MyCity » Ambulanta -> Arhiva Ambulante » explorer.exe application error - virus?

explorer.exe application error - virus?

Napisano na dan: 28.10.2008

explorer.exe application error - virus?

Sledeća strana

Pagination

Odgovori

RyZeeR Poslao: 28 Okt 2008 14:21 Idi na vrh
offline RyZeeR Građanin Pridružio: 09 Dec 2005 Poruke: 174 Gde živiš: Serbia - Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo svima, problem sa "explorer.exe application error" je nastao nakon snimanja podataka sa drugog hard disk (posto sam formatirao prvi hard disk, tu mi je sada svez windows). Svi podaci su analizirani "Malwarebytes' Anti-Malware" i NOD32 2.7, ali izgleda da je "nesto" uslo... zamolio bih Vas za pomoc. Evo loga /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2:12:50 PM, on 10/28/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.20861) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\WinFast\WFDTV\DTVSchdl.exe C:\Program Files\WinFast\WFDTV\WFWIZ.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Eset\nod32krn.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE C:\Program Files\Winamp\winamp.exe C:\PROGRA~1\Valve\Steam\Steam.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\Korisnik\Desktop\New Folder\TR3.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = login.live.com/ppsecure/sha1auth.srf?lc=1033 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe" O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Steam] "C:\Program Files\Valve\Steam\Steam.exe" -silent O4 - Startup: cleantemp.bat O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O13 - Gopher Prefix: O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- End of file - 5990 bytes /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\

Profil

dr_Bora Poslao: 28 Okt 2008 18:32 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Poz... Ovo izgleda ok, no možemo izvršiti još jednu proveru... Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

RyZeeR Poslao: 28 Okt 2008 19:16 Idi na vrh
offline RyZeeR Građanin Pridružio: 09 Dec 2005 Poruke: 174 Gde živiš: Serbia - Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo log-a (mislim da sam dobro uradio) /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ ComboFix 08-10-28.01 - Korisnik 2008-10-28 19:08:49.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2774 [GMT 1:00] Running from: C:\Documents and Settings\Korisnik\Desktop\ComboFix.exe * Created a new restore point * Resident AV is active . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\IE4 Error Log.txt C:\WINDOWS\system32\Dvbpws.dll . ((((((((((((((((((((((((( Files Created from 2008-09-28 to 2008-10-28 ))))))))))))))))))))))))))))))) . 2008-10-28 15:59 . 2008-10-28 19:02 <DIR> d-------- C:\Program Files\Trojan Remover 2008-10-28 15:48 . 2008-10-28 15:48 <DIR> d-------- C:\Documents and Settings\Korisnik\Application Data\LEAPS 2008-10-28 15:47 . 2008-10-28 15:47 <DIR> d-------- C:\Documents and Settings\Korisnik\Application Data\Pegasys Inc 2008-10-28 15:41 . 2008-10-28 15:41 <DIR> d-------- C:\Program Files\Pegasys Inc 2008-10-28 15:17 . 2001-08-17 13:28 794,654 --a--c--- C:\WINDOWS\system32\dllcache\usr1801.sys 2008-10-28 15:16 . 2001-08-17 13:28 899,146 --a--c--- C:\WINDOWS\system32\dllcache\r2mdkxga.sys 2008-10-28 15:15 . 2008-04-14 05:42 4,274,816 --a--c--- C:\WINDOWS\system32\dllcache\nv4_disp.dll 2008-10-28 15:14 . 2001-08-17 13:28 802,683 --a--c--- C:\WINDOWS\system32\dllcache\ltsm.sys 2008-10-28 15:13 . 2008-04-13 23:53 1,041,536 --a--c--- C:\WINDOWS\system32\dllcache\hsfdpsp2.sys 2008-10-28 15:12 . 2001-08-17 14:56 1,733,120 --a--c--- C:\WINDOWS\system32\dllcache\g400d.dll 2008-10-28 15:11 . 2001-08-17 12:13 980,034 --a--c--- C:\WINDOWS\system32\dllcache\cicap.sys 2008-10-28 15:10 . 2001-08-17 13:28 871,388 --a--c--- C:\WINDOWS\system32\dllcache\bcmdm.sys 2008-10-28 15:09 . 2008-04-23 13:49 2,189,184 --a--c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe 2008-10-28 13:14 . 2008-10-28 13:14 <DIR> d-------- C:\Program Files\Valve 2008-10-28 12:12 . 2008-10-28 12:32 139,264 --a------ C:\WINDOWS\War3Unin.exe 2008-10-28 12:12 . 2008-10-28 13:02 77,687 --a------ C:\WINDOWS\War3Unin.dat 2008-10-28 12:12 . 2008-10-28 12:32 2,829 --a------ C:\WINDOWS\War3Unin.pif 2008-10-28 12:07 . 2008-10-28 13:12 <DIR> d-------- C:\Program Files\Warcraft III 2008-10-27 16:14 . 2008-10-27 16:15 <DIR> d-------- C:\Program Files\WinFast 2008-10-27 16:09 . 2008-10-27 16:15 <DIR> d--h----- C:\Program Files\InstallShield Installation Information 2008-10-27 15:53 . 2008-10-28 16:21 <DIR> d-------- C:\Program Files\Garena 2008-10-27 15:51 . 2008-10-27 15:51 <DIR> d-------- C:\Documents and Settings\Korisnik\Application Data\teamspeak2 2008-10-27 15:51 . 2008-10-27 15:51 34,064 --a------ C:\WINDOWS\system32\lhacm.acm 2008-10-27 15:50 . 2008-10-27 15:51 <DIR> d-------- C:\Program Files\Teamspeak2_RC2 2008-10-27 15:50 . 2008-10-28 19:01 3,805 --a------ C:\WINDOWS\system32\LOCALSERVICE.INI 2008-10-27 15:50 . 2008-10-27 15:50 107 --a------ C:\WINDOWS\system32\LOCALDEVICE.INI 2008-10-27 15:46 . 2007-10-17 13:53 43,816 --a------ C:\WINDOWS\system32\drivers\fssfltr.sys 2008-10-27 15:45 . 2008-10-27 15:45 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition 2008-10-27 15:35 . 2008-10-27 15:35 <DIR> d-------- C:\Documents and Settings\Korisnik\Contacts 2008-10-27 15:22 . 2008-10-28 12:59 <DIR> d-------- C:\Program Files\Gamers.IRC 2008-10-27 15:21 . 2008-10-27 15:21 43,698 --a------ C:\WINDOWS\system32\xvid-uninstall.exe 2008-10-27 15:20 . 2008-10-27 15:20 <DIR> d-------- C:\Program Files\Gabest 2008-10-27 15:20 . 2008-10-27 15:21 <DIR> d-------- C:\Program Files\AutoGK 2008-10-27 15:15 . 2008-10-27 15:46 <DIR> d-------- C:\Program Files\Windows Live 2008-10-27 15:15 . 2008-10-27 15:21 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2008-10-27 15:15 . 2008-10-27 15:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-10-27 15:04 . 2008-10-27 15:04 <DIR> d-------- C:\WINDOWS\system32\Lang 2008-10-27 15:04 . 2008-10-27 15:04 940,794 --a------ C:\WINDOWS\system32\LoopyMusic.wav 2008-10-27 15:04 . 2008-10-27 15:04 146,650 --a------ C:\WINDOWS\system32\BuzzingBee.wav 2008-10-27 15:04 . 2008-04-14 00:47 83,072 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys 2008-10-27 15:04 . 2008-04-14 00:47 83,072 --a--c--- C:\WINDOWS\system32\dllcache\wdmaud.sys 2008-10-27 15:04 . 2008-04-14 00:15 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys 2008-10-27 15:04 . 2008-04-14 00:15 52,864 --a--c--- C:\WINDOWS\system32\dllcache\dmusic.sys 2008-10-27 15:04 . 2008-04-14 00:15 6,272 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2008-10-27 15:04 . 2008-04-14 00:15 6,272 --a--c--- C:\WINDOWS\system32\dllcache\splitter.sys 2008-10-27 15:03 . 2008-04-14 00:15 56,576 --a------ C:\WINDOWS\system32\drivers\swmidi.sys 2008-10-27 15:03 . 2008-04-14 00:15 56,576 --a--c--- C:\WINDOWS\system32\dllcache\swmidi.sys 2008-10-27 15:01 . 2008-10-27 15:01 <DIR> d-------- C:\Documents and Settings\Korisnik\Application Data\ATI 2008-10-27 15:01 . 2008-10-27 15:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ATI 2008-10-27 15:01 . 2008-07-03 16:51 16,876,032 --a------ C:\WINDOWS\RTHDCPL.exe 2008-10-27 15:01 . 2008-06-19 16:27 9,715,200 --a------ C:\WINDOWS\RTLCPL.exe 2008-10-27 15:01 . 2008-07-03 17:03 4,745,216 --a------ C:\WINDOWS\system32\drivers\RtkHDAud.sys 2008-10-27 15:01 . 2008-06-19 16:42 2,808,832 --a------ C:\WINDOWS\alcwzrd.exe 2008-10-27 15:01 . 2007-06-28 16:44 2,165,760 --a------ C:\WINDOWS\MicCal.exe 2008-10-27 15:01 . 2007-11-20 18:15 1,826,816 --a------ C:\WINDOWS\SkyTel.exe 2008-10-27 15:01 . 2008-04-02 09:27 1,196,032 --a------ C:\WINDOWS\RtlUpd.exe 2008-10-27 15:01 . 2008-03-05 18:07 520,192 --a------ C:\WINDOWS\RtlExUpd.dll 2008-10-27 15:01 . 2008-10-27 15:01 315,392 --a------ C:\WINDOWS\HideWin.exe 2008-10-27 15:01 . 2008-06-19 16:24 278,528 --a------ C:\WINDOWS\system32\ALSndMgr.cpl 2008-10-27 15:01 . 2008-03-13 14:52 266,240 --a------ C:\WINDOWS\system32\RTSndMgr.cpl 2008-10-27 15:01 . 2008-06-18 18:01 77,824 --a------ C:\WINDOWS\SoundMan.exe 2008-10-27 15:01 . 2008-06-19 16:20 57,344 --a------ C:\WINDOWS\Alcmtr.exe 2008-10-27 14:58 . 2008-10-27 16:11 <DIR> d-------- C:\WINDOWS\system32\WinFast 2008-10-27 14:58 . 2008-10-27 14:58 <DIR> d-------- C:\Program Files\Common Files\Ulead Systems 2008-10-27 14:58 . 2008-10-27 15:07 <DIR> d-------- C:\Program Files\Common Files\ArcSoft 2008-10-27 14:58 . 2008-10-27 15:07 <DIR> d-------- C:\Documents and Settings\Korisnik\Application Data\ArcSoft 2008-10-27 14:58 . 2008-10-27 14:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ArcSoft 2008-10-27 14:51 . 2008-09-23 21:05 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe 2008-10-27 14:50 . 2008-10-27 14:50 <DIR> d-------- C:\ATI 2008-10-27 14:30 . 2008-10-27 14:30 <DIR> d-------- C:\Program Files\Readon Technology 2008-10-27 14:30 . 2008-10-28 19:03 116 --a------ C:\WINDOWS\NeroDigital.ini 2008-10-27 14:08 . 2008-10-27 15:21 <DIR> d-------- C:\Program Files\AviSynth 2.5 2008-10-27 14:04 . 2008-10-28 15:22 <DIR> d-------- C:\Program Files\megui 2008-10-27 13:29 . 2008-10-22 16:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys 2008-10-27 13:13 . 2008-10-27 13:13 0 --a------ C:\WINDOWS\system32\BSPRINT.INI 2008-10-27 13:12 . 2008-10-27 13:12 <DIR> d-------- C:\Program Files\IVT Corporation 2008-10-27 13:12 . 2008-10-27 13:12 <DIR> d-------- C:\Program Files\DAEMON Tools Lite 2008-10-27 13:12 . 2008-10-27 13:13 32 --a------ C:\WINDOWS\0 2008-10-27 13:12 . 2008-10-27 13:12 0 --a------ C:\WINDOWS\system32\0 2008-10-27 13:10 . 2008-10-27 13:10 <DIR> d-------- C:\Documents and Settings\Korisnik\Application Data\DAEMON Tools 2008-10-27 13:10 . 2008-10-27 13:10 717,296 --a------ C:\WINDOWS\system32\drivers\sptd.sys 2008-10-27 13:09 . 2008-10-27 13:09 <DIR> d-------- C:\Program Files\Common Files\Adobe AIR 2008-10-27 13:08 . 2008-10-27 13:09 <DIR> d-------- C:\Program Files\Common Files\Adobe 2008-10-27 13:07 . 2008-10-27 13:07 <DIR> d-------- C:\Documents and Settings\Korisnik\Application Data\uTorrent 2008-10-27 13:04 . 2008-10-27 13:04 <DIR> d-------- C:\Program Files\Microsoft 2008-10-27 13:03 . 2008-10-27 13:03 <DIR> d-------- C:\Program Files\MSECache 2008-10-27 13:03 . 2008-10-27 13:03 <DIR> d-------- C:\Program Files\GPLGS 2008-10-27 13:03 . 2008-10-27 13:03 <DIR> d-------- C:\Program Files\Acro Software 2008-10-27 13:03 . 2007-07-12 22:33 87,552 --a------ C:\WINDOWS\system32\cpwmon2k.dll 2008-10-27 13:00 . 2007-04-09 13:23 28,040 --a------ C:\WINDOWS\system32\mdimon.dll 2008-10-27 13:00 . 2008-10-27 13:01 376 --a------ C:\WINDOWS\ODBC.INI 2008-10-27 12:59 . 2008-10-27 12:59 <DIR> d-------- C:\WINDOWS\SHELLNEW 2008-10-27 12:59 . 2008-10-27 12:59 <DIR> d-------- C:\Program Files\Microsoft.NET 2008-10-27 12:59 . 2008-10-27 13:02 <DIR> d-------- C:\Program Files\Microsoft Works 2008-10-27 12:59 . 2008-10-27 12:59 <DIR> d-------- C:\Program Files\Microsoft ActiveSync 2008-10-27 12:59 . 2008-10-27 12:59 <DIR> d-------- C:\Program Files\Common Files\L&H 2008-10-27 12:57 . 2008-10-27 12:57 <DIR> d-------- C:\Documents and Settings\Korisnik\Application Data\Ahead 2008-10-27 12:55 . 2008-10-27 15:57 <DIR> d-------- C:\Program Files\Unlocker 2008-10-27 12:55 . 2008-10-27 12:55 <DIR> d-------- C:\Program Files\FDRLab 2008-10-27 12:55 . 2008-10-27 12:55 <DIR> d-------- C:\Program Files\Everest Ultimate Edition v.4.60.1509 2008-10-27 12:55 . 2008-10-28 13:36 <DIR> d-------- C:\Documents and Settings\Korisnik\Application Data\Desktopicon 2008-10-27 12:54 . 2008-10-28 18:54 <DIR> d-------- C:\Program Files\SpeedFan 2008-10-27 12:54 . 2008-10-27 12:54 <DIR> d-------- C:\Program Files\SIW 2008-10-27 12:54 . 2008-10-27 12:54 <DIR> d-------- C:\Program Files\GPU-Z 0.2.8 2008-10-27 12:54 . 2008-10-27 12:54 <DIR> d-------- C:\Program Files\CPU-Z 1.48 2008-10-27 12:54 . 2008-10-27 12:54 45 --a------ C:\WINDOWS\system32\initdebug.nfo 2008-10-27 12:53 . 2008-10-28 14:55 <DIR> d-------- C:\Program Files\USDownloader-Lite 2008-10-27 12:53 . 2008-10-27 12:53 <DIR> d-------- C:\Program Files\Recuva 2008-10-27 12:53 . 2008-10-27 12:53 <DIR> d-------- C:\Program Files\CCleaner 2008-10-27 12:52 . 2008-10-27 12:52 <DIR> d-------- C:\Program Files\Winamp 2008-10-27 12:51 . 2008-10-27 12:51 <DIR> d-------- C:\Program Files\Common Files\ACD Systems 2008-10-27 12:51 . 2008-10-27 12:51 <DIR> d-------- C:\Program Files\ACD Systems 2008-10-27 12:51 . 2008-10-27 12:51 <DIR> d-------- C:\Documents and Settings\Korisnik\Application Data\ACD Systems 2008-10-27 12:51 . 2008-10-27 12:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ACD Systems 2008-10-27 12:49 . 2008-10-27 12:50 <DIR> d-------- C:\Program Files\The KMPlayer 2008-10-27 12:48 . 2008-10-27 12:48 <DIR> d-------- C:\Program Files\Real Alternative 2008-10-27 12:48 . 2008-10-27 12:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\GRETECH 2008-10-27 12:42 . 2008-10-27 12:42 <DIR> d-------- C:\Program Files\GRETECH 2008-10-27 12:42 . 2008-10-27 12:42 <DIR> d-------- C:\Documents and Settings\Korisnik\Application Data\GRETECH 2008-10-27 12:41 . 2008-10-27 12:41 <DIR> d-------- C:\Program Files\K-Lite Codec Pack 2008-10-27 12:39 . 2008-10-27 12:39 <DIR> d-------- C:\Program Files\Nero 2008-10-27 12:39 . 2008-10-27 12:40 <DIR> d-------- C:\Program Files\Common Files\Ahead 2008-10-27 12:38 . 2008-10-27 12:38 <DIR> d-------- C:\Program Files\DAMN NFO Viewer 2008-10-27 12:37 . 2008-10-27 12:37 <DIR> d-------- C:\Program Files\Defraggler 2008-10-27 12:35 . 2008-10-27 12:35 <DIR> d-------- C:\Program Files\Sun . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-10-27 12:21 34,312 ----a-w C:\WINDOWS\system32\drivers\blueletaudio.sys 2008-10-27 11:34 --------- d-----w C:\Program Files\Java 2008-10-27 10:59 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-10-27 01:33 --------- d-----w C:\Program Files\microsoft frontpage 2008-10-27 01:33 --------- d-----w C:\Program Files\Common Files\Java 2008-10-27 01:29 --------- d-----w C:\Program Files\Reference Assemblies 2008-10-27 01:29 --------- d-----w C:\Program Files\MSBuild 2008-10-27 01:25 --------- d-----w C:\Program Files\Windows Media Connect 2 2008-10-27 01:25 --------- d-----w C:\Program Files\Microsoft Silverlight 2008-09-24 03:09 3,331,072 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys 2008-09-24 02:18 425,984 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll 2008-09-24 02:17 311,296 ----a-w C:\WINDOWS\system32\ati2dvag.dll 2008-09-24 02:09 10,772,480 ----a-w C:\WINDOWS\system32\atioglxx.dll 2008-09-24 02:07 188,416 ----a-w C:\WINDOWS\system32\atipdlxx.dll 2008-09-24 02:06 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll 2008-09-24 02:06 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe 2008-09-24 02:06 143,360 ----a-w C:\WINDOWS\system32\Oemdspif.dll 2008-09-24 02:06 143,360 ----a-w C:\WINDOWS\system32\ati2evxx.dll 2008-09-24 02:04 581,632 ----a-w C:\WINDOWS\system32\ati2evxx.exe 2008-09-24 02:03 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL 2008-09-24 01:56 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll 2008-09-24 01:54 4,008,864 ----a-w C:\WINDOWS\system32\ati3duag.dll 2008-09-24 01:38 2,399,744 ----a-w C:\WINDOWS\system32\ativvaxx.dll 2008-09-24 01:24 48,640 ----a-w C:\WINDOWS\system32\amdpcom32.dll 2008-09-24 01:20 380,928 ----a-w C:\WINDOWS\system32\atikvmag.dll 2008-09-24 01:19 39,424 ----a-w C:\WINDOWS\system32\atiadlxx.dll 2008-09-24 01:18 53,248 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll 2008-09-24 01:18 253,952 ----a-w C:\WINDOWS\system32\atiok3x2.dll 2008-09-24 01:18 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll 2008-09-24 01:12 573,440 ----a-w C:\WINDOWS\system32\ati2cqag.dll 2008-09-16 00:14 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll 2008-09-16 00:12 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll 2008-09-16 00:11 683,520 ----a-w C:\WINDOWS\system32\divx.dll 2008-09-13 10:28 361,600 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-09-12 19:44 96,792 ----a-w C:\WINDOWS\system32\basecsp.dll 2008-08-26 13:36 94,208 ----a-w C:\WINDOWS\system32\eappgnui.dll 2008-08-26 13:36 180,736 ----a-w C:\WINDOWS\system32\eapphost.dll 2008-08-19 05:50 249,856 ----a-w C:\WINDOWS\system32\odbc32.dll 2008-08-16 12:09 94,920 ----a-w C:\WINDOWS\system32\cdm.dll 2008-08-16 12:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll 2008-08-16 12:09 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe 2008-08-16 12:09 45,768 ----a-w C:\WINDOWS\system32\wups2.dll 2008-08-16 12:09 36,552 ----a-w C:\WINDOWS\system32\wups.dll 2008-08-16 12:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll 2008-08-16 12:09 25,800 ----a-w C:\WINDOWS\system32\wuauserv.dll 2008-08-16 12:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll 2008-08-16 12:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll 2008-08-06 18:13 249,856 ----a-w C:\WINDOWS\system32\tapisrv.dll 2008-07-31 08:41 68,616 ----a-w C:\WINDOWS\system32\XAPOFX1_1.dll 2008-07-31 08:41 238,088 ----a-w C:\WINDOWS\system32\xactengine3_2.dll 2008-07-31 08:40 509,448 ----a-w C:\WINDOWS\system32\XAudio2_2.dll 2008-07-30 17:00 90,112 ----a-w C:\WINDOWS\system32\atibrtmon.exe 2008-07-30 00:10 73,720 ----a-w C:\WINDOWS\system32\dxva2.dll 2008-07-30 00:10 493,048 ----a-w C:\WINDOWS\system32\evr.dll 2008-07-30 00:10 26,112 ----a-w C:\WINDOWS\system32\TsWpfWrp.exe 2008-07-29 23:35 326,160 ----a-w C:\WINDOWS\system32\PresentationHost.exe 2008-07-29 22:59 781,344 ----a-w C:\WINDOWS\system32\PresentationNative_v0300.dll 2008-07-29 22:59 43,544 ----a-w C:\WINDOWS\system32\PresentationHostProxy.dll 2008-07-29 22:59 161,296 ----a-w C:\WINDOWS\system32\UIAutomationCore.dll 2008-07-29 22:59 105,016 ----a-w C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2008-07-29 22:24 97,800 ----a-w C:\WINDOWS\system32\infocardapi.dll 2008-07-29 22:24 622,080 ----a-w C:\WINDOWS\system32\icardagt.exe 2008-07-29 22:24 11,264 ----a-w C:\WINDOWS\system32\icardres.dll 2008-07-28 13:41 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll . ------- Sigcheck ------- 2008-09-13 11:28 361600 038ca45522fe9b756efb90dbfa9141ea C:\WINDOWS\system32\drivers\tcpip.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360] "Steam"="C:\Program Files\Valve\Steam\Steam.exe" [2008-10-28 1410296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-10-27 949376] "BtTray"="C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe" [2008-10-27 258134] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 61440] "WinFastDTV"="C:\Program Files\WinFast\WFDTV\DTVSchdl.exe" [2007-10-09 90112] "WinFast Schedule"="C:\Program Files\WinFast\WFDTV\WFWIZ.exe" [2007-10-01 413696] "RTHDCPL"="RTHDCPL.EXE" [2008-07-03 C:\WINDOWS\RTHDCPL.exe] "SoundMan"="SOUNDMAN.EXE" [2008-06-18 C:\WINDOWS\SoundMan.exe] "AlcWzrd"="ALCWZRD.EXE" [2008-06-19 C:\WINDOWS\alcwzrd.exe] C:\Documents and Settings\Korisnik\Start Menu\Programs\Startup\ cleantemp.bat [2006-11-05 26] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3fhg"= mp3fhg.acm "msacm.divxa32"= msaud32_divx.acm "VIDC.X264"= x264vfw.dll "VIDC.HFYU"= huffyuv.dll "vidc.i263"= i263_32.drv "VIDC.ACDV"= ACDV.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "F:\\08 Net Download\\01. [Programi za Download] NE DIRAJ ME\\ApexDC++ 1.1.0\\ApexDC.exe"= "F:\\08 Net Download\\03. Torenti\\uTorrent.exe"= "C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"= "C:\\Program Files\\Gamers.IRC\\mirc.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Garena\\Garena.exe"= R2 BlueSoleilCS;BlueSoleilCS;C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2008-10-27 1155180] R2 fssfltr;FssFltr;C:\WINDOWS\system32\DRIVERS\fssfltr.sys [2007-10-17 43816] R2 fsssvc;Windows Live OneCare Family Safety;C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2007-10-17 523816] R2 JavaQuickStarterService;Java Quick Starter;C:\Program Files\Java\jre6\bin\jqs.exe [2008-10-27 152984] R3 BsHelpCS;BsHelpCS;C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2007-08-17 57447] R3 WFFALCON;Leadtek WinFast PVR3000 Series Driver;C:\WINDOWS\system32\drivers\wffalcon.sys [2007-06-08 131328] R3 WFIOCTL;WFIOCTL;C:\Program Files\WinFast\WFDTV\WFIOCTL.SYS [2005-01-06 9446] Newly Created Service - PROCEXP90 . . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\Korisnik\Application Data\Mozilla\Firefox\Profiles\3g4a8xnr.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - google.com FF -: plugin - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll FF -: plugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll FF -: plugin - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-10-28 19:12:41 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-10-28 19:13:32 ComboFix-quarantined-files.txt 2008-10-28 18:13:29 Pre-Run: 144,417,964,032 bytes free Post-Run: 144,408,571,904 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [Boot Loader] Timeout=2 Default=C:\$WIN_NT$.~BT\BOOTSECT.DAT [Operating Systems] C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect C:\$WIN_NT$.~BT\BOOTSECT.DAT="Microsoft Windows XP Professional Setup" 290 /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\

Profil

dr_Bora Poslao: 28 Okt 2008 19:26 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zipuj/raruj kompletan folder C:\Qoobox\Quarantine i uploaduj ga: http://www.mycity.rs/ambulanta-upload.php

Profil

RyZeeR Poslao: 28 Okt 2008 22:00 Idi na vrh
offline RyZeeR Građanin Pridružio: 09 Dec 2005 Poruke: 174 Gde živiš: Serbia - Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Moracu da te razocaram... windows mi je riknuo (ne znam kako) (windows root/ dll missing :/ Posto sam izbrisao neku igricu, i trazio je restart i paff :/ Instalacija windows-a opet... U svakom slucaju - HVALA na pomoci

Profil

dr_Bora Poslao: 28 Okt 2008 22:25 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ukoliko već nisi instalirao Windows, probaj da pritiskuješ F8 pri paljenju kompjutera - kada se pojavi Boot Menu, izaberi stavku: Microsoft Windows XP Professional

Profil

RyZeeR Poslao: 28 Okt 2008 23:11 Idi na vrh
offline RyZeeR Građanin Pridružio: 09 Dec 2005 Poruke: 174 Gde živiš: Serbia - Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! POkusavao sam i to.. ali posle uvodnog dela... napise mi <Windows Root> dll missing i nista vise... ne moze ni SAFE MODe :/

Profil

MyCity » Ambulanta -> Arhiva Ambulante » explorer.exe application error - virus?

Ko je trenutno na forumu

Ukupno su 958 korisnika na forumu :: 29 registrovanih, 6 sakrivenih i 923 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, Albin0, amaterSRB, ArchaBasha, Bane san, Boris90, cinoeye, draganl, Goran 0000, herrDule, Jakov01, kraJo, Krusarac, ladro, Levi, manda87, mercedesamg, mkukoleca, moldway, Nemanja.M, novator, Parker, ruma, Srle993, styg, vathra, Wolfaim, yrraf, Zoca

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by