MyCity » Ambulanta -> Arhiva Ambulante » pomoc sa virtumonde

pomoc sa virtumonde

Napisano na dan: 13.11.2008

pomoc sa virtumonde

Sledeća strana

Pagination

Odgovori

vasileee Poslao: 13 Nov 2008 13:29 Idi na vrh
offline vasileee Novi MyCity građanin Pridružio: 13 Nov 2008 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zdravo momci. Vec nedelju dana ima virtumonde na mom PC. Probao sam da ga uklonim sa SpySweeper i Spybot - Search & Destroy ali nisam uspio. Trazio sam po foruma i nasao sam puno tutorial-a za rucno brisanje ali niko ne funkcionise za moj PC. evo moj log od HJThis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:15:43, on 11/13/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe C:\WINDOWS\system32\vmnat.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\VMware\VMware Workstation\vmware-authd.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\WLTRAY.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\Babylon\Babylon-Pro\Babylon.exe C:\Program Files\VMware\VMware Workstation\vmware-tray.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Program Files\Calendarium\Calendarium.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Lidija\Desktop\TQR.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: (no name) - {A121F249-DA86-4687-9EDD-03179D3BD0AF} - C:\WINDOWS\system32\qoMeDtUl.dll O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] "C:\WINDOWS\system32\WLTRAY.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKLM\..\Run: [Babylon Client] "C:\Program Files\Babylon\Babylon-Pro\Babylon.exe" -AutoStart O4 - HKLM\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files\VMware\VMware Workstation\vmware-tray.exe" O4 - HKLM\..\Run: [NetWatcherPro] C:\Program Files\NetWatcherPro\NetWatcherPro.exe O4 - HKCU\..\Run: [thebat_startup] "C:\Program Files\The Bat!\thebat.exe" /minimize O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Startup: BORGChat.lnk = C:\Program Files\BORGChat\BORGChat.exe O4 - Startup: Calendarium.lnk = C:\Program Files\Calendarium\Calendarium.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: Vypress Chat StartUp.lnk = ? O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: Translate with &Babylon - [Link mogu videti samo ulogovani korisnici]\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm O17 - HKLM\System\CCS\Services\Tcpip\..\{061A31EE-3077-4DF5-8234-C12908683931}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CS1\Services\Tcpip\..\{061A31EE-3077-4DF5-8234-C12908683931}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CS2\Services\Tcpip\..\{061A31EE-3077-4DF5-8234-C12908683931}: NameServer = 208.67.220.220,208.67.222.222 O20 - AppInit_DLLs: c:\progra~1\kasper~1\kasper~1.0\adialhk.dll O20 - Winlogon Notify: awtuuuut - awtuuuut.dll (file missing) O20 - Winlogon Notify: winuns32 - C:\WINDOWS\ O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Unknown owner - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MobaSSH (MobaSSH1) - [Link mogu videti samo ulogovani korisnici] - C:\WINDOWS\system32\MobaSSH.exe O23 - Service: OracleMTSRecoveryService - Oracle Corporation - C:\oraclexe\app\oracle\product\10.2.0\server\BIN\omtsreco.exe O23 - Service: OracleServiceXE - Oracle Corporation - c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE O23 - Service: OracleXEClrAgent - Unknown owner - C:\oraclexe\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe O23 - Service: OracleXETNSListener - Unknown owner - C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe -- End of file - 6673 bytes Hvala unapred.

Profil

dr_Bora Poslao: 13 Nov 2008 16:54 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Preuzmi The Avenger na Desktop. Raspakuj arhivu u neki folder Dvoklikom pokreni avenger.exe Iskopiraj tekst koji se nalazi unutar Kod polja u (beli) prozor programa: `Files to delete: C:\WINDOWS\system32\qoMeDtUl.dll Registry keys to delete: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awtuuuut HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winuns32 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A121F249-DA86-4687-9EDD-03179D3BD0AF}` Klikni Execute, a zatim Yes u sledeća dva prozora koji će se otvoriti Kompjuter će se restartovati i započeti će proces čišćenja/skeniranja Kada proces bude završen, logfile C:\avenger.txt će se otvoriti u Notepad-u Iskopiraj sadržaj dobijenog loga u temu na forumu. Takođe, postavi i svež HijackThis logfile.

Profil

vasileee Poslao: 13 Nov 2008 17:52 Idi na vrh
offline vasileee Novi MyCity građanin Pridružio: 13 Nov 2008 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo sadrzaj logfile C:\avenger.txt: Logfile of The Avenger Version 2.0, (c) by Swandog46 [Link mogu videti samo ulogovani korisnici] Platform: Windows XP ***************** Script file opened successfully. Script file read successfully. Backups directory opened successfully at C:\Avenger *************** Beginning to process script file: Rootkit scan active. No rootkits found! File "C:\WINDOWS\system32\qoMeDtUl.dll" deleted successfully. Registry key "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awtuuuut" deleted successfully. Registry key "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winuns32" deleted successfully. Registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A121F249-DA86-4687-9EDD-03179D3BD0AF}" deleted successfully. Completed script processing. *************** Finished! Terminate. a zatim i svez HJThis log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:47:33, on 11/13/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe C:\WINDOWS\system32\vmnat.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\VMware\VMware Workstation\vmware-authd.exe C:\WINDOWS\system32\WLTRAY.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\Babylon\Babylon-Pro\Babylon.exe C:\Program Files\Google\Google Talk\googletalk.exe C:\Program Files\VMware\VMware Workstation\vmware-tray.exe C:\Program Files\NetWatcherPro\NetWatcherPro.exe C:\Program Files\The Bat!\thebat.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Vypress Chat\VyChat.exe C:\Program Files\BORGChat\BORGChat.exe C:\Program Files\Calendarium\Calendarium.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Lidija\Desktop\TQR.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] "C:\WINDOWS\system32\WLTRAY.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKLM\..\Run: [Babylon Client] "C:\Program Files\Babylon\Babylon-Pro\Babylon.exe" -AutoStart O4 - HKLM\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files\VMware\VMware Workstation\vmware-tray.exe" O4 - HKLM\..\Run: [NetWatcherPro] C:\Program Files\NetWatcherPro\NetWatcherPro.exe O4 - HKCU\..\Run: [thebat_startup] "C:\Program Files\The Bat!\thebat.exe" /minimize O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: BORGChat.lnk = C:\Program Files\BORGChat\BORGChat.exe O4 - Startup: Calendarium.lnk = C:\Program Files\Calendarium\Calendarium.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: Vypress Chat StartUp.lnk = ? O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: Translate with &Babylon - [Link mogu videti samo ulogovani korisnici]\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm O17 - HKLM\System\CCS\Services\Tcpip\..\{061A31EE-3077-4DF5-8234-C12908683931}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CS1\Services\Tcpip\..\{061A31EE-3077-4DF5-8234-C12908683931}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CS2\Services\Tcpip\..\{061A31EE-3077-4DF5-8234-C12908683931}: NameServer = 208.67.220.220,208.67.222.222 O20 - AppInit_DLLs: c:\progra~1\kasper~1\kasper~1.0\adialhk.dll O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Unknown owner - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MobaSSH (MobaSSH1) - [Link mogu videti samo ulogovani korisnici]** - C:\WINDOWS\system32\MobaSSH.exe O23 - Service: OracleMTSRecoveryService - Oracle Corporation - C:\oraclexe\app\oracle\product\10.2.0\server\BIN\omtsreco.exe O23 - Service: OracleServiceXE - Oracle Corporation - c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE O23 - Service: OracleXEClrAgent - Unknown owner - C:\oraclexe\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe O23 - Service: OracleXETNSListener - Unknown owner - C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe -- End of file - 6816 bytes

Profil

dr_Bora Poslao: 13 Nov 2008 18:49 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skini program sa sledećeg linka: [Link mogu videti samo ulogovani korisnici] Dvoklikom ga pokreni a zatim klikni Continue. Na kraju procesa će se otvoriti dva loga: prvi, log.txt će biti maksimizovan i njega je potrebno iskopirati u temu na forumu, te drugi, info.txt koji će biti minimizovan (koji nam za sada ne treba). Znači, postavi sadržaj file-a log.txt u iduću poruku (taj file će biti sačuvan kao C:\rsit\log.txt).

Profil

vasileee Poslao: 14 Nov 2008 11:02 Idi na vrh
offline vasileee Novi MyCity građanin Pridružio: 13 Nov 2008 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evo sadrzaj log.txt: Logfile of random's system information tool 1.04 (written by random/random) Run by Lidija at 2008-11-14 09:40:25 Microsoft Windows XP Professional Service Pack 3 System drive C: has 5 GB (23%) free of 22 GB Total RAM: 2038 MB (66% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:40:50, on 11/14/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe C:\WINDOWS\system32\vmnat.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\Program Files\VMware\VMware Workstation\vmware-authd.exe C:\WINDOWS\system32\WLTRAY.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe C:\Program Files\Babylon\Babylon-Pro\Babylon.exe C:\Program Files\Google\Google Talk\googletalk.exe C:\Program Files\VMware\VMware Workstation\vmware-tray.exe C:\Program Files\The Bat!\thebat.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\Program Files\Calendarium\Calendarium.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Lidija\Desktop\RSIT.exe C:\Program Files\trend micro\Lidija.exe C:\WINDOWS\system32\taskmgr.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] "C:\WINDOWS\system32\WLTRAY.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKLM\..\Run: [Babylon Client] "C:\Program Files\Babylon\Babylon-Pro\Babylon.exe" -AutoStart O4 - HKLM\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart O4 - HKLM\..\Run: [vmware-tray] "C:\Program Files\VMware\VMware Workstation\vmware-tray.exe" O4 - HKLM\..\Run: [NetWatcherPro] C:\Program Files\NetWatcherPro\NetWatcherPro.exe O4 - HKCU\..\Run: [thebat_startup] "C:\Program Files\The Bat!\thebat.exe" /minimize O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: BORGChat.lnk = C:\Program Files\BORGChat\BORGChat.exe O4 - Startup: Calendarium.lnk = C:\Program Files\Calendarium\Calendarium.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: Vypress Chat StartUp.lnk = ? O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm O8 - Extra context menu item: Translate with &Babylon - [Link mogu videti samo ulogovani korisnici]\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{061A31EE-3077-4DF5-8234-C12908683931}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CS1\Services\Tcpip\..\{061A31EE-3077-4DF5-8234-C12908683931}: NameServer = 208.67.220.220,208.67.222.222 O20 - AppInit_DLLs: c:\progra~1\kasper~1\kasper~1.0\adialhk.dll O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Unknown owner - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MobaSSH (MobaSSH1) - [Link mogu videti samo ulogovani korisnici] - C:\WINDOWS\system32\MobaSSH.exe O23 - Service: OracleMTSRecoveryService - Oracle Corporation - C:\oraclexe\app\oracle\product\10.2.0\server\BIN\omtsreco.exe O23 - Service: OracleServiceXE - Oracle Corporation - c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE O23 - Service: OracleXEClrAgent - Unknown owner - C:\oraclexe\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe O23 - Service: OracleXETNSListener - Unknown owner - C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe -- End of file - 7585 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\wrSpySweeperFullSweep.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}] Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-05-30 1410344] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll [2008-03-25 509328] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY.exe [2007-10-09 2183168] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2008-02-08 227856] "Babylon Client"=C:\Program Files\Babylon\Babylon-Pro\Babylon.exe [2007-12-20 3116768] "googletalk"=C:\Program Files\Google\Google Talk\googletalk.exe [2007-01-01 3739648] "vmware-tray"=C:\Program Files\VMware\VMware Workstation\vmware-tray.exe [2008-05-15 72240] "NetWatcherPro"=C:\Program Files\NetWatcherPro\NetWatcherPro.exe [1998-04-20 524288] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "thebat_startup"=C:\Program Files\The Bat!\thebat.exe [2008-02-07 6407016] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-05-30 21718312] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] C:\Documents and Settings\All Users\Start Menu\Programs\Startup Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe Vypress Chat StartUp.lnk - C:\WINDOWS\Installer\{32230531-F971-468F-9BD4-7C3369F3468B}\iconVCAdvertised.exe C:\Documents and Settings\Lidija\Start Menu\Programs\Startup BORGChat.lnk - C:\Program Files\BORGChat\BORGChat.exe Calendarium.lnk - C:\Program Files\Calendarium\Calendarium.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="c:\progra~1\kasper~1\kasper~1.0\adialhk.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2008-03-17 208896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2008-02-08 219664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{49582D01-5592-4E9A-B672-FBABAB3B9A2C}"= [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 C:\WINDOWS\system32\qoMeDtUl [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\English\setup.exe"="C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files\Kaspersky Internet Security 7.0.1.325\English\setup.exe::Enabled:Kaspersky Internet Security 7.0 Setup" "E:\nesto\uTorrent.exe"="E:\nesto\uTorrent.exe::Enabled:µTorrent" "C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe"="C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe::Enabled:CyberLink PowerDVD 8.0" "C:\Program Files\Google\Google Talk\googletalk.exe"="C:\Program Files\Google\Google Talk\googletalk.exe::Enabled:Google Talk" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe::Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe::enabled:@xpsp2res.dll,-22019" "C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe"="C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.exe::Enabled:CyberLink PowerDVD 8.0" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe::Enabled:@xpsp3res.dll,-20000" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b4a48a78-229d-11dd-b186-001f3a476e6b}] shell\AutoRun\command - F:\xlu8a8sy.exe shell\explore\command - F:\xlu8a8sy.exe shell\open\command - F:\xlu8a8sy.exe ======File associations====== .scr - open - C:\WINDOWS\system32\notepad.exe "%1" .scr - install - .scr - config - ======List of files/folders created in the last 1 months====== 2008-11-14 09:40:25 ----D---- C:\rsit 2008-11-14 09:29:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2008-11-14 09:29:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$ 2008-11-14 09:29:35 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$ 2008-11-14 09:29:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$ 2008-11-14 09:29:16 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$ 2008-11-14 09:29:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$ 2008-11-14 09:28:59 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ 2008-11-14 09:28:39 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$ 2008-11-14 09:28:17 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2008-11-14 09:28:04 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2008-11-14 09:22:00 ----D---- C:\WINDOWS\ie7updates 2008-11-14 09:21:30 ----D---- C:\WINDOWS\WBEM 2008-11-14 09:20:12 ----HDC---- C:\WINDOWS\ie7 2008-11-14 09:20:02 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$ 2008-11-14 09:19:32 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$ 2008-11-14 09:17:30 ----A---- C:\WINDOWS\system32\MRT.exe 2008-11-14 09:11:31 ----A---- C:\WINDOWS\OEWABLog.txt 2008-11-14 09:09:49 ----D---- C:\WINDOWS\Prefetch 2008-11-14 08:42:45 ----A---- C:\WINDOWS\setuplog.txt 2008-11-14 08:41:43 ----N---- C:\WINDOWS\system32\rwnh.dll 2008-11-14 08:41:43 ----N---- C:\WINDOWS\system32\comsdupd.exe 2008-11-14 08:41:42 ----N---- C:\WINDOWS\system32\smtpapi.dll 2008-11-14 08:41:40 ----N---- C:\WINDOWS\system32\dot3cfg.dll 2008-11-14 08:41:40 ----N---- C:\WINDOWS\system32\dot3api.dll 2008-11-14 08:41:40 ----N---- C:\WINDOWS\system32\dimsroam.dll 2008-11-14 08:41:40 ----N---- C:\WINDOWS\system32\dimsntfy.dll 2008-11-14 08:41:40 ----N---- C:\WINDOWS\system32\dhcpqec.dll 2008-11-14 08:41:40 ----N---- C:\WINDOWS\system32\credssp.dll 2008-11-14 08:41:40 ----N---- C:\WINDOWS\system32\bitsprx4.dll 2008-11-14 08:41:40 ----N---- C:\WINDOWS\system32\azroles.dll 2008-11-14 08:41:40 ----N---- C:\WINDOWS\system32\ativvaxx.dll 2008-11-14 08:41:40 ----N---- C:\WINDOWS\system32\ativtmxx.dll 2008-11-14 08:41:40 ----N---- C:\WINDOWS\system32\ati3duag.dll 2008-11-14 08:41:40 ----N---- C:\WINDOWS\system32\ati3d1ag.dll 2008-11-14 08:41:40 ----N---- C:\WINDOWS\system32\ati2dvag.dll 2008-11-14 08:41:40 ----N---- C:\WINDOWS\system32\ati2dvaa.dll 2008-11-14 08:41:40 ----N---- C:\WINDOWS\system32\ati2cqag.dll 2008-11-14 08:41:40 ----N---- C:\WINDOWS\system32\aaclient.dll 2008-11-14 08:41:39 ----N---- C:\WINDOWS\system32\hsfcisp2.dll 2008-11-14 08:41:39 ----N---- C:\WINDOWS\system32\eapsvc.dll 2008-11-14 08:41:39 ----N---- C:\WINDOWS\system32\eapqec.dll 2008-11-14 08:41:39 ----N---- C:\WINDOWS\system32\eappprxy.dll 2008-11-14 08:41:39 ----N---- C:\WINDOWS\system32\eapphost.dll 2008-11-14 08:41:39 ----N---- C:\WINDOWS\system32\eappgnui.dll 2008-11-14 08:41:39 ----N---- C:\WINDOWS\system32\eappcfg.dll 2008-11-14 08:41:39 ----N---- C:\WINDOWS\system32\eapp3hst.dll 2008-11-14 08:41:39 ----N---- C:\WINDOWS\system32\eapolqec.dll 2008-11-14 08:41:39 ----N---- C:\WINDOWS\system32\dot3ui.dll 2008-11-14 08:41:39 ----N---- C:\WINDOWS\system32\dot3svc.dll 2008-11-14 08:41:39 ----N---- C:\WINDOWS\system32\dot3msm.dll 2008-11-14 08:41:39 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll 2008-11-14 08:41:39 ----N---- C:\WINDOWS\system32\dot3dlg.dll 2008-11-14 08:41:38 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll 2008-11-14 08:41:38 ----N---- C:\WINDOWS\system32\mmcex.dll 2008-11-14 08:41:38 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll 2008-11-14 08:41:38 ----N---- C:\WINDOWS\system32\l2gpstore.dll 2008-11-14 08:41:38 ----N---- C:\WINDOWS\system32\kmsvc.dll 2008-11-14 08:41:38 ----N---- C:\WINDOWS\system32\kbdpash.dll 2008-11-14 08:41:38 ----N---- C:\WINDOWS\system32\kbdnepr.dll 2008-11-14 08:41:38 ----N---- C:\WINDOWS\system32\kbdiultn.dll 2008-11-14 08:41:38 ----N---- C:\WINDOWS\system32\kbdbhc.dll 2008-11-14 08:41:37 ----N---- C:\WINDOWS\system32\onex.dll 2008-11-14 08:41:37 ----N---- C:\WINDOWS\system32\nv4_disp.dll 2008-11-14 08:41:37 ----N---- C:\WINDOWS\system32\napstat.exe 2008-11-14 08:41:37 ----N---- C:\WINDOWS\system32\napmontr.dll 2008-11-14 08:41:37 ----N---- C:\WINDOWS\system32\napipsec.dll 2008-11-14 08:41:37 ----N---- C:\WINDOWS\system32\mtxparhd.dll 2008-11-14 08:41:37 ----N---- C:\WINDOWS\system32\msshavmsg.dll 2008-11-14 08:41:37 ----N---- C:\WINDOWS\system32\mssha.dll 2008-11-14 08:41:37 ----N---- C:\WINDOWS\system32\mmcperf.exe 2008-11-14 08:41:36 ----N---- C:\WINDOWS\system32\verclsid.exe 2008-11-14 08:41:36 ----N---- C:\WINDOWS\system32\tzchange.exe 2008-11-14 08:41:36 ----N---- C:\WINDOWS\system32\tspkg.dll 2008-11-14 08:41:36 ----N---- C:\WINDOWS\system32\tsgqec.dll 2008-11-14 08:41:36 ----N---- C:\WINDOWS\system32\slserv.exe 2008-11-14 08:41:36 ----N---- C:\WINDOWS\system32\slrundll.exe 2008-11-14 08:41:36 ----N---- C:\WINDOWS\system32\slgen.dll 2008-11-14 08:41:36 ----N---- C:\WINDOWS\system32\slextspk.dll 2008-11-14 08:41:36 ----N---- C:\WINDOWS\system32\slcoinst.dll 2008-11-14 08:41:36 ----N---- C:\WINDOWS\system32\setupn.exe 2008-11-14 08:41:36 ----N---- C:\WINDOWS\system32\s3gnb.dll 2008-11-14 08:41:36 ----N---- C:\WINDOWS\system32\rhttpaa.dll 2008-11-14 08:41:36 ----N---- C:\WINDOWS\system32\rasqec.dll 2008-11-14 08:41:36 ----N---- C:\WINDOWS\system32\qutil.dll 2008-11-14 08:41:36 ----N---- C:\WINDOWS\system32\qcliprov.dll 2008-11-14 08:41:36 ----N---- C:\WINDOWS\system32\qagentrt.dll 2008-11-14 08:41:36 ----N---- C:\WINDOWS\system32\qagent.dll 2008-11-14 08:41:35 ----N---- C:\WINDOWS\system32\xpsp3res.dll 2008-11-14 08:41:35 ----N---- C:\WINDOWS\system32\xmllite.dll 2008-11-14 08:41:35 ----N---- C:\WINDOWS\system32\wlanapi.dll 2008-11-14 08:41:35 ----N---- C:\WINDOWS\slrundll.exe 2008-11-14 08:41:34 ----D---- C:\WINDOWS\system32\scripting 2008-11-14 08:41:33 ----D---- C:\WINDOWS\system32\en 2008-11-14 08:41:33 ----D---- C:\WINDOWS\system32\bits 2008-11-14 08:41:33 ----D---- C:\WINDOWS\l2schemas 2008-11-14 08:39:17 ----D---- C:\WINDOWS\ServicePackFiles 2008-11-14 08:36:41 ----D---- C:\WINDOWS\network diagnostic 2008-11-14 08:35:04 ----A---- C:\WINDOWS\003085_.tmp 2008-11-14 08:31:10 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2008-11-14 08:22:38 ----A---- C:\WINDOWS\imsins.BAK 2008-11-14 08:22:33 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$ 2008-11-13 17:44:33 ----D---- C:\Avenger 2008-11-13 17:44:33 ----A---- C:\avenger.txt 2008-11-12 23:13:01 ----D---- C:\Program Files\Spybot - Search & Destroy 2008-11-12 23:13:01 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-11-12 21:49:13 ----D---- C:\Program Files\AutoCAD 2009 2008-11-12 21:44:18 ----D---- C:\Program Files\Common Files\Autodesk Shared 2008-11-12 21:44:18 ----D---- C:\Program Files\Autodesk 2008-11-12 18:12:25 ----A---- C:\WINDOWS\ntbtlog.txt 2008-11-12 09:30:46 ----D---- C:\Program Files\CCleaner 2008-11-12 09:24:01 ----D---- C:\Program Files\Trend Micro 2008-11-10 16:11:38 ----A---- C:\WINDOWS\system32\mcrh.tmp 2008-11-10 16:11:24 ----A---- C:\WINDOWS\system32\userinit.exe 2008-11-10 12:17:41 ----D---- C:\Program Files\Panda Security 2008-11-10 12:16:40 ----D---- C:\WINDOWS\BDOSCAN8 2008-11-10 10:49:56 ----A---- C:\WINDOWS\system32\capicom.dll 2008-11-07 09:00:52 ----D---- C:\Program Files\Webroot 2008-11-07 09:00:52 ----D---- C:\Documents and Settings\Lidija\Application Data\Webroot 2008-11-07 09:00:52 ----D---- C:\Documents and Settings\All Users\Application Data\Webroot 2008-11-07 09:00:52 ----A---- C:\WINDOWS\WRSetup.dll 2008-11-07 08:18:02 ----A---- C:\WINDOWS\system32\iihjadvy.dll 2008-11-06 18:42:17 ----A---- C:\WINDOWS\system32\df0ba77e-.txt 2008-11-06 14:06:32 ----D---- C:\Documents and Settings\Lidija\Application Data\Autodesk 2008-11-06 14:06:32 ----D---- C:\Documents and Settings\All Users\Application Data\Autodesk 2008-11-06 14:00:05 ----A---- C:\WINDOWS\system32\d3dx9_35.dll 2008-11-06 13:59:16 ----D---- C:\Program Files\MSBuild 2008-11-06 13:56:40 ----D---- C:\WINDOWS\system32\XPSViewer 2008-11-06 13:56:39 ----D---- C:\WINDOWS\system32\en-us 2008-11-06 13:55:59 ----D---- C:\Program Files\Reference Assemblies 2008-11-06 13:55:18 ----N---- C:\WINDOWS\system32\spmsg2.dll 2008-11-06 13:55:01 ----HDC---- C:\WINDOWS\$NtUninstallWIC$ 2008-11-05 09:03:52 ----A---- C:\WINDOWS\system32\wnaspi32.dll 2008-10-31 08:26:49 ----D---- C:\Program Files\BORGChat 2008-10-30 13:39:23 ----D---- C:\Program Files\Common Files\Adobe AIR 2008-10-30 13:28:16 ----D---- C:\Documents and Settings\Lidija\Application Data\AdobeUM 2008-10-30 10:49:28 ----A---- C:\WINDOWS\system32\wpcap.dll 2008-10-30 10:49:28 ----A---- C:\WINDOWS\system32\WanPacket.dll 2008-10-28 14:06:34 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip 2008-10-27 16:37:20 ----A---- C:\ssniffer_excep.txt 2008-10-27 16:37:08 ----D---- C:\Program Files\NextSecurity.NET 2008-10-25 17:43:43 ----A---- C:\WINDOWS\NetWatcherPro.ini 2008-10-25 10:46:39 ----D---- C:\Documents and Settings\All Users\Application Data\GRETECH 2008-10-25 10:45:45 ----D---- C:\Documents and Settings\Lidija\Application Data\GRETECH 2008-10-25 10:39:08 ----D---- C:\Program Files\GRETECH 2008-10-24 09:51:05 ----A---- C:\WINDOWS\twain32gid.dll 2008-10-24 07:47:10 ----D---- C:\Documents and Settings\Lidija\Application Data\Sports Interactive 2008-10-22 22:30:12 ----D---- C:\Program Files\Dude 2008-10-22 20:08:55 ----D---- C:\Program Files\NetWatcherPro 2008-10-22 20:08:49 ----A---- C:\WINDOWS\uninst.exe 2008-10-22 20:08:15 ----D---- C:\Program Files\LanTricks 2008-10-22 20:07:43 ----D---- C:\Program Files\ShareScan 2008-10-22 20:07:07 ----D---- C:\Program Files\LAN Search Pro 2008-10-22 20:04:11 ----D---- C:\Program Files\Asset Tracker for Networks 2008-10-22 20:03:33 ----D---- C:\Program Files\Advanced IP Scanner 2008-10-22 20:01:17 ----D---- C:\Documents and Settings\Lidija\Application Data\VyPRESS 2008-10-22 20:01:07 ----D---- C:\Program Files\Vypress Chat 2008-10-21 13:13:24 ----D---- C:\Program Files\PowerISO 2008-10-20 14:37:28 ----D---- C:\Program Files\FDRLab 2008-10-18 21:40:19 ----D---- C:\Documents and Settings\Lidija\Application Data\PlayFirst 2008-10-18 21:40:19 ----D---- C:\Documents and Settings\All Users\Application Data\PlayFirst ======List of files/folders modified in the last 1 months====== 2008-11-14 09:40:40 ----D---- C:\WINDOWS\Temp 2008-11-14 09:40:40 ----D---- C:\Documents and Settings\Lidija\Application Data\Skype 2008-11-14 09:40:23 ----D---- C:\Program Files\Mozilla Firefox 2008-11-14 09:40:17 ----D---- C:\WINDOWS\system32\CatRoot2 2008-11-14 09:39:03 ----D---- C:\Documents and Settings\All Users\Application Data\Babylon 2008-11-14 09:38:41 ----D---- C:\Documents and Settings\Lidija\Application Data\The Bat! 2008-11-14 09:38:40 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-11-14 09:38:37 ----D---- C:\Documents and Settings\Lidija\Application Data\VMware 2008-11-14 09:38:17 ----D---- C:\WINDOWS 2008-11-14 09:37:33 ----D---- C:\WINDOWS\system32 2008-11-14 09:36:43 ----A---- C:\WINDOWS\SchedLgU.Txt 2008-11-14 09:29:55 ----HD---- C:\WINDOWS\inf 2008-11-14 09:29:53 ----RSHDC---- C:\WINDOWS\system32\dllcache 2008-11-14 09:29:53 ----D---- C:\WINDOWS\system32\drivers 2008-11-14 09:29:50 ----HD---- C:\WINDOWS\$hf_mig$ 2008-11-14 09:28:01 ----SHD---- C:\WINDOWS\Installer 2008-11-14 09:28:00 ----D---- C:\WINDOWS\WinSxS 2008-11-14 09:24:15 ----D---- C:\WINDOWS\Help 2008-11-14 09:24:15 ----D---- C:\Program Files\Internet Explorer 2008-11-14 09:21:24 ----D---- C:\WINDOWS\Media 2008-11-14 09:17:33 ----D---- C:\WINDOWS\Debug 2008-11-14 09:16:22 ----D---- C:\WINDOWS\Registration 2008-11-14 09:15:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.TMP 2008-11-14 09:13:06 ----D---- C:\Documents and Settings\Lidija\Application Data\skypePM 2008-11-14 09:09:18 ----RSD---- C:\WINDOWS\Fonts 2008-11-14 09:09:18 ----D---- C:\WINDOWS\system32\wbem 2008-11-14 09:09:18 ----D---- C:\WINDOWS\system32\Setup 2008-11-14 09:09:18 ----D---- C:\WINDOWS\ime 2008-11-14 09:09:18 ----D---- C:\WINDOWS\AppPatch 2008-11-14 08:51:19 ----D---- C:\WINDOWS\security 2008-11-14 08:45:27 ----D---- C:\WINDOWS\system32\CatRoot 2008-11-14 08:42:01 ----D---- C:\Program Files\Messenger 2008-11-14 08:41:55 ----D---- C:\Program Files\Windows Media Player 2008-11-14 08:41:42 ----D---- C:\WINDOWS\system32\inetsrv 2008-11-14 08:41:35 ----D---- C:\WINDOWS\system32\usmt 2008-11-14 08:41:33 ----D---- C:\WINDOWS\PeerNet 2008-11-14 08:41:33 ----D---- C:\Program Files\Movie Maker 2008-11-14 08:39:08 ----D---- C:\WINDOWS\system32\Restore 2008-11-14 08:39:08 ----D---- C:\WINDOWS\system32\npp 2008-11-14 08:39:08 ----D---- C:\WINDOWS\mui 2008-11-14 08:39:06 ----D---- C:\WINDOWS\msagent 2008-11-14 08:39:05 ----D---- C:\WINDOWS\srchasst 2008-11-14 08:39:04 ----D---- C:\Program Files\NetMeeting 2008-11-14 08:39:03 ----D---- C:\WINDOWS\system32\Com 2008-11-14 08:39:00 ----D---- C:\Program Files\Windows NT 2008-11-14 08:39:00 ----D---- C:\Program Files\Outlook Express 2008-11-14 08:38:56 ----D---- C:\Program Files\Common Files\System 2008-11-14 08:38:37 ----D---- C:\WINDOWS\system32\oobe 2008-11-14 08:38:35 ----D---- C:\WINDOWS\system 2008-11-14 08:28:20 ----D---- C:\WINDOWS\ehome 2008-11-13 10:05:17 ----RD---- C:\Program Files 2008-11-12 21:56:53 ----D---- C:\WINDOWS\Microsoft.NET 2008-11-12 21:47:14 ----D---- C:\WINDOWS\system32\DirectX 2008-11-12 21:44:18 ----D---- C:\Program Files\Common Files 2008-11-12 19:38:16 ----SD---- C:\WINDOWS\Downloaded Program Files 2008-11-12 17:31:42 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2008-11-12 16:23:01 ----D---- C:\eclipse 2008-11-12 09:46:14 ----D---- C:\WINDOWS\system32\LogFiles 2008-11-11 11:55:32 ----D---- C:\Documents and Settings\Lidija\Application Data\Azureus 2008-11-10 15:58:57 ----D---- C:\WINDOWS\system32\Samsung_USB_Drivers 2008-11-10 15:31:42 ----D---- C:\Program Files\Samsung 2008-11-10 15:24:27 ----D---- C:\Program Files\Adobe 2008-11-10 13:45:38 ----D---- C:\workspace 2008-11-10 11:41:01 ----SD---- C:\WINDOWS\Tasks 2008-11-10 08:25:12 ----SHD---- C:\RECYCLER 2008-11-07 10:14:33 ----D---- C:\Program Files\Total Video Converter 2008-11-07 08:59:38 ----D---- C:\Program Files\Common Files\Wise Installation Wizard 2008-11-06 17:33:43 ----RSD---- C:\WINDOWS\assembly 2008-11-06 13:59:53 ----D---- C:\Program Files\Common Files\DESIGNER 2008-11-06 13:59:51 ----D---- C:\Program Files\Microsoft Office 2008-11-06 13:55:30 ----D---- C:\WINDOWS\system32\spool 2008-11-03 21:01:00 ----A---- C:\WINDOWS\NeroDigital.ini 2008-10-31 22:34:12 ----A---- C:\SS2_debug.txt 2008-10-31 09:03:59 ----D---- C:\Documents and Settings\Lidija\Application Data\SQL Developer 2008-10-30 13:40:10 ----D---- C:\Documents and Settings\Lidija\Application Data\Adobe 2008-10-30 13:39:04 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2008-10-30 13:38:44 ----D---- C:\Program Files\Common Files\Adobe 2008-10-30 11:06:27 ----D---- C:\Documents and Settings\Lidija\Application Data\Mozilla 2008-10-30 11:06:07 ----D---- C:\WINDOWS\Minidump 2008-10-28 22:06:53 ----D---- C:\Documents and Settings 2008-10-27 16:37:08 ----HD---- C:\Program Files\InstallShield Installation Information 2008-10-21 14:57:00 ----D---- C:\Documents and Settings\Lidija\Application Data\MyPhoneExplorer 2008-10-21 14:31:02 ----D---- C:\Program Files\Vuze 2008-10-15 17:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352] R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592] R1 klif;Klif; \??\C:\WINDOWS\system32\drivers\klif.sys [] R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2007-08-07 33052] R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632] R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832] R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; \??\C:\Program Files\CyberLink\PowerDVD8\000.fcl [] R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys [] R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\Drivers\hcmon.sys [] R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672] R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568] R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400] R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys [] R2 VMnetBridge;VMware Bridge Protocol; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2008-05-15 28592] R2 VMnetuserif;VMware Network Application Interface; \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys [] R2 vmx86;VMware vmx86; \??\C:\WINDOWS\system32\Drivers\vmx86.sys [] R2 vstor2;Vstor2 Virtual Storage Driver; \??\C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys [] R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys [] R3 BCM43XX;Dell Wireless WLAN Card Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2007-10-09 1123328] R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-05-24 328237] R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-05-24 30427] R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-05-24 851434] R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2006-05-24 45683] R3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2006-05-24 30285] R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-24 66488] R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-11-02 989696] R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-11-02 209152] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-03-17 5955872] R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service; C:\WINDOWS\system32\drivers\IntcHdmi.sys [2007-05-04 105984] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-12-13 24592] R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12160] R3 OEM02Dev;Creative Camera OEM002 Driver; C:\WINDOWS\system32\DRIVERS\OEM02Dev.sys [2007-10-11 235648] R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver; C:\WINDOWS\system32\DRIVERS\OEM02Vfx.sys [2007-03-05 7424] R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232] R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2008-05-12 1228296] R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-10-26 216800] R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208] R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] R3 vmkbd;VMware kbd; \??\C:\WINDOWS\system32\drivers\VMkbd.sys [] R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2008-05-15 16816] R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-11-02 730112] S1 DSNPFD;DSNPFD; C:\WINDOWS\system32\drivers\DSNPFD.sys [2008-06-14 15718] S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800] S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-05-24 148900] S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880] S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824] S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232] S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [] S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS [] S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104] S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984] S3 vmusb;VMware USB Client Driver; C:\WINDOWS\System32\Drivers\vmusb.sys [2008-05-15 30768] S3 w800bus;Sony Ericsson W800 driver (WDM); C:\WINDOWS\system32\DRIVERS\w800bus.sys [2005-09-07 60768] S3 w800mdfl;Sony Ericsson W800 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w800mdfl.sys [2005-09-07 9264] S3 w800mdm;Sony Ericsson W800 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\w800mdm.sys [2005-09-07 96224] S3 w800mgmt;Sony Ericsson W800 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\w800mgmt.sys [2005-09-07 87792] S3 w800obex;Sony Ericsson W800 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\w800obex.sys [2005-09-07 85664] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200] S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-09-17 265856] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73472] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AVP;Kaspersky Internet Security 7.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe [2008-02-08 227856] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-05-24 266295] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 OracleXETNSListener;OracleXETNSListener; C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe [2006-02-01 204800] R2 STacSV;SigmaTel Audio Service; C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe [2008-05-12 90112] R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912] R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] R2 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [2008-05-15 109104] R2 vmount2;VMware Virtual Mount Manager Extended; C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe [2007-03-23 269104] R2 VMware NAT Service;VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [2008-05-15 150064] R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine; C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe [2008-10-02 3667304] R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2007-10-09 24064] R2 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [2008-10-12 1066360] S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896] S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-11-12 85096] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632] S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376] S3 MobaSSH1;MobaSSH; C:\WINDOWS\system32\MobaSSH.exe [2008-07-20 5862400] S3 OracleMTSRecoveryService;OracleMTSRecoveryService; C:\oraclexe\app\oracle\product\10.2.0\server\BIN\omtsreco.exe [2006-02-01 57616] S3 OracleServiceXE;OracleServiceXE; c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.EXE [2006-02-01 59064320] S3 OracleXEClrAgent;OracleXEClrAgent; C:\oraclexe\app\oracle\product\10.2.0\server\bin\OraClrAgnt.exe [2006-02-01 45056] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792] S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-06-07 306432] S3 ufad-ws60;VMware Agent Service; C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe [2007-11-30 186928] S4 BMFMySQL;BMFMySQL; C:\Program Files\Quest Software\Benchmark Factory for Databases\Repository\MySQL\bin\mysqld-max-nt.exe [2005-10-22 4431872] S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880] S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920] S4 OracleJobSchedulerXE;OracleJobSchedulerXE; c:\oraclexe\app\oracle\product\10.2.0\server\Bin\extjob.exe [2006-02-01 102400] S4 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\system32\vmnetdhcp.exe [2008-05-15 121392] -----------------EOF----------------- Dopuna: 14 Nov 2008 11:02 by the way instalirao sam (pred prosli post) service pack 3 i ostali security updates. Sad kad skeniram sa Spybot-Search & Destroy ne nalazi infekciju (osim DoubleClick: Tracking cookie (Firefox: default) (Cookie))

Profil

dr_Bora Poslao: 14 Nov 2008 15:27 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Obriši file: C:\WINDOWS\system32\iihjadvy.dll Skini sledeći file na Desktop: [Link mogu videti samo ulogovani korisnici] Dvoklikni na njega i kada se pojavi upit, klikni Yes. Restartuj kompjuter. Isključi a zatim ponovo uključi System Restore: [Link mogu videti samo ulogovani korisnici] To je sve.

Profil

vasileee Poslao: 17 Nov 2008 08:43 Idi na vrh
offline vasileee Novi MyCity građanin Pridružio: 13 Nov 2008 Poruke: 4	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Havla na pomoc. Imam jos samo jedno pitanje. Nikako ne mogu da iskljucim process ctfmon.exe. Pokusao sam i sa brisanje fajl ali on opet se kreira. Kako ga mogu iskljuciti?

Profil

dr_Bora Poslao: 17 Nov 2008 16:56 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ukoliko si siguran da želiš da sprečiš pokretanje tog procesa (tj. da ti nije potrebno to što ti on omogućuje), onda isprati ovo uputstvo: [Link mogu videti samo ulogovani korisnici]

Profil

MyCity » Ambulanta -> Arhiva Ambulante » pomoc sa virtumonde

Ko je trenutno na forumu

Ukupno su 1001 korisnika na forumu :: 78 registrovanih, 9 sakrivenih i 914 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 100ka, 357magnum, A.R.Chafee.Jr., Asparagus, Asteker, baltazar01, bokisha253, Borej, Botovac, branko7, Citalac, d.arsenal321, Darth Wader, DeerHunter, Denaya, dendrit86, DENIRO, djboj, Doca, dzada, FileFinder, Fructo, glados, goran.vvv, h8propaganda, ivan979, Jose, Još malo pa deda, Kalem, kaskadija, Klass, kolle.the.kid, kulus, kybonacci, ladro, lcc, LostInSpaceandTime, LUDI, Magnum_956, mariwoj63, Medojed, mercedesamg, Mercury, Metanoja, mexo, MikeHammer, Miki281, mikidragi, milanpetkovicv, Millennium, MiloradKomadic, mir, morava_01, nebkv, Nikola00, opt1, pablojepao, proka89, Qvazimodo, sajorg, samojednoimeznam, Shinobi, Sir Budimir, Sirius, Sićko, SOVO515, stalja, Stoilkovic, theNedjeljko, Topaz9, trademark1982, umpah-pah, veljkovicdani, Vlada1389, VNVK, Vrač, Zorge, 787

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by