MyCity » Ambulanta -> Arhiva Ambulante » Kako da ocistim owo cudo

Kako da ocistim owo cudo

Napisano na dan: 15.9.2008

Kako da ocistim owo cudo

Sledeća strana

Pagination

Odgovori

I NEED MONEY Poslao: 15 Sep 2008 16:54 Idi na vrh
offline I NEED MONEY Novi MyCity građanin Pridružio: 16 Avg 2008 Poruke: 23	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:19:20, on 15.9.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe g:\Program Files\Alwil Software\Avast4\aswUpdSv.exe g:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe G:\Program Files\PalickSoft\HDD Temperature\HDDTSvc.exe C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\htpatch.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe G:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\SweetIM\Messenger\SweetIM.exe C:\Program Files\Multimedia Mouse Driver\MouseDrv.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe G:\Program Files\Warcraft III\w3dr.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe G:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe G:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe g:\Program Files\Alwil Software\Avast4\ashMaiSv.exe g:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe G:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe G:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe C:\WINDOWS\system32\WgaTray.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Opera\opera.exe C:\Documents and Settings\User\Desktop\New Folder\TR3.exe..exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/http://www.yahoo.com/ext/search/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = us.rd.yahoo.com/customize/ie/defaults/su/msgr8/http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/http://www.yahoo.com/ext/search/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/http://www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = as.starware.com/dp/search?product=ssearch&s.....oogle.com/ (obfuscated) R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = us.rd.yahoo.com/customize/ie/defaults/su/msgr8/http://www.yahoo.com R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live pomaga? za prijavljivanje - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: vidica Toolbar - {d7d30ba6-d1f4-4aa9-9187-f20c30930597} - C:\Program Files\vidica\tbvid1.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: (no name) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - (no file) O3 - Toolbar: vidica Toolbar - {d7d30ba6-d1f4-4aa9-9187-f20c30930597} - C:\Program Files\vidica\tbvid1.dll O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\Multimedia Mouse Driver\StartAutorun.exe MouseDrv.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [avast!] g:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [w3dr.exe] G:\Program Files\Warcraft III\w3dr.exe O4 - HKLM\..\Run: [cuvyj] C:\WINDOWS\system32\soutooduquoqu.exe O4 - HKLM\..\Run: [cctray] "G:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [RegistryMechanic] G:\Program Files\Registry Mechanic\RegMech.exe /H O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\NetProject\sbmntr.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: HDD temperature.lnk = G:\Program Files\PalickSoft\HDD Temperature\HDDTemperature.exe O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: &Search - edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSman000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Objavi ovo u blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Objavi ovo u blogu u okviru usluge Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - g:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - g:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - g:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - g:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: CaCCProvSP - CA, Inc. - G:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HDD Temperature (HDDTService) - PalickSoft - G:\Program Files\PalickSoft\HDD Temperature\HDDTSvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe O23 - Service: C-DillaSrv (iyoa318ij) - Unknown owner - C:\WINDOWS\system32\fedoo.exe (file missing) O23 - Service: PPCtlPriv - CA, Inc. - G:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe -- End of file - 12215 bytes Help Dopuna: 15 Sep 2008 16:54 a pojavljuju se i neki trojani

Profil

dr_Bora Poslao: 15 Sep 2008 18:36 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Poz... Za početak, odluči se za jedan antivirus a ostale ukloni. Kada to odradiš, postavi svež HijackThis logfile.

Profil

I NEED MONEY Poslao: 15 Sep 2008 20:15 Idi na vrh
offline I NEED MONEY Novi MyCity građanin Pridružio: 16 Avg 2008 Poruke: 23	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! vazi...sad cu ga skeniram pa cu postavim..a zbog ovih trojana nemogu lepo da otvorim particije d i g nego ih otvaram sa ACDSee Dopuna: 15 Sep 2008 20:15 Obrisao sam awasta i ostavio samo avg... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:09:53, on 15.9.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\htpatch.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\SweetIM\Messenger\SweetIM.exe C:\Program Files\Multimedia Mouse Driver\MouseDrv.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe G:\Program Files\Warcraft III\w3dr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\WINDOWS\system32\WgaTray.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\explorer.exe C:\Program Files\AVG\AVG8\avgui.exe C:\Program Files\AVG\AVG8\avgscanx.exe C:\Documents and Settings\User\Desktop\New Folder\TR3.exe..exe C:\Program Files\Opera\opera.exe C:\PROGRA~1\AVG\AVG8\avgupd.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/http://www.yahoo.com/ext/search/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = us.rd.yahoo.com/customize/ie/defaults/su/msgr8/http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/http://www.yahoo.com/ext/search/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/http://www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = as.starware.com/dp/search?product=ssearch&a.....oogle.com/ (obfuscated) R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = us.rd.yahoo.com/customize/ie/defaults/su/msgr8/http://www.yahoo.com R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live pomaga? za prijavljivanje - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: vidica Toolbar - {d7d30ba6-d1f4-4aa9-9187-f20c30930597} - C:\Program Files\vidica\tbvid1.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: (no name) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - (no file) O3 - Toolbar: vidica Toolbar - {d7d30ba6-d1f4-4aa9-9187-f20c30930597} - C:\Program Files\vidica\tbvid1.dll O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [WireLessMouse] C:\Program Files\Multimedia Mouse Driver\StartAutorun.exe MouseDrv.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [w3dr.exe] G:\Program Files\Warcraft III\w3dr.exe O4 - HKLM\..\Run: [cuvyj] C:\WINDOWS\system32\soutooduquoqu.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\NetProject\sbmntr.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: HDD temperature.lnk = G:\Program Files\PalickSoft\HDD Temperature\HDDTemperature.exe O4 - Startup: PowerReg Scheduler V3.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: &Search - edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZSman000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Objavi ovo u blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Objavi ovo u blogu u okviru usluge Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: C-DillaSrv (iyoa318ij) - Unknown owner - C:\WINDOWS\system32\fedoo.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 10281 bytes

Profil

dr_Bora Poslao: 15 Sep 2008 20:28 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok. * Klikni desnim tasterom miša na AVG ikonicu ( ) u donjem, desnom uglu ekrana. * Kada se pokrene AVG Control Center, dvoklikni na AVG Resident Shield komponentu. * U prozoru koji se otvori, deštikliraj opciju Turn on AVG Resident Shield i klikni OK. Napomena: Ne zaboravi da uključiš ovu opciju po završetku čišćenja. ------------------------------------------------------------------------------------- Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

I NEED MONEY Poslao: 16 Sep 2008 17:06 Idi na vrh
offline I NEED MONEY Novi MyCity građanin Pridružio: 16 Avg 2008 Poruke: 23	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! e izvini ako si ceko nisam stigo zbog skole.... ComboFix 08-09-15.02 - User 2008-09-16 16:22:29.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.253 [GMT 2:00] Running from: C:\Documents and Settings\User\Desktop\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . C:\Documents and Settings\User\Favorites\Download programs.url C:\Documents and Settings\User\Favorites\Games.url C:\Documents and Settings\User\Favorites\Translator.url C:\Documents and Settings\User\Favorites\Videos.url C:\Documents and Settings\User\Local Settings\Application Data\rmplokn.dat C:\Documents and Settings\User\Local Settings\Application Data\rmplokn_nav.dat C:\Documents and Settings\User\Local Settings\Application Data\rmplokn_navps.dat C:\Documents and Settings\User\ravmonlog C:\Documents and Settings\User\Start Menu\Programs\Download programs.url C:\Documents and Settings\User\Start Menu\Programs\Games.url C:\Documents and Settings\User\Start Menu\Programs\Translator.url C:\Documents and Settings\User\Start Menu\Programs\Videos.url C:\Program Files\FunWebProducts C:\Program Files\FunWebProducts\PopSwatr\History\allowed C:\Program Files\FunWebProducts\PopSwatr\History\notallow C:\Program Files\FunWebProducts\ScreenSaver\Images\00263B5A.urr C:\Program Files\FunWebProducts\Shared\Cache\AvatarSmallBtn.htmlx C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html C:\Program Files\FunWebProducts\Shared\Cache\FunBuddyIconBtn.html C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html C:\Program Files\internet explorer\msimg32.dll C:\Program Files\MyWebSearch C:\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL C:\Program Files\MyWebSearch\bar\2.bin\F3HTMLMU.DLL C:\Program Files\MyWebSearch\bar\2.bin\MWSBAR.DLL C:\Program Files\MyWebSearch\bar\2.bin\MWSOEPLG.DLL C:\Program Files\MyWebSearch\bar\2.bin\MWSOESTB.DLL C:\Program Files\MyWebSearch\bar\3.bin\F3BKGERR.JPG C:\Program Files\MyWebSearch\bar\3.bin\F3CJPEG.DLL C:\Program Files\MyWebSearch\bar\3.bin\F3DTACTL.DLL C:\Program Files\MyWebSearch\bar\3.bin\F3HISTSW.DLL C:\Program Files\MyWebSearch\bar\3.bin\F3HTMLMU.DLL C:\Program Files\MyWebSearch\bar\3.bin\F3HTTPCT.DLL C:\Program Files\MyWebSearch\bar\3.bin\F3IMSTUB.DLL C:\Program Files\MyWebSearch\bar\3.bin\F3POPSWT.DLL C:\Program Files\MyWebSearch\bar\3.bin\F3PSSAVR.SCR C:\Program Files\MyWebSearch\bar\3.bin\F3REPROX.DLL C:\Program Files\MyWebSearch\bar\3.bin\F3RESTUB.DLL C:\Program Files\MyWebSearch\bar\3.bin\F3SCHMON.EXE C:\Program Files\MyWebSearch\bar\3.bin\F3SCRCTR.DLL C:\Program Files\MyWebSearch\bar\3.bin\F3SPACER.WMV C:\Program Files\MyWebSearch\bar\3.bin\F3WALLPP.DAT C:\Program Files\MyWebSearch\bar\3.bin\FWPBUDDY.PNG C:\Program Files\MyWebSearch\bar\3.bin\M3FFXTBR.JAR C:\Program Files\MyWebSearch\bar\3.bin\M3FFXTBR.MANIFEST C:\Program Files\MyWebSearch\bar\3.bin\M3HIGHIN.EXE C:\Program Files\MyWebSearch\bar\3.bin\M3HTML.DLL C:\Program Files\MyWebSearch\bar\3.bin\M3IDLE.DLL C:\Program Files\MyWebSearch\bar\3.bin\M3IMPIPE.EXE C:\Program Files\MyWebSearch\bar\3.bin\M3MEDINT.EXE C:\Program Files\MyWebSearch\bar\3.bin\M3MSG.DLL C:\Program Files\MyWebSearch\bar\3.bin\M3NTSTBR.JAR C:\Program Files\MyWebSearch\bar\3.bin\M3NTSTBR.MANIFEST C:\Program Files\MyWebSearch\bar\3.bin\M3OUTLCN.DLL C:\Program Files\MyWebSearch\bar\3.bin\M3SKIN.DLL C:\Program Files\MyWebSearch\bar\3.bin\M3SKPLAY.EXE C:\Program Files\MyWebSearch\bar\3.bin\M3SLSRCH.EXE C:\Program Files\MyWebSearch\bar\3.bin\MWSOEPLG.DLL C:\Program Files\MyWebSearch\bar\3.bin\MWSOESTB.DLL C:\Program Files\MyWebSearch\bar\3.bin\NPMYWEBS.DLL C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S C:\Program Files\MyWebSearch\bar\Cache\00050FF5.bin C:\Program Files\MyWebSearch\bar\Cache\00051EBA.bin C:\Program Files\MyWebSearch\bar\Cache\0005389B.bin C:\Program Files\MyWebSearch\bar\Cache\001B4A15 C:\Program Files\MyWebSearch\bar\Cache\002AD94C.bin C:\Program Files\MyWebSearch\bar\Cache\00A0F051 C:\Program Files\MyWebSearch\bar\Cache\00A19A3D.bin C:\Program Files\MyWebSearch\bar\Cache\00A1A9EC.bin C:\Program Files\MyWebSearch\bar\Cache\00A1B2B6.bin C:\Program Files\MyWebSearch\bar\Cache\00A1C0C0.bin C:\Program Files\MyWebSearch\bar\Cache\00A1CF66.bin C:\Program Files\MyWebSearch\bar\Cache\files.ini C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S C:\Program Files\MyWebSearch\bar\History\search2 C:\Program Files\MyWebSearch\bar\icons\CM.ICO C:\Program Files\MyWebSearch\bar\icons\MFC.ICO C:\Program Files\MyWebSearch\bar\icons\PSS.ICO C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO C:\Program Files\MyWebSearch\bar\icons\Thumbs.db C:\Program Files\MyWebSearch\bar\icons\WB.ICO C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S C:\Program Files\MyWebSearch\bar\Message\COMMON\ask_logo.gif C:\Program Files\MyWebSearch\bar\Message\COMMON\autoup.gif C:\Program Files\MyWebSearch\bar\Message\COMMON\autoup.htm C:\Program Files\MyWebSearch\bar\Message\COMMON\center.htm C:\Program Files\MyWebSearch\bar\Message\COMMON\index.htm C:\Program Files\MyWebSearch\bar\Message\COMMON\mid_dots.gif C:\Program Files\MyWebSearch\bar\Message\COMMON\mws_logo.gif C:\Program Files\MyWebSearch\bar\Message\COMMON\protect.htm C:\Program Files\MyWebSearch\bar\Message\COMMON\shocked.gif C:\Program Files\MyWebSearch\bar\Message\COMMON\stop.gif C:\Program Files\MyWebSearch\bar\Message\COMMON\systray.htm C:\Program Files\MyWebSearch\bar\Message\COMMON\systrayp.htm C:\Program Files\MyWebSearch\bar\Message\COMMON\tp_grad.gif C:\Program Files\MyWebSearch\bar\Message\COMMON\warn.gif C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat C:\WINDOWS\system32\209789 C:\WINDOWS\system32\drivers\npf.sys C:\WINDOWS\system32\f3PSSavr.scr C:\WINDOWS\system32\MSINET.oca C:\WINDOWS\system32\nvs2.inf C:\WINDOWS\system32\packet.dll C:\WINDOWS\system32\pthreadVC.dll C:\WINDOWS\system32\wanpacket.dll C:\WINDOWS\system32\wpcap.dll D:\Autorun.inf G:\Autorun.inf . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_MYWEBSEARCHSERVICE -------\Legacy_NPF -------\Service_NPF ((((((((((((((((((((((((( Files Created from 2008-08-16 to 2008-09-16 ))))))))))))))))))))))))))))))) . 2008-08-27 15:34 . 2008-08-27 15:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! 2008-08-27 15:31 . 2008-08-27 15:31 <DIR> d-------- C:\Program Files\Yahoo! 2008-08-25 23:43 . 2008-08-25 23:43 268 --ah----- C:\sqmdata19.sqm 2008-08-25 23:43 . 2008-08-25 23:43 244 --ah----- C:\sqmnoopt19.sqm 2008-08-25 19:10 . 2008-08-25 19:10 172 --ah----- C:\sqmnoopt18.sqm 2008-08-25 19:10 . 2008-08-25 19:10 172 --ah----- C:\sqmdata18.sqm 2008-08-25 16:04 . 2008-08-25 16:04 268 --ah----- C:\sqmdata17.sqm 2008-08-25 16:04 . 2008-08-25 16:04 244 --ah----- C:\sqmnoopt17.sqm 2008-08-25 13:15 . 2008-08-25 13:15 268 --ah----- C:\sqmdata16.sqm 2008-08-25 13:15 . 2008-08-25 13:15 244 --ah----- C:\sqmnoopt16.sqm 2008-08-24 21:06 . 2008-08-24 21:06 172 --ah----- C:\sqmnoopt15.sqm 2008-08-24 21:06 . 2008-08-24 21:06 172 --ah----- C:\sqmdata15.sqm 2008-08-24 20:31 . 2008-08-24 20:31 268 --ah----- C:\sqmdata14.sqm 2008-08-24 20:31 . 2008-08-24 20:31 244 --ah----- C:\sqmnoopt14.sqm 2008-08-24 19:20 . 2008-09-13 09:47 268 --ah----- C:\sqmdata13.sqm 2008-08-24 19:20 . 2008-09-13 09:47 244 --ah----- C:\sqmnoopt13.sqm 2008-08-23 17:49 . 2008-08-23 17:49 <DIR> d-------- C:\WINDOWS\Eurobattle.net Installer . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-16 10:27 --------- d-----w C:\Documents and Settings\User\Application Data\LimeWire 2008-09-15 19:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater 2008-09-15 17:10 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-09-15 14:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-09-15 09:42 45,056 ----a-w C:\WINDOWS\NCUNINST.EXE 2008-09-14 08:29 --------- d-----w C:\Program Files\Valve 2008-08-29 10:23 97,928 ----a-w C:\WINDOWS\system32\drivers\avgldx86.sys 2008-08-15 10:27 --------- d-----w C:\Documents and Settings\User\Application Data\TuneUp Software 2008-08-15 10:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software 2008-08-07 11:26 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-08-07 11:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Autodesk 2008-08-05 09:50 --------- d-----w C:\Documents and Settings\User\Application Data\AVGTOOLBAR 2008-08-04 18:14 76,040 ----a-w C:\WINDOWS\system32\drivers\avgtdix.sys 2008-08-04 18:14 10,520 ----a-w C:\WINDOWS\system32\avgrsstx.dll 2008-08-04 18:14 --------- d-----w C:\Program Files\AVG 2008-08-04 18:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg8 2008-08-04 17:53 --------- d-----w C:\Documents and Settings\User\Application Data\SUPERAntiSpyware.com 2008-08-03 12:09 --------- d-----w C:\Program Files\MSN Games 2008-07-26 21:21 --------- d-----w C:\Program Files\LimeWire 2008-07-26 09:21 --------- d-----w C:\Program Files\Opera 2008-07-21 11:27 --------- d-----w C:\Program Files\Sun 2008-07-21 11:27 --------- d-----w C:\Program Files\Java 2008-07-19 18:08 155,995 ----a-w C:\WINDOWS\java\Packages\HZRXN73L.ZIP 2008-07-19 15:40 --------- d-----w C:\Program Files\Common Files\SWF Studio 2008-07-07 20:32 253,952 ----a-w C:\WINDOWS\system32\es.dll 2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll 2008-06-23 16:57 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-01-23 14:27 374 ----a-w C:\Documents and Settings\User\Application Data\internaldb6334.dat 2008-01-23 14:00 555 ----a-w C:\Documents and Settings\User\Application Data\internaldb8467.dat 2008-01-23 14:00 18,432 ----a-w C:\Documents and Settings\User\Application Data\internaldb41.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{EEE6C35D-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2008-03-27 173368] [HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] 2008-03-27 14:12 1164600 --a------ C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-03-27 1164600] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-03-27 1164600] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-22 68856] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HTpatch"="C:\WINDOWS\htpatch.exe" [2002-10-30 28672] "Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2002-10-11 98304] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-28 344064] "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-06-29 32768] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-06-02 155648] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-12-10 133016] "WireLessMouse"="C:\Program Files\Multimedia Mouse Driver\StartAutorun.exe" [2005-11-30 94208] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "SweetIM"="C:\Program Files\SweetIM\Messenger\SweetIM.exe" [2008-03-27 111928] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-08-29 1235736] "w3dr.exe"="G:\Program Files\Warcraft III\w3dr.exe" [2008-08-03 61440] "cuvyj"="C:\WINDOWS\system32\soutooduquoqu.exe" [BU] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15360] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] ATI CATALYST System Tray.lnk - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe [2005-06-29 32768] Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-04-22 124400] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3acm"= l3codecp.acm "VIDC.YV12"= yv12vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "D:\\Program Files\\Valve\\hl.exe"= "D:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"= "D:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Valve\\hl.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "G:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe"= "G:\\Program Files\\LimeWire\\LimeWire.exe"= "C:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "C:\\Program Files\\AVG\\AVG8\\avgupd.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "17804:TCP"= 17804:TCP:NortonAV "12346:TCP"= 12346:TCP:NortonAV R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-08-29 97928] R2 avg8emc;AVG Free8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-08-29 875288] R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-29 231704] R2 AvgTdiX;AVG Free8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-08-04 76040] R2 ousbehci;OrangeWare USB Enhanced Host Controller Service;C:\WINDOWS\system32\Drivers\ousbehci.sys [2005-07-15 45696] R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;C:\WINDOWS\system32\DRIVERS\ousb2hub.sys [2005-07-15 56960] R3 usnjsvc;Usluga Messenger Sharing Folders USN Journal Reader;C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S2 iyoa318ij;C-DillaSrv;C:\WINDOWS\system32\fedoo.exe [ ] S3 ALSysIO;ALSysIO;C:\DOCUME~1\User\LOCALS~1\Temp\ALSysIO.sys [ ] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dd8b21c6-db09-11dc-85b0-000c6ea8a481}] \Shell\Auto\command - H:\setup.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL setup.exe . Contents of the 'Scheduled Tasks' folder . . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\1cfgo3rx.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-09-16 16:24:57 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ************************************************************************ . Completion time: 2008-09-16 16:28:19 ComboFix-quarantined-files.txt 2008-09-16 14:27:12 Pre-Run: 10,074,611,712 bytes free Post-Run: 10,061,971,456 bytes free 301 --- E O F --- 2008-08-14 12:32:03

Profil

dr_Bora Poslao: 16 Sep 2008 17:15 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `Driver:: iyoa318ij Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "cuvyj"=- [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "17804:TCP"=- "12346:TCP"=-` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

I NEED MONEY Poslao: 16 Sep 2008 17:49 Idi na vrh
offline I NEED MONEY Novi MyCity građanin Pridružio: 16 Avg 2008 Poruke: 23	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! e sad mogu normalno da udjem u particije g i d jel to znaci da su oni trojani otklonjeni?? ComboFix 08-09-15.02 - User 2008-09-16 17:23:08.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.381.1033.18.162 [GMT 2:00]Running from: C:\Documents and Settings\User\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\User\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_IYOA318IJ -------\Service_iyoa318ij ((((((((((((((((((((((((( Files Created from 2008-08-16 to 2008-09-16 ))))))))))))))))))))))))))))))) . 2008-08-27 15:34 . 2008-08-27 15:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! 2008-08-27 15:31 . 2008-08-27 15:31 <DIR> d-------- C:\Program Files\Yahoo! 2008-08-25 23:43 . 2008-08-25 23:43 268 --ah----- C:\sqmdata19.sqm 2008-08-25 23:43 . 2008-08-25 23:43 244 --ah----- C:\sqmnoopt19.sqm 2008-08-25 19:10 . 2008-08-25 19:10 172 --ah----- C:\sqmnoopt18.sqm 2008-08-25 19:10 . 2008-08-25 19:10 172 --ah----- C:\sqmdata18.sqm 2008-08-25 16:04 . 2008-08-25 16:04 268 --ah----- C:\sqmdata17.sqm 2008-08-25 16:04 . 2008-08-25 16:04 244 --ah----- C:\sqmnoopt17.sqm 2008-08-25 13:15 . 2008-08-25 13:15 268 --ah----- C:\sqmdata16.sqm 2008-08-25 13:15 . 2008-08-25 13:15 244 --ah----- C:\sqmnoopt16.sqm 2008-08-24 21:06 . 2008-08-24 21:06 172 --ah----- C:\sqmnoopt15.sqm 2008-08-24 21:06 . 2008-08-24 21:06 172 --ah----- C:\sqmdata15.sqm 2008-08-24 20:31 . 2008-08-24 20:31 268 --ah----- C:\sqmdata14.sqm 2008-08-24 20:31 . 2008-08-24 20:31 244 --ah----- C:\sqmnoopt14.sqm 2008-08-24 19:20 . 2008-09-13 09:47 268 --ah----- C:\sqmdata13.sqm 2008-08-24 19:20 . 2008-09-13 09:47 244 --ah----- C:\sqmnoopt13.sqm 2008-08-23 17:49 . 2008-08-23 17:49 <DIR> d-------- C:\WINDOWS\Eurobattle.net Installer . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-16 10:27 --------- d-----w C:\Documents and Settings\User\Application Data\LimeWire 2008-09-15 19:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater 2008-09-15 17:10 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard 2008-09-15 14:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP 2008-09-15 09:42 45,056 ----a-w C:\WINDOWS\NCUNINST.EXE 2008-09-14 08:29 --------- d-----w C:\Program Files\Valve 2008-08-29 10:23 97,928 ----a-w C:\WINDOWS\system32\drivers\avgldx86.sys 2008-08-15 10:27 --------- d-----w C:\Documents and Settings\User\Application Data\TuneUp Software 2008-08-15 10:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\TuneUp Software 2008-08-07 11:26 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-08-07 11:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Autodesk 2008-08-05 09:50 --------- d-----w C:\Documents and Settings\User\Application Data\AVGTOOLBAR 2008-08-04 18:14 76,040 ----a-w C:\WINDOWS\system32\drivers\avgtdix.sys 2008-08-04 18:14 --------- d-----w C:\Program Files\AVG 2008-08-04 18:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg8 2008-08-04 17:53 --------- d-----w C:\Documents and Settings\User\Application Data\SUPERAntiSpyware.com 2008-08-03 12:09 --------- d-----w C:\Program Files\MSN Games 2008-07-26 21:21 --------- d-----w C:\Program Files\LimeWire 2008-07-26 09:21 --------- d-----w C:\Program Files\Opera 2008-07-21 11:27 --------- d-----w C:\Program Files\Sun 2008-07-21 11:27 --------- d-----w C:\Program Files\Java 2008-07-19 15:40 --------- d-----w C:\Program Files\Common Files\SWF Studio 2008-01-23 14:27 374 ----a-w C:\Documents and Settings\User\Application Data\internaldb6334.dat 2008-01-23 14:00 555 ----a-w C:\Documents and Settings\User\Application Data\internaldb8467.dat 2008-01-23 14:00 18,432 ----a-w C:\Documents and Settings\User\Application Data\internaldb41.dat . ((((((((((((((((((((((((((((( snapshot@2008-09-16_16.17.48.60 ))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{EEE6C35D-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2008-03-27 173368] [HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] 2008-03-27 14:12 1164600 --a------ C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-03-27 1164600] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-03-27 1164600] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-04-22 68856] "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HTpatch"="C:\WINDOWS\htpatch.exe" [2002-10-30 28672] "Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2002-10-11 98304] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-28 344064] "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-06-29 32768] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-06-02 155648] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648] "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-12-10 133016] "WireLessMouse"="C:\Program Files\Multimedia Mouse Driver\StartAutorun.exe" [2005-11-30 94208] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "SweetIM"="C:\Program Files\SweetIM\Messenger\SweetIM.exe" [2008-03-27 111928] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-08-29 1235736] "w3dr.exe"="G:\Program Files\Warcraft III\w3dr.exe" [2008-08-03 61440] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 15360] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696] ATI CATALYST System Tray.lnk - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe [2005-06-29 32768] Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-04-22 124400] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.l3acm"= l3codecp.acm "VIDC.YV12"= yv12vfw.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "D:\\Program Files\\Valve\\hl.exe"= "D:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"= "D:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Valve\\hl.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "G:\\Program Files\\KONAMI\\Pro Evolution Soccer 6\\PES6.exe"= "G:\\Program Files\\LimeWire\\LimeWire.exe"= "C:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "C:\\Program Files\\AVG\\AVG8\\avgupd.exe"= R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-08-29 97928] R2 avg8emc;AVG Free8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-08-29 875288] R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-29 231704] R2 AvgTdiX;AVG Free8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-08-04 76040] R2 ousbehci;OrangeWare USB Enhanced Host Controller Service;C:\WINDOWS\system32\Drivers\ousbehci.sys [2005-07-15 45696] R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;C:\WINDOWS\system32\DRIVERS\ousb2hub.sys [2005-07-15 56960] S3 ALSysIO;ALSysIO;C:\DOCUME~1\User\LOCALS~1\Temp\ALSysIO.sys [ ] S3 usnjsvc;Usluga Messenger Sharing Folders USN Journal Reader;C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dd8b21c6-db09-11dc-85b0-000c6ea8a481}] \Shell\Auto\command - H:\setup.exe \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL setup.exe . Contents of the 'Scheduled Tasks' folder . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-09-16 17:31:26 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\ati2evxx.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\system32\ati2evxx.exe C:\WINDOWS\system32\WgaTray.exe C:\Program Files\Multimedia Mouse Driver\MouseDrv.exe . ************************************************************************ . Completion time: 2008-09-16 17:42:49 - machine was rebooted ComboFix-quarantined-files.txt 2008-09-16 15:42:03 ComboFix2.txt 2008-09-16 14:28:21 Pre-Run: 10,046,894,080 bytes free Post-Run: 10,033,197,056 bytes free 175 --- E O F --- 2008-08-14 12:32:03

Profil

dr_Bora Poslao: 16 Sep 2008 17:54 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ovo izgleda ok. Ukoliko ne postoji neki konkretan problem, uradi sledeće: Klikni START a zatim RUN U liniju za unos teksta ukucaj Combofix /u i klikni OK Sačekaj da se proces deinstalacije završi Gornja procedura će: Obrisati sledeće: ComboFix i njegove file-ove i foldere VundoFix Backups folder, ako postoji C:\Deckard folder, ako postoji C:\OtMoveIt folder, ako postoji Resetovati podešavanja sata na kompjuteru Sakriti ekstenzije file-ova, ako je potrebno Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno Resetovati System Restore I to bi onda bilo sve.

Profil

I NEED MONEY Poslao: 16 Sep 2008 18:02 Idi na vrh
offline I NEED MONEY Novi MyCity građanin Pridružio: 16 Avg 2008 Poruke: 23	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! e ziv bio...salim se hwala mnogo.pozz

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Kako da ocistim owo cudo

Ko je trenutno na forumu

Ukupno su 906 korisnika na forumu :: 29 registrovanih, 4 sakrivenih i 873 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Ben Roj, bojank, cikadeda, DragoslavS, ILGromovnik, Istman, ivicasimo, kybonacci, Lazarus, m0nstrum_, mikrimaus, Misirac, moldway, Ne doznajem se u oružje, nemkea71, Parker, royst33, saputnik plavetnila, Sir Budimir, slonic_tonic, sombrero, SR-3m, Srki94, Srle993, tubular, vaso1, Vlad000, wizzardone, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by