win32k.exe

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:40:37, on 2/13/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20935)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Lock My PC 4\lockpc.exe
C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\MDCOM\Desktop\100\TR3.exe.exe

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [lmpc4] C:\Program Files\Lock My PC 4\lockpc.exe /s
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2009\MemOptimizer.exe" autostart
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O13 - Gopher Prefix:
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com/microsoftupdate/v6/V5C.....3825722890
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com/microsoftupdate/v6/V5C.....3825712421
O20 - Winlogon Notify: fsp_lmwl - C:\WINDOWS\SYSTEM32\fsp_lmwl.dll
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 5646 bytes

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Zdravo,

* Pokreni ESET Smart Security/ESET NOD32 na sledeci nacin :
Start>All Programs>ESET>ESET Smart Security ili pak ESET NOD32 Antivirus(ukoliko koristis samo Antivirus resenje).

* Kada ti se otvori glavni prozor programa, klikni na Setup opciju sa leve strane prozora;
* Izaberi Antivirus and antispyware opciju i klikni na Temporarily disable Antivirus and antispyware protection.
* Na sledece pitanje klikni Yes.

Napomena: Ne zaboravi da ukljuciš ovu opciju po završetku cišcenja.

---------------------------

Skini ComboFix sa jedne od sledecih adresa na Desktop:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

ComboFix 09-02-12.03 - MDCOM 2009-02-13 13:47:30.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.991.557 [GMT 1:00]
Running from: c:\documents and settings\MDCOM\Desktop\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated)
FW: ESET Personal firewall *enabled*
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\tmp.reg

.
((((((((((((((((((((((((( Files Created from 2009-01-13 to 2009-02-13 )))))))))))))))))))))))))))))))
.

2009-02-13 09:07 . 2009-02-13 09:08 170,320 --a------ C:\_crash.dmp
2009-02-13 09:07 . 2009-02-13 09:08 55,947 --a------ C:\report.zip
2009-02-12 16:52 . 2001-08-17 13:48 12,160 --a------ c:\windows\system32\drivers\mouhid.sys
2009-02-12 16:52 . 2001-08-17 13:48 12,160 --a--c--- c:\windows\system32\dllcache\mouhid.sys
2009-02-12 16:52 . 2008-04-14 00:15 10,368 --a------ c:\windows\system32\drivers\hidusb.sys
2009-02-12 16:52 . 2008-04-14 00:15 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys
2009-02-12 15:34 . 2008-04-14 00:21 101,120 --a------ c:\windows\system32\drivers\bthpan.sys
2009-02-12 15:34 . 2008-04-14 00:21 101,120 --a--c--- c:\windows\system32\dllcache\bthpan.sys
2009-02-12 15:33 . 2008-04-14 05:42 151,552 --a------ c:\windows\system32\irftp.exe
2009-02-12 15:33 . 2008-04-14 05:42 151,552 --a--c--- c:\windows\system32\dllcache\irftp.exe
2009-02-12 15:33 . 2008-04-14 00:16 59,136 --a------ c:\windows\system32\drivers\rfcomm.sys
2009-02-12 15:33 . 2008-04-14 00:16 59,136 --a--c--- c:\windows\system32\dllcache\rfcomm.sys
2009-02-12 15:33 . 2008-04-14 05:41 28,160 --a------ c:\windows\system32\irmon.dll
2009-02-12 15:33 . 2008-04-14 05:41 28,160 --a--c--- c:\windows\system32\dllcache\irmon.dll
2009-02-12 15:33 . 2008-04-14 00:16 18,944 --a------ c:\windows\system32\drivers\BTHUSB.SYS
2009-02-12 15:33 . 2008-04-14 00:16 18,944 --a--c--- c:\windows\system32\dllcache\bthusb.sys
2009-02-12 15:33 . 2008-04-14 00:16 17,024 --a------ c:\windows\system32\drivers\BthEnum.sys
2009-02-12 15:33 . 2008-04-14 00:16 17,024 --a--c--- c:\windows\system32\dllcache\bthenum.sys
2009-02-12 15:33 . 2008-04-14 05:42 8,192 --a------ c:\windows\system32\wshirda.dll
2009-02-12 15:33 . 2008-04-14 05:42 8,192 --a--c--- c:\windows\system32\dllcache\wshirda.dll
2009-02-10 09:18 . 2009-02-10 09:19 <DIR> d-------- c:\documents and settings\MDCOM\Application Data\Winamp
2009-02-09 12:59 . 2005-03-10 23:57 356,352 --a------ c:\windows\eSellerateEngine.dll
2009-02-09 12:59 . 2000-05-22 17:58 140,488 --a------ c:\windows\system32\comdlg32.ocx
2009-02-09 12:59 . 2001-06-21 21:13 81,332 --a------ c:\windows\system32\BASS.DLL
2009-02-09 12:59 . 2005-06-18 19:21 7,436 --a------ c:\windows\system32\PulseSoundTouchForVB.tlb
2009-02-09 12:59 . 2009-02-09 12:59 56 --a------ c:\windows\system\Djsec63691.dll
2009-02-09 12:59 . 2009-02-09 12:59 56 --a------ c:\windows\system\Djsec61721.dll
2009-02-07 16:48 . 2009-02-11 10:29 <DIR> d-------- C:\Games
2009-02-06 15:59 . 2006-11-02 13:44 39,936 --a------ c:\windows\system32\fsp_lmwl.dll
2009-02-06 15:58 . 2009-02-06 15:59 <DIR> d-------- c:\program files\Lock My PC 4
2009-02-06 15:58 . 2006-08-12 14:00 6,656 --a------ c:\windows\system32\drivers\lmpc4.sys
2009-02-06 15:04 . 2009-02-06 15:04 <DIR> d-------- c:\documents and settings\MDCOM\Application Data\ESET
2009-02-06 12:00 . 2009-02-06 12:00 603,904 --a------ c:\windows\system32\TUProgSt.exe
2009-02-06 12:00 . 2009-02-06 12:00 360,192 --a------ c:\windows\system32\TuneUpDefragService.exe
2009-02-06 12:00 . 2008-12-11 13:31 27,904 --a------ c:\windows\system32\uxtuneup.dll
2009-02-06 11:57 . 2009-02-11 16:38 <DIR> d-------- c:\program files\TuneUp Utilities 2009
2009-02-06 11:56 . 2009-02-06 11:56 <DIR> d--hs---- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-02-05 15:17 . 2009-02-05 15:17 <DIR> d-------- c:\program files\Internet Download Manager
2009-02-05 15:17 . 2009-02-13 11:14 <DIR> d-------- c:\documents and settings\MDCOM\Application Data\IDM
2009-02-05 15:17 . 2009-02-13 13:49 <DIR> d-------- c:\documents and settings\MDCOM\Application Data\DMCache
2009-02-05 14:53 . 2009-02-05 14:53 <DIR> d-------- c:\documents and settings\MDCOM\Application Data\Ahead
2009-02-05 10:52 . 2009-02-05 10:52 <DIR> d-------- c:\program files\MSXML 4.0
2009-02-05 10:51 . 2009-02-05 10:54 <DIR> d--h----- c:\windows\$hf_mig$
2009-02-05 10:45 . 2008-10-16 21:24 6,068,224 -----c--- c:\windows\system32\dllcache\ieframe.dll
2009-02-05 10:45 . 2007-04-17 10:32 2,455,488 -----c--- c:\windows\system32\dllcache\ieapfltr.dat
2009-02-05 10:45 . 2007-03-08 06:10 991,232 -----c--- c:\windows\system32\dllcache\ieframe.dll.mui
2009-02-05 10:45 . 2008-10-16 21:24 459,264 -----c--- c:\windows\system32\dllcache\msfeeds.dll
2009-02-05 10:45 . 2008-10-16 21:24 380,928 -----c--- c:\windows\system32\dllcache\ieapfltr.dll
2009-02-05 10:45 . 2008-10-16 21:24 267,776 -----c--- c:\windows\system32\dllcache\iertutil.dll
2009-02-05 10:45 . 2008-10-16 21:24 63,488 -----c--- c:\windows\system32\dllcache\icardie.dll
2009-02-05 10:45 . 2008-10-16 21:24 52,224 -----c--- c:\windows\system32\dllcache\msfeedsbs.dll
2009-02-05 10:45 . 2008-10-16 13:46 13,824 -----c--- c:\windows\system32\dllcache\ieudinit.exe
2009-02-05 10:44 . 2008-10-24 12:41 455,936 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2009-02-05 10:43 . 2008-08-14 11:39 2,145,280 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-02-05 10:43 . 2008-08-14 11:09 2,023,936 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2009-02-05 10:23 . 2008-10-16 14:07 23,576 --a------ c:\windows\system32\wuapi.dll.mui
2009-02-05 09:54 . 2009-02-05 09:54 <DIR> d-------- c:\documents and settings\Admin
2009-02-05 09:53 . 2009-02-05 09:53 410,984 --a------ c:\windows\system32\deploytk.dll
2009-02-05 09:53 . 2009-02-05 09:53 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-02-05 09:52 . 2009-02-05 09:52 <DIR> d-------- c:\program files\Java
2009-02-04 14:07 . 2009-02-04 14:07 <DIR> d-------- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-02-04 14:05 . 2009-02-05 10:58 <DIR> d-------- c:\program files\SUPERAntiSpyware
2009-02-04 14:05 . 2009-02-04 14:05 <DIR> d-------- c:\documents and settings\MDCOM\Application Data\SUPERAntiSpyware.com
2009-02-03 15:37 . 2009-02-03 15:37 69 --a------ c:\windows\NeroDigital.ini
2009-02-03 13:24 . 2002-06-17 01:06 49,152 --a------ c:\windows\system32\nod32l.exe
2009-02-03 13:24 . 2002-06-17 01:23 49,152 --a------ c:\windows\system32\nod32ccl.exe
2009-02-03 12:14 . 2009-02-03 12:14 <DIR> d-------- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-02-03 12:10 . 2009-02-06 11:56 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-02-03 12:10 . 2009-02-03 12:10 <DIR> d-------- c:\documents and settings\MDCOM\Application Data\TuneUp Software
2009-02-03 12:08 . 2006-10-29 16:15 258,048 --------- c:\windows\system32\SiSParse.dll
2009-02-03 12:08 . 2006-10-29 16:15 180,224 --------- c:\windows\system32\SiSInst.dll
2009-02-03 12:08 . 2006-10-29 16:15 49,152 --------- c:\windows\system32\SiSBase.dll
2009-02-03 12:08 . 2006-10-29 16:15 24,576 -ra------ c:\windows\system32\SiSPInst.dll
2009-02-03 12:08 . 2006-10-29 16:15 12,416 -ra------ c:\windows\system32\drivers\srvkp.sys
2009-02-03 12:07 . 2006-10-29 16:15 1,740,800 -ra------ c:\windows\system32\sisgl.dll
2009-02-03 12:07 . 2006-10-29 16:15 809,984 -ra------ c:\windows\system32\sisgrv.dll
2009-02-03 12:07 . 2006-10-29 16:15 809,984 --a--c--- c:\windows\system32\dllcache\sisgrv.dll
2009-02-03 12:07 . 2006-10-29 16:13 65,536 -ra------ c:\windows\system32\sis760.bin
2009-02-03 12:07 . 2006-10-29 16:13 65,536 -ra------ c:\windows\system32\sis741.bin
2009-02-03 12:07 . 2006-10-29 16:15 49,152 -ra------ c:\windows\system32\sis660.bin

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-10 08:19 --------- d-----w c:\program files\Winamp
2009-02-06 14:03 --------- d-----w c:\documents and settings\All Users\Application Data\ESET
2009-02-06 13:58 --------- d-----w c:\program files\ESET
2009-02-06 09:27 --------- d-----w c:\program files\Common Files\Adobe
2009-02-05 15:24 --------- d-----w c:\program files\AlienGUIse
2009-02-05 09:56 --------- d-----w c:\program files\Microsoft Silverlight
2009-02-03 10:56 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-03 10:56 --------- d-----w c:\program files\Common Files\InstallShield
2009-02-03 10:50 --------- d-----w c:\program files\Common Files\Ahead
2009-02-03 10:47 --------- d-----w c:\program files\Nero
2009-02-03 10:27 --------- d-----w c:\program files\MSN Messenger
2009-02-03 10:21 --------- d-----w c:\program files\Opera
2009-02-03 10:19 --------- d-----w c:\program files\Microsoft.NET
2009-02-03 10:19 --------- d-----w c:\program files\Microsoft ActiveSync
2009-02-03 10:11 --------- d-----w c:\program files\Realtek Sound Manager
2009-02-03 10:11 --------- d-----w c:\program files\AvRack
2009-02-03 10:00 --------- d-----w c:\program files\microsoft frontpage
2009-02-03 09:58 --------- d-----w c:\program files\Windows Media Connect 2
2009-01-22 14:49 206,256 ----a-w c:\windows\system32\idmmbc.dll
2009-01-10 07:59 1,614,848 ----a-w c:\windows\system32\sfcfiles.dll
2009-01-10 07:58 990,208 ----a-w c:\windows\system32\syssetup.dll
.

((((((((((((((((((((((((((((( SnapShot_2009-02-11_ 9.19.41.25 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-02-06 15:39:11 40,196 ----a-w c:\windows\system32\perfc009.dat
+ 2009-02-13 08:08:04 40,196 ----a-w c:\windows\system32\perfc009.dat
- 2009-02-06 15:39:11 311,934 ----a-w c:\windows\system32\perfh009.dat
+ 2009-02-13 08:08:04 311,934 ----a-w c:\windows\system32\perfh009.dat
+ 2009-02-13 09:59:34 16,384 ----atw c:\windows\temp\Perflib_Perfdata_510.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-10-09 139264]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-01-22 2745776]
"lmpc4"="c:\program files\Lock My PC 4\lockpc.exe" [2006-10-05 818176]
"TuneUp MemOptimizer"="c:\program files\TuneUp Utilities 2009\MemOptimizer.exe" [2008-12-11 155904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-07-12 106496]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-01-28 36352]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-05 136600]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2008-10-24 1451264]
"SoundMan"="SOUNDMAN.EXE" [2003-11-13 c:\windows\SOUNDMAN.EXE]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 c:\windows\system32\bthprops.cpl]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-02-06 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fsp_lmwl]
2006-11-02 13:44 39936 c:\windows\system32\fsp_lmwl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll

[HKLM\~\startupfolder\C:^Documents and Settings^MDCOM^Start Menu^Programs^Startup^Alienware Dock.lnk]
path=c:\documents and settings\MDCOM\Start Menu\Programs\Startup\Alienware Dock.lnk
backup=c:\windows\pss\Alienware Dock.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2007-05-11 03:06 40048 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\JDownloader.exe"=
"c:\\WINDOWS\\system32\\java.exe"=

R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008-02-29 51440]
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2008-10-24 468224]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-02-06 603904]
R3 LMPC4;LMPC4;c:\windows\system32\drivers\lmpc4.sys [2009-02-06 6656]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2006-02-16 4096]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command - G:\Loader.exe /Hide
.
Contents of the 'Scheduled Tasks' folder

2009-02-13 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 21:36]
.
.
------- Supplementary Scan -------
.
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-02-13 13:49:10
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-57989841-413027322-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):63,b4,f8,86,54,46,0b,24,35,43,e6,d0,e8,a5,50,f7,7a,19,17,14,51,
e4,60,f6,86,cc,16,54,1f,7c,ed,3a,50,99,02,77,5c,25,31,fa,00,00,00,00,00,00,\

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{84450f40-55ab-4209-b880-57a08bfc5f6d}]
@Denied: (Full) (Everyone)
"Model"=dword:0000002b
"Therad"=dword:00000009
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(848-)
c:\windows\system32\fsp_lmwl.dll
.
Completion time: 2009-02-13 13:50:47
ComboFix-quarantined-files.txt 2009-02-13 12:50:44
ComboFix2.txt 2009-02-11 08:26:09
ComboFix3.txt 2009-02-04 11:28:15

Pre-Run: 23,172,661,248 bytes free
Post-Run: 23,201,923,072 bytes free

227

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

A, sta je problem sa tim win32k.exe?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Problem je to sto kad upalim kompjuter pojavi se don't send eror win32k.exe i onda mi se restartuje kompjuter .

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Skini:

https://www.mycity.rs/must-login.png

dvoklikom ga poktreni i klikni YES.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

helen1 ::Skini:

mycity.rs/must-login.png

dvoklikom ga poktreni i klikni YES.

Odradio sam kako si mi rekao ,sta dalje ?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Taj win32k.exe je od programa HideIt. Da li si ti uninstalirao taj program?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Nisam da ja znam odradio sam skorije reinstalaciju zbog toga sto mi je bio pun virusa i sve radilo par dana i onda je nastao ovaj problem .Imali resenja ili ponovo da radim sistem .

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Da, li bi mogao, da potrazis taj fajl negde na tvom kompjuteru?