Forumi


Povratak   PC Ekspert Forum > Računala > Gaming
Osvježi stranicu Buffer overrun- problem s MArc Eckos Getting Up
Ime
Lozinka

Odgovori
 
Uređivanje
Staro 15.02.2009., 10:42   #1
georgy
Premium
 
georgy's Avatar
 
Datum registracije: Sep 2008
Lokacija: Zagreb
Postovi: 408
Buffer overrun- problem s Marc Eckos Getting Up
Instalirao sam (bez ikakvih problema) igru iz naslova i kada je pokrenem piše sljedeće:

A kompjuter je dovoljno jak- već sam igrao istu igru prije na svom kompjuteru (u međuvremenu sam instalirao koji put Windowse).
I ovo je već druga verzija igre koju sam probao.

Gledao sam po internetu- ali nisam ništa korisno našao.
Da, imam Windows XP SP2- isto kao i što sam imao kada sam prije pokretao igru (sad sam još ubacio 1gb RAM- a).

Zadnje izmijenjeno od: georgy. 15.02.2009. u 19:08.
georgy je offline   Reply With Quote
Staro 15.02.2009., 11:43   #2
demetrius
Premium
Moj komp
 
demetrius's Avatar
 
Datum registracije: Jan 2005
Lokacija: rijeka
Postovi: 3,848
mhmh,googlaj bolje

http://forums.techguy.org/malware-re...-detected.html

ovo im je rješilo ali neki program,ne igru,miožda tvoj i neće,taj error s visrusima ili trojanima povezuju.ne znam.

dodaj konfiguraciju u moj komp.
demetrius je offline   Reply With Quote
Oglasni prostor
Oglas
 
Oglas
Staro 15.02.2009., 12:17   #3
georgy
Premium
 
georgy's Avatar
 
Datum registracije: Sep 2008
Lokacija: Zagreb
Postovi: 408
Aha
Ok, dodao sam konfiguraciju u moj komp i pročitao sam ono na linku.
Ali, piše da su ta rješenja specifična samo za onog tipa koji je tamo postao pitanje.
Evo, ako bi netko tako mogao i meni pomoći, HijackThis log:
Citiraj:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:13:23, on 15.2.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Trust\Trust R-Series Mouse\KMConfig.exe
C:\Program Files\Trust\Trust R-Series Mouse\KMProcess.exe
C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Avira Premium Security Suite MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 5610 bytes
Sad ću staviti i combofix log.

Citiraj:
ComboFix 09-02-14.01 - Administrator 2009-02-15 12:25:44.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1791.1329 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: Avira Premium Security Suite *On-access scanning disabled* (Outdated)
FW: Avira Firewall *disabled*
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\~INSX362.EXE

.
((((((((((((((((((((((((( Files Created from 2009-01-15 to 2009-02-15 )))))))))))))))))))))))))))))))
.

2009-02-15 12:13 . 2009-02-15 12:13 d-------- c:\program files\Trend Micro
2009-02-15 10:50 . 2009-02-15 10:50 d-------- c:\documents and settings\Administrator\Application Data\Avira
2009-02-15 10:32 . 2009-02-15 10:32 d-------- c:\program files\Avira
2009-02-15 10:32 . 2008-05-07 14:20 71,592 --a------ c:\windows\system32\drivers\avfwot.sys
2009-02-15 10:32 . 2008-05-07 10:51 71,464 --a------ c:\windows\system32\drivers\avfwim.sys
2009-02-14 23:24 . 2009-02-14 23:24 d-------- c:\documents and settings\Administrator\Application Data\ATI
2009-02-14 23:22 . 2006-05-03 11:57 520,192 --------- c:\windows\system32\ati2sgag.exe
2009-02-14 23:21 . 2009-02-14 23:22 d-------- c:\program files\ATI Technologies
2009-02-14 23:20 . 2009-02-14 23:20 d-------- C:\ATI
2009-02-14 22:57 . 2009-02-14 22:57 d-------- c:\program files\Atari
2009-02-14 22:57 . 2009-02-14 22:57 d-------- c:\documents and settings\Administrator\Application Data\DAEMON Tools Pro
2009-02-14 22:57 . 2009-02-14 22:57 d-------- c:\documents and settings\Administrator\Application Data\DAEMON Tools
2009-02-14 22:55 . 2009-02-14 22:55 d-------- c:\program files\DAEMON Tools Lite
2009-02-14 22:55 . 2009-02-14 22:55 d-------- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-02-14 22:53 . 2009-02-14 22:57 d-------- c:\documents and settings\Administrator\Application Data\DAEMON Tools Lite
2009-02-14 22:53 . 2009-02-14 22:53 717,296 --a------ c:\windows\system32\drivers\sptd.sys
2009-02-14 22:48 . 2009-02-14 22:50 d-------- c:\program files\MagicISO
2009-02-14 17:25 . 2009-02-14 17:26 d-------- c:\program files\SystemRequirementsLab
2009-02-14 17:25 . 2009-02-14 17:25 d-------- c:\documents and settings\Administrator\Application Data\SystemRequirementsLab
2009-02-13 18:49 . 2004-08-04 00:56 21,504 --a------ c:\windows\system32\hidserv.dll
2009-02-13 18:49 . 2004-08-04 00:56 21,504 --a--c--- c:\windows\system32\dllcache\hidserv.dll
2009-02-13 18:49 . 2007-03-29 15:00 17,024 --a------ c:\windows\system32\drivers\KMWDFilter.SYS
2009-02-13 18:49 . 2001-08-17 13:48 12,160 --a------ c:\windows\system32\drivers\mouhid.sys
2009-02-13 18:49 . 2001-08-17 13:48 12,160 --a--c--- c:\windows\system32\dllcache\mouhid.sys
2009-02-13 18:49 . 2001-08-17 14:02 9,600 --a------ c:\windows\system32\drivers\hidusb.sys
2009-02-13 18:49 . 2001-08-17 14:02 9,600 --a--c--- c:\windows\system32\dllcache\hidusb.sys
2009-02-13 18:47 . 2009-02-13 18:47 d-------- c:\program files\Trust
2009-02-10 15:53 . 2009-02-10 15:53 d-------- c:\documents and settings\Administrator\Application Data\teamspeak2
2009-02-10 15:49 . 2009-02-10 15:53 d-------- c:\program files\Teamspeak2_RC2
2009-02-10 15:49 . 2009-02-10 15:49 34,064 --a------ c:\windows\system32\lhacm.acm
2009-02-10 15:42 . 2009-02-15 10:46 d-------- c:\documents and settings\Administrator\Application Data\skypePM
2009-02-10 15:42 . 2009-02-10 15:42 56 --ah----- c:\windows\system32\ezsidmv.dat
2009-02-10 15:41 . 2009-02-15 11:46 d-------- c:\documents and settings\Administrator\Application Data\Skype
2009-02-10 15:40 . 2009-02-10 15:40 dr------- c:\program files\Skype
2009-02-10 15:40 . 2009-02-10 15:40 d-------- c:\program files\Common Files\Skype
2009-02-10 15:40 . 2009-02-10 15:40 d-------- c:\documents and settings\All Users\Application Data\Skype
2009-02-10 15:03 . 2009-02-10 15:03 d-------- c:\documents and settings\Administrator\Application Data\DivX
2009-02-09 22:21 . 2009-02-09 22:21 d-------- c:\documents and settings\Administrator\Application Data\Ahead
2009-02-09 21:29 . 2009-02-09 21:29 d-------- c:\program files\uTorrent
2009-02-09 21:29 . 2009-02-14 23:21 d-------- c:\documents and settings\Administrator\Application Data\uTorrent
2009-02-09 20:07 . 2009-02-09 20:07 d-------- C:\Dev-Cpp
2009-02-09 20:00 . 2009-02-09 20:33 d-------- c:\documents and settings\Administrator\Application Data\Dev-Cpp
2009-02-09 19:26 . 2009-02-09 19:27 d-------- C:\Bc31
2009-02-09 18:00 . 2009-02-11 17:58 62 --a------ c:\windows\tcw.ini
2009-02-09 17:54 . 2009-02-09 17:55 d-------- c:\documents and settings\Administrator\Application Data\Canon
2009-02-09 17:43 . 2009-02-09 17:43 7,680 --a------ c:\windows\~INSX462.EXE
2009-02-09 17:43 . 2009-02-09 17:43 0 --a------ c:\windows\INSTALL.INS
2009-02-09 16:26 . 2004-08-03 23:08 26,496 --a--c--- c:\windows\system32\dllcache\usbstor.sys
2009-02-08 20:59 . 2009-02-08 20:59 293 --a------ c:\windows\game.ini
2009-02-08 18:39 . 2004-08-03 22:58 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
2009-02-08 18:39 . 2004-08-03 22:58 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys
2009-02-08 18:38 . 2009-02-08 18:38 d--h----- c:\windows\system32\CanonIJ Uninstaller Information
2009-02-08 18:38 . 2009-02-08 18:38 d--h----- c:\program files\CanonBJ
2009-02-08 18:38 . 2009-02-08 18:38 d--h----- c:\documents and settings\All Users\Application Data\CanonBJ
2009-02-08 18:38 . 2007-03-23 08:30 1,400,832 --a------ c:\windows\system32\CNC210C.DLL
2009-02-08 18:38 . 2007-03-18 21:00 215,040 --a------ c:\windows\system32\CNMLM8S.DLL
2009-02-08 18:38 . 2007-03-19 02:16 200,704 --a------ c:\windows\system32\CNC210L.DLL
2009-02-08 18:38 . 2007-03-15 06:12 188,416 --a------ c:\windows\system32\CNC210O.DLL
2009-02-08 18:38 . 2007-03-23 08:29 98,304 --a------ c:\windows\system32\CNC210I.DLL
2009-02-08 18:37 . 2009-02-08 18:40 d-------- c:\program files\Canon
2009-02-08 18:27 . 2009-02-15 11:09 188,848 --a------ c:\windows\system32\PnkBstrB.exe
2009-02-08 18:27 . 2009-02-15 11:09 138,064 --a------ c:\windows\system32\drivers\PnkBstrK.sys
2009-02-08 18:26 . 2009-02-08 18:26 70,968 --a------ c:\windows\system32\PnkBstrA.exe
2009-02-08 18:20 . 2009-02-08 18:20 d-------- c:\windows\Sun
2009-02-08 18:16 . 2009-02-08 18:16 d-------- c:\documents and settings\Administrator\Contacts
2009-02-08 18:06 . 2009-02-15 11:32 d-------- c:\documents and settings\Administrator\Application Data\Xfire
2009-02-08 17:57 . 2004-08-03 23:08 25,600 --a------ c:\windows\system32\drivers\usbser.sys
2009-02-08 17:57 . 2004-08-03 23:08 25,600 --a--c--- c:\windows\system32\dllcache\usbser.sys
2009-02-08 17:56 . 2008-03-21 13:57 14,640 --------- c:\windows\system32\spmsgXP_2k3.dll
2009-02-08 17:56 . 2009-02-08 17:56 0 --ah----- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-02-08 17:56 . 2009-02-08 17:56 0 --ah----- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-02-08 17:55 . 2009-02-08 17:55 d-------- c:\program files\DIFX
2009-02-08 17:55 . 2009-02-08 17:55 d-------- c:\program files\Common Files\PCSuite
2009-02-08 17:55 . 2009-02-08 17:55 d-------- c:\program files\Common Files\Nokia
2009-02-08 17:55 . 2009-02-08 17:57 d-------- c:\documents and settings\All Users\Application Data\PC Suite
2009-02-08 17:55 . 2009-02-08 17:57 d-------- c:\documents and settings\Administrator\Application Data\PC Suite
2009-02-08 17:55 . 2009-02-08 17:57 d-------- c:\documents and settings\Administrator\Application Data\Nokia
2009-02-08 17:54 . 2009-02-08 17:54 d-------- c:\program files\PC Connectivity Solution
2009-02-08 17:54 . 2009-02-08 17:55 d-------- c:\program files\Nokia
2009-02-08 17:54 . 2008-09-15 07:29 1,112,288 --a------ c:\windows\system32\wdfcoinstaller01007.dll
2009-02-08 17:54 . 2008-09-15 07:56 659,968 --a------ c:\windows\system32\nmwcdcocls.dll
2009-02-08 17:54 . 2008-09-15 07:56 91,136 --a------ c:\windows\system32\nmwcdcls.dll
2009-02-08 17:54 . 2008-09-15 07:56 22,016 --a------ c:\windows\system32\drivers\ccdcmbo.sys
2009-02-08 17:54 . 2008-08-26 09:26 18,816 --a------ c:\windows\system32\drivers\pccsmcfd.sys
2009-02-08 17:54 . 2008-09-15 07:56 17,664 --a------ c:\windows\system32\drivers\ccdcmb.sys
2009-02-08 17:54 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerfltj.sys
2009-02-08 17:54 . 2008-09-15 07:56 8,064 --a------ c:\windows\system32\drivers\usbser_lowerflt.sys
2009-02-08 17:53 . 2009-02-08 17:53 d-------- c:\documents and settings\All Users\Application Data\Installations
2009-02-08 17:38 . 2009-02-14 23:23 d-------- c:\documents and settings\Administrator
2009-02-08 17:22 . 2004-08-03 23:56 221,184 --a------ c:\windows\system32\wmpns.dll
2009-02-08 17:21 . 2009-02-08 17:22 d-------- c:\program files\VIA
2009-02-08 17:13 . 2006-10-09 12:58 203,648 --a------ c:\windows\system32\drivers\vinyl97.sys
2009-02-08 17:01 . 2009-02-14 23:21 d--h----- c:\program files\InstallShield Installation Information
2009-02-08 16:52 . 2009-02-08 16:52 0 --a------ c:\windows\nsreg.dat
2009-02-08 16:49 . 2009-02-08 20:52 d-------- c:\program files\Activision
2009-02-08 16:44 . 2009-02-14 23:20 d-------- c:\program files\Common Files\InstallShield
2009-02-08 16:43 . 2009-02-08 16:43 d--hs---- c:\windows\ftpcache
2009-02-08 16:42 . 2009-02-12 14:41 d-------- c:\program files\Xfire
2009-02-08 16:42 . 2009-02-08 16:42 d-------- c:\documents and settings\Admin\Application Data\Xfire
2009-02-08 16:36 . 2009-02-08 16:36 268 --ah----- C:\sqmdata03.sqm
2009-02-08 16:36 . 2009-02-08 16:36 244 --ah----- C:\sqmnoopt03.sqm
2009-02-08 16:05 . 2009-02-08 16:05 d-------- c:\program files\NeroPortable
2009-02-08 16:05 . 2009-02-08 16:05 d-------- c:\documents and settings\Admin\Application Data\Ahead
2009-02-08 16:05 . 2003-03-18 22:14 499,712 --a------ c:\windows\system32\msvcp71.dll
2009-02-08 15:33 . 2009-02-08 15:33 268 --ah----- C:\sqmdata02.sqm
2009-02-08 15:33 . 2009-02-08 15:33 244 --ah----- C:\sqmnoopt02.sqm
2009-02-08 13:22 . 2009-02-08 13:22 d-------- c:\program files\Common Files\Adobe AIR
2009-02-08 13:21 . 2009-02-08 13:22 d-------- c:\program files\Common Files\Adobe
2009-02-08 13:14 . 2009-02-08 13:14 d-------- c:\program files\7-Zip
2009-02-08 13:11 . 2009-02-08 13:10 410,984 --a------ c:\windows\system32\deploytk.dll
2009-02-08 13:11 . 2009-02-08 13:10 73,728 --a------ c:\windows\system32\javacpl.cpl
2009-02-08 13:06 . 2009-02-08 13:06 d-------- c:\program files\IrfanView
2009-02-08 13:04 . 2009-02-08 13:04 268 --ah----- C:\sqmdata01.sqm
2009-02-08 13:04 . 2009-02-08 13:04 244 --ah----- C:\sqmnoopt01.sqm
2009-02-08 12:42 . 2006-10-01 04:00 17,920 --a------ c:\windows\system32\mdimon.dll
2009-02-08 12:42 . 2009-02-08 18:41 376 --a------ c:\windows\ODBC.INI
2009-02-08 12:40 . 2009-02-08 12:40 d-------- c:\program files\Common Files\L&H
2009-02-08 12:39 . 2009-02-08 12:39 d-------- c:\program files\Microsoft ActiveSync
2009-02-08 12:37 . 2009-02-08 12:37 d-------- c:\program files\Microsoft Works
2009-02-08 12:35 . 2009-02-08 12:39 d-------- c:\windows\SHELLNEW
2009-02-08 12:33 . 2009-02-08 12:33 d-------- c:\program files\K-Lite Codec Pack
2009-02-08 12:26 . 2009-02-08 13:10 d-------- c:\program files\Java
2009-02-08 12:26 . 2009-02-08 12:26 d-------- c:\program files\Common Files\Java
2009-02-08 12:25 . 2009-02-08 12:25 d-------- c:\program files\Microsoft.NET
2009-02-08 12:24 . 2006-09-12 11:46 227,328 -r-hs---- c:\windows\system32\ac3DX.ax

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-08 10:52 --------- d-----w c:\program files\microsoft frontpage
2009-02-05 20:50 42,320 ----a-w c:\windows\system32\xfcodec.dll
2008-12-28 22:48 2,330,643 ----a-w c:\windows\system32\x264vfw.dll
2008-12-11 00:33 86,016 ----a-w c:\windows\system32\dpl100.dll
2008-12-08 11:53 57,344 ----a-w c:\windows\system32\ff_vfw.dll
2008-12-07 18:08 795,648 ----a-w c:\windows\system32\xvidcore.dll
2008-12-07 18:08 130,048 ----a-w c:\windows\system32\xvidvfw.dll
2006-05-03 09:06 163,328 --sh--r c:\windows\system32\flvDX.dll
2007-02-21 10:47 31,232 --sh--r c:\windows\system32\msfDX.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AudioDeck"="c:\program files\VIA\VIAudioi\SBADeck\ADeck.exe" [2006-11-02 528384]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"KMCONFIG"="c:\program files\Trust\Trust R-Series Mouse\StartAutorun.exe" [2007-03-06 212992]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"avgnt"="c:\program files\Avira\Avira Premium Security Suite\avgnt.exe" [2008-06-12 266497]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3fhg"= mp3fhg.acm
"msacm.divxa32"= divxa32.acm
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
"VIDC.XFR1"= xfcodec.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-06-12 02:38 34672 c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-12-29 11:40 687560 c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 17:24 1694208 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2009-02-08 13:10 136600 c:\program files\Java\jre6\bin\jusched.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 avfwot;avfwot;c:\windows\system32\drivers\avfwot.sys [2009-02-15 71592]
R2 AntiVirFirewallService;Avira Premium Security Suite Firewall;c:\program files\Avira\Avira Premium Security Suite\avfwsvc.exe [2009-02-15 344321]
R2 AntiVirMailService;Avira Premium Security Suite MailGuard;c:\program files\Avira\Avira Premium Security Suite\avmailc.exe [2009-02-15 164097]
R2 antivirwebservice;Avira Premium Security Suite WebGuard;c:\program files\Avira\Avira Premium Security Suite\avwebgrd.exe [2009-02-15 258305]
R2 AVEService;Avira Premium Security Suite MailGuard helper service;c:\program files\Avira\Avira Premium Security Suite\avesvc.exe [2009-02-15 41217]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Trust\Trust R-Series Mouse\KMWDSrv.exe [2007-06-09 208896]
R3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\drivers\avfwim.sys [2009-02-15 71464]
S3 usnjsvc;Usluga Messenger Sharing Folders USN Journal Reader;c:\program files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: avsda.dll
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\odrre4kd.default\
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Java\jre1.5.0_13\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_13\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_13\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_13\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_13\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_13\bin\NPJPI150_13.dll
FF - plugin: c:\program files\Java\jre1.5.0_13\bin\NPOJI610.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-15 12:27:10
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
AudioDeck = c:\program files\VIA\VIAudioi\SBADeck\ADeck.exe 1????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(768)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(824)
c:\windows\system32\avsda.dll
.
Completion time: 2009-02-15 12:28:40
ComboFix-quarantined-files.txt 2009-02-15 11:28:36

Pre-Run: 37.664.481.280 bytes free
Post-Run: 37,746,511,872 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

245 --- E O F --- 2009-02-11 13:39:15
Analizirao (na onoj njihovoj stranici) sam HijackThis log i sve je u redu.
Zadnje izmijenjeno od: georgy. 15.02.2009. u 12:30.
georgy je offline   Reply With Quote
Staro 19.02.2009., 10:26   #4
georgy
Premium
 
georgy's Avatar
 
Datum registracije: Sep 2008
Lokacija: Zagreb
Postovi: 408
Riješio sam sam.
Samo sam počistio s Ccleanerom.
Može lock.
georgy je offline   Reply With Quote
Oglasni prostor
Oglas
 
Oglas
Odgovori

« Prethodna tema | Sljedeća tema »


Pravila postanja
Vi ne možete otvarati nove teme
Vi ne možete pisati odgovore
Vi ne možete uploadati priloge
Vi ne možete uređivati svoje poruke
BB code je Uključeno
Smajlići su Uključeno
[IMG] kod je Uključeno
HTML je Uključeno
Idi na



© 1999-2024 PC Ekspert - Sva prava pridržana ISSN 1334-2940
Ad Management by RedTyger
Powered by vBulletin®
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.