MyCity » Ambulanta -> Arhiva Ambulante » Spybot nemoze da ga ukloni

Spybot nemoze da ga ukloni

Napisano na dan: 8.10.2007

Strana:
1
2
3

Spybot nemoze da ga ukloni

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

trajand Poslao: 09 Okt 2007 21:09 Idi na vrh
offline trajand Građanin Pridružio: 14 Feb 2007 Poruke: 62	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 07-10-09.3 - User 2007-10-09 20:11:13.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.120 [GMT 2:00] Running from: C:\Documents and Settings\User\Desktop\ComboFix.exe * Created a new restore point . ADS - svchost.exe: deleted 68 bytes in 1 streams. ADS - ntoskrnl.exe: deleted 68 bytes in 1 streams. ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\All Users\Application Data.\gfwlofyv.dll C:\Documents and Settings\All Users\Application Data.\gxmpsviz.dll C:\Documents and Settings\All Users\Application Data.\vobstyps.dll C:\Documents and Settings\User\ravmonlog C:\WINDOWS\system32\autorun.ini E:\Autorun.inf . ((((((((((((((((((((((((( Files Created from 2007-09-09 to 2007-10-09 ))))))))))))))))))))))))))))))) . 2007-10-09 20:09 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-10-09 18:46 106,496 --a------ C:\WINDOWS\stshclip.dll 2007-10-09 00:07 <DIR> d-------- C:\Program Files\Lavasoft 2007-10-09 00:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2007-10-08 23:23 <DIR> d-------- C:\Program Files\SystemDefender 2007-10-08 22:50 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2007-10-08 21:56 <DIR> d-------- C:\Program Files\PerfMon 2007-10-08 21:56 106,496 --a------ C:\WINDOWS\jqrstidq.dll 2007-10-08 19:25 <DIR> d-------- C:\Program Files\FDRLab 2007-10-08 17:49 <DIR> d-------- C:\VundoFix Backups 2007-10-08 09:56 <DIR> d-------- C:\WINDOWS\PerfInfo 2007-10-08 09:56 <DIR> d-------- C:\Program Files\SDMon 2007-10-08 09:55 <DIR> d-------- C:\Program Files\zuvelqxg 2007-10-08 09:55 110,592 --a------ C:\WINDOWS\idapwfof.dll 2007-10-04 00:33 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2007-10-04 00:28 141,312 --a------ C:\WINDOWS\system32\MSCMCFR.DLL 2007-10-04 00:28 119,568 --a------ C:\WINDOWS\system32\VB6FR.DLL 2007-10-04 00:28 59,904 --a------ C:\WINDOWS\system32\Mscc2fr.dll 2007-10-04 00:28 32,768 --a------ C:\WINDOWS\system32\CMDLGFR.DLL 2007-10-04 00:28 21,504 --a------ C:\WINDOWS\system32\TABCTFR.DLL 2007-10-04 00:28 15,360 --a------ C:\WINDOWS\system32\inetfr.DLL 2007-10-04 00:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound 2007-10-04 00:12 <DIR> d-------- C:\Program Files\NCH Swift Sound 2007-10-04 00:12 <DIR> d-------- C:\Documents and Settings\User\Application Data\NCH Swift Sound 2007-10-04 00:02 1,662,976 --a------ C:\WINDOWS\system32\NCTAudioCompress2.dll 2007-10-04 00:02 892,928 --a------ C:\WINDOWS\system32\NCTAudioInformation.dll 2007-10-04 00:02 647,168 --a------ C:\WINDOWS\system32\NCTAudioLibrary.dll 2007-10-04 00:02 413,760 --a------ C:\WINDOWS\system32\mpg4c32.dll 2007-10-04 00:02 335,872 --a------ C:\WINDOWS\system32\NCTAudioVisualization2.dll 2007-10-04 00:02 327,680 --a------ C:\WINDOWS\system32\NCTAudioGrabber.dll 2007-10-04 00:02 315,392 --a------ C:\WINDOWS\system32\NCTAudioPlayer2.dll 2007-10-04 00:02 309,616 --a------ C:\WINDOWS\system32\wmv8dmod.dll 2007-10-04 00:02 307,200 --a------ C:\WINDOWS\system32\NCTAudioRecord2.dll 2007-10-03 23:52 <DIR> d-------- C:\WINDOWS\system32\Quick Time 2007-10-03 23:52 <DIR> d-------- C:\My Media 2007-10-03 23:51 <DIR> d-------- C:\Program Files\Audio Converter 2007-10-03 23:51 245,760 --------- C:\WINDOWS\Setup1.exe 2007-10-03 23:51 73,216 --a------ C:\WINDOWS\ST6UNST.EXE 2007-10-03 23:43 24 --a------ C:\WINDOWS\system32\sysmwwod.dll 2007-10-03 23:36 <DIR> d-------- C:\Program Files\ACE-HIGH MP3 WAV WMA OGG Converter 2007-10-03 23:36 1,703,936 --a------ C:\WINDOWS\system32\NCTAudioFile.dll 2007-10-03 23:36 360,448 --a------ C:\WINDOWS\system32\NCTWMAFile.dll 2007-10-01 23:06 <DIR> d-------- C:\Program Files\IObit 2007-09-27 00:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Arovax 2007-09-26 22:05 2,252 --a------ C:\WINDOWS\system32\tmp.reg 2007-09-26 22:04 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2007-09-26 22:04 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-09-26 22:04 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-09-26 22:04 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-09-26 21:02 <DIR> d-------- C:\Program Files\FastStone Capture 2007-09-25 17:41 <DIR> d-------- C:\Program Files\Nexus_Radio 2007-09-25 17:40 <DIR> d-------- C:\Program Files\Nexus Radio 2007-09-25 17:40 <DIR> d-------- C:\My Recorded Files 2007-09-24 22:32 <DIR> d-------- C:\Program Files\X3mE Yamb 2007-09-24 22:32 <DIR> d-------- C:\Documents and Settings\User\Application Data\X3mE Yamb 2007-09-24 22:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\X3mE Yamb 2007-09-24 22:14 <DIR> d-------- C:\Documents and Settings\User\Application Data\XnView 2007-09-24 22:13 <DIR> d-------- C:\Program Files\XnView 2007-09-24 18:29 <DIR> d-------- C:\Program Files\GameTop.com 2007-09-24 18:03 <DIR> d-------- C:\Documents and Settings\User\Application Data\MailFrontier 2007-09-24 17:57 17,047,584 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2007-09-24 17:55 <DIR> d--h----- C:\WINDOWS\$hf_mig$ 2007-09-24 17:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier 2007-09-24 17:50 75,248 --a------ C:\WINDOWS\zllsputility.exe 2007-09-24 17:50 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2007-09-24 17:29 <DIR> d-------- C:\WINDOWS\Internet Logs 2007-09-24 17:10 <DIR> d-------- C:\Program Files\WinAlarm 2007-09-24 17:00 203,776 --a------ C:\WINDOWS\system32\clrviddc.dll 2007-09-23 22:54 <DIR> d-------- C:\Documents and Settings\User\Contacts 2007-09-23 22:52 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE 2007-09-23 22:52 <DIR> d-------- C:\Program Files\MSN Messenger 2007-09-22 18:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Prevx 2007-09-12 18:55 <DIR> d-------- C:\Program Files\Common Files\xing shared 2007-09-12 18:55 0 --a------ C:\WINDOWS\nsreg.dat 2007-09-12 18:53 <DIR> d-------- C:\Program Files\Real 2007-09-12 18:53 <DIR> d-------- C:\Program Files\Common Files\Real 2007-09-12 18:53 <DIR> d-------- C:\Documents and Settings\User\Application Data\Real 2007-09-12 18:50 4,177 --a------ C:\WINDOWS\mozver.dat 2007-09-11 13:11 129,784 --------- C:\WINDOWS\system32\pxafs.dll 2007-09-11 13:11 43,528 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys 2007-09-11 13:11 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys 2007-09-11 13:11 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys 2007-09-11 11:32 <DIR> d-------- C:\Documents and Settings\User\Application Data\Yahoo! 2007-09-11 11:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2007-09-11 11:26 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! 2007-09-09 20:02 <DIR> d-------- C:\Program Files\Electronic Piano 2.5 2007-09-09 00:43 <DIR> d-------- C:\Documents and Settings\User\Application Data\gtopala 2007-09-09 00:38 <DIR> d-------- C:\Program Files\mp3DirectCut 2007-09-09 00:36 <DIR> d-------- C:\Program Files\AudioShell 2007-09-09 00:34 <DIR> d-------- C:\Program Files\Smart Cars . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-10-09 18:16 200,828 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2007-10-09 17:14 --------- d-----w C:\Documents and Settings\User\Application Data\OpenOffice.org2 2007-10-08 18:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-10-07 16:52 --------- d-----w C:\Program Files\LeaderGL_FlexEditor 2007-09-29 11:21 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2007-09-26 19:02 --------- d-----w C:\Documents and Settings\User\Application Data\FastStone 2007-09-25 20:39 --------- d-----w C:\Documents and Settings\User\Application Data\Skype 2007-09-24 21:08 --------- d-----w C:\Documents and Settings\User\Application Data\Google 2007-09-24 21:07 --------- d-----w C:\Program Files\Google 2007-09-16 20:14 --------- d-----w C:\Documents and Settings\User\Application Data\AdobeUM 2007-09-12 22:59 --------- d-----w C:\Program Files\Internet Radar 2007-09-11 17:35 --------- d-----w C:\Program Files\Total Video Converter 2007-09-11 09:26 --------- d-----w C:\Program Files\Yahoo! 2007-09-08 11:28 --------- d-----w C:\Program Files\Skype 2007-09-06 14:14 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll 2007-09-04 16:44 --------- d-----w C:\Program Files\AoA Audio Extractor 2007-09-04 15:44 3,262,710 --sh--r C:\AVG7DB_F.DAT 2007-09-04 12:29 --------- d-----w C:\Program Files\Kaspersky Lab 2007-09-03 18:14 --------- d-----w C:\Program Files\MotoKup 2007-09-03 17:43 --------- d-----w C:\Program Files\LibUSB-Win32-0.1.10.1 2007-08-28 14:06 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2007-08-06 15:12 47,399 ----a-w C:\WINDOWS\BricoPackUninst.cmd 2007-08-06 15:12 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll 2007-07-30 17:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-07-30 17:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll 2007-07-30 17:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe 2007-07-30 17:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll 2007-07-30 17:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll 2007-07-30 17:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll 2007-07-30 17:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll 2007-07-30 17:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll 2007-07-30 17:18 207,736 ----a-w C:\WINDOWS\system32\muweb.dll 2006-08-03 20:08 24,192 ----a-w C:\Documents and Settings\User\usbsermptxp.sys 2006-08-03 20:08 22,768 ----a-w C:\Documents and Settings\User\usbsermpt.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{34f866d4-1dd2-11b2-878d-c342529e6a5b}] 2007-10-09 18:46 106496 --a------ C:\WINDOWS\stshclip.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{605be7be-1dd2-11b2-9677-a5427ab0e805}] 2007-10-08 09:55 110592 --a------ C:\WINDOWS\idapwfof.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{941fa258-1dd1-11b2-9e5e-e02276d31e39}] 2007-10-08 21:56 106496 --a------ C:\WINDOWS\jqrstidq.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-05-24 21:05] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-09-15 17:35] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-09-12 18:53] "YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [2007-06-08 16:59] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00] "WinAlarm"="C:\Program Files\WinAlarm\WinAlarm.exe" [2006-03-30 19:30] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-09-06 16:14] "Advanced WindowsCare V2 Personal"="C:\Program Files\IObit\Advanced WindowsCare V2\Awcl.exe" [2007-09-19 21:33] "CheckWinPerf"="C:\Program Files\PerfMon\perfmon32.exe" [2007-10-08 21:56] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-12 16:53] "YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [2007-06-08 16:59] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveSearch"=1 (0x1) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 nwprovau [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk backup=C:\WINDOWS\pss\InterVideo WinCinema Manager.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^User^Start Menu^Programs^Startup^OpenOffice.org 2.0.lnk] path=C:\Documents and Settings\User\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^User^Start Menu^Programs^Startup^Winamp Agent.lnk] path=C:\Documents and Settings\User\Start Menu\Programs\Startup\Winamp Agent.lnk backup=C:\WINDOWS\pss\Winamp Agent.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background R0 iteraid;ITERAID_Service_Install;C:\WINDOWS\system32\DRIVERS\iteraid.sys R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;C:\WINDOWS\system32\drivers\libusb0.sys S3 BTNetFilter;Bluetooth Network Filter;\??\C:\WINDOWS\system32\drivers\BTNetFilter.sys S3 GVCplDrv;GVCplDrv;C:\WINDOWS\system32\drivers\GVCplDrv.sys S3 USBModem000;LGE Mobile USB Modem TC;C:\WINDOWS\system32\DRIVERS\usbser.sys S3 usbsermptxp;Motorola USB Modem Driver for MPT XP;C:\WINDOWS\system32\DRIVERS\usbsermptxp.sys S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;"C:\Program Files\MSN Messenger\usnsvc.exe" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E] AutoRun\command - SSVICHOSST.exe Open\command - SSVICHOSST.exe . Contents of the 'Scheduled Tasks' folder "2007-09-07 15:15:00 C:\WINDOWS\Tasks\1-Click Maintenance.job" - C:\Program Files\TuneUp Utilities 2004\SystemOptimizer.exe . ************************************************************************ catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2007-10-09 20:18:39 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2007-10-09 20:21:06 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 2007-10-09 20:21 . --- E O F --- Dopuna: 09 Okt 2007 20:33 Logfile of HijackThis v1.99.1 Scan saved at 20:30:01, on 9.10.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\libusbd-nt.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\WinAlarm\WinAlarm.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\IObit\Advanced WindowsCare V2\Awcl.exe C:\Program Files\PerfMon\perfmon32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\Documents and Settings\User\Desktop\DEKIJEVI PROGRAMI\programi\hjd.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = runonce.msn.com/?v=msgrv75 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/http://www.yahoo.com/ext/search/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {34f866d4-1dd2-11b2-878d-c342529e6a5b} - C:\WINDOWS\stshclip.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: (no name) - {605be7be-1dd2-11b2-9677-a5427ab0e805} - C:\WINDOWS\idapwfof.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [WinAlarm] C:\Program Files\WinAlarm\WinAlarm.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Advanced WindowsCare V2 Personal] "C:\Program Files\IObit\Advanced WindowsCare V2\Awcl.exe" /startup O4 - HKLM\..\Run: [CheckWinPerf] C:\Program Files\PerfMon\perfmon32.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: Radar - C:\Program Files\Internet Radar\Radar.html O8 - Extra context menu item: Sledeci - C:\Program Files\Internet Radar\Sledeci.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: O sajtu - {A33D72F1-0CA3-4522-AF0E-DBCAC81F29C2} - C:\Program Files\Internet Radar\InternetRadar.dll O9 - Extra button: Radar - {A727176C-7630-49d5-ACC0-EDA518EA0D73} - C:\Program Files\Internet Radar\Radar.html O9 - Extra button: Sledeci - {A8B4C482-2491-431d-90CC-19590FB1D12E} - C:\Program Files\Internet Radar\Sledeci.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com/windowsupdate/v6/V.....0646200812 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com/microsoftupdate/v6.....0646378484 O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - cid-2de61aecde808392.spaces.live.com/PhotoUpload/MsnPUpld.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9B5225C2-7F5E-441B-ACAD-FEC7B3765330}: NameServer = 192.168.0.254,212.200.36.11 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - libusb-win32.sourceforge.net - C:\WINDOWS\system32\libusbd-nt.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Stiklirao sam samo BHO jer ovih drugih nema Dopuna: 09 Okt 2007 20:48 Logfile of HijackThis v1.99.1 Scan saved at 20:46:09, on 9.10.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\libusbd-nt.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\WinAlarm\WinAlarm.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\IObit\Advanced WindowsCare V2\Awcl.exe C:\Program Files\PerfMon\perfmon32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Documents and Settings\User\Desktop\DEKIJEVI PROGRAMI\programi\hjd.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = runonce.msn.com/?v=msgrv75 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/http://www.yahoo.com/ext/search/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {34f866d4-1dd2-11b2-878d-c342529e6a5b} - C:\WINDOWS\stshclip.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: (no name) - {605be7be-1dd2-11b2-9677-a5427ab0e805} - C:\WINDOWS\idapwfof.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [WinAlarm] C:\Program Files\WinAlarm\WinAlarm.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Advanced WindowsCare V2 Personal] "C:\Program Files\IObit\Advanced WindowsCare V2\Awcl.exe" /startup O4 - HKLM\..\Run: [CheckWinPerf] C:\Program Files\PerfMon\perfmon32.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: Radar - C:\Program Files\Internet Radar\Radar.html O8 - Extra context menu item: Sledeci - C:\Program Files\Internet Radar\Sledeci.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: O sajtu - {A33D72F1-0CA3-4522-AF0E-DBCAC81F29C2} - C:\Program Files\Internet Radar\InternetRadar.dll O9 - Extra button: Radar - {A727176C-7630-49d5-ACC0-EDA518EA0D73} - C:\Program Files\Internet Radar\Radar.html O9 - Extra button: Sledeci - {A8B4C482-2491-431d-90CC-19590FB1D12E} - C:\Program Files\Internet Radar\Sledeci.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com/windowsupdate/v6/V.....0646200812 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com/microsoftupdate/v6.....0646378484 O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - cid-2de61aecde808392.spaces.live.com/PhotoUpload/MsnPUpld.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9B5225C2-7F5E-441B-ACAD-FEC7B3765330}: NameServer = 192.168.0.254,212.200.36.11 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - libusb-win32.sourceforge.net - C:\WINDOWS\system32\libusbd-nt.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Edit [dr_Bora]: file-ove uploadovati preko linka za upload za Ambulantu, a ne korišćenjem opcije Prikači fajl i svakako ne postavljati linkove ovde! Dopuna: 09 Okt 2007 21:09 Ovo brate nemože da se uništi!AVG mi nadje Zloba a kad pritisnem HEAL pojavi mi se ono upozorenje

Profil

bobby Poslao: 09 Okt 2007 21:54 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jesi li to instalirao neke nove programe u medjuvremenu? Vidim neke nove stvari u logovima koje u proslim logovima nisi imao. Skeniraj ponovo HijackThisom i stikliraj polja ispred sledecih linija: O2 - BHO: (no name) - {34f866d4-1dd2-11b2-878d-c342529e6a5b} - C:\WINDOWS\stshclip.dll O2 - BHO: (no name) - {605be7be-1dd2-11b2-9677-a5427ab0e805} - C:\WINDOWS\idapwfof.dll O4 - HKLM\..\Run: [CheckWinPerf] C:\Program Files\PerfMon\perfmon32.exe Klikni Fix Checked i restartuj komp. Napravi novi HJT log koji ces postaviti u poruci.

Profil

trajand Poslao: 10 Okt 2007 17:34 Idi na vrh
offline trajand Građanin Pridružio: 14 Feb 2007 Poruke: 62	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of HijackThis v1.99.1 Scan saved at 17:31:11, on 10.10.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\WINDOWS\system32\libusbd-nt.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\WinAlarm\WinAlarm.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\IObit\Advanced WindowsCare V2\Awcl.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\User\Desktop\DEKIJEVI PROGRAMI\programi\hjd.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = runonce.msn.com/?v=msgrv75 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/http://www.yahoo.com/ext/search/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [WinAlarm] C:\Program Files\WinAlarm\WinAlarm.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Advanced WindowsCare V2 Personal] "C:\Program Files\IObit\Advanced WindowsCare V2\Awcl.exe" /startup O4 - HKLM\..\Run: [SystemDefender] "C:\Program Files\SystemDefender\SystemDefender.exe" hide O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: Radar - C:\Program Files\Internet Radar\Radar.html O8 - Extra context menu item: Sledeci - C:\Program Files\Internet Radar\Sledeci.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: O sajtu - {A33D72F1-0CA3-4522-AF0E-DBCAC81F29C2} - C:\Program Files\Internet Radar\InternetRadar.dll O9 - Extra button: Radar - {A727176C-7630-49d5-ACC0-EDA518EA0D73} - C:\Program Files\Internet Radar\Radar.html O9 - Extra button: Sledeci - {A8B4C482-2491-431d-90CC-19590FB1D12E} - C:\Program Files\Internet Radar\Sledeci.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com/windowsupdate/v6/V.....0646200812 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com/microsoftupdate/v6.....0646378484 O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - cid-2de61aecde808392.spaces.live.com/PhotoUpload/MsnPUpld.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9B5225C2-7F5E-441B-ACAD-FEC7B3765330}: NameServer = 192.168.0.254,212.200.36.11 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - libusb-win32.sourceforge.net - C:\WINDOWS\system32\libusbd-nt.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Dopuna: 10 Okt 2007 17:34 Instalirao sam Ad aware neznam kako da zaustavim infiltriranje ovoga.

Profil

bobby Poslao: 10 Okt 2007 23:01 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jesi li obrisao bio C:\Program Files\SystemDefender\SystemDefender.exe? To sam ti rekao pre par postova, i jedno vreme ga nije bilo u logu a sada ga ponovo ima u zadnjem logu. Jeli moguce da si se ponovo zarazio istom infekcijom? Ovakve infekcije se dobijaju iz mailova i posetama sumnjivim sajtovima. Jesi li u medjuvremenu dosao u situaciju da se ponovo zarazis posetom nekim sajtovima ili otvaranjem mailova od nepoznatih osoba? Posalji mi taj fajl na upload za Ambulantu: http://www.mycity.rs/ambulanta-upload.php

Profil

trajand Poslao: 10 Okt 2007 23:37 Idi na vrh
offline trajand Građanin Pridružio: 14 Feb 2007 Poruke: 62	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! nisam isao na sumljive sajtove niti sam otvarao nepoznat mail.Tog fajla nema vec par sati mi se nepojavljuje ali mi se pre pola sata otvorio inernet exlorer 56 prozora dok se nisam diskonektovao. Dopuna: 10 Okt 2007 23:33 Logfile of HijackThis v1.99.1 Scan saved at 23:31:16, on 10.10.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\PROGRA~1\Grisoft\AVG7\avgemc.exe C:\WINDOWS\system32\libusbd-nt.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\WinAlarm\WinAlarm.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\IObit\Advanced WindowsCare V2\Awcl.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Program Files\FastStone Capture\FSCapture.exe C:\Documents and Settings\User\Desktop\DEKIJEVI PROGRAMI\programi\hjd.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = runonce.msn.com/?v=msgrv75 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/http://www.yahoo.com/ext/search/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [WinAlarm] C:\Program Files\WinAlarm\WinAlarm.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [Advanced WindowsCare V2 Personal] "C:\Program Files\IObit\Advanced WindowsCare V2\Awcl.exe" /startup O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: Radar - C:\Program Files\Internet Radar\Radar.html O8 - Extra context menu item: Sledeci - C:\Program Files\Internet Radar\Sledeci.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: O sajtu - {A33D72F1-0CA3-4522-AF0E-DBCAC81F29C2} - C:\Program Files\Internet Radar\InternetRadar.dll O9 - Extra button: Radar - {A727176C-7630-49d5-ACC0-EDA518EA0D73} - C:\Program Files\Internet Radar\Radar.html O9 - Extra button: Sledeci - {A8B4C482-2491-431d-90CC-19590FB1D12E} - C:\Program Files\Internet Radar\Sledeci.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com/windowsupdate/v6/V.....0646200812 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - update.microsoft.com/microsoftupdate/v6.....0646378484 O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - cid-2de61aecde808392.spaces.live.com/PhotoUpload/MsnPUpld.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{9B5225C2-7F5E-441B-ACAD-FEC7B3765330}: NameServer = 192.168.0.254,212.200.36.11 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - libusb-win32.sourceforge.net - C:\WINDOWS\system32\libusbd-nt.exe O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Dopuna: 10 Okt 2007 23:37 Da li znas koji anti spy da instaliram a da moze ovo s...e da spreci?

Profil

bobby Poslao: 10 Okt 2007 23:40 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skeniraj komp sa GMER-om i postavi log da proverimo da nema nekih rootkitova... Uradi sledeće: Preuzmi fajl gmer.zip sa ovog linka i sačuvaj na Desktop-u. Raspakuj ga u neki folder. Dupli klik na gmer.exe za početak: Izaberi Rootkit Tab na vrhu. Klikni na Scan. Kada je skeniranje završeno, prikaci log fajl uz poruku na forumu (opcija Prikaci fajl ispod polja za pisanje poruke na forumu)

Profil

trajand Poslao: 11 Okt 2007 00:14 Idi na vrh
offline trajand Građanin Pridružio: 14 Feb 2007 Poruke: 62	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png

Profil

bobby Poslao: 11 Okt 2007 22:11 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! GMER log je cist. Skeniraj ponovo ComboFix-om i postavi mi log.

Profil

trajand Poslao: 13 Okt 2007 20:40 Idi na vrh
offline trajand Građanin Pridružio: 14 Feb 2007 Poruke: 62	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 07-10-12.4 - User 2007-10-13 20:30:47.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.127 [GMT 2:00] Running from: C:\Documents and Settings\User\Desktop\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2007-09-13 to 2007-10-13 ))))))))))))))))))))))))))))))) . 2007-10-09 20:09 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-10-09 18:46 106,496 --a------ C:\WINDOWS\stshclip.dll 2007-10-09 00:07 <DIR> d-------- C:\Program Files\Lavasoft 2007-10-09 00:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft 2007-10-08 22:50 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe 2007-10-08 21:56 <DIR> d-------- C:\Program Files\PerfMon 2007-10-08 19:25 <DIR> d-------- C:\Program Files\FDRLab 2007-10-08 17:49 <DIR> d-------- C:\VundoFix Backups 2007-10-08 09:56 <DIR> d-------- C:\WINDOWS\PerfInfo 2007-10-08 09:56 <DIR> d-------- C:\Program Files\SDMon 2007-10-08 09:55 <DIR> d-------- C:\Program Files\zuvelqxg 2007-10-04 00:33 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2007-10-04 00:28 141,312 --a------ C:\WINDOWS\system32\MSCMCFR.DLL 2007-10-04 00:28 119,568 --a------ C:\WINDOWS\system32\VB6FR.DLL 2007-10-04 00:28 59,904 --a------ C:\WINDOWS\system32\Mscc2fr.dll 2007-10-04 00:28 32,768 --a------ C:\WINDOWS\system32\CMDLGFR.DLL 2007-10-04 00:28 21,504 --a------ C:\WINDOWS\system32\TABCTFR.DLL 2007-10-04 00:28 15,360 --a------ C:\WINDOWS\system32\inetfr.DLL 2007-10-04 00:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NCH Swift Sound 2007-10-04 00:12 <DIR> d-------- C:\Program Files\NCH Swift Sound 2007-10-04 00:12 <DIR> d-------- C:\Documents and Settings\User\Application Data\NCH Swift Sound 2007-10-04 00:02 1,662,976 --a------ C:\WINDOWS\system32\NCTAudioCompress2.dll 2007-10-04 00:02 892,928 --a------ C:\WINDOWS\system32\NCTAudioInformation.dll 2007-10-04 00:02 647,168 --a------ C:\WINDOWS\system32\NCTAudioLibrary.dll 2007-10-04 00:02 413,760 --a------ C:\WINDOWS\system32\mpg4c32.dll 2007-10-04 00:02 335,872 --a------ C:\WINDOWS\system32\NCTAudioVisualization2.dll 2007-10-04 00:02 327,680 --a------ C:\WINDOWS\system32\NCTAudioGrabber.dll 2007-10-04 00:02 315,392 --a------ C:\WINDOWS\system32\NCTAudioPlayer2.dll 2007-10-04 00:02 309,616 --a------ C:\WINDOWS\system32\wmv8dmod.dll 2007-10-04 00:02 307,200 --a------ C:\WINDOWS\system32\NCTAudioRecord2.dll 2007-10-03 23:52 <DIR> d-------- C:\WINDOWS\system32\Quick Time 2007-10-03 23:52 <DIR> d-------- C:\My Media 2007-10-03 23:51 <DIR> d-------- C:\Program Files\Audio Converter 2007-10-03 23:51 245,760 --------- C:\WINDOWS\Setup1.exe 2007-10-03 23:51 73,216 --a------ C:\WINDOWS\ST6UNST.EXE 2007-10-03 23:43 24 --a------ C:\WINDOWS\system32\sysmwwod.dll 2007-10-03 23:36 <DIR> d-------- C:\Program Files\ACE-HIGH MP3 WAV WMA OGG Converter 2007-10-03 23:36 1,703,936 --a------ C:\WINDOWS\system32\NCTAudioFile.dll 2007-10-03 23:36 360,448 --a------ C:\WINDOWS\system32\NCTWMAFile.dll 2007-10-02 07:16 <DIR> d-------- C:\Documents and Settings\NetworkService\Application Data\AVG7 2007-10-01 23:06 <DIR> d-------- C:\Program Files\IObit 2007-09-27 00:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Arovax 2007-09-26 22:05 2,252 --a------ C:\WINDOWS\system32\tmp.reg 2007-09-26 22:04 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2007-09-26 22:04 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-09-26 22:04 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-09-26 22:04 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-09-26 21:02 <DIR> d-------- C:\Program Files\FastStone Capture 2007-09-25 17:41 <DIR> d-------- C:\Program Files\Nexus_Radio 2007-09-25 17:40 <DIR> d-------- C:\Program Files\Nexus Radio 2007-09-25 17:40 <DIR> d-------- C:\My Recorded Files 2007-09-24 22:32 <DIR> d-------- C:\Program Files\X3mE Yamb 2007-09-24 22:32 <DIR> d-------- C:\Documents and Settings\User\Application Data\X3mE Yamb 2007-09-24 22:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\X3mE Yamb 2007-09-24 22:14 <DIR> d-------- C:\Documents and Settings\User\Application Data\XnView 2007-09-24 22:13 <DIR> d-------- C:\Program Files\XnView 2007-09-24 21:48 <DIR> d-------- C:\WINDOWS\Sun 2007-09-24 18:29 <DIR> d-------- C:\Program Files\GameTop.com 2007-09-24 18:03 <DIR> d-------- C:\Documents and Settings\User\Application Data\MailFrontier 2007-09-24 17:57 21,282,848 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2007-09-24 17:55 <DIR> d--h----- C:\WINDOWS\$hf_mig$ 2007-09-24 17:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier 2007-09-24 17:50 75,248 --a------ C:\WINDOWS\zllsputility.exe 2007-09-24 17:50 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat 2007-09-24 17:29 <DIR> d-------- C:\WINDOWS\Internet Logs 2007-09-24 17:10 <DIR> d-------- C:\Program Files\WinAlarm 2007-09-24 17:00 203,776 --a------ C:\WINDOWS\system32\clrviddc.dll 2007-09-23 22:54 <DIR> d-------- C:\Documents and Settings\User\Contacts 2007-09-23 22:52 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE 2007-09-23 22:52 <DIR> d-------- C:\Program Files\MSN Messenger 2007-09-22 18:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Prevx 2007-09-17 17:16 <DIR> d-------- C:\Program Files\Java 2007-09-17 17:13 <DIR> d-------- C:\Program Files\Common Files\Java . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-10-13 18:28 --------- d-----w C:\Documents and Settings\User\Application Data\OpenOffice.org2 2007-10-13 11:28 249,884 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2007-10-10 18:47 --------- d-----w C:\Documents and Settings\User\Application Data\AVG7 2007-10-10 18:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-10-09 14:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\AVG7 2007-10-07 16:52 --------- d-----w C:\Program Files\LeaderGL_FlexEditor 2007-10-01 06:00 --------- d-----w C:\Documents and Settings\LocalService\Application Data\AVG7 2007-09-29 11:21 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2007-09-26 19:02 --------- d-----w C:\Documents and Settings\User\Application Data\FastStone 2007-09-25 20:39 --------- d-----w C:\Documents and Settings\User\Application Data\Skype 2007-09-24 21:07 --------- d-----w C:\Program Files\Google 2007-09-16 20:14 --------- d-----w C:\Documents and Settings\User\Application Data\AdobeUM 2007-09-12 22:59 --------- d-----w C:\Program Files\Internet Radar 2007-09-12 16:55 --------- d-----w C:\Program Files\Real 2007-09-12 16:55 --------- d-----w C:\Program Files\Common Files\xing shared 2007-09-12 16:54 --------- d-----w C:\Program Files\Common Files\Real 2007-09-11 17:35 --------- d-----w C:\Program Files\Total Video Converter 2007-09-11 09:32 --------- d-----w C:\Documents and Settings\User\Application Data\Yahoo! 2007-09-11 09:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2007-09-11 09:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\Yahoo! 2007-09-11 09:26 --------- d-----w C:\Program Files\Yahoo! 2007-09-09 18:02 --------- d-----w C:\Program Files\Electronic Piano 2.5 2007-09-08 22:43 --------- d-----w C:\Documents and Settings\User\Application Data\gtopala 2007-09-08 22:38 --------- d-----w C:\Program Files\mp3DirectCut 2007-09-08 22:36 --------- d-----w C:\Program Files\AudioShell 2007-09-08 22:34 --------- d-----w C:\Program Files\Smart Cars 2007-09-08 11:28 --------- d-----w C:\Program Files\Skype 2007-09-06 14:14 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll 2007-09-04 16:44 --------- d-----w C:\Program Files\AoA Audio Extractor 2007-09-04 15:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft 2007-09-04 15:44 3,262,710 --sh--r C:\AVG7DB_F.DAT 2007-09-04 12:29 --------- d-----w C:\Program Files\Kaspersky Lab 2007-09-03 18:14 --------- d-----w C:\Program Files\MotoKup 2007-09-03 17:43 --------- d-----w C:\Program Files\LibUSB-Win32-0.1.10.1 2007-08-28 14:06 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2007-08-06 15:12 47,399 ----a-w C:\WINDOWS\BricoPackUninst.cmd 2007-08-06 15:12 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll 2007-07-30 17:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-07-30 17:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll 2007-07-30 17:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe 2007-07-30 17:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll 2007-07-30 17:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll 2007-07-30 17:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll 2007-07-30 17:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll 2007-07-30 17:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll 2007-07-30 17:18 207,736 ----a-w C:\WINDOWS\system32\muweb.dll 2006-08-03 20:08 24,192 ----a-w C:\Documents and Settings\User\usbsermptxp.sys 2006-08-03 20:08 22,768 ----a-w C:\Documents and Settings\User\usbsermpt.sys . ((((((((((((((((((((((((((((( snapshot@2007-10-09_20.19.48.98 ))))))))))))))))))))))))))))))))))))))))) . + 2007-10-10 21:41:20 585,791 ----a-w C:\WINDOWS\gmer.dll + 2007-06-29 07:38:18 581,632 ----a-w C:\WINDOWS\gmer.exe + 2007-10-10 21:41:20 70,001 ----a-w C:\WINDOWS\system32\drivers\gmer.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-05-24 21:05] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-09-15 17:35] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-09-12 18:53] "YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [2007-06-08 16:59] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00] "WinAlarm"="C:\Program Files\WinAlarm\WinAlarm.exe" [2006-03-30 19:30] "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-09-06 16:14] "Advanced WindowsCare V2 Personal"="C:\Program Files\IObit\Advanced WindowsCare V2\Awcl.exe" [2007-09-19 21:33] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-12 16:53] "YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [2007-06-08 16:59] "Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 17:43] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveSearch"=1 (0x1) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] "Authentication Packages"= msv1_0 nwprovau [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^InterVideo WinCinema Manager.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\InterVideo WinCinema Manager.lnk backup=C:\WINDOWS\pss\InterVideo WinCinema Manager.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^User^Start Menu^Programs^Startup^OpenOffice.org 2.0.lnk] path=C:\Documents and Settings\User\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^User^Start Menu^Programs^Startup^Winamp Agent.lnk] path=C:\Documents and Settings\User\Start Menu\Programs\Startup\Winamp Agent.lnk backup=C:\WINDOWS\pss\Winamp Agent.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background R0 iteraid;ITERAID_Service_Install;C:\WINDOWS\system32\DRIVERS\iteraid.sys R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;C:\WINDOWS\system32\drivers\libusb0.sys S3 BTNetFilter;Bluetooth Network Filter;\??\C:\WINDOWS\system32\drivers\BTNetFilter.sys S3 GVCplDrv;GVCplDrv;C:\WINDOWS\system32\drivers\GVCplDrv.sys S3 USBModem000;LGE Mobile USB Modem TC;C:\WINDOWS\system32\DRIVERS\usbser.sys S3 usbsermptxp;Motorola USB Modem Driver for MPT XP;C:\WINDOWS\system32\DRIVERS\usbsermptxp.sys S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;"C:\Program Files\MSN Messenger\usnsvc.exe" . Contents of the 'Scheduled Tasks' folder "2007-10-12 15:15:00 C:\WINDOWS\Tasks\1-Click Maintenance.job" - C:\Program Files\TuneUp Utilities 2004\SystemOptimizer.exe . ************************************************************************ catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2007-10-13 20:34:48 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2007-10-13 20:37:17 C:\ComboFix-quarantined-files.txt ... 2007-10-09 20:21 C:\ComboFix2.txt ... 2007-10-09 20:21 . --- E O F ---

Profil

bobby Poslao: 13 Okt 2007 21:17 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kazi mi od prilike datum kada se pojavila infekcija da ne bih morao da te molim za jos uploada fajlova na proveru.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Spybot nemoze da ga ukloni

Ko je trenutno na forumu

Ukupno su 1103 korisnika na forumu :: 31 registrovanih, 2 sakrivenih i 1070 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Alibaba1981, Andrija357, Atomski čoban, Bickoooo, bojan_t, bokisha253, DeerHunter, Georgius, HrcAk47, kokodakalo, kolle.the.kid, Kubovac, kybonacci, ladro, loon123, mercedesamg, milenko crazy north, moldway, Neutral-M, niksa517, nuke92, opt1, Povratak1912, procesor, Simon simonović, Sir Budimir, stegonosa, Stoilkovic, Trpe Grozni, tubular, Tvrtko I

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by