Iexplorer.exe MATHMA ~ 1.exe RECTBO ~ 1.exe

euphotix · #1 16 siječanj 2008, 12:24

pa sam skinuti winzix. yah im glupe znam sada. ali ja ga uklonili i učini nekoliko virus skenira. koristiti, a zatim AVG McAfee. ali ja je dobio 2 iexplorers otvoren na moj zadaća voditelj Windows. i kad sam zatvorite ih do kraja ili proces stabla, MATHA ~ 1.exe ili RECTBO ~ 1.exe otvara samo za sekundu i reopens na iexplorers. pa su onda zatvoriti. soo yah ja dont znati što učiniti. ali ja vidim puno ppl say koristiti kidnapovati ovo. soo Heresu moj kidnapovati ovaj log. bilo koji pomoć bi bilo poštovati soo

Logfile of HijackThis v1.99.1
Scan spremljena u 1:04:01 Na 1/16/2008
Platforma: Windows XP SP2 (Winnt 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Pokretanje procesa:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ WINDOWS \ system32 \ cisvc.exe
C: \ programa ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
c: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ McAfee \ mna \ mcnasvc.exe
c: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ McAfee \ mcproxy \ mcproxy.exe
C: \ programa ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe
C: \ Program Files \ McAfee \ MPF \ MPFSrv.exe
C: \ WINDOWS \ system32 \ MsPMSPSv.exe
c: \ programa ~ 1 \ mcafee.com \ agent \ mcagent.exe
C: \ programa ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe
C: \ Program Files \ MSN Messenger \ msnmsgr.exe
C: \ Program Files \ Creative \ MediaSource \ Go \ CTCMSGo.exe
C: \ Program Files \ Windows Media Player \ WMPNSCFG.exe
C: \ Program Files \ OpenOffice.org 2,3 \ program \ soffice.exe
C: \ Program Files \ OpenOffice.org 2,3 \ program \ soffice.BIN
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ HijackThis \ HijackThis.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.ca/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Postavke, ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ programa ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O2 - BHO: scriptproxy - (7DB2D5A0-7241-4E79-B68D-6309F01C5231) - C: \ Program Files \ McAfee \ VirusScan \ scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ program files \ google \ googletoolbar2.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - c: \ program files \ google \ googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn \ yt.dll
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [mcagent_exe] C: \ Program Files \ McAfee.com \ Agent \ mcagent.exe / runkey
O4 - HKLM \ .. \ Run: [KernelFaultCheck]% systemroot% \ system32 \ dumprep 0-k
O4 - HKLM \ .. \ Run: [savijati logo sat film] C: \ Documents and Settings \ All Users \ Application Data \ Frag veliki zavoj logo \ četiri tick.exe
O4 - HKCU \ .. \ Run: [trustlive] C: \ DOCUME ~ 1 \ DANIEL ~ 1 \ APPLIC ~ 1 \ RECTLO ~ 1 \ Math Mags.exe
O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files \ MSN Messenger \ msnmsgr.exe" / background
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [Creative MediaSource Idi] C: \ Program Files \ Creative \ MediaSource \ Go \ CTCMSGo.exe / sys
O4 - HKCU \ .. \ Run: [WMPNSCFG] C: \ Program Files \ Windows Media Player \ WMPNSCFG.exe
O4 - Startup: OpenOffice.org 2.3.lnk = C: \ Program Files \ OpenOffice.org 2,3 \ program \ quickstart.exe
O8 - Extra kontekst meni stavka: & Google Search - res: / / c: \ program files \ google \ GoogleToolbar2.dll/cmsearch.html
O8 - Extra kontekst meni stavka: Povratni Links - res: / / c: \ program files \ google \ GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra kontekst meni stavka: Predmemorirano snimka Page - res: / / c: \ program files \ google \ GoogleToolbar2.dll/cmcache.html
O8 - Extra kontekst meni stavka: E & zvezi u Microsoft Excel - res: / / C: \ programa ~ 1 \ MICROS ~ 3 \ OFFICE11 \ EXCEL.EXE/3000
O8 - Extra kontekst meni stavka: Similar Pages - res: / / c: \ program files \ google \ GoogleToolbar2.dll/cmsimilar.html
O8 - Extra kontekst meni stavka: Prevedi na engleski - res: / / c: \ program files \ google \ GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ programa ~ 1 \ MICROS ~ 3 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: UltimateBet - (94148DB5-B42D-4915-95DA-2CBB4F7095BF) - C: \ Program Files \ UltimateBet \ UltimateBet.exe
O9 - Extra 'Tools' MENUITEM: UltimateBet - (94148DB5-B42D-4915-95DA-2CBB4F7095BF) - C: \ Program Files \ UltimateBet \ UltimateBet.exe
O9 - Extra button: AIM - (AC9E2541-2814-11d5-BC6D-00B0D0A1DE45) - C: \ Program Files \ AIM \ aim.exe
O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ programa ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra 'Tools' MENUITEM: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ programa ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra button: Yahoo! Messenger - (E5D12C4E-7B4F-11D3-B5C9-0050045C3C96) - C: \ programa ~ 1 \ Yahoo! \ Messen ~ 1 \ YPager.exe
O9 - Extra 'Tools' MENUITEM: Yahoo! Messenger - (E5D12C4E-7B4F-11D3-B5C9-0050045C3C96) - C: \ programa ~ 1 \ Yahoo! \ Messen ~ 1 \ YPager.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O11 - Options group: [INTERNATIONAL] International *
O18 - Protocol: livecall - (828030A1-22C1-4009-854F-8E305202313F) - C: \ programa ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL
O18 - Protocol: msnim - (828030A1-22C1-4009-854F-8E305202313F) - C: \ programa ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL
O20 - Winlogon Obavijesti: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll
O21 - SSODL: WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ WINDOWS \ system32 \ WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
O23 - Service: Adobe LM Service - Unknown vlasnika - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: ATI Smart - Unknown vlasnika - C: \ WINDOWS \ system32 \ ati2sgag.exe (file missing)
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: McAfee Usluge (mcmscsvc) - McAfee, Inc - C: \ programa ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc - c: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ McAfee \ mna \ mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc - C: \ programa ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc - c: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ McAfee \ mcproxy \ mcproxy.exe
O23 - Service: McAfee stvarnom vremenu Scanner (McShield) - McAfee, Inc - C: \ programa ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc - C: \ programa ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc - C: \ Program Files \ McAfee \ MPF \ MPFSrv.exe

**evilfantasy** · #2 16 siječanj 2008, 13:02

Dobrodošli na TCF.

Dozvoljava vidjeti ako mi može izliječiti ovo.

Molimo, preuzmite OTMoveIt2 la Oldtimer OTMoveIt2.exe i spremite ju na radnu površinu. Ne koristite ga još.

---------------

Otvori HijackThis i odaberite Da li je sustav skenirati samo zatim staviti kvačica pored:

O4 - HKLM \ .. \ Run: [savijati logo sat film] C: \ Documents and Settings \ All Users \ Application Data \ Frag veliki zavoj logo \ četiri tick.exe
O4 - HKCU \ .. \ Run: [trustlive] C: \ DOCUME ~ 1 \ DANIEL ~ 1 \ APPLIC ~ 1 \ RECTLO ~ 1 \ Math Mags.exe

Zatvori sve prozore osim HijackThis i kliknite Fix checked

Izlaz Hijackthis.

---------------

Dvaput kliknite na OTMoveIt2.exe pokrenuti ga.

Svakako tu je kvačica pored Dll odjaviti i OCX's

Kopirajte datoteku dvije staze ispod u međuspremnik by osvjetljavanje ALL od njih.
Zatim kliknite desnom tipkom miša i izaberite Copy.

C: \ Documents and Settings \ All Users \ Application Data \ Frag veliki zavoj logo \ četiri tick.exe
C: \ DOCUME ~ 1 \ DANIEL ~ 1 \ APPLIC ~ 1 \ RECTLO ~ 1 \ Math Mags.exe

Povratak na OTMoveIt, desni klik na Zalijepite popis datoteka / mapa se preselio prozoru i odaberite Zalijepi.
Kliknite na crvenu MoveIt! gumb.
Na popisu će biti obrađeni, a rezultati će se pojaviti u oknu desnom rukom.
Kopiraj sve na rezultatima prozora u međuspremnik by osvjetljavanje ALL od njih.
Zatim kliknite desnom tipkom miša i izaberite kopirati i zalijepiti ga na sljedeći odgovor.
Kada završite, kliknite Izlaz za izlaz iz programa.
Molimo, prijavite se dodati sljedeći odgovor.

Ako neku datoteku ili mapu ne može biti premješten odmah, vi svibanj biti zatraženo da ponovno pokrenuti računalo kako bi završili proces potez. Ukoliko ste zamoljeni da ponovno pokrenete računalo, izabrati Da.

Ako je potrebno ponovo pokrenuti ili vam je potrebno za izlaz prije objavljivanja zapisnik, naći ćete kopiju zapisnik na korijen OTMoveIt pogon na kojem je instalirana, obicno na: C: \ _OTMoveIt \ MovedFiles \ ********_******. log

(gdje "********_******" je "date_time")

Kliknite Izlaz za zatvaranje OTMoveIt.

---------------

Next post molimo dodajte OTMoveIt log

**Axegrinder** · #3 16 siječanj 2008, 13:06

O20 - Winlogon Obavijesti: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll

Je li tvoj Windows geniune?

Edit: Evilfantasy istukoše me to previše

euphotix · #4 16 sij 2008, 14:01

YAY! IM ljepušan siguran to radila. puno hvala ali ja sam malo neredovit koje nije premještena datoteku.

File potez nije uspio. C: \ Documents and Settings \ All Users \ Application Data \ Frag veliki zavoj logo \ četiri tick.exe rasporedu biti premještena na ponovno podizanje sustava.
C: \ DOCUME ~ 1 \ DANIEL ~ 1 \ APPLIC ~ 1 \ RECTLO ~ 1 \ Math Mags.exe uspješno prenesena.

OTMoveIt2 v1.0.7 prijavite kreirana dana 01162008_145132

EDIT: IM ljepušan siguran moje prozore je originalan, ja je dobio moj comp običaj je napravio nekoliko godina nazad

**evilfantasy** · #5 16 siječanj 2008, 14:05

Jeste li ponovno pokrenuti?

Mi i dalje trebate učiniti nešto više. Obično su zaražene područjima koja prikazuju se samo na vrhu problem. Omogućuje upućivanje da je sve nestalo.

Preuzimanje SUPERAntispyware Free Edition (SAS)

Dvaput pritisnite ikonu na radnoj površini da biste pokrenuli instalacijski program.
Upitan da Ažurirati program definicije, kliknite Da
Kliknite na Next Preferences gumb.
Kliknite Skeniranje Control tab.
Pod Scanner Opcije Pobrinite se samo sljedeće se provjeravaju:
- Zatvori preglednici prije skeniranja
- Scan for tracking cookies
- Raskinuti memorije prijetnje prije quarantining
- Molimo ostavite drugima neprovjeren.
- Kliknite na Zatvori gumb da napuste centar ekrana.
Kliknite Zatvoriti dugme za kontrolu napustiti središte zaslona.
Na glavnom ekranu kliknite Skenirajte svoje računalo
Na lijevoj check C: \ Fiksni Drive
Na pravo odabrati Obavi Cijela Scan
Kliknite Dalje da biste započeli pretraživanje. Budite strpljivi dok skenira vaše računalo.
Nakon skeniranja je kompletan rezime pojavit će se okvir. Kliknite U redu
Provjerite je li sve u bijeloj kutiji ima check pored nje, a zatim kliknite Dalje
Ona će se što je pronađena u karantenu, a ako ga pita ako želite ponovno podizanje sustava, kliknite Da
Da biste preuzeli uklanjanje informacija molimo učinite slijedeće:
- Nakon što ponovno podizanje sustava, dvokliknite SUPERAntiSpyware ikone na radnoj površini.
- Kliknite Preferences. Kliknite Statistika / Evidencije tab.
- Pod Scanner Evidencije, dvokliknite SUPERAntiSpyware Scan Log.
- To će otvoriti u zadani uređivač teksta (npr. Notepad / WordPad).
- Spremite notepad datoteku na radnu površinu tako da kliknete (u Notepad) "Datoteka""Save As"
Spremi zapisničku negdje možete lako pronaći. (normalno desktop)
Kliknite bliska i opet zatvori za izlaz iz programa.
Molimo kopirajte i potom zalijepite prijaviti u vaš post.

---------------

Pokreni novu Hijackthis skenirati i poslati da se prijavite.

---------------

Sljedeća post
SuperAntispyware log
Novi Hijackthis log

euphotix · #6 17 siječanj 2008, 02:28

hej hej, žao mi je tako dugo. Morao sam raditi odmah nakon mog zadnjeg posta.

ali Heresu u zapisnicima!

Hijack this log

Logfile of HijackThis v1.99.1
Scan spremljena u 3:26:25 Na 1/17/2008
Platforma: Windows XP SP2 (Winnt 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Pokretanje procesa:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ WINDOWS \ system32 \ cisvc.exe
C: \ programa ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
c: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ McAfee \ mna \ mcnasvc.exe
c: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ McAfee \ mcproxy \ mcproxy.exe
C: \ programa ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe
C: \ Program Files \ McAfee \ MPF \ MPFSrv.exe
C: \ WINDOWS \ system32 \ MsPMSPSv.exe
C: \ WINDOWS \ explorer.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
c: \ programa ~ 1 \ mcafee.com \ agent \ mcagent.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe
C: \ Program Files \ Creative \ MediaSource \ Go \ CTCMSGo.exe
C: \ Program Files \ Windows Media Player \ WMPNSCFG.exe
C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ Program Files \ OpenOffice.org 2,3 \ program \ soffice.exe
C: \ Program Files \ OpenOffice.org 2,3 \ program \ soffice.BIN
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ programa ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ BitComet \ BitComet.exe
C: \ Program Files \ HijackThis \ sniper.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.ca/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Postavke, ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ programa ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O2 - BHO: scriptproxy - (7DB2D5A0-7241-4E79-B68D-6309F01C5231) - C: \ Program Files \ McAfee \ VirusScan \ scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ program files \ google \ googletoolbar2.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - c: \ program files \ google \ googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn \ yt.dll
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [mcagent_exe] C: \ Program Files \ McAfee.com \ Agent \ mcagent.exe / runkey
O4 - HKLM \ .. \ Run: [KernelFaultCheck]% systemroot% \ system32 \ dumprep 0-k
O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files \ MSN Messenger \ msnmsgr.exe" / background
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [Creative MediaSource Idi] C: \ Program Files \ Creative \ MediaSource \ Go \ CTCMSGo.exe / sys
O4 - HKCU \ .. \ Run: [WMPNSCFG] C: \ Program Files \ Windows Media Player \ WMPNSCFG.exe
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - Startup: OpenOffice.org 2.3.lnk = C: \ Program Files \ OpenOffice.org 2,3 \ program \ quickstart.exe
O8 - Extra kontekst meni stavka: & Google Search - res: / / c: \ program files \ google \ GoogleToolbar2.dll/cmsearch.html
O8 - Extra kontekst meni stavka: Povratni Links - res: / / c: \ program files \ google \ GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra kontekst meni stavka: Predmemorirano snimka Page - res: / / c: \ program files \ google \ GoogleToolbar2.dll/cmcache.html
O8 - Extra kontekst meni stavka: E & zvezi u Microsoft Excel - res: / / C: \ programa ~ 1 \ MICROS ~ 3 \ OFFICE11 \ EXCEL.EXE/3000
O8 - Extra kontekst meni stavka: Similar Pages - res: / / c: \ program files \ google \ GoogleToolbar2.dll/cmsimilar.html
O8 - Extra kontekst meni stavka: Prevedi na engleski - res: / / c: \ program files \ google \ GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ programa ~ 1 \ MICROS ~ 3 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: UltimateBet - (94148DB5-B42D-4915-95DA-2CBB4F7095BF) - C: \ Program Files \ UltimateBet \ UltimateBet.exe
O9 - Extra 'Tools' MENUITEM: UltimateBet - (94148DB5-B42D-4915-95DA-2CBB4F7095BF) - C: \ Program Files \ UltimateBet \ UltimateBet.exe
O9 - Extra button: AIM - (AC9E2541-2814-11d5-BC6D-00B0D0A1DE45) - C: \ Program Files \ AIM \ aim.exe
O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ programa ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra 'Tools' MENUITEM: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ programa ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra button: Yahoo! Messenger - (E5D12C4E-7B4F-11D3-B5C9-0050045C3C96) - C: \ programa ~ 1 \ Yahoo! \ Messen ~ 1 \ YPager.exe
O9 - Extra 'Tools' MENUITEM: Yahoo! Messenger - (E5D12C4E-7B4F-11D3-B5C9-0050045C3C96) - C: \ programa ~ 1 \ Yahoo! \ Messen ~ 1 \ YPager.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O11 - Options group: [INTERNATIONAL] International *
O18 - Protocol: livecall - (828030A1-22C1-4009-854F-8E305202313F) - C: \ programa ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL
O18 - Protocol: msnim - (828030A1-22C1-4009-854F-8E305202313F) - C: \ programa ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL
O20 - Winlogon Obavijesti:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O20 - Winlogon Obavijesti: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll
O21 - SSODL: WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ WINDOWS \ system32 \ WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
O23 - Service: Adobe LM Service - Unknown vlasnika - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: ATI Smart - Unknown vlasnika - C: \ WINDOWS \ system32 \ ati2sgag.exe (file missing)
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: McAfee Usluge (mcmscsvc) - McAfee, Inc - C: \ programa ~ 1 \ McAfee \ MSC \ mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc - c: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ McAfee \ mna \ mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc - C: \ programa ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc - c: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ McAfee \ mcproxy \ mcproxy.exe
O23 - Service: McAfee stvarnom vremenu Scanner (McShield) - McAfee, Inc - C: \ programa ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc - C: \ programa ~ 1 \ McAfee \ VIRUSS ~ 1 \ mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc - C: \ Program Files \ McAfee \ MPF \ MPFSrv.exe

Heresu i moje SUPERspyware prijava

SUPERAntiSpyware Scan Prijava
http://www.superantispyware.com

Generirano 01/17/2008 at 03:11

Application Version: 3/9/1008

Core Pravila Database Version: 3381
Trace Pravila Database Version: 1375

Scan type: Cijela Scan
Ukupno Scan Vrijeme: 04:41:27

Memorija predmeta skenirane: 544
Memorija prijetnje otkrivena: 0
Registry stavke skenirane: 5928
Matični prijetnje otkrivena: 0
File skenirane podatke: 173662
File prijetnje otkrivena: 71

Adware.Tracking Cookie
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@www.findagrave [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ clicksor [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel_knight@ontarget.122.2o7 [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ eyewonder [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel_knight @ partypoker [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ TOPlist [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@highbeam.122.2o7 [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@msnportal.112.2o7 [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@counter.inkfrog [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@community.finditquick [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel_knight@eas.apm.emediate [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ atwola [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@ads.adengage [3]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel_knight@ads.vlaze [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@ads.str8up [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel_knight@adopt.euroclick [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ uvertira [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel_knight @ tacoda [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ pitchforkmedia [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel_knight @ azjmp [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@try.starware [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ adinterax [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@nhl.112.2o7 [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@ylwbook.findlinks [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@www.epilot [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel_knight @ adultfriendfinder [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@mcclatchy.112.2o7 [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@servedby.adorigin [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ cgi-bin [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@roi.admarketplace [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ adcentriconline [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@ads.tnt [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel_knight @ 2o7 [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ clicktorrent [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@richmedia.yahoo [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ html [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ findagrave [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ adorigin [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel_knight@partygaming.122.2o7 [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ windowsmedia [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@2.go.globaladsales [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ 2o7 [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@ad1.clickhype [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ adinterax [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@ads.adengage [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@ads.realtechnetwork [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@bridge.admarketplace [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@buzznet.112.2o7 [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ cpvfeed [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ dealtime [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ povećati [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@h.starware [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ interclick [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ localhelpfinder [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@nhl.112.2o7 [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ optimost [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ partypoker [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@publishers.clickbooth [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ smileycentral [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ tacoda [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@tremor.adbureau [2]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@waterfrontmedia.112.2o7 [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@www.dealtime [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@www.geeksfind [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel knight@www.popundersupply [1]. Txt
C: \ Documents and Settings \ Daniel Knight \ Cookies \ daniel vitez @ xiti [1]. Txt

Adware.Search2Find
C: \ SYSTEM Volume INFORMACIJE \ _RESTORE (9ABC731F-C847-4CA4-821A-E6D2ED1D4D39) \ RP565 \ A0305240.EXE

Trojan.Downloader-ConHook
C: \ Windows \ System32 \ DDAYA.EXE

Trojan.Downloader-Gen/BigTkt
C: \ Windows \ System32 \ DRVSIPR.DLL

Adware.Vundo Varijanta / rel
C: \ Windows \ System32 \ TSTWA.BAK1

Adware.Lop
C: \ _OTMOVEIT \ MOVEDFILES \ 01162008_145132 \ Documents and Settings \ All Users \ Application Data \ FRAG VELIKIH Bend LOGO \ ČETIRI TICK.EXE

**evilfantasy** · #7 17 siječanj 2008, 09:00

U zapisnicima fino izgledaju sada. Kako je računalo?

Vrijeme je za napraviti neki čišćenje i siguran posao koje ste učinili.

Kliknite START tada Pokrenuti
Sada upišite Combofix / u u runbox
Provjerite da li postoji razmak između Combofix a / u
Tada hit Enter.

Gore navedeni postupak će:
Izbrišite sljedeće:
ComboFix i njegove povezane datoteke i mape.
Reset podešenja sata.
Sakrij nastavke, ako je potrebno.
Sakrij System / Skrivene datoteke, ako je potrebno.
Postavi novu, čisto Restore Point.

Let's rasprodati programi koje smo koristili za čišćenje računala, nisu pogodne za
Opći uklanjanje zlonamjernih programa i mogu uzrokovati oštećenja ako slučajno pokrenula.

Molimo, preuzmite OTMoveIt2 la Oldtimer OTMoveIt2.exe i staviti ga na radnoj površini.

1. Dvaput kliknite na OTMoveIt2.exe pokrenuti ga.
2. Kliknite na Cleanup! gumb.
3. OTMoveIt2 će preuzeti s Interneta lista, ako je vaš vatrozid ili drugi obrambeni programi upozorenja vas, dopustiti pristup.
4. Kliknite DA Na sljedećem retku (popis preuzetih, Želite li početi čišćenje postupak?)

Kada završite izlaz iz OTMoveIt2

Check out Imajući Yourself sigurno na Webu Za savjete i slobodne alate da bi vas sigurno u budućnosti.

Također pogledajte Computer Sporo? To ne može biti zaštita od zlonamjernih programa besplatno za čišćenje / održavanje alata za pomoć držati tvoj računalo trčanje glatka.

Pustiti mene znati kako je sve sada.

euphotix · #8 17 siječanj 2008, 23:52

ok nisam to sve, ali ja couldnt učiniti Combixfix thingy. piše windows licemjerje naći.

i ja sam se OTMoveIt2, i opet to nije rekao, to će učiniti na pokretanje, ali se pokrenu na start up

ja bi prikazivao u zapisnik. ali ja ga brišu cuz I got kinda prepala kad u, rekao je netko mogao accidently izbrisati nešto na moj comp s njom. lol

EDIT: oh ya moj računalo je leđa to normalan sada, ali im se dešava check bacili sporo računalo svibanj ne biti zlonamjerni softver thread
BTW puno hvala VAM Awesome osobu AWESOMENESS

**evilfantasy** · #9 17 siječanj 2008, 23:55

Nema problema sam da je sve u redu.

Da li je na računalu pokrenut još u redu?

Slične teme
Nit	Temu Započeo	Forum	Odgovori	Zadnji Post
Iexplorer loš image-HELPPPP Molimo	soupman23	Virus, Spyware i sigurnost	11	29. prosinac 2008 00:52
Iexplorer.exe virus - ugoditi pomoć mene!	Giant Panda	Virus, Spyware i sigurnost	2	6. listopad 2008 14:55
IEXPLORER.EXE virus pls pregled Hijack log	nitingaur	Virus, Spyware i sigurnost	15	22. Ruj 2008 16:40
Im 'uzimajući bone.exe virus za moj iexplorer	damandg	Virus, Spyware i sigurnost	12	14. srpnja 2008 14:31
Iexplorer.exe virus	iuboy2006	Virus, Spyware i sigurnost	9	26. ožujak 2008 08:12