Prilikom podizanja sistema otvara se MY COMPUTER

Prilikom podizanja sistema otvara se MY COMPUTER

offline
  • Pridružio: 02 Avg 2006
  • Poruke: 24

Logfile of HijackThis v1.99.1
Scan saved at 21:27:04, on 5.7.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\PixVue.Com\PixVue\bin\Daemon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\PopTray\PopTray.exe
C:\PROGRA~1\Belkin\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: TBSB02678 - {BDCA7AC9-C27B-4D30-A808-9B9081279C03} - C:\PROGRA~1\QUICKN~1\YOUTUB~1.DLL
O3 - Toolbar: FreshDownload Bar - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - C:\PROGRA~1\FRESHD~1\FRESHD~1\fdiebar.dll
O3 - Toolbar: &PixVue - {B28B4479-D9C2-41D1-B74D-74A1827037CD} - C:\Program Files\PixVue.Com\PixVue\bin\PixVue.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [] SysTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: AccessRunner DSL.lnk = ?
O4 - Startup: PopTray.lnk = C:\Program Files\PopTray\PopTray.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Gmail Notifier.lnk = C:\Program Files\Google\Gmail Notifier\gnotify.exe
O8 - Extra context menu item: Add to Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: FreshDownload - {4FF5D30F-72A0-4D72-AF79-05FDAFD6BF8A} - C:\Program Files\FreshDevices\FreshDownload\fd.exe
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [INTERNATIONAL] International*
O17 - HKLM\System\CCS\Services\Tcpip\..\{0849BD10-21EA-4ACB-91D4-67A4FBD0102A}: NameServer = 77.105.0.19 77.105.0.18
O17 - HKLM\System\CS1\Services\Tcpip\..\{0849BD10-21EA-4ACB-91D4-67A4FBD0102A}: NameServer = 77.105.0.19 77.105.0.18
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: PixVue - C:\Program Files\PixVue.Com\PixVue\bin\WinLogon.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PixVue - PixVue.Com - C:\Program Files\PixVue.Com\PixVue\bin\Daemon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

Prilikom svakog podizanja sistema otvara mi se i folder MY COMPUTER. Kako postoji sumnja da se radi o nekom trojancu, virusu i sl. skenirao sam kompjuter sa potpuno ažuriranim Kaspersky Internet Security 6.0, SB Search & Destroy i Lavasoft AD Aware SE ali mi to nije pomoglo.
Ima li ko kavku ideju ili rešenje za ovaj prilično iritantan problem?

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Potrazi sledeci fajl na disku, i kazi mi koliko kopija ima, i u kojim folderima:
SysTray.exe

Kako pretraziti:
Start > Search > For files or folders > opcija All Files and Folders.
Onda klikni na More Advanced Options i proveri da sledece opcije budu ukljucene:
Search system folders
Search hidden files and folders
Search subfolders


U polje All or part of filename unesi redom imena fajla koje sam gore napisao i klikni na dugme Search
Napisi u sledecoj poruci sta je nadjeno i u kom folderu.

offline
  • Pridružio: 02 Avg 2006
  • Poruke: 24

bobby ::Potrazi sledeci fajl na disku, i kazi mi koliko kopija ima, i u kojim folderima:
SysTray.exe

Kako pretraziti:
Start > Search > For files or folders > opcija All Files and Folders.
Onda klikni na More Advanced Options i proveri da sledece opcije budu ukljucene:
Search system folders
Search hidden files and folders
Search subfolders


U polje All or part of filename unesi redom imena fajla koje sam gore napisao i klikni na dugme Search
Napisi u sledecoj poruci sta je nadjeno i u kom folderu.


Evo šta sam našao:

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Skeniraj ponovo uz pomoc programa HijackThis i stikliraj polje ispred sledece linije:
O4 - HKLM\..\Run: [] SysTray.exe

Nakon toga klikni Fix Checked

Javi da li je to dalo rezultata.

offline
  • Pridružio: 02 Avg 2006
  • Poruke: 24

Problem rešen! Reinstalirao sam XP.
Hvala svima na volji da mi pomognu.

Ko je trenutno na forumu
 

Ukupno su 1053 korisnika na forumu :: 50 registrovanih, 6 sakrivenih i 997 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, 8u47, A.R.Chafee.Jr., aramis s, avijacija, Boris90, CrazyDiablo, DejanCG, delrey, Djokislav, dule10savic, dzoni19, Georgius, havoc995, HrcAk47, Istman, ivan979, Joja, jukeboxer, kybonacci, laki_bb, Leonov, mean_machine, mercedesamg, Mercury, MiGac, Miki01, milenko crazy north, Milometer, Mirage 2000N, MiroslavD, nenad81, nikoladim, Prašinar, predragc, prle122, royst33, Silvertooth, Sir Budimir, sombrero, Srky Boy, Srle993, stegonosa, theNedjeljko, Vatreni Zmaj, Vlada1389, voja64, VP6919, Wolfaim, zlaya011