Toolbar
Pravilnik foruma
Burek marketing
Najčešća pitanja
Posetite Burek Prodavnicu
Prijava na forum:
Ime:
Lozinka:
Prijavi me trajno:
Trajanje:
Registruj nalog:
zaboravili ste šifru?
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:

Zatvori
ConQUIZtador
banner
BUREK marketing
*
linktree Burek :: Forumi ::  >  Tehnicki deo foruma  >  Pc Klinika ~ Doktori za vas kompjuter
linktree Tema: MSN virus (Moderatori: enaB, chelavi1)
Trenutno vreme je: 18. Jun 2025, 05:02:26
 nazadnapred
Korisnici koji su trenutno na forumu 0 članova i 1 gost pregledaju ovu temu.

 Napomena: Za sva pitanja u vezi kupovine novog hardware-a ili procene vrednosti i preporuke koristite - ovu temu

Spyware,sta je,kako radi,kako se zastititi? :: Kako rade mreze :: Burek Anti-virus software review :: Index tema koje ne treba propustiti

Idi dole
Stranice:
1
2
3  Sve
Počni novu temu Nova anketa Odgovor Štampaj Dodaj temu u favorite Pogledajte svoje poruke u temi
Tema: MSN virus  (Pročitano 6928 puta)
Tema opcije Oceni temu
valter_ba
Poruka #10 17. Mar 2008, 10:37:04
Poznata licnost


Veni, vici,vidi

Zodijak Libra
Pol Muškarac
Poruke 3639
Zastava Sarajevo BIH
OS
Windows XP
Browser
Mozilla Firefox 2.0.0.11;
mob
Nokia 
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
trebas ova tri fiksirati i ponovo skeniraj ukoliko se ponovo pojavi skini Combo fix i pokreni trebo bi on izbrissati.Nedavno sam imao isti problem ali uspio sam skinuti imas temu (oko 5 ,6 strane)amvo.exe pa pogledaj
IP sačuvana
social share

sve ce to narod pozlatiti
Pogledaj profil
 
Prijava na forum:
Ime:
Lozinka:
Zelim biti prijavljen:
Trajanje:
Registruj nalog:
zaboravili ste šifru?
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:
Zatvori
AlenNS
Poruka #11 17. Mar 2008, 11:56:47
Udaljen sa foruma
Jet set burekdzija


"I always tell the truth. Even when I lie."

Zodijak Cancer
Pol Muškarac
Poruke 5530
Zastava Novi Sad - Bar
OS
Windows XP
Browser
Mozilla Firefox 2.0.0.12
mob
Samsung D900
amvo sam obrisao i iz system foldera i iz startupa i iz registry-ja.
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) - Ovaj sam sada obrisao.
A ovo treće gde mi pokreće Apache to nikako ne znam kako da ugasim.
IP sačuvana
social share
Edit by latifovich: Potpis uklonjen zbog duzine!
Pogledaj profil WWW
 
Prijava na forum:
Ime:
Lozinka:
Zelim biti prijavljen:
Trajanje:
Registruj nalog:
zaboravili ste šifru?
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:
Zatvori
Filip93
Poruka #12 17. Mar 2008, 13:30:05
Moderator
Legenda foruma


Zodijak Taurus
Pol Muškarac
Poruke 31625
Zastava Beograd
OS
Windows XP
Browser
Opera 9.25
mob
Nokia 6120
Amvo bi trebalo da je dosta. To je to sto salje poruke svima. Wink
IP sačuvana
social share
Pogledaj profil WWW
 
Prijava na forum:
Ime:
Lozinka:
Zelim biti prijavljen:
Trajanje:
Registruj nalog:
zaboravili ste šifru?
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:
Zatvori
MunkaZe
Poruka #13 17. Mar 2008, 14:43:56
Supermoderator
Legenda foruma


Always outnumbered, never outgunned.

Zodijak
Pol
Poruke 47481
Zastava
OS
Windows XP
Browser
Mozilla Firefox 2.0.0.12
Zakaci novi log.
IP sačuvana
social share
Glasajte u anketi i izaberite temu narednog BFMC takmicenja
Ta divna stvorenja
Pogledaj profil
 
Prijava na forum:
Ime:
Lozinka:
Zelim biti prijavljen:
Trajanje:
Registruj nalog:
zaboravili ste šifru?
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:
Zatvori
AlenNS
Poruka #14 17. Mar 2008, 16:36:06
Udaljen sa foruma
Jet set burekdzija


"I always tell the truth. Even when I lie."

Zodijak Cancer
Pol Muškarac
Poruke 5530
Zastava Novi Sad - Bar
OS
Windows XP
Browser
Mozilla Firefox 2.0.0.12
mob
Samsung D900
Logfile of HijackThis v1.99.1
Scan saved at 16:35:37, on 17.3.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ApexDC++_Gusari_XY6\ApexDC.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE
C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Totalcmd\TotalCmd.exe
D:\Backup C\Desktop\Internet\Download\Programi\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ApexDC++] "C:\Program Files\ApexDC++_Gusari_XY6\ApexDC.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Majku mu evo ga opet.
IP sačuvana
social share
Edit by latifovich: Potpis uklonjen zbog duzine!
Pogledaj profil WWW
 
Prijava na forum:
Ime:
Lozinka:
Zelim biti prijavljen:
Trajanje:
Registruj nalog:
zaboravili ste šifru?
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:
Zatvori
Filip93
Poruka #15 17. Mar 2008, 16:53:59
Moderator
Legenda foruma


Zodijak Taurus
Pol Muškarac
Poruke 31625
Zastava Beograd
OS
Windows XP
Browser
Opera 9.25
mob
Nokia 6120
Fixuj ga opet iz Safe Mode-a, pa pokreni normalno Windows, pa pokreni SDFix koji mozes skinuti odavde.
O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
Okaci posle novi log. Wink
IP sačuvana
social share
Pogledaj profil WWW
 
Prijava na forum:
Ime:
Lozinka:
Zelim biti prijavljen:
Trajanje:
Registruj nalog:
zaboravili ste šifru?
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:
Zatvori
MunkaZe
Poruka #16 17. Mar 2008, 17:12:26
Supermoderator
Legenda foruma


Always outnumbered, never outgunned.

Zodijak
Pol
Poruke 47481
Zastava
OS
Windows XP
Browser
Mozilla Firefox 2.0.0.12
Neces ga tako popraviti. Moras da brises iz registry-ja rucno ili da instaliras KIS koji ima definicije za ovaj trojan.

Preuzmi ComboFix odavde :    ComboFix

Kako instalirati ComboFix sa i bez Recovery Konzole : link
Potreban ti je samo prvi deo, dakle samo ga instaliraj i pokreni, recovery konzola nije sada prioritet, cisto da vidimo hoce li da ga ubije, a trebalo bi jer je skripta jako dobra.
Obrati paznju na upozorenja da nakon pokretanja ComboFix-a ne stiskas ni jedno dugme na tastaturi i ne pomeras misa, jer se desava da se proces jednostavno zamrzne.

Nakon toga udji u safe mode, pokreni Spybot S&D, pusti da skenira i brisi sta god da nadje.
Ako je i dalje tu, daj novi log od HJT-a i postavi mi log od ComboFix-a takodje (pitace te da sacuvas log negde u toku rada sa njim, ili ce sam da stavi txt log negde na sistemsku particiju, to je u zavisnosti od verzije pa ne znam tacno).
IP sačuvana
social share
Glasajte u anketi i izaberite temu narednog BFMC takmicenja
Ta divna stvorenja
Pogledaj profil
 
Prijava na forum:
Ime:
Lozinka:
Zelim biti prijavljen:
Trajanje:
Registruj nalog:
zaboravili ste šifru?
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:
Zatvori
AlenNS
Poruka #17 17. Mar 2008, 17:20:07
Udaljen sa foruma
Jet set burekdzija


"I always tell the truth. Even when I lie."

Zodijak Cancer
Pol Muškarac
Poruke 5530
Zastava Novi Sad - Bar
OS
Windows XP
Browser
Mozilla Firefox 2.0.0.12
mob
Samsung D900
OK. Sad ću pokušati.
SD fix mi nije pomogao.

EDIT: Evo ga log.

ComboFix 08-03-14.4 - Alen 2008-03-17 17:22:28.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1251.1.1033.18.983 [GMT 1:00]
Running from: D:\Internet\Download\ComboFix.exe
 * Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
D:\Autorun.inf

.
(((((((((((((((((((((((((   Files Created from 2008-02-17 to 2008-03-17  )))))))))))))))))))))))))))))))
.

2008-03-17 17:01 . 2008-03-17 17:02   <DIR>   d--------   C:\SDFix
2008-03-17 01:58 . 2008-03-17 01:58   <DIR>   d--------   C:\Documents and Settings\Alen\Application Data\Corel
2008-03-17 01:52 . 2008-03-17 01:52   <DIR>   d--------   C:\Program Files\Corel
2008-03-17 01:52 . 2008-03-17 01:52   <DIR>   d--------   C:\Program Files\Common Files\Corel
2008-03-17 01:34 . 2008-03-17 01:34   <DIR>   d--------   C:\Program Files\Spybot - Search & Destroy
2008-03-17 01:31 . 2008-03-17 01:24   691,545   --a------   C:\WINDOWS\unins000.exe
2008-03-17 01:31 . 2008-03-17 01:31   2,549   --a------   C:\WINDOWS\unins000.dat
2008-03-17 01:20 . 2008-03-17 02:02   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-17 00:14 . 2008-03-17 00:14   <DIR>   d--------   C:\WINDOWS\Sun
2008-03-16 21:27 . 2008-03-16 21:27   <DIR>   d--------   C:\Program Files\Hattrick Forever
2008-03-15 14:21 . 2008-03-15 14:21   <DIR>   d--------   C:\Program Files\Real
2008-03-15 14:21 . 2008-03-15 14:21   <DIR>   d--------   C:\Program Files\Common Files\xing shared
2008-03-15 14:21 . 2008-03-15 14:21   <DIR>   d--------   C:\Program Files\Common Files\Real
2008-03-15 08:58 . 2008-03-15 08:58   101,166   -r-hs----   C:\cfdflx.com
2008-03-14 15:46 . 2008-03-14 15:46   159,241   --a------   C:\kugla1.jpg
2008-03-14 13:03 . 2008-03-14 13:03   <DIR>   d--------   C:\Program Files\Recnik jezickih nedoumica
2008-03-14 01:02 . 2008-03-14 03:06   <DIR>   d--------   C:\Program Files\Italijanski 3
2008-03-14 01:01 . 2008-03-14 01:01   <DIR>   d--------   C:\Program Files\Italijanski 2
2008-03-14 01:01 . 2008-03-14 01:01   <DIR>   d--------   C:\Documents and Settings\Alen\WINDOWS
2008-03-14 01:01 . 1996-01-31 07:09   1,593,681   --a------   C:\Program Files\ITXSTRA2.EXE
2008-03-14 01:00 . 2008-03-14 01:03   <DIR>   d--------   C:\Program Files\Italijanski
2008-03-14 00:59 . 2008-03-14 01:01   141   --a------   C:\WINDOWS\asym.ini
2008-03-13 21:35 . 2008-03-13 21:35   <DIR>   d--------   C:\Program Files\Common Files\Adobe
2008-03-13 21:20 . 2008-03-13 22:16   <DIR>   d--------   C:\Documents and Settings\Alen\Application Data\AdobeUM
2008-03-13 20:09 . 2008-03-13 20:09   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\Autodesk
2008-03-13 20:07 . 2008-03-13 20:10   <DIR>   d--------   C:\Program Files\Common Files\Autodesk Shared
2008-03-13 20:07 . 2008-03-13 20:10   <DIR>   d--------   C:\Program Files\Autodesk
2008-03-13 20:03 . 2005-05-26 15:34   2,297,552   --a------   C:\WINDOWS\system32\d3dx9_26.dll
2008-03-13 01:37 . 2008-03-13 01:37   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\TechSmith
2008-03-13 01:36 . 2008-03-13 01:36   <DIR>   d--------   C:\Program Files\TechSmith
2008-03-13 01:36 . 2008-03-13 01:36   <DIR>   d--------   C:\Program Files\Common Files\Wise Installation Wizard
2008-03-12 12:26 . 2008-03-12 12:26   <DIR>   d--------   C:\Program Files\uTorrent
2008-03-12 12:26 . 2008-03-17 04:12   <DIR>   d--------   C:\Documents and Settings\Alen\Application Data\uTorrent
2008-03-11 14:31 . 2008-03-11 14:31   <DIR>   d--------   C:\Program Files\Windows Live Toolbar
2008-03-11 14:31 . 2008-03-11 14:31   <DIR>   d--------   C:\Program Files\Windows Live Favorites
2008-03-11 14:29 . 2008-03-11 14:29   <DIR>   d----c---   C:\WINDOWS\system32\DRVSTORE
2008-03-11 14:29 . 2008-03-11 14:29   <DIR>   d--------   C:\Documents and Settings\Alen\Contacts
2008-03-11 14:28 . 2008-03-11 14:29   163   --a------   C:\forum.php
2008-03-11 14:15 . 2008-03-11 14:28   <DIR>   d--------   C:\Program Files\Windows Live
2008-03-11 14:15 . 2008-03-11 14:28   <DIR>   d--hsc---   C:\Program Files\Common Files\WindowsLiveInstaller
2008-03-11 14:15 . 2008-03-11 14:15   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-03-11 13:32 . 2008-03-17 04:08   <DIR>   d--------   C:\Program Files\Opera
2008-03-11 13:20 . 2007-04-18 17:12   2,854,400   --a--c---   C:\WINDOWS\system32\dllcache\msi.dll
2008-03-11 13:20 . 2005-05-04 14:45   271,360   --a--c---   C:\WINDOWS\system32\dllcache\msihnd.dll
2008-03-11 13:20 . 2005-05-04 14:45   78,848   --a--c---   C:\WINDOWS\system32\dllcache\msiexec.exe
2008-03-11 00:41 . 2008-03-11 00:41   <DIR>   d--------   C:\Documents and Settings\Alen\Application Data\Lavasoft
2008-03-11 00:40 . 2008-03-11 00:40   <DIR>   d--------   C:\Program Files\DAEMON Tools
2008-03-11 00:40 . 2008-03-11 00:40   223,128   --a------   C:\WINDOWS\system32\drivers\dtscsi.sys
2008-03-11 00:39 . 2007-07-30 19:19   271,224   --a------   C:\WINDOWS\system32\mucltui.dll
2008-03-11 00:39 . 2007-07-30 19:19   207,736   --a------   C:\WINDOWS\system32\muweb.dll
2008-03-11 00:39 . 2007-07-30 19:19   30,072   --a------   C:\WINDOWS\system32\mucltui.dll.mui
2008-03-11 00:30 . 2008-03-11 00:30   642,560   --a------   C:\WINDOWS\system32\drivers\sptd.sys
2008-03-11 00:30 . 2008-03-11 00:30   96,256   --a------   C:\WINDOWS\system32\drivers\sptd8429.sys
2008-03-11 00:12 . 2008-03-11 00:12   <DIR>   d--------   C:\Program Files\UltraISO
2008-03-11 00:12 . 2008-03-11 00:12   <DIR>   d--------   C:\Program Files\Common Files\EZB Systems
2008-03-11 00:04 . 2008-02-22 02:33   69,632   --a------   C:\WINDOWS\system32\javacpl.cpl
2008-03-10 18:47 . 2008-03-17 04:08   <DIR>   d--------   C:\Program Files\Common Files\Macromedia
2008-03-10 17:36 . 2007-12-07 03:21   6,066,176   -----c---   C:\WINDOWS\system32\dllcache\ieframe.dll
2008-03-10 17:36 . 2007-07-01 04:31   2,455,488   -----c---   C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-03-10 17:36 . 2007-07-01 04:36   991,232   -----c---   C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-03-10 17:36 . 2007-12-07 03:21   459,264   -----c---   C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-03-10 17:36 . 2007-12-07 03:21   383,488   -----c---   C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-03-10 17:36 . 2007-12-07 03:21   267,776   -----c---   C:\WINDOWS\system32\dllcache\iertutil.dll
2008-03-10 17:36 . 2007-12-07 03:21   63,488   -----c---   C:\WINDOWS\system32\dllcache\icardie.dll
2008-03-10 17:36 . 2007-12-07 03:21   52,224   -----c---   C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-03-10 17:36 . 2007-12-06 12:00   13,824   -----c---   C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-03-10 17:00 . 2008-03-10 17:00   <DIR>   d--------   C:\Documents and Settings\Alen\Application Data\ACD Systems
2008-03-10 16:58 . 2008-03-17 04:01   <DIR>   d--------   C:\WINDOWS\Downloaded Installations
2008-03-10 16:58 . 2008-03-10 16:58   <DIR>   d--------   C:\Program Files\Common Files\ACD Systems
2008-03-10 16:58 . 2008-03-10 16:58   <DIR>   d--------   C:\Program Files\ACD Systems
2008-03-10 16:58 . 2008-03-10 16:58   <DIR>   d--------   C:\Documents and Settings\All Users\Application Data\ACD Systems
2008-03-10 16:03 . 2008-03-16 20:53   <DIR>   d--------   C:\Program Files\Winamp
2008-03-10 16:03 . 2008-03-10 21:38   <DIR>   d--------   C:\Documents and Settings\Alen\Application Data\Winamp
2008-03-10 15:48 . 2008-03-10 15:48   <DIR>   d--------   C:\Program Files\Webteh
2008-03-10 15:48 . 2008-03-10 15:48   <DIR>   d--------   C:\Program Files\Ligos
2008-03-10 15:48 . 2000-06-23 14:05   136,704   ---------   C:\WINDOWS\system32\iacenc.dll
2008-03-10 15:48 . 2000-06-22 13:09   56,320   ---------   C:\WINDOWS\system32\iyvu9_32.dll
2008-03-10 15:47 . 2008-03-10 15:47   <DIR>   d--------   C:\Program Files\XviD
2008-03-10 15:47 . 2008-03-10 15:47   <DIR>   d--------   C:\Program Files\Mv2Player
2008-03-10 15:46 . 2008-03-10 15:46   <DIR>   d--------   C:\Program Files\ffdshow
2008-03-10 15:46 . 1998-10-29 16:45   306,688   --a------   C:\WINDOWS\IsUninst.exe
2008-03-10 15:45 . 2008-03-17 04:08   <DIR>   d--------   C:\WINDOWS\system32\QuickTime
2008-03-10 15:45 . 2008-03-10 15:45   <DIR>   d--------   C:\Program Files\DivX
2008-03-10 15:45 . 2008-03-10 15:45   <DIR>   d--------   C:\Program Files\AC3Filter
2008-03-10 15:45 . 2008-03-10 15:45   <DIR>   d--------   C:\Program Files\3ivx
2008-03-10 15:45 . 2004-05-25 16:06   417,792   --a------   C:\WINDOWS\system32\ac3filter.cpl
2008-03-10 15:45 . 1999-12-17 11:13   86,016   --a------   C:\WINDOWS\unvise32.exe
2008-03-10 15:43 . 2002-12-31 13:00   221,184   --a------   C:\WINDOWS\system32\wmpns.dll
2008-03-10 15:39 . 2008-03-11 00:04   <DIR>   d--------   C:\Program Files\Java
2008-03-10 15:34 . 2008-03-10 15:34   <DIR>   d--------   C:\Program Files\Common Files\Java
2008-03-10 15:33 . 2008-03-10 15:33   <DIR>   d--------   C:\Program Files\Totalcmd
2008-03-10 15:32 . 2008-03-17 04:08   <DIR>   d--------   C:\Program Files\Macromedia
2008-03-10 15:26 . 2008-03-10 15:26   0   --a------   C:\WINDOWS\[INI]
2008-03-10 15:25 . 2008-03-10 15:26   <DIR>   d--------   C:\WINDOWS\uninstall
2008-03-10 15:25 . 2008-03-10 15:26   <DIR>   d--------   C:\Program Files\StartupStar
2008-03-10 14:41 . 2006-10-26 19:56   32,592   --a------   C:\WINDOWS\system32\msonpmon.dll
2008-03-10 14:39 . 2008-03-10 14:39   <DIR>   d--------   C:\Program Files\Microsoft Works
2008-03-10 14:38 . 2008-03-10 14:38   <DIR>   d--------   C:\Program Files\MSBuild
2008-03-10 14:35 . 2008-03-10 14:35   <DIR>   d--------   C:\Program Files\ApexDC++_Gusari_XY6
2008-03-10 14:34 . 2008-03-10 14:37   <DIR>   d--------   C:\WINDOWS\SHELLNEW

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-17 03:08   ---------   d--h--w   C:\Program Files\InstallShield Installation Information
2008-03-17 00:52   ---------   d-----w   C:\Program Files\Common Files\InstallShield
2008-03-10 12:18   ---------   d-----w   C:\Program Files\Alwil Software
2008-03-10 12:17   103,516   --sh--r   C:\b.com
2008-03-10 12:14   ---------   d-----w   C:\Program Files\ASUS
2008-03-10 12:14   ---------   d-----w   C:\Documents and Settings\Alen\Application Data\U3
2008-03-10 12:11   ---------   d-----w   C:\Program Files\AMD
2008-03-10 12:10   ---------   d-----w   C:\Program Files\Analog Devices
2008-03-10 12:08   ---------   d-----w   C:\Program Files\NVIDIA Corporation
2008-03-10 11:52   ---------   d-----w   C:\Program Files\microsoft frontpage
1996-02-01 01:23   1,180,026   ----a-w   C:\Program Files\GRAMMAR.TBK
1996-01-31 07:27   1,381,140   ----a-w   C:\Program Files\SYSTEM.TBK
1995-11-19 18:11   1,991,048   ----a-w   C:\Program Files\SIGLA.FLC
1995-10-28 13:10   238,136   ----a-w   C:\Program Files\SIGLA.WAV
1995-09-27 09:31   1,501,194   ----a-w   C:\Program Files\PRONU5.WAV
1995-09-27 09:27   64,966   ----a-w   C:\Program Files\PRONU6.WAV
1995-09-27 09:23   230,682   ----a-w   C:\Program Files\PRONU3.WAV
1995-09-27 09:21   736,912   ----a-w   C:\Program Files\PRONU4.WAV
1995-06-27 09:47   998,718   ----a-w   C:\Program Files\PRONU.WAV
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2002-12-31 13:00 15360]
"ApexDC++"="C:\Program Files\ApexDC++_Gusari_XY6\ApexDC.exe" [2008-03-09 16:39 3109888]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 02:11 925696]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2005-09-07 15:35 716800]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-28 17:43 8466432]
"nwiz"="nwiz.exe" [2007-06-28 17:43 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-28 17:43 81920]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-01-15 23:54 37376]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-11-08 23:00 128920]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-03-15 14:21 180269]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2002-12-31 13:00 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
SnagIt 8.lnk - C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe [2005-12-22 08:00:00 5513216]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"C:\\Program Files\\ApexDC++_Gusari_XY6\\ApexDC.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Totalcmd\\TOTALCMD.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Autodesk\\3ds Max 9\\3dsmax.exe"=
"C:\\Program Files\\Autodesk\\Backburner\\monitor.exe"=
"C:\\Program Files\\Autodesk\\Backburner\\manager.exe"=
"C:\\Program Files\\Autodesk\\Backburner\\server.exe"=

S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service;"C:\Program Files\Windows Live\Messenger\usnsvc.exe" [2007-10-18 11:31]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4575a3f6-ef66-11dc-99f6-001bfcdfa3ac}]
\Shell\AutoRun\command - J:\v.cmd
\Shell\explore\Command - J:\v.cmd
\Shell\open\Command - J:\v.cmd

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a158226-ee9b-11dc-99f0-000a941310a5}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a158227-ee9b-11dc-99f0-000a941310a5}]
\Shell\AutoRun\command - G:\3o.exe
\Shell\explore\Command - G:\3o.exe
\Shell\open\Command - G:\3o.exe

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2008-03-17 15:37:00 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-17 17:23:15
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-03-17 17:23:36
ComboFix-quarantined-files.txt  2008-03-17 16:23:35
.
2008-03-14 02:38:40   --- E O F --- 
« Poslednja izmena: 17. Mar 2008, 17:26:34 od AlenNS »
IP sačuvana
social share
Edit by latifovich: Potpis uklonjen zbog duzine!
Pogledaj profil WWW
 
Prijava na forum:
Ime:
Lozinka:
Zelim biti prijavljen:
Trajanje:
Registruj nalog:
zaboravili ste šifru?
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:
Zatvori
MunkaZe
Poruka #18 17. Mar 2008, 17:47:53
Supermoderator
Legenda foruma


Always outnumbered, never outgunned.

Zodijak
Pol
Poruke 47481
Zastava
OS
Windows XP
Browser
Mozilla Firefox 2.0.0.12
I novi HJT log
IP sačuvana
social share
Glasajte u anketi i izaberite temu narednog BFMC takmicenja
Ta divna stvorenja
Pogledaj profil
 
Prijava na forum:
Ime:
Lozinka:
Zelim biti prijavljen:
Trajanje:
Registruj nalog:
zaboravili ste šifru?
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:
Zatvori
AlenNS
Poruka #19 17. Mar 2008, 18:02:47
Udaljen sa foruma
Jet set burekdzija


&quot;I always tell the truth. Even when I lie.&quot;

Zodijak Cancer
Pol Muškarac
Poruke 5530
Zastava Novi Sad - Bar
OS
Windows XP
Browser
Mozilla Firefox 2.0.0.12
mob
Samsung D900
Evo ga. U Safe modu mi je S&D našao 49 čuda. Smiley

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 18:00:17, on 17.3.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ApexDC++_Gusari_XY6\ApexDC.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
C:\Program Files\TechSmith\SnagIt 8\TSCHelp.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\DOCUME~1\Alen\LOCALS~1\Temp\HIJACK.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ApexDC++] "C:\Program Files\ApexDC++_Gusari_XY6\ApexDC.exe"
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 8429 bytes
IP sačuvana
social share
Edit by latifovich: Potpis uklonjen zbog duzine!
Pogledaj profil WWW
 
Prijava na forum:
Ime:
Lozinka:
Zelim biti prijavljen:
Trajanje:
Registruj nalog:
zaboravili ste šifru?
Ime:
Lozinka:
Ponovi Lozinku:
E-mail:
Zatvori
Idi gore
Stranice:
1
2
3  Sve
Počni novu temu Nova anketa Odgovor Štampaj Dodaj temu u favorite Pogledajte svoje poruke u temi
linktree Burek :: Forumi ::  >  Tehnicki deo foruma  >  Pc Klinika ~ Doktori za vas kompjuter
linktree Tema: MSN virus (Moderatori: enaB, chelavi1)
Trenutno vreme je: 18. Jun 2025, 05:02:26
 nazadnapred
Prebaci se na:  

Poslednji odgovor u temi napisan je pre više od 6 meseci.  

Temu ne bi trebalo "iskopavati" osim u slučaju da imate nešto važno da dodate. Ako ipak želite napisati komentar, kliknite na dugme "Odgovori" u meniju iznad ove poruke. Postoje teme kod kojih su odgovori dobrodošli bez obzira na to koliko je vremena od prošlog prošlo. Npr. teme o određenom piscu, knjizi, muzičaru, glumcu i sl. Nemojte da vas ovaj spisak ograničava, ali nemojte ni pisati na teme koje su završena priča.
web design

Forum Info: Banneri Foruma :: Burek Toolbar :: Burek Prodavnica :: Burek Quiz :: Najcesca pitanja :: Tim Foruma :: Prijava zloupotrebe

Izvori vesti: Blic :: Wikipedia :: Mondo :: Press :: Naša mreža :: Sportska Centrala :: Glas Javnosti :: Kurir :: Mikro :: B92 Sport :: RTS :: Danas

Prijatelji foruma: Triviador :: Nova godina Beograd :: nova godina restorani :: FTW.rs :: MojaPijaca :: Pojacalo :: 011info :: Burgos :: Sudski tumač Novi Beograd

Pravne Informacije: Pravilnik Foruma :: Politika privatnosti :: Uslovi koriscenja :: O nama :: Marketing :: Kontakt :: Sitemap

All content on this website is property of "Burek.com" and, as such, they may not be used on other websites without written permission.

Copyright © 2002- "Burek.com", all rights reserved. Performance: 0.118 sec za 14 q. Powered by: SMF. © 2005, Simple Machines LLC.