MyCity » Ambulanta -> Arhiva Ambulante » Windows problem

Windows problem

Napisano na dan: 24.2.2008

Windows problem
Sledeća strana Pagination

Idi na vrh

Poslao: 24 Feb 2008 13:48
Idi na vrh
offline
  • Pridružio: 24 Feb 2008
  • Poruke: 4

Logfile of HijackThis v1.99.1
Scan saved at 13:28:20, on 24.02.2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\TrojanHunter 4.7\THGuard.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Free Spy Keylogger\FreeSpyKeylogger.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\NetMeter\NetMeter.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Status\Status Script\mirc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\rundll32.exe
E:\New Folder\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.7\THGuard.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [FreeSpyKeylogger.exe] C:\Program Files\Free Spy Keylogger\FreeSpyKeylogger.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [C:\Program Files\NetMeter\NetMeter.exe] C:\Program Files\NetMeter\NetMeter.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{94735B12-6BA8-4077-AEB1-8FBF34CF5246}: NameServer = 62.162.32.5 62.162.32.6
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

Poslao: 24 Feb 2008 14:02
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

A problem je... ?
Nece vise da skuva kafu? Smile

Salim se Smile
Napisi sta te muci, tj. kakav to problem imas.

Poslao: 24 Feb 2008 14:08
Idi na vrh
offline
  • Pridružio: 24 Feb 2008
  • Poruke: 4

Problem je u tome da na HDD mi nestaju Fajlovi i folderi.

Poslao: 24 Feb 2008 14:28
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Skini ComboFix sa jedne od sledecih adresa na Desktop:
http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Poslao: 24 Feb 2008 14:47
Idi na vrh
offline
  • Pridružio: 24 Feb 2008
  • Poruke: 4

Evo sta mi daje kad zavrsi sa skeniranjem



ComboFix 08-02-24.4 - Monev 2008-02-24 14:39:07.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.1.1252.1.1033.18.215 [GMT 1:00]
Running from: E:\New Folder\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-01-24 to 2008-02-24 )))))))))))))))))))))))))))))))
.

2008-02-21 13:37 . 2008-02-21 13:37 <DIR> d-------- C:\Program Files\Hewlett-Packard
2008-02-21 13:35 . 2002-11-27 12:30 237,624 -ra------ C:\WINDOWS\system32\HPZidr12.dll
2008-02-21 13:35 . 2002-11-27 12:30 172,032 -ra------ C:\WINDOWS\system32\HPZipr12.dll
2008-02-21 13:35 . 2002-11-27 12:30 94,208 -ra------ C:\WINDOWS\system32\HPZipt12.dll
2008-02-21 13:35 . 2002-11-27 12:30 65,536 -ra------ C:\WINDOWS\system32\HPZipm12.exe
2008-02-21 13:35 . 2002-11-27 12:30 61,440 -ra------ C:\WINDOWS\system32\HPZinw12.exe
2008-02-21 13:35 . 2002-11-27 12:30 57,344 -ra------ C:\WINDOWS\system32\HPZisn12.dll
2008-02-21 13:35 . 2002-11-27 12:30 50,960 -ra------ C:\WINDOWS\system32\drivers\hpzid412.sys
2008-02-21 13:35 . 2002-12-03 03:04 20,639 --------- C:\WINDOWS\hpoins01.dat
2008-02-21 13:35 . 2002-12-03 03:04 16,622 --------- C:\WINDOWS\hpomdl01.dat
2008-02-21 13:35 . 2002-11-27 12:30 16,080 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2008-02-21 13:32 . 2002-11-27 12:30 22,384 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys
2008-02-21 13:31 . 2002-08-29 01:50 24,960 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-02-21 13:31 . 2002-08-29 01:50 24,960 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-02-21 13:30 . 2002-11-27 12:30 561,152 -ra------ C:\WINDOWS\system32\hpotscl.dll
2008-02-21 13:30 . 2002-11-27 12:30 274,432 -ra------ C:\WINDOWS\system32\hpgwiamd.dll
2008-02-21 13:30 . 2002-11-27 12:29 237,568 -ra------ C:\WINDOWS\system32\HPZc3212.dll
2008-02-21 13:30 . 2002-11-27 12:30 94,208 -ra------ C:\WINDOWS\system32\hpovst08.dll
2008-02-21 13:30 . 2002-08-29 01:48 14,208 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-02-21 13:30 . 2002-08-29 01:48 14,208 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-02-21 13:26 . 2002-08-29 01:32 28,160 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-02-21 13:26 . 2002-08-29 01:32 28,160 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-02-17 14:35 . 2008-02-19 12:58 45 --a------ C:\TEST.XML
2008-02-16 22:03 . 2002-08-29 02:01 134,272 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2008-02-16 22:03 . 2002-08-29 02:01 134,272 --a--c--- C:\WINDOWS\system32\dllcache\portcls.sys
2008-02-16 22:03 . 2002-08-29 01:32 57,856 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2008-02-16 22:03 . 2002-08-29 01:32 57,856 --a--c--- C:\WINDOWS\system32\dllcache\drmk.sys
2008-02-16 22:02 . 2000-10-20 11:28 765,952 --a------ C:\WINDOWS\system\crlds3d.dll
2008-02-16 22:02 . 2001-11-23 05:08 712,704 --a------ C:\WINDOWS\system32\Audio3D.dll
2008-02-16 22:02 . 2001-11-23 05:08 712,704 --a------ C:\WINDOWS\system32\a3d.dll
2008-02-16 22:02 . 2002-09-30 13:24 417,999 --a------ C:\WINDOWS\system32\drivers\cmuda.sys
2008-02-16 22:02 . 2002-08-12 12:18 380,928 --a------ C:\WINDOWS\system\cmicnfg.cpl
2008-02-16 22:02 . 2002-09-30 10:02 49,152 --a------ C:\WINDOWS\system32\cmuda.dll
2008-02-16 22:02 . 2002-08-01 06:54 28,672 --a------ C:\WINDOWS\system32\udaprop.dll
2008-02-16 22:01 . 2008-02-16 22:01 <DIR> d-------- C:\Program Files\C-Media 3D Audio
2008-02-16 22:01 . 2000-10-24 17:12 352,256 --------- C:\WINDOWS\system32\ActiveSkin.ocx
2008-02-16 22:01 . 2002-07-01 12:01 212,992 --a------ C:\WINDOWS\CmiRmRedundDir.exe
2008-02-16 22:01 . 2002-10-04 12:20 188,416 --------- C:\WINDOWS\system32\CMIMPEG2V.ax
2008-02-16 22:01 . 2001-11-28 18:35 114,688 --------- C:\WINDOWS\system32\CMIEffect.ax
2008-02-16 22:01 . 2002-07-25 16:57 98,304 --------- C:\WINDOWS\system32\CMIVCDNav.ax
2008-02-16 22:01 . 2002-02-19 15:27 65,536 --------- C:\WINDOWS\system32\CMIEchoFilter.ax
2008-02-16 22:01 . 2002-06-28 16:37 61,440 --------- C:\WINDOWS\system32\CMICDDAFilter.ax
2008-02-16 22:01 . 2002-02-27 17:14 28,672 --------- C:\WINDOWS\CMIRmDriver.dll
2008-02-16 21:59 . 2008-02-16 21:59 76 --a------ C:\BIOSVIEW.INI
2008-02-14 16:45 . 2008-02-14 16:45 <DIR> d-------- C:\Program Files\YouTube Downloader
2008-02-13 14:15 . 2008-02-13 14:15 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-02-13 13:49 . 2008-02-13 20:47 <DIR> d-------- C:\Documents and Settings\Monev\Application Data\AdobeUM
2008-02-13 13:32 . 2003-08-25 18:06 182,880 --a------ C:\WINDOWS\system32\iuenginenew.dll
2008-02-12 23:00 . 2008-02-12 23:00 <DIR> d-------- C:\Program Files\SsWin
2008-02-12 22:40 . 2008-02-12 22:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2008-02-12 17:40 . 2008-02-12 17:40 <DIR> d-------- C:\Program Files\TGTSoft
2008-02-12 15:51 . 2008-02-12 15:51 <DIR> d-------- C:\WINDOWS\Full Speed
2008-02-12 15:51 . 2008-02-12 15:56 <DIR> d-------- C:\Program Files\Full Speed
2008-02-12 12:11 . 2008-02-12 12:11 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-12 12:10 . 2008-02-12 12:34 2,941 --a------ C:\WINDOWS\mozver.dat
2008-02-11 14:17 . 2008-02-13 11:55 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-02-11 14:17 . 2008-02-11 14:17 <DIR> d-------- C:\Program Files\Crawler
2008-02-11 14:17 . 2008-02-11 14:17 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-02-10 12:33 . 2002-08-29 03:41 150,528 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-02-10 12:33 . 2001-08-17 22:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-02-09 18:38 . 2008-02-16 22:02 92 --a------ C:\WINDOWS\CMISETUP.INI
2008-02-09 18:38 . 2008-02-16 22:02 26 --a------ C:\WINDOWS\CMCDPLAY.INI
2008-02-09 18:37 . 2002-10-09 11:12 237,568 --a------ C:\WINDOWS\CMIUninstall.exe
2008-02-09 18:37 . 2008-02-09 18:37 0 --a------ C:\WINDOWS\Wininit.ini
2008-02-09 18:36 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-02-09 13:47 . 2008-02-24 14:27 116 --a------ C:\WINDOWS\NeroDigital.ini
2008-02-09 12:34 . 2008-02-23 17:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NFS Underground
2008-02-09 12:33 . 2008-02-09 12:33 <DIR> d-------- C:\Program Files\Common Files\DirectX
2008-02-08 10:01 . 2002-08-29 01:32 21,760 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-02-07 20:03 . 2008-02-07 20:03 <DIR> d-------- C:\Program Files\MSN Messenger
2008-02-07 19:59 . 2008-02-07 20:41 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2008-02-07 17:26 . 2008-02-07 17:26 <DIR> d---s---- C:\Documents and Settings\Monev\UserData
2008-02-07 17:25 . 2008-02-07 17:25 <DIR> d-------- C:\Program Files\Status
2008-02-07 17:20 . 2008-02-07 17:21 <DIR> d-------- C:\Program Files\Ares
2008-02-07 17:18 . 2008-02-07 17:19 <DIR> d-------- C:\Documents and Settings\Monev\Contacts
2008-02-07 17:15 . 2008-02-07 17:15 268 --ah----- C:\sqmdata00.sqm
2008-02-07 17:15 . 2008-02-07 17:15 244 --ah----- C:\sqmnoopt00.sqm
2008-02-07 17:14 . 2008-02-07 17:14 138,752 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-02-07 17:09 . 2008-02-13 11:55 <DIR> d-------- C:\Documents and Settings\Monev\Application Data\Spyware Terminator
2008-02-07 13:49 . 2008-02-07 13:49 <DIR> d-------- C:\Documents and Settings\Monev\Application Data\CyberLink
2008-02-07 13:48 . 2008-02-07 13:48 <DIR> d-------- C:\Documents and Settings\Monev\Application Data\TrojanHunter
2008-02-07 13:45 . 2008-02-07 13:45 <DIR> d-------- C:\Program Files\Windows Live Toolbar
2008-02-07 13:45 . 2008-02-07 13:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-02-07 13:44 . 2008-02-07 13:44 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-02-07 13:41 . 2008-02-07 13:41 <DIR> d-------- C:\Program Files\Skype
2008-02-07 13:41 . 2008-02-07 13:41 <DIR> d-------- C:\Program Files\Google
2008-02-07 13:41 . 2008-02-07 13:41 <DIR> d-------- C:\Program Files\Common Files\Skype
2008-02-07 13:41 . 2008-02-24 14:23 <DIR> d-------- C:\Documents and Settings\Monev\Application Data\Skype
2008-02-07 13:41 . 2008-02-07 13:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-02-07 13:26 . 2008-02-07 13:48 <DIR> d-------- C:\Program Files\TrojanHunter 4.7
2008-02-07 13:24 . 2008-02-07 13:29 <DIR> d-------- C:\Program Files\NetMeter
2008-02-07 13:22 . 2003-06-18 17:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2008-02-07 13:22 . 2008-02-07 13:22 376 --a------ C:\WINDOWS\ODBC.INI
2008-02-07 13:19 . 2008-02-07 13:19 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-02-07 13:19 . 2008-02-07 13:19 <DIR> d-------- C:\Program Files\Common Files\L&H
2008-02-07 13:18 . 2008-02-07 13:18 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2008-02-07 13:17 . 2008-02-07 13:17 <DIR> d-------- C:\Program Files\Microsoft Works
2008-02-07 13:16 . 2008-02-07 13:18 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-02-07 13:02 . 2008-02-07 13:01 502,368 --a------ C:\WINDOWS\system32\drivers\amon.sys
2008-02-07 13:02 . 2008-02-07 13:01 274,432 --a------ C:\WINDOWS\system32\imon.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-06 22:12 558,142 ----a-w C:\WINDOWS\java\Packages\4UVLV131.ZIP
2008-02-06 22:12 155,995 ----a-w C:\WINDOWS\java\Packages\K41JFFXR.ZIP
2008-02-06 22:12 --------- d-----w C:\Program Files\microsoft frontpage
2001-11-23 04:08 712,704 ----a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-08-29 04:41 13312]
"C:\Program Files\NetMeter\NetMeter.exe"="C:\Program Files\NetMeter\NetMeter.exe" [2007-08-11 15:50 331264]
"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [2005-08-18 14:15 1359872]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54 5674352]
"ares"="C:\Program Files\Ares\Ares.exe" [2007-11-23 17:18 962560]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2004-11-22 08:18 307200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2002-09-27 07:44 47104 C:\WINDOWS\SOUNDMAN.EXE]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2006-10-22 12:22 7700480]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2006-10-22 12:22 86016]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-02-07 13:01 921600]
"THGuard"="C:\Program Files\TrojanHunter 4.7\THGuard.exe" [2011-06-26 23:07 523264]
"SpywareTerminator"="C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-02-07 17:13 2834432]
"Cmaudio"="cmicnfg.cpl" []
"FreeSpyKeylogger.exe"="C:\Program Files\Free Spy Keylogger\FreeSpyKeylogger.exe" [2006-03-20 11:10 224768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-08-29 04:41 13312]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-04-11 11:10:00 394856]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
--a------ 2007-11-23 17:18 962560 C:\Program Files\Ares\Ares.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-01-19 12:54 5674352 C:\Program Files\MSN Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2006-10-22 12:22 1622016 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-02-07 12:28 98304 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2004-11-02 20:24 32768 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-02-07 12:59 151597 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2003-12-13 01:50 33792 C:\Program Files\Winamp\winampa.exe

R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2008-02-07 17:14]
R2 BT848;BtCap, WDM Video Capture;C:\WINDOWS\System32\drivers\BT848.sys [2003-06-26 04:56]
R2 BTTUNER;MPEG.TV, WDM TvTuner;C:\WINDOWS\System32\drivers\BTTUNER.sys [2003-06-26 04:56]
R2 BTXBAR;MPEG.TV, WDM Crossbar;C:\WINDOWS\System32\drivers\BTXBAR.sys [2003-06-26 04:56]

.
Contents of the 'Scheduled Tasks' folder
"2008-02-24 13:24:00 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2008-02-24 14:40:49
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C:\\Program Files\\NetMeter\\NetMeter.exe"="C:\\Program Files\\NetMeter\\NetMeter.exe"
.
Completion time: 2008-02-24 14:41:47

Poslao: 24 Feb 2008 15:13
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

C:\Program Files\Free Spy Keylogger\ - jel ovaj keylogger namerno instaliran?

Kazi mi kakvi ti to fajlovi nestaju s kompa? U logovima ne nalazim nista cudno.

Poslao: 24 Feb 2008 15:25
Idi na vrh
offline
  • Pridružio: 24 Feb 2008
  • Poruke: 4

Free Spy Keylogger - je instaliran sa moje strane.

A fajlovi koji nestaju su uglavnom muzika i neki mali privremeni programi koje instaliram po potrebi pa ih obrisem. Ako nema nista sta nije uredu OK.


I jos hteo sam da pitam posto moj komp ima SP1 i kad snimim nov Windows sa SP2 on nece da pokrene sistem uopste, nego kad zavrsi sa instalacijom dodje do WELKOME i onda mi se pojavi crni ekran. Dali znate zasto se to pojavljuje?

Poslao: 24 Feb 2008 15:35
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Hajde da odradimo jedan online scan:
http://www.bitdefender.com/scan8/ie.html <-- moras link otvoriti u Internet Exploreru.

Kada zavrsi skeniranje potrazi opciju da snimis log, pa nam taj log posle ovde uploaduj preko opcije Prikaci fajl ili ga kopiraj direktno u poruku ukoliko nije velik.

Sto se tice SP2 i to sto nece da zavrsi instalaciju - to se najcesce desava zato sto nema drajver za neki hardware koji ti posedujes.
Probaj cupanjem svih kartica koje ti nisu potrebne u toku instalacije, kao i svih spoljnih uredjaja (USB stampac, skener, USB modem itd.)
Ja sam bio baksuz da kod mene nije hteo zbog graficke da zavrsi instalaciju, a jednom sam kod drugarice imao problem zbog USB Dial-up modema.

MyCity » Ambulanta -> Arhiva Ambulante » Windows problem

Ko je trenutno na forumu
 

Ukupno su 921 korisnika na forumu :: 2 registrovanih, 0 sakrivenih i 919 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: JanaH, Koridor