MyCity » Ambulanta -> Arhiva Ambulante » treba mi pomoc u vezi hjt loga.... :)

treba mi pomoc u vezi hjt loga.... :)

Napisano na dan: 12.1.2009

Strana:
1
2

treba mi pomoc u vezi hjt loga.... :)

Sledeća strana

Pagination

Odgovori

Strana:
1
2

barbie90 Poslao: 12 Jan 2009 03:12 Idi na vrh
offline barbie90 Novi MyCity građanin Pridružio: 12 Jan 2009 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! sto posto sam sigurna da nedostaju neke stvarcice, samo ne znam koje...pa bih molila za pomoc hvala unapred! Logfile of HijackThis v1.99.1 Scan saved at 23:41:35, on 11.1.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\wmplayer.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Winamp Remote\bin\OrbTray.exe C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Winamp Remote\bin\Orb.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Eset\nod32krn.exe C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\WINDOWS\system32\WgaTray.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\drwtsn32.exe C:\Program Files\SlimBrowser\sbrowser.exe C:\WINDOWS\system32\drwtsn32.exe C:\WINDOWS\explorer.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\HJT\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = search.imesh.com/sidebar.html?src=ssb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = search.imesh.com/sidebar.html?src=ssb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = search.imesh.com/sidebar.html?src=ssb R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/http://www.yahoo.com/ext/search/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = search.imesh.com/sidebar.html?src=ssb R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = .local R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program files (web design)\/Adobe Contribute CS3/contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program files (web design)\/Adobe Contribute CS3/contributeieplugin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Windows Media Player] wmplayer.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\RunServices: [Windows Media Player] wmplayer.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background O4 - HKCU\..\Run: [Windows Media Player] wmplayer.exe O4 - HKCU\..\Run: [Registry Cleaner Scheduler] "C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe" /startup O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - musicnotes.com/download/mnviewer.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - ak.exe.imgfarm.com/images/nocache/funwebpro.....0.15-3.cab O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - update.videoegg.com/Install/Windows/Initial/VideoEggPublisher.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - upload.facebook.com/controls/FacebookPhotoUploader4_5.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: UPnPService - Unknown owner - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (file missing)

Profil

helen1 Poslao: 12 Jan 2009 07:20 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sta ti nedostaje? Ja mislim da imas cak i viska. Nisi ispostovala uputstvo za postavljanje HiJack This loga: Ovako ne valja: Klikni desno dugme misa na ikonicu programa i odaberi opciju Rename: Zadaj mu neko bezvezno ime, recimo GH5.EXE ili TR3.EXE, ili bilo sta drugo samo da se ne spominje HijackThis: Kad promenis ime, skeniraj ponovo i postavi mi taj novi log.

Profil

barbie90 Poslao: 12 Jan 2009 13:23 Idi na vrh
offline barbie90 Novi MyCity građanin Pridružio: 12 Jan 2009 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of HijackThis v1.99.1 Scan saved at 13:16:35, on 12.1.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\wmplayer.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Winamp Remote\bin\OrbTray.exe C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Winamp Remote\bin\Orb.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Eset\nod32krn.exe C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe C:\WINDOWS\system32\WgaTray.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\SlimBrowser\sbrowser.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\HJT\P84.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = search.imesh.com/sidebar.html?src=ssb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = search.imesh.com/sidebar.html?src=ssb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = search.imesh.com/sidebar.html?src=ssb R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/http://www.yahoo.com/ext/search/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = search.imesh.com/sidebar.html?src=ssb R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = .local R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Program files (web design)\/Adobe Contribute CS3/contributeieplugin.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Program files (web design)\/Adobe Contribute CS3/contributeieplugin.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Windows Media Player] wmplayer.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\RunServices: [Windows Media Player] wmplayer.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background O4 - HKCU\..\Run: [Windows Media Player] wmplayer.exe O4 - HKCU\..\Run: [Registry Cleaner Scheduler] "C:\Program Files\CleanMyPC\Registry Cleaner\RCHelper.exe" /startup O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - musicnotes.com/download/mnviewer.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - ak.exe.imgfarm.com/images/nocache/funwebpro.....0.15-3.cab O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - update.videoegg.com/Install/Windows/Initial/VideoEggPublisher.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - upload.facebook.com/controls/FacebookPhotoUploader4_5.cab O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: UPnPService - Unknown owner - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe (file missing)

Profil

helen1 Poslao: 12 Jan 2009 13:24 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! A, kako mislis da ti nesto nedostaje? U logu ili na kompu?

Profil

barbie90 Poslao: 12 Jan 2009 13:41 Idi na vrh
offline barbie90 Novi MyCity građanin Pridružio: 12 Jan 2009 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! na kompu...a evo konkretnog problema: kada ukljucim komp, redovno mi se pojavi "windows explorer has encountered a problem....", a evo detalja: Faulting application explorer.exe, version 6.0.2900.3156, faulting module unknown, version 0.0.0.0, fault address 0x00b7a000

Profil

helen1 Poslao: 12 Jan 2009 13:44 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uradi ovo, pa cemo videti da li je do malwera: * Otvori Nod32 Control Center (Klik na njegovu tray ikonicu ( ) u donjem desnom uglu ekrana). * Izaberi AMON iz Threat Protection grupe opcija. * Na desnom panelu deštikliraj opciju File system monitor (AMON) enabled. * Gašenje ove opcije pokazaće se kroz promenu boje Control Center-a iz zelene u crvenu. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. ------------------------ Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

barbie90 Poslao: 12 Jan 2009 15:09 Idi na vrh
offline barbie90 Novi MyCity građanin Pridružio: 12 Jan 2009 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-01-11.04 - User 2009-01-12 14:57:10.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.510.207 [GMT 1:00] Running from: c:\documents and settings\User\Desktop\ComboFix.exe AV: ESET NOD32 antivirus system 2.70 On-access scanning disabled (Updated) * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\svchost.exe c:\windows\Sys.exe . ((((((((((((((((((((((((( Files Created from 2008-12-12 to 2009-01-12 ))))))))))))))))))))))))))))))) . 2009-01-11 23:38 . 2009-01-12 13:16 <DIR> d-------- C:\HJT 2009-01-11 01:24 . 2009-01-11 01:28 332 --a------ c:\windows\desctemp.dat 2009-01-10 16:02 . 2009-01-10 16:02 <DIR> d-------- c:\program files\Microsoft CAPICOM 2.1.0.2 2009-01-10 09:59 . 2004-08-03 23:08 31,616 --a------ c:\windows\system32\drivers\usbccgp.sys 2009-01-10 09:59 . 2004-08-03 23:08 31,616 --a--c--- c:\windows\system32\dllcache\usbccgp.sys 2009-01-10 09:59 . 2008-02-06 03:21 23,832 -ra------ c:\windows\system32\drivers\lvuvcflt.sys 2009-01-10 09:59 . 2009-01-12 13:05 0 --a------ c:\windows\system32\drivers\logiflt.iad 2009-01-10 09:58 . 2009-01-10 09:58 <DIR> d-------- c:\documents and settings\User\Application Data\Leadertech 2009-01-10 09:58 . 2009-01-10 09:58 127,034 -r------- c:\windows\bwUnin-8.1.1.50-8876480SL.exe 2009-01-10 09:54 . 2009-01-10 09:54 <DIR> d-------- c:\documents and settings\All Users\Application Data\Logishrd 2009-01-10 09:53 . 2009-01-10 09:58 <DIR> d-------- c:\program files\Logitech 2009-01-10 09:53 . 2009-01-10 10:00 <DIR> d-------- c:\program files\Common Files\LogiShrd 2009-01-10 09:53 . 2009-01-10 09:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\Logitech 2009-01-07 01:11 . 2009-01-07 23:59 <DIR> d-------- c:\program files\PC Health Plan 2009-01-07 00:56 . 2009-01-07 00:56 <DIR> d-------- c:\program files\CleanMyPC 2009-01-06 21:30 . 2009-01-06 21:30 <DIR> d-------- c:\windows\EasyDecrypter v1.12 2009-01-06 21:30 . 2009-01-06 21:30 <DIR> d-------- c:\program files\EasyDecrypter v1.12 2009-01-06 21:30 . 2008-12-17 20:27 217 --a------ c:\windows\clean.vbs 2009-01-06 21:30 . 2008-12-17 20:34 149 --a------ c:\windows\clean1.bat 2009-01-06 21:30 . 2008-12-17 20:28 28 --a------ c:\windows\clean2.bat 2009-01-05 23:10 . 2009-01-05 23:10 <DIR> d-------- c:\program files\Common Files\Adobe AIR 2009-01-05 23:02 . 2009-01-06 11:42 <DIR> d-------- c:\program files\NOS 2009-01-05 23:02 . 2009-01-06 11:42 <DIR> d-------- c:\documents and settings\All Users\Application Data\NOS 2009-01-05 22:55 . 2009-01-05 22:56 <DIR> d-------- c:\windows\system32\Adobe 2009-01-01 20:04 . 2009-01-01 20:06 <DIR> d-------- c:\program files\Xilisoft 2008-12-29 14:05 . 2002-11-21 15:07 765,952 --a------ c:\windows\system\crlds3d.dll 2008-12-29 14:05 . 2003-11-13 15:05 481,596 --a------ c:\windows\system32\drivers\ALCXWDM.SYS 2008-12-29 14:05 . 2003-11-13 19:25 391,680 --a------ c:\windows\system32\drivers\ALCXSENS.SYS 2008-12-29 14:05 . 2003-11-21 16:58 208,896 --------- c:\windows\alcupd.exe 2008-12-29 14:05 . 2002-02-05 13:54 141,016 --a------ c:\windows\system32\ALSNDMGR.WAV 2008-12-29 14:05 . 2003-11-21 16:56 139,264 --------- c:\windows\alcrmv.exe 2008-12-29 14:05 . 2003-08-19 19:36 65,536 --a------ c:\windows\system32\Audio3D.dll 2008-12-29 14:05 . 2003-08-19 19:36 65,536 --a------ c:\windows\system32\a3d.dll 2008-12-29 06:00 . 1999-10-29 02:08 34,551 --a------ c:\windows\system32\drivers\VIAUDIO.SYS 2008-12-29 05:53 . 2008-12-29 05:53 7,680 --ahs---- c:\windows\Thumbs.db 2008-12-29 05:53 . 2008-12-29 05:53 5,632 --ahs---- C:\Thumbs.db 2008-12-29 01:52 . 2008-12-29 01:52 <DIR> d-------- c:\windows\system32\Lang 2008-12-29 01:49 . 2008-07-15 13:58 524,288 --a------ c:\windows\RtlExUpd.dll 2008-12-29 01:49 . 2008-12-29 01:49 319,488 --a------ c:\windows\HideWin.exe 2008-12-28 23:45 . 2008-12-28 23:45 <DIR> d-------- c:\documents and settings\All Users\Application Data\PC Drivers HeadQuarters 2008-12-28 23:17 . 2008-12-28 23:19 21 --a------ c:\windows\CMISETUP.INI 2008-12-28 12:13 . 2008-12-28 12:13 <DIR> d-------- c:\documents and settings\LocalService\Application Data\Softland 2008-12-28 12:10 . 2008-12-28 12:10 <DIR> d-------- c:\program files\Softland 2008-12-28 12:10 . 2008-12-02 12:11 20,632 --a------ c:\windows\system32\dopdfmn6.dll 2008-12-28 12:10 . 2008-12-02 12:11 18,072 --a------ c:\windows\system32\dopdfmi6.dll 2008-12-28 12:10 . 2008-10-13 15:23 7,533 --a------ c:\windows\system32\dopdf6.ctm 2008-12-28 12:09 . 2008-12-28 12:09 1,674,392 --a------ c:\program files\dopdf.exe 2008-12-18 02:29 . 2004-02-24 03:42 1,386,496 --a------ c:\windows\system32\msvbvm60.dll 2008-12-18 02:29 . 2002-12-20 23:02 1,077,336 --a------ c:\windows\system32\MSCOMCTL.OCX 2008-12-18 02:29 . 2006-11-02 15:34 547,840 --a------ c:\windows\system32\wiaaut.dll 2008-12-18 02:29 . 2007-06-04 23:10 132,880 --a------ c:\windows\system32\MSINET.OCX 2008-12-18 02:29 . 2005-06-06 20:31 108,336 --a------ c:\windows\system32\Mswinsck.ocx 2008-12-18 02:29 . 2008-01-31 12:15 102,400 --a------ c:\windows\system32\DinkITXPUIMenus.ocx 2008-12-18 02:29 . 2003-04-05 19:19 65,536 --a------ c:\windows\system32\EnhSliderOcx.ocx 2008-12-18 02:29 . 2008-02-04 04:55 64,000 --a------ c:\windows\system32\wiaaut.oca 2008-12-13 23:52 . 2008-12-13 23:52 <DIR> d-------- c:\program files\Apple Software Update 2008-12-13 23:50 . 2008-12-28 00:07 <DIR> d-------- c:\program files\Common Files\Apple 2008-12-13 23:43 . 2008-12-13 23:43 68,756,776 --a------ c:\program files\iTunesSetup.exe 2008-12-13 00:36 . 2009-01-08 00:50 <DIR> d-------- C:\Downloads . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-12 13:52 --------- d-----w c:\documents and settings\User\Application Data\SlimBrowser 2009-01-12 12:06 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2009-01-12 12:05 0 ----a-w c:\windows\system32\drivers\lvuvc.hs 2009-01-12 10:37 --------- d-----w c:\documents and settings\User\Application Data\SolidDocuments 2009-01-11 18:51 --------- d-----w c:\program files\Winamp Remote 2009-01-11 16:18 --------- d-----w c:\windows\system32\config\systemprofile\Application Data\SolidDocuments 2009-01-11 14:10 --------- d-----w c:\documents and settings\User\Application Data\Skype 2009-01-11 09:40 --------- d-----w c:\documents and settings\User\Application Data\skypePM 2009-01-10 18:48 --------- d-----w c:\documents and settings\All Users\Application Data\OrbNetworks 2009-01-10 08:58 --------- d--h--w c:\program files\InstallShield Installation Information 2009-01-05 22:10 --------- d-----w c:\program files\Common Files\Adobe 2009-01-05 22:02 --------- d-----w c:\program files\SlimBrowser 2008-12-29 18:07 --------- d-----w c:\documents and settings\User\Application Data\Eltima Software 2008-12-28 22:52 --------- d-----w c:\program files\Common Files\Download Manager 2008-12-27 20:39 --------- d-----w c:\program files\Musicnotes 2008-12-27 20:35 --------- d-----w c:\program files\CyberLink 2008-12-27 20:28 --------- d-----w c:\program files\Yahoo! 2008-12-27 20:28 --------- d-----w c:\documents and settings\User\Application Data\Yahoo! 2008-12-27 20:28 --------- d-----w c:\documents and settings\All Users\Application Data\Yahoo! 2008-12-13 22:57 --------- d-----w c:\program files\Bonjour 2008-12-13 22:56 --------- d-----w c:\program files\QuickTime 2008-12-12 23:50 --------- d-----w c:\documents and settings\User\Application Data\Nokia 2008-11-29 11:47 --------- d-----w c:\program files\LimeWire 2008-11-12 18:19 --------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet 2008-11-12 17:53 --------- d-----w c:\program files\Common Files\Macrovision Shared 2008-10-23 12:51 284,160 ----a-w c:\windows\system32\gdi32.dll 2008-10-16 20:38 826,368 ----a-w c:\windows\system32\wininet.dll 2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll 2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll 2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll 2008-03-29 22:02 81,920 ----a-w c:\documents and settings\User\Application Data\ezpinst.exe 2008-03-29 22:02 47,360 ----a-w c:\documents and settings\User\Application Data\pcouffin.sys 2007-12-26 00:32 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat 1990-11-07 22:17 178,290 ----a-w c:\program files\PREF.EXE 2002-08-29 02:41 720,896 --sh--r c:\windows\system32\wmplayer.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "Orb"="c:\program files\Winamp Remote\bin\OrbTray.exe" [2008-01-07 495616] "Registry Cleaner Scheduler"="c:\program files\CleanMyPC\Registry Cleaner\RCHelper.exe" [2009-01-07 471650] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648] "nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-07-11 949376] "PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 227328] "DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-04-01 36352] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-11-06 185872] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2008-02-13 564496] "LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2008-02-13 2196240] "SoundMan"="SOUNDMAN.EXE" [2003-11-13 c:\windows\SOUNDMAN.EXE] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] "Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 1744896] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Acrobat Assistant.lnk - c:\program files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-05-15 217193] Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-10-08 113664] Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2009-01-10 66864] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.ACDV"= ACDV.dll [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk \0autocheck smrgdf c:\documents and settings\User\Application Data\iolo\\0lsdelete [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\LimeWire\\LimeWire.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"= "c:\\Documents and Settings\\User\\Shared\\Skype.exe"= "c:\\Program Files\\Skype\\Phone\\Skype-2.exe"= "c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"= "c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"= "c:\\Program Files\\SlimBrowser\\sbrowser.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\BitComet\\BitComet.exe"= "c:\\WINDOWS\\system32\\wmplayer.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "24358:TCP"= 24358:TCP:BitComet 24358 TCP "24358:UDP"= 24358:UDP:BitComet 24358 UDP R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-07-11 15424] R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;c:\program files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 UPnPService;UPnPService;c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe --> c:\program files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [?] . Contents of the 'Scheduled Tasks' folder 2009-01-12 c:\windows\Tasks\A816A49992595B11.job - c:\docume~1\user\applic~1\4sectmix\bind ball window.exe [2008-07-24 12:40] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/http://www.yahoo.com/ext/search/search.html uInternet Settings,ProxyOverride = .local IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 LSP: c:\windows\system32\imon.dll Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll Handler: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - c:\windows\wc98pp.dll . . ------- File Associations ------- . JSEFile=NOTEPAD.EXE %1 VBEFile=NOTEPAD.EXE %1 VBSFile=NOTEPAD.EXE %1 . *********************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-01-12 14:58:57 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'lsass.exe'(840) c:\windows\system32\imon.dll . Completion time: 2009-01-12 15:01:42 ComboFix-quarantined-files.txt 2009-01-12 14:01:17 Pre-Run: 875.155.456 bytes free Post-Run: 1,484,800,000 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 235 --- E O F --- 2009-01-10 15:02:27

Profil

helen1 Poslao: 12 Jan 2009 17:08 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi Lop S&D na Desktop. Dvoklikom pokreni LopSD.exe Na prvom ekranu odaberi jezik kucajući E i Enter a zatim klikni OK Odaberi opciju 1 - Search kucajući 1 i Enter Sačekaj nekoliko minuta da program završi skeniranje Na kraju procesa, log C:\LopR.txt će se otvoriti u Notepad-u Iskopiraj dobijeni log u temu na forumu.

Profil

barbie90 Poslao: 12 Jan 2009 18:37 Idi na vrh
offline barbie90 Novi MyCity građanin Pridružio: 12 Jan 2009 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! --------------------\\ Lop S&D 4.2.5-0 XP/Vista "C:\Lop SD" ( MAJ : 19-12-2008\|23:40 ) Option : [1] ( pon 12.01.2009\|17:46 ) --------------------\\ Listing folders in APPLIC~1 [19.12.2007\|01:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ABBYY [11.07.2007\|13:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ACD Systems [05.01.2009\|23:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [20.08.2007\|19:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [20.08.2007\|19:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [18.07.2007\|12:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth [11.07.2007\|13:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink [12.11.2008\|19:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet [13.08.2008\|17:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo [23.08.2007\|14:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations [27.01.2008\|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\iolo [12.08.2008\|19:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft [10.01.2009\|09:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd [10.01.2009\|09:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech [30.10.2008\|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macromedia [05.11.2007\|16:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MAGIX [03.01.2009\|01:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [27.09.2008\|18:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo [13.10.2008\|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Musicnotes [06.01.2009\|11:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\NOS [10.01.2009\|19:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\OrbNetworks [28.12.2008\|23:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Drivers HeadQuarters [23.08.2007\|14:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite [27.10.2007\|09:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [26.12.2007\|01:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype [12.07.2007\|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SolidDocuments [12.01.2009\|13:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP [30.01.2008\|22:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Winamp Toolbar [11.07.2007\|12:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [17.03.2008\|00:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [27.12.2008\|21:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! [20.02.2008\|01:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion [01.12.2007\|19:33] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [13.01.2008\|22:14] C:\DOCUME~1\LOCALS~1\APPLIC~1\iolo [20.08.2007\|15:50] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [28.12.2008\|12:13] C:\DOCUME~1\LOCALS~1\APPLIC~1\Softland [15.02.2008\|18:21] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [15.08.2008\|15:42] C:\DOCUME~1\User\APPLIC~1\4SectMix [18.12.2007\|23:08] C:\DOCUME~1\User\APPLIC~1\ABBYY [11.07.2007\|13:12] C:\DOCUME~1\User\APPLIC~1\ACD Systems [05.01.2009\|22:56] C:\DOCUME~1\User\APPLIC~1\Adobe [13.07.2007\|09:13] C:\DOCUME~1\User\APPLIC~1\AdobeUM [05.09.2007\|15:23] C:\DOCUME~1\User\APPLIC~1\Apple Computer [18.10.2008\|14:08] C:\DOCUME~1\User\APPLIC~1\BSplayer PRO [29.08.2007\|19:44] C:\DOCUME~1\User\APPLIC~1\Corel [19.07.2007\|21:20] C:\DOCUME~1\User\APPLIC~1\CyberLink [27.10.2007\|12:26] C:\DOCUME~1\User\APPLIC~1\DIMAGE [29.12.2008\|19:07] C:\DOCUME~1\User\APPLIC~1\Eltima Software [02.12.2007\|21:59] C:\DOCUME~1\User\APPLIC~1\Help [11.07.2007\|12:37] C:\DOCUME~1\User\APPLIC~1\Identities [17.07.2008\|16:02] C:\DOCUME~1\User\APPLIC~1\ImTOO Software Studio [14.12.2007\|06:25] C:\DOCUME~1\User\APPLIC~1\Ing-Pro [16.01.2008\|15:50] C:\DOCUME~1\User\APPLIC~1\iolo [15.02.2008\|18:31] C:\DOCUME~1\User\APPLIC~1\Lavasoft [10.01.2009\|09:58] C:\DOCUME~1\User\APPLIC~1\Leadertech [27.12.2008\|21:41] C:\DOCUME~1\User\APPLIC~1\Macromedia [15.02.2008\|18:48] C:\DOCUME~1\User\APPLIC~1\Media Player Classic [09.12.2008\|22:00] C:\DOCUME~1\User\APPLIC~1\Microsoft [22.07.2007\|15:44] C:\DOCUME~1\User\APPLIC~1\MSNInstaller [19.08.2007\|17:20] C:\DOCUME~1\User\APPLIC~1\MySpace [13.12.2008\|00:50] C:\DOCUME~1\User\APPLIC~1\Nokia [16.12.2007\|12:58] C:\DOCUME~1\User\APPLIC~1\Nokia Multimedia Player [17.07.2008\|12:08] C:\DOCUME~1\User\APPLIC~1\PC Suite [06.11.2008\|23:29] C:\DOCUME~1\User\APPLIC~1\Real [30.08.2007\|18:42] C:\DOCUME~1\User\APPLIC~1\Ringtone [27.07.2008\|01:36] C:\DOCUME~1\User\APPLIC~1\Sibelius Software [11.01.2009\|15:10] C:\DOCUME~1\User\APPLIC~1\Skype [11.01.2009\|10:40] C:\DOCUME~1\User\APPLIC~1\skypePM [12.01.2009\|17:46] C:\DOCUME~1\User\APPLIC~1\SlimBrowser [12.01.2009\|11:37] C:\DOCUME~1\User\APPLIC~1\SolidDocuments [31.10.2007\|11:54] C:\DOCUME~1\User\APPLIC~1\Sun [22.01.2008\|22:49] C:\DOCUME~1\User\APPLIC~1\VideoEgg [18.12.2007\|19:49] C:\DOCUME~1\User\APPLIC~1\VoipBuster [29.03.2008\|23:03] C:\DOCUME~1\User\APPLIC~1\Vso [01.07.2008\|17:10] C:\DOCUME~1\User\APPLIC~1\Winamp [27.12.2008\|21:28] C:\DOCUME~1\User\APPLIC~1\Yahoo! --------------------\\ Scheduled Tasks located in C:\WINDOWS\Tasks [12.01.2009 17:00][--ah-----] C:\WINDOWS\tasks\A816A49992595B11.job [12.01.2009 15:01][--ah-----] C:\WINDOWS\tasks\SA.DAT [23.08.2001 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini ( A816A49992595B11.job )=( c:\docume~1\user\applic~1\4sectmix\bindballwindow.exe ) --------------------\\ Listing Folders in C:\Program Files [19.12.2007\|23:14] C:\Program Files\ABBYY FineReader 8.0 Professional Edition [11.07.2007\|13:12] C:\Program Files\ACD Systems [05.01.2009\|23:11] C:\Program Files\Adobe [11.07.2007\|13:10] C:\Program Files\Ahead [13.12.2008\|23:52] C:\Program Files\Apple Software Update [16.01.2008\|15:39] C:\Program Files\Audiograbber [24.03.2008\|15:09] C:\Program Files\BitComet [13.12.2008\|23:57] C:\Program Files\Bonjour [07.01.2009\|00:56] C:\Program Files\CleanMyPC [12.01.2009\|14:57] C:\Program Files\Common Files [11.07.2007\|12:27] C:\Program Files\ComPlus Applications [29.08.2007\|19:41] C:\Program Files\Corel [11.09.2007\|21:20] C:\Program Files\Cucusoft [27.12.2008\|21:35] C:\Program Files\CyberLink [23.08.2007\|14:22] C:\Program Files\DIFX [04.01.2008\|17:28] C:\Program Files\DivX_311alpha [05.09.2007\|21:20] C:\Program Files\D-Tools [06.01.2009\|21:30] C:\Program Files\EasyDecrypter v1.12 [08.02.2008\|07:47] C:\Program Files\ESET [14.12.2007\|06:21] C:\Program Files\IngPro [10.01.2009\|09:58] C:\Program Files\InstallShield Installation Information [10.12.2008\|01:09] C:\Program Files\Internet Explorer [18.07.2007\|11:42] C:\Program Files\IVT Corporation [25.10.2007\|18:57] C:\Program Files\Java [15.02.2008\|18:28] C:\Program Files\K-Lite Codec Pack [12.08.2008\|19:46] C:\Program Files\Lavasoft [29.11.2008\|12:47] C:\Program Files\LimeWire [10.01.2009\|09:58] C:\Program Files\Logitech [20.08.2007\|10:14] C:\Program Files\mEliteSoftware [12.08.2008\|22:50] C:\Program Files\Messenger [12.07.2007\|19:22] C:\Program Files\Microsoft [11.07.2007\|13:02] C:\Program Files\Microsoft ActiveSync [10.01.2009\|16:02] C:\Program Files\Microsoft CAPICOM 2.1.0.2 [31.03.2008\|20:28] C:\Program Files\microsoft frontpage [31.03.2008\|19:55] C:\Program Files\Microsoft Office [11.07.2007\|13:01] C:\Program Files\Microsoft Visual Studio [11.07.2007\|13:01] C:\Program Files\Microsoft Works [11.07.2007\|13:02] C:\Program Files\Microsoft.NET [18.07.2008\|15:07] C:\Program Files\MIKSOFT [12.07.2007\|20:22] C:\Program Files\MoreJongg_70 [11.07.2007\|12:28] C:\Program Files\Movie Maker [18.07.2007\|11:43] C:\Program Files\mp3DirectCut [22.07.2007\|15:41] C:\Program Files\MSN [11.07.2007\|12:26] C:\Program Files\MSN Gaming Zone [19.07.2007\|18:30] C:\Program Files\MSXML 4.0 [20.08.2007\|18:25] C:\Program Files\MSXML 6.0 [27.12.2008\|21:39] C:\Program Files\Musicnotes [11.07.2007\|12:28] C:\Program Files\NetMeeting [23.07.2008\|21:00] C:\Program Files\Nokia [06.01.2009\|11:42] C:\Program Files\NOS [11.07.2007\|12:29] C:\Program Files\Online Services [19.07.2007\|18:33] C:\Program Files\Outlook Express [23.08.2007\|14:22] C:\Program Files\PC Connectivity Solution [07.01.2009\|23:59] C:\Program Files\PC Health Plan [18.07.2007\|11:43] C:\Program Files\Photodex [18.07.2007\|11:44] C:\Program Files\Photodex Presenter [13.12.2008\|23:56] C:\Program Files\QuickTime [18.07.2007\|11:45] C:\Program Files\Real [25.01.2008\|17:21] C:\Program Files\Sibelius Software [26.12.2007\|01:31] C:\Program Files\Skype [05.01.2009\|23:02] C:\Program Files\SlimBrowser [28.12.2008\|12:10] C:\Program Files\Softland [20.10.2007\|14:56] C:\Program Files\SolidDocuments [11.07.2007\|13:38] C:\Program Files\totalcmd [11.07.2007\|12:37] C:\Program Files\Uninstall Information [11.07.2007\|12:44] C:\Program Files\VIA [18.07.2007\|11:46] C:\Program Files\Webteh [23.09.2008\|15:53] C:\Program Files\Winamp [11.01.2009\|19:51] C:\Program Files\Winamp Remote [24.06.2008\|16:11] C:\Program Files\Winamp Toolbar [15.02.2008\|18:26] C:\Program Files\Windows Live [20.08.2007\|15:42] C:\Program Files\Windows Media Connect 2 [26.07.2008\|14:48] C:\Program Files\Windows Media Player [11.07.2007\|12:26] C:\Program Files\Windows NT [11.07.2007\|12:29] C:\Program Files\WindowsUpdate [16.01.2008\|15:39] C:\Program Files\WinRAR [16.01.2008\|15:39] C:\Program Files\WordWeb [11.07.2007\|12:32] C:\Program Files\xerox [01.01.2009\|20:06] C:\Program Files\Xilisoft [27.12.2008\|21:28] C:\Program Files\Yahoo! [11.02.2008\|16:34] C:\Program Files\YouTube Downloader [11.02.2008\|16:33] C:\Program Files\YouTube Video Downloader --------------------\\ Listing Folders in C:\Program Files\Common Files [11.07.2007\|13:12] C:\Program Files\Common Files\ACD Systems [05.01.2009\|23:10] C:\Program Files\Common Files\Adobe [05.01.2009\|23:10] C:\Program Files\Common Files\Adobe AIR [11.07.2007\|13:10] C:\Program Files\Common Files\Ahead [28.12.2008\|00:07] C:\Program Files\Common Files\Apple [29.08.2007\|19:42] C:\Program Files\Common Files\Corel [29.08.2007\|19:42] C:\Program Files\Common Files\DESIGNER [28.12.2008\|23:52] C:\Program Files\Common Files\Download Manager [29.08.2007\|19:42] C:\Program Files\Common Files\InstallShield [20.08.2007\|13:45] C:\Program Files\Common Files\Java [11.07.2007\|13:02] C:\Program Files\Common Files\L&H [10.01.2009\|10:00] C:\Program Files\Common Files\LogiShrd [12.11.2008\|18:53] C:\Program Files\Common Files\Macrovision Shared [03.01.2009\|01:47] C:\Program Files\Common Files\Microsoft Shared [11.07.2007\|12:28] C:\Program Files\Common Files\MSSoap [23.08.2007\|14:22] C:\Program Files\Common Files\Nokia [30.01.2008\|23:34] C:\Program Files\Common Files\NSV [11.07.2007\|14:17] C:\Program Files\Common Files\ODBC [23.08.2007\|14:22] C:\Program Files\Common Files\PCSuite [06.11.2008\|23:27] C:\Program Files\Common Files\Real [11.07.2007\|12:28] C:\Program Files\Common Files\Services [26.12.2007\|01:31] C:\Program Files\Common Files\Skype [11.07.2007\|14:17] C:\Program Files\Common Files\SpeechEngines [31.03.2008\|20:24] C:\Program Files\Common Files\System [15.02.2008\|18:09] C:\Program Files\Common Files\WindowsLiveInstaller [12.08.2008\|19:45] C:\Program Files\Common Files\Wise Installation Wizard [06.11.2008\|23:27] C:\Program Files\Common Files\xing shared --------------------\\ Process ( 49 Processes )

Profil

helen1 Poslao: 12 Jan 2009 19:57 Idi na vrh
offline helen1 Anti Malware Fighter Rank 2 Master učitelj Pridružio: 27 Avg 2005 Poruke: 8617 Gde živiš: Novi Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ponovo iskljuci Antivirus. Otvoriti Notepad i iskopirati sledeci tekst: `File:: c:\docume~1\user\applic~1\4sectmix\bindballwindow.exe C:\WINDOWS\tasks\A816A49992595B11.job c:\windows\system32\wmplayer.exe Folder:: C:\DOCUME~1\ALLUSE~1\APPLIC~1\Frag great bend logo C:\DOCUME~1\User\APPLIC~1\4SectMix Registry:: [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\wmplayer.exe"=-` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » treba mi pomoc u vezi hjt loga.... :)

Ko je trenutno na forumu

Ukupno su 1107 korisnika na forumu :: 80 registrovanih, 10 sakrivenih i 1017 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, 8u47, A.R.Chafee.Jr., Apok, Bane san, Bobrock1, cavatina, ccoogg123, cemix, croato, darcaud, Darko8, Denaya, Dimitrije Paunovic, Dimitrise93, DonRumataEstorski, Dorcolac, dragoljub11987, DragoslavS, Dukelander, dule10savic, dulleo, Džordžino, Fabius, FileFinder, flash12, Georgius, Hans Gajger, hatman, hologram, HrcAk47, hyla, ikan, Insan, Istman, Karla, Koridor, Krusarac, ksyyaj, Kubovac, Lieutenant, ljuba, Mercury, Metanoja, milenko crazy north, milimoj, Milometer, milos97, miodrag, Misirac, mkukoleca, Motocar, MrNo, Ne doznajem se u oružje, nenad81, nikoladim, oganj123, pirke96, rasok, Ripanjac, royst33, sasakrajina, sevenino, Shinobi, Singidunumac, Srle993, Steeeefan, strelac07, theNedjeljko, Tvrtko I, uruk, vathra, voja64, vrag81, wolf431, Wrangler, Yellow Pinky, Zmaj001, šumar bk2, Čivi

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by