MyCity » Ambulanta -> Arhiva Ambulante » ZA: TrueVestor security - sam se isključuje

ZA: TrueVestor security - sam se isključuje

Napisano na dan: 2.6.2007

ZA: TrueVestor security - sam se isključuje

Sledeća strana

Pagination

Odgovori

Dusan Poslao: 02 Jun 2007 17:48 Idi na vrh
offline Dusan SuperModerator Supermoderator opštih foruma Pridružio: 26 Jul 2006 Poruke: 11118	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: marko antonije po savetu... ovako (otprilike) to izgleda, nisam snimio pre restarta... https://www.mycity.rs/must-login.png ... evo loga -------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 17:37:45, on 2.6.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe C:\WINDOWS\NCLAUNCH.EXe C:\Program Files\Gigabyte\Gigabyte GN-WP01GS Wireless PCI Adapter SoftAP\Installer\WINXP\RaConfig61.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Documents and Settings\Administrator\Desktop\th2\th 3.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {6A87B991-A31F-4130-AE72-6D0C294BF082} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Common Files\Justdo\Jd2002.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: GN-WP01GS Utility.lnk = C:\Program Files\Gigabyte\Gigabyte GN-WP01GS Wireless PCI Adapter SoftAP\Installer\WINXP\RaConfig61.exe O8 - Extra context menu item: Compare Prices with &Dealio - C:\Program Files\Dealio\kb103\res\DealioSearch.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Preuzmi odabrano Free Download Manager-om - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Preuzmi sa Free Download Managerom - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Preuzmi sve sa Free Download Manager-om - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Common Files\Justdo\IECatcher.DLL/FlashCatcher.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra 'Tools' menuitem: Xstream Radio - {7A0815F1-6B65-4e3a-B198-709807B4042A} - C:\Program Files\XstreamRadio 3.02\RadioHelper.dll O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Common Files\Justdo\IECatcher.DLL O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Common Files\Justdo\IECatcher.DLL O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {E908B145-C847-4e85-B315-07E2E70DECF8} - (no file) O14 - IERESET.INF: START_PAGE_URL=www.google.com O16 - DPF: {5D69485C-EAB1-42AE-93C1-B5A53F238C5A} (FileInterface Class) - https://www.raiffeisenbank.rs/online/RetailDLL/FSINT.dll O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5F3861AF-7FA4-475A-8233-ECF91BE13F1F}: NameServer = 213.244.220.2 213.244.220.10 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -------------------------------

Profil

marko antonije Poslao: 02 Jun 2007 21:33 Idi na vrh
offline marko antonije Ugledni građanin Pridružio: 09 Jan 2006 Poruke: 317	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Dusane moracemo malo dublje da pretrazujemo, a zato nam je potrebno da skeniras komp sa GMER-om i postavis nam log da proverimo da nema nekih rootkitova... Uradi sledeće: Preuzmi fajl gmer.zip sa ovog linka i sačuvaj na Desktop-u. Raspakuj ga u neki folder. Dupli klik na gmer.exe za početak: Izaberi Rootkit Tab na vrhu. Klikni na Scan. Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati to u Clipboard. Iskoristi opciju Paste u Notepad-u da bi to prebacio u tekst. Snimi taj tekst iz Notepada kao file1.txt. Ponovi ovo isto sa Autostart Tab-om. Snimi taj tekst iz Notepada kao file2.txt. Iskopiraj nam ovde sadrzaj ta dva fajla koja smo malopre snimili

Profil

Dusan Poslao: 02 Jun 2007 22:06 Idi na vrh
offline Dusan SuperModerator Supermoderator opštih foruma Pridružio: 26 Jul 2006 Poruke: 11118	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! GMER 1.0.12.12244 - http://www.gmer.net Rootkit scan 2007-06-02 22:01:21 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.12 ---- SSDT \SystemRoot\System32\vsdatant.sys ZwConnectPort SSDT \SystemRoot\System32\vsdatant.sys ZwCreateFile SSDT \SystemRoot\System32\vsdatant.sys ZwCreateKey SSDT \SystemRoot\System32\vsdatant.sys ZwCreatePort SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcess SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcessEx SSDT \SystemRoot\System32\vsdatant.sys ZwCreateSection SSDT \SystemRoot\System32\vsdatant.sys ZwCreateWaitablePort SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteFile SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteKey SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteValueKey SSDT \SystemRoot\System32\vsdatant.sys ZwDuplicateObject SSDT \SystemRoot\System32\vsdatant.sys ZwLoadDriver SSDT \SystemRoot\System32\vsdatant.sys ZwLoadKey SSDT \SystemRoot\System32\vsdatant.sys ZwMapViewOfSection SSDT \SystemRoot\System32\vsdatant.sys ZwOpenFile SSDT \SystemRoot\System32\vsdatant.sys ZwOpenProcess SSDT \SystemRoot\System32\vsdatant.sys ZwOpenThread SSDT \SystemRoot\System32\vsdatant.sys ZwReplaceKey SSDT \SystemRoot\System32\vsdatant.sys ZwRequestWaitReplyPort SSDT \SystemRoot\System32\vsdatant.sys ZwRestoreKey SSDT \SystemRoot\System32\vsdatant.sys ZwSecureConnectPort SSDT \SystemRoot\System32\vsdatant.sys ZwSetInformationFile SSDT \SystemRoot\System32\vsdatant.sys ZwSetSystemInformation SSDT \SystemRoot\System32\vsdatant.sys ZwSetValueKey SSDT \SystemRoot\System32\vsdatant.sys ZwTerminateProcess SSDT \SystemRoot\System32\vsdatant.sys ZwUnloadDriver INT 0x20 srescan.sys F75EEA00 ---- Kernel code sections - GMER 1.0.12 ---- .text ntoskrnl.exe!_abnormal_termination + 107 804E2DD8 12 Bytes [ F0, 21, BF, F5, 80, 84, BF, ... ] ? srescan.sys The system cannot find the file specified. ? C:\WINDOWS\system32\DRIVERS\update.sys .text ntoskrnl.exe!_abnormal_termination + 107 804E2DD8 12 Bytes [ F0, 21, BF, F5, 80, 84, BF, ... ] ---- Devices - GMER 1.0.12 ---- Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLOSE [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DEVICE_CONTROL [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_INTERNAL_DEVICE_CONTROL [F5C038A0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLEANUP [F5C038A0] vsdatant.sys ---- Registry - GMER 1.0.12 ---- Reg \Registry\MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0002\Settings@GCORULE_ENABLERMXFILTE? Reg \Registry\MACHINE\SYSTEM\ControlSet002\Control\DeviceClasses\{65e8773d-8f56-11d0-a3b9-00a0c9223196}\##?#USB#VID_0C45&PID_61@DeviceInstance USB\Vid_0c45&Pid_6009\5&15573bc6&0&2 Reg \Registry\MACHINE\SYSTEM\ControlSet002\Control\DeviceClasses\{65e8773d-8f56-11d0-a3b9-00a0c9223196}\##?#USB#VID_0C45&PID_61 Reg \Registry\MACHINE\SYSTEM\ControlSet002\Control\DeviceClasses\{65e8773d-8f56-11d0-a3b9-00a0c9223196}\##?#USB#VID_0C45&PID_61@DeviceInstance USB\Vid_0c45&Pid_6009\5&15573bc6&0&2 Reg \Registry\MACHINE\SYSTEM\ControlSet002\Enum\IDE\DiskMaxtor_6K040L0__________________________NAR61HA0\314b5632324b4736202020202020202020202020@Compatg?leIDs GenDisk? Reg \Registry\MACHINE\SYSTEM\ControlSet002\Enum\IDE\DiskMaxtor_6K040L0__________________________NAR61HA0\314b5632324b4736202020202020202020202020@Compatg?leIDs GenDisk? Reg \Registry\MACHINE\SYSTEM\ControlSet002\Enum\IDE\DiskMaxtor_6K040L0__________________________NAR61HA0\314b5632324b4736202020202020202020202020@Compatg?leIDs GenDisk? Reg \Registry\MACHINE\SYSTEM\ControlSet002\Enum\IDE\DiskMaxtor_6K040L0__________________________NAR61HA0\314b5632324b4736202020202020202020202020@Compatg?leIDs GenDisk? Reg \Registry\MACHINE\SYSTEM\ControlSet003\Control\DeviceClasses\{65e8773d-8f56-11d0-a3b9-00a0c9223196}\##?#USB#VID_0C45&PID_61@DeviceInstance USB\Vid_0c45&Pid_6009\5&15573bc6&0&2 Reg \Registry\MACHINE\SYSTEM\ControlSet003\Control\DeviceClasses\{65e8773d-8f56-11d0-a3b9-00a0c9223196}\##?#USB#VID_0C45&PID_61 Reg \Registry\MACHINE\SYSTEM\ControlSet003\Control\DeviceClasses\{65e8773d-8f56-11d0-a3b9-00a0c9223196}\##?#USB#VID_0C45&PID_61@DeviceInstance USB\Vid_0c45&Pid_6009\5&15573bc6&0&2 Reg \Registry\MACHINE\SYSTEM\ControlSet003\Enum\IDE\DiskMaxtor_6K040L0__________________________NAR61HA0\314b5632324b4736202020202020202020202020@Compatg?leIDs GenDisk? Reg \Registry\MACHINE\SYSTEM\ControlSet003\Enum\IDE\DiskMaxtor_6K040L0__________________________NAR61HA0\314b5632324b4736202020202020202020202020@Compatg?leIDs GenDisk? Reg \Registry\MACHINE\SYSTEM\ControlSet003\Enum\IDE\DiskMaxtor_6K040L0__________________________NAR61HA0\314b5632324b4736202020202020202020202020@Compatg?leIDs GenDisk? Reg \Registry\MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\0002\Settings@GCORULE_ENABLERMXFILTE? Reg \Registry\MACHINE\SYSTEM\CurrentControlSet\Control\DeviceClasses\{65e8773d-8f56-11d0-a3b9-00a0c9223196}\##?#USB#VID_0C45&PID_61@DeviceInstance USB\Vid_0c45&Pid_6009\5&15573bc6&0&2 Reg \Registry\MACHINE\SYSTEM\CurrentControlSet\Control\DeviceClasses\{65e8773d-8f56-11d0-a3b9-00a0c9223196}\##?#USB#VID_0C45&PID_61 Reg \Registry\MACHINE\SYSTEM\CurrentControlSet\Control\DeviceClasses\{65e8773d-8f56-11d0-a3b9-00a0c9223196}\##?#USB#VID_0C45&PID_61@DeviceInstance USB\Vid_0c45&Pid_6009\5&15573bc6&0&2 Reg \Registry\MACHINE\SYSTEM\CurrentControlSet\Enum\IDE\DiskMaxtor_6K040L0__________________________NAR61HA0\314b5632324b4736202020202020202020202020@Compatg?leIDs GenDisk? Reg \Registry\MACHINE\SYSTEM\CurrentControlSet\Enum\IDE\DiskMaxtor_6K040L0__________________________NAR61HA0\314b5632324b4736202020202020202020202020@Compatg?leIDs GenDisk? Reg \Registry\MACHINE\SYSTEM\CurrentControlSet\Enum\IDE\DiskMaxtor_6K040L0__________________________NAR61HA0\314b5632324b4736202020202020202020202020@Compatg?leIDs GenDisk? Reg \Registry\MACHINE\SYSTEM\CurrentControlSet\Enum\IDE\DiskMaxtor_6K040L0__________________________NAR61HA0\314b5632324b4736202020202020202020202020@Compatg?leIDs GenDisk? ---- EOF - GMER 1.0.12 ---- GMER 1.0.12.12244 - http://www.gmer.net Autostart scan 2007-06-02 22:07:26 Windows 5.1.2600 Service Pack 2 HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe, HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent@DLLName = Ati2evxx.dll HKLM\SYSTEM\CurrentControlSet\Services\ >>> aswUpdSv /avast! iAVS4 Control Service/@ = "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" Ati HotKey Poller@ = %SystemRoot%\system32\Ati2evxx.exe ATI Smart /ATI Smart/@ = C:\WINDOWS\system32\ati2sgag.exe avast! Antivirus /avast! Antivirus/@ = "C:\Program Files\Alwil Software\Avast4\ashServ.exe" NVSvc /NVIDIA Display Driver Service/@ = %SystemRoot%\system32\nvsvc32.exe Spooler /Print Spooler/@ = %SystemRoot%\system32\spoolsv.exe UMWdf /Windows User Mode Driver Framework/@ = C:\WINDOWS\system32\wdfmgr.exe vsmon /TrueVector Internet Monitor/@ = C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>> @NvCplDaemonRUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup @nwiznwiz.exe /install = nwiz.exe /install @NvMediaCenterRUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit @SoundManSOUNDMAN.EXE = SOUNDMAN.EXE @HPDJ Taskbar UtilityC:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe = C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb10.exe @avast!C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe @HP Software Update"C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" = "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" @{0228e555-4f9c-4e35-a3ec-b109a192b4c2}C:\Program Files\Google\Gmail Notifier\gnotify.exe = C:\Program Files\Google\Gmail Notifier\gnotify.exe @TkBellExe"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot @ATIPTAC:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe @BluetoothAuthenticationAgentrundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent = rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent @ZoneAlarm Client"C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" = "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" @SunJavaUpdateSched"C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" = "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" @QuickTime Task"C:\Program Files\QuickTime\qttask.exe" -atboottime = "C:\Program Files\QuickTime\qttask.exe" -atboottime HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>> @NCLaunchC:\WINDOWS\NCLAUNCH.EXe = C:\WINDOWS\NCLAUNCH.EXe @NBJ"C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" = "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" @MsnMsgr"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>> @{42071714-76d4-11d1-8b24-00a0c9068ff3} /Display Panning CPL Extension/deskpan.dll /file not found/ = deskpan.dll /file not found/ @{A70C977A-BF00-412C-90B7-034C51DA2439} /NvCpl DesktopContext Class/C:\WINDOWS\system32\nvcpl.dll = C:\WINDOWS\system32\nvcpl.dll @{596AB062-B4D2-4215-9F74-E9109B0A8153} /Previous Versions Property Page/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll @{9DB7A13C-F208-4981-8353-73CC61AE2783} /Previous Versions/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll @{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /Autoplay for SlideShow/(null) = @{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /Extensions Manager Folder/%SystemRoot%\system32\extmgr.dll = %SystemRoot%\system32\extmgr.dll @{1CDB2949-8F65-4355-8456-263E7C208A5D} /Desktop Explorer/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll @{1E9B04FB-F9E5-4718-997B-B8DA88302A47} /Desktop Explorer Menu/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll @{1E9B04FB-F9E5-4718-997B-B8DA88302A48} /nView Desktop Context Menu/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll @{472083B0-C522-11CF-8763-00608CC02F24} /avast/C:\Program Files\Alwil Software\Avast4\ashShell.dll = C:\Program Files\Alwil Software\Avast4\ashShell.dll @{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /Web Folders/C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL @{42042206-2D85-11D3-8CFF-005004838597} /Microsoft Office HTML Icon Handler/C:\Program Files\Microsoft Office\OFFICE11\msohev.dll = C:\Program Files\Microsoft Office\OFFICE11\msohev.dll @{FFB699E0-306A-11d3-8BD1-00104B6F7516} /Play on my TV helper/C:\WINDOWS\system32\nvcpl.dll = C:\WINDOWS\system32\nvcpl.dll @{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} /Shell Extensions for RealOne Player/C:\Program Files\Real\RealPlayer\rpshell.dll = C:\Program Files\Real\RealPlayer\rpshell.dll @{1530F7EE-5128-43BD-9977-84A4B0FAD7DF} /PhotoToys/C:\WINDOWS\system32\phototoys.dll = C:\WINDOWS\system32\phototoys.dll @{B41DB860-8EE4-11D2-9906-E49FADC173CA} /WinRAR shell extension/C:\Program Files\WinRAR\rarext.dll = C:\Program Files\WinRAR\rarext.dll @{A155339D-CCCD-4714-85EB-3754B804C9DF} /a-squared Free Context Menu Shell Extension/(null) = @{D9872D13-7651-4471-9EEE-F0A00218BEBB} /Multiscan/C:\Program Files\Zone Labs\ZoneAlarm\zlavscan.dll = C:\Program Files\Zone Labs\ZoneAlarm\zlavscan.dll HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>> avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Program Files\Alwil Software\Avast4\ashShell.dll WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll ZLAVShExt@{D9872D13-7651-4471-9EEE-F0A00218BEBB} = C:\Program Files\Zone Labs\ZoneAlarm\zlavscan.dll HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>> a2FreeContMenu@{A155339D-CCCD-4714-85EB-3754B804C9DF} = avast@{472083B0-C522-11CF-8763-00608CC02F24} = C:\Program Files\Alwil Software\Avast4\ashShell.dll WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll ZLAVShExt@{D9872D13-7651-4471-9EEE-F0A00218BEBB} = C:\Program Files\Zone Labs\ZoneAlarm\zlavscan.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>> @{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll = C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll @{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll = C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll @{9394EDE7-C8B5-483E-8773-474BF36AF6E4}C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll = C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll @{A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E}C:\Program Files\Common Files\Justdo\Jd2002.dll = C:\Program Files\Common Files\Justdo\Jd2002.dll @{AA58ED58-01DD-4d91-8333-CF10577473F7}c:\program files\google\googletoolbar2.dll = c:\program files\google\googletoolbar2.dll @{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll = C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll @{CC59E0F9-7E43-44FA-9FAA-8377850BF205}C:\Program Files\Free Download Manager\iefdmcks.dll = C:\Program Files\Free Download Manager\iefdmcks.dll HKCU\Control Panel\Desktop@SCRNSAVE.EXE = C:\WINDOWS\system32\ssmypics.scr HKLM\Software\Microsoft\Internet Explorer\Main >>> @Default_Page_URLwww.google.com = www.google.com @Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home HKCU\Software\Microsoft\Internet Explorer\Main@Start Page = http://www.yahoo.com/ HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL HKLM\Software\Classes\PROTOCOLS\Handler\ >>> cetihpz@CLSID = C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll its@CLSID = C:\WINDOWS\system32\itss.dll mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll ms-its@CLSID = C:\WINDOWS\system32\itss.dll msnim@CLSID = "C:\PROGRA~1\MSNMES~1\msgrapp.dll" mso-offdap@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL mso-offdap11@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL tv@CLSID = C:\WINDOWS\system32\msvidctl.dll wia@CLSID = C:\WINDOWS\system32\wiascr.dll HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000005@LibraryPath = %SystemRoot%\system32\wshbth.dll C:\Documents and Settings\All Users\Start Menu\Programs\Startup = GN-WP01GS Utility.lnk ---- EOF - GMER 1.0.12 ----

Profil

marko antonije Poslao: 02 Jun 2007 23:31 Idi na vrh
offline marko antonije Ugledni građanin Pridružio: 09 Jan 2006 Poruke: 317	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Dusane koliko vidimo sistem ti je cist, sto znaci da je najbolje da izvrsis reinstaliranje ZA za svaki slucaj, pitanje koliko je funkcionalan kada stalno prijavljuje greske. Moja preporuka je sledeca, prvo deinstaliraj ZA, zatim restartuj kompjuter, tek nakon toga izvrsi novu instalaciju ZoneAlarma. Nakon nove instalacije prati situaciju i obavesti nas da li se pojavljuje isti problem.

Profil

Dusan Poslao: 04 Jun 2007 09:59 Idi na vrh
offline Dusan SuperModerator Supermoderator opštih foruma Pridružio: 26 Jul 2006 Poruke: 11118	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok, odmah ću ionako mi nešto "secka" konekcija večeras. Eto od svakog zla i nešto dobro. Makar sam saznao da je sistem čist... Hvala ti Dopuna: 04 Jun 2007 9:59 Da "stavimo tačku"... Izgleda da je rešenje problema ipak u reinstalaciji... Posle skoro 2 dana neprekidne konekcije, problem (nadam se) bivši, je rešen... TrueVestor security - se ne isključuje...

Profil

MyCity » Ambulanta -> Arhiva Ambulante » ZA: TrueVestor security - sam se isključuje

Ko je trenutno na forumu

Ukupno su 1135 korisnika na forumu :: 47 registrovanih, 12 sakrivenih i 1076 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, babaroga, bbogdan, Bobrock1, bojan_t, bokisha253, Bubimir, cikadeda, dane007, Denaya, Dežurni pod palubom, Djokkinen, djuradj, Excalibur13, FileFinder, FOX, h8propaganda, Hexe, HrcAk47, Koja79, Kriglord, Kubovac, manda87, mercedesamg, Millennium, Miškić, mkukoleca, moldway, mrav pesadinac, mrvica78, nebidrag, nick79, novator, Parker, Prometeus, Romibrat, sasovsky, Suva planina, t.mile, Tandrkalo, theNedjeljko, tomigun, vargas, vathra, VladaKG1980, Wrangler, yrraf

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by