MyCity » Ambulanta -> Arhiva Ambulante » Zarazen sam

Zarazen sam

Napisano na dan: 2.11.2008

Zarazen sam

Sledeća strana

Pagination

Odgovori

AleX Poslao: 02 Nov 2008 23:20 Idi na vrh
offline AleX Građanin Pridružio: 20 Jul 2008 Poruke: 197	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ljudi, skinuo sam nesto i otvorim ga, ono pojavi se crn prozorcic te nestade. Probam da ga obrisem, ono nece, pise ovo . Avast mi je ovakve fajlove odmah prijavljivao, a ovog sam morao da skeniram sa CA, i reklo je da je sve u redu. Aha, evo i ovo: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:15:10, on 2.11.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\pmonsvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe C:\WINDOWS\system32\pmhk.exe C:\WINDOWS\Explorer.EXE C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\ASUS\GamerOSD\GamerOSD.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-6.0.1.33\QOELoader.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\DNA\btdna.exe C:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe C:\Program Files\CBS Software\SpeedConnect Internet Accelerator\ShowNetworkActivity.exe C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Toolbar\CAGlobal.exe C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Light\CAGlobalLight.exe D:\Program Files\eMule\emule.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\ntvdm.exe C:\DOCUME~1\Novica\LOCALS~1\Temp\iolowupd\SystemMechanic.exe C:\DOCUME~1\Novica\LOCALS~1\Temp\is-2FQH8.tmp\SystemMechanic.exe.tmp C:\Documents and Settings\Novica\Desktop\serial number for photo plus symbian.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Novica\Desktop\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.rs/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll O2 - BHO: metaspinner media GmbH - {12FC9A49-CFE0-49AA-BE9E-8F4EEAFC9443} - C:\PROGRA~1\YETISP~1\IEBUTT~1.DLL O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live pomagac za prijavljivanje - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: LPVideoPlugin - {9F2C20C1-43DB-4ED2-8B6A-3DBAFDBAB4A8} - C:\WINDOWS\system32\LPVideo.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O2 - BHO: CA Toolbar Helper - {FBF2401B-7447-4727-BE5D-C19B2075CA84} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Toolbar\CallingIDIE.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL O3 - Toolbar: CA Toolbar - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Toolbar\CallingIDIE.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe" O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe" O4 - HKLM\..\Run: [cafw] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl O4 - HKLM\..\Run: [capfasem] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe O4 - HKLM\..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe O4 - HKLM\..\Run: [QOELOADER] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-6.0.1.33\QOELoader.exe" O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Di dictionary] "C:\Program Files\Di recnik\Di.exe" O4 - HKLM\..\RunOnce: [LHTTSENG] RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSENG.inf, RemoveCabinet O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [SpeedConnectStartUp] C:\Program Files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe -run O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-725345543-362288127-839522115-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Administrator') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Pravoslavac 2008.lnk = C:\Program Files\Pravoslavac\Pravoslavac 2008.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Scheduler for OEM.lnk = C:\Program Files\honestech\honestech TVR\scheduleTV.exe O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Preuzmi odabrano Free Download Manager-om - file://C:\Program Files\Free Download Manager\dlselected.htm O8 - Extra context menu item: Preuzmi sa Free Download Managerom - file://C:\Program Files\Free Download Manager\dllink.htm O8 - Extra context menu item: Preuzmi sve sa Free Download Manager-om - file://C:\Program Files\Free Download Manager\dlall.htm O8 - Extra context menu item: Prevedi sa Di recnikom - C:\Program Files\Di recnik\diie.htm O8 - Extra context menu item: Send by Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm O8 - Extra context menu item: Send via &Message... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Objavi ovo u blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Objavi ovo u blogu u okviru usluge Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com/windowsupdate/v6/V.....2505351796 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Norton2009 Reset (.norton2009Reset) - Unknown owner - C:\Program Files\Norton2009Reset.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Profile Monitor (PMonSvc) - Salience Corporation - C:\WINDOWS\system32\pmonsvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe O23 - Service: Private Folder Service (prfldsvc) - Unknown owner - C:\Program Files\Microsoft Private Folder 1.0\PrfldSvc.exe O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009\RpcAgentSrv.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe -- End of file - 17611 bytes Pothitno mi treba pomoć. Hvala!

Profil

dr_Bora Poslao: 03 Nov 2008 18:57 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Privremeno isključi zaštitni softver. Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

AleX Poslao: 04 Nov 2008 17:17 Idi na vrh
offline AleX Građanin Pridružio: 20 Jul 2008 Poruke: 197	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-11-03.06 - Novica 2008-11-04 16:29:22.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1159 [GMT 1:00] Running from: c:\documents and settings\Novica\Desktop\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\AutoRun.inf . ((((((((((((((((((((((((( Files Created from 2008-10-04 to 2008-11-04 ))))))))))))))))))))))))))))))) . 2008-11-04 16:10 . 2008-11-04 16:10 <DIR> d-------- c:\program files\Metacafe 2008-11-04 16:10 . 2008-11-04 16:12 <DIR> d-------- c:\program files\Common Files\Akamai 2008-11-04 16:10 . 2008-11-04 16:29 <DIR> d-------- c:\documents and settings\Novica\Application Data\Metacafe 2008-11-04 16:10 . 2008-11-04 16:10 <DIR> d-------- c:\documents and settings\All Users\Application Data\Metacafe 2008-11-03 10:53 . 2007-12-10 13:53 81,288 --a------ c:\windows\system32\drivers\iksyssec.sys 2008-11-03 10:53 . 2007-12-10 13:53 66,952 --a------ c:\windows\system32\drivers\iksysflt.sys 2008-11-03 10:53 . 2008-02-01 11:55 42,376 --a------ c:\windows\system32\drivers\ikfilesec.sys 2008-11-03 10:53 . 2007-12-10 13:53 29,576 --a------ c:\windows\system32\drivers\kcom.sys 2008-11-03 10:52 . 2008-11-03 11:18 <DIR> d-------- c:\program files\Spyware Doctor 2008-11-03 10:52 . 2008-11-03 10:52 <DIR> d-------- c:\documents and settings\Novica\Application Data\PC Tools 2008-11-02 23:22 . 2008-11-02 23:22 <DIR> d-------- c:\program files\iolo 2008-11-02 22:55 . 2008-11-03 00:06 <DIR> d-------- c:\documents and settings\Novica\.housecall6.6 2008-11-02 22:36 . 2008-11-02 23:23 <DIR> d-------- c:\documents and settings\All Users\Application Data\iolo 2008-11-02 22:10 . 2008-11-03 00:06 <DIR> d-------- c:\program files\Di recnik 2008-11-02 22:10 . 2002-02-01 18:00 1,326,080 --a------ c:\windows\system32\vcl60.bpl 2008-11-02 22:10 . 2003-01-30 08:04 685,056 --a------ c:\windows\system32\rtl60.bpl 2008-11-02 22:10 . 2002-02-01 17:00 148,992 --a------ c:\windows\system32\adortl60.bpl 2008-11-02 15:31 . 2008-11-02 16:08 <DIR> d-------- c:\program files\NSS 2008-11-02 15:31 . 2006-08-29 15:56 32,377 --a------ c:\windows\system32\drivers\prodigy.sys 2008-11-02 14:32 . 2008-11-02 14:32 <DIR> d-------- c:\program files\ZIP PASSWORD FINDER 2008-11-02 14:32 . 2000-05-16 10:40 83,968 --a------ c:\windows\UnGins.exe 2008-11-02 14:28 . 2008-11-02 14:28 63 --a------ c:\windows\zip_crck.ini 2008-10-31 22:11 . 2008-10-31 22:11 287 --a------ c:\windows\game.ini 2008-10-31 19:51 . 2008-11-02 16:10 <DIR> d-------- c:\program files\DAEMON Tools Lite 2008-10-31 19:51 . 2008-10-31 19:51 <DIR> d-------- c:\documents and settings\Novica\Application Data\DAEMON Tools 2008-10-29 00:47 . 2008-10-29 00:47 2,688 --a------ c:\windows\system32\settings.aaw 2008-10-29 00:47 . 2008-10-29 00:47 1,232 --a------ c:\windows\system32\history.aaw 2008-10-28 23:04 . 2008-11-02 15:57 417 --a------ c:\windows\BsMobileModel.ini 2008-10-28 22:52 . 2008-11-02 21:34 <DIR> d-------- c:\program files\mIRC 2008-10-28 18:55 . 2008-10-28 19:02 <DIR> d-------- c:\program files\LCP 2008-10-28 18:31 . 2008-10-28 18:31 <DIR> d--h----- c:\windows\system32\GroupPolicy 2008-10-26 17:22 . 2008-10-26 17:22 <DIR> d-------- c:\program files\Bulk Rename Utility 2008-10-26 17:22 . 2008-10-26 17:22 <DIR> d-------- c:\documents and settings\All Users\Application Data\Tarma Installer 2008-10-20 08:25 . 2008-10-20 08:25 <DIR> d-------- c:\program files\Lavalys 2008-10-19 17:16 . 2008-10-19 17:16 <DIR> d-------- c:\documents and settings\Administrator\Application Data\ScanSoft 2008-10-19 17:14 . 2008-11-03 00:07 <DIR> d-------- c:\documents and settings\Administrator 2008-10-19 16:10 . 2008-10-19 16:10 <DIR> d-------- c:\windows\Sun 2008-10-19 14:13 . 2008-10-19 14:13 <DIR> d-------- c:\program files\Yetisports 2008-10-19 11:26 . 2008-10-19 11:27 <DIR> d-------- c:\program files\Micro DVD Player 2008-10-19 11:26 . 2008-10-19 11:26 53,248 --a------ c:\windows\system32\DivXAF.ax 2008-10-19 11:18 . 2008-10-19 11:21 <DIR> d-------- c:\program files\DivX 2008-10-19 11:17 . 2008-10-19 11:17 <DIR> d-------- c:\program files\XviD 2008-10-19 11:17 . 2008-10-19 11:17 <DIR> d-------- c:\program files\ffdshow 2008-10-19 11:17 . 2008-10-19 11:17 <DIR> d-------- c:\program files\AC3Filter 2008-10-19 11:16 . 2008-10-19 11:16 <DIR> d-------- c:\program files\Mv2Player 2008-10-19 10:50 . 1997-12-23 01:23 48,128 --a------ c:\windows\system32\wnaspi32.dll 2008-10-19 10:50 . 2004-07-19 23:41 16,512 --a------ c:\windows\system32\drivers\aspi32.BAK 2008-10-19 10:50 . 1997-12-23 01:23 5,600 --a------ c:\windows\system\winaspi.dll 2008-10-19 10:50 . 1997-12-23 01:23 4,672 --a------ c:\windows\system\wowpost.exe 2008-10-19 09:51 . 2008-10-19 09:51 <DIR> d-------- c:\documents and settings\Novica\Application Data\HP 2008-10-19 09:38 . 2008-10-19 09:38 <DIR> d-------- c:\documents and settings\Novica\Application Data\HPAppData 2008-10-19 09:38 . 2008-10-19 09:38 <DIR> d-------- c:\documents and settings\All Users\Application Data\HPSSUPPLY 2008-10-19 09:36 . 2008-10-19 09:36 <DIR> d-------- c:\documents and settings\All Users\Application Data\HP Product Assistant 2008-10-19 09:35 . 2008-10-19 09:35 <DIR> d-------- c:\program files\Hewlett-Packard 2008-10-19 09:31 . 2008-10-19 09:43 141,136 --a------ c:\windows\hpoins14.dat 2008-10-19 09:31 . 2007-09-20 02:14 2,000 --------- c:\windows\hpomdl14.dat 2008-10-19 09:30 . 2008-10-19 09:30 <DIR> d-------- c:\documents and settings\Novica\Application Data\ScanSoft 2008-10-19 09:30 . 2008-10-19 09:30 430 --a------ c:\windows\MAXLINK.INI 2008-10-19 09:29 . 2008-10-19 09:29 <DIR> d-------- c:\program files\Common Files\Scansoft Shared 2008-10-19 09:29 . 2008-10-19 09:30 <DIR> d-------- c:\documents and settings\All Users\Application Data\ScanSoft 2008-10-19 09:28 . 2008-10-19 09:28 <DIR> d-------- c:\program files\ScanSoft 2008-10-19 00:45 . 2004-02-26 23:00 962,612 --a------ c:\windows\system32\mfc42d.dll 2008-10-19 00:45 . 2004-02-16 23:00 434,252 --a------ c:\windows\system32\MSVCRTD.DLL 2008-10-19 00:25 . 2008-10-19 00:25 <DIR> d-------- c:\program files\SiSoftware 2008-10-18 23:39 . 2008-10-18 23:39 <DIR> dr------- c:\windows\AsDmiHtm 2008-10-18 18:22 . 2004-08-03 23:56 21,504 --a------ c:\windows\system32\hidserv.dll 2008-10-18 18:22 . 2004-08-03 23:56 21,504 --a--c--- c:\windows\system32\dllcache\hidserv.dll 2008-10-18 18:22 . 2004-08-03 21:58 14,848 --a------ c:\windows\system32\drivers\kbdhid.sys 2008-10-18 18:22 . 2004-08-03 21:58 14,848 --a--c--- c:\windows\system32\dllcache\kbdhid.sys 2008-10-18 18:22 . 2001-08-17 12:48 12,160 --a------ c:\windows\system32\drivers\mouhid.sys 2008-10-18 18:22 . 2001-08-17 12:48 12,160 --a--c--- c:\windows\system32\dllcache\mouhid.sys 2008-10-18 18:22 . 2001-08-17 13:02 9,600 --a------ c:\windows\system32\drivers\hidusb.sys 2008-10-18 18:22 . 2001-08-17 13:02 9,600 --a--c--- c:\windows\system32\dllcache\hidusb.sys 2008-10-18 14:10 . 2008-10-28 23:04 <DIR> d-------- c:\windows\system32\ivtMobCache 2008-10-18 13:29 . 2008-02-22 12:30 334,792 --a------ c:\windows\system32\_AxShlEx.dll 2008-10-18 13:26 . 2008-10-18 13:26 <DIR> d-------- c:\program files\Alcohol Soft 2008-10-18 12:11 . 2008-10-18 12:11 <DIR> d-------- c:\documents and settings\All Users\Application Data\OptiTex 2008-10-18 12:08 . 2008-10-18 12:08 <DIR> d-------- c:\program files\DAZ 2008-10-18 12:08 . 2008-10-18 12:08 <DIR> d-------- c:\program files\Common Files\DAZ 2008-10-17 20:56 . 2008-10-17 20:56 <DIR> d-------- c:\program files\A4MenuBuilder 2008-10-17 20:51 . 2008-10-17 20:51 <DIR> d--hs---- c:\windows\ftpcache 2008-10-15 18:47 . 2008-08-14 11:00 2,180,352 -----c--- c:\windows\system32\dllcache\ntoskrnl.exe 2008-10-15 18:47 . 2008-08-14 10:58 2,136,064 -----c--- c:\windows\system32\dllcache\ntkrnlmp.exe 2008-10-15 18:47 . 2008-08-14 10:22 2,057,728 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe 2008-10-15 18:47 . 2008-08-14 10:22 2,015,744 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe 2008-10-12 21:22 . 2008-10-12 21:22 <DIR> d-------- c:\program files\Adobe Media Player 2008-10-12 21:20 . 2008-10-12 21:20 <DIR> d-------- c:\program files\Common Files\Adobe AIR 2008-10-12 10:33 . 2004-09-29 21:36 15,360 --a------ c:\windows\system32\drivers\NetMotCM.sys 2008-10-12 10:21 . 2008-10-12 10:21 268 --ah----- C:\sqmdata04.sqm 2008-10-12 10:21 . 2008-10-12 10:21 244 --ah----- C:\sqmnoopt04.sqm 2008-10-12 10:18 . 2008-10-12 10:18 268 --ah----- C:\sqmdata03.sqm 2008-10-12 10:18 . 2008-10-12 10:18 244 --ah----- C:\sqmnoopt03.sqm 2008-10-11 23:35 . 2008-11-03 00:06 <DIR> d-------- c:\windows\lhsp 2008-10-11 23:34 . 2008-10-11 23:34 <DIR> d-------- c:\program files\AdSa Software Development 2008-10-11 22:59 . 2008-10-25 17:56 <DIR> d-------- c:\documents and settings\Novica\Contacts 2008-10-11 21:50 . 2008-11-04 15:44 442,772 --a------ c:\windows\system32\drivers\kmxcfg.u2k0 2008-10-11 21:50 . 2008-11-04 15:44 64 --a------ c:\windows\system32\drivers\kmxcfg.u2k7 2008-10-11 21:50 . 2008-11-04 15:44 64 --a------ c:\windows\system32\drivers\kmxcfg.u2k6 2008-10-11 21:50 . 2008-11-04 15:44 64 --a------ c:\windows\system32\drivers\kmxcfg.u2k5 2008-10-11 21:50 . 2008-11-04 15:44 64 --a------ c:\windows\system32\drivers\kmxcfg.u2k4 2008-10-11 21:50 . 2008-11-04 15:44 64 --a------ c:\windows\system32\drivers\kmxcfg.u2k3 2008-10-11 21:50 . 2008-11-04 15:44 64 --a------ c:\windows\system32\drivers\kmxcfg.u2k2 2008-10-11 21:50 . 2008-11-04 15:44 64 --a------ c:\windows\system32\drivers\kmxcfg.u2k1 2008-10-11 21:21 . 2008-10-11 21:21 <DIR> d-------- c:\program files\Common Files\Scanner 2008-10-11 21:21 . 2008-08-27 17:44 250,544 --a------ c:\windows\system32\KeyHelp.ocx 2008-10-11 20:51 . 2008-11-03 10:39 <DIR> d-------- c:\documents and settings\Novica\Application Data\CallingID 2008-10-11 20:31 . 2008-11-03 01:26 <DIR> d-------- c:\windows\CAVTemp 2008-10-11 20:15 . 2008-10-11 21:25 <DIR> d-------- c:\documents and settings\Novica\Application Data\GetRightToGo 2008-10-11 19:38 . 2008-10-11 20:36 <DIR> d-------- c:\program files\CA 2008-10-11 19:38 . 2008-10-11 21:21 <DIR> d-------- c:\documents and settings\All Users\Application Data\CA 2008-10-11 19:38 . 2008-08-30 14:14 99,568 --a------ c:\windows\system32\ISafeIf.1 2008-10-11 19:38 . 2008-08-30 14:14 83,256 --a------ c:\windows\system32\VetRedir.1 2008-10-11 19:38 . 2008-08-30 14:14 26,352 --a------ c:\windows\system32\drivers\Vet-Filt.1 2008-10-11 19:38 . 2008-08-30 14:14 21,104 --a------ c:\windows\system32\drivers\Vet-Rec.1 2008-10-10 15:54 . 2008-10-10 15:54 <DIR> d-------- c:\documents and settings\Novica\Application Data\Sibelius Software 2008-10-10 15:54 . 2008-10-10 15:54 <DIR> d-------- c:\documents and settings\All Users\Application Data\Musicnotes 2008-10-10 15:36 . 2008-10-10 15:36 <DIR> d-------- c:\program files\Sibelius Software 2008-10-08 22:56 . 2008-10-08 22:57 <DIR> d-------- c:\program files\Microsoft Web Designer Tools 2008-10-08 22:56 . 2008-10-08 22:56 <DIR> dr-h----- C:\MSOCache 2008-10-08 21:49 . 2008-10-08 21:50 <DIR> d-------- c:\program files\Common Files\Merge Modules 2008-10-08 20:56 . 2008-07-10 16:28 79,896 --a------ c:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.0.1600.22.dll 2008-10-08 20:56 . 2008-07-10 16:28 50,200 --a------ c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll 2008-10-08 20:55 . 2008-10-08 20:55 <DIR> d-------- c:\windows\system32\RsFx 2008-10-08 20:37 . 2008-10-08 20:37 <DIR> d-------- c:\program files\Microsoft Synchronization Services 2008-10-08 20:37 . 2008-10-08 20:55 <DIR> d-------- c:\program files\Microsoft SQL Server . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-11-04 15:29 --------- d-----w c:\documents and settings\Novica\Application Data\DNA 2008-11-04 15:20 196,608 ----a-w c:\windows\system32\drivers\nStandard.bin 2008-11-03 11:51 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2008-11-03 09:45 --------- d-----w c:\program files\Winamp 2008-11-03 09:35 --------- d-----w c:\documents and settings\Novica\Application Data\BitTorrent 2008-11-03 09:24 --------- d-----w c:\documents and settings\Novica\Application Data\tazti 2008-11-03 00:53 --------- d--h--w c:\program files\InstallShield Installation Information 2008-11-02 22:27 --------- d-----w c:\documents and settings\Novica\Application Data\Free Download Manager 2008-11-02 21:00 --------- d-----w c:\documents and settings\Novica\Application Data\Skype 2008-11-02 20:52 --------- d-----w c:\documents and settings\Novica\Application Data\skypePM 2008-11-02 15:14 --------- d-----w c:\program files\Software Informer 2008-11-02 15:14 --------- d-----w c:\program files\Alawar 2008-11-02 15:13 --------- d-----w c:\program files\Common Files\Wise Installation Wizard 2008-11-02 13:28 --------- d-----w c:\program files\Information Packaging 2008-11-01 13:38 --------- d-----w c:\program files\Counter-Strike 1.6 2008-10-31 19:35 22,328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys 2008-10-31 19:35 22,328 ----a-w c:\documents and settings\Novica\Application Data\PnkBstrK.sys 2008-10-31 19:34 66,872 ----a-w c:\windows\system32\PnkBstrA.exe 2008-10-31 19:34 2,250,024 ----a-w c:\windows\system32\pbsvc.exe 2008-10-31 19:34 107,832 ----a-w c:\windows\system32\PnkBstrB.exe 2008-10-31 19:31 --------- d-----w c:\program files\Ubisoft 2008-10-19 09:50 --------- d-----w c:\program files\CyberLink 2008-10-19 08:41 --------- d-----w c:\documents and settings\Novica\Application Data\Azureus 2008-10-19 08:38 --------- d-----w c:\program files\HP 2008-10-19 08:36 --------- d-----w c:\documents and settings\All Users\Application Data\HP 2008-10-18 23:45 --------- d-----w c:\program files\ASUS 2008-10-18 08:49 716,272 ----a-w c:\windows\system32\drivers\sptd.sys 2008-10-12 20:24 --------- d-----w c:\program files\Common Files\Adobe 2008-10-10 14:46 --------- d-----w c:\program files\QuickTime 2008-10-08 19:53 --------- d-----w c:\program files\Microsoft.NET 2008-10-08 19:37 --------- d-----w c:\program files\Microsoft SQL Server Compact Edition 2008-10-03 15:13 --------- d-----w c:\program files\Team JPN 2008-10-03 12:17 --------- d-----w c:\program files\STARWARS_TheBattleOfEndor_v21 2008-10-03 12:17 --------- d-----w c:\program files\ClickCorps 2008-10-03 10:28 --------- d-----w c:\program files\YouTube Downloader 2008-10-01 19:40 --------- d-----w c:\program files\FlashFXP 2008-10-01 19:40 --------- d-----w c:\documents and settings\All Users\Application Data\FlashFXP 2008-10-01 16:43 --------- d-----w c:\documents and settings\All Users\Application Data\InstallShield 2008-10-01 16:35 --------- d-----w c:\documents and settings\All Users\Application Data\FLEXnet 2008-10-01 16:33 --------- d-----w c:\program files\Common Files\InstallShield 2008-10-01 16:29 --------- d-----w c:\program files\Bonjour 2008-10-01 16:24 --------- d-----w c:\program files\Common Files\Macrovision Shared 2008-10-01 16:19 --------- d-----w c:\program files\xyr0x Security 2008-10-01 16:03 --------- d-----w c:\program files\CUEcards 2000 2008-09-28 14:50 --------- d-----w c:\documents and settings\Novica\Application Data\funkitron 2008-09-28 12:03 --------- d-----w c:\program files\Free Download Manager 2008-09-28 12:03 --------- d-----w c:\documents and settings\All Users\Application Data\FreeDownloadManager.ORG 2008-09-28 11:41 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft 2008-09-28 11:37 --------- d-----w c:\program files\Lavasoft 2008-09-27 22:57 --------- d-----w c:\documents and settings\All Users\Application Data\Oberon Media 2008-09-27 09:10 --------- d-----w c:\program files\Windows Live 2008-09-27 08:56 --------- dcsh--w c:\program files\Common Files\WindowsLiveInstaller 2008-09-27 08:55 --------- d-----w c:\documents and settings\All Users\Application Data\WLInstaller 2008-09-27 08:44 --------- d-----w c:\program files\Skype 2008-09-27 08:44 --------- d-----w c:\program files\Common Files\Skype 2008-09-27 08:44 --------- d-----w c:\documents and settings\All Users\Application Data\Skype 2008-09-26 18:10 --------- d-----w c:\program files\Microsoft Private Folder 1.0 2008-09-24 16:19 --------- d-----w c:\program files\vanBasco's Karaoke Player 2008-09-24 15:27 --------- d-----w c:\program files\CBS Software 2008-09-20 13:12 --------- d-----w c:\documents and settings\Novica\Application Data\AdobeUM 2008-09-20 12:25 --------- d-----w c:\program files\IVT Corporation 2008-09-20 11:44 --------- d-----w c:\documents and settings\All Users\Application Data\MakeMusic 2008-09-20 11:40 --------- d-----w c:\documents and settings\Novica\Application Data\DVD2AVI Ripper 2008-09-20 10:54 --------- d-----w c:\program files\Finale 2005 2008-09-20 10:53 --------- d-----w c:\program files\Finale Performance Assessment 2008-09-20 10:49 --------- d-----w c:\program files\DVD2AVI Ripper 2008-09-20 10:24 --------- d-----w c:\documents and settings\Novica\Application Data\CyberLink 2008-09-20 08:34 --------- d-----w c:\program files\Vuze 2008-09-20 08:34 --------- d-----w c:\program files\AskSBar 2008-09-20 08:34 --------- d-----w c:\documents and settings\All Users\Application Data\Azureus 2008-09-20 06:22 --------- d-----w c:\program files\GameSpy 2008-09-20 06:08 --------- d-----w c:\program files\Electronic Arts 2008-09-20 05:30 --------- d-----w c:\program files\Screaming Bee 2008-09-20 05:29 --------- d-----w c:\program files\Voicent 2008-09-20 05:24 --------- d-----w c:\program files\Java 2008-09-20 05:24 --------- d-----w c:\program files\Common Files\Java 2008-09-20 05:23 --------- d-----w c:\documents and settings\Novica\Application Data\InstallShield Installation Information 2008-09-20 05:14 --------- d-----w c:\program files\Unreal Tournament 3 2008-09-20 05:13 --------- d-----w c:\program files\AGEIA Technologies 2008-09-19 18:07 796,672 ----a-w c:\windows\GPInstall.exe 2008-09-19 18:07 --------- d-----w c:\program files\www.research-lab.com 2008-09-19 18:05 --------- d-----w c:\program files\ABC 3GP Converter 2008-09-19 18:05 --------- d-----w c:\documents and settings\All Users\Application Data\VOWSoft 2008-09-19 16:37 --------- d-----w c:\program files\Your Company Name 2008-09-19 16:06 --------- d-----w c:\program files\DNA 2008-09-19 16:06 --------- d-----w c:\program files\BitTorrent 2008-09-18 22:23 --------- d-----w c:\program files\WinFlip 2008-09-18 22:23 --------- d-----w c:\program files\VistaDriveIcon 2008-09-18 22:23 --------- d-----w c:\program files\TrueTransparency 2008-09-18 22:23 --------- d-----w c:\program files\Thoosje Sidebar V2.3 2008-09-18 22:23 --------- d-----w c:\program files\Styler 2008-09-18 22:23 --------- d-----w c:\program files\Blaero Start Orb 2008-09-18 21:13 --------- d-----w c:\program files\Google 2008-09-18 18:25 --------- d-----w c:\program files\EA GAMES 2008-09-18 15:19 --------- d-----w c:\program files\SEGA 2008-09-17 14:21 --------- d-----w c:\documents and settings\Novica\Application Data\My Battle for Middle-earth(tm) II Files 2008-09-17 13:16 549,159 --sha-r c:\program files\Norton2009Reset.exe 2008-09-17 00:32 --------- d-----w c:\documents and settings\All Users\Application Data\WEBREG 2008-09-17 00:31 --------- d-----w c:\program files\Alwil Software 2008-09-17 00:31 --------- d-----w c:\documents and settings\All Users\Application Data\Avg7 2008-09-10 11:49 5,817,064 ----a-w c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-10 68856] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-09-19 289088] "SpeedConnectStartUp"="c:\program files\CBS Software\SpeedConnect Internet Accelerator\SpeedConnectStartUp.exe" [2008-08-18 565760] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208] "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-10-18 4608] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-16 8491008] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-16 81920] "ASUSGamerOSD"="c:\program files\ASUS\GamerOSD\GamerOSD.exe" [2007-09-13 380928] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624] "BtTray"="c:\program files\IVT Corporation\BlueSoleil\BtTray.exe" [2008-08-04 226816] "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048] "cctray"="c:\program files\CA\CA Internet Security Suite\cctray\cctray.exe" [2008-10-11 247024] "cafw"="c:\program files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe" [2008-08-28 771312] "capfasem"="c:\program files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe" [2008-08-28 173296] "capfupgrade"="c:\program files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe" [2008-08-28 259312] "QOELOADER"="c:\program files\CA\CA Internet Security Suite\CA Anti-Spam\QSP-6.0.1.33\QOELoader.exe" [2008-10-11 14088] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008] "nwiz"="nwiz.exe" [2007-09-16 c:\windows\system32\nwiz.exe] "RTHDCPL"="RTHDCPL.EXE" [2007-09-27 c:\windows\RTHDCPL.exe] "SkyTel"="SkyTel.EXE" [2007-08-03 c:\windows\SkyTel.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] c:\documents and settings\Novica\Start Menu\Programs\Startup\ Metacafe.lnk - c:\program files\Metacafe\MetacafeAgent.exe [2008-06-29 145736] c:\documents and settings\All Users\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 210520] Metacafe.lnk - c:\program files\Metacafe\MetacafeAgent.exe [2008-06-29 145736] Scheduler for OEM.lnk - c:\program files\honestech\honestech TVR\scheduleTV.exe [2008-09-16 307200] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "AllowMultipleTSSessions"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "EnableShellExecuteHooks"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{1869181A-9F50-4FCF-8BFF-1B8588ECB85C}"= "c:\program files\CA\CA Internet Security Suite\CA Website Inspector\LinkAdvisor\CIDLinkAdvisor.dll" [2008-07-23 1377720] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\PFW] 2007-05-18 13:30 79368 c:\windows\system32\UmxWNP.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.ACDV"= ACDV.dll "vidc.ffds"= c:\progra~1\ffdshow\ffdshow.ax [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2001-07-09 09:50 155648 c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OP14 Reminder] -ra------ 2003-07-07 09:29 729088 c:\program files\ScanSoft\OmniPagePro14.0\EregEng\Ereg.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Opware14] --a------ 2003-10-29 01:33 57344 c:\program files\ScanSoft\OmniPagePro14.0\opware14.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2006-09-01 14:57 282624 c:\program files\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WorkFlowTray] --a------ 2003-10-29 01:34 139363 c:\program files\ScanSoft\OmniPagePro14.0\WorkFlowTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\CA Personal Firewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-725345543-362288127-839522115-1005] "EnableNotificationsRef"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"= "c:\\Program Files\\SEGA\\Iron Man\\IronMan.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "c:\\Program Files\\Counter-Strike 1.6\\hl.exe"= "c:\\Program Files\\Unreal Tournament 3\\Binaries\\UT3.exe"= "c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"= "c:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Vuze\\Azureus.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"= "d:\\Program Files\\eMule\\emule.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\Free Download Manager\\fdm.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\FlashFXP\\FlashFXP.exe"= "c:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Internet Security 2009\\english\\setup.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "9420:TCP"= 9420:TCP:Akamai NetSession Interface "5000:UDP"= 5000:UDP:Akamai NetSession Interface R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\Drivers\BtHidBus.sys [2008-07-31 20616] R0 KmxStart;KmxStart;c:\windows\system32\DRIVERS\kmxstart.sys [2008-03-19 93712] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-07-19 78416] R1 KmxAgent;KmxAgent;c:\windows\system32\DRIVERS\kmxagent.sys [2008-03-21 63504] R1 KmxFile;KmxFile;c:\windows\system32\DRIVERS\KmxFile.sys [2008-03-21 45584] R1 KmxFw;KmxFw;c:\windows\system32\DRIVERS\kmxfw.sys [2008-03-19 115216] R2 713xTVCard;SAA7130 TV Card;c:\windows\system32\DRIVERS\SAA713x.sys [2006-05-20 289280] R2 adfs;adfs;c:\windows\system32\drivers\adfs.sys [2008-08-14 74720] R2 Akamai;Akamai;c:\windows\System32\svchost.exe [2004-08-04 14336] R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560] R2 BlueSoleilCS;BlueSoleilCS;c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2008-09-20 775168] R2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-08-01 143467] R2 KmxCF;KmxCF;c:\windows\system32\DRIVERS\KmxCF.sys [2008-06-04 134648] R2 KmxSbx;KmxSbx;c:\windows\system32\DRIVERS\KmxSbx.sys [2008-03-21 66576] R2 PMonSvc;Profile Monitor;c:\windows\system32\pmonsvc.exe [2008-09-16 38152] R2 Prvflder;Prvflder;c:\windows\system32\DRIVERS\prvflder.sys [2006-04-21 70912] R2 UmxAgent;HIPS Event Manager;c:\program files\CA\SharedComponents\HIPSEngine\UmxAgent.exe [2007-10-18 1010192] R2 UmxCfg;HIPS Configuration Interpreter;c:\program files\CA\SharedComponents\HIPSEngine\UmxCfg.exe [2007-10-18 801296] R2 UmxPol;HIPS Policy Manager;c:\program files\CA\SharedComponents\HIPSEngine\UmxPol.exe [2008-04-15 281104] R2 WDMTVTuner;Universal WDM TV Tuner;c:\windows\system32\drivers\WDMTuner.sys [2006-05-20 26880] R3 asusgsb;ASUS Virtual Video Capture Device Driver;c:\windows\system32\drivers\asusgsb.sys [2007-09-13 12416] R3 BsHelpCS;BsHelpCS;c:\program files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2008-08-01 69735] R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2008-07-02 26248] R3 KmxCfg;KmxCfg;c:\windows\system32\DRIVERS\kmxcfg.sys [2008-05-30 88816] R3 PPCtlPriv;PPCtlPriv;c:\program files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe [2008-08-27 185584] R3 Video3D;ASUS Video3D Service;c:\windows\system32\Drivers\Video3D32.sys [2007-09-13 10752] S2 .norton2009Reset;Norton2009 Reset;c:\program files\Norton2009Reset.exe [2008-09-17 549159] S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2009\RpcAgentSrv.exe [2008-09-08 98488] S3 usnjsvc;Usluga Messenger Sharing Folders USN Journal Reader;c:\program files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 47128] S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc Akamai REG_MULTI_SZ Akamai Newly Created Service - AKAMAI Newly Created Service - CATCHME Newly Created Service - PROCEXP90 . Contents of the 'Scheduled Tasks' folder 2008-10-11 c:\windows\Tasks\CAAntiSpywareScan_Daily as Novica at 22 21.job - c:\program files\CA\CA Internet Security Suite\CA Anti-Spyware\CAAntiSpyware.exe [2008-08-27 17:44] . - - - - ORPHANS REMOVED - - - - HKCU-Run-fsm - (no file) MSConfigStartUp-WinampAgent - c:\program files\Winamp\winampa.exe . ------- Supplementary Scan ------- . FireFox -: Profile - c:\documents and settings\Novica\Application Data\Mozilla\Firefox\Profiles\tht07wbr.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://google.rs/ FF -: plugin - c:\program files\Adobe\Acrobat 6.0\Reader\browser\nppdf32.dll FF -: plugin - c:\program files\DNA\plugins\npbtdna.dll FF -: plugin - c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.1.0.30716.0.dll FF -: plugin - c:\program files\Microsoft Silverlight\2.0.31005.0\npctrl.dll FF -: plugin - c:\program files\Mozilla Firefox\plugins\npbittorrent.dll FF -: plugin - c:\program files\Mozilla Firefox\plugins\npmusicn.dll FF -: plugin - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-11-04 16:31:42 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Akamai] "ServiceDll"="C:/Program Files/Common Files/Akamai/rswin_3447.dll" [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Akamai] "ServiceDll"="C:/Program Files/Common Files/Akamai/rswin_3447.dll" . Completion time: 2008-11-04 16:33:09 ComboFix-quarantined-files.txt 2008-11-04 15:32:58 Pre-Run: 38.290.202.624 bytes free Post-Run: 38,312,177,664 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer 426 --- E O F --- 2008-10-28 23:47:11

Profil

dr_Bora Poslao: 04 Nov 2008 21:56 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! 1. Jesi li uspeo da obrišeš taj ''problematični'' file? 2. Da li ti je poznat ovaj program: c:\program files\Norton2009Reset.exe

Profil

AleX Poslao: 04 Nov 2008 22:13 Idi na vrh
offline AleX Građanin Pridružio: 20 Jul 2008 Poruke: 197	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Problematični fajl sam uspeo da obrišem u safe mode-u. Šta će ovde norton kad sam ga uninstalirao pre mesec dana?

Profil

dr_Bora Poslao: 04 Nov 2008 22:21 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ostaci... Start > Run i ukucaj cmd U prozoru koji se otvori ukucaj: sc delete .norton2009Reset Nakon toga obriši: c:\program files\Norton2009Reset.exe ----------------------------------------------- Na kraju uradi i sledeće: Klikni START a zatim RUN U liniju za unos teksta ukucaj Combofix /u i klikni OK Sačekaj da se proces deinstalacije završi Gornja procedura će: Obrisati sledeće: ComboFix i njegove file-ove i foldere VundoFix Backups folder, ako postoji C:\Deckard folder, ako postoji C:\OtMoveIt folder, ako postoji Resetovati podešavanja sata na kompjuteru Sakriti ekstenzije file-ova, ako je potrebno Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno Resetovati System Restore To je sve.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Zarazen sam

Ko je trenutno na forumu

Ukupno su 1097 korisnika na forumu :: 54 registrovanih, 5 sakrivenih i 1038 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: _Rade, A.R.Chafee.Jr., babaroga, bojank, Boris Bosiljčić, BORUTUS, ccoogg123, debeli, djboj, doklevise, DonRumataEstorski, elenemste, flash12, FOX, gmlale, goxin, havoc995, HrcAk47, hyla, Ilija Cvorovic, JimmyNapoli, JOntra, Karla, Krvava Devetka, ksyyaj, Kubovac, kunktator, laki_bb, Magistar78, MaksicZoran, Marko Marković, MB120mm, Mi lao shu, mile09, Milometer, mkukoleca, nuke92, ozzy, panonski mornar, Parker, RJ, robert1979, ruger357, sasa76, sasakrajina, Smiljke, Stefan M, Sumadija34, suton, Vlada1389, wolverined4, zdrebac, zziko, Živković

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by