MyCity » Ambulanta -> Arhiva Ambulante » problem explorer exe

problem explorer exe

Napisano na dan: 14.12.2008

problem explorer exe
Sledeća strana Pagination

Idi na vrh

Poslao: 14 Dec 2008 09:43
Idi na vrh
offline
  • Pridružio: 28 Apr 2008
  • Poruke: 9

molim vas za pomoc jer mi explorer exe nakon par sati rada kompa zauzme i do 500 mb rama.tada moram da ga restartujem i sve je ok.evo loga:Logfile of HijackThis v1.99.1
Scan saved at 9:34:50, on 14.12.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Pc-Dil\Desktop\Nova fascikla\FG5.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60341
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = gogle.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = crawler.com/search/ie.aspx?tb_id=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = dnl.crawler.com/support/sa_customize.aspx?TbId=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = crawler.com/search/ie.aspx?tb_id=60341
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = dnl.crawler.com/support/sa_customize.aspx?TbId=60341
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: (no name) - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} - (no file)
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: FreshDownload - {D56B8A0B-8990-4575-BF70-CC27D7FEF6A9} - C:\Program Files\FreshDevices\FreshDownload\fd.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{FE6484C9-61F5-4346-AD01-0CA80D105765}: NameServer = 192.168.1.1,192.168.1.2
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

Poslao: 14 Dec 2008 10:30
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Pozdrav...


Ne mogu reći da ovde vidim uzrok toga što pominješ. Hajde da proverimo još nešto...



Klikni desnim tasterom miša na avast! ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Program settings....

U prozoru koji se otvori, pod Troubleshooting, čekiraj opciju Disable avast! self-defence i klikni OK.

Takođe, klikni desnim tasterom miša na avast! ikonicu ( ) u donjem, desnom uglu ekrana i izaberi Stop OnAccess Protection.


Napomena: Ne zaboravi da uključiš ove opcije po završetku čišćenja.





Arrow Skini ComboFix sa jedne od sledecih adresa na Desktop:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Poslao: 14 Dec 2008 10:49
Idi na vrh
offline
  • Pridružio: 28 Apr 2008
  • Poruke: 9

ComboFix 08-12-13.03 - Pc-Dil 2008-12-14 10:44:00.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.1.1033.18.1022.579 [GMT 1:00]
Running from: c:\documents and settings\Pc-Dil\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\au3305adc.dll

.
((((((((((((((((((((((((( Files Created from 2008-11-14 to 2008-12-14 )))))))))))))))))))))))))))))))
.

2008-12-13 23:07 . 2008-12-13 23:09 <DIR> d-------- c:\program files\DeadLine
2008-12-13 22:06 . 2008-04-14 05:42 1,306,624 -----c--- c:\windows\system32\dllcache\msxml6.dll
2008-12-13 22:06 . 2008-04-14 05:40 102,912 -----c--- c:\windows\system32\dllcache\dpcdll.dll
2008-12-13 22:06 . 2008-04-13 22:57 79,872 -----c--- c:\windows\system32\dllcache\msxml6r.dll
2008-12-13 22:06 . 2008-04-14 05:42 10,752 --------- c:\windows\system32\smtpapi.dll
2008-12-13 22:06 . 2008-04-14 05:42 9,728 --------- c:\windows\system32\rwnh.dll
2008-12-13 22:05 . 2006-12-29 00:31 19,569 --a------ c:\windows\000001_.tmp
2008-12-10 21:10 . 2008-12-10 21:15 <DIR> d-------- c:\program files\uTorrent
2008-12-07 16:52 . 2008-12-07 16:52 <DIR> d-------- c:\program files\DiskTrix
2008-12-05 15:47 . 2008-12-05 15:48 <DIR> d-------- c:\program files\PFConfig
2008-12-04 17:18 . 2008-12-04 17:18 <DIR> d-------- c:\program files\Nucleus Kernel Word Demo
2008-12-04 17:18 . 2008-12-04 17:18 <DIR> d-------- c:\program files\Free Internet TV
2008-12-04 17:18 . 2008-12-04 17:18 <DIR> d-------- c:\program files\Crawler
2008-12-04 14:25 . 2008-12-04 17:17 <DIR> d-------- c:\program files\Windows Live Safety Center
2008-12-04 14:17 . 2008-12-04 17:17 <DIR> d-------- c:\program files\Crawler(2)
2008-12-03 21:36 . 2008-12-03 21:36 <DIR> d-------- C:\PerfLogs
2008-12-03 14:01 . 2008-12-03 14:01 <DIR> d-------- c:\documents and settings\All Users\Application Data\Simply Super Software
2008-12-03 14:01 . 2008-12-03 14:01 <DIR> d-------- c:\documents and settings\Administrator.TOMO\Application Data\Uniblue
2008-12-03 14:01 . 2008-12-03 14:01 <DIR> d-------- c:\documents and settings\Administrator.TOMO\Application Data\Spyware Terminator
2008-12-03 14:01 . 2008-12-03 14:01 <DIR> d-------- c:\documents and settings\Administrator.TOMO\Application Data\IObit
2008-12-03 14:01 . 2008-12-04 17:18 <DIR> d-------- c:\documents and settings\Administrator.TOMO
2008-11-29 19:35 . 2008-12-13 22:14 <DIR> d-------- c:\windows\system32\CatRoot2
2008-11-27 09:02 . 2008-11-27 09:02 <DIR> d-------- c:\documents and settings\Pc-Dil\Application Data\Malwarebytes
2008-11-26 09:01 . 2008-11-26 09:50 <DIR> d-------- c:\program files\FreshDevices
2008-11-25 17:02 . 2008-11-25 17:02 <DIR> d-------- c:\documents and settings\Pc-Dil\Application Data\Uniblue
2008-11-25 08:12 . 2008-11-25 08:12 78 --a------ c:\windows\lsoon.ini
2008-11-25 08:00 . 2008-11-25 08:00 (2) -rahs-ot- c:\windows\winstart.bat
2008-11-25 07:59 . 2008-11-25 07:59 <DIR> d-------- c:\documents and settings\Pc-Dil\Application Data\Regrun
2008-11-25 07:59 . 2008-11-25 08:12 <DIR> d-------- C:\backreg
2008-11-25 07:59 . 2003-09-06 16:55 57,556 --a------ c:\windows\guard.bmp
2008-11-25 07:58 . 2008-11-25 07:58 <DIR> d-------- c:\program files\Greatis
2008-11-23 15:03 . 2008-11-23 15:03 <DIR> d-------- c:\program files\XP Repair Pro 4.0
2008-11-22 08:56 . 2008-11-23 15:18 <DIR> d-------- c:\program files\Trojan Remover
2008-11-22 08:56 . 2008-11-22 08:56 <DIR> d-------- c:\documents and settings\Pc-Dil\Application Data\Simply Super Software
2008-11-22 08:56 . 2006-05-25 14:52 162,304 --a------ c:\windows\system32\ztvunrar36.dll
2008-11-22 08:56 . 2003-02-02 19:06 153,088 --a------ c:\windows\system32\UNRAR3.dll
2008-11-22 08:56 . 2005-08-26 00:50 77,312 --a------ c:\windows\system32\ztvunace26.dll
2008-11-22 08:56 . 2002-03-06 00:00 75,264 --a------ c:\windows\system32\unacev2.dll
2008-11-22 08:56 . 2006-06-19 12:01 69,632 --a------ c:\windows\system32\ztvcabinet.dll
2008-11-20 08:11 . 2008-11-20 08:32 <DIR> d-------- c:\program files\Spyware Terminator
2008-11-20 08:11 . 2008-11-20 08:32 <DIR> d-------- c:\documents and settings\Pc-Dil\Application Data\Spyware Terminator
2008-11-20 08:11 . 2008-11-20 08:11 142,592 --a------ c:\windows\system32\drivers\sp_rsdrv2.sys
2008-11-19 21:49 . 2008-11-23 15:17 <DIR> d-------- C:\Rustbfix
2008-11-19 15:33 . 2008-11-27 08:37 <DIR> d-------- c:\program files\Alwil Software
2008-11-19 00:27 . 2008-11-19 00:27 <DIR> d-------- c:\program files\Windows Resource Kits
2008-11-18 15:38 . 2008-11-18 15:38 544 --a------ C:\ComboFix.lnk
2008-11-18 14:31 . 2008-11-18 14:31 0 --a------ c:\windows\nsreg.dat
2008-11-18 10:00 . 2008-12-08 20:39 803 --a------ c:\windows\ldp.INI
2008-11-17 23:09 . 2008-11-17 23:09 144 --a------ c:\windows\Eudcedit.ini
2008-11-17 21:56 . 2008-11-27 09:04 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-14 09:45 --------- d-----w c:\documents and settings\Pc-Dil\Application Data\uTorrent
2008-12-14 08:26 --------- d-----w c:\program files\Mozilla Thunderbird
2008-12-12 07:05 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-04 18:02 --------- d-----w c:\program files\IObit
2008-12-04 15:46 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-11-30 21:59 --------- d-----w c:\program files\AIMP2
2008-11-23 14:16 --------- d-----w c:\program files\Uniblue
2008-11-19 20:56 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-11-18 14:21 --------- d-----w c:\program files\Trend Micro
2008-11-18 08:14 --------- d-----w c:\documents and settings\Pc-Dil\Application Data\IObit
2008-11-17 12:59 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-11-14 07:29 --------- d-----w c:\program files\ParticleG
2008-11-08 12:15 --------- d-----w c:\program files\Common Files\Autodata Limited Shared
2008-11-04 19:00 --------- d-----w c:\program files\The KMPlayer1431(2)
2008-11-04 19:00 --------- d-----w c:\program files\The KMPlayer1431
2008-11-01 20:41 --------- d-----w c:\program files\Common Files\xing shared
2008-11-01 20:41 --------- d-----w c:\program files\Common Files\Real
2008-11-01 20:40 --------- d-----w c:\program files\Real
2008-10-26 08:48 --------- d-----w c:\program files\MzRam
2008-10-22 15:10 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2008-10-22 15:10 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2008-10-16 06:45 --------- d-----w c:\program files\Alcohol Soft
2008-10-16 06:42 716,272 ----a-w c:\windows\system32\drivers\sptd.sys
2008-04-30 11:07 30,601 ----a-w c:\documents and settings\Pc-Dil\x.exe
2008-04-06 19:14 81,920 ----a-w c:\documents and settings\Pc-Dil\Application Data\ezpinst.exe
2008-04-06 19:14 47,360 ----a-w c:\documents and settings\Pc-Dil\Application Data\pcouffin.sys
2004-03-17 16:13 1,028,368 ----a-w c:\program files\vbrun60sp6.exe
2007-12-27 10:37 23 -csha-w c:\windows\system32\ecfb4_g.dll
.

((((((((((((((((((((((((((((( snapshot@2008-11-18_15.09.09.46 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-07-19 14:43:08 1,163,960 ----a-w c:\windows\system32\aswBoot.exe
+ 2008-11-26 17:21:30 1,236,208 ----a-w c:\windows\system32\aswBoot.exe
- 2008-07-19 14:30:53 94,392 ----a-w c:\windows\system32\AvastSS.scr
+ 2008-11-26 17:15:10 97,480 ----a-w c:\windows\system32\AvastSS.scr
+ 2001-08-23 12:00:00 16,384 ----a-w c:\windows\system32\avmeter.dll
+ 2001-08-23 12:00:00 227,840 ----a-w c:\windows\system32\avtapi.dll
+ 2001-08-23 12:00:00 73,216 ----a-w c:\windows\system32\avwav.dll
+ 2001-08-23 12:00:00 114,688 ----a-w c:\windows\system32\calc.exe
+ 2001-08-23 12:00:00 80,384 ----a-w c:\windows\system32\charmap.exe
+ 2008-11-25 07:12:56 3,964,928 ----a-w c:\windows\system32\config\Regback\ntuser.dat
+ 2008-11-25 07:12:56 241,664 ----a-w c:\windows\system32\config\Regback\UsrClass.dat
- 2008-04-28 18:36:32 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2008-12-13 21:15:25 16,384 ----a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2008-04-28 18:36:32 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-12-13 21:15:25 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-12-13 21:15:24 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008121320081214\index.dat
- 2008-04-28 18:36:32 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-12-13 21:15:25 32,768 ----a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-04-14 04:39:26 24,064 -c----w c:\windows\system32\dllcache\pidgen.dll
- 2008-07-19 14:32:15 26,944 ----a-w c:\windows\system32\drivers\aavmker4.sys
+ 2008-11-26 17:15:35 26,944 ----a-w c:\windows\system32\drivers\aavmker4.sys
- 2008-07-19 14:37:42 20,560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys
+ 2008-11-26 17:17:25 20,560 ----a-w c:\windows\system32\drivers\aswFsBlk.sys
- 2008-01-17 15:34:01 93,264 ----a-w c:\windows\system32\drivers\aswmon.sys
+ 2008-11-26 17:18:25 93,296 ----a-w c:\windows\system32\drivers\aswmon.sys
- 2008-07-19 14:37:21 94,416 ----a-w c:\windows\system32\drivers\aswmon2.sys
+ 2008-11-26 17:18:18 94,032 ----a-w c:\windows\system32\drivers\aswmon2.sys
- 2008-07-19 14:33:42 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys
+ 2008-11-26 17:16:29 23,152 ----a-w c:\windows\system32\drivers\aswRdr.sys
- 2008-07-19 14:35:18 78,416 ----a-w c:\windows\system32\drivers\aswSP.sys
+ 2008-11-26 17:17:36 111,184 ----a-w c:\windows\system32\drivers\aswSP.sys
- 2008-07-19 14:32:36 42,912 ----a-w c:\windows\system32\drivers\aswTdi.sys
+ 2008-11-26 17:16:38 50,864 ----a-w c:\windows\system32\drivers\aswTdi.sys
+ 2006-01-17 19:50:28 61,952 ----a-w c:\windows\system32\execryptorvb.dll
- 2008-11-18 10:18:23 280,536 -c--a-w c:\windows\system32\FNTCACHE.DAT
+ 2008-12-13 21:14:58 282,128 -c--a-w c:\windows\system32\FNTCACHE.DAT
+ 2001-08-23 12:00:00 55,296 ----a-w c:\windows\system32\freecell.exe
+ 2001-08-23 12:00:00 605,696 ----a-w c:\windows\system32\getuname.dll
+ 2001-08-23 12:00:00 44,544 ----a-w c:\windows\system32\hticons.dll
+ 2008-04-14 04:42:06 221,696 ------w c:\windows\system32\inetsrv\seo.dll
+ 2008-04-14 04:42:08 189,440 ------w c:\windows\system32\inetsrv\smtpadm.dll
+ 2001-08-23 12:00:00 126,976 ----a-w c:\windows\system32\mshearts.exe
- 2008-11-18 14:01:02 70,660 ----a-w c:\windows\system32\perfc009.dat
+ 2008-12-13 21:19:49 70,660 ----a-w c:\windows\system32\perfc009.dat
- 2008-11-18 14:01:02 420,892 ----a-w c:\windows\system32\perfh009.dat
+ 2008-12-13 21:19:49 420,892 ----a-w c:\windows\system32\perfh009.dat
- 2008-11-17 20:56:28 4,091,008 -c--a-w c:\windows\system32\Restore\rstrlog.dat
+ 2008-12-04 16:18:27 523,452 -c--a-w c:\windows\system32\Restore\rstrlog.dat
- 2008-04-14 03:42:06 172,032 ----a-w c:\windows\system32\scrrun.dll
+ 2008-04-14 04:42:06 172,032 ----a-w c:\windows\system32\scrrun.dll
+ 2001-08-23 12:00:00 138,752 ----a-w c:\windows\system32\sndvol32.exe
+ 2001-08-23 12:00:00 56,832 ----a-w c:\windows\system32\sol.exe
- 2008-04-14 03:42:38 7,680 ----a-w c:\windows\system32\spdwnwxp.exe
+ 2008-04-14 04:42:38 7,680 ----a-w c:\windows\system32\spdwnwxp.exe
- 2007-08-10 18:46:18 17,272 ----a-w c:\windows\system32\spmsg.dll
+ 2007-08-10 19:46:18 17,272 ------w c:\windows\system32\spmsg.dll
- 2007-08-10 18:46:18 26,488 ----a-w c:\windows\system32\spupdsvc.exe
+ 2007-08-10 19:46:18 26,488 ----a-w c:\windows\system32\spupdsvc.exe
+ 2006-08-04 18:24:28 10,747 ----a-w c:\windows\system32\UDBDef.exe
+ 2001-08-23 12:00:00 35,328 ----a-w c:\windows\system32\winchat.exe
+ 2001-08-23 12:00:00 119,808 ----a-w c:\windows\system32\winmine.exe
+ 2001-08-23 12:00:00 5,632 ----a-w c:\windows\system32\write.exe
+ 2008-12-14 09:46:27 16,384 ----atw c:\windows\temp\Perflib_Perfdata_478.dat
+ 2008-04-14 03:42:52 1,054,208 ----a-w c:\windows\WinSxS\InstallTemp\4779662\comctl32.dll
- 2008-04-14 03:42:52 74,802 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
+ 2008-04-14 04:42:52 74,802 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\atl.dll
- 2008-04-14 03:42:52 995,383 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
+ 2008-04-14 04:42:52 995,383 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42.dll
- 2008-04-14 03:42:52 1,011,774 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
+ 2008-04-14 04:42:52 1,011,774 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\mfc42u.dll
- 2008-04-14 03:42:52 401,462 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2008-04-14 04:42:52 401,462 ----a-w c:\windows\WinSxS\x86_Microsoft.Tools.VisualCPlusPlus.Runtime-Libraries_6595b64144ccf1df_6.0.9792.0_x-ww_08a6620a\msvcp60.dll
+ 2006-12-01 21:56:00 96,256 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2006-12-01 21:54:32 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
+ 2006-12-01 21:54:34 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
+ 2006-12-01 21:54:32 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
+ 2006-12-01 23:25:52 1,101,824 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2006-12-01 23:25:56 1,093,120 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2006-12-01 23:25:58 69,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2006-12-01 23:26:00 57,856 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-01 23:08:00 40,960 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2006-12-01 23:08:00 45,056 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2006-12-01 23:08:00 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-01 23:08:00 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2006-12-01 23:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2006-12-01 23:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2006-12-01 23:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2006-12-01 23:08:00 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2006-12-01 23:08:00 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2006-12-01 23:46:44 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6c18549a\vcomp.dll
- 2008-04-14 03:42:52 1,054,208 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
+ 2008-04-14 04:42:52 1,054,208 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
- 2008-04-14 03:42:52 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll
+ 2008-04-14 04:42:52 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcirt.dll
- 2008-04-14 03:42:52 343,040 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
+ 2008-04-14 04:42:52 343,040 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
- 2008-04-14 03:42:48 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll
+ 2008-04-14 04:42:48 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5512_x-ww_dfb54e0c\GdiPlus.dll
- 2008-04-14 03:42:50 853,504 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
+ 2008-04-14 04:42:50 853,504 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll
- 2008-04-14 03:42:52 991,232 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
+ 2008-04-14 04:42:52 991,232 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcDll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll
- 2008-04-13 21:56:34 132,096 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll
+ 2008-04-13 22:56:34 132,096 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.Networking.RtcRes_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\program files\Alwil Software\Avast4\ashDisp.exe" [2008-11-26 81000]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-11-01 185872]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"GreyMSIAds"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv41"= ir41_32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ose"=3 (0x3)
"IDriverT"=3 (0x3)
"CiSvc"=3 (0x3)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"FreeRAM XP"="c:\program files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SoundMan"=SOUNDMAN.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Warcraft III\\Warcraft III.exe"=
"d:\\ea game\\Command and Conquer Generals\\game.dat"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundMaskRequest"= 0 (0x0)
"AllowInboundRouterRequest"= 0 (0x0)
"AllowOutboundDestinationUnreachable"= 0 (0x0)
"AllowOutboundSourceQuench"= 0 (0x0)
"AllowOutboundParameterProblem"= 0 (0x0)
"AllowOutboundTimeExceeded"= 0 (0x0)

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-11-27 111184]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-11-27 20560]
S0 Partizan;Partizan;c:\windows\system32\drivers\Partizan.sys []
S3 gwiopm;gwiopm;\??\c:\program files\My Drivers\gwiopm.sys []
S3 iadusb;MT882;c:\windows\system32\DRIVERS\glauiad.sys [2007-12-27 30336]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2008-12-14 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe []
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://gogle.com/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{D56B8A0B-8990-4575-BF70-CC27D7FEF6A9} - c:\program files\FreshDevices\FreshDownload\fd.exe
IE: {{D56B8A0B-8990-4575-BF70-CC27D7FEF6A9} - c:\program files\FreshDevices\FreshDownload\fd.exe -
TCP: {FE6484C9-61F5-4346-AD01-0CA80D105765} = 192.168.1.1,192.168.1.2
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\Pc-Dil\Application Data\Mozilla\Firefox\Profiles\a7x71664.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - gogle.com
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatcher.aspx?tp=aus&tbid=60341&qkw=
FF - plugin: c:\program files\Real\RhapsodyPlayerEngine\nprhapengine.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2008-12-14 10:46:37
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(592)
c:\windows\system32\Ati2evxx.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\dllhost.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2008-12-14 10:48:23 - machine was rebooted
ComboFix-quarantined-files.txt 2008-12-14 09:48:11
ComboFix2.txt 2008-11-18 14:09:36
ComboFix3.txt 2008-11-18 13:01:48
ComboFix4.txt 2008-11-18 12:51:46

Pre-Run: 4.956.274.688 bytes free
Post-Run: 4,951,941,120 bytes free

304

Poslao: 14 Dec 2008 19:45
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Obriši file: c:\documents and settings\Pc-Dil\x.exe


Trenutno stanje?

Poslao: 14 Dec 2008 21:06
Idi na vrh
offline
  • Pridružio: 28 Apr 2008
  • Poruke: 9

fajl sam obrisao a explorer trenutno zauzima 107 mb rama.

Dopuna: 14 Dec 2008 21:06

ako to nesto moze pomoci resenju problema primetio sam da prilikom instalacije bilo kojeg programa nema ikone na desktopu vec je moram sam kreirati isa lokacije gde je instaliran program.takodje avast je nemoguce pokrenuti sa ikonice pored sata (desni klik na ikonu avasta pa pokreni avast antivirus ne reaguje)

Poslao: 14 Dec 2008 22:19
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Ovde nema malware-a.

Iskreno, ne znam šta da te posavetujem u vezi ovoga.

Ukoliko se sećaš kada se problem pojavio, iskoristi System Restore za povratak na datum pre toga. To možda pomogne.

Ili, odradi Repair instalaciju Windows-a.

Anyway... Možeš da otvoriš temu u forumu Windows i obrazložiš problem - verovatno će biti još nekih ideja za rešavanje problema.

Poslao: 15 Dec 2008 16:23
Idi na vrh
offline
  • Pridružio: 28 Apr 2008
  • Poruke: 9

otvorio sam temu u windowsu.na zalost neznam kada se problem pojavio jer mi je trebalo vremena da shvatim sta mi vuce toliko rama.system restore sam probao vise puta ali bez rezultata kao i repair instalacije. u svakom slucaju vama hvala.ako problem resim bez ponovne instalacije windowsa obavesticu vas.

Dopuna: 15 Dec 2008 16:23

problem resen.brisanje gore navedenog fajla i restart windowsa su resili problem.zahvaljujem doktoru.

MyCity » Ambulanta -> Arhiva Ambulante » problem explorer exe

Ko je trenutno na forumu
 

Ukupno su 787 korisnika na forumu :: 4 registrovanih, 0 sakrivenih i 783 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Despot1, Griffon vulture, Motocar, novator