009-12-08 20:34 . 2009-11-22 07:08 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-08 08:30 . 2009-11-22 08:31 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-07 14:10 . 2009-12-27 18:29 2953352 -c--a-w- c:\documents and settings\All Users\Application Data\{BC9FCCF7-E686-494B-8C9B-55C9A39A7CA9}\Ad-AwareInstallation.exe
2009-12-06 13:50 . 2009-11-23 08:22 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-12-04 21:24 . 2009-11-30 17:57 -------- d-----w- c:\program files\DivX
2009-12-01 20:02 . 2009-11-30 14:53 -------- d-----w- c:\program files\Fear 2 Reborn
2009-12-01 20:02 . 2009-12-01 15:15 -------- d-----w- c:\program files\F.E.A.R. 2 PO
2009-12-01 18:02 . 2009-12-01 18:02 -------- d-----w- c:\program files\VideoLAN
2009-11-30 18:43 . 2009-11-30 18:42 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-11-30 18:23 . 2009-11-30 18:19 -------- d-----w- c:\program files\URUSoft
2009-11-30 17:59 . 2009-11-30 17:59 -------- d-----w- c:\documents and settings\allen\Application Data\DivX
2009-11-28 18:08 . 2009-11-28 18:08 -------- d-----w- c:\program files\TagRename
2009-11-26 09:09 . 2009-11-26 09:07 -------- d-----w- c:\program files\MixMeister Fusion
2009-11-26 09:09 . 2009-11-26 09:09 -------- d-----w- c:\documents and settings\allen\Application Data\MixMeister Technology
2009-11-24 02:17 . 2009-11-23 10:46 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-11-23 10:48 . 2009-11-23 10:48 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-23 10:47 . 2009-11-23 10:47 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-11-23 10:46 . 2009-11-23 10:46 86016 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
2009-11-23 08:28 . 2009-11-23 08:21 -------- d-----w- c:\documents and settings\allen\Application Data\Any DVD Converter Professional
2009-11-23 08:22 . 2009-11-23 08:21 -------- d-----w- c:\program files\Any DVD Converter Professional
2009-11-23 08:16 . 2009-11-23 08:16 -------- d-----w- c:\documents and settings\allen\Application Data\Ulead Systems
2009-11-23 08:15 . 2009-11-23 08:15 -------- d-----w- c:\program files\Windows Media Components
2009-11-23 08:15 . 2009-11-23 08:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Ulead Systems
2009-11-23 08:15 . 2009-11-23 08:14 -------- d-----w- c:\program files\Common Files\Ulead Systems
2009-11-23 08:14 . 2009-11-23 08:14 -------- d-----w- c:\program files\Ulead Systems
2009-11-23 08:13 . 2009-11-23 08:13 -------- d-----w- c:\documents and settings\All Users\Application Data\UDL
2009-11-23 08:12 . 2009-11-23 08:11 -------- d-----w- c:\program files\EPSON
2009-11-23 07:42 . 2009-11-22 07:01 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-11-23 06:49 . 2009-11-23 06:49 -------- d-----w- c:\program files\MSXML 4.0
2009-11-22 12:57 . 2009-11-22 07:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Creative
2009-11-22 12:51 . 2009-11-22 07:53 -------- d-----w- c:\program files\Common Files\Nero
2009-11-22 12:50 . 2009-11-22 07:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-11-22 12:39 . 2009-11-22 12:39 128 ----a-w- c:\documents and settings\allen\Local Settings\Application Data\fusioncache.dat
2009-11-22 12:33 . 2009-11-22 12:32 -------- d-----w- c:\program files\Common Files\Real
2009-11-22 12:33 . 2009-11-22 12:33 -------- d-----w- c:\program files\Common Files\xing shared
2009-11-22 12:32 . 2009-11-22 12:32 499712 ----a-w- c:\windows\system32\msvcp71.dll
2009-11-22 12:32 . 2009-11-22 12:32 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-11-22 12:32 . 2009-11-22 12:32 -------- d-----w- c:\program files\Real
2009-11-22 11:22 . 2009-11-22 11:22 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-11-22 11:22 . 2009-11-22 11:22 22328 ----a-w- c:\documents and settings\allen\Application Data\PnkBstrK.sys
2009-11-22 11:22 . 2009-11-22 11:22 22328 ----a-w- c:\documents and settings\allen\Application Data\PnkBstrK.sys
2009-11-22 11:21 . 2009-11-22 11:21 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-11-22 11:21 . 2009-11-22 11:21 669184 ----a-w- c:\windows\system32\pbsvc.exe
2009-11-22 11:21 . 2009-11-22 11:21 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-11-22 11:09 . 2009-11-22 11:09 -------- d-----w- c:\program files\Activision
2009-11-22 09:04 . 2009-11-22 09:04 -------- d-----w- c:\documents and settings\All Users\Application Data\DVD Shrink
2009-11-22 09:04 . 2009-11-22 09:04 -------- d-----w- c:\program files\DVD Shrink
2009-11-22 09:04 . 2009-11-22 09:01 -------- d-----w- c:\program files\coolpro2
2009-11-22 09:04 . 2009-11-22 09:04 -------- d-----w- c:\documents and settings\allen\Application Data\Syntrillium
2009-11-22 09:00 . 2009-11-22 09:00 -------- d-----w- c:\program files\CCleaner
2009-11-22 09:00 . 2009-11-22 09:00 -------- d-----w- c:\program files\Yahoo!
2009-11-22 08:55 . 2009-11-22 08:55 -------- d-----w- c:\program files\7-Zip
2009-11-22 08:33 . 2009-11-22 08:32 -------- d-----w- c:\documents and settings\All Users\Application Data\IM
2009-11-22 08:32 . 2009-11-22 08:32 -------- d-----w- c:\documents and settings\All Users\Application Data\IncrediMail
2009-11-22 08:32 . 2009-11-22 08:32 -------- d-----w- c:\program files\IncrediMail
2009-11-22 08:31 . 2009-11-22 08:31 -------- d-----w- c:\program files\Avira
2009-11-22 08:31 . 2009-11-22 08:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
2009-11-22 08:28 . 2009-11-22 08:28 -------- d-----w- c:\program files\Windows Media Connect 2
2009-11-22 07:54 . 2009-11-22 07:54 -------- d-----w- c:\documents and settings\allen\Application Data\Nero
2009-11-22 07:53 . 2009-11-22 07:53 -------- d-----w- c:\program files\Nero
2009-11-22 07:46 . 2009-11-22 07:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-11-22 07:45 . 2009-11-22 07:45 -------- d-----w- c:\program files\Microsoft Works
2009-11-22 07:34 . 2009-11-22 07:33 86016 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\USMT\iconlib.dll
2009-11-22 07:26 . 2009-11-22 07:26 -------- d-----w- c:\documents and settings\allen\Application Data\Creative
2009-11-22 07:21 . 2009-11-22 07:21 -------- d-----w- c:\program files\Creative
2009-11-22 07:20 . 2009-11-22 07:20 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2009-11-22 07:20 . 2009-11-22 07:20 102400 ----a-w- c:\windows\system32\OpenAL32.dll
2009-11-22 07:03 . 2009-11-22 07:03 -------- d-----w- c:\program files\microsoft frontpage
2009-11-22 07:00 . 2009-11-22 07:00 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-09 03:21 . 2009-11-09 03:21 59388 ----a-w- c:\windows\system32\drivers\scdemu.sys
2009-10-29 07:45 . 2004-08-03 22:56 916480 ------w- c:\windows\system32\wininet.dll
2009-10-21 05:38 . 2004-08-03 22:56 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38 . 2004-08-03 22:56 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2004-08-03 21:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
.

(((((((((((((((((((((((((((((   SnapShot@2009-12-31_22.28.09   )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-01 17:41 . 2010-01-01 17:41 16384              c:\windows\Temp\Perflib_Perfdata_228.dat
+ 2002-10-02 23:09 . 2002-10-02 23:09 34816              c:\windows\system32\RASPPPOE.EXE
+ 2002-10-02 23:09 . 2002-10-02 23:09 38912              c:\windows\system32\RASPPPOE.DLL
+ 2002-10-02 23:09 . 2002-10-02 23:09 31504              c:\windows\system32\drivers\RMSPPPOE.SYS
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetDefaultMIDI"="MIDIDef.exe" [2005-04-22 73728]

Jesi maknul ono kaj sam ti navel sa Startapa s CCleaner, koje jos imas probleme na kompu osim kaj ti fali Task Manager bez kojeg se ionak moze jer ima boljih zamjena za njega. Pokreni jos Combofix u normalnim windowsima ak nisi ali sljedi isti postupak ko prije tj iskljuci Aviru.

osim task managera ne mogu instalirati neke programe, tipa  malwarebytes, isbacuje "runtime error 440" i "runtime err 0".

evo što imam sa ccleanerom u startup-u

probaj http://siri.urz.free.fr/Fix/SmitfraudFix.exe

Meni je rijesio neke vrlo gadne stvari.

Zasto ti je win na d? Imas dual boot?

da, da bi mogao instalirati malwarebytes, morao sam napraviti tako. kad vidim što će na kraju biti brišem jedan.

Makni sve od Nero iz Startapa ak ne koristis neku njegovu Backup funkciju uopce jer ti je onda to skroz nepotrebno.

Nadam se da si svjestan da ne smjes formatirati c particiju inace neces ni u ovaj drugi moci uci.

Trebao si izvaditi disk pa staviti u drugi komp, ocistiti i eventulano rapir uraditi.

C: više nije glavni, ako ga ne uspijem očistiti, formatiram i ostaje mi ovaj XP na D:

ipak, ništa ne pomaže, ne mogu ni sa recovery console niti sa repair, već sam to probavao al tijekom repaira strane sa učitavanjem i traži neki disk sa LAN ili net kontrolerima (tako nekako) tako da ni ta opcija ne igra...

Jesi li pokušava s avira rescue disc?

ne kužim kako se ljudi nakupe virusa,imaš mali miljun sigurnosnih riješenja

Nikoji ne pruža 100% zaštitu a i desi se svakome.

Poslije formata c neces moci ni u taj na d disku. Tu gdje ti trazi drivere samo stisni skipp ili cancel i nastavice dalje. Poslije dodas drivere.

Imal sam danas isti slučaj kod jednoga kojemu sam slagao PC...naime nije se moglo uči u windowse, a i kad se ušlo nekak nije radio taskmanager, bilo koji program i slično...

Imao je gadni virus po imenu VIRUT 32...

Evo kak ga se riješiš :

                                         1) skineš Dr.Web CureIt pošto se taj virus zaljepi za sistemske datoteke i ne smije se brisati več se moraju "liječiti" datoteke : http://www.freedrweb.com/cureit/

                                         2) nakon toga zapržiš ga na CD ili staviš na USB, ali OPREZ ako ga staviš na USB on če ga zaraziti i kad iduči put staviš u system kopirat če se...da bi to spriječio skini Panda USB Vaccine 

                                              i pokreni ovo Vacinate computer i on če ti blokirati samopokretanje usb-a i nakon toga odeš u My Computer, desni klik i format...

                                         3) nakon što si stavio Dr.Web na neki medij upali PC i prije nego se Windowsi počnu bootati pritišči F8 da uđeš u meni iz kojeg odabereš da odeš u Safe Mode

                                         4) u Safe Modu pokreni Dr.Web full Scan i čekaj da završi

                                         5) nakon toga isljuči System Restore

                                         6) ako si sve napravil skini CCleaner da počistiš sve tragove u registrijima i nakon toga restartaj PC i uđi u windowse normalne

Ovo upiši u Run: REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f i dobiti ćeš nazad TaskManager, bar privremeno (ono što ga je ugasilo opet će ga ugasiti, ali možeš opet ovo pokrenuti), dok ne pogasiš procese, instaliraš SuperAntiSpyware, Spybot i Aviru...