Nestalo mi swe... :(

Nestalo mi swe... :(

offline
  • Luka Varagic
  • Pridružio: 08 Jul 2008
  • Poruke: 181
  • Gde živiš: Pirot

Ljudi daj pomagajte nestalo mi je swe,ikonice sa desktopa i start i swe...Sad moram da palim programe preko task mennagera....Shta da radim ?!
Ewo i log ako treba....

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:33:04, on 11.4.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\Luka Varagic.VARGA\Desktop\ktlhkth\warga.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = search.orbitdownloader.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Windows Live pomagac za prijavljivanje - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\System32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\System32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 4836 bytes

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Jesam li ja tebi vec jednom rekao da u Ambulanti necu da te vidim sa tim "w" umesto "v"?

Skini sledeci program:
http://amf.mycity.rs/personal/bobby/lil_tool.exe

Proskeniraj njime i postavi log. Skeniranje traje svega par sekundi, nemoj da te to zacudi.

offline
  • Luka Varagic
  • Pridružio: 08 Jul 2008
  • Poruke: 181
  • Gde živiš: Pirot

E wratilo mi se swe neznam kako...A ewo log....

================= Boot.ini =================
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
================= Process =================
[4] system
[532] c:\windows\system32\smss.exe
[600] c:\windows\system32\csrss.exe
[624] c:\windows\system32\winlogon.exe
[668] c:\windows\system32\services.exe
[680] c:\windows\system32\lsass.exe
[852] c:\windows\system32\svchost.exe
[900] c:\windows\system32\svchost.exe
[1148] c:\windows\system32\svchost.exe
[1196] c:\windows\system32\svchost.exe
[1288] c:\windows\system32\svchost.exe
[1468] c:\program files\alwil software\avast4\aswupdsv.exe
[1500] c:\program files\lavasoft\ad-aware\aawservice.exe
[1560] c:\program files\alwil software\avast4\ashserv.exe
[1920] c:\windows\system32\spoolsv.exe
[212] c:\program files\bonjour\mdnsresponder.exe
[256] c:\program files\java\jre6\bin\jqs.exe
[728] c:\windows\system32\nvsvc32.exe
[940] c:\program files\analog devices\soundmax\smagent.exe
[956] c:\program files\alcohol soft\alcohol 120\starwind\starwindserviceae.exe
[1100] c:\windows\system32\pastisvc.exe
[1112] c:\windows\system32\svchost.exe
[1348] c:\windows\system32\wdfmgr.exe
[300] c:\program files\alwil software\avast4\ashmaisv.exe
[404] c:\program files\alwil software\avast4\ashwebsv.exe
[1140] c:\windows\system32\wbem\unsecapp.exe
[1176] c:\windows\system32\alg.exe
[860] c:\windows\system32\wbem\wmiprvse.exe
[2348] c:\program files\lavasoft\ad-aware\aawtray.exe
[2724] c:\windows\explorer.exe
[2956] c:\windows\system32\rundll32.exe
[2964] c:\windows\agrsmmsg.exe
[3028] c:\progra~1\alwils~1\avast4\ashdisp.exe
[3072] c:\windows\system32\ctfmon.exe
[3128] c:\program files\windows live\messenger\msnmsgr.exe
[3804] c:\program files\windows live\contacts\wlcomm.exe
[3940] c:\program files\opera\opera.exe
[3216] c:\documents and settings\luka varagic.varga\local settings\application data\opera\opera\profile\cache4\temporary_download\lil_tool.exe
================= Hidden =================
[4] <--- HIDDEN
================= %PATH% =================
C:\WINDOWS\system32
C:\WINDOWS
C:\WINDOWS\System32\Wbem
C:\Program Files\QuickTime\QTSystem\
================= Explorer - File =================
C:\WINDOWS\explorer.exe
================= Explorer - Registry=================
DefaultDomainName=VARGA
DefaultUserName=Luka Varagic
LegalNoticeCaption=
LegalNoticeText=
PowerdownAfterShutdown=0
ReportBootOk=1
Shell=Explorer.exe
ShutdownWithoutLogon=0
System=
Userinit=C:\WINDOWS\system32\userinit.exe,
VmApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
allocatecdroms=0
allocatedasd=0
allocatefloppies=0
cachedlogonscount=10
scremoveoption=0
Background=0 0 0
DebugServerCommand=no
WinStationsDisabled=0

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Ovde sve izgleda OK.
Cak je i Explorer medju procesima, sto znaci da bi Desktop trebao da funkcionise OK.

Dobijas li menij kada kliknes desnim dugmetom na prazan desktop?

Dopuna: 11 Apr 2009 20:45

Tek sam sada video onu tvoju prvu recenicu u postu.

I bas si resio da me ljutis sa tim "w", a?

offline
  • Luka Varagic
  • Pridružio: 08 Jul 2008
  • Poruke: 181
  • Gde živiš: Pirot

E vratilo mi se sve,neznam kako...U svakom slucaju hvala...

P.S heheeh nisam sad koristion w !

Ko je trenutno na forumu
 

Ukupno su 824 korisnika na forumu :: 6 registrovanih, 0 sakrivenih i 818 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: babaroga, Milos ZA, Neutral-M, Panter, pein, VJ