|
Poslao: 19 Jun 2008 08:56
|
offline
- Pridružio: 25 Mar 2007
- Poruke: 32
|
Postovani, znam da ce te me koriti sto imam SP1 dugo sam oklevao da potrazim vasu pomoc ali ova poruka explorera je tako postala cesta /a ne rusi mi se vindovs/ da ako mozete samo mi to skinite.Pri instalaciji tog vindovsa bilo je ukljuceno automatsko apdeit i on je nesto instalirao sada me izludjuje.Ova konfiguracija je 350mhz i jedino lepo radi na SP1.Poruka je sledeca Internet Explorer has encountered a problem and needs to close.We are sorry for the inconveience
U priloguLogfile of HijackThis v1.99.1
Scan saved at 08:44, on 2008-06-19
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\NSP\Desktop\New Folder\milici.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com/microsoftupdate/v6.....9099674717
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com/microsoftupdate/v6.....9099649491
O17 - HKLM\System\CCS\Services\Tcpip\..\{82A998D4-BA4C-412B-B655-F2D8499B01E0}: NameServer = 212.200.191.166,212.200.190.166
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
|
|
|
|
|
|
|
|
|
Poslao: 19 Jun 2008 19:02
|
offline
- Pridružio: 25 Mar 2007
- Poruke: 32
|
evo loga ComboFix 08-06-16.5 - NSP 2008-06-19 18:36:47.6 - FAT32x86
Microsoft Windows XP Professional 5.1.2600.1.1252.1.1033.18.180 [GMT 2:00]
Running from: C:\Documents and Settings\NSP\Desktop\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\WINDOWS\system32\winsys.exe
.
((((((((((((((((((((((((( Files Created from 2008-05-19 to 2008-06-19 )))))))))))))))))))))))))))))))
.
2008-05-21 14:26 . 2008-05-21 14:26 376 --a------ C:\WINDOWS\ODBC.INI
2008-05-21 14:23 . 2008-05-21 14:23 <DIR> d-------- C:\WINDOWS\ShellNew
2008-05-21 14:20 . 2008-05-21 14:20 <DIR> d-------- C:\Documents and Settings\NSP\Application Data\Microsoft Web Folders
2008-05-19 12:11 . 2008-05-19 12:16 38 --a------ C:\WINDOWS\avisplitter.INI
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-05 16:01 --------- d-----w C:\Program Files\ResistorColorCode
2008-04-25 21:10 --------- d-----w C:\Program Files\Crystal Player
2008-04-25 21:10 --------- d-----w C:\Documents and Settings\NSP\Application Data\Crystal Player
2008-04-25 21:09 --------- d-----w C:\Documents and Settings\NSP\Application Data\Media Player Classic
2008-04-25 20:59 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-04-21 20:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-04-21 20:25 --------- d-----w C:\Program Files\Winamp
2008-04-21 20:22 --------- d-----w C:\Program Files\PonyProg
2008-04-21 20:22 --------- d-----w C:\Program Files\LizardTech
2008-04-21 20:21 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-21 20:14 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-21 20:14 --------- d-----w C:\Documents and Settings\NSP\Application Data\InterTrust
2008-04-21 20:07 270,336 ----a-w C:\WINDOWS\system32\imon.dll
2008-04-21 20:06 502,208 ----a-w C:\WINDOWS\system32\drivers\amon.sys
2008-04-21 20:06 --------- d-----w C:\Program Files\ESET
2008-04-21 20:05 --------- d-----w C:\Program Files\MT882
2008-04-21 19:58 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-04-21 19:34 --------- d-----w C:\Program Files\microsoft frontpage
2008-04-21 19:33 558,142 ----a-w C:\WINDOWS\java\Packages\LJFJZ5BT.ZIP
2008-04-21 19:33 155,995 ----a-w C:\WINDOWS\java\Packages\O0UKV7BH.ZIP
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2004-12-22 16:40 5517312]
"nwiz"="nwiz.exe" [2004-12-22 16:40 1490944 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2004-12-22 16:40 86016]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-04-21 22:06 917504]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3fhg"= mp3fhg.acm
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
"VIDC.YV12"= yv12vfw.dll
"msacm.divxa32"= divxa32.acm
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
R3 ctlsb16;Creative SB16/AWE32/AWE64 Driver (WDM);C:\WINDOWS\System32\drivers\ctlsb16.sys [2001-08-17 12:19]
R3 iadusb;MT882;C:\WINDOWS\System32\DRIVERS\glauiad.sys [2006-03-20 09:32]
S3 DLPortIO;DriverLINX Port I/O Driver;C:\WINDOWS\System32\DRIVERS\DLPortIO.SYS [2000-06-29 17:24]
S3 SetupNTGLM7X;SetupNTGLM7X;F:\NTGLM7X.sys []
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2008-06-19 18:39:24
Windows 5.1.2600 Service Pack 1 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-06-19 18:40:26
ComboFix-quarantined-files.txt 2008-06-19 16:40:20
Pre-Run: 3,125,977,088 bytes free
Post-Run: 3,292,041,216 bytes free
83
Dopuna: 19 Jun 2008 19:02
Evo ovde se vidi da je instalirao alat za proveru licence
|
|
|
|
|
|
|
Poslao: 19 Jun 2008 19:19
|
offline
- dr_Bora
- Anti Malware Fighter
Rank 2
- Pridružio: 24 Jul 2007
- Poruke: 12280
- Gde živiš: Höganäs, SE
|
Ovako. Na tvom kompjuteru nema malware-a.
To što je instaliran WGA ne bi trebalo da bude uzrok crash-ovanja Internet Explorer-a.
Preporučujem da potražiš savete oko ovog problema u forumu Windows (ovde se rešavaju samo problemi prouzrokovani malware-om).
|
|
|
|
|
|
|
|
|
Poslao: 19 Jun 2008 19:28
|
offline
- dr_Bora
- Anti Malware Fighter
Rank 2
- Pridružio: 24 Jul 2007
- Poruke: 12280
- Gde živiš: Höganäs, SE
|
Obriši file ComboFix.exe i folder C:\qoobox.
|
|
|
|
|
|
* Otvori 
) u donjem desnom uglu ekrana).
