Evo.. ako moze detaljno da mi analizirate sta je sve moguci problem?
DDS (Ver_10-12-12.02) - NTFSx86
Run by Igor at 13:30:28,57 on sub 06.06.2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.80 [GMT 2:00]
AV: ESET Smart Security 4.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *Enabled*
============== Running Processes ===============
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Documents and Settings\Igor\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Igor\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Igor\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Igor\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Igor\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Igor\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Igor\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Igor\Desktop\dds.com
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.qword.com/?s=1
uURLSearchHooks: H - No File
mWinlogon: Taskman=c:\documents and settings\igor\gsyzq.exe
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: E-Zsoft VideoDownloaderToolBar: {4322a444-92f8-4c3e-bd4c-013ba51e2871} - c:\program files\versalsoft\internetdownload\VDTB.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: E-Zsoft VideoDownloaderToolBar: {4322a444-92f8-4c3e-bd4c-013ba51e2871} - c:\program files\versalsoft\internetdownload\VDTB.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
mRun: [C6501Sound] RunDll32 c6501.cpl,CMICtrlWnd
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [<NO NAME>]
dRun: [<NO NAME>]
dRun: [ATICCC] "c:\program files\ati technologies\ati.ace\cli.exe" runtime
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\aticat~1.lnk - c:\program files\ati technologies\ati.ace\CLI.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dslmon.lnk - c:\program files\sagem\sagem f@st 800-840\dslmon.exe
IE: Download by Versalsoft Internet Download - c:\program files\versalsoft\internetdownload\adddownload.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Trusted Zone: qword.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
TCP: {4952984B-3DC3-4F01-BC42-640DC48AD2C5} = 80.74.164.249 80.74.160.26
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GR99D3~1.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GRA8E1~1.DLL
Hosts: 127.0.0.1
www.spywareinfo.com
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\igor\applic~1\mozilla\firefox\profiles\pxal9t9i.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=616163&p=
FF - plugin: c:\documents and settings\igor\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: QuickStores-Toolbar:
[email protected] - c:\program files\mozilla firefox\extensions\
[email protected]
FF - Ext: Java Quick Starter:
[email protected] - c:\program files\java\jre6\lib\deploy\jqs\ff
FF - Ext: QuickStores-Toolbar:
[email protected] - %profile%\extensions\
[email protected]
============= SERVICES / DRIVERS ===============
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-4-28 114984]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2010-6-24 810144]
R3 DCamUSBET;ET USB 2760 Camera;c:\windows\system32\drivers\etDevice.sys [2007-11-29 121856]
R3 e4usbaw;USB ADSL2 WAN Adapter;c:\windows\system32\drivers\e4usbaw.sys [2009-1-19 104344]
R3 FiltUSBET;ET USB Device Lower Filter;c:\windows\system32\drivers\etFilter.sys [2007-9-12 217088]
R3 ScanUSBET;ET USB Still Image Capture Device;c:\windows\system32\drivers\etScan.sys [2007-9-7 6656]
R3 WFLR6654;WinFast TV2000 XP Global/Global TV (Video);c:\windows\system32\drivers\wfeaglxt.sys [2009-1-21 405504]
S2 E4LOADER;General Purpose USB Driver (e4ldr.sys);c:\windows\system32\drivers\e4ldr.sys [2009-1-19 69656]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-3-20 136176]
S3 block_reader;MPR DRV;\??\c:\program files\multi password recovery\block_reader.sys --> c:\program files\multi password recovery\block_reader.sys [?]
S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?]
=============== Created Last 30 ================
2010-06-24 07:27:22 55256 ----a-w- c:\windows\system32\drivers\epfwtdi.sys
2010-06-24 07:26:24 140752 ----a-w- c:\windows\system32\drivers\eamon.sys
2010-04-28 06:17:46 32584 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2010-04-28 06:17:46 134488 ----a-w- c:\windows\system32\drivers\epfw.sys
2010-04-28 06:17:46 114984 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2010-03-16 14:28:22 344064 ----a-w- c:\windows\system32\msvcr70.dll
2010-03-16 14:28:20 487424 ----a-w- c:\windows\system32\msvcp70.dll
2010-03-02 07:14:30 45056 ----a-w- c:\windows\system32\Dll_CertExams.dll
2009-11-14 18:37:08 154112 ----a-w- c:\windows\system32\ts.dll
2009-11-14 18:33:40 357888 ----a-w- c:\windows\system32\gdsmux.exe
2009-11-14 18:33:38 249856 ----a-w- c:\windows\system32\dxr.dll
2009-11-14 18:12:02 550400 ----a-w- c:\windows\system32\splitter.ax
2009-11-14 18:11:50 93184 ----a-w- c:\windows\system32\avss.dll
2009-11-14 18:11:42 150016 ----a-w- c:\windows\system32\mkx.dll
2009-11-14 18:11:42 141824 ----a-w- c:\windows\system32\mp4.dll
2009-11-14 18:11:40 123392 ----a-w- c:\windows\system32\ogm.dll
2009-11-14 18:11:40 109568 ----a-w- c:\windows\system32\avi.dll
2009-11-14 18:11:38 97792 ----a-w- c:\windows\system32\avs.dll
2009-11-14 18:11:36 136704 ----a-w- c:\windows\system32\mkv2vfr.exe
2009-11-14 18:11:36 113152 ----a-w- c:\windows\system32\dsmux.exe
2009-11-14 18:11:32 80384 ----a-w- c:\windows\system32\mkzlib.dll
2009-11-14 18:11:32 24576 ----a-w- c:\windows\system32\mkunicode.dll
2009-08-11 21:21:26 87552 ----a-w- c:\windows\system32\ac3config.exe
2009-08-11 21:19:04 797184 ----a-w- c:\windows\system32\ac3filter.ax
2009-08-06 18:24:18 21728 ----a-w- c:\windows\system32\wucltui.dll.mui
2009-08-06 18:24:12 15072 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2009-08-06 18:24:06 15064 ----a-w- c:\windows\system32\wuapi.dll.mui
2009-08-06 18:24:00 17632 ----a-w- c:\windows\system32\wuaueng.dll.mui
2009-06-24 15:39:26 1003520 ----a-w- c:\windows\system32\VSFilter.dll
2009-06-02 19:40:32 -------- d-----w- c:\program files\aSkola
2009-06-02 19:37:34 299520 ----a-w- c:\windows\uninst.exe
2009-06-02 19:37:27 -------- d-----w- c:\documents and settings\igor\WINDOWS
2009-06-01 16:09:16 -------- d-----w- C:\Vozacki Testovi-Demo
2009-06-01 11:40:36 -------- d-----w- C:\ASkola
2009-05-29 21:40:38 -------- d-sh--r- C:\DebugDLL
2009-05-21 21:34:51 -------- d-----w- c:\docume~1\igor\locals~1\applic~1\ATI
2009-05-21 21:31:51 -------- d-----w- c:\windows\system32\URTTEMP
2009-05-21 21:29:57 516096 ------w- c:\windows\system32\ati2sgag.exe
2009-05-21 21:29:26 294912 ----a-r- c:\windows\system32\atiiiexx.dll
2009-05-21 21:29:25 151552 ----a-r- c:\windows\system32\ATIDEMGR.dll
2009-05-21 21:28:58 -------- d-----w- c:\program files\ATI Technologies
2009-05-21 21:28:17 212992 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ILog.dll
2009-05-21 17:57:33 -------- d-----w- c:\program files\Enigma Software Group
2009-05-21 17:56:05 -------- d-----w- c:\windows\41EBC322660F4D16A0DF53147210CBDB.TMP
2009-05-21 17:54:45 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2009-05-07 18:24:14 -------- d-----w- c:\program files\FunWebProducts
2009-05-07 18:23:56 -------- d-----w- c:\program files\MyWebSearch
==================== Find3M ====================
2010-04-09 16:47:38 1945600 ----a-w- c:\windows\NetworkCfg.exe
2009-12-12 14:15:30 178176 ----a-w- c:\windows\system32\unrar.dll
2009-10-29 10:34:24 874416 ----a-w- c:\windows\system32\Codejock.TaskPanel.v13.2.1.ocx
2009-10-29 10:34:16 808880 ----a-w- c:\windows\system32\Codejock.DockingPane.v13.2.1.ocx
2009-10-29 10:34:16 1808304 ----a-w- c:\windows\system32\Codejock.Controls.v13.2.1.ocx
2009-10-29 10:34:14 2344880 ----a-w- c:\windows\system32\Codejock.CommandBars.v13.2.1.ocx
2009-08-06 18:24:10 217816 ----a-w- c:\windows\system32\wuaucpl.cpl
2009-06-06 10:44:53 2 ----a-w- c:\windows\system32\Dvbpws.dll
2009-03-08 13:22:46 1241088 ----a-w- c:\windows\system32\ieframe.dll.mui
2009-03-08 13:22:30 49152 ------w- c:\windows\system32\msrating.dll.mui
2009-03-08 13:22:18 2560 ------w- c:\windows\system32\mshta.exe.mui
2009-03-08 13:21:06 4096 ------w- c:\windows\system32\ie4uinit.exe.mui
2009-03-08 13:21:06 10240 ----a-w- c:\windows\system32\advpack.dll.mui
2009-03-08 13:20:54 81920 ------w- c:\windows\system32\iedkcs32.dll.mui
============= FINISH: 13:31:26,84 ===============
############################################################################
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_10-12-12.02)
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 18.1.2009 23:32:34
System Uptime: 6.6.2009 11:25:30 (2 hours ago)
Motherboard: ASRock | | K8NF3-VSTA
Processor: AMD Sempron(tm) Processor 3000+ | CPUSocket | 1809/200mhz
==== Disk Partitions =========================
A: is Removable
C: is FIXED (NTFS) - 20 GiB total, 1,58 GiB free.
D: is FIXED (NTFS) - 37 GiB total, 0,289 GiB free.
E: is FIXED (NTFS) - 18 GiB total, 10,714 GiB free.
F: is CDROM ()
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP1: 21.5.2009 22:50:47 - System Checkpoint
RP2: 21.5.2009 23:06:31 - Installed Connect Service
RP3: 21.5.2009 23:08:06 - Installed Connect Service
RP4: 21.5.2009 23:09:37 - Installed Connect Service
RP5: 21.5.2009 23:34:07 - Installed ATI Catalyst Control Center
RP6: 21.5.2009 23:34:32 - Installed Macromedia Flash Player
RP7: 21.5.2009 23:41:44 - Removed SpyHunter
RP8: 23.5.2009 15:42:32 - System Checkpoint
RP9: 24.5.2009 17:53:46 - System Checkpoint
RP10: 25.5.2009 18:17:52 - System Checkpoint
RP11: 26.5.2009 19:12:50 - System Checkpoint
RP12: 27.5.2009 20:01:41 - System Checkpoint
RP13: 28.5.2009 21:45:04 - System Checkpoint
RP14: 30.5.2009 13:52:44 - System Checkpoint
RP15: 1.6.2009 12:57:38 - System Checkpoint
RP16: 2.6.2009 17:26:55 - System Checkpoint
RP17: 3.6.2009 17:54:45 - System Checkpoint
RP18: 4.6.2009 20:56:08 - System Checkpoint
RP19: 5.6.2009 23:22:32 - System Checkpoint
==== Installed Programs ======================
ActiveX Download Control Trial Version
Adobe Flash Player 10 Plugin
Adobe Reader 8
AIMP2
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Control Panel
ATI Display Driver
ATI HydraVision
Auto Skola
Boson NetSim for CCNP 7.0
C-Media 6501 Sound
CCleaner
Cole2k Media - Codec Pack (Standard) 7.9.1
Counter-Strike 1.6
DVD Flick 1.3.0.7
Easy GIF Animator 5.1
ESET Smart Security
FormatFactory 2.50
GOM Player
Google Chrome
Google Earth
Google SketchUp 8
Google Update Helper
Graph 4.3
HijackThis 2.0.2
IncrediMail
IncrediMail 2.0
IsoBuster 2.8.5
Java(TM) 6 Update 15
JDownloader
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office XP Professional with FrontPage
Microsoft Producer for Microsoft Office PowerPoint
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.6.10)
Nero 7 Premium
Network Simulator For CCNA 1.2.0
NVIDIA Drivers
Office Animation Runtime
PhotoScape
SAGEM F@st 800-840
Skype™ 4.2
Spybot - Search & Destroy
USB PC Camera device driver
Visual Prolog Examples
WebFldrs XP
Windows Internet Explorer 8
Windows Media Format 11 runtime
WinFast Multimedia Driver Installation
WinFast PVR2
WinRAR archiver
==== Event Viewer Messages From Past Week ========
4.6.2009 21:27:08, error: W32Time [34] - The time service has detected that the system time needs to be changed by +52707366 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com (ntp.m|0x1|212.69.7.211:123->207.46.232.182:123) is working properly.
30.5.2009 11:46:27, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: atapi PCIIde
30.5.2009 11:41:51, error: NetBT [4311] - Initialization failed because the driver device could not be created.
30.5.2009 11:37:47, error: Service Control Manager [7000] - The General Purpose USB Driver (e4ldr.sys) service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
2.6.2009 21:41:53, information: Windows File Protection [64001] - File replacement was attempted on the protected system file c:\windows\system32\ver.dll. This file was restored to the original version to maintain system stability. The file version of the bad file is 0.1998.4.10, the version of the system file is 0.103.3.10.
==== End Of File ===========================