ima li problema?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

komp ne radi bas dobro (cesto error-i iskacu) pa posto se ne razumem u ovo vi pogledajte pa recita ako ima nesto cudno




Logfile of HijackThis v1.99.1
Scan saved at 7:26:19 PM, on 1/24/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gigabyte\Gigabyte GN-WPKG Wireless PCI Adapter SoftAP\Installer\WINXP\RaConfig2500.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Huper\Desktop\New Folder\TR3.exe.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: GN-WPKG Utility.lnk = C:\Program Files\Gigabyte\Gigabyte GN-WPKG Wireless PCI Adapter SoftAP\Installer\WINXP\RaConfig2500.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O17 - HKLM\System\CCS\Services\Tcpip\..\{8A0BF5B8-36DE-4B60-93E1-9A00162B5141}: NameServer = 10.5.0.197,10.5.0.200
O17 - HKLM\System\CS1\Services\Tcpip\..\{8A0BF5B8-36DE-4B60-93E1-9A00162B5141}: NameServer = 10.5.0.197,10.5.0.200
O17 - HKLM\System\CS2\Services\Tcpip\..\{8A0BF5B8-36DE-4B60-93E1-9A00162B5141}: NameServer = 10.5.0.197,10.5.0.200
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Malo sam se posavetovao sa kolegom.
Imas instaliran Nero BackItUp, koji radi u real-timeu na nivou drajvera,pa mozda moze da prouzrokuje probleme.Ako ga ne koristis mozes da ga uninstaliras(mislim na Nero BackItUp).

Druga stvar.
U servisima ti se pojavljuje Spyware doctor:
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

A,u procesima ga nema(pocetak loga).Da nije bila neuspesna instalacija ili si ti rucno nesto brisao?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Nero BackItUp se instlirao sa nerom i ne mogu da ga obrisem posebno!

a sto se tice spayware doctora nisam nista rucno brisao samo sam ga instalirao. Da li da pogasim te servise?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ukoliko zelis da uninstaliras Nero BackItUp,probaj da startujes Nero instaler.On bi trebao da ti ponudi opciju uninstaliranja BackItUp-a.Ukoliko ne zelis,ne moras nista da diras.

Malware nema u tvom Hijack This logu.Tako da se prica o tvom slucaju u Ambulanti ovde zavrsava.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

evo da ne otvaram novu temu, napravio sam i sa comboFix pa vi pogledajte ima li sta sumnjivo



ComboFix 08-01-23.1C - Huper 2008-01-26 23:38:14.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.662 [GMT 1:00]
Running from: C:\Documents and Settings\Huper\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2007-12-26 to 2008-01-26 )))))))))))))))))))))))))))))))
.

2008-01-26 23:37 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe
2008-01-26 15:18 . 2008-01-26 15:18 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2008-01-26 15:08 . 2008-01-26 15:08 <DIR> d-------- C:\Program Files\AngelPotion Video Codec V1
2008-01-26 15:08 . 2000-08-09 21:26 177,241 --a------ C:\WINDOWS\system32\APmpg4v1.apl
2008-01-26 15:08 . 2000-08-23 07:26 106,496 --a------ C:\WINDOWS\system32\APmpg4v1.dll
2008-01-25 16:09 . 2004-01-29 19:05 1,658,880 --------- C:\WINDOWS\UNNMP.exe
2008-01-25 16:09 . 2004-03-25 15:39 50,779 --------- C:\WINDOWS\UNNMP.cfg
2008-01-25 16:07 . 2001-07-09 11:50 155,648 -ra------ C:\WINDOWS\system32\NeroCheck.exe
2008-01-25 16:06 . 2004-03-24 14:52 1,802,240 --------- C:\WINDOWS\UNNeroVision.exe
2008-01-25 16:06 . 2001-07-06 14:41 569,344 -ra------ C:\WINDOWS\system32\imagr5.dll
2008-01-25 16:06 . 2001-07-06 12:44 544,768 -ra------ C:\WINDOWS\system32\imagx5.dll
2008-01-25 16:06 . 2001-07-06 18:24 283,920 -ra------ C:\WINDOWS\system32\ImagXpr5.dll
2008-01-25 16:06 . 2004-03-25 15:39 99,116 --------- C:\WINDOWS\UNNeroVision.cfg
2008-01-25 16:06 . 2001-06-26 08:15 38,912 -ra------ C:\WINDOWS\system32\picn20.dll
2008-01-25 16:06 . 2001-03-08 18:30 24,064 -ra------ C:\WINDOWS\system32\msxml3a.dll
2008-01-25 16:05 . 2008-01-25 16:06 <DIR> d-------- C:\Program Files\Common Files\Ahead
2008-01-25 16:05 . 2008-01-25 16:09 <DIR> d-------- C:\Program Files\Ahead
2008-01-24 23:38 . 2008-01-24 23:48 <DIR> d-------- C:\Program Files\RAR Password (zabranjeno)er
2008-01-24 21:16 . 2008-01-24 21:16 2,560 --a------ C:\WINDOWS\_MSRSTRT.EXE
2008-01-24 16:50 . 2008-01-24 16:50 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2008-01-24 16:49 . 2008-01-24 16:49 <DIR> d-------- C:\WINDOWS\ShellNew
2008-01-21 18:24 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2008-01-20 11:29 . 2008-01-20 11:31 <DIR> dr------- C:\USB
2008-01-19 22:46 . 2008-01-19 22:46 <DIR> d-------- C:\Program Files\TuneUp Utilities 2008
2008-01-19 22:46 . 2008-01-19 22:46 306,432 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
2008-01-19 22:46 . 2007-12-20 10:41 29,440 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-01-19 22:45 . 2008-01-19 22:45 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-19 18:09 . 2008-01-19 18:09 <DIR> d-------- C:\Program Files\uTorrent
2008-01-19 18:00 . 2008-01-26 22:21 <DIR> dr------- C:\Downloads
2008-01-19 17:55 . 2008-01-26 23:30 <DIR> d-------- C:\Program Files\FlashGet
2008-01-18 21:28 . 2008-01-18 21:28 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2008-01-18 21:28 . 2004-08-03 23:56 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2008-01-18 21:27 . 2008-01-18 21:27 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-01-18 21:27 . 2008-01-18 21:27 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-01-14 21:10 . 2008-01-14 21:16 <DIR> d-------- C:\Program Files\Spyware Doctor
2008-01-14 21:10 . 2007-12-10 14:53 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-01-14 21:10 . 2007-12-10 14:53 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-01-14 21:10 . 2007-12-10 14:53 41,864 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-01-14 21:10 . 2007-12-10 14:53 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-01-11 21:19 . 2008-01-11 21:19 <DIR> d-------- C:\WINDOWS\Sun
2008-01-11 21:14 . 2008-01-11 21:19 671 --a------ C:\WINDOWS\mozver.dat
2008-01-08 14:55 . 2008-01-08 14:55 <DIR> d-------- C:\Program Files\MSXML 4.0
2008-01-08 13:40 . 2008-01-08 13:40 <DIR> d-------- C:\Program Files\Lavalys
2008-01-07 12:52 . 2008-01-07 12:52 <DIR> d-------- C:\Program Files\Common Files\HP
2008-01-07 12:51 . 2008-01-07 12:51 <DIR> d-------- C:\Program Files\Hewlett-Packard
2008-01-07 12:50 . 2008-01-07 12:50 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-01-07 12:47 . 2004-09-29 12:12 278,584 --a------ C:\WINDOWS\system32\HPZidr12.dll
2008-01-07 12:47 . 2004-09-29 12:15 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
2008-01-07 12:47 . 2004-09-29 12:09 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
2008-01-07 12:47 . 2004-09-29 12:14 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe
2008-01-07 12:47 . 2004-09-29 12:08 61,440 --a------ C:\WINDOWS\system32\HPZinw12.exe
2008-01-07 12:47 . 2004-09-29 12:09 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
2008-01-07 12:43 . 2008-01-07 12:53 <DIR> d-------- C:\Program Files\HP
2008-01-07 12:40 . 2008-01-07 12:54 112,877 --a------ C:\WINDOWS\hpoins07.dat
2008-01-07 12:40 . 2005-03-08 05:43 51,120 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
2008-01-07 12:40 . 2005-03-08 05:43 21,744 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys
2008-01-07 12:40 . 2005-05-24 03:48 21,124 --------- C:\WINDOWS\hpomdl07.dat
2008-01-07 12:40 . 2005-03-08 05:43 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2008-01-07 12:39 . 2005-04-08 02:51 606,208 -ra------ C:\WINDOWS\system32\hpotscl.dll
2008-01-07 12:39 . 2005-04-08 02:51 278,528 -ra------ C:\WINDOWS\system32\hpgwiamd.dll
2008-01-07 12:39 . 2005-03-08 05:39 274,432 -ra------ C:\WINDOWS\system32\HPZc3212.dll
2008-01-07 12:39 . 2005-04-08 02:51 258,122 -ra------ C:\WINDOWS\system32\hpovst08.dll
2008-01-07 12:39 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-01-07 12:39 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-01-07 12:39 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-01-07 12:39 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-01-07 12:37 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-01-07 12:37 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-01-04 17:42 . 2008-01-04 17:42 <DIR> d-------- C:\Program Files\Bonjour
2008-01-04 17:35 . 2008-01-04 17:35 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared
2008-01-04 13:09 . 2005-09-23 07:29 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2008-01-03 23:23 . 2008-01-26 22:15 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-01-03 00:53 . 2008-01-17 22:58 <DIR> d-------- C:\Program Files\Valve
2008-01-02 17:20 . 2008-01-02 17:20 12,219,983 ---h----- C:\AVG7QT.DAT
2008-01-02 17:08 . 2008-01-08 15:16 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-01-02 17:08 . 2006-09-25 17:58 23,856 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-01-01 23:25 . 2008-01-24 16:51 376 --a------ C:\WINDOWS\ODBC.INI
2008-01-01 23:16 . 2008-01-01 23:16 <DIR> d-------- C:\Program Files\Corel
2008-01-01 23:16 . 2008-01-01 23:16 <DIR> d-------- C:\Program Files\Common Files\Corel
2008-01-01 23:10 . 2008-01-01 23:10 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2008-01-01 23:08 . 2008-01-04 17:42 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-01-01 23:03 . 2008-01-01 23:03 <DIR> d-------- C:\WINDOWS\Cache
2008-01-01 22:43 . 2008-01-01 22:44 <DIR> d-------- C:\Program Files\CyberLink
2008-01-01 22:35 . 2008-01-01 22:36 <DIR> d-------- C:\Program Files\ffdshow
2008-01-01 22:35 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-01-01 22:24 . 2008-01-01 22:38 <DIR> d-------- C:\Program Files\Mv2Player
2008-01-01 20:48 . 2008-01-18 21:42 <DIR> d-------- C:\Program Files\Winamp
2008-01-01 20:20 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-01-01 19:57 . 2008-01-01 19:57 0 --a------ C:\WINDOWS\nsreg.dat
2008-01-01 19:34 . 2008-01-01 19:34 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-01-01 19:34 . 2008-01-01 19:34 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2008-01-01 19:19 . 2008-01-01 19:26 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-01-01 19:18 . 2008-01-01 19:26 <DIR> d-------- C:\Program Files\MSN Messenger
2008-01-01 19:15 . 2008-01-19 19:00 <DIR> d-------- C:\Program Files\UltimateZip 2007

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-10 13:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-01 22:16 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-01-01 16:06 --------- d-----w C:\Program Files\SEC
2008-01-01 16:00 15,939 ----a-w C:\WINDOWS\system32\drivers\AegisP.sys
2008-01-01 16:00 --------- d-----w C:\Program Files\Gigabyte
2008-01-01 15:55 --------- d-----w C:\Program Files\C-Media
2008-01-01 15:53 --------- d--h--w C:\Program Files\Uninstall Information
2008-01-01 15:47 --------- d-----w C:\Program Files\microsoft frontpage
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2001-11-23 04:08 712,704 ----a-r C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-06-01 17:22 7618560]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-06-01 17:22 86016]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2008-01-01 19:47 579072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe" [2008-01-01 19:47 219136]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
GN-WPKG Utility.lnk - C:\Program Files\Gigabyte\Gigabyte GN-WPKG Wireless PCI Adapter SoftAP\Installer\WINXP\RaConfig2500.exe [2008-01-01 17:00:34 524288]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NCProTray.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\NCProTray.lnk
backup=C:\WINDOWS\pss\NCProTray.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Huper^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=C:\Documents and Settings\Huper\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=C:\WINDOWS\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
-ra------ 2003-03-20 07:21 1855488 C:\WINDOWS\mixer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DWQueuedReporting]
--a------ 2006-10-26 19:48 434528 C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2005-05-11 23:12 49152 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
--a------ 2007-12-10 14:53 1103752 C:\Program Files\Spyware Doctor\pctsTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
--a------ 2007-02-07 16:21 54832 C:\Program Files\CyberLink\PowerDVD\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 17:24 1694208 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
-ra------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2006-06-01 17:22 1519616 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--------- 2007-02-07 16:24 71216 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

R0 rseb;rseb;C:\WINDOWS\system32\drivers\rseb.sys [2004-06-01 19:44]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};C:\Program Files\CyberLink\PowerDVD\000.fcl [2006-11-02 16:51]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-03 23:56]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-01-19 22:46]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
"2008-01-25 16:18:59 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
"2008-01-25 13:02:27 C:\WINDOWS\Tasks\WebReg psc 1400 series.job"
- C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici]
Rootkit scan 2008-01-26 23:40:41
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-26 23:41:33
.
2008-01-08 14:20:33 --- E O F ---

Dopuna: 28 Jan 2008 20:38

da li je ko pogledao?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Cist log.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

oke tnx, sad je kraj