manji kapital -

Magazine
Go Back   Computer soka > Computer Software > Virus, Spyware i sigurnost
Reload this Page

Iexplore.exe tema

Registracija Mapa Spy Member List Donacije Pretraživanje Today's Posts Označi Sve Forume Kao Pročitane Forum Rules

Register


 Default 

Iexplore.exe tema




Reply
Stranica 1 od 2 1 2
 
Thread Tools
  #1  
Old 27 rujan 2008, 18:16
Novi član grupe
  
iexplore.exe uspomena iskakanje settle na temelju moj zadaća voditelj, unatoč činjenici da ne koristi IE. To je odluka moje računalo sporo, tu si POP UPS, ponekad nema pop-up, samo glas govoreći: "Čestitam, osvojili ste ____" (tako freaky), ili zvuči kao greška se pojavljuje prozor ili nešto pa kad sam radiš ništa i ništa se ne pojavljuje na ekranu (zapravo, to je što moj računalo zvuk uklet! Haha ionako)

Logfile of Trend Micro HijackThis v2.0.2
Skenirajte spremljena u 9:12:42, on 9/27/2008
Platforma: Windows XP SP2 (Winnt 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Pokretanje procesa:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Program Files \ Windows Defender \ MsMpEng.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe
C: \ Program Files \ Intel \ Wireless \ Bin \ S24EvMon.exe
C: \ Program Files \ Intel \ Wireless \ Bin \ WLKeeper.exe
C: \ WINDOWS \ system32 \ LEXBCES.EXE
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ system32 \ LEXPPS.EXE
C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe
C: \ Program Files \ Common Files \ AOL \ TopSpeed \ 2,0 \ aoltsmon.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ PrevxCSI \ prevxcsi.exe
C: \ WINDOWS \ system32 \ dlcxcoms.exe
C: \ Program Files \ PrevxCSI \ prevxcsi.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ Program Files \ Dell \ živa \ NICCONFIGSVC.exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe
C: \ WINDOWS \ system32 \ rpcnet.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Program Files \ glediąta \ Common \ ViewpointService.exe
C: \ Program Files \ Webroot \ Posao \ Spy Sweeper \ spysweeper.exe
C: \ Program Files \ Webroot \ Posao \ Spy Sweeper \ commagent.exe
C: \ WINDOWS \ explorer.exe
C: \ WINDOWS \ system32 \ wscntfy.exe
C: \ Program Files \ Dell \ živa \ quickset.exe
C: \ WINDOWS \ system32 \ RunDLL32.exe
C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 3.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ Program Files \ Windows Defender \ MSASCui.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ glediąta \ glediąta Manager \ ViewMgr.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ WINDOWS \ system32 \ SJv56bM4.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ ErrorSmart \ ErrorSmart.exe
C: \ Program Files \ Common Files \ AOL \ 1155864818 \ ee \ aolsoftware.exe
C: \ Program Files \ Adobe \ Acrobat 7,0 \ Reader \ AcroRd32.exe
C: \ Program Files \ America Online 9,0 \ shellmon.exe
C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.bridgew.edu/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://www.bridgew.edu/
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: rješenje Class - (99C6D1BB-7555-474C-91DA-D8FB62A9CC75) - C: \ WINDOWS \ system32 \ 58VayB0u.dll
O2 - BHO: glediąta Toolbar BHO - (A7327C09-B521-4EDB-8509-7D2660C9EC98) - C: \ Program Files \ glediąta \ glediąta Toolbar \ 3.8.0 \ ViewBarBHO.dll
O3 - Toolbar: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll
O3 - Toolbar: glediąta Toolbar - (F8AD5AA5-D966-4667-9DAF-2561D68B2012) - C: \ Program Files \ Common Files \ glediąta \ Toolbar Runtime \ 3.8.0 \ IEViewBar.dll
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [Dell živa] C: \ Program Files \ Dell \ živa \ quickset.exe
O4 - HKLM \ .. \ Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [HPDJ Taskbar Utility] C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 3.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [DLCXCATS] rundll32 C: \ WINDOWS \ System32 \ spool \ drivers \ W32X86 \ 3 \ DLCXtim e.dll, _RunDLLEntry @ 16
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [ErrorSmart] C: \ Program Files \ ErrorSmart \ ErrorSmart.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [AOL Brzi Start] "C: \ Program Files \ America Online 9,0 \ AOL.EXE"-b
O4 - HKUS \ S-1-5-18 \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 -. DEFAULT Startup Suradnik: Clean Access Agent.lnk = C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe (User 'Default user')
O4 - Startup: Clean Access Agent.lnk = C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe
O6 - HKCU \ Software \ Policies \ Microsoft \ Internet Explorer \ Control Panel prisutan
O8 - Extra kontekst meni stavka: AOL Toolbar & search - res: / / C: \ Program Files \ AOL Toolbar \ toolbar.dll / SEARCH.HTML
O8 - Extra kontekst meni stavka: E & zvezi u Microsoft Excel - res: / / C: \ programa ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
Ø8 - Extra context menu item: Pretplatite se na RSS čitač default - C: \ Documents and Settings \ Administrator \ Application Data \ RssBandit \ iecontext_subscribefeed.htm
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra button: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll
O9 - Extra 'Tools' MENUITEM: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ programa ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: Real.com - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: PokerStars.net - (FA9B9510-9FCB-4ca0-818C-5D0987B47C4D) - C: \ Program Files \ PokerStars.NET \ PokerStarsUpdate.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø15 - Trusted Zone: *. bridgew.edu
O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi Class) -- http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?link...67&clcid=0x409
O16 - DPF: (5e2a3510-4371-11d6-b64c-00c04faedb18) (Oracle JInitiator 1.1.8.18) -- http://frmserv.bridgew.edu/jinitiator/jinit.exe
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://update.microsoft.com/windowsu...?1121111428606
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://update.microsoft.com/microsof...?1121873156643
O16 - DPF: (BAE1D8DF-47E3-0B35-A1E7-EEB3FF2ECD19) (CPlayFirstddfotgControl Object) -- http://aolsvc.aol.com/onlinegames/fr...g.1.0.0.33.cab
O20 - Winlogon Obavijesti:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: AOL Povezivanje Service (ACS AOL) - AOL LLC - C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C: \ Program Files \ Common Files \ AOL \ TopSpeed \ 2,0 \ aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: ati brza tipka Poller - Unknown vlasnika - C: \ WINDOWS \ System32 \ Ati2evxx.exe
O23 - Service: CSIScanner - Prevx - C: \ Program Files \ PrevxCSI \ prevxcsi.exe
O23 - Service: dlcx_device - - C: \ WINDOWS \ system32 \ dlcxcoms.exe
O23 - Service: Intel (R) PROSet / Wireless Event Log (EvtEng) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: servis LexBce Server (LexBceS) - Lexmark International, Inc - C: \ WINDOWS \ system32 \ LEXBCES.EXE
O23 - Service: NICCONFIGSVC - Dell Inc - C: \ Program Files \ Dell \ živa \ NICCONFIGSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: Intel (R) PROSet / Wireless Registry Service (RegSrvc) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe
O23 - Service: Remote Procedure Call (RPC) Neto (Rpcnet) - Unknown owner - C: \ WINDOWS \ system32 \ rpcnet.exe
O23 - Service: Intel (R) PROSet / wirelessom (S24EventMonitor) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ S24EvMon.exe
O23 - Service: glediąta Manager Service - vidikovac Corporation - C: \ Program Files \ glediąta \ Common \ ViewpointService.exe
O23 - Service: Webroot CommAgent Service (WebrootCommAgentService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Posao \ Spy Sweeper \ commagent.exe
O23 - Service: Webroot Uhoda Zamah Engine (WebrootSpySweeperService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Posao \ Spy Sweeper \ spysweeper.exe
O23 - Service: Intel (R) PROSet / Wireless SSO Service (WLANKEEPER) - Intel (R) Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ WLKeeper.exe

--
End of file - 10.609 bajtova
  #2  
Old 27 rujan 2008, 19:15
Moderator / ica grupe
  
Dobrodošli na CJ.

Molimo print ove upute, jer će biti potrebno kasnije kada Internet pristup nije dostupan.

Preuzimanje SDFix by AndyManchesta i spremite ga na radnu površinu.

Kada koristite ovaj alat, morate koristiti Administrator račun ili račun s Administrativna prava
  • Dvaput kliknite na SDFix.exe i ona će ekstrakt datoteke u% systemdrive%
  • (ovo je pogon koji sadrži Windows Directory, obično C: \ SDFix).
  • Ne koristite ga samo još.
Ponovno pokrenuti računalo u Safe Mode koristeći F8 metoda. Da biste to učinili, pokrenite računalo, a nakon rasprave vaše računalo bip jednom tijekom pokretanja (ali prije nego se pojavi ikona Windows) pritisnite tipku F8 uzastopno. A pojavit će se izbornik s nekoliko opcija. Pomoću tipki sa strelicama za navigaciju i odaberite opciju za pokrenuti Windows u "Safe Mode".

Otvorite mapu SDFix i dvostruki klik RunThis.bat za pokretanje skripte.
  • Vrsta Y da biste započeli proces čišćenje.
  • To će ukloniti sve Trojanski službe ili stavke registra pronašao onda vas zatražiti da pritisnete bilo koju tipku da biste ponovno podizanje sustava.
  • Pritisnite bilo koju tipku i ona će se ponovno pokrenuti računalo.
  • Kada se računalo ponovo pokrene, Fixtool će se ponovno pokrenuti i dovršili postupak uklanjanja, zatim prikaz Završeno, Pritisnite bilo koju tipku da biste prekinuli učitavanje skripte i vaš desktop ikona.
  • Jednom desktopu ikone učitati SDFix izvještaj na ekranu će se otvoriti i spremiti u mapu SDFix kao Report.txt.
  • Kopirajte i zalijepite sadržaj rezultate datoteku Report.txt u sljedećem odgovoru uz novu HijackThis log.
__________________
  #3  
Old 27 rujan 2008, 20:24
Novi član grupe
  
SDFix: Version 1,229
Trčanje Administrator on Sat 09/27/2008 u 10:50

Microsoft Windows XP [Version 5/1/2600]
Running From: C: \ SDFix

Provjera Usluge :


Vraćanjem Default Security Vrijednosti
Vraćanjem Default Hosts File

Postupak ponovne inicijalizacije operacijskog sust


Provjera Files :

Ne Trojan Found Files






Uklanjanje Temp Files

Provjerite REKLAME :



Završna Provjeri :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit / potaja detector by Gmer zlonamjernih programa, http://www.gmer.net
Rootkit scan 2008-09-27 23:14:36
5/1/2600 Windows Service Pack 2 NTFS

skeniranja skrivenih procesa ...

skeniranja skrivenih i usluge Grozd sustava ...

skeniranja skrivenih stavki registra ...

skeniranja skrivenih datoteka ...

scan uspješno završena
skriveni procesi: 0
skriven usluge: 0
skrivenih datoteka: 0


Preostali Usluge :




Ovlašteni Aplikacija Ključ Izvoz:

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servic ES \ sharedaccess \ Parameters \ firewallpolicy \ standardnih profila \ authorizedapplications \ list]
"% windir% \ \ system32 \ \ sessmgr.exe" = "% windir% \ \ syste m32 \ \ sessmgr.exe: *: enabled: @ xpsp2res.dll, -22019"
"C: \ Program Files \ \ RssBandit \ \ RSSBandit.exe" = "C: \ Program Files \ \ RssBandit \ \ RSSBandit.exe: *: Omogućen: RSS Bandit"
"E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe" = "E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe: *: Omogućen: ctmweb.exe"
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe: *: Omogućeno : AOL Application Loader "
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe: *: Omogućeno : AOL "
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe: *: Omogućeno : AOL "
"C: \ \ Program Files \ \ America Online 9,0 \ \ waol.exe" = "C: \ \ Program Files \ \ America Online 9,0 \ \ waol.exe: *: Omogućen: AOL"
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2,0 \ \ aoltsmon.exe" = "C: \ \ Prog ram Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2,0 \ \ aoltsmon.exe: *: Omogućen: AOLTsMon "
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2,0 \ \ aoltpspd.exe" = "C: \ \ Prog ram Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2,0 \ \ aoltpspd.exe: *: Omogućen: AOLTopSpeed "
"C: \ Program Files \ Common Files \ AOL \ \ 1155864818 \ \ EE \ \ AOLServiceHost.exe" = "C: \ Program Files \ Common Files \ AOL \ \ 1155864818 \ \ EE \ \ AOLServiceHost . exe: *: E nabled: AOL "
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ System Information \ \ sinf.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ System Information \ \ sinf.exe: * : Omogućen: AOL "
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Zaštita Spyware \ \ AOLSP Scheduler.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Zaštita Spyware \ \ AOLSP Planer . exe: *: Omogućen: AOL "
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Zaštita Spyware \ \ asp.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Zaštita Spyware \ \ asp.exe : *: Omogućen: AOL "
"C: \ \ Program Files \ \ Common Files \ \ AolCoach \ \ en_en \ \ player \ \ AOLNySEV.exe" = "C: \ \ Program Files \ \ Common Files \ \ AolCoach \ \ en_en \ \ player \ \ AOLNySEV . exe: *: Ena Bled: AOL "
"C: \ Program Files \ FTP Commander Pro \ \ cftp.exe" = "C: \ Program Files \ FTP Commander Pro \ \ cftp.exe: *: Omogućen: cftp"
"C: \ Program Files \ \ FTP Commander \ \ ftpcomm.exe" = "C: \ Program Files \ \ FTP Commander \ \ ftpcomm.exe: *: Omogućen: ftpcomm"
"C: \ \ Program Files \ \ Real \ \ RealPlayer \ \ realplay.exe" = "C: \ \ programa m Files \ \ Real \ \ RealPlayer \ \ realplay.exe: *: Omogućen: Re alPlayer"
"C: \ \ StubInstaller.exe" = "C: \ \ StubInstaller.exe: *: E nabled: LimeWire swarmed Installer"
"C: \ \ Program Files \ \ LimeWire \ \ LimeWire.exe" = "C: \ \ Program Files \ \ LimeWire \ \ LimeWire.exe: *: Omogućen: LimeWire»
"C: \ Program Files \ SmartFTP Client 2,0 \ \ SmartFTP.exe" = "C: \ Program Files \ SmartFTP Client 2,0 \ \ SmartFTP.exe: *: Omogućen: SmartFTP Client 2.0"
"C: \ Program Files \ BitTornado \ \ btdownloadgui.exe" = "C: \ Program Files \ BitTornado \ \ btdownloadgui.exe: *: Omogućen: BTD ownloadgui"
"C: \ Program Files \ Common Files \ AOL \ \ 1155864818 \ \ EE \ \ aolsoftware.exe" = "C: \ Program Files \ Common Files \ AOL \ \ 1155864818 \ \ EE \ \ aolsoftware . exe: *: Enab vodio: AOL Usluge "
"C: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" = "C: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe: *: Omogućen: Firefox"
"C: \ Program Files \ \ Get-Torrent \ \ Get-Torrent.exe" = "C: \ Program Files \ \ Get-Torrent \ \ Get-Torrent.exe: *: Omogućen: Torrent P2P aplikacija"
"C: \ Program Files \ \ Restaurant Empire \ \ re.exe" = "C: \ Program Files \ \ Restaurant Empire \ \ re.exe: *: Omogućen: re"
"C: \ Program Files \ \ BitZip \ \ bitzip.exe" = "C: \ Program Files \ \ BitZip \ \ bitzip.exe: *: Omogućen: BitZip"
"C: \ \ Program Files \ \ uTorrent \ \ uTorrent.exe" = "C: \ \ Program Files \ \ uTorrent \ \ uTorrent.exe: *: Omogućen: æTorrent"
"C: \ \ Program Files \ \ iTunes \ \ iTunes.exe" = "C: \ \ Program Files \ \ iTunes \ \ iTunes.exe: *: Omogućen: iTunes"
"% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" = "% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe: *: Omogućen: @ xpsp3res.dll, -20000"
"C: \ WINDOWS \ \ system32 \ \ dlcxcoms.exe" = "C: \ WINDOWS \ \ system32 \ \ dlcxcoms.exe: *: Omogućen: Dell 926 server"

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servic ES \ sharedaccess \ Parameters \ firewallpolicy \ domainpr ofile \ authorizedapplications \ list]
"% windir% \ \ system32 \ \ sessmgr.exe" = "% windir% \ \ syste m32 \ \ sessmgr.exe: *: enabled: @ xpsp2res.dll, -22019"
"E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe" = "E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe: *: Omogućen: ctmweb Computrace Instalacija / upravljanje Aplikacija"
"% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" = "% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe: *: Omogućen: @ xpsp3res.dll, -20000"

Preostali Files :



Skrivene datoteke s Svojstva :

Uto 12. srpnja 2005 54.872 A.. H. --- "C: \ Program Files \ America Online 9.0 \ AOLphx.exe"
Uto 12. srpnja 2005 31.832 A.. H. --- "C: \ Program Files \ America Online 9.0 \ rbm.exe"
Sri 13. listopada 2004 1.694.208 A.. H. --- "C: \ Program Files \ Messenger \ msmsgs.exe"
Wed 17 rujan 2008 162 A.. H. --- "C: \ Documents and Settings \ Administrator \ My Documents \ ~ $ RL3917.tmp"
Fri 23 studeni 2007 4.840.960 H. ... --- "C: \ Documents and Settings \ Administrator \ My Documents \ ~ WRL3917.tmp"
Sun 1. travnja 2007 247 A.. H. --- "C: \ Program Files \ InterActual \ InterActual Player \ itiC9F.tmp"
Ned 1 srpnja 2007 0 A.SH. --- "C: \ Documents and Settings \ All Users \ DRM \ Cache \ Indiv01.tmp"
Mon 14 siječanj 2008 3459 ... HR --- "C: \ Documents and Settings \ Administrator \ Application Data \ SecuROM \ UserData \ securom_v7_01.bak"
Sub 27. rujna 2008 4.750 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS00643642-9444-46D7-A0F8-98BCEC733FED.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS02319C6A-A321-4C8D-9995-820B7395AC0C.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS025EABA1-CC11-4560-8E12-630DDF3DA7B2.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS045F4367-E293-4856-99B6-A55965765747.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS068F3C9C-D92F-41E5-AF3C-3917DFD07FFB.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0ABE791D-AAB6-45AE-94C0-81FF065FB64C.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0B798094-B44A-427A-B9DC-654E158521EB.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0C1801B8-619C-45EF-A0A9-6FDF58378626.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0DC230DD-648D-4C7A-A46F-125E3BBCACF0.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0FD1D4A0-7A3B-4426-BF06-CBE8A10161D9.tmp"
Sub 27. rujna 2008 12.540 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS12E3E01D-D993-4077-84CD-270FC7998D10.tmp"
Sub 27. rujna 2008 5.616 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS1558A464-A8A5-4699-8AD4-1FD636BA73F0.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS16C4CA8E-B45E-4C74-A16A-C6547AC6862A.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS171F971D-9918-4BF8-934E-9F971CE3A62E.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS18482343-5AA4-4A75-B35E-1DE367BE8DF8.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS1F408231-9AD4-4F3A-8F71-E4D1A885E2D9.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS22C553D7-9E17-42E7-9BAC-FD08E49F2DA7.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS29899F67-1A0A-49C1-BF8C-969C56BFE72D.tmp"
Sub 27. rujna 2008 40.408 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS2CE2DD8D-1B89-4236-8CEB-8AE2092F011D.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS2DE8E664-10D0-4BC0-B385-C28929E5600F.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS35CD56A6-869F-4E8D-9744-F5243F94B4B1.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3A52BAF2-C6D8-48C5-A517-8F08AFB8035A.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3EC9B69D-3F89-4FC5-B941-1463F3BD2234.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3EADD09D-E99C-4EDA-87E8-14DD31C5A1CA.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3EDF6917-B0B7-4164-BAA8-7013E06D5FCA.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3FF4AFC6-0025-4047-AEFB-7C34313D972F.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4031D191-1F75-49F0-8272-A12ACD39C269.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS416C7484-2AC6-4BFE-8364-B3DC9640EB90.tmp"
Sub 27. rujna 2008 27.677 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS42B72C22-0C5B-4053-87A4-D8EB671C2029.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4C83367A-C322-4725-A861-182E13107846.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4DB48154-31C5-424F-B7EB-6337D7279415.tmp"
Sub 27. rujna 2008 3.393 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4EAE423C-33F9-4D19-AD00-4127948E7F39.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4FE7BDE5-631A-4BEE-BA59-2A86CECDA9DA.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS50B44EC6-2F2E-4D16-AC0C-376383467A7C.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS56CA220B-41A4-4EBA-B217-FF3A496AA590.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS5AF7C2DD-39F4-4B22-8F5A-11FC428681E1.tmp"
Sub 27. rujna 2008 101.080 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS5DCC2C2E-7275-4CC4-9192-B113F353FB5F.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS5D528DF5-B79E-4EE1-9D6C-1EC565BBBC62.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6011FD6D-D50D-43A0-AE81-A050DD789327.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS62CC7F66-91D7-40E6-9C86-9E1A90363BBD.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6548601C-9BB6-472C-AA53-447B881C2428.tmp"
Sub 27. rujna 2008 6.247.755 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6946DC39-11B6-4B93-A005-7F3C9D123F87.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS69A2BD78-4F53-4EBE-A0E3-D640854156D9.tmp"
Sub 27. rujna 2008 198.358 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6927849A-B300-4980-AAEB-7DBA1C6E4164.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6945CE07-04BF-439F-987F-028637985DF0.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6FE21A12-C11B-4E43-99E2-FA8F960870E1.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS700D83FE-2571-4AE3-89BC-6DD584F68699.tmp"
Sub 27. rujna 2008 3.195.852 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS713A2772-B7C7-4A87-BAEB-E92C67ED4580.tmp"
Sub 27. rujna 2008 143.110 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS71EC4FAD-E45A-4E20-AE13-D864D8CA24A1.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS716E87B1-65B4-4487-B09B-19A89B9F5C97.tmp"
Sub 27. rujna 2008 1.909.332 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7366E027-AE32-4BC8-9360-699C2C95BEB0.tmp"
Sub 27. rujna 2008 270.314 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS75371617-A509-4E33-9F16-118AA8AC2918.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS767A458F-F431-46EB-A2DA-88FB1A7E3E7D.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7A70C6B2-5850-4473-9585-E0C43F090F27.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7B30F8F2-8A4F-42B9-B9F8-625709173611.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7C1354E8-D74C-4AC8-BE8F-7167A5076F4A.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7CBB22C6-4E66-4720-995F-1C2ADC632A9B.tmp"
Sat 27 rujan 2008 642 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7E1AA5E0-2F18-4CF4-B64E-8EB8F378DF31.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7FEECAB9-C6A6-4302-9AA6-F69FA542ED3D.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS840E4E3A-C733-4DC5-A8F3-B248CC83075B.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8716D8FB-A364-4288-8B00-55605E1EF6C0.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS89FE094B-45FA-4923-87F1-139238C4F97B.tmp"
Sat 27 rujan 2008 610 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8A4D2B50-2BB9-4DC6-9E5E-3CB11929C3D2.tmp"
Sub 27. rujna 2008 4.532 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8E7D97AA-E673-4952-AA06-A468A9C52A7C.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8FB3E905-99BA-4D9E-9C2A-B17FB19F5132.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS92FF4DE9-51A7-4FEA-9F94-4984E35FDB14.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS94946861-C52C-4360-B5D7-0BAA075D88BB.tmp"
Sat 27 rujan 2008 674 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9766DA24-0126-49B8-821D-0BBD42716F70.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9CF76AA8-C8DD-426D-8974-7952EA0782D3.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9DE19017-8F84-45F0-8707-3157A64B6CEA.tmp"
Sub 27. rujna 2008 1.190.410 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9F48133A-1109-42EB-93AA-A3CB3CACBCBF.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSABDB0578-02AF-4BA8-A501-9A8992ED7BDB.tmp"
Sub 27. rujna 2008 2.736 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSAD28D6FF-3940-4F08-A657-2E61F69B5449.tmp"
Sub 27. rujna 2008 75.790 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB18333D4-60E0-B085-438D-7DB36F72F77D.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB74C069F-C392-4F81-8670-212FC280E95D.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB76C1894-7B69-4834-97D3-B402FE20935A.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB73D6FFC-0E8C-41B9-84D3-8810EC6D9228.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB9036DEB-8242-4521-A54E-139AF6A9A190.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBAE9F5F5-FA44-4E05-9A1D-A462CE8AF520.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBBCD6D72-A069-40FF-9AF2-916180E0A88E.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBBCBA3E5-E607-436E-B3EE-A1DEAC925872.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBEC0CEEC-C42B-4B06-A604-EAAD26CE6255.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSC5D01365-2009-400C-A9A3-5F990CF4A80D.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSC9E0B767-5A0A-47B9-A439-227E2B94F887.tmp"
Sub 27. rujna 2008 134.148 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD2617AFF-BC61-4BFE-B8E6-6CC988A0F275.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD21BE94F-9EE4-475B-B0A2-24C81FFF173F.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD4AA62E4-9D9E-4B7B-9CD0-686A2C05AEF7.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD729F3FB-EE09-459B-A678-BD9132629FDF.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD8157780-DB4C-464E-B192-D31296C412A8.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD97D795A-5F39-4FDD-A7EF-691DEBB65005.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDA1F438F-BCAF-4452-A79A-167408950654.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDA218F7C-D867-4690-96E2-789F80A7D3E0.tmp"
Sub 27. rujna 2008 20.968 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDBBDCE8F-1CB9-456D-9A48-B332BFDD4DA3.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDC4DE87E-7FB7-4AAF-9341-074C383E5277.tmp"
Sub 27. rujna 2008 2.168.120 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDC4805C4-09F4-44DF-953F-40714AC7B32D.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDC54187B-23EE-4C63-A3C1-F95DD71DC749.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE542CE01-559A-4B52-B46E-3ABA034CB806.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE76031B3-69B7-40CD-98AA-1FBADCFD80F9.tmp"
Sat 27 rujan 2008 538 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE89A2A1E-7243-491E-8713-779584114914.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE9F327DF-42E2-50B6-B361-B1279BCFE655.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSEAF8FCDA-0414-40ED-8AC7-F6E8BA990710.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSEC43267D-076B-42D7-838C-4A46B1619D44.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSED7CFB5E-591C-4B3A-BB59-99AC6B355CE9.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF03658AA-EBC4-437C-8F4E-338B053BBCC5.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF1EE7C84-96F2-4922-8549-E4F727B9B3A5.tmp"
Sub 27. rujna 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF5708FAD-F162-475A-BBD8-590D8EED1563.tmp"
Sub 27. rujna 2008 1.609.542 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF60C8606-1E32-4C46-9DD9-9591141A47D3.tmp"
Sub 27. rujna 2008 29.084 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF7DCFFB4-3037-49B4-8FAF-FB62C2892816.tmp"
Sub 27. rujna 2008 16.965 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSFABFD6CE-CC5D-4B27-9BE0-5CE94D2BE9C9.tmp"

Završeno!






Logfile of Trend Micro HijackThis v2.0.2
Skenirajte spremljena u 11:22:30, dana 9/27/2008
Platforma: Windows XP SP2 (Winnt 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Pokretanje procesa:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Program Files \ Windows Defender \ MsMpEng.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe
C: \ Program Files \ Intel \ Wireless \ Bin \ S24EvMon.exe
C: \ Program Files \ Intel \ Wireless \ Bin \ WLKeeper.exe
C: \ WINDOWS \ system32 \ LEXBCES.EXE
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ system32 \ LEXPPS.EXE
C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe
C: \ Program Files \ Common Files \ AOL \ TopSpeed \ 2,0 \ aoltsmon.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ PrevxCSI \ prevxcsi.exe
C: \ Program Files \ PrevxCSI \ prevxcsi.exe
C: \ WINDOWS \ system32 \ dlcxcoms.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ Program Files \ Dell \ živa \ NICCONFIGSVC.exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe
C: \ WINDOWS \ system32 \ rpcnet.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Program Files \ glediąta \ Common \ ViewpointService.exe
C: \ Program Files \ Webroot \ Posao \ Spy Sweeper \ spysweeper.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ Webroot \ Posao \ Spy Sweeper \ commagent.exe
C: \ WINDOWS \ system32 \ wscntfy.exe
C: \ Program Files \ glediąta \ glediąta Manager \ ViewMgr.exe
C: \ WINDOWS \ system32 \ notepad.exe
C: \ Program Files \ Dell \ živa \ quickset.exe
C: \ WINDOWS \ system32 \ RunDLL32.exe
C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 3.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ Program Files \ Windows Defender \ MSASCui.exe
C: \ Program Files \ ErrorSmart \ ErrorSmart.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ America Online 9,0 \ waol.exe
C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ America Online 9,0 \ shellmon.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.bridgew.edu/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://www.bridgew.edu/
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: glediąta Toolbar BHO - (A7327C09-B521-4EDB-8509-7D2660C9EC98) - C: \ Program Files \ glediąta \ glediąta Toolbar \ 3.8.0 \ ViewBarBHO.dll
O3 - Toolbar: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll
O3 - Toolbar: glediąta Toolbar - (F8AD5AA5-D966-4667-9DAF-2561D68B2012) - C: \ Program Files \ Common Files \ glediąta \ Toolbar Runtime \ 3.8.0 \ IEViewBar.dll
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [Dell živa] C: \ Program Files \ Dell \ živa \ quickset.exe
O4 - HKLM \ .. \ Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [HPDJ Taskbar Utility] C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 3.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [DLCXCATS] rundll32 C: \ WINDOWS \ System32 \ spool \ drivers \ W32X86 \ 3 \ DLCXtim e.dll, _RunDLLEntry @ 16
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [ErrorSmart] C: \ Program Files \ ErrorSmart \ ErrorSmart.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [AOL Brzi Start] "C: \ Program Files \ America Online 9,0 \ AOL.EXE"-b
O4 - HKUS \ S-1-5-18 \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 -. DEFAULT Startup Suradnik: Clean Access Agent.lnk = C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe (User 'Default user')
O4 - Startup: Clean Access Agent.lnk = C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe
O6 - HKCU \ Software \ Policies \ Microsoft \ Internet Explorer \ Control Panel prisutan
O8 - Extra kontekst meni stavka: AOL Toolbar & search - res: / / C: \ Program Files \ AOL Toolbar \ toolbar.dll / SEARCH.HTML
O8 - Extra kontekst meni stavka: E & zvezi u Microsoft Excel - res: / / C: \ programa ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
Ø8 - Extra context menu item: Pretplatite se na RSS čitač default - C: \ Documents and Settings \ Administrator \ Application Data \ RssBandit \ iecontext_subscribefeed.htm
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra button: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll
O9 - Extra 'Tools' MENUITEM: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ programa ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: Real.com - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: PokerStars.net - (FA9B9510-9FCB-4ca0-818C-5D0987B47C4D) - C: \ Program Files \ PokerStars.NET \ PokerStarsUpdate.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø15 - Trusted Zone: *. bridgew.edu
O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi Class) -- http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?link...67&clcid=0x409
O16 - DPF: (5e2a3510-4371-11d6-b64c-00c04faedb18) (Oracle JInitiator 1.1.8.18) -- http://frmserv.bridgew.edu/jinitiator/jinit.exe
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://update.microsoft.com/windowsu...?1121111428606
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://update.microsoft.com/microsof...?1121873156643
O16 - DPF: (BAE1D8DF-47E3-0B35-A1E7-EEB3FF2ECD19) (CPlayFirstddfotgControl Object) -- http://aolsvc.aol.com/onlinegames/fr...g.1.0.0.33.cab
O20 - Winlogon Obavijesti:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: AOL Povezivanje Service (ACS AOL) - AOL LLC - C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C: \ Program Files \ Common Files \ AOL \ TopSpeed \ 2,0 \ aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: ati brza tipka Poller - Unknown vlasnika - C: \ WINDOWS \ System32 \ Ati2evxx.exe
O23 - Service: CSIScanner - Prevx - C: \ Program Files \ PrevxCSI \ prevxcsi.exe
O23 - Service: dlcx_device - - C: \ WINDOWS \ system32 \ dlcxcoms.exe
O23 - Service: Intel (R) PROSet / Wireless Event Log (EvtEng) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: servis LexBce Server (LexBceS) - Lexmark International, Inc - C: \ WINDOWS \ system32 \ LEXBCES.EXE
O23 - Service: NICCONFIGSVC - Dell Inc - C: \ Program Files \ Dell \ živa \ NICCONFIGSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: Intel (R) PROSet / Wireless Registry Service (RegSrvc) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe
O23 - Service: Remote Procedure Call (RPC) Neto (Rpcnet) - Unknown owner - C: \ WINDOWS \ system32 \ rpcnet.exe
O23 - Service: Intel (R) PROSet / wirelessom (S24EventMonitor) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ S24EvMon.exe
O23 - Service: glediąta Manager Service - vidikovac Corporation - C: \ Program Files \ glediąta \ Common \ ViewpointService.exe
O23 - Service: Webroot CommAgent Service (WebrootCommAgentService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Posao \ Spy Sweeper \ commagent.exe
O23 - Service: Webroot Uhoda Zamah Engine (WebrootSpySweeperService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Posao \ Spy Sweeper \ spysweeper.exe
O23 - Service: Intel (R) PROSet / Wireless SSO Service (WLANKEEPER) - Intel (R) Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ WLKeeper.exe

--
End of file - 10.298 bajtova
  #4  
Old 27 rujan 2008, 20:37
Moderator / ica grupe
  
Onemogući SpySweeper

Možete ponovno omogućiti da nakon što budete čisti.

Da biste onemogućili SpySweeper:

Otvoriti Spysweeper klik> Opcije na to onda lijevo> Program Options > Isključi "opterećenje pri pokretanju Windowsa"

Preko na lijevoj strani kliknite na "štit" i Isključi sve tamo.

Isključi "home page štit"

 Isključi "automatski vratiti propust bez obavijesti"

Nakon svega za ispravci su potpuni vrlo je važno da omogućite Real-time Protection ponovno.

----------

Disable Windows Defender

Mi moramo onemogućiti Vaš Windows Defender Zaštita u stvarnom vremenu kao što svibanj interferirati s ispravci da je potrebno napraviti.
  • Otvoriti Windows Defender
  • Kliknite na Alati, Opće postavke
  • Pomaknite se dolje i isključite Uključivanje zaštite u stvarnom vremenu (preporučeno)
  • Nakon što isključite ovaj, klik na Spremiti dugme i zatvorite Windows Defender.
Nakon svega za ispravci su potpuni vrlo je važno da omogućite Real-time Protection ponovno.

----------

Trebamo ukloniti ErrorSmart. Ovo se smatra ruž plan jer je nesiguran i često puta instalirati bez pristanka korisnika.

Idi na Dodaj ili ukloni programe i deinstalirati ErrorSmart (ako je ima)

----------

Otvori HijackThis i odaberite Da li je sustav skenirati samo.

Stavite oznaku uz sljedeće stavke: (ako postoji)
  • O4 - HKLM \ .. \ Run: [ErrorSmart] C: \ Program Files \ ErrorSmart \ ErrorSmart.exe
Važno: Zatvori sve prozore osim HijackThis, a zatim kliknite Fix checked.

Izlaz HijackThis.

----------

Napomena: se upute u nastavku su izrađene specijalno za ovog korisnika. Ukoliko niste u ovom, NE slijedite ove smjerove, jer bi mogao oštetiti djelovanju vašeg sustava

Idi na Start> Run i tip notepad.exe zatim pritisnite U redu

Kopirajte i zalijepite niže u Notepad i spremite kao fixme.reg da svoju Desktop

Code:
REGEDIT4 [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run] "ErrorSmart" =-
Pronađite fixme.reg na desktopu i dvokliknite ga. Odgovor Da kada upitani za spajanje sa Registry.

Provjerite da li mi reći ako primite poruku o dodavanju uspjeh iznad
u registar. Ako ne dobijete poruku uspjeh, to je ne posao.

Brisanje fixme.reg iz Desktop.

----------

Preuzimanje CCleaner Slim i spremite je na svoj Desktop.
Kada je datoteka spremljena, odite na svoj Desktop i dvostrukim klikom na ccsetupxxx_slim.exe
Slijedite upute za instaliranje programa.
Kompletna instalacija onda:
  • Dvaput kliknite na CCleaner prečac na radnoj površini da biste pokrenuli program.
  • Kliknite na Opcije blok na lijevom, a zatim odaberite Cookies.
    • Pod Brisanje kolačića, Označite bilo koji cookies želite zadržati trajno
    • Kliknite strelicu desno > da ih premjestite na Cookieji zadržati prozor.
  • Idite u Opcije > Advanced Unprovjera Samo izbrišite datoteke i mape u sustavu Windows Temp stariji od 48 sata
  • Kliknite Čistija zatim na lijevoj strani Trčanje za čistiju na desnoj strani za pokretanje programa.
  • Važno: Uvjerite se da ALL prozore preglednika prije nego što su zatvorene odabirom Trčanje za čistiju
  • Oprez: To se ne preporučuje da koristite "Registry" značajka osim ako ste upoznati s vrlo registar.
  • Izlaz CCleaner nakon što je završila proces.
Ponovo pokrenite računalo i trčanje MBAM onda post zapisnik.

----------

Preuzimanje Malwarebytes' Anti-zaštita od zlonamjernih programa (MBAM)
  • Dvokliknite mbam-setup.exe i slijedite upute za instaliranje programa.
  • Na kraju, svakako jedan je postavljena kvačica pored sljedeće:
    • Update Malwarebytes' Anti-zaštita od zlonamjernih programa
    • Launch Malwarebytes' Anti-zaštita od zlonamjernih programa
  • Zatim kliknite na Završi.
  • Ako se ažuriranje je pronađen, on će preuzeti i instalirati najnoviju verziju.
  • Nakon što program učita, odaberite Obavi brzo pretraživanje, A zatim kliknite Scan.
  • Kada se skeniranje završi, kliknite na U redu, Zatim Prikaži rezultate za prikaz rezultata.
  • Budite sigurni da je sve provjeriti, a zatim kliknite Ukloni odabrano.
  • Kad je završio dezinfekcija, a zapisnik će se otvoriti u Notepad i vi svibanj biti zatraženo da Restart. (Vidi Extra bilješka)
  • U zapisnik se automatski sprema po MBAM i mogu biti pregledani klikom na tab Evidencije u MBAM.
  • Kopirajte i zalijepite cijeli izvještaj u vašem sljedeći odgovor.
Extra Napomena: Ako MBAM susrete datoteku koja je teško ukloniti, bit će predstavljen sa 1 of 2 upitom, kliknite U redu da biste bilo i nek MBAM nastaviti s procesom dezinfekcije, ako je zatraženo da ponovo pokrenete računalo, učinite to odmah.
__________________
  #5  
Old 27 rujan 2008, 21:50
Novi član grupe
  
JA je dobiti poruku uspjeh iz registra.





Malwarebytes' Anti-zaštita od zlonamjernih programa 1,28
Database version: 1216
5/1/2600 Windows Service Pack 2

9/28/2008 12:45:51
mbam-log-2008-09-28 (00-45-51). txt

Scan type: Quick Scan
Objekti skenirane: 59.369
Vrijeme proteklo: 10 minute (s), 46 Drugi (a / e)

Memory Processes zaraženih: 0
Memorijske module zaraženih: 0
Ključevi registra zaraženih: 0
Registry Values zaraženih: 0
Registry Data Items zaraženih: 0
Mape zaraženih: 0
Zaraženih datoteka: 1

Memory Processes zaraženih:
(Nema stavki otkrivenih zlonamjernih)

Memorijske module zaraženih:
(Nema stavki otkrivenih zlonamjernih)

Ključevi registra zaraženih:
(Nema stavki otkrivenih zlonamjernih)

Registry Values zaraženih:
(Nema stavki otkrivenih zlonamjernih)

Registry Data Items zaraženih:
(Nema stavki otkrivenih zlonamjernih)

Mape zaraženih:
(Nema stavki otkrivenih zlonamjernih)

Zaražene datoteke:
C: \ WINDOWS \ system32 \ SJv56bM4.exe.a_a (Trojan.Agent) -> u karanteni i uspješno izbrisan.
  #6  
Old 27 rujan 2008, 21:55
Moderator / ica grupe
  
Svaka promjena?
__________________
  #7  
Old 27 rujan 2008, 22:49
Novi član grupe
  
Nope, još uvijek postoji
  #8  
Old 27 rujan 2008, 22:56
Moderator / ica grupe
  
Ne brinite ćemo ga pronaći.

Download ComboFix by sUBs jedan od linkova ispod. Budite sigurni da ste na vrhu u Desktop.

Link # 1
Link # 2

** Napomena: Važno je da se sprema izravno na svoj Desktop

Zatvori otvoriti bilo koju web preglednicima. (Firefox, Internet Explorer, etc) prije početka ComboFix.

Privremeno onemogućiti tvoj AntiVirus, A svaka protušpijunskih Zaštita u stvarnom vremenu prije obavlja scan. Kliknite ovaj link da biste vidjeli popis sigurnosne programe, koji bi trebao biti onemogućen i kako onemogućiti ih.

Dvaput kliknite combofix.exe i slijedite upute.
Kada završite ComboFix će proizvesti prijava za vas.
Objaviti ComboFix log u sljedećem odgovoru.

Važno: Ne mouseclick ComboFix's prozor dok je pokrenut. Svibanj uzrokovati da ga zatajiti.

Ne zaboravite ponovo uključili vaš protuvirusni i protušpijunski ComboFix zaštita kada je završeno.
__________________
  #9  
Old 28 rujan 2008, 08:56
Novi član grupe
  
ComboFix 08-09-27.05 - Administrator 2008-09-28 11:44:34.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.615 [GMT -4:00]
Running from: C: \ Documents and Settings \ Administrator \ Desktop \ ComboFix.exe
* Created novu točku vraćanja

UPOZORENJE-ovaj stroj nema Recovery Console Installed!
.

Ostali ((((((((((((((((((((((((((((((((((((((( brisanja ))))))))) ))))))))))))))))))))))))))))))))))))))))
.

C: \ Documents and Settings \ NetworkService \ Cookies \ SYSTEM @ trafficmp [1]. Txt
C: \ Windows \ System32 \ Drivers \ fad.sys

.
((((((((((((((((((((((((( Files Created from 2008/08/28 da 2008/09/28 ))))))))))) ))))))))))))))))))))
.

2008-09-28 01:46. 2008-09-28 01:46 0 - a ------ C: \ WINDOWS \ system32 \ SJv56bM4.exe.a_a
2008-09-27 22:45. 2008-09-27 22:45 <DIR> d -------- C: \ WINDOWS \ ERUNT
2008-09-27 22:20. 2008-09-27 23:19 <DIR> d -------- C: \ SDFix
2008-09-27 21:03. 2008-09-27 21:03 <DIR> d -------- C: \ Program Files \ Trend Micro
2008-09-27 20:48. 2008-09-27 20:48 <DIR> d -------- C: \ Documents and Settings \ NetworkService \ Application Data \ AdobeUM
2008-09-27 20:36. 2008-09-27 20:40 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ ErrorSmart
2008-09-27 19:38. 2008-09-27 19:38 <DIR> d -------- C: \ Program Files \ Malwarebytes' Anti-zaštita od zlonamjernih programa
2008-09-27 19:38. 2008-09-27 19:38 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2008-09-27 19:38. 2008-09-27 19:38 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Malwarebytes
2008-09-27 19:38. 2008-09-10 00:04 38.528 - a ------ C: \ Windows \ System32 \ Drivers \ mbamswissarmy.sys
2008-09-27 19:38. 2008-09-10 00:03 17.200 - a ------ C: \ Windows \ System32 \ Drivers \ mbam.sys
2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Program Files \ SUPERAntiSpyware
2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Program Files \ Common Files \ Wise Installation Wizard
2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ SUPERAntiSpyware.com
2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ SUPERAntiSpyware.com
2008-09-27 15:13. 2008-09-27 15:13 <DIR> d -------- C: \ Program Files \ CCleaner
2008-09-27 12:35. 2008-09-27 12:35 <DIR> d -------- C: \ Program Files \ PrevxCSI
2008-09-27 12:35. 2008-09-28 11:36 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ PrevxCSI
2008-09-27 12:35. 2008-09-27 12:35 17.408 - a ------ C: \ Windows \ System32 \ Drivers \ pxark.sys
2008-09-27 00:48. 2008-09-27 00:47 102.664 - a ------ C: \ Windows \ System32 \ Drivers \ tmcomm.sys
2008-09-27 00:47. 2008-09-27 00:48 <DIR> d -------- C: \ Documents and Settings \ Administrator \. Housecall6.6
2008-09-26 23:23. 2008-09-26 23:22 30.272 - a ------ C: \ WINDOWS \ system32 \0vx55IOc.exe
2008-09-23 19:04. 2008-09-23 22:56 <DIR> d -------- C: \ WINDOWS \ system32 \ CatRoot_bak
2008-09-21 00:19. 2008-09-21 00:19 <DIR> d -------- C: \ Program Files \ Windows Defender
2008-09-12 13:32. 2004-03-29 16:23 90.112 - a ------ C: \ WINDOWS \ unvise32.exe
2008-09-11 12:41. 2008-09-28 11:36 54.156 - ah ----- C: \ WINDOWS \ QTFont.qfn
2008-09-11 12:41. 2008-09-11 12:41 1.409 - a ------ C: \ WINDOWS \ QTFont.for
2008-09-09 15:33. 2008-09-09 15:56 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ FarmFrenzy2
2008-09-04 13:39. 2008-09-04 13:39 <DIR> d -------- C: \ Program Files \ Atari
2008-09-03 23:06. 2008-06-10 02:32 73.728 - a ------ C: \ WINDOWS \ system32 \ javacpl.cpl
2008-09-01 20:34. 2008-09-01 20:34 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Eyeblaster
2008-08-28 23:11. 2004-08-04 00:56 159.232 - a ------ C: \ WINDOWS \ system32 \ ptpusd.dll
2008-08-28 23:11. 2001-08-17 22:36 5.632 - a ------ C: \ WINDOWS \ system32 \ ptpusb.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-28 15:35 31.232 ---- aw C: \ WINDOWS \ system32 \ rpcnet.dll
2008-09-28 15:35 17.408 ---- aw C: \ WINDOWS \ system32 \ Rpcnetp.exe
2008-09-28 03:10 17.408 AW ---- C: \ WINDOWS \ system32 \ rpcnetp.dll
2008-09-28 00:20 --------- d ----- w C: \ Program Files \ RealArcade
2008-09-25 21:30 --------- d ----- w C: \ Program Files \ FTP Commander
2008-09-21 04:33 --------- d ----- w C: \ Program Files \ Common Files \ Adobe
2008-09-11 16:36 --------- d ----- w C: \ Documents and Settings \ Administrator \ Application Data \ uTorrent
2008-09-05 18:19 98.304 AW ---- C: \ WINDOWS \ system32 \ CmdLineExt.dll
2008-09-04 17:39 --------- d - h - w C: \ Program Files \ InstallShield Installation Information
2008-09-04 03:06 --------- d ----- w C: \ Program Files \ Java
2008-08-30 00:32 --------- d ----- w C: \ Program Files \ dl_Cats
2008-08-24 21:28 --------- d ----- w C: \ Documents and Settings \ Administrator \ Application Data \ Move Networks
2008-08-24 21:07 --------- d ----- w C: \ Documents and Settings \ Administrator \ Application Data \ Gamelab
2008-07-30 01:59 --------- d ----- w C: \ Documents and Settings \ All Users \ Application Data \ FreshGames
2008-07-19 02:10 94.920 AW ---- C: \ WINDOWS \ system32 \ cdm.dll
2008-07-19 02:10 53.448 AW ---- C: \ WINDOWS \ system32 \ wuauclt.exe
2008-07-19 02:10 45.768 AW ---- C: \ WINDOWS \ system32 \ wups2.dll
2008-07-19 02:10 36.552 AW ---- C: \ WINDOWS \ system32 \ wups.dll
2008-07-19 02:09 563.912 AW ---- C: \ WINDOWS \ system32 \ wuapi.dll
2008-07-19 02:09 325.832 AW ---- C: \ WINDOWS \ system32 \ wucltui.dll
2008-07-19 02:09 205.000 AW ---- C: \ WINDOWS \ system32 \ wuweb.dll
2008-07-19 02:09 1.811.656 AW ---- C: \ WINDOWS \ system32 \ Wuaueng.dll
2008-07-19 02:07 270.880 AW ---- C: \ WINDOWS \ system32 \ mucltui.dll
2008-07-19 02:07 210.976 AW ---- C: \ WINDOWS \ system32 \ muweb.dll
2008-07-07 20:32 253.952 AW ---- C: \ WINDOWS \ system32 \ es.dll
2007-10-02 01:01 60.968 AW ---- C: \ Documents and Settings \ Administrator \ GoToAssistDownloadHelper.ex e
2007-01-13 12:49 774.144 AW ---- C: \ Program Files \ RngInterstitial.dll
2007-08-10 19:03 6.275.816 AW ---- C: \ Program Files \ Mozilla Firefox \ plugins \ ScorchPDFWrapper.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Note * empty entries & čitljiv default unose se ne prikazuju
REGEDIT4

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
"Ctfmon.exe" = "C: \ WINDOWS \ system32 \ Ctfmon.exe" [2004-08-04 15360]
"Brzi AOL Start" = "C: \ Program Files \ America Online 9,0 \ AOL.EXE" [2005-07-12 50776]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"NvCplDaemon" = "C: \ WINDOWS \ system32 \ NvCpl.dll" [2007-04-28 8429568]
"Dell živa" = "C: \ Program Files \ Dell \ živa \ quickset.exe" [2007-07-20 1228800]
"HPDJ traci Utility" = "C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb03.exe" [2001-06-12 200704]
"QuickTime Task" = "C: \ Program Files \ QuickTime \ qttask.exe" [2008-01-10 385024]
"iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe" [2008-01-15 267048]
"DLCXCATS" = "C: \ WINDOWS \ System32 \ spool \ drivers \ W32X 86 \ 3 \ DLCXtime.dll" [2006-10-16 106496]
"SunJavaUpdateSched" = "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe" [2008-06-10 144784]
"NvMediaCenter" = "NvMCTray.dll" [2007/04/28 C: \ WINDOWS \ system32 \ nvmctray.dll]

[HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ RunOnce]
"RunNarrator" = "Narrator.exe" [2004/08/04 C: \ WINDOWS \ system32 \ narrator.exe]

C: \ Documents and Settings \ Administrator \ Start Menu \ Programs \ Startup \
Clean Access Agent.lnk - C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe [2007-06-28 2056266]

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ Policies \ Explorer]
"NoSMBalloonTip" = 1 (0x1)
"NoAutoTrayNotify" = 1 (0x1)

[HKEY_USERS \. Default \ Software \ Microsoft \ Windows \ sad rentversion \ Policies \ Explorer]
"NoActiveDesktopChanges" = 0 (0x0)

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entversion \ Explorer \ ShellExecuteHooks]
"(5AE067D3-9AFB-48E0-853A-EBB7F4A000DA)" = "C: \ Program Files \ SUPERAntiSpyware \ SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ winlogon \ obavijestiti \! SASWinLogon]
2008-07-23 16:28 352256 C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll

[HKLM \ ~ \ startupfolder \ C: ^ Documents and Settings Administrator ^ ^ Start Menu ^ Programs ^ Startup ^ Adobe Gamma.lnk]
path = C: \ Documents and Settings \ Administrator \ Start Menu \ Programs \ Startup \ Adobe Gamma.lnk
backup = C: \ WINDOWS \ PSS \ Adobe Gamma.lnkStartup

[HKLM \ ~ \ startupfolder \ C: ^ Documents and Settings All Users ^ ^ Start Menu ^ Programs ^ Startup ^ Adobe Reader Speed Launch.lnk]
path = C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup \ Adobe Reader Speed Launch.lnk
backup = C: \ WINDOWS \ PSS \ Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ AOLDialer]
-RA ------ 2006-10-23 08:50 71216 C: \ Program Files \ Common Files \ AOL \ ACS \ AOLDial.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ Apoint]
- a ------ 2003-08-20 20:24 151552 C: \ Program Files \ Apoint \ Apoint.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ Ctfmon.exe]
- a ------ 2004-08-04 00:56 15360 C: \ WINDOWS \ system32 \ Ctfmon.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ HostManager]
- a ------ 2006-09-25 20:52 50736 C: \ Program Files \ Common Files \ AOL \ 1155864818 \ EE \ aolsoftware.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ igfxhkcmd]
- a ------ 2006-07-14 18:04 77824 C: \ WINDOWS \ system32 \ hkcmd.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ igfxpers]
- a ------ 2006-07-14 18:08 118784 C: \ WINDOWS \ system32 \ igfxpers.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ igfxtray]
- a ------ 2006-07-14 18:07 94208 C: \ WINDOWS \ system32 \ igfxtray.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ IntelWireless]
- a ------ 2006-08-02 01:32 696320 C: \ Program Files \ Intel \ Wireless \ Bin \ iFrmewrk.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ IntelZeroConfig]
- a ------ 2006-08-02 01:38 802816 C: \ Program Files \ Intel \ Wireless \ Bin \ ZCfgSvc.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ iTunesHelper]
- a ------ 2008-01-15 04:22 267048 C: \ Program Files \ iTunes \ iTunesHelper.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ MSMSGS]
- ah ----- 2004-10-13 12:24 1694208 C: \ Program Files \ Messenger \ msmsgs.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ NvCplDaemon]
- a ------ 2007-04-28 19:05 8429568 C: \ WINDOWS \ system32 \ nvcpl.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ NvMediaCenter]
- a ------ 2007-04-28 19:05 81920 C: \ WINDOWS \ system32 \ nvmctray.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ QuickTime Task]
- a ------ 2008-01-10 16:27 385024 C: \ Program Files \ QuickTime \ QTTask.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ RealTray]
- a ------ 2006-08-17 21:34 26112 C: \ Program Files \ Real \ RealPlayer \ realplay.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ SunJavaUpdateSched]
- a ------ 2006-12-15 04:23 75520 C: \ Program Files \ Java \ jre1.5.0_11 \ bin \ jusched.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ WMPNSCFG]
--------- 2006-10-18 20:05 204288 C: \ Program Files \ Windows Media Player \ wmpnscfg.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ NVHotkey]
- a ------ 2007-04-28 19:05 67584 C: \ WINDOWS \ system32 \ nvhotkey.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ nwiz]
- a ------ 2007-04-28 19:05 1626112 C: \ WINDOWS \ system32 \ nwiz.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ SigmatelSysTrayApp]
- A - C --- 2005-11-16 15:35 397312 C: \ WINDOWS \ stsystra.exe

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ AuthorizedApplications \ List]
"% windir% \ \ system32 \ \ sessmgr.exe" =
"C: \ \ Program Files \ \ RssBandit \ \ RSSBandit.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe" =
"C: \ \ Program Files \ \ America Online 9,0 \ \ waol.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2,0 \ \ aoltsmon.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2,0 \ \ aoltpspd.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ AOLServiceHost.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ System Information \ \ sinf.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Zaštita Spyware \ \ AOLSP Scheduler.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Zaštita Spyware \ \ asp.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AolCoach \ \ en_en \ \ player \ \ AOLNySEV.exe" =
"C: \ \ Program Files \ \ FTP Commander \ \ ftpcomm.exe" =
"C: \ \ Program Files \ \ Real \ \ RealPlayer \ \ realplay.exe" =
"C: \ \ StubInstaller.exe" =
"C: \ \ Program Files \ \ SmartFTP Client 2,0 \ \ SmartFTP.exe" =
"C: \ \ Program Files \ \ BitTornado \ \ btdownloadgui.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ aolsoftware.exe" =
"C: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" =
"C: \ \ Program Files \ \ BitZip \ \ bitzip.exe" =
"C: \ \ Program Files \ \ uTorrent \ \ uTorrent.exe" =
"C: \ \ Program Files \ \ iTunes \ \ iTunes.exe" =
"% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" =
"C: \ \ WINDOWS \ \ system32 \ \ dlcxcoms.exe" =

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ GloballyOpenPorts \ List]
"50001: TCP" = 50001: TCP: webroots
"50002: TCP" = 50002: TCP: webroots2
"3389: TCP" = 3389: TCP: @ xpsp2res.dll, -22009

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ IcmpSettings]
"AllowInboundEchoRequest" = 1 (0x1)

R0 a320raid; a320raid; C: \ Windows \ System32 \ Drivers \ A320 raid.sys [2006-04-04 251578]
R0 pxark; pxark; C: \ Windows \ System32 \ Drivers \ pxark.sys [2008-09-27 17408]
R1 SAVOnAccess kontrola; SAVOnAccess kontrola; C: \ Windows \ System32 \ Drivers \ savonaccesscon trol.sys [2006-04-14 80128]
R1 SAVOnAccess Filter; SAVOnAccess Filter; C: \ Windows \ System32 \ Drivers \ savonaccessfilt er.sys [2006-04-14 24064]
R2 CSIScanner; CSIScanner; C: \ Program Files \ PrevxCSI \ prevxcsi.exe [2008-09-27 618040]
R2 dlcx_device; dlcx_device; C: \ WINDOWS \ system32 \ dlcxco ms.exe [2006-11-03 537480]
R2 glediąta Manager Service; glediąta Manager Service; C: \ Program Files \ glediąta \ Common \ ViewpointService.exe [2007-01-04 24652]
S2 ousbehci; NEC Enhanced PCI to USB Host Controller; C: \ Windows \ System32 \ Drivers \ ousbehci.sy s [2003-08-01 41600]
S3 GTIPCI21; GTIPCI21; C: \ Windows \ System32 \ Drivers \ gtip ci21.sys [2004-05-03 80384]
S3 NWADI; NWADI Autobusni Enumerator; C: \ Windows \ System32 \ Drivers \ NWADIenum.s ys [2005-12-09 67840]
S3 ousb2hub; OrangeWare korijenski koncentrator USB 2.0 Support; C: \ Windows \ System32 \ Drivers \ ousb2hub.sys [2003-08-01 55552]
S3 whfltr2k; WheelMouse USB Lower Filter Driver; C: \ Windows \ System32 \ Drivers \ whfltr2k.sys [2007-01-25 6784]
S3 whmice2k; Napredna Wheel Mouse Filter Driver Upper; C: \ Windows \ System32 \ Drivers \ whmice2k.sys [2004-04-25 6885]

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ D]
\ Shell \ autorun \ naredbu - D: \ autorun.exe

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ (64d8acf2-5f84-11db-b756-00038a000015)]
\ Shell \ autorun \ naredbu - E: \ Installer.exe

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ (7aebf132-2e3f-11db-b6e0-0015c547091a)]
\ Shell \ autorun \ naredbu - E: \ wd_windows_tools \ setup.exe

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ (c4f3f4e1-2c11-11d9-8305-806d6172696f)]
\ Shell \ autorun \ naredbu - D: \ Programs \ nu2menu \ nu2menu.exe

* Nedavno Created Service * - PROCEXP90
.
Sadržaj je 'Scheduled Tasks' folder
.
- - - - Orphans Odstranjena - - - --

MSConfigStartUp-! AVG Anti-Spyware - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe
MSConfigStartUp-DVDLauncher - C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe
MSConfigStartUp-SpySweeperEnterprise - C: \ Program Files \ Webroot \ Posao \ Spy Sweeper \ \ SpySweeperUI.exe
MSConfigStartUp-SpysweeperUI - C: \ Program Files \ Webroot \ Posao \ Spy Sweeper \ SpySweeperUI.exe
MSConfigStartUp-UpdateManager - C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe


.
------- Supplementary Scan -------
.
FireFox -: Profil - C: \ Documents and Settings \ Administrator \ Application Data \ Mozilla \ Firefox \ Profiles \ dlc1hobz.default \
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp: / / www.broadway.com/
FF -: plugin - C: \ Documents and Settings \ Administrator \ Application Data \ Mozilla \ Firefox \ Profiles \ dlc1hobz.default \ ext ensions \ npmozax@real.com \ plugins \ npmozax.dll
FF -: plugin - C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ preglednik \ nppdf32.dll
FF -: plugin - C: \ Program Files \ iTunes \ Mozilla Plugins \ npitunes.dll
FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugins \ npagent.dll
FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugins \ npmozax.dll
FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugins \ npmusicn.dll
FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugins \ npracplug.dll
FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugins \ nptgeqplugin.dll
FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugins \ npunagi2.dll
FF -: plugin - C: \ Program Files \ Real \ RealArcade \ Plugins \ Mozilla \ npracplug.dl l
FF -: plugin - C: \ Program Files \ Viewpoint \ Viewpoint Experience Tehnologija \ npViewpoint.dll
.

************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit / potaja detector by Gmer zlonamjernih programa, http://www.gmer.net
Rootkit scan 2008-09-28 11:48:43
5/1/2600 Windows Service Pack 2 NTFS

skeniranja skrivenih procesa ...

skeniranja skrivenih autostart entries ...

HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run
DLCXCATS = rundll32 C: \ WINDOWS \ System32 \ spool \ drivers \ W32X86 \ 3 \ DLCXtim e.dll, _RunDLLEntry @ 16 ???????????????????????? ????? ?????????????????????????????????????????????????? ?????????????????????????????????????????????????? ??????????????????????????????????????????????????

skeniranja skrivenih datoteka ...

scan uspješno završena
skrivenih datoteka: 0

************************************************** ************************
.
--------------------- Loaded DLL datoteke koje Under Running Processes ---------------------

PROCES: C: \ WINDOWS \ system32 \ Winlogon.exe
-> C: \ WINDOWS \ system32 \ Ati2evxx.dll
.
Completion time: 2008-09-28 11:50:56
ComboFix-u karanteni-files.txt 2008-09-28 15:50:52

Pre-Run: 25918537728 bytes free
Post-Run: 25986658304 bytes free

255 --- EOF --- 2008-09-26 12:22:29
  #10  
Old 28 rujan 2008, 10:25
Moderator / ica grupe
  
Napomena: se upute u nastavku su izrađene specijalno za ovog korisnika. Ukoliko niste u ovom, NE slijedite ove smjerove, jer bi mogao oštetiti djelovanju vašeg sustava

Izbriši ove datoteke / mape, kako slijedi:

1. Idi na Početak > Pokrenuti > Tip Notepad.exe i kliknite U redu otvoriti Notepad.
To morati biti Notepad, WordPad ne.
2. Kopiraj tekst ispod u okvir code by označavanje svih tekstualnih i pritiskom na Ctrl + C

Code:
KillAll:: File:: C: \ WINDOWS \ system32 \ SJv56bM4.exe.a_a C: \ WINDOWS \ system32 \ 0vx55IOc.exe Folder:: C: \ Documents and Settings \ Administrator \ Application Data \ ErrorSmart
3. Idi na Notepad prozor i kliknite na Uredi > Zalijepi
4. Zatim kliknite na Datoteka > Spremiti
5. Ime datoteke CFScript.txt - Spremi datoteku na svoj Desktop
6. Zatim povucite CFScript (držite lijevu tipku miša dok povučete datoteku), a pad je (otpustite lijevu tipku miša) u ComboFix.exe kao što vidite na sliki ispod. Važno: Obavi ovo uputstvo pažljivo!



ComboFix će se početi izvršavati, samo slijedite upute.
Nakon što ponovno podizanje sustava (u slučaju da ga zatraži ponovno podizanje sustava), on će proizvesti prijava za vas.
Pošta koja log (Combofix.txt) u sljedeći odgovor.

Napomena: Ne mouseclick ComboFix's prozor dok je pokrenut. To svibanj nanijeti tvoj sistem za zamrzavanje
__________________
Reply
Stranica 1 od 2 1 2

Register
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer soka.
Kontakt -- Privatnost -- Sitemap -- Vrh

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd SEO by vBSEO © 2009, Crawlability, Inc