MyCity » Ambulanta -> Arhiva Ambulante » Molio bih za pregled

Molio bih za pregled

Napisano na dan: 3.4.2007

Molio bih za pregled

Sledeća strana

Pagination

Odgovori

milan27 Poslao: 03 Apr 2007 18:46 Idi na vrh
offline milan27 Super građanin Pridružio: 07 Avg 2006 Poruke: 1182 Gde živiš: Fili Davydkovo, Moscow, Russia	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of HijackThis v1.98.2 Scan saved at 20:42:03, on 03.04.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe C:\PROGRA~1\BUTTER~1\BO1HEL~1.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\FNTS~1\fast.exe C:\Program Files\BitTorrent\bittorrent.exe C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Skype\Plugin Manager\SkypePM.exe C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\F-Secure Anti-Virus\backweb\4476822\program\fsbwsys.exe C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE C:\Program Files\F-Secure Anti-Virus\backweb\4476822\Program\fspex.exe C:\WINDOWS\system32\taskmgr.exe C:\Documents and Settings\Uros\Desktop\HijackThis.exe C:\Program Files\Internet Explorer\iexplore.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.stream.ru/ R3 - Default URLSearchHook is missing O1 - Hosts: 66.98.148.65 auto.search.msn.com O1 - Hosts: 66.98.148.65 auto.search.msn.es O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\tbu48\toolbaru.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {16E5D461-1784-485B-F03C-1DE33DEEFDEE} - C:\WINDOWS\system32\bab.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: (no name) - {9CF7E6E8-7E0C-2284-70F8-7645070F7191} - C:\WINDOWS\system32\hzyoo.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: (no name) - {ADDAD6E1-533D-64B6-5DC1-3468444B5CA4} - C:\WINDOWS\system32\hzyoo.dll (file missing) O3 - Toolbar: DashBar Toolbar - {CC90CDA0-74A0-45b4-80EF-D89CA8C249B8} - C:\Program Files\DashBar\DashBar21.dll (file missing) O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\tbu48\toolbaru.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe" O4 - HKLM\..\Run: [BO1HelperStartUp] C:\PROGRA~1\BUTTER~1\BO1HEL~1.EXE /partner BO1 O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Rsam] "C:\WINDOWS\FNTS~1\fast.exe" -vt yazb O4 - HKCU\..\Run: [Yoxjnvc] C:\Program Files\sеcurity\аti2evxx.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{31A323BA-22FB-4F99-92C4-85C791214804}: NameServer = 212.188.4.10 195.34.32.116 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

Profil

bobby Poslao: 03 Apr 2007 20:25 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav, Za pocetak deinstaliraj Buterfly screensaver, pa postavi novi log.

Profil

milan27 Poslao: 04 Apr 2007 19:16 Idi na vrh
offline milan27 Super građanin Pridružio: 07 Avg 2006 Poruke: 1182 Gde živiš: Fili Davydkovo, Moscow, Russia	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: posto je to kompjuter kolegin kod kuce, tek veceras cu moci to da uradim, ali cisto kao informacija, nonstop iskace prozor kao kod pucanja programa sa send i dont send... Dopuna: 04 Apr 2007 15:31 https://www.mycity.rs/must-login.png e, ovu (puko mi je nero pa sam iskoristio priliku da jasnije bude )...znaci non stop, kad god pokusa da pokrene neku aplikaciju, ili u toku surfa, izbacuje ovakav prozor...nadam se da cu veceras (sutra) biti tamo... Dopuna: 04 Apr 2007 21:16 Logfile of HijackThis v1.98.2 Scan saved at 21:15:19, on 04.04.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE C:\Program Files\F-Secure Anti-Virus\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure Anti-Virus\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure Anti-Virus\backweb\4476822\program\fsbwsys.exe C:\Program Files\F-Secure Anti-Virus\backweb\4476822\Program\fspex.exe C:\Program Files\F-Secure Anti-Virus\Anti-Virus\fssm32.exe C:\Program Files\F-Secure Anti-Virus\Common\FSMA32.EXE C:\Program Files\F-Secure Anti-Virus\Common\FSMB32.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Eset\nod32krn.exe C:\Program Files\F-Secure Anti-Virus\Common\FCH32.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\F-Secure Anti-Virus\Common\FAMEH32.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\F-Secure Anti-Virus\Common\FSM32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\F-Secure Anti-Virus\Anti-Virus\fsav32.exe C:\Program Files\F-Secure Anti-Virus\FWES\Program\fsdfwd.exe C:\Program Files\F-Secure Anti-Virus\FSGUI\fsguiexe.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\Uninstallbo.exe C:\Documents and Settings\Uros\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.stream.ru/ R3 - Default URLSearchHook is missing O1 - Hosts: 66.98.148.65 auto.search.msn.com O1 - Hosts: 66.98.148.65 auto.search.msn.es O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program Files\ICQToolbar\tbu48\toolbaru.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {14B28A66-1389-1C59-A33C-1DE33DEEFDEE} - C:\WINDOWS\system32\qdwdj.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: (no name) - {9CF7E6E8-7E0C-2284-70F8-7645070F7191} - C:\WINDOWS\system32\hzyoo.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: (no name) - {ADDAD6E1-533D-64B6-5DC1-3468444B5CA4} - C:\WINDOWS\system32\hzyoo.dll (file missing) O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\tbu48\toolbaru.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe" O4 - HKLM\..\Run: [BO1HelperStartUp] C:\PROGRA~1\BUTTER~1\BO1HEL~1.EXE /partner BO1 O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Anti-Virus\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Anti-Virus\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\F-Secure Anti-Virus\FSGUI\FSSW.EXE" /reboot O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [Rsam] "C:\WINDOWS\FNTS~1\fast.exe" -vt yazb O4 - HKCU\..\Run: [Yoxjnvc] C:\Program Files\sеcurity\аti2evxx.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{31A323BA-22FB-4F99-92C4-85C791214804}: NameServer = 212.188.4.10 195.34.32.116 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll evo jos jednog, posle par proskeniranih... Logfile of HijackThis v1.98.2 Scan saved at 23:05:17, on 04.04.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\ѕystem\еxplorer.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\F-Secure Anti-Virus\Common\FSLAUNCH.EXE C:\Program Files\AutoCAD 2006\acad.exe C:\DOCUME~1\Uros\LOCALS~1\Temp\AdskCleanup.0001 C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Uros\Desktop\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.stream.ru/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R3 - Default URLSearchHook is missing O1 - Hosts: 66.98.148.65 auto.search.msn.com O1 - Hosts: 66.98.148.65 auto.search.msn.es O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {17B4D437-478F-4C58-F63C-1DE33DEEFDBB} - C:\WINDOWS\system32\rtnz.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {9CF7E6E8-7E0C-2284-70F8-7645070F7191} - C:\WINDOWS\system32\hzyoo.dll (file missing) O2 - BHO: (no name) - {ADDAD6E1-533D-64B6-5DC1-3468444B5CA4} - C:\WINDOWS\system32\hzyoo.dll (file missing) O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [Yoxjnvc] C:\Program Files\sеcurity\аti2evxx.exe O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKCU\..\Run: [Gbz] C:\WINDOWS\system32\ѕystem\еxplorer.exe O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{31A323BA-22FB-4F99-92C4-85C791214804}: NameServer = 212.188.4.10 195.34.32.116 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

Profil

bobby Poslao: 04 Apr 2007 21:41 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skeniraj ponovo, pa stikliraj polja ispred sledecih linija: R3 - Default URLSearchHook is missing O1 - Hosts: 66.98.148.65 auto.search.msn.com O1 - Hosts: 66.98.148.65 auto.search.msn.es O2 - BHO: (no name) - {14B28A66-1389-1C59-A33C-1DE33DEEFDEE} - C:\WINDOWS\system32\qdwdj.dll O2 - BHO: (no name) - {9CF7E6E8-7E0C-2284-70F8-7645070F7191} - C:\WINDOWS\system32\hzyoo.dll (file missing) O2 - BHO: (no name) - {ADDAD6E1-533D-64B6-5DC1-3468444B5CA4} - C:\WINDOWS\system32\hzyoo.dll (file missing)" O4 - HKLM\..\Run: [BO1HelperStartUp] C:\PROGRA~1\BUTTER~1\BO1HEL~1.EXE /partner BO1 O4 - HKCU\..\Run: [Yoxjnvc] C:\Program Files\sеcurity\аti2evxx.exe Klikni Fix Checked. Nakon toga restartuj kompjuter, pa preimenuj HijackThis.exe u nesto drugo sto ne podseca na to ime. Nakon toga napravi novi log koji ces ovde postaviti. Ukoliko proradi pokretanje programa, onda odradi jedno skeniranje uz pomoc programa ewido micro: http://downloads.ewido.net/ewido_micro.exe Kako se radi sa Ewido micro: - na prvom ekranu odaberi sve particije (štikliraj polja ispred njih) - klikni na dugme Start Scan - nakon završenog skeniranja klikni na Save Report i snimi log fajl na sigurno mesto - klikni na Remove Infections - iskopiraj nam ovde sadržaj log fajla koji je malopre snimljen

Profil

milan27 Poslao: 05 Apr 2007 19:07 Idi na vrh
offline milan27 Super građanin Pridružio: 07 Avg 2006 Poruke: 1182 Gde živiš: Fili Davydkovo, Moscow, Russia	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! pazi, juce dok sam cekao sam odradio i sa ewidom mikro...ovaj 3. log je bas posle ewido mikra...nestao je onaj prozor upozorenja, ali koliko vidim ima jos stvari da se odradi...pogledacu kad ponovo svratim tamo... Dopuna: 05 Apr 2007 21:07 evo, sve odradjeno, nadam se poslednji log...hvala velika... Logfile of HijackThis v1.98.2 Scan saved at 21:03:50, on 05.04.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Symantec Shared\NMain.exe C:\WINDOWS\system32\ѕystem\еxplorer.exe C:\WINDOWS\FNTS~1\fast.exe C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe C:\WINDOWS\system32\msiexec.exe C:\Documents and Settings\Uros\Desktop\HijackThis.exe C:\Program Files\Messenger\msmsgs.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.stream.ru/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {17B4D437-478F-4C58-F63C-1DE33DEEFDBB} - C:\WINDOWS\system32\rtnz.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [Gbz] C:\WINDOWS\system32\ѕystem\еxplorer.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{31A323BA-22FB-4F99-92C4-85C791214804}: NameServer = 212.188.4.10 195.34.32.116 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

Profil

bobby Poslao: 05 Apr 2007 19:21 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! 1. Skini zadnju verziju HijackThisa. Koristis matoru verziju koja ima gresaka. 2. Napisao sam ti vec gore da promenis ime fajla iz hijackthis.exe u nesto drugo (recimo t3.exe). 3. Uploaduj mi C:\WINDOWS\system32\rtnz.dll na http://www.mycity.rs/ambulanta-upload.php

Profil

milan27 Poslao: 07 Apr 2007 18:39 Idi na vrh
offline milan27 Super građanin Pridružio: 07 Avg 2006 Poruke: 1182 Gde živiš: Fili Davydkovo, Moscow, Russia	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of HijackThis v1.99.1 Scan saved at 20:34:22, on 07.04.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\ѕystem\еxplorer.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Uros\Desktop\milan.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.stream.ru/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {17B4D437-478F-4C58-F63C-1DE33DEEFDBB} - C:\WINDOWS\system32\rtnz.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe" O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot O4 - HKCU\..\Run: [Gbz] C:\WINDOWS\system32\ѕystem\еxplorer.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{31A323BA-22FB-4F99-92C4-85C791214804}: NameServer = 212.188.4.10 195.34.32.116 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (file missing) O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Dopuna: 07 Apr 2007 20:39 koliko vidim razlikuju se logovi...vrlo verovatno posto sam instalirao i nortona...

Profil

bobby Poslao: 07 Apr 2007 18:55 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! C:\WINDOWS\system32\rtnz.dll <-- nisi mi uploadovao ovaj fajl C:\WINDOWS\system32\ѕystem\еxplorer.exe <-- uploaduj mi i ovaj. Sigurno je malware, samo da vidim koji

Profil

milan27 Poslao: 07 Apr 2007 21:02 Idi na vrh
offline milan27 Super građanin Pridružio: 07 Avg 2006 Poruke: 1182 Gde živiš: Fili Davydkovo, Moscow, Russia	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! GMER 1.0.12.12027 - http://www.gmer.net Rootkit scan 2007-04-07 21:50:09 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.12 ---- SSDT \SystemRoot\System32\vsdatant.sys ZwConnectPort SSDT \SystemRoot\System32\vsdatant.sys ZwCreateFile SSDT \SystemRoot\System32\vsdatant.sys ZwCreateKey SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcess SSDT \SystemRoot\System32\vsdatant.sys ZwCreateProcessEx SSDT \SystemRoot\System32\vsdatant.sys ZwCreateSection SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteFile SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteKey SSDT \SystemRoot\System32\vsdatant.sys ZwDeleteValueKey SSDT \SystemRoot\System32\vsdatant.sys ZwDuplicateObject SSDT \SystemRoot\System32\vsdatant.sys ZwLoadDriver SSDT \SystemRoot\System32\vsdatant.sys ZwLoadKey SSDT \SystemRoot\System32\vsdatant.sys ZwMapViewOfSection SSDT \SystemRoot\System32\vsdatant.sys ZwOpenFile SSDT \SystemRoot\System32\vsdatant.sys ZwOpenProcess SSDT \SystemRoot\System32\vsdatant.sys ZwOpenThread SSDT \SystemRoot\System32\vsdatant.sys ZwReplaceKey SSDT \SystemRoot\System32\vsdatant.sys ZwRequestWaitReplyPort SSDT \SystemRoot\System32\vsdatant.sys ZwRestoreKey SSDT \SystemRoot\System32\vsdatant.sys ZwSecureConnectPort SSDT \SystemRoot\System32\vsdatant.sys ZwSetInformationFile SSDT \SystemRoot\System32\vsdatant.sys ZwSetSystemInformation SSDT \SystemRoot\System32\vsdatant.sys ZwSetValueKey SSDT \SystemRoot\System32\vsdatant.sys ZwTerminateProcess SSDT \SystemRoot\System32\vsdatant.sys ZwUnloadDriver ---- Devices - GMER 1.0.12 ---- Device \Driver\Tcpip \Device\Ip IRP_MJ_CREATE [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\Ip IRP_MJ_CLOSE [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\Ip IRP_MJ_DEVICE_CONTROL [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\Ip IRP_MJ_INTERNAL_DEVICE_CONTROL [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\Ip IRP_MJ_CLEANUP [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_CREATE [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLOSE [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_DEVICE_CONTROL [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_INTERNAL_DEVICE_CONTROL [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\Tcp IRP_MJ_CLEANUP [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_CREATE [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_CLOSE [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_DEVICE_CONTROL [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_INTERNAL_DEVICE_CONTROL [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\Udp IRP_MJ_CLEANUP [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_CREATE [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLOSE [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_DEVICE_CONTROL [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_INTERNAL_DEVICE_CONTROL [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\RawIp IRP_MJ_CLEANUP [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CREATE [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLOSE [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_DEVICE_CONTROL [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_INTERNAL_DEVICE_CONTROL [F6219EA0] vsdatant.sys Device \Driver\Tcpip \Device\IPMULTICAST IRP_MJ_CLEANUP [F6219EA0] vsdatant.sys ---- Files - GMER 1.0.12 ---- ADS C:\BAZENI\Blasko\Novi zadatak sa uvecanim rezervoarima\:KAVICHS ADS C:\BAZENI\Blasko\Novi zadatak sa uvecanim rezervoarima\:KAVICHS ADS C:\BAZENI\Blasko\Novi zadatak sa uvecanim rezervoarima\:KAVICHS ADS C:\BAZENI\Blasko\Stara dokumentacija sa malim rezervoarima\:KAVICHS ADS C:\BAZENI\Blasko\Stara dokumentacija sa malim rezervoarima\:KAVICHS ADS C:\BAZENI\Blasko\Stara dokumentacija sa malim rezervoarima\:KAVICHS ADS C:\BAZENI\Blasko\Stara dokumentacija sa malim rezervoarima\:KAVICHS ADS C:\BAZENI\Blasko\Stara dokumentacija sa malim rezervoarima\:KAVICHS ADS C:\BAZENI\Blasko\Stara dokumentacija sa malim rezervoarima\:KAVICHS ADS C:\BAZENI\Blasko\Stara dokumentacija sa malim rezervoarima\:KAVICHS ADS C:\BAZENI\Blasko\Stara dokumentacija sa malim rezervoarima\:KAVICHS ADS ... File C:\RECYCLER\NPROTECT File C:\RECYCLER\NPROTECT\00000000.edb File C:\RECYCLER\NPROTECT\00000015.rbs File C:\RECYCLER\NPROTECT\00000016.ipi File C:\RECYCLER\NPROTECT\00000017.msi File C:\RECYCLER\NPROTECT\00000024.VCP File C:\RECYCLER\NPROTECT\00000030.USE File C:\RECYCLER\NPROTECT\00000032.USE File C:\RECYCLER\NPROTECT\00000033.USE File C:\RECYCLER\NPROTECT\00000034.USE File C:\RECYCLER\NPROTECT\00000035.USE File C:\RECYCLER\NPROTECT\00000046.txt File C:\RECYCLER\NPROTECT\00000110.DAT File C:\RECYCLER\NPROTECT\00000111.EXP File C:\RECYCLER\NPROTECT\00000112.SYS File C:\RECYCLER\NPROTECT\00000113.VXD File C:\RECYCLER\NPROTECT\00000114.DLL File C:\RECYCLER\NPROTECT\00000115.EXP File C:\RECYCLER\NPROTECT\00000116.SYS File C:\RECYCLER\NPROTECT\00000117.VXD File C:\RECYCLER\NPROTECT\00000118.DLL File C:\RECYCLER\NPROTECT\00000119.TXT File C:\RECYCLER\NPROTECT\00000120.DAT File C:\RECYCLER\NPROTECT\00000121.CAT File C:\RECYCLER\NPROTECT\00000122.INF File C:\RECYCLER\NPROTECT\00000123.TXT File C:\RECYCLER\NPROTECT\00000124.DAT File C:\RECYCLER\NPROTECT\00000125.DAT File C:\RECYCLER\NPROTECT\00000126.DAT File C:\RECYCLER\NPROTECT\00000127.DAT File C:\RECYCLER\NPROTECT\00000128.DAT File C:\RECYCLER\NPROTECT\00000129.INF File C:\RECYCLER\NPROTECT\00000130.DAT File C:\RECYCLER\NPROTECT\00000131.DAT File C:\RECYCLER\NPROTECT\00000132.DAT File C:\RECYCLER\NPROTECT\00000133.DAT File C:\RECYCLER\NPROTECT\00000134.DAT File C:\RECYCLER\NPROTECT\00000135.DAT File C:\RECYCLER\NPROTECT\00000136.DAT File C:\RECYCLER\NPROTECT\00000137.DAT File C:\RECYCLER\NPROTECT\00000138.DAT File C:\RECYCLER\NPROTECT\00000139.DAT File C:\RECYCLER\NPROTECT\00000140.TXT File C:\RECYCLER\NPROTECT\00000141.DAT File C:\RECYCLER\NPROTECT\00000152.edb File C:\RECYCLER\NPROTECT\00000160.PNG File C:\RECYCLER\NPROTECT\00000161.png File C:\RECYCLER\NPROTECT\00000162.PNG File C:\RECYCLER\NPROTECT\00000163.png File C:\RECYCLER\NPROTECT\00000164.png File C:\RECYCLER\NPROTECT\00000165.png File C:\RECYCLER\NPROTECT\00000166.png File C:\RECYCLER\NPROTECT\00000167.png File C:\RECYCLER\NPROTECT\00000168.png File C:\RECYCLER\NPROTECT\00000169.png File C:\RECYCLER\NPROTECT\00000170.png File C:\RECYCLER\NPROTECT\00000171.PNG File C:\RECYCLER\NPROTECT\00000172.PNG File C:\RECYCLER\NPROTECT\00000173.PNG File C:\RECYCLER\NPROTECT\00000174.PNG File C:\RECYCLER\NPROTECT\00000175.PNG File C:\RECYCLER\NPROTECT\00000176.PNG File C:\RECYCLER\NPROTECT\00000177.PNG File C:\RECYCLER\NPROTECT\00000178.PNG File C:\RECYCLER\NPROTECT\00000179.PNG File C:\RECYCLER\NPROTECT\00000180.PNG File C:\RECYCLER\NPROTECT\00000181.PNG File C:\RECYCLER\NPROTECT\00000182.PNG File C:\RECYCLER\NPROTECT\00000183.PNG File C:\RECYCLER\NPROTECT\00000196 File C:\RECYCLER\NPROTECT\00000197.1 File C:\RECYCLER\NPROTECT\00000198.2 File C:\RECYCLER\NPROTECT\00000199.3 File C:\RECYCLER\NPROTECT\00000200.4 File C:\RECYCLER\NPROTECT\00000201.5 File C:\RECYCLER\NPROTECT\00000202.6 File C:\RECYCLER\NPROTECT\00000203.7 File C:\RECYCLER\NPROTECT\00000204.8 File C:\RECYCLER\NPROTECT\00000205.9 File C:\RECYCLER\NPROTECT\00000206.a File C:\RECYCLER\NPROTECT\00000207.b File C:\RECYCLER\NPROTECT\00000208.c File C:\RECYCLER\NPROTECT\00000209.d File C:\RECYCLER\NPROTECT\00000210.e File C:\RECYCLER\NPROTECT\00000211.f File C:\RECYCLER\NPROTECT\00000212.DWL File C:\RECYCLER\NPROTECT\00000215.rbf File C:\RECYCLER\NPROTECT\00000216.rbf File C:\RECYCLER\NPROTECT\00000217.rbf File C:\RECYCLER\NPROTECT\00000218.rbf File C:\RECYCLER\NPROTECT\00000219.rbf File C:\RECYCLER\NPROTECT\00000220.rbf File C:\RECYCLER\NPROTECT\00000221.rbf File C:\RECYCLER\NPROTECT\00000222.rbf File C:\RECYCLER\NPROTECT\00000223.rbf File C:\RECYCLER\NPROTECT\00000224.rbf File C:\RECYCLER\NPROTECT\00000225.rbs File C:\RECYCLER\NPROTECT\00000226.ipi File C:\RECYCLER\NPROTECT\00000227.msi File C:\RECYCLER\NPROTECT\00000230.EXE File C:\RECYCLER\NPROTECT\00000241.edb File C:\RECYCLER\NPROTECT\00000246.PF File C:\RECYCLER\NPROTECT\00000364.xml File C:\RECYCLER\NPROTECT\00000365.DAT File C:\RECYCLER\NPROTECT\00000366.xml File C:\RECYCLER\NPROTECT\00000368.xml File C:\RECYCLER\NPROTECT\00000369.xml File C:\RECYCLER\NPROTECT\00000375.xml File C:\RECYCLER\NPROTECT\00000376.xml File C:\RECYCLER\NPROTECT\00000378.xml File C:\RECYCLER\NPROTECT\00000379.xml File C:\RECYCLER\NPROTECT\00000387.DAT File C:\RECYCLER\NPROTECT\00000388.DAT File C:\RECYCLER\NPROTECT\00000392.xml File C:\RECYCLER\NPROTECT\00000400.DAT File C:\RECYCLER\NPROTECT\00000401.xml File C:\RECYCLER\NPROTECT\00000402.xml File C:\RECYCLER\NPROTECT\00000403 File C:\RECYCLER\NPROTECT\00000406.DAT File C:\RECYCLER\NPROTECT\00000415.LOG File C:\RECYCLER\NPROTECT\00000423.edb File C:\RECYCLER\NPROTECT\00000424.DWL File C:\RECYCLER\NPROTECT\00000426.DWL File C:\RECYCLER\NPROTECT\00000427.DWL File C:\RECYCLER\NPROTECT\00000428.DWL File C:\RECYCLER\NPROTECT\00000429.DWL File C:\RECYCLER\NPROTECT\00000437.DWL File C:\RECYCLER\NPROTECT\00000438.DWL File C:\RECYCLER\NPROTECT\00000441.xml File C:\RECYCLER\NPROTECT\00000442.DAT File C:\RECYCLER\NPROTECT\00000443.xml File C:\RECYCLER\NPROTECT\00000444.xml File C:\RECYCLER\NPROTECT\00000445.xml File C:\RECYCLER\NPROTECT\00000450.xml File C:\RECYCLER\NPROTECT\00000454.xml File C:\RECYCLER\NPROTECT\00000457.xml File C:\RECYCLER\NPROTECT\00000458.DAT File C:\RECYCLER\NPROTECT\00000461.DAT File C:\RECYCLER\NPROTECT\00000468.edb File C:\RECYCLER\NPROTECT\00000469.DAT File C:\RECYCLER\NPROTECT\00000472.DAT File C:\RECYCLER\NPROTECT\00000474.LOG File C:\RECYCLER\NPROTECT\00000482.edb File C:\RECYCLER\NPROTECT\00000487.DWL File C:\RECYCLER\NPROTECT\00000489.DWL File C:\RECYCLER\NPROTECT\00000490.DWL File C:\RECYCLER\NPROTECT\00000499.DWL File C:\RECYCLER\NPROTECT\00000501.DWL File C:\RECYCLER\NPROTECT\00000503.DWL File C:\RECYCLER\NPROTECT\00000505.DWL File C:\RECYCLER\NPROTECT\00000507.exe File C:\RECYCLER\NPROTECT\NPROTECT.LOG File E:\RECYCLER\NPROTECT File E:\RECYCLER\NPROTECT\00000000.DWL File E:\RECYCLER\NPROTECT\NPROTECT.LOG ---- EOF - GMER 1.0.12 ---- Dopuna: 07 Apr 2007 21:50 GMER 1.0.12.12027 - http://www.gmer.net Autostart scan 2007-04-07 21:51:00 Windows 5.1.2600 Service Pack 2 HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16 HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\WINDOWS\system32\userinit.exe, HKLM\SYSTEM\CurrentControlSet\Services\ >>> ccEvtMgr /Symantec Event Manager/@ = "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" MDM /Machine Debug Manager/@ = "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE" /file not found/ navapsvc /Norton AntiVirus Auto Protect Service/@ = C:\Program Files\Norton AntiVirus\navapsvc.exe NProtectService /Norton Unerase Protection/@ = C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE NVSvc /NVIDIA Display Driver Service/@ = %SystemRoot%\system32\nvsvc32.exe SBService /ScriptBlocking Service/@ = C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe SoundMAX Agent Service (default) /SoundMAX Agent Service/@ = C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe Spooler /Print Spooler/@ = %SystemRoot%\system32\spoolsv.exe vsmon /TrueVector Internet Monitor/@ = C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>> @SmappC:\Program Files\Analog Devices\SoundMAX\SMTray.exe = C:\Program Files\Analog Devices\SoundMAX\SMTray.exe @NVRTCLKC:\WINDOWS\system32\NVRTCLK\NVRTClk.exe = C:\WINDOWS\system32\NVRTCLK\NVRTClk.exe @NvCplDaemonRUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup @nwiznwiz.exe /install = nwiz.exe /install @NvMediaCenterRUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit @iKeyWorksC:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe = C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe @NeroCheckC:\WINDOWS\system32\NeroCheck.exe = C:\WINDOWS\system32\NeroCheck.exe @CnxDslTaskBar"C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe" = "C:\Program Files\Conexant\AccessRunner ADSL\CnxDslTb.exe" @LVCOMSXC:\WINDOWS\system32\LVCOMSX.EXE = C:\WINDOWS\system32\LVCOMSX.EXE @LogitechVideoRepairC:\Program Files\Logitech\Video\ISStart.exe = C:\Program Files\Logitech\Video\ISStart.exe @LogitechVideoTrayC:\Program Files\Logitech\Video\LogiTray.exe = C:\Program Files\Logitech\Video\LogiTray.exe @WinampAgentC:\Program Files\Winamp\winampa.exe = C:\Program Files\Winamp\winampa.exe @TkBellExe"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot @CmaudioRunDll32 cmicnfg.cpl,CMICtrlWnd = RunDll32 cmicnfg.cpl,CMICtrlWnd @ccAppC:\Program Files\Common Files\Symantec Shared\ccApp.exe = C:\Program Files\Common Files\Symantec Shared\ccApp.exe @ccRegVfyC:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe = C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe @Advanced Tools CheckC:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE = C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE @Zone Labs ClientC:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe = C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>> @ctfmon.exeC:\WINDOWS\system32\ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe @Pop-Up-Blocker /file not found/ = /file not found/ @TransparentIcons /file not found/ = /file not found/ @BlockAds /file not found/ = /file not found/ @Tweak-XP /file not found/ = /file not found/ @LogitechSoftwareUpdate"C:\Program Files\Logitech\Video\ManifestEngine.exe" boot = "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot @GbzC:\WINDOWS\system32\?ystem\?xplorer.exe = C:\WINDOWS\system32\?ystem\?xplorer.exe @MSMSGS"C:\Program Files\Messenger\msmsgs.exe" /background = "C:\Program Files\Messenger\msmsgs.exe" /background HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad@WPDShServiceObj = C:\WINDOWS\system32\WPDShServiceObj.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>> @{42071714-76d4-11d1-8b24-00a0c9068ff3} /Display Panning CPL Extension/deskpan.dll /file not found/ = deskpan.dll /file not found/ @{596AB062-B4D2-4215-9F74-E9109B0A8153} /Previous Versions Property Page/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll @{9DB7A13C-F208-4981-8353-73CC61AE2783} /Previous Versions/%SystemRoot%\system32\twext.dll = %SystemRoot%\system32\twext.dll @{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} /Autoplay for SlideShow/(null) = @{692F0339-CBAA-47e6-B5B5-3B84DB604E87} /Extensions Manager Folder/%SystemRoot%\system32\extmgr.dll = %SystemRoot%\system32\extmgr.dll @{A70C977A-BF00-412C-90B7-034C51DA2439} /NvCpl DesktopContext Class/C:\WINDOWS\system32\nvcpl.dll = C:\WINDOWS\system32\nvcpl.dll @{FFB699E0-306A-11d3-8BD1-00104B6F7516} /Play on my TV helper/C:\WINDOWS\system32\nvcpl.dll = C:\WINDOWS\system32\nvcpl.dll @{1CDB2949-8F65-4355-8456-263E7C208A5D} /Desktop Explorer/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll @{1E9B04FB-F9E5-4718-997B-B8DA88302A47} /Desktop Explorer Menu/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll @{1E9B04FB-F9E5-4718-997B-B8DA88302A48} /nView Desktop Context Menu/C:\WINDOWS\system32\nvshell.dll = C:\WINDOWS\system32\nvshell.dll @{BDEADF00-C265-11D0-BCED-00A0C90AB50F} /Web Folders/C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL = C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL @{B41DB860-8EE4-11D2-9906-E49FADC173CA} /WinRAR shell extension/C:\Program Files\WinRAR\rarext.dll = C:\Program Files\WinRAR\rarext.dll @{00020D75-0000-0000-C000-000000000046} /Microsoft Office Outlook Desktop Icon Handler/C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL @{0006F045-0000-0000-C000-000000000046} /Microsoft Office Outlook Custom Icon Handler/C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL @{42042206-2D85-11D3-8CFF-005004838597} /Microsoft Office HTML Icon Handler/C:\Program Files\Microsoft Office\OFFICE11\msohev.dll = C:\Program Files\Microsoft Office\OFFICE11\msohev.dll @{400CFEE2-39D0-46DC-96DF-E0BB5A4324B3} /My Logitech Pictures/C:\Program Files\Logitech\Video\Namespc2.dll = C:\Program Files\Logitech\Video\Namespc2.dll @{6DEA92E9-8682-4b6a-97DE-354772FE5727} /Autodesk DWF Preview/C:\Program Files\Common Files\Autodesk Shared\Thumbnail\AcDwfThmbPrxy16.dll = C:\Program Files\Common Files\Autodesk Shared\Thumbnail\AcDwfThmbPrxy16.dll @{36A21736-36C2-4C11-8ACB-D4136F2B57BD} /AutoCAD Digital Signatures Icon Overlay Handler/C:\WINDOWS\system32\AcSignIcon.dll = C:\WINDOWS\system32\AcSignIcon.dll @{AC1DB655-4F9A-4c39-8AD2-A65324A4C446} /Autodesk Drawing Preview/C:\Program Files\Common Files\Autodesk Shared\Thumbnail\AcThumbnail16.dll = C:\Program Files\Common Files\Autodesk Shared\Thumbnail\AcThumbnail16.dll @{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} /Shell Extensions for RealOne Player/C:\Program Files\Real\RealPlayer\rpshell.dll = C:\Program Files\Real\RealPlayer\rpshell.dll @{73B24247-042E-4EF5-ADC2-42F62E6FD654} /ICQ Lite Shell Extension/C:\Program Files\ICQLite\ICQLiteShell.dll = C:\Program Files\ICQLite\ICQLiteShell.dll @{35786D3C-B075-49b9-88DD-029876E11C01} /Portable Devices/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll @{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} /Portable Devices Menu/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll HKLM\Software\Classes\\shellex\ContextMenuHandlers\ >>> ICQLiteMenu@{73B24247-042E-4EF5-ADC2-42F62E6FD654} = C:\Program Files\ICQLite\ICQLiteShell.dll Symantec.Norton.Antivirus.IEContextMenu@{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} = C:\Program Files\Norton AntiVirus\NavShExt.dll WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>> ICQLiteMenu@{73B24247-042E-4EF5-ADC2-42F62E6FD654} = C:\Program Files\ICQLite\ICQLiteShell.dll WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>> Symantec.Norton.Antivirus.IEContextMenu@{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} = C:\Program Files\Norton AntiVirus\NavShExt.dll WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>> @{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx = C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx @{17B4D437-478F-4C58-F63C-1DE33DEEFDBB}C:\WINDOWS\system32\rtnz.dll = C:\WINDOWS\system32\rtnz.dll @{22BF413B-C6D2-4d91-82A9-A0F997BA588C}C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL = C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL @{53707962-6F74-2D53-2644-206D7942484F}C:\Program Files\Spybot - Search & Destroy\SDHelper.dll = C:\Program Files\Spybot - Search & Destroy\SDHelper.dll @{BDF3E430-B101-42AD-A544-FADC6B084872}C:\Program Files\Norton AntiVirus\NavShExt.dll = C:\Program Files\Norton AntiVirus\NavShExt.dll HKCU\Control Panel\Desktop@SCRNSAVE.EXE = C:\WINDOWS\system32\BUTTER~1.SCR /file not found*/ HKLM\Software\Microsoft\Internet Explorer\Plugins\Extension\.spop@Location = C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll HKLM\Software\Microsoft\Internet Explorer\Main >>> @Default_Page_URLhttp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome @Start Pagehttp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home @Local Page%SystemRoot%\system32\blank.htm = %SystemRoot%\system32\blank.htm HKCU\Software\Microsoft\Internet Explorer\Main >>> @Start Pagehttp://www.stream.ru/ = http://www.stream.ru/ @Local PageC:\WINDOWS\system32\blank.htm = C:\WINDOWS\system32\blank.htm HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL HKLM\Software\Classes\PROTOCOLS\Handler\ >>> dvd@CLSID = C:\WINDOWS\system32\msvidctl.dll its@CLSID = C:\WINDOWS\system32\itss.dll mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll ms-its@CLSID = C:\WINDOWS\system32\itss.dll ms-itss@CLSID = C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL msnim@CLSID = "C:\PROGRA~1\MSNMES~1\msgrapp.dll" mso-offdap@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL mso-offdap11@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL skype4com@CLSID = C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL tv@CLSID = C:\WINDOWS\system32\msvidctl.dll HKLM\Software\Classes\PROTOCOLS\Handler\wia@CLSID = C:\WINDOWS\system32\wiascr.dll C:\Documents and Settings\All Users\Start Menu\Programs\Startup >>> Acrobat Assistant.lnk = Acrobat Assistant.lnk Adobe Gamma Loader.lnk = Adobe Gamma Loader.lnk AutoCAD Startup Accelerator.lnk = AutoCAD Startup Accelerator.lnk ---- EOF - GMER 1.0.12 ---- Dopuna: 07 Apr 2007 23:02 zavrsio, nasao, ocistio...hvala puno...

Profil

bobby Poslao: 07 Apr 2007 22:49 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	1Ovo se svidja korisniku: Springfield Registruj se da bi pohvalio/la poruku! Cisto za zapisnik: Ja i milan27 smo ovo resili preko ICQ-a posto je infekcija bila na kompu Milanovog drugara i trebalo je resiti dok je Milan jos tamo. Problem su bila sledeca dva fajla: C:\WINDOWS\system32\rtnz.dll C:\WINDOWS\system32\ѕystem\еxplorer.exe Fajlovi su pripadali infekciji PurityScan. Drugi fajl je imao Super Hidden atribute, tako da se iz Explorera nije nikako mogao videti.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Molio bih za pregled

Ko je trenutno na forumu

Ukupno su 1204 korisnika na forumu :: 37 registrovanih, 5 sakrivenih i 1162 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: anta, Brana01, CikaKURE, Dannyboy, deimos25, Dimitrise93, djboj, DragoslavS, dushan, Excalibur13, HogarStrashni, ikan, ivan1973, Karla, Krvava Devetka, kubura91, laurusri, Lazarus, madza, MB120mm, Mi lao shu, muaddib, nebkv, nemkea71, Oscar, Panter, pein, Pikac-47, procesor, sovanova95, Srle993, stalja, suton, Tvrtko I, vladulns, |_MeD_|, žeks62

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by