MyCity » Ambulanta -> Arhiva Ambulante » jel sve u redu???

jel sve u redu???

Napisano na dan: 12.8.2008

jel sve u redu???

Sledeća strana

Pagination

Odgovori

bedazzled Poslao: 12 Avg 2008 20:28 Idi na vrh
offline bedazzled Građanin Pridružio: 04 Jun 2007 Poruke: 157	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Da li ima neceg sto ne valja?? Nisam neki expert sto se ovo ga tice a hteo bi da proverim da li je sve u redu??? Hvala unapred Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 8:23:07 PM, on 8/12/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\acs.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\TP-LINK\TWCU\TWCU.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\SweetIM\Messenger\SweetIM.exe C:\Program Files\Desktop Tray Clock\DTClock.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\FlashGet\flashget.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Bad\Desktop\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [Link mogu videti samo ulogovani korisnici] R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {0CF5D165-517E-48B6-B3C7-3054A24F8BF6} - (no file) O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TWCU\TWCU.exe" -nogui O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Desktop Tray Clock\DTClock.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O8 - Extra context menu item: &D&ownload &with BitComet - [Link mogu videti samo ulogovani korisnici]\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - [Link mogu videti samo ulogovani korisnici]\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - [Link mogu videti samo ulogovani korisnici]\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Preuzmi sa FlashGet-om - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: &Preuzmi sve sa FlashGet-om - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - [Link mogu videti samo ulogovani korisnici]\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing) O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{962AF274-0030-4E91-AA48-15D2B4C768D5}: NameServer = 80.93.224.1,80.93.224.2 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O20 - Winlogon Notify: byXNdeed - byXNdeed.dll (file missing) O23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

Profil

bobby Poslao: 12 Avg 2008 20:36 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Na koje simptome se zalis?

Profil

bedazzled Poslao: 12 Avg 2008 21:15 Idi na vrh
offline bedazzled Građanin Pridružio: 04 Jun 2007 Poruke: 157	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! na nista specijalno! Ali sam skoro radio sistem jer nikako nisam mogao da se otarasim nekog virusa1 Samo me je interesovalo jel ovako treba da bude kad je sve ok?!

Profil

bobby Poslao: 12 Avg 2008 21:21 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ne, ima tragova da je ovaj racunar bio inficiran. Skini ComboFix sa jedne od sledecih adresa na Desktop: [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

bedazzled Poslao: 13 Avg 2008 15:47 Idi na vrh
offline bedazzled Građanin Pridružio: 04 Jun 2007 Poruke: 157	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-08-12.01 - Bad 2008-08-13 15:40:33.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1501 [GMT 2:00] Running from: C:\Documents and Settings\Bad\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-07-13 to 2008-08-13 ))))))))))))))))))))))))))))))) . 2008-08-07 14:21 . 2008-08-07 14:21 <DIR> d-------- C:\Program Files\TGTSoft 2008-08-07 03:41 . 2008-08-07 03:41 <DIR> d--h----- C:\WINDOWS\Icons 2008-08-06 22:01 . 2008-08-06 22:01 38 --a------ C:\WINDOWS\avisplitter.INI 2008-08-05 14:27 . 2008-08-05 14:27 <DIR> d-------- C:\Program Files\K-Lite Codec Pack2 2008-08-05 14:27 . 2008-08-05 14:28 <DIR> d-------- C:\Documents and Settings\Bad\Application Data\bsplayer 2008-08-05 14:22 . 2008-08-05 14:22 <DIR> d-------- C:\Documents and Settings\Bad\Application Data\Media Player Classic 2008-08-05 14:19 . 2008-08-05 14:19 <DIR> d-------- C:\Program Files\K-Lite Codec Pack 2008-08-04 14:46 . 2008-08-04 14:46 <DIR> d-------- C:\Program Files\SweetIM 2008-08-04 14:46 . 2008-08-04 14:47 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SweetIM 2008-08-04 13:49 . 2008-08-04 13:49 <DIR> d-------- C:\Program Files\The Rosetta Stone 2008-08-02 17:55 . 2008-08-02 17:55 <DIR> d-------- C:\Documents and Settings\Bad\Application Data\ACD Systems 2008-08-01 11:43 . 2008-08-01 11:43 <DIR> d-------- C:\WINDOWS\Sun 2008-08-01 04:43 . 2008-08-01 04:43 268 --ah----- C:\sqmdata08.sqm 2008-08-01 04:43 . 2008-08-01 04:43 244 --ah----- C:\sqmnoopt08.sqm 2008-08-01 04:09 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll 2008-08-01 04:06 . 2008-08-01 04:06 <DIR> d-------- C:\Program Files\Microsoft Works 2008-08-01 04:04 . 2008-08-01 04:04 <DIR> d-------- C:\Program Files\Microsoft.NET 2008-08-01 04:02 . 2008-08-01 04:02 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8 2008-08-01 04:01 . 2008-08-01 04:05 <DIR> d-------- C:\WINDOWS\SHELLNEW 2008-08-01 04:01 . 2008-08-01 04:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-08-01 04:00 . 2008-08-01 04:00 <DIR> dr-h----- C:\MSOCache 2008-08-01 03:54 . 2008-08-01 03:54 <DIR> d-------- C:\Program Files\Common Files\ACD Systems 2008-08-01 03:54 . 2008-08-01 03:54 <DIR> d-------- C:\Program Files\ACD Systems 2008-08-01 03:54 . 2008-08-01 03:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ACD Systems 2008-08-01 03:50 . 2008-08-01 03:50 268 --ah----- C:\sqmdata07.sqm 2008-08-01 03:50 . 2008-08-01 03:50 244 --ah----- C:\sqmnoopt07.sqm 2008-08-01 03:37 . 2008-08-01 03:37 <DIR> d-------- C:\Program Files\MSN Messenger 2008-08-01 01:11 . 2008-08-01 01:11 <DIR> d-------- C:\Program Files\Avanquest update 2008-08-01 01:11 . 2008-08-01 01:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BVRP Software 2008-08-01 01:10 . 2008-08-01 01:10 <DIR> d-------- C:\Program Files\Sony Ericsson 2008-08-01 01:10 . 2008-08-01 01:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson 2008-08-01 01:02 . 2008-08-01 01:02 <DIR> d-------- C:\Documents and Settings\Bad\Application Data\NetMedia Providers 2008-08-01 00:39 . 2008-08-01 00:39 <DIR> d-------- C:\Documents and Settings\Bad\Application Data\InstallShield 2008-07-31 19:25 . 2008-07-31 19:25 <DIR> d-------- C:\Program Files\PowerISO 2008-07-31 18:18 . 2008-07-31 18:21 <DIR> d-------- C:\Program Files\Ant Movie Catalog 2008-07-30 22:43 . 2008-07-30 22:43 <DIR> d-------- C:\Program Files\YouTube Downloader 2008-07-30 19:47 . 2008-07-30 19:47 <DIR> d-------- C:\Program Files\Total Video Converter 2008-07-29 20:43 . 2008-07-29 20:43 268 --ah----- C:\sqmdata06.sqm 2008-07-29 20:43 . 2008-07-29 20:43 244 --ah----- C:\sqmnoopt06.sqm 2008-07-29 01:29 . 2008-07-29 01:29 <DIR> d-------- C:\Program Files\AllMyMovies 2008-07-28 13:19 . 2008-07-28 13:19 268 --ah----- C:\sqmdata05.sqm 2008-07-28 13:19 . 2008-07-28 13:19 244 --ah----- C:\sqmnoopt05.sqm 2008-07-28 13:00 . 2008-07-28 13:00 268 --ah----- C:\sqmdata04.sqm 2008-07-28 13:00 . 2008-07-28 13:00 244 --ah----- C:\sqmnoopt04.sqm 2008-07-28 12:30 . 2008-07-28 12:30 268 --ah----- C:\sqmdata03.sqm 2008-07-28 12:30 . 2008-07-28 12:30 244 --ah----- C:\sqmnoopt03.sqm 2008-07-27 23:10 . 2008-07-30 20:56 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-07-27 22:36 . 2008-07-27 22:36 268 --ah----- C:\sqmdata02.sqm 2008-07-27 22:36 . 2008-07-27 22:36 244 --ah----- C:\sqmnoopt02.sqm 2008-07-27 22:29 . 2008-07-27 22:29 268 --ah----- C:\sqmdata01.sqm 2008-07-27 22:29 . 2008-07-27 22:29 244 --ah----- C:\sqmnoopt01.sqm 2008-07-27 21:05 . 2008-08-11 18:44 69 --a------ C:\WINDOWS\NeroDigital.ini 2008-07-27 20:56 . 2008-04-14 09:42 16,384 --a------ C:\WINDOWS\system32\ipsink.ax 2008-07-27 20:56 . 2008-04-14 09:42 16,384 --a--c--- C:\WINDOWS\system32\dllcache\ipsink.ax 2008-07-27 20:56 . 2008-04-14 04:16 15,232 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys 2008-07-27 20:56 . 2008-04-14 04:16 15,232 --a--c--- C:\WINDOWS\system32\dllcache\streamip.sys 2008-07-27 20:56 . 2008-04-14 04:16 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys 2008-07-27 20:56 . 2008-04-14 04:16 10,880 --a--c--- C:\WINDOWS\system32\dllcache\ndisip.sys 2008-07-27 20:56 . 2008-04-14 04:09 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys 2008-07-27 20:56 . 2008-04-14 04:09 5,504 --a--c--- C:\WINDOWS\system32\dllcache\mstee.sys 2008-07-27 20:50 . 2008-08-01 04:05 <DIR> d-------- C:\Program Files\MSBuild 2008-07-27 20:48 . 2008-07-27 20:48 <DIR> d-------- C:\WINDOWS\system32\XPSViewer 2008-07-27 20:47 . 2008-07-27 20:47 <DIR> d-------- C:\Program Files\Reference Assemblies 2008-07-27 20:47 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll 2008-07-27 20:01 . 2008-07-27 20:01 <DIR> d-------- C:\Documents and Settings\Bad\Application Data\Sony Setup 2008-07-27 18:20 . 2008-07-27 20:49 <DIR> d-------- C:\Documents and Settings\Bad\Application Data\OpenOffice.org2 2008-07-27 18:17 . 2008-04-14 04:15 26,368 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys 2008-07-26 21:23 . 2004-03-29 16:23 90,112 --a------ C:\WINDOWS\unvise32.exe 2008-07-26 21:22 . 2008-07-26 21:23 <DIR> d-------- C:\Program Files\Parallel Port Joystick 2008-07-26 21:21 . 2008-07-27 19:28 <DIR> d-------- C:\Documents and Settings\Bad\Incomplete 2008-07-26 21:21 . 2008-07-27 19:29 <DIR> d-------- C:\Documents and Settings\Bad\Application Data\LimeWire 2008-07-26 21:21 . 2007-07-12 02:22 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-07-26 21:20 . 2008-07-26 21:21 <DIR> d-------- C:\Program Files\Java 2008-07-26 21:20 . 2008-07-26 21:20 <DIR> d-------- C:\Program Files\Common Files\Java 2008-07-26 21:03 . 2008-07-26 21:21 <DIR> d-------- C:\Program Files\LimeWire 2008-07-26 20:51 . 2008-08-05 20:45 <DIR> d-------- C:\Documents and Settings\Bad\Contacts 2008-07-26 20:50 . 2008-07-26 20:50 268 --ah----- C:\sqmdata00.sqm 2008-07-26 20:50 . 2008-07-26 20:50 244 --ah----- C:\sqmnoopt00.sqm 2008-07-26 20:49 . 2008-08-01 03:37 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE 2008-07-26 20:45 . 2008-07-26 20:45 <DIR> d-------- C:\Program Files\Microsoft SQL Server 2008-07-26 20:45 . 2008-07-27 20:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Sony 2008-07-26 20:45 . 1998-10-29 15:45 306,688 --a------ C:\WINDOWS\IsUninst.exe 2008-07-26 20:45 . 2002-12-17 16:23 33,340 --------- C:\WINDOWS\system32\dbmsqlgc.dll 2008-07-26 20:45 . 2002-10-20 14:05 24,576 --------- C:\WINDOWS\system32\dbmsgnet.dll 2008-07-26 19:43 . 2001-09-17 13:20 19,968 --a------ C:\WINDOWS\system32\cpuinf32.dll 2008-07-26 15:42 . 2008-07-26 15:42 <DIR> d-------- C:\Documents and Settings\Bad\Application Data\Nero 2008-07-26 15:38 . 2008-07-26 15:38 <DIR> d-------- C:\Program Files\Nero 2008-07-26 15:38 . 2008-07-26 15:39 <DIR> d-------- C:\Program Files\Common Files\Nero 2008-07-26 15:38 . 2008-07-26 15:38 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Nero 2008-07-26 15:32 . 2008-07-26 15:32 <DIR> d-------- C:\Program Files\ASIO4ALL v2 2008-07-26 15:32 . 2008-07-26 15:32 <DIR> d-------- C:\Documents and Settings\Bad\Application Data\Publish Providers 2008-07-26 15:31 . 2008-08-01 01:10 <DIR> d-------- C:\Documents and Settings\Bad\Application Data\Sony 2008-07-26 15:28 . 2008-07-26 15:28 <DIR> d-------- C:\Program Files\Vstplugins 2008-07-26 15:27 . 2008-07-27 20:51 <DIR> d-------- C:\Program Files\Sony 2008-07-26 15:26 . 2008-07-26 20:42 <DIR> d-------- C:\Program Files\Sony Setup 2008-07-26 15:23 . 2008-07-26 15:23 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared 2008-07-26 15:21 . 2008-08-01 03:57 <DIR> d-------- C:\Program Files\Common Files\Adobe 2008-07-26 13:04 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg6n.sys 2008-07-26 13:04 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg5n.sys 2008-07-26 13:04 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg4n.sys 2008-07-26 13:04 . 2004-10-15 18:32 14,568 --a------ C:\WINDOWS\system32\drivers\wg3n.sys 2008-07-26 13:03 . 2008-07-26 13:03 <DIR> d-------- C:\Program Files\Sygate 2008-07-26 13:03 . 2004-10-15 18:32 83,096 --a------ C:\WINDOWS\system32\SSSensor.dll 2008-07-26 13:03 . 2004-10-15 18:17 60,496 --a------ C:\WINDOWS\system32\drivers\Teefer.sys 2008-07-26 13:03 . 2004-10-15 18:18 21,075 --a------ C:\WINDOWS\system32\drivers\wpsdrvnt.sys 2008-07-26 12:57 . 2008-07-26 13:04 <DIR> d-------- C:\Documents and Settings\Bad\Application Data\GetRightToGo 2008-07-26 12:42 . 2008-08-11 14:59 <DIR> d-------- C:\Program Files\Spyware Terminator 2008-07-26 12:42 . 2008-08-13 15:32 <DIR> d-------- C:\Documents and Settings\Bad\Application Data\Spyware Terminator 2008-07-26 12:42 . 2008-08-11 14:51 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator 2008-07-26 12:42 . 2008-07-26 12:42 141,312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys 2008-07-26 12:24 . 2008-07-26 12:24 <DIR> d-------- C:\Program Files\Avira 2008-07-26 03:59 . 2008-08-13 14:34 <DIR> d-------- C:\Program Files\FlashGet 2008-07-26 03:54 . 2008-07-26 03:55 <DIR> d-------- C:\Program Files\BitComet 2008-07-26 03:54 . 2008-08-07 20:11 <DIR> d-------- C:\Downloads 2008-07-26 03:54 . 2008-07-26 03:54 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll 2008-07-26 03:50 . 2008-07-26 03:51 <DIR> d-------- C:\Program Files\Desktop Tray Clock 2008-07-26 03:50 . 2008-07-26 03:50 58,880 --a------ C:\WINDOWS\system32\byxndeed.dll.ren 2008-07-26 03:31 . 2008-07-26 03:31 <DIR> d-------- C:\Program Files\TuneUp Utilities 2007 2008-07-26 03:31 . 2008-07-26 03:31 <DIR> d-------- C:\Documents and Settings\Bad\Application Data\TuneUp Software 2008-07-26 03:31 . 2007-03-28 19:42 29,704 --a------ C:\WINDOWS\system32\uxtuneup.dll 2008-07-26 03:30 . 2008-07-26 13:03 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-07-26 03:30 . 2008-07-26 03:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TuneUp Software 2008-07-26 03:24 . 2008-07-26 03:24 <DIR> d-------- C:\Program Files\CyberLink 2008-07-26 03:24 . 2008-07-26 03:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\CyberLink 2008-07-26 03:24 . 2003-04-23 18:29 221,215 --------- C:\WINDOWS\system32\Divxdec.ax . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-01 01:07 --------- d-----w C:\Program Files\Windows Media Connect 2 2008-07-31 23:11 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-07-26 10:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira 2008-07-25 23:34 21,275 ----a-w C:\WINDOWS\system32\drivers\AegisP.sys 2008-07-25 23:34 --------- d-----w C:\Program Files\TP-LINK 2008-07-25 23:29 --------- d-----w C:\Documents and Settings\Bad\Application Data\ATI 2008-07-25 23:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\ATI 2008-07-25 23:23 --------- d-----w C:\Program Files\Common Files\InstallShield 2008-07-25 23:23 --------- d-----w C:\Program Files\ATI Technologies 2008-07-12 19:24 991,744 ----a-w C:\WINDOWS\system32\drmv2clt.dll 2008-07-12 19:20 1,614,848 ----a-w C:\WINDOWS\system32\sfcfiles.dll 2008-07-12 19:18 86,073 ----a-w C:\WINDOWS\system32\usrfaxa.dll 2008-07-12 19:10 990,208 ----a-w C:\WINDOWS\system32\syssetup.dll 2008-07-12 19:10 78,336 ----a-w C:\WINDOWS\system32\ieencode.dll 2008-07-12 19:10 55,296 ----a-w C:\WINDOWS\system32\iesetup.dll 2008-07-12 19:10 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll 2008-07-12 19:10 45,568 ----a-w C:\WINDOWS\system32\mshta.exe 2008-07-12 19:10 40,960 ----a-w C:\WINDOWS\system32\licmgr10.dll 2008-07-12 19:10 36,352 ----a-w C:\WINDOWS\system32\imgutil.dll 2008-07-12 19:10 26,112 ----a-w C:\WINDOWS\system32\idndl.dll 2008-07-12 19:10 24,576 ----a-w C:\WINDOWS\system32\nlsdl.dll 2008-07-12 19:10 23,552 ----a-w C:\WINDOWS\system32\normaliz.dll 2008-07-12 19:10 156,160 ----a-w C:\WINDOWS\system32\msls31.dll 2008-07-07 07:40 56,108 ----a-w C:\WINDOWS\system32\drivers\scdemu.sys 2008-07-04 06:33 3,230,720 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys 2008-07-04 03:48 9,490,432 ----a-w C:\WINDOWS\system32\atioglx2.dll 2008-07-04 03:25 421,888 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll 2008-07-04 03:23 309,248 ----a-w C:\WINDOWS\system32\ati2dvag.dll 2008-07-04 03:14 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe 2008-07-04 03:14 184,320 ----a-w C:\WINDOWS\system32\atipdlxx.dll 2008-07-04 03:14 143,360 ----a-w C:\WINDOWS\system32\Oemdspif.dll 2008-07-04 03:13 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll 2008-07-04 03:13 139,264 ----a-w C:\WINDOWS\system32\ati2evxx.dll 2008-07-04 03:12 561,152 ----a-w C:\WINDOWS\system32\ati2evxx.exe 2008-07-04 03:10 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL 2008-07-04 03:06 253,952 ----a-w C:\WINDOWS\system32\atiok3x2.dll 2008-07-04 03:00 3,786,144 ----a-w C:\WINDOWS\system32\ati3duag.dll 2008-07-04 02:55 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll 2008-07-04 02:49 2,140,672 ----a-w C:\WINDOWS\system32\ativvaxx.dll 2008-07-04 02:34 48,640 ----a-w C:\WINDOWS\system32\amdpcom32.dll 2008-07-04 02:30 348,160 ----a-w C:\WINDOWS\system32\atikvmag.dll 2008-07-04 02:29 32,768 ----a-w C:\WINDOWS\system32\atiadlxx.dll 2008-07-04 02:28 53,248 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll 2008-07-04 02:28 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll 2008-07-04 02:22 565,248 ----a-w C:\WINDOWS\system32\ati2cqag.dll 2008-07-03 16:35 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe 2008-06-12 18:36 7,680 ----a-w C:\WINDOWS\system32\ff_vfw.dll 2008-05-30 23:22 683,520 ----a-w C:\WINDOWS\system32\divx.dll 2008-05-30 12:19 507,400 ----a-w C:\WINDOWS\system32\XAudio2_1.dll 2008-05-30 12:18 238,088 ----a-w C:\WINDOWS\system32\xactengine3_1.dll 2008-05-30 12:17 65,032 ----a-w C:\WINDOWS\system32\XAPOFX1_0.dll 2008-05-30 12:17 25,608 ----a-w C:\WINDOWS\system32\X3DAudio1_4.dll 2008-05-30 12:11 467,984 ----a-w C:\WINDOWS\system32\d3dx10_38.dll 2008-05-30 12:11 3,850,760 ----a-w C:\WINDOWS\system32\D3DX9_38.dll 2008-05-30 12:11 1,491,992 ----a-w C:\WINDOWS\system32\D3DCompiler_38.dll 2008-05-22 22:22 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll 2008-05-22 22:19 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{EEE6C35D-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2008-07-06 12:44 173368] [HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] 2008-07-06 12:44 1164600 --a------ C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-07-06 12:44 1164600] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-07-06 12:44 1164600] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SkinClock"="C:\Program Files\Desktop Tray Clock\DTClock.exe" [2008-07-26 03:51 1694720] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 10:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 09:47 61440] "TWCU"="C:\Program Files\TP-LINK\TWCU\TWCU.exe" [2006-03-29 13:42 364544] "CTSysVol"="C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe" [2003-09-17 10:43 57344] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 14:28 266497] "SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-07-26 12:42 1783808] "SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 19:40 2577632] "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136] "PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2008-07-07 09:34 167936] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016] "SweetIM"="C:\Program Files\SweetIM\Messenger\SweetIM.exe" [2008-07-06 12:32 111928] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="shell32" [X] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 01:48:20 40048] Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 00:01:50 734872] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.ACDV"= ACDV.dll "VIDC.YV12"= yv12vfw.dll [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "UpdReg"=C:\WINDOWS\UpdReg.EXE "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\FlashGet\\FlashGet.exe"= "D:\\Games INST\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"= "D:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\MSLPLTS.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "11535:TCP"= 11535:TCP:BitComet 11535 TCP "11535:UDP"= 11535:UDP:BitComet 11535 UDP R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-07-26 12:42] R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2008-04-14 10:00] R3 PPJoyBus;Parallel Port Joystick Bus device driver;C:\WINDOWS\system32\drivers\PPJoyBus.sys [2004-10-24 08:11] R3 PPortJoystick;Parallel Port Joystick device driver;C:\WINDOWS\system32\drivers\PPortJoy.sys [2004-10-24 08:11] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp Newly Created Service - CATCHME Newly Created Service - PROCEXP90 . Contents of the 'Scheduled Tasks' folder 2008-08-08 C:\WINDOWS\Tasks\1-Click Maintenance.job - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-04-26 21:51] . - - - - ORPHANS REMOVED - - - - Notify-byXNdeed - byXNdeed.dll . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\Bad\Application Data\Mozilla\Firefox\Profiles\62xoep3i.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - [Link mogu videti samo ulogovani korisnici] FF -: plugin - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF -: plugin - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2008-08-13 15:43:00 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\vsdatant] "ImagePath"="" . Completion time: 2008-08-13 15:44:49 ComboFix-quarantined-files.txt 2008-08-13 13:44:24 Pre-Run: 9,184,845,824 bytes free Post-Run: 9,210,388,480 bytes free 307

Profil

bobby Poslao: 13 Avg 2008 20:17 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Postavi mi sada jedan svez HijackThis log, samo da se uverim da je ComboFix detaljno odradio posao.

Profil

bedazzled Poslao: 14 Avg 2008 00:16 Idi na vrh
offline bedazzled Građanin Pridružio: 04 Jun 2007 Poruke: 157	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:14:04 AM, on 8/14/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\acs.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Desktop Tray Clock\DTClock.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\explorer.exe C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe C:\Program Files\Mozilla Firefox\firefox.exe D:\PROGRAMI inst\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = [Link mogu videti samo ulogovani korisnici] R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [TWCU] "C:\Program Files\TP-LINK\TWCU\TWCU.exe" -nogui O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe O4 - HKCU\..\Run: [SkinClock] C:\Program Files\Desktop Tray Clock\DTClock.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O8 - Extra context menu item: &D&ownload &with BitComet - [Link mogu videti samo ulogovani korisnici]\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - [Link mogu videti samo ulogovani korisnici]\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - [Link mogu videti samo ulogovani korisnici]\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Preuzmi sa FlashGet-om - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: &Preuzmi sve sa FlashGet-om - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - [Link mogu videti samo ulogovani korisnici]\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing) O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{962AF274-0030-4E91-AA48-15D2B4C768D5}: NameServer = 80.93.224.1,80.93.224.2 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL O23 - Service: TP-LINK Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\NVIDIA\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe -- End of file - 9210 bytes

Profil

bobby Poslao: 16 Avg 2008 00:57 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nema vise tragova infekcije. Sada cemo deinstalirati ComboFix: Klikni START a zatim RUN U liniju za unos teksta ukucaj Combofix /u i klikni OK Sačekaj da se proces deinstalacije završi Gornja procedura će: Obrisati sledeće: ComboFix i njegove file-ove i foldere VundoFix Backups folder, ako postoji C:\Deckard folder, ako postoji C:\OtMoveIt folder, ako postoji Resetovati podešavanja sata na kompjuteru Sakriti ekstenzije file-ova, ako je potrebno Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno Resetovati System Restore

Profil

MyCity » Ambulanta -> Arhiva Ambulante » jel sve u redu???

Ko je trenutno na forumu

Ukupno su 1228 korisnika na forumu :: 16 registrovanih, 4 sakrivenih i 1208 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 1MAP, 4. Ozrenska, 9k38, annon, Botovac, comi, Gogi_avio, ISOF, Jaz, Lotus, Milan A. Nikolic, Pero, RAKITNICA, sale_bih, saputnik plavetnila, Slavian

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by