Windows problem

Windows problem

offline
  • Pridružio: 24 Feb 2008
  • Poruke: 4

Logfile of HijackThis v1.99.1
Scan saved at 13:28:20, on 24.02.2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\TrojanHunter 4.7\THGuard.exe
C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\Free Spy Keylogger\FreeSpyKeylogger.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\NetMeter\NetMeter.exe
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Status\Status Script\mirc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\rundll32.exe
E:\New Folder\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.7\THGuard.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [FreeSpyKeylogger.exe] C:\Program Files\Free Spy Keylogger\FreeSpyKeylogger.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [C:\Program Files\NetMeter\NetMeter.exe] C:\Program Files\NetMeter\NetMeter.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{94735B12-6BA8-4077-AEB1-8FBF34CF5246}: NameServer = 62.162.32.5 62.162.32.6
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

A problem je... ?
Nece vise da skuva kafu? Smile

Salim se Smile
Napisi sta te muci, tj. kakav to problem imas.

offline
  • Pridružio: 24 Feb 2008
  • Poruke: 4

Problem je u tome da na HDD mi nestaju Fajlovi i folderi.

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Skini ComboFix sa jedne od sledecih adresa na Desktop:
http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Startuj ga i ne diraj prozor programa dok skenira.
Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

offline
  • Pridružio: 24 Feb 2008
  • Poruke: 4

Evo sta mi daje kad zavrsi sa skeniranjem



ComboFix 08-02-24.4 - Monev 2008-02-24 14:39:07.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.1.1252.1.1033.18.215 [GMT 1:00]
Running from: E:\New Folder\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-01-24 to 2008-02-24 )))))))))))))))))))))))))))))))
.

2008-02-21 13:37 . 2008-02-21 13:37 <DIR> d-------- C:\Program Files\Hewlett-Packard
2008-02-21 13:35 . 2002-11-27 12:30 237,624 -ra------ C:\WINDOWS\system32\HPZidr12.dll
2008-02-21 13:35 . 2002-11-27 12:30 172,032 -ra------ C:\WINDOWS\system32\HPZipr12.dll
2008-02-21 13:35 . 2002-11-27 12:30 94,208 -ra------ C:\WINDOWS\system32\HPZipt12.dll
2008-02-21 13:35 . 2002-11-27 12:30 65,536 -ra------ C:\WINDOWS\system32\HPZipm12.exe
2008-02-21 13:35 . 2002-11-27 12:30 61,440 -ra------ C:\WINDOWS\system32\HPZinw12.exe
2008-02-21 13:35 . 2002-11-27 12:30 57,344 -ra------ C:\WINDOWS\system32\HPZisn12.dll
2008-02-21 13:35 . 2002-11-27 12:30 50,960 -ra------ C:\WINDOWS\system32\drivers\hpzid412.sys
2008-02-21 13:35 . 2002-12-03 03:04 20,639 --------- C:\WINDOWS\hpoins01.dat
2008-02-21 13:35 . 2002-12-03 03:04 16,622 --------- C:\WINDOWS\hpomdl01.dat
2008-02-21 13:35 . 2002-11-27 12:30 16,080 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2008-02-21 13:32 . 2002-11-27 12:30 22,384 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys
2008-02-21 13:31 . 2002-08-29 01:50 24,960 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-02-21 13:31 . 2002-08-29 01:50 24,960 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-02-21 13:30 . 2002-11-27 12:30 561,152 -ra------ C:\WINDOWS\system32\hpotscl.dll
2008-02-21 13:30 . 2002-11-27 12:30 274,432 -ra------ C:\WINDOWS\system32\hpgwiamd.dll
2008-02-21 13:30 . 2002-11-27 12:29 237,568 -ra------ C:\WINDOWS\system32\HPZc3212.dll
2008-02-21 13:30 . 2002-11-27 12:30 94,208 -ra------ C:\WINDOWS\system32\hpovst08.dll
2008-02-21 13:30 . 2002-08-29 01:48 14,208 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-02-21 13:30 . 2002-08-29 01:48 14,208 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-02-21 13:26 . 2002-08-29 01:32 28,160 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-02-21 13:26 . 2002-08-29 01:32 28,160 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-02-17 14:35 . 2008-02-19 12:58 45 --a------ C:\TEST.XML
2008-02-16 22:03 . 2002-08-29 02:01 134,272 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2008-02-16 22:03 . 2002-08-29 02:01 134,272 --a--c--- C:\WINDOWS\system32\dllcache\portcls.sys
2008-02-16 22:03 . 2002-08-29 01:32 57,856 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2008-02-16 22:03 . 2002-08-29 01:32 57,856 --a--c--- C:\WINDOWS\system32\dllcache\drmk.sys
2008-02-16 22:02 . 2000-10-20 11:28 765,952 --a------ C:\WINDOWS\system\crlds3d.dll
2008-02-16 22:02 . 2001-11-23 05:08 712,704 --a------ C:\WINDOWS\system32\Audio3D.dll
2008-02-16 22:02 . 2001-11-23 05:08 712,704 --a------ C:\WINDOWS\system32\a3d.dll
2008-02-16 22:02 . 2002-09-30 13:24 417,999 --a------ C:\WINDOWS\system32\drivers\cmuda.sys
2008-02-16 22:02 . 2002-08-12 12:18 380,928 --a------ C:\WINDOWS\system\cmicnfg.cpl
2008-02-16 22:02 . 2002-09-30 10:02 49,152 --a------ C:\WINDOWS\system32\cmuda.dll
2008-02-16 22:02 . 2002-08-01 06:54 28,672 --a------ C:\WINDOWS\system32\udaprop.dll
2008-02-16 22:01 . 2008-02-16 22:01 <DIR> d-------- C:\Program Files\C-Media 3D Audio
2008-02-16 22:01 . 2000-10-24 17:12 352,256 --------- C:\WINDOWS\system32\ActiveSkin.ocx
2008-02-16 22:01 . 2002-07-01 12:01 212,992 --a------ C:\WINDOWS\CmiRmRedundDir.exe
2008-02-16 22:01 . 2002-10-04 12:20 188,416 --------- C:\WINDOWS\system32\CMIMPEG2V.ax
2008-02-16 22:01 . 2001-11-28 18:35 114,688 --------- C:\WINDOWS\system32\CMIEffect.ax
2008-02-16 22:01 . 2002-07-25 16:57 98,304 --------- C:\WINDOWS\system32\CMIVCDNav.ax
2008-02-16 22:01 . 2002-02-19 15:27 65,536 --------- C:\WINDOWS\system32\CMIEchoFilter.ax
2008-02-16 22:01 . 2002-06-28 16:37 61,440 --------- C:\WINDOWS\system32\CMICDDAFilter.ax
2008-02-16 22:01 . 2002-02-27 17:14 28,672 --------- C:\WINDOWS\CMIRmDriver.dll
2008-02-16 21:59 . 2008-02-16 21:59 76 --a------ C:\BIOSVIEW.INI
2008-02-14 16:45 . 2008-02-14 16:45 <DIR> d-------- C:\Program Files\YouTube Downloader
2008-02-13 14:15 . 2008-02-13 14:15 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-02-13 13:49 . 2008-02-13 20:47 <DIR> d-------- C:\Documents and Settings\Monev\Application Data\AdobeUM
2008-02-13 13:32 . 2003-08-25 18:06 182,880 --a------ C:\WINDOWS\system32\iuenginenew.dll
2008-02-12 23:00 . 2008-02-12 23:00 <DIR> d-------- C:\Program Files\SsWin
2008-02-12 22:40 . 2008-02-12 22:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2008-02-12 17:40 . 2008-02-12 17:40 <DIR> d-------- C:\Program Files\TGTSoft
2008-02-12 15:51 . 2008-02-12 15:51 <DIR> d-------- C:\WINDOWS\Full Speed
2008-02-12 15:51 . 2008-02-12 15:56 <DIR> d-------- C:\Program Files\Full Speed
2008-02-12 12:11 . 2008-02-12 12:11 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-12 12:10 . 2008-02-12 12:34 2,941 --a------ C:\WINDOWS\mozver.dat
2008-02-11 14:17 . 2008-02-13 11:55 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-02-11 14:17 . 2008-02-11 14:17 <DIR> d-------- C:\Program Files\Crawler
2008-02-11 14:17 . 2008-02-11 14:17 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-02-10 12:33 . 2002-08-29 03:41 150,528 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-02-10 12:33 . 2001-08-17 22:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-02-09 18:38 . 2008-02-16 22:02 92 --a------ C:\WINDOWS\CMISETUP.INI
2008-02-09 18:38 . 2008-02-16 22:02 26 --a------ C:\WINDOWS\CMCDPLAY.INI
2008-02-09 18:37 . 2002-10-09 11:12 237,568 --a------ C:\WINDOWS\CMIUninstall.exe
2008-02-09 18:37 . 2008-02-09 18:37 0 --a------ C:\WINDOWS\Wininit.ini
2008-02-09 18:36 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-02-09 13:47 . 2008-02-24 14:27 116 --a------ C:\WINDOWS\NeroDigital.ini
2008-02-09 12:34 . 2008-02-23 17:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NFS Underground
2008-02-09 12:33 . 2008-02-09 12:33 <DIR> d-------- C:\Program Files\Common Files\DirectX
2008-02-08 10:01 . 2002-08-29 01:32 21,760 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-02-07 20:03 . 2008-02-07 20:03 <DIR> d-------- C:\Program Files\MSN Messenger
2008-02-07 19:59 . 2008-02-07 20:41 <DIR> d-------- C:\WINDOWS\SxsCaPendDel
2008-02-07 17:26 . 2008-02-07 17:26 <DIR> d---s---- C:\Documents and Settings\Monev\UserData
2008-02-07 17:25 . 2008-02-07 17:25 <DIR> d-------- C:\Program Files\Status
2008-02-07 17:20 . 2008-02-07 17:21 <DIR> d-------- C:\Program Files\Ares
2008-02-07 17:18 . 2008-02-07 17:19 <DIR> d-------- C:\Documents and Settings\Monev\Contacts
2008-02-07 17:15 . 2008-02-07 17:15 268 --ah----- C:\sqmdata00.sqm
2008-02-07 17:15 . 2008-02-07 17:15 244 --ah----- C:\sqmnoopt00.sqm
2008-02-07 17:14 . 2008-02-07 17:14 138,752 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-02-07 17:09 . 2008-02-13 11:55 <DIR> d-------- C:\Documents and Settings\Monev\Application Data\Spyware Terminator
2008-02-07 13:49 . 2008-02-07 13:49 <DIR> d-------- C:\Documents and Settings\Monev\Application Data\CyberLink
2008-02-07 13:48 . 2008-02-07 13:48 <DIR> d-------- C:\Documents and Settings\Monev\Application Data\TrojanHunter
2008-02-07 13:45 . 2008-02-07 13:45 <DIR> d-------- C:\Program Files\Windows Live Toolbar
2008-02-07 13:45 . 2008-02-07 13:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-02-07 13:44 . 2008-02-07 13:44 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-02-07 13:41 . 2008-02-07 13:41 <DIR> d-------- C:\Program Files\Skype
2008-02-07 13:41 . 2008-02-07 13:41 <DIR> d-------- C:\Program Files\Google
2008-02-07 13:41 . 2008-02-07 13:41 <DIR> d-------- C:\Program Files\Common Files\Skype
2008-02-07 13:41 . 2008-02-24 14:23 <DIR> d-------- C:\Documents and Settings\Monev\Application Data\Skype
2008-02-07 13:41 . 2008-02-07 13:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-02-07 13:26 . 2008-02-07 13:48 <DIR> d-------- C:\Program Files\TrojanHunter 4.7
2008-02-07 13:24 . 2008-02-07 13:29 <DIR> d-------- C:\Program Files\NetMeter
2008-02-07 13:22 . 2003-06-18 17:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2008-02-07 13:22 . 2008-02-07 13:22 376 --a------ C:\WINDOWS\ODBC.INI
2008-02-07 13:19 . 2008-02-07 13:19 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-02-07 13:19 . 2008-02-07 13:19 <DIR> d-------- C:\Program Files\Common Files\L&H
2008-02-07 13:18 . 2008-02-07 13:18 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2008-02-07 13:17 . 2008-02-07 13:17 <DIR> d-------- C:\Program Files\Microsoft Works
2008-02-07 13:16 . 2008-02-07 13:18 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-02-07 13:02 . 2008-02-07 13:01 502,368 --a------ C:\WINDOWS\system32\drivers\amon.sys
2008-02-07 13:02 . 2008-02-07 13:01 274,432 --a------ C:\WINDOWS\system32\imon.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-06 22:12 558,142 ----a-w C:\WINDOWS\java\Packages\4UVLV131.ZIP
2008-02-06 22:12 155,995 ----a-w C:\WINDOWS\java\Packages\K41JFFXR.ZIP
2008-02-06 22:12 --------- d-----w C:\Program Files\microsoft frontpage
2001-11-23 04:08 712,704 ----a-w C:\WINDOWS\inf\OTHER\AUDIO3D.DLL
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-08-29 04:41 13312]
"C:\Program Files\NetMeter\NetMeter.exe"="C:\Program Files\NetMeter\NetMeter.exe" [2007-08-11 15:50 331264]
"STYLEXP"="C:\Program Files\TGTSoft\StyleXP\StyleXP.exe" [2005-08-18 14:15 1359872]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54 5674352]
"ares"="C:\Program Files\Ares\Ares.exe" [2007-11-23 17:18 962560]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2004-11-22 08:18 307200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2002-09-27 07:44 47104 C:\WINDOWS\SOUNDMAN.EXE]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2006-10-22 12:22 7700480]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2006-10-22 12:22 86016]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-02-07 13:01 921600]
"THGuard"="C:\Program Files\TrojanHunter 4.7\THGuard.exe" [2011-06-26 23:07 523264]
"SpywareTerminator"="C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-02-07 17:13 2834432]
"Cmaudio"="cmicnfg.cpl" []
"FreeSpyKeylogger.exe"="C:\Program Files\Free Spy Keylogger\FreeSpyKeylogger.exe" [2006-03-20 11:10 224768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-08-29 04:41 13312]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-04-11 11:10:00 394856]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
--a------ 2007-11-23 17:18 962560 C:\Program Files\Ares\Ares.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-01-19 12:54 5674352 C:\Program Files\MSN Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2006-10-22 12:22 1622016 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-02-07 12:28 98304 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2004-11-02 20:24 32768 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a------ 2008-02-07 12:59 151597 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2003-12-13 01:50 33792 C:\Program Files\Winamp\winampa.exe

R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2008-02-07 17:14]
R2 BT848;BtCap, WDM Video Capture;C:\WINDOWS\System32\drivers\BT848.sys [2003-06-26 04:56]
R2 BTTUNER;MPEG.TV, WDM TvTuner;C:\WINDOWS\System32\drivers\BTTUNER.sys [2003-06-26 04:56]
R2 BTXBAR;MPEG.TV, WDM Crossbar;C:\WINDOWS\System32\drivers\BTXBAR.sys [2003-06-26 04:56]

.
Contents of the 'Scheduled Tasks' folder
"2008-02-24 13:24:00 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2008-02-24 14:40:49
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C:\\Program Files\\NetMeter\\NetMeter.exe"="C:\\Program Files\\NetMeter\\NetMeter.exe"
.
Completion time: 2008-02-24 14:41:47

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

C:\Program Files\Free Spy Keylogger\ - jel ovaj keylogger namerno instaliran?

Kazi mi kakvi ti to fajlovi nestaju s kompa? U logovima ne nalazim nista cudno.

offline
  • Pridružio: 24 Feb 2008
  • Poruke: 4

Free Spy Keylogger - je instaliran sa moje strane.

A fajlovi koji nestaju su uglavnom muzika i neki mali privremeni programi koje instaliram po potrebi pa ih obrisem. Ako nema nista sta nije uredu OK.


I jos hteo sam da pitam posto moj komp ima SP1 i kad snimim nov Windows sa SP2 on nece da pokrene sistem uopste, nego kad zavrsi sa instalacijom dodje do WELKOME i onda mi se pojavi crni ekran. Dali znate zasto se to pojavljuje?

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Hajde da odradimo jedan online scan:
http://www.bitdefender.com/scan8/ie.html <-- moras link otvoriti u Internet Exploreru.

Kada zavrsi skeniranje potrazi opciju da snimis log, pa nam taj log posle ovde uploaduj preko opcije Prikaci fajl ili ga kopiraj direktno u poruku ukoliko nije velik.

Sto se tice SP2 i to sto nece da zavrsi instalaciju - to se najcesce desava zato sto nema drajver za neki hardware koji ti posedujes.
Probaj cupanjem svih kartica koje ti nisu potrebne u toku instalacije, kao i svih spoljnih uredjaja (USB stampac, skener, USB modem itd.)
Ja sam bio baksuz da kod mene nije hteo zbog graficke da zavrsi instalaciju, a jednom sam kod drugarice imao problem zbog USB Dial-up modema.

Ko je trenutno na forumu
 

Ukupno su 979 korisnika na forumu :: 66 registrovanih, 10 sakrivenih i 903 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: -[CoA]-, A.R.Chafee.Jr., Batinas, Ben Roj, Bokkie, branko7, Bubimir, Buda Baba, bufanje, CallMeIshmael, Chainsaw, darkangel, Dejan84, Denaya, dok80, DonRumataEstorski, Ehinacea, Griffon vulture, hurmiza, ivica976, JOntra, kalens021, Konda, Kriglord, krlebgd77, kunktator, kuntalo, kybonacci, Lieutenant, ljuba, Lošmi, messerschmitt, mihajlot2013, mile23, Mimikrija, misa1xx, Mixelotti, Mlav, nenad81, Neutral-M, nobutado, Panter, proka89, proleter373, radoznao, raptorsi, raskoljnikov, rikirubio, rkekoke, RobinHood12, Rocker, rodoljub, Rogan33, segax1, slonic_tonic, Srle993, stagezin, Stuka76, Tas011, Tenk, theNedjeljko, Van, Visionary, VladaNS1978, zillbg, Zmaj Ognjeni Vuk