MyCity » Ambulanta -> Arhiva Ambulante » Nema start??

Nema start??

Napisano na dan: 10.3.2009

Nema start??
Sledeća strana Pagination

Idi na vrh

Poslao: 10 Mar 2009 15:58
Idi na vrh
offline
  • Pridružio: 10 Mar 2009
  • Poruke: 1

Kad upalim komp,pojavi se slika,ali nema starta,ikonica nicega. Mogu da upalim Task Manager,pa u njemu idem na Search i upali mi se sve odjednom! Ali nikako ne uspevam da resim to...

Evo loga:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:40:29 PM, on 3/10/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\EA Games\Need for Speed Undercover\PB\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\LClock\LClock.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Sale.SALE-FF0C9D0584\Desktop\New Folder\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O3 - Toolbar: BS.Player ControlBar - {2C688203-7EB3-4327-9995-1CB417BA23F9} - C:\Program Files\BS.Player ControlBar\BSToolbar.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [nodenable] C:\Program Files\eset\nodenable.exe
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\LClock.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe -autorun
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate1c99a7ca9702fb6) (gupdate1c99a7ca9702fb6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - C:\Program Files\EA Games\Need for Speed Undercover\PB\PnkBstrA.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 6890 bytes

Dopuna: 10 Mar 2009 15:58

Evo i Combo Fix log,znam da ce trebati...


ComboFix 09-03-06.02 - Sale 2009-03-10 15:46:09.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1411 [GMT 1:00]
Running from: c:\documents and settings\Sale.SALE-FF0C9D0584\Desktop\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated)
FW: ESET Personal firewall *enabled*

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-02-10 to 2009-03-10 )))))))))))))))))))))))))))))))
.

2009-03-10 15:20 . 2009-03-10 15:31 <DIR> d-------- c:\windows\system32\inf
2009-03-10 15:20 . 2009-03-10 15:20 <DIR> d-------- c:\program files\MSXML 4.0
2009-03-10 12:39 . 2009-03-10 12:39 40,661 --a------ c:\windows\system32\3B.tmp
2009-03-10 12:39 . 2009-03-10 12:39 120 --a------ c:\windows\system32\38.tmp
2009-03-09 22:40 . 2009-03-09 22:40 80 --a------ c:\windows\system32\12.tmp
2009-03-09 22:12 . 2009-03-09 22:12 80 --a------ c:\windows\system32\14.tmp
2009-03-09 20:08 . 2009-03-09 20:08 130,143 --a------ c:\windows\system\xccef090305.exe
2009-03-09 20:08 . 2009-03-09 20:08 23,729 --a------ c:\windows\system32\6B6.tmp
2009-03-09 20:08 . 2009-03-09 20:08 80 --a------ c:\windows\system32\6A9.tmp
2009-03-08 02:40 . 2009-03-08 02:40 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Electronic Arts
2009-03-07 20:35 . 2009-03-07 20:35 <DIR> d-------- c:\documents and settings\Sale.SALE-FF0C9D0584\Application Data\Microsoft Games
2009-03-07 20:32 . 2009-03-10 15:19 <DIR> d-------- c:\program files\GameSpy Arcade
2009-03-07 20:30 . 2009-03-07 20:30 <DIR> d-------- c:\program files\Microsoft Games
2009-03-07 20:25 . 2002-09-05 15:21 4,296,704 -ra------ c:\windows\una2setup.exe
2009-03-07 20:24 . 2009-03-07 20:24 <DIR> d-------- c:\documents and settings\Sale.SALE-FF0C9D0584\Application Data\DAEMON Tools
2009-03-07 20:23 . 2009-03-07 20:23 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\DAEMON Tools Lite
2009-03-07 20:22 . 2009-03-07 20:22 <DIR> d-------- c:\program files\DAEMON Tools Toolbar
2009-03-07 20:22 . 2009-03-07 20:22 <DIR> d-------- c:\program files\DAEMON Tools Lite
2009-03-07 20:22 . 2009-03-07 20:22 <DIR> d-------- c:\documents and settings\Sale.SALE-FF0C9D0584\Application Data\DAEMON Tools Lite
2009-03-07 20:18 . 2009-03-07 20:18 <DIR> d-------- c:\program files\advantage
2009-03-07 20:18 . 2009-03-09 22:20 <DIR> d-------- c:\documents and settings\Sale.SALE-FF0C9D0584\Application Data\advantage
2009-03-07 20:16 . 2009-03-07 20:16 <DIR> d-------- c:\program files\DAEMON Tools Pro
2009-03-07 20:16 . 2009-03-07 20:16 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\DAEMON Tools Pro
2009-03-07 20:13 . 2009-03-07 20:24 <DIR> d-------- c:\documents and settings\Sale.SALE-FF0C9D0584\Application Data\DAEMON Tools Pro
2009-03-07 20:13 . 2009-03-07 20:13 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2009-03-05 22:58 . 2009-03-05 22:58 <DIR> d-------- c:\windows\Sun
2009-03-04 20:57 . 2009-03-04 20:58 <DIR> d-------- C:\r
2009-03-04 19:04 . 2009-03-04 19:05 <DIR> d-------- C:\btw
2009-03-04 16:12 . 2009-03-04 16:12 <DIR> d-------- C:\ProgramData
2009-03-04 16:12 . 2009-03-04 16:12 1,180 --a------ c:\windows\system32\ealregsnapshot1.reg
2009-03-04 14:33 . 2009-03-04 16:16 <DIR> d-------- C:\nfs
2009-03-04 00:05 . 2009-03-04 00:05 <DIR> d-------- c:\documents and settings\Sale.SALE-FF0C9D0584\Application Data\Leadertech
2009-03-01 19:36 . 2009-03-01 20:32 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\Test Drive Unlimited
2009-03-01 19:05 . 2009-03-01 19:06 <DIR> d-------- C:\New Folder
2009-03-01 15:48 . 2009-03-01 15:48 <DIR> d-------- c:\program files\Common Files\xing shared
2009-03-01 15:48 . 2009-03-01 15:48 <DIR> d-------- c:\program files\Common Files\Real
2009-03-01 15:48 . 2009-03-01 15:48 499,712 --a------ c:\windows\system32\msvcp71.dll
2009-03-01 15:48 . 2009-03-01 15:48 348,160 --a------ c:\windows\system32\msvcr71.dll
2009-02-28 03:06 . 2009-02-28 03:06 <DIR> d-------- c:\documents and settings\Sale.SALE-FF0C9D0584\Application Data\BSplayer Pro
2009-02-28 03:06 . 2009-03-02 15:04 <DIR> d-------- c:\documents and settings\Sale.SALE-FF0C9D0584\Application Data\BSplayer
2009-02-28 03:04 . 2009-02-28 11:53 <DIR> d-a------ c:\documents and settings\All Users.WINDOWS\Application Data\TEMP
2009-02-27 23:51 . 2005-12-30 20:10 761,856 --a------ c:\windows\system32\xvidcore.dll
2009-02-27 23:51 . 2004-05-25 16:06 417,792 --a------ c:\windows\system32\ac3filter.cpl
2009-02-27 23:51 . 2005-12-30 20:18 180,224 --a------ c:\windows\system32\xvidvfw.dll
2009-02-27 23:51 . 2005-12-30 20:16 77,824 --a------ c:\windows\system32\xvid.ax
2009-02-27 23:50 . 2001-12-28 01:22 315,392 --a------ c:\windows\system32\iviaudio.ax
2009-02-27 23:50 . 2001-04-05 06:57 56,832 --a------ c:\windows\system32\mmswitch.ax
2009-02-27 23:50 . 2001-12-28 01:22 34,816 --a------ c:\windows\system32\mpgaudio.ax
2009-02-27 12:30 . 2008-08-14 11:00 2,180,352 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe
2009-02-27 12:30 . 2008-08-14 10:58 2,136,064 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-02-27 12:30 . 2008-08-14 10:22 2,057,728 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2009-02-27 12:30 . 2008-08-14 10:22 2,015,744 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2009-02-27 12:28 . 2008-10-24 12:10 453,632 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2009-02-27 12:23 . 2009-02-28 03:03 <DIR> d--h----- c:\windows\$hf_mig$
2009-02-26 23:26 . 2008-06-13 14:10 272,128 --------- c:\windows\system32\drivers\bthport.sys
2009-02-26 23:26 . 2008-06-13 14:10 272,128 -----c--- c:\windows\system32\dllcache\bthport.sys
2009-02-26 22:55 . 2009-03-07 20:34 <DIR> d-------- c:\windows\system32\VIRepair
2009-02-26 22:55 . 2009-02-26 22:55 <DIR> d-------- c:\documents and settings\Sale.SALE-FF0C9D0584\Application Data\ViStart
2009-02-26 22:53 . 2009-02-26 22:53 <DIR> d-------- c:\program files\WinFlip
2009-02-26 22:53 . 2009-02-26 22:53 <DIR> d-------- c:\program files\TrueTransparency
2009-02-26 22:53 . 2009-02-26 22:53 <DIR> d-------- c:\program files\Styler
2009-02-26 22:53 . 2009-03-10 15:19 <DIR> d-------- c:\program files\LClock
2009-02-26 22:53 . 2007-04-15 01:32 7,335,424 --a------ c:\windows\system32\VISTAUI.EXE
2009-02-26 22:53 . 2008-11-15 13:29 334,422 --a------ c:\windows\system32\viwc.exe
2009-02-26 22:53 . 2004-09-20 01:27 172,032 --a------ c:\windows\system32\LClock.cpl
2009-02-26 22:53 . 2007-11-25 22:11 49,208 --a------ c:\windows\system32\vistartup.bmp
2009-02-26 22:50 . 2009-02-26 22:50 78,942 --a------ c:\windows\Icon_1.ico
2009-02-26 22:49 . 2009-02-27 12:26 <DIR> d-------- c:\windows\system32\VITrans
2009-02-26 22:49 . 2009-02-26 22:55 <DIR> d-------- C:\VTPFiles
2009-02-26 22:49 . 2006-12-03 17:15 111,104 --a------ c:\windows\system32\Uharc.exe
2009-02-26 22:49 . 2004-11-27 19:00 94,208 --a------ c:\windows\system32\pskill.exe
2009-02-26 22:49 . 2006-12-03 17:15 69,632 --a------ c:\windows\system32\moveex.exe
2009-02-26 22:49 . 2008-11-11 23:22 20,480 --a------ c:\windows\system32\scrnrdr.exe
2009-02-26 22:49 . 2006-12-03 17:15 19,968 --a------ c:\windows\system32\reico.exe
2009-02-26 22:49 . 2006-12-03 17:14 8,636 --a------ c:\windows\system32\modifype.exe
2009-02-26 22:34 . 2009-02-26 22:39 <DIR> d-------- c:\documents and settings\Sale.SALE-FF0C9D0584\Application Data\LimeWire
2009-02-26 22:33 . 2009-02-26 22:33 410,984 --a------ c:\windows\system32\deploytk.dll
2009-02-26 22:33 . 2009-02-26 22:33 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-02-26 22:31 . 2009-02-26 22:34 <DIR> d-------- c:\program files\LimeWire
2009-02-26 22:29 . 2009-02-26 22:29 <DIR> d-------- c:\documents and settings\Sale.SALE-FF0C9D0584\Application Data\ESET
2009-02-26 22:28 . 2009-02-26 22:29 <DIR> d-------- c:\program files\ESET
2009-02-26 22:27 . 2009-02-26 22:28 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\ESET
2009-02-26 22:02 . 2009-02-26 22:02 <DIR> d-------- c:\program files\uTorrent
2009-02-26 22:02 . 2009-03-10 15:20 <DIR> d-------- c:\documents and settings\Sale.SALE-FF0C9D0584\Application Data\uTorrent
2009-02-26 21:51 . 2009-03-10 15:19 <DIR> d-------- c:\program files\sXe Injected
2009-02-26 19:20 . 2009-02-26 19:24 <DIR> d-------- c:\documents and settings\Sale.SALE-FF0C9D0584\Contacts
2009-02-26 18:08 . 2009-02-26 18:08 <DIR> d-------- c:\program files\Microsoft Silverlight
2009-02-26 18:08 . 2009-02-26 19:08 <DIR> d-------- c:\documents and settings\Sale.SALE-FF0C9D0584\Tracing
2009-02-26 18:08 . 2009-02-06 18:08 55,152 --a------ c:\windows\system32\drivers\fssfltr_tdi.sys
2009-02-26 18:07 . 2009-02-26 18:07 <DIR> d-------- c:\program files\Microsoft Sync Framework
2009-02-26 18:07 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\system32\d3dx9_32.dll
2009-02-26 18:06 . 2009-02-26 18:06 <DIR> d-------- c:\program files\Microsoft SQL Server Compact Edition
2009-02-26 18:06 . 2009-02-26 18:06 <DIR> d-------- c:\program files\Microsoft
2009-02-26 18:05 . 2009-02-26 18:05 <DIR> d-------- c:\program files\Windows Live SkyDrive
2009-02-26 18:05 . 2009-02-26 18:08 <DIR> d-------- c:\program files\Windows Live
2009-02-26 17:46 . 2009-02-26 17:46 <DIR> d-------- c:\program files\Common Files\Windows Live
2009-02-26 17:46 . 2009-02-26 17:46 <DIR> d-------- c:\documents and settings\Sale.SALE-FF0C9D0584\Application Data\MSNInstaller
2009-02-26 17:27 . 2009-02-26 17:27 <DIR> d-------- c:\program files\Winamp Remote
2009-02-26 17:27 . 2009-02-26 17:28 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\OrbNetworks
2009-02-26 17:24 . 2009-02-26 17:24 <DIR> d-------- c:\documents and settings\Sale.SALE-FF0C9D0584\Application Data\TuneUp Software
2009-02-26 17:24 . 2009-02-26 17:24 603,904 --a------ c:\windows\system32\TUProgSt.exe
2009-02-26 17:24 . 2009-02-26 17:24 362,240 --a------ c:\windows\system32\TuneUpDefragService.exe
2009-02-26 17:24 . 2008-11-12 16:44 27,904 --a------ c:\windows\system32\uxtuneup.dll
2009-02-26 17:23 . 2009-02-26 17:29 <DIR> d-------- c:\documents and settings\Sale.SALE-FF0C9D0584\Application Data\Winamp
2009-02-26 17:23 . 2009-02-26 17:23 <DIR> d-------- c:\documents and settings\All Users.WINDOWS\Application Data\TuneUp Software
2009-02-26 17:23 . 2009-02-26 17:23 <DIR> d--hs---- c:\documents and settings\All Users.WINDOWS\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-02-26 17:14 . 2009-02-26 17:14 0 --a------ c:\windows\nsreg.dat
2009-02-26 16:58 . 2009-03-07 20:20 <DIR> d-------- c:\program files\Google
2009-02-26 16:42 . 2009-03-10 15:20 <DIR> d-------- c:\program files\Counter-Strike 1.6
2009-02-26 16:41 . 2009-02-26 16:41 <DIR> d-------- c:\windows\system32\AGEIA
2009-02-26 16:41 . 2009-02-26 16:42 <DIR> d-------- c:\program files\AGEIA Technologies
2009-02-26 16:41 . 2009-02-26 16:41 940,794 --a------ c:\windows\system32\LoopyMusic.wav
2009-02-26 16:41 . 2009-02-26 16:41 146,650 --a------ c:\windows\system32\BuzzingBee.wav
2009-02-26 16:40 . 2009-02-26 16:40 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-02-26 16:39 . 2009-02-26 16:39 <DIR> d-------- C:\NVIDIA
2009-02-26 16:39 . 2009-02-05 10:54 453,152 --a------ c:\windows\system32\NVUNINST.EXE
2009-02-26 16:39 . 2009-02-09 13:18 453,152 --a------ c:\windows\system32\nvudisp.exe
2009-02-26 16:39 . 2009-03-10 15:35 210,919 --a------ c:\windows\system32\nvapps.xml
2009-02-26 16:39 . 2009-02-09 13:18 18,795 --a------ c:\windows\system32\nvdisp.nvu
2009-02-26 16:37 . 2009-02-26 16:37 <DIR> d-------- c:\documents and settings\SALE~1~SAL\LOCALS~1
2009-02-26 16:37 . 2009-02-26 16:37 <DIR> d-------- c:\documents and settings\SALE~1~SAL
2009-02-26 16:36 . 2009-02-26 16:36 <DIR> d-------- c:\documents and settings\Sale.SALE-FF0C9D0584\Application Data\InstallShield
2009-02-26 16:36 . 2008-08-07 19:14 111,360 --a------ c:\windows\system32\drivers\Rtenicxp.sys
2009-02-26 16:36 . 2008-08-07 11:38 9,728 --a------ c:\windows\system32\RtNicProp32.dll
2009-02-26 16:33 . 2009-02-26 22:48 <DIR> d-------- C:\unzipped

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-10 14:20 --------- d-----w c:\program files\Winamp
2009-03-10 14:19 --------- d-----w c:\program files\AC3Filter
2009-03-09 21:17 4,224 ----a-w c:\windows\system32\drivers\beep.sys
2009-03-04 19:39 11,376 ----a-w c:\windows\system32\drivers\secdrv.sys
2009-03-04 15:12 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-04 15:12 --------- d-----w c:\program files\Electronic Arts
2009-03-04 14:15 --------- d-----w c:\program files\EA GAMES
2009-03-01 14:48 --------- d-----w c:\program files\Real
2009-02-28 02:07 --------- d-----w c:\program files\BS.Player ControlBar
2009-02-27 22:51 --------- d-----w c:\program files\XviD
2009-02-26 21:33 --------- d-----w c:\program files\Java
2009-02-26 18:19 --------- d-----w c:\program files\MSN Messenger
2009-02-26 16:24 --------- d-----w c:\program files\TuneUp Utilities 2009
2009-02-24 17:21 --------- d-----w c:\program files\Warcraft III
2009-02-13 15:59 17,510,400 ----a-w c:\windows\RTHDCPL.EXE
2009-02-13 15:49 5,029,376 ----a-w c:\windows\system32\drivers\RtkHDAud.sys
2009-02-13 15:28 --------- d-----w c:\program files\Codec Pack - All In 1
2009-02-09 13:34 35,840 ----a-w c:\windows\system32\RtkCoInstXP.dll
2009-02-06 18:03 307,576 ----a-w c:\windows\WLXPGSS.SCR
2009-01-21 14:54 1,206,816 ----a-w c:\windows\RtlUpd.exe
2009-01-16 17:24 70,936 ----a-w c:\windows\system32\PhysXLoader.dll
2009-01-15 03:33 --------- d-----w c:\program files\Encore
2008-12-10 19:42 22,328 ----a-w c:\documents and settings\Sale\Application Data\PnkBstrK.sys
2009-03-07 19:18 227,696 ----a-w c:\program files\mozilla firefox\components\AdVComponent.dll
.

------- Sigcheck -------

2004-08-03 23:56 41984 bc3e5d99be313f87f666888d032a3321 c:\windows\system32\userinit.exe
2004-08-03 23:56 24576 39b1ffb03c2296323832acbae50d2aff c:\windows\system32\dllcache\userinit.exe
.
((((((((((((((((((((((((((((( SnapShot@2009-03-10_15.33.11.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-03-10 14:35:43 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_194.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Orb"="c:\program files\Winamp Remote\bin\OrbTray.exe" [2008-04-01 524288]
"msnmsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-08-04 1667584]
"nodenable"="c:\program files\eset\nodenable.exe" [2008-09-23 326823]
"LClock"="c:\program files\LClock\LClock.exe" [2004-09-20 86016]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-02-06 3325952]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-09 13680640]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-09 86016]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-10-24 1451264]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-26 136600]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-01 198160]
"RTHDCPL"="RTHDCPL.EXE" [2009-02-13 c:\windows\RTHDCPL.EXE]
"nwiz"="nwiz.exe" [2009-02-09 c:\windows\system32\nwiz.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=

R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2008-10-24 468224]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-02-26 55152]
R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-02-26 603904]
S2 gupdate1c99a7ca9702fb6;Google Update Service (gupdate1c99a7ca9702fb6);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-01 133104]
S2 RPCER;Remote Procedure Call (HNM);c:\program files\NetMeeting\comp.exe [2007-03-28 12869320]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-02-26 1684736]
S3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2009-03-10 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-11-20 16:28]

2009-03-10 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-01 15:47]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.daemon-search.com/startpage
FF - ProfilePath - c:\documents and settings\Sale.SALE-FF0C9D0584\Application Data\Mozilla\Firefox\Profiles\poqxp0q6.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - BS.Player Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs/
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - component: c:\documents and settings\Sale.SALE-FF0C9D0584\Application Data\Mozilla\Firefox\Profiles\poqxp0q6.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\program files\BS.Player ControlBar\FirefoxDTT\components\BSToolbarFF.dll
FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
FF - component: c:\program files\Mozilla Firefox\components\AdVComponent.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2009-03-10 15:50:16
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(956)
c:\windows\system32\cscui.dll
.
Completion time: 2009-03-10 15:53:23
ComboFix-quarantined-files.txt 2009-03-10 14:53:21
ComboFix2.txt 2009-03-10 14:33:51

Pre-Run: 98,521,325,568 bytes free
Post-Run: 98,457,157,632 bytes free

261 --- E O F --- 2009-03-09 11:46:32

Poslao: 10 Mar 2009 18:56
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Pozdrav...


Prosto si znao da treba ComboFix log, a?
Ja stvarno obožavam kad ljudi prosto znaju šta meni treba. Al' ono, baš to volim.




Arrow Upload-uj file: c:\windows\system32\userinit.exe

preko ovog linka: http://www.mycity.rs/ambulanta-upload.php



Arrow Skini sledeći program na Desktop:

http://amf.mycity.rs/personal/bobby/lil_tool.exe

Pokreni ga i klikni Scan.

Iskopiraj ovde tekst koji će biti prikazan u prozoru programa.

MyCity » Ambulanta -> Arhiva Ambulante » Nema start??

Ko je trenutno na forumu
 

Ukupno su 944 korisnika na forumu :: 16 registrovanih, 3 sakrivenih i 925 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: brundo65, dragoljub11987, goxin, havoc995, ILGromovnik, Insan, JOntra, Koridor, kovac9mm, Krvava Devetka, kybonacci, pein, radionica1, sasa76, wizzardone, šumar bk2