MyCity » Ambulanta -> Arhiva Ambulante » virus?

virus?

Napisano na dan: 17.2.2007
2

virus?
Pagination Prethodna strana
Sledeća strana Pagination

Idi na vrh

Poslao: 18 Feb 2007 13:23
Idi na vrh
offline
  • Pridružio: 17 Feb 2007
  • Poruke: 17

Javlja mi da je rec "Eigene" pogresno napisana ili konnte nicht gefunden werden.



Poslao: 18 Feb 2007 13:29
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Probaj onda sledece u konzoli:

cd "C:\Dokumente und Einstellungen\mujo\"
dir /x c:\log.txt



Poslao: 18 Feb 2007 13:46
Idi na vrh
offline
  • Pridružio: 17 Feb 2007
  • Poruke: 17

Datei nicht gefunden??

Poslao: 18 Feb 2007 14:08
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Startuj ponovo HijackThis, pa uradi skeniranje.
Stikliraj polja ispred sledecih linija:

R3 - URLSearchHook: (no name) - {DFC28434-698B-3102-A4AB-6D1335DE6CC5} - C:\WINDOWS\system32\chypxjhm.dll
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O4 - HKCU\..\Run: [Cyjbj] C:\Dokumente und Einstellungen\mujo\Eigene Dateien\?ecurity\?poolsv.exe
O4 - HKCU\..\Run: [Tute] "C:\WINDOWS\system32\ASKS~1\mmc.exe" -vt yazb

Klikni Fix Checked

Restartuj komp i napravi sve HJT log, pa da vidimo sta se desava.

Poslao: 18 Feb 2007 14:29
Idi na vrh
offline
  • Pridružio: 17 Feb 2007
  • Poruke: 17

Logfile of HijackThis v1.99.1
Scan saved at 14:22:51, on 18.02.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Winamp\Winampa.exe
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
C:\Programme\OSD\OSD.EXE
C:\Programme\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programme\T-Mobile\Communication Center\AutoUpdateSrv.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\Dokumente und Einstellungen\mujo\Eigene Dateien\?ecurity\?poolsv.exe
C:\Programme\CyberLink\Power2Go\Power2GoExpress.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\T-Mobile\Communication Center\Wilog.exe
C:\Programme\T-Mobile\Communication Center\WilogSrv.exe
C:\Programme\T-Mobile\Communication Center\AlicePhoneSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Dokumente und Einstellungen\mujo\Desktop\Neuer Ordner\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Link mogu videti samo ulogovani korisnici]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [Link mogu videti samo ulogovani korisnici]
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {DFC28434-698B-3102-A4AB-6D1335DE6CC5} - C:\WINDOWS\system32\chypxjhm.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Programme\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RestoreIT!] "C:\Programme\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [OSD] C:\Programme\OSD\OSD.EXE
O4 - HKLM\..\Run: [OpwareSE2] "C:\Programme\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [OPSE reminder] "C:\Programme\ScanSoft\OmniPageSE2.0\EregGer\Ereg.exe" -r "C:\Programme\ScanSoft\OmniPageSE2.0\EregGer\ereg.ini"
O4 - HKLM\..\Run: [MMTray] C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Connect Update Agent] "C:\Programme\T-Mobile\Communication Center\AutoUpdateSrv.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Power2GoExpress] "C:\Programme\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AliceConnect] C:\Programme\T-Mobile\Communication Center\Wilog.exe
O8 - Extra context menu item: &Windows Live Search - [Link mogu videti samo ulogovani korisnici]\Programme\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O17 - HKLM\System\CCS\Services\Tcpip\..\{CC2C2B05-20F7-4995-A126-099CF56B5FF9}: NameServer = 213.162.65.1 213.162.65.2
O18 - Protocol: ebk - {1E411CE8-FE8B-4973-B8E0-6EA2CC3C6B06} - C:\WINDOWS\system32\ebkp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: t-mobile - {C6D89159-3467-4C2F-9918-3362DA57BCD2} - C:\PROGRA~1\T-Mobile\HOTSPO~2\TMOBIL~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Phoenix VCD Service (PhnxVCDService) - Phoenix Technologies Ltd. - C:\WINDOWS\system32\PhnxCDSvr.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

Poslao: 18 Feb 2007 14:43
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Skini Ewido micro (8Mb) :
[Link mogu videti samo ulogovani korisnici]

Kako se radi sa Ewido micro:
- na prvom ekranu odaberi sve particije (štikliraj polja ispred njih)
- klikni na dugme Start Scan
- nakon završenog skeniranja klikni na Save Report i snimi log fajl na sigurno mesto
- klikni na Remove Infections
- iskopiraj nam ovde sadržaj log fajla koji je malopre snimljen

Nakon skeniranja sa Ewidom i postavljanja log fajla, postavi nam i svez log programa HijackThis.

Poslao: 19 Feb 2007 04:29
Idi na vrh
offline
  • Pridružio: 17 Feb 2007
  • Poruke: 17

__________________________________________________
ewido anti-spyware online scanner
http://www.ewido.net
__________________________________________________


Name: TrackingCookie.Yieldmanager
Path: C:\Dokumente und Einstellungen\mujo\Cookies\mujo@ad.yieldmanager[1].txt
Risk: Medium

Name: TrackingCookie.Falkag
Path: C:\Dokumente und Einstellungen\mujo\Cookies\mujo@as1.falkag[1].txt
Risk: Medium

Name: TrackingCookie.Atdmt
Path: C:\Dokumente und Einstellungen\mujo\Cookies\mujo@atdmt[2].txt
Risk: Medium

Name: TrackingCookie.Bluestreak
Path: C:\Dokumente und Einstellungen\mujo\Cookies\mujo@bluestreak[1].txt
Risk: Medium

Name: TrackingCookie.Doubleclick
Path: C:\Dokumente und Einstellungen\mujo\Cookies\mujo@doubleclick[1].txt
Risk: Medium

Name: TrackingCookie.2o7
Path: C:\Dokumente und Einstellungen\mujo\Cookies\mujo@ford.112.2o7[1].txt
Risk: Medium

Name: TrackingCookie.Masterstats
Path: C:\Dokumente und Einstellungen\mujo\Cookies\mujo@image.masterstats[1].txt
Risk: Medium

Name: TrackingCookie.2o7
Path: C:\Dokumente und Einstellungen\mujo\Cookies\mujo@msnportal.112.2o7[1].txt
Risk: Medium

Name: TrackingCookie.Oewabox
Path: C:\Dokumente und Einstellungen\mujo\Cookies\mujo@oewabox[1].txt
Risk: Medium

Name: TrackingCookie.Questionmarket
Path: C:\Dokumente und Einstellungen\mujo\Cookies\mujo@questionmarket[2].txt
Risk: Medium

Name: TrackingCookie.Yadro
Path: C:\Dokumente und Einstellungen\mujo\Cookies\mujo@yadro[1].txt
Risk: Medium

Name: Adware.PurityScan
Path: [2872] C:\WINDOWS\system32\chypxjhm.dll
Risk: Medium

Name: Adware.PurityScan
Path: [3268] C:\Dokumente und Einstellungen\mujo\Eigene Dateien\ѕecurity\ѕpoolsv.exe
Risk: Medium

Name: Adware.PurityScan
Path: C:\Dokumente und Einstellungen\mujo\Eigene Dateien\ѕecurity\ѕpoolsv.exe
Risk: Medium

Name: Downloader.PurityScan.co
Path: C:\Dokumente und Einstellungen\mujo\Lokale Einstellungen\Temporary Internet Files\Content.IE5\214BU7WZ\!update-4295[1].0000
Risk: High

Name: Adware.ClickSpring
Path: C:\Programme\Gemeinsame Dateien\Y1220OU.exe
Risk: Medium

Name: Adware.Ucmore
Path: C:\System Volume Information\_restore{94FEE2F5-FDE5-431D-9105-EEE161123AE0}\RP78\A0021059.lnk
Risk: Medium

Name: Adware.Ucmore
Path: C:\System Volume Information\_restore{94FEE2F5-FDE5-431D-9105-EEE161123AE0}\RP78\A0021061.lnk
Risk: Medium

Name: Adware.PurityScan
Path: C:\WINDOWS\system32\chypxjhm.dll
Risk: Medium

Name: Trojan.Small
Path: C:\WINDOWS\system32\wintcc.exe
Risk: High

Dopuna: 19 Feb 2007 4:29

Logfile of HijackThis v1.99.1
Scan saved at 04:32:34, on 19.02.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Winamp\Winampa.exe
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\Programme\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE
C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\OSD\OSD.EXE
C:\Programme\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programme\T-Mobile\Communication Center\AutoUpdateSrv.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\MSN Messenger\MsnMsgr.Exe
C:\Programme\CyberLink\Power2Go\Power2GoExpress.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\T-Mobile\Communication Center\Wilog.exe
C:\Programme\T-Mobile\Communication Center\WilogSrv.exe
C:\Programme\T-Mobile\Communication Center\AlicePhoneSrv.exe
C:\Programme\AntiVir PersonalEdition Classic\avcenter.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
C:\Dokumente und Einstellungen\mujo\Desktop\Neuer Ordner\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = [Link mogu videti samo ulogovani korisnici]
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici]
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = [Link mogu videti samo ulogovani korisnici]
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {DFC28434-698B-3102-A4AB-6D1335DE6CC5} - C:\WINDOWS\system32\chypxjhm.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Programme\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RestoreIT!] "C:\Programme\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [RemoteControl] C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [OSD] C:\Programme\OSD\OSD.EXE
O4 - HKLM\..\Run: [OpwareSE2] "C:\Programme\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [OPSE reminder] "C:\Programme\ScanSoft\OmniPageSE2.0\EregGer\Ereg.exe" -r "C:\Programme\ScanSoft\OmniPageSE2.0\EregGer\ereg.ini"
O4 - HKLM\..\Run: [MMTray] C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Connect Update Agent] "C:\Programme\T-Mobile\Communication Center\AutoUpdateSrv.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Power2GoExpress] "C:\Programme\CyberLink\Power2Go\Power2GoExpress.exe" /Startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AliceConnect] C:\Programme\T-Mobile\Communication Center\Wilog.exe
O8 - Extra context menu item: &Windows Live Search - [Link mogu videti samo ulogovani korisnici]\Programme\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O17 - HKLM\System\CCS\Services\Tcpip\..\{CC2C2B05-20F7-4995-A126-099CF56B5FF9}: NameServer = 213.162.65.1 213.162.65.2
O18 - Protocol: ebk - {1E411CE8-FE8B-4973-B8E0-6EA2CC3C6B06} - C:\WINDOWS\system32\ebkp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: t-mobile - {C6D89159-3467-4C2F-9918-3362DA57BCD2} - C:\PROGRA~1\T-Mobile\HOTSPO~2\TMOBIL~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Phoenix VCD Service (PhnxVCDService) - Phoenix Technologies Ltd. - C:\WINDOWS\system32\PhnxCDSvr.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe

Poslao: 19 Feb 2007 11:10
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Odlicno Smile

Skeniraj jos jednom HijackThis-om, pa stikliraj polje ispred sledece linije:
O2 - BHO: (no name) - {DFC28434-698B-3102-A4AB-6D1335DE6CC5} - C:\WINDOWS\system32\chypxjhm.dll (file missing)

klikni Fix checked

To je to.

Jel se javljaju jos koji simptomi?

Poslao: 19 Feb 2007 16:58
Idi na vrh
offline
  • Pridružio: 17 Feb 2007
  • Poruke: 17

Ad-Aware SE Build 1.06r1
Logfile Created on:Montag, 19. Februar 2007 16:36:30
Using definitions file:SE1R153 15.02.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):9 total references
Tracking Cookie(TAC index:3):10 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Ignore spanned files when scanning cab archives
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Block pop-ups aggressively
Set : Automatically select problematic objects in results lists
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Show splash screen
Set : Backup current definitions file before updating
Set : Play sound at scan completion if scan locates critical objects


19.02.2007 16:36:30 - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Dokumente und Einstellungen\mujo\recent
Description : list of recently opened documents


MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Object Recognized!
Location: : S-1-5-21-1099520204-1666456267-1733242222-1005\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1099520204-1666456267-1733242222-1005\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer


MRU List Object Recognized!
Location: : S-1-5-21-1099520204-1666456267-1733242222-1005\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Object Recognized!
Location: : S-1-5-21-1099520204-1666456267-1733242222-1005\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Object Recognized!
Location: : S-1-5-21-1099520204-1666456267-1733242222-1005\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


MRU List Object Recognized!
Location: : S-1-5-21-1099520204-1666456267-1733242222-1005\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run


MRU List Object Recognized!
Location: : S-1-5-21-1099520204-1666456267-1733242222-1005\software\microsoft\windows media\wmsdk\general
Description : windows media sdk


Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 636
ThreadCreationTime : 19.02.2007 15:11:43
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 720
ThreadCreationTime : 19.02.2007 15:11:44
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 744
ThreadCreationTime : 19.02.2007 15:11:44
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 788
ThreadCreationTime : 19.02.2007 15:11:45
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158-)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Anwendung für Dienste und Controller
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 800
ThreadCreationTime : 19.02.2007 15:11:45
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158-)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 944
ThreadCreationTime : 19.02.2007 15:11:45
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158-)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1020
ThreadCreationTime : 19.02.2007 15:11:46
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158-)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1056
ThreadCreationTime : 19.02.2007 15:11:46
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158-)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1228
ThreadCreationTime : 19.02.2007 15:11:47
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158-)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1288
ThreadCreationTime : 19.02.2007 15:11:48
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158-)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1480
ThreadCreationTime : 19.02.2007 15:11:48
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158-)
ProductVersion : 6.00.2900.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : EXPLORER.EXE

#:12 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1516
ThreadCreationTime : 19.02.2007 15:11:49
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:13 [sched.exe]
FilePath : C:\Programme\AntiVir PersonalEdition Classic\
ProcessID : 1624
ThreadCreationTime : 19.02.2007 15:11:49
BasePriority : Normal


#:14 [avguard.exe]
FilePath : C:\Programme\AntiVir PersonalEdition Classic\
ProcessID : 1636
ThreadCreationTime : 19.02.2007 15:11:49
BasePriority : Normal


#:15 [slserv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1740
ThreadCreationTime : 19.02.2007 15:11:49
BasePriority : Normal
FileVersion : 2.80.00(24Apr2000)
ProductVersion : 2.80.00
ProductName : Modem
FileDescription : User-Level Modem Service
InternalName : slserv
LegalCopyright : Copyright © 1999-2000
OriginalFilename : slserv.exe

#:16 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1772
ThreadCreationTime : 19.02.2007 15:11:49
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158-)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:17 [winampa.exe]
FilePath : C:\Programme\Winamp\
ProcessID : 312
ThreadCreationTime : 19.02.2007 15:11:53
BasePriority : Normal


#:18 [syntplpr.exe]
FilePath : C:\Programme\Synaptics\SynTP\
ProcessID : 324
ThreadCreationTime : 19.02.2007 15:11:53
BasePriority : Normal
FileVersion : 7.8.7 06Nov03
ProductVersion : 7.8.7 06Nov03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : TouchPad Driver Helper Application
InternalName : SynTPLpr
LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2003
OriginalFilename : SynTPLpr.exe

#:19 [syntpenh.exe]
FilePath : C:\Programme\Synaptics\SynTP\
ProcessID : 332
ThreadCreationTime : 19.02.2007 15:11:53
BasePriority : Normal
FileVersion : 7.8.7 06Nov03
ProductVersion : 7.8.7 06Nov03
ProductName : Progressive Touch
CompanyName : Synaptics, Inc.
FileDescription : Synaptics TouchPad Enhancements
InternalName : Scrolleroo
LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2003
OriginalFilename : SynTPEnh.exe

#:20 [soundman.exe]
FilePath : C:\WINDOWS\
ProcessID : 348
ThreadCreationTime : 19.02.2007 15:11:53
BasePriority : Normal
FileVersion : 5.1.0.29
ProductVersion : 5.1.0.29
ProductName : Realtek Sound Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright (c) 2001-2004 Realtek Semiconductor Corp.
OriginalFilename : ALSMTray.exe
Comments : Realtek AC97 Audio Sound Manager

#:21 [vbptask.exe]
FilePath : C:\Programme\Phoenix Technologies Ltd\RecoverPro_XP\
ProcessID : 360
ThreadCreationTime : 19.02.2007 15:11:53
BasePriority : Normal
FileVersion : 2, 0, 0, 0
ProductVersion : 2, 0, 0, 0
ProductName : VBPTask Application
CompanyName : FarStone Tech. Inc.
FileDescription : VBPTask MFC Application
InternalName : VBPTask
LegalCopyright : Copyright (C) 2000-2002 FarStone Tech. Inc.
OriginalFilename : VBPTask.EXE

#:22 [pdvdserv.exe]
FilePath : C:\Programme\CyberLink\PowerDVD\
ProcessID : 368
ThreadCreationTime : 19.02.2007 15:11:53
BasePriority : Normal
FileVersion : 5.00.0000
ProductVersion : 5.00.0000
ProductName : PowerDVD
CompanyName : Cyberlink Corp.
FileDescription : PowerDVD RC Service
InternalName : PowerDVD RC Service
LegalCopyright : Copyright (c) CyberLink Corp. 1997-2002
OriginalFilename : PDVDSERV.EXE

#:23 [osd.exe]
FilePath : C:\Programme\OSD\
ProcessID : 380
ThreadCreationTime : 19.02.2007 15:11:53
BasePriority : Normal
FileVersion : 1, 0, 2, 3
ProductVersion : 1, 0, 2, 3
ProductName : OSD
CompanyName : Press FnF8 to enable/disable Touchpad
FileDescription : OSD
InternalName : OSD
LegalCopyright : Copyright 2004-2008
OriginalFilename : OSD.exe
Comments : NumLock,CapsLock,ScrLock,Volume,Brightness,AC,Wirless Lan,LCD_CRT_DVI,Battery Life,TouchPad

#:24 [opwarese2.exe]
FilePath : C:\Programme\ScanSoft\OmniPageSE2.0\
ProcessID : 388
ThreadCreationTime : 19.02.2007 15:11:53
BasePriority : Normal
FileVersion : 12.0
ProductVersion : 2.0
ProductName : OmniPage SE
CompanyName : ScanSoft, Inc.
FileDescription : OCR Aware (32-bit)
InternalName : OPWARE12.EXE
LegalCopyright : Copyright © 1995-2003 ScanSoft, Inc.
LegalTrademarks : ScanSoft, OmniPage and OmniPage SE are registered trademarks of ScanSoft, Inc. in the United States and/or other countries.

OriginalFilename : OPWARE12.EXE

#:25 [mm_tray.exe]
FilePath : C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\
ProcessID : 476
ThreadCreationTime : 19.02.2007 15:11:54
BasePriority : Normal
FileVersion : 8.00.0126
ProductVersion : 8.00.0126
ProductName : MUSICMATCH JUKEBOX
CompanyName : MUSICMATCH, Inc.
FileDescription : mm_tray
InternalName : mm_tray
LegalCopyright : Copyright © MUSICMATCH 1998-2003
LegalTrademarks :
OriginalFilename : mm_tray.exe

#:26 [igfxtray.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 608
ThreadCreationTime : 19.02.2007 15:11:54
BasePriority : Normal
FileVersion : 3.0.0.2350
ProductVersion : 7.0.0.2350
ProductName : Intel(R) Common User Interface
CompanyName : Intel Corporation
FileDescription : igfxTray Module
InternalName : IGFXTRAY
LegalCopyright : Copyright 1999-2003, Intel Corporation
OriginalFilename : IGFXTRAY.EXE

#:27 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 676
ThreadCreationTime : 19.02.2007 15:11:56
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158-)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:28 [hkcmd.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 700
ThreadCreationTime : 19.02.2007 15:11:57
BasePriority : Normal
FileVersion : 3.0.0.2350
ProductVersion : 7.0.0.2350
ProductName : Intel(R) Common User Interface
CompanyName : Intel Corporation
FileDescription : hkcmd Module
InternalName : HKCMD
LegalCopyright : Copyright 1999-2003, Intel Corporation
OriginalFilename : HKCMD.EXE

#:29 [wscntfy.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 712
ThreadCreationTime : 19.02.2007 15:11:57
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158-)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Security Center Notification App
InternalName : wscntfy.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wscntfy.exe

#:30 [autoupdatesrv.exe]
FilePath : C:\Programme\T-Mobile\Communication Center\
ProcessID : 964
ThreadCreationTime : 19.02.2007 15:11:57
BasePriority : Normal


#:31 [avgnt.exe]
FilePath : C:\Programme\AntiVir PersonalEdition Classic\
ProcessID : 972
ThreadCreationTime : 19.02.2007 15:11:57
BasePriority : Normal


#:32 [msnmsgr.exe]
FilePath : C:\Programme\MSN Messenger\
ProcessID : 840
ThreadCreationTime : 19.02.2007 15:11:57
BasePriority : Normal
FileVersion : 8.0.0812.00
ProductVersion : 8.0.0812
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msnmsgr.exe
LegalCopyright : Copyright (c) Microsoft Corporation. All rights reserved.
OriginalFilename : msnmsgr.exe

#:33 [power2goexpress.exe]
FilePath : C:\Programme\CyberLink\Power2Go\
ProcessID : 1080
ThreadCreationTime : 19.02.2007 15:11:58
BasePriority : Normal
FileVersion : 4.00.1203
ProductVersion : 4.00.1203
ProductName : Power2Go Express
CompanyName : Cyberlink
FileDescription : Power2Go Express
InternalName : Power2Go Express
LegalCopyright : Copyright (C) Cyberlink co. 2004
OriginalFilename : Power2Go Express.exe

#:34 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1260
ThreadCreationTime : 19.02.2007 15:11:58
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158-)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:35 [wilog.exe]
FilePath : C:\Programme\T-Mobile\Communication Center\
ProcessID : 1348
ThreadCreationTime : 19.02.2007 15:11:59
BasePriority : Normal


#:36 [wilogsrv.exe]
FilePath : C:\Programme\T-Mobile\Communication Center\
ProcessID : 2164
ThreadCreationTime : 19.02.2007 15:12:07
BasePriority : Normal


#:37 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2420
ThreadCreationTime : 19.02.2007 15:13:05
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158-)
ProductVersion : 5.1.2600.2180
ProductName : Betriebssystem Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Eine DLL-Datei als Anwendung ausführen
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten.
OriginalFilename : RUNDLL.EXE

#:38 [alicephonesrv.exe]
FilePath : C:\Programme\T-Mobile\Communication Center\
ProcessID : 2428
ThreadCreationTime : 19.02.2007 15:13:06
BasePriority : Normal


#:39 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2804
ThreadCreationTime : 19.02.2007 15:13:48
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158-)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:40 [iexplore.exe]
FilePath : C:\Programme\Internet Explorer\
ProcessID : 2888
ThreadCreationTime : 19.02.2007 15:14:35
BasePriority : Normal
FileVersion : 7.00.6000.16414 (vista_gdr.070108-1520)
ProductVersion : 7.00.6000.16414
ProductName : Windows® Internet Explorer
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : IEXPLORE.EXE

#:41 [ad-aware.exe]
FilePath : C:\Programme\Lavasoft\Ad-Aware SE Professional\
ProcessID : 764
ThreadCreationTime : 19.02.2007 15:36:03
BasePriority : Normal
FileVersion : 6.2.0.238
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mujo@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:mujo@atdmt.com/
Expires : 17.02.2012 01:00:00
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [Link mogu videti samo ulogovani korisnici][1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:mujo@msnportal.112.2o7.net/
Expires : 18.02.2012 11:10:08
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mujo@partypoker[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:mujo@partypoker.com/
Expires : 15.02.2017 12:52:04
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mujo@~~local~~[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:61
Value : Cookie:mujo@~~local~~/
Expires : 04.03.2007 12:25:34
LastSync : Hits:61
UseCount : 0
Hits : 61

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mujo@questionmarket[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:15
Value : Cookie:mujo@questionmarket.com/
Expires : 10.04.2008 19:43:40
LastSync : Hits:15
UseCount : 0
Hits : 15

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mujo@bluestreak[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:mujo@bluestreak.com/
Expires : 15.02.2017 07:52:02
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [Link mogu videti samo ulogovani korisnici][1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:48
Value : Cookie:mujo@ad.yieldmanager.com/
Expires : 14.08.2017 01:00:00
LastSync : Hits:48
UseCount : 0
Hits : 48

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [Link mogu videti samo ulogovani korisnici][1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:mujo@ford.112.2o7.net/
Expires : 17.02.2012 11:50:14
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : mujo@doubleclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:mujo@doubleclick.net/
Expires : 19.02.2007 16:30:04
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : [Link mogu videti samo ulogovani korisnici][1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:10
Value : Cookie:mujo@as1.falkag.de/
Expires : 21.03.2007 11:25:14
LastSync : Hits:10
UseCount : 0
Hits : 10

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 10
Objects found so far: 19



Deep scanning and examining files (CSmile
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 19


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 19




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 19

16:49:43 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:13:12.810
Objects scanned:125210
Objects identified:10
Objects ignored:0
New critical objects:10

Nije gotovo???

Poslao: 19 Feb 2007 19:26
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Ne kontam. Ko je trazio log Ad-awarea?

Sta treba da znaci ono "Nije gotovo???" u tvojoj poruci?
Mislis li da je Ad-aware nasao nesto?

Napisao sam ti u mojoj prosloj poruci sta da uradis, zamolio bih te da to i ucinis.

21 Feb 2007 17:21 bobby Zaključavanje topica Razlog: Javiti se na PP ukoliko je potrebno otkljucavanje teme  

MyCity » Ambulanta -> Arhiva Ambulante » virus?

Ko je trenutno na forumu
 

Ukupno su 4206 korisnika na forumu :: 106 registrovanih, 6 sakrivenih i 4094 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 5253 - dana 09 Dec 2025 16:26

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 6.5lapua, airsuba, AK - 230, alternator, Apok, armor, babaroga, Belac91, Bobrock1, cakija, Car89, Cicumile, CLIPPER, Colt D, cyprus, Darko7103, DavidA, DeerHunter, Denaya, djonsule, DLazić, Donneraj, draganl, DrNeoCortex, drpera, dskrlec33, Dungorth, Dzoni2412, Electron, Ercomero, EVIDENTICAR, Feller, Gaga_89, gagidjuric, halkin gol, hellenic, icemilos, Imperator_Aleksandr_lll, IQ116, istina, Istman, ivan979, Jager715510, Jaxupa, JosipRi, Kamov, Koce, krkalon, Kubovac, ladro, laurusri, Lazur_01, Lošmi, Maki1981, Manjane, MB120mm, milenko crazy north, Milos ZA, Mise, Mr.G., Mrav Obrad, mux, Natuzzi, Nemanja.M, niki-mini_maki, nikoladim, Nole, OgnjenMitric, opt1, pablojepao, Paklenica, pavle_pzs, pein, pera bager, ping15, pirke96, Povratak1912, raketaš, Robin, royst33, sasa87, sedan, Sirius, Sonic, Srle993, Stod, Stoilkovic, tmanda323, Trpe Grozni, uljmanac, Vaske8990, vathra, vidra boy, vladobreda, vuksa72, VX1, yip314, Zastava, Zimbabwe, Zjmc, zlatkoa987, Zrcalo, ZZZ, |_MeD_|, Žoržo, 800077