Sporiji i sporiji

**RB211** · #1 4. travanj 2008, 10:57

Nakon preuzimanja neke stvari moje puter je sve sporiji i sporiji sa dosadnih spyware / štetnih sadržaja dodaj popping up da ja licemjerje dobiti riješiti. Ugoditi pomoć momački ..

**Hybr! D** · #2 4. travanj 2008, 11:02

Započni ovdje: http://www.computer-juice.com/forums...-posting-7476/

**RB211** · #3 4. travanj 2008, 14:51

ok, ovo je prvi put prijavite. Ja sam ga nastaviti?

SUPERAntiSpyware Scan Prijava
http://www.superantispyware.com
Generirano 04/04/2008 at 10:06
Application Version: 4.0.1154
Core Pravila Database Version: 3431
Trace Pravila Database Version: 1423
Scan type: Cijela Scan
Ukupno Scan Vrijeme: 01:41:45
Memorija predmeta skenirane: 703
Memorija prijetnje otkrivena: 1
Registry stavke skenirane: 5826
Matični prijetnje otkrivena: 43
File skenirane podatke: 289779
File prijetnje otkrivena: 158
Adware.Vundo Varijanta / Resident
C: \ Windows \ System32 \ MLJJJ.DLL
C: \ Windows \ System32 \ MLJJJ.DLL
Trojan.WinFixer
HKLM \ Software \ Classes \ CLSID \ (09888678-42FC-51D6-9437-CBBFDA0B86EA)
HKCR \ CLSID \ (09888678-42FC-51D6-9437-CBBFDA0B86EA)
HKCR \ CLSID \ (09888678-42FC-51D6-9437-CBBFDA0B86EA) \ InprocServer32
HKCR \ CLSID \ (09888678-42FC-51D6-9437-CBBFDA0B86EA) \ InprocServer32 # ThreadingModel
HKLM \ Software \ Classes \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B)
HKCR \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B)
HKCR \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B) \ InprocServer32
HKCR \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B) \ InprocServer32 # ThreadingModel
C: \ Windows \ System32 \ JKKLL.DLL
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (09888678-42FC-51D6-9437-CBBFDA0B86EA)
Adware.Vundo Varijanta
HKLM \ Software \ Classes \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9) \ InprocServer32
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9) \ InprocServer32 # ThreadingModel
C: \ Windows \ System32 \ TUVSQPQ.DLL
HKLM \ Software \ Classes \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2)
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2)
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2) \ InprocServer32
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2) \ InprocServer32 # ThreadingModel
C: \ Windows \ System32 \ YAYWUVW.DLL
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ ShellExecuteHooks # (D85530E8-D39D-49D0-9F36-300D594556D2)
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ ShellExecuteHooks # (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2)
Unclassified.Unknown Origin
HKLM \ Software \ Classes \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ InprocServer32
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ PROGID
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ Programabilni
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ TypeLib
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ VersionIndependentProgID
C: \ programa ~ 1 \ pecati \ SBSEARCH.DLL
HKU \ S-1-5-21-73586283-1326574676-839522115-1004 \ Software \ Microsoft \ Internet Explorer \ URLSearchHooks # (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ SearchHook.SrchHook.1
HKCR \ SearchHook.SrchHook
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6)
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1,0
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ 0
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ 0 \ Win32
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ ZASTAVE
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ HELPDIR
Adware.Tracking Cookie
C: \ Documents and Settings \ Danny \ Cookies \ @ danny posluživanje-sys [1]. Txt
C: \ Documents and Settings \ Danny \ Cookies \ @ danny tribalfusion [1]. Txt
C: \ Documents and Settings \ Danny \ Cookies \ @ danny doubleclick [1]. Txt
C: \ Documents and Settings \ Danny \ Cookies \ danny@bs.serving-sys [1]. Txt
C: \ Documents and Settings \ Danny \ Cookies \ danny@bs.serving-sys [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@ad.yieldmanager [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@ad.zanox [1]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz @ adnetserver [1]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@ads.alpharooms [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@ads1.alpharooms [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@ads2.alpharooms [1]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@ads3.alpharooms [1]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@ads4.alpharooms [1]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz @ adultfriendfinder [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz @ gostats [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz @ hornymatches [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz @ indexstats [1]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz @ indexstats [3]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz @ linksynergy [1]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@media2.mediafileshost [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz @ statcounter [1]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@statse.webtrendslive [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@tracking.summitmedia.co [1]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@webstats.wthosting.co [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@www.admedia365 [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@www.admedia365 [3]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@www.hxtrack [2]. Txt
H: \ Documents and Settings \ Rozzie \ Cookies \ rozzie @ indexstats [2]. Txt
H: \ Documents and Settings \ Rozzie \ Cookies \ rozzie@pc-finder.co [2]. Txt
H: \ Documents and Settings \ Rozzie \ Cookies \ rozzie@www.pc-finder.co [2]. Txt
H: \ Novije Docs & Kompleti \ Rozzie \ Cookies \ rozzie @ indexstats [2]. Txt
H: \ Novije Docs & Kompleti \ Rozzie \ Cookies \ rozzie@pc-finder.co [2]. Txt
H: \ Novije Docs & Kompleti \ Rozzie \ Cookies \ rozzie@www.pc-finder.co [2]. Txt
H: \ Rozzie \ Cookies \ rozzie @ indexstats [2]. Txt
H: \ Rozzie \ Cookies \ rozzie@pc-finder.co [2]. Txt
H: \ Rozzie \ Cookies \ rozzie@www.pc-finder.co [2]. Txt
Trojan.Unknown Origin
C: \ WINDOWS \ system32 \ nGpxx01
HKLM \ Software \ xpre
HKLM \ Software \ xpre # execount
Adware.VXGame-Trace
HKU \ S-1-5-21-73586283-1326574676-839522115-1005 \ Software \ kernelexe
Adware.Vundo Varijanta / rel
C: \ Windows \ System32 \ ACCDD.INI
C: \ Windows \ System32 \ ACCDD.INI2
C: \ Windows \ System32 \ ILKKJ.INI
C: \ Windows \ System32 \ ILKKJ.INI2
C: \ Windows \ System32 \ JJJLM.INI
C: \ Windows \ System32 \ JJJLM.INI2
C: \ Windows \ System32 \ LLKKJ.INI
C: \ Windows \ System32 \ LLKKJ.INI2
C: \ Windows \ System32 \ LNNMP.INI2
C: \ Windows \ System32 \ MCRH.TMP
C: \ Windows \ System32 \ RRQSS.INI
C: \ Windows \ System32 \ VVVWA.INI2
Varijanta Adware.Vundo -
C: \ Windows \ System32 \ DDCCA.DLL
C: \ Windows \ System32 \ SSQRR.DLL
Trace.Known prijetnja Izvori
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ index [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ dna [2]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i53b_t1 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ CAXOO75T.htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ xrest [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ AJAX [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ verx [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_brd-top-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ menadžeri [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ errorhandler [2]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i701_line2 [1]. Jpg
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_boton1 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ errorhandler [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ niz [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ errorhandler [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_btn-features [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_cor-left-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_icon3 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ kripti [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ prozor [1]. Js
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ čist [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_bg1 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ stats [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ vrh [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ SDWBGNOV \ main_02 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ CASL6F4X.htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_line2 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i701_cor-pravo-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ AHGZAXI5 \ preporučiti [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_icon5 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ stilova [5]. Css
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ ZLGK0BFB \ off_2 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i701_bg2 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ napredak [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_btn-pregled [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ index [5]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ stats [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_bg3 [1]. Jpg
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 8NKJEV4R \ bottom_r_2 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ hitno [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ errorhandler [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ AC_RunActiveContent [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ midle [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ QX8BMXM5 \ stilova [2]. Css
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_boton4 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i53b_btn-kupnje [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ spacer [4]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ AJAX [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ G92ZKB2T \ označite [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CX8VSB4B \ bottom_r [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ kripti [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ LO76ZR17 \ errsnd [1]. Swf
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CX8VSB4B \ bottom_l [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_brd-top-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ kripti [2]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ AHGZAXI5 \ secpan [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_btn kuće [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ CAUJABA1.htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ AC_ActiveX [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_line3 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ chec [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i53b_icon1 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ AJAX [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_btn-download [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ ZLGK0BFB \ x [2]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ CA3MKJZH.htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_BG [1]. Jpg
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_line1 [1]. Jpg
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_brd-bot-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_pc [1]. Jpg
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_boton2 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_brd-bot-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_bg4 [1]. Jpg
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ menadžeri [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_btn ažuriranja [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ menadžeri [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ UR2NQ1UR \ alert [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ flash [1]. Js
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i701_spacer [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ AL6HK9M7 \ main_06 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ head_r_back [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ LO76ZR17 \ Štit [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_line3 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i701_boton2 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ flash_detect [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ M1Q5EV4X \ play [1]. Js
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ UR2NQ1UR \ main_10 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ M1Q5EV4X \ main_05 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ QX8BMXM5 \ križ [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ G92ZKB2T \ main_07 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ EJ23EDUF \ closebutton [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 8NKJEV4R \ main_03 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ ban_2 [1]. Swf
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ logo2 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ data [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ LO76ZR17 \ off_back [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ AL6HK9M7 \ download [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ M1Q5EV4X \ main_04 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ popup [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ left_3 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ QX8BMXM5 \ bottom_l_2 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ Z81HJ8WK \ right_2 [1]. Gif

**evilfantasy** · #4 4. travanj 2008, 19:20

Da molim nastaviti s ostatkom korake. Svaki korak traľi i popravci raznih prijetnji.

**RB211** · #5 5. travanj 2008, 00:13

OK Heresu drugi log ..

Malwarebytes' Anti-zaštita od zlonamjernih programa 1,10
Database version: 592
Scan type: Full Scan (A: \ | C: \ | D: \ | E: \ | H: \ | I: \ | J: \ |)
Objekti skenirane: 336027
Proteklo vrijeme: 1 sat (a), 8 minute (s), 1 sekundu (s)
Memory Processes zaraženih: 5
Memorijske module zaraženih: 0
Ključevi registra zaraženih: 10
Registry Values zaraženih: 7
Registry Data Items zaraženih: 0
Mape zaraženih: 0
Zaražene datoteke: 11
Memory Processes zaraženih:
C: \ Windows \ System32 \ Drivers \ Ctfmon.exe (Trojan.Agent) -> istovaren proces uspješno.
C: \ Windows \ System32 \ Drivers \ Ctfmon.exe (Trojan.Agent) -> istovaren proces uspješno.
C: \ Documents and Settings \ Danny \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> istovaren proces uspješno.
C: \ Documents and Settings \ Danny \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> istovaren proces uspješno.
C: \ Documents and Settings \ Danny \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> istovaren proces uspješno.
Memorijske module zaraženih:
(Nema stavki otkrivenih zlonamjernih)
Ključevi registra zaraženih:
HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet001 \ Services \ s chedule (Trojan.Agent) -> karanteni i uspješno izbrisan.
HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet002 \ Services \ s chedule (Trojan.Agent) -> karanteni i uspješno izbrisan.
HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Servic es \ raspored (Trojan.Agent) -> karanteni i uspješno izbrisan.
HKEY_CURRENT_USER \ Software \ Microsoft \ affri (Malware.Trace) -> karanteni i uspješno izbrisan.
HKEY_CURRENT_USER \ Software \ Microsoft \ affltid (Malware.Trace) -> karanteni i uspješno izbrisan.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ affltid (Malware.Trace) -> karanteni i uspješno izbrisan.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ affri (Malware.Trace) -> karanteni i uspješno izbrisan.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ MS Juan (Malware.Trace) -> karanteni i uspješno izbrisan.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ FCOVM (Trojan.Vundo) -> karanteni i uspješno izbrisan.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RemoveRP (Trojan.Vundo) -> karanteni i uspješno izbrisan.
Registry Values zaraženih:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ BMafb2445c (Trojan.Agent) -> karanteni i uspješno izbrisan.
HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run \ ntuser (Trojan.Agent) -> karanteni i uspješno izbrisan.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ ntuser (Trojan.Agent) -> karanteni i uspješno izbrisan.
HKEY_USERS \. DEFAULT \ SOFTWARE \ Microsoft \ Windows \ Cur rentVersion \ Run \ ntuser (Trojan.Agent) -> karanteni i uspješno izbrisan.
HKEY_USERS \. DEFAULT \ SOFTWARE \ Microsoft \ Windows \ Cur rentVersion \ Run \ autoload (Trojan.Agent) -> karanteni i uspješno izbrisan.
HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run \ autoload (Trojan.Agent) -> karanteni i uspješno izbrisan.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ autoload (Trojan.Agent) -> karanteni i uspješno izbrisan.
Registry Data Items zaraženih:
(Nema stavki otkrivenih zlonamjernih)
Mape zaraženih:
(Nema stavki otkrivenih zlonamjernih)
Zaražene datoteke:
C: \ Documents and Settings \ LocalService \ Local Settings \ Temporary Internet Files \ Content.IE5 \ GHIJKLMN \ krugova [1]. Jpg (Trojan.Madcode) -> karanteni i uspješno izbrisan.
C: \ System Volume Information \ _restore (B4EDD13F-A6F1-41A1-814E-E5C94DDA45B5) \ RP8 \ A0002994.exe (Trojan.Downloader) -> karanteni i uspješno izbrisan.
C: \ WINDOWS \ system32 \ iupdate.exe (Trojan.Madcode) -> karanteni i uspješno izbrisan.
C: \ WINDOWS \ system32 \ kchkioor.dll (Trojan.Agent) -> Delete na ponovno podizanje sustava.
C: \ Windows \ System32 \ Drivers \ Ctfmon.exe (Trojan.Agent) -> karanteni i uspješno izbrisan.
C: \ WINDOWS \ system32 \ pac.txt (Malware.Trace) -> karanteni i uspješno izbrisan.
C: \ Windows \ System32 \ Drivers \ spools.exe (Trojan.Agent) -> karanteni i uspješno izbrisan.
C: \ Documents and Settings \ Danny \ cftmon.exe (Trojan.Agent) -> karanteni i uspješno izbrisan.
C: \ Documents and Settings \ Roz \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> karanteni i uspješno izbrisan.
C: \ Documents and Settings \ LocalService \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> karanteni i uspješno izbrisan.
C: \ Documents and Settings \ Danny \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> karanteni i uspješno izbrisan.

**RB211** · #6 5. travanj 2008, 00:51

Oh OK JA nije shvati sam morao postavljati ih sve zajedno. Sorry dečki ... Ovdje su:

SUPERAntiSpyware Scan Prijava
http://www.superantispyware.com
Generirano 04/04/2008 at 10:06
Application Version: 4.0.1154
Core Pravila Database Version: 3431
Trace Pravila Database Version: 1423
Scan type: Cijela Scan
Ukupno Scan Vrijeme: 01:41:45
Memorija predmeta skenirane: 703
Memorija prijetnje otkrivena: 1
Registry stavke skenirane: 5826
Matični prijetnje otkrivena: 43
File skenirane podatke: 289779
File prijetnje otkrivena: 158
Adware.Vundo Varijanta / Resident
C: \ Windows \ System32 \ MLJJJ.DLL
C: \ Windows \ System32 \ MLJJJ.DLL
Trojan.WinFixer
HKLM \ Software \ Classes \ CLSID \ (09888678-42FC-51D6-9437-CBBFDA0B86EA)
HKCR \ CLSID \ (09888678-42FC-51D6-9437-CBBFDA0B86EA)
HKCR \ CLSID \ (09888678-42FC-51D6-9437-CBBFDA0B86EA) \ InprocServer32
HKCR \ CLSID \ (09888678-42FC-51D6-9437-CBBFDA0B86EA) \ InprocServer32 # ThreadingModel
HKLM \ Software \ Classes \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B)
HKCR \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B)
HKCR \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B) \ InprocServer32
HKCR \ CLSID \ (6800D574-80D6-4F0F-B6C9-E590AF2F999B) \ InprocServer32 # ThreadingModel
C: \ Windows \ System32 \ JKKLL.DLL
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (09888678-42FC-51D6-9437-CBBFDA0B86EA)
Adware.Vundo Varijanta
HKLM \ Software \ Classes \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9) \ InprocServer32
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9) \ InprocServer32 # ThreadingModel
C: \ Windows \ System32 \ TUVSQPQ.DLL
HKLM \ Software \ Classes \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2)
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2)
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2) \ InprocServer32
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2) \ InprocServer32 # ThreadingModel
C: \ Windows \ System32 \ YAYWUVW.DLL
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ ShellExecuteHooks # (D85530E8-D39D-49D0-9F36-300D594556D2)
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ ShellExecuteHooks # (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (3FECA576-7AD2-4E11-A6AD-6B59D4FB5DB9)
HKCR \ CLSID \ (D85530E8-D39D-49D0-9F36-300D594556D2)
Unclassified.Unknown Origin
HKLM \ Software \ Classes \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ InprocServer32
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ PROGID
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ Programabilni
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ TypeLib
HKCR \ CLSID \ (F4F10C1D-87C7-404A-B4B3-000000000000) \ VersionIndependentProgID
C: \ programa ~ 1 \ pecati \ SBSEARCH.DLL
HKU \ S-1-5-21-73586283-1326574676-839522115-1004 \ Software \ Microsoft \ Internet Explorer \ URLSearchHooks # (F4F10C1D-87C7-404A-B4B3-000000000000)
HKCR \ SearchHook.SrchHook.1
HKCR \ SearchHook.SrchHook
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6)
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1,0
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ 0
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ 0 \ Win32
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ ZASTAVE
HKCR \ TypeLib \ (95EFB171-F3DF-4BEC-9EF7-829A800203E6) \ 1.0 \ HELPDIR
Adware.Tracking Cookie
C: \ Documents and Settings \ Danny \ Cookies \ @ danny posluživanje-sys [1]. Txt
C: \ Documents and Settings \ Danny \ Cookies \ @ danny tribalfusion [1]. Txt
C: \ Documents and Settings \ Danny \ Cookies \ @ danny doubleclick [1]. Txt
C: \ Documents and Settings \ Danny \ Cookies \ danny@bs.serving-sys [1]. Txt
C: \ Documents and Settings \ Danny \ Cookies \ danny@bs.serving-sys [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@ad.yieldmanager [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@ad.zanox [1]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz @ adnetserver [1]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@ads.alpharooms [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@ads1.alpharooms [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@ads2.alpharooms [1]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@ads3.alpharooms [1]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@ads4.alpharooms [1]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz @ adultfriendfinder [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz @ gostats [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz @ hornymatches [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz @ indexstats [1]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz @ indexstats [3]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz @ linksynergy [1]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@media2.mediafileshost [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz @ statcounter [1]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@statse.webtrendslive [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@tracking.summitmedia.co [1]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@webstats.wthosting.co [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@www.admedia365 [2]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@www.admedia365 [3]. Txt
C: \ Documents and Settings \ Roz \ Cookies \ roz@www.hxtrack [2]. Txt
H: \ Documents and Settings \ Rozzie \ Cookies \ rozzie @ indexstats [2]. Txt
H: \ Documents and Settings \ Rozzie \ Cookies \ rozzie@pc-finder.co [2]. Txt
H: \ Documents and Settings \ Rozzie \ Cookies \ rozzie@www.pc-finder.co [2]. Txt
H: \ Novije Docs & Kompleti \ Rozzie \ Cookies \ rozzie @ indexstats [2]. Txt
H: \ Novije Docs & Kompleti \ Rozzie \ Cookies \ rozzie@pc-finder.co [2]. Txt
H: \ Novije Docs & Kompleti \ Rozzie \ Cookies \ rozzie@www.pc-finder.co [2]. Txt
H: \ Rozzie \ Cookies \ rozzie @ indexstats [2]. Txt
H: \ Rozzie \ Cookies \ rozzie@pc-finder.co [2]. Txt
H: \ Rozzie \ Cookies \ rozzie@www.pc-finder.co [2]. Txt
Trojan.Unknown Origin
C: \ WINDOWS \ system32 \ nGpxx01
HKLM \ Software \ xpre
HKLM \ Software \ xpre # execount
Adware.VXGame-Trace
HKU \ S-1-5-21-73586283-1326574676-839522115-1005 \ Software \ kernelexe
Adware.Vundo Varijanta / rel
C: \ Windows \ System32 \ ACCDD.INI
C: \ Windows \ System32 \ ACCDD.INI2
C: \ Windows \ System32 \ ILKKJ.INI
C: \ Windows \ System32 \ ILKKJ.INI2
C: \ Windows \ System32 \ JJJLM.INI
C: \ Windows \ System32 \ JJJLM.INI2
C: \ Windows \ System32 \ LLKKJ.INI
C: \ Windows \ System32 \ LLKKJ.INI2
C: \ Windows \ System32 \ LNNMP.INI2
C: \ Windows \ System32 \ MCRH.TMP
C: \ Windows \ System32 \ RRQSS.INI
C: \ Windows \ System32 \ VVVWA.INI2
Varijanta Adware.Vundo -
C: \ Windows \ System32 \ DDCCA.DLL
C: \ Windows \ System32 \ SSQRR.DLL
Trace.Known prijetnja Izvori
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ index [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ dna [2]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i53b_t1 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ CAXOO75T.htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ xrest [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ AJAX [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ verx [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_brd-top-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ menadžeri [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ errorhandler [2]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i701_line2 [1]. Jpg
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_boton1 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ errorhandler [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ niz [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ errorhandler [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_btn-features [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_cor-left-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_icon3 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ kripti [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ prozor [1]. Js
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ čist [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_bg1 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ stats [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ vrh [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ SDWBGNOV \ main_02 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ CASL6F4X.htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_line2 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i701_cor-pravo-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ AHGZAXI5 \ preporučiti [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_icon5 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ stilova [5]. Css
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ ZLGK0BFB \ off_2 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i701_bg2 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ napredak [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_btn-pregled [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ index [5]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ stats [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_bg3 [1]. Jpg
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 8NKJEV4R \ bottom_r_2 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ hitno [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ errorhandler [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ AC_RunActiveContent [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ midle [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ QX8BMXM5 \ stilova [2]. Css
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_boton4 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i53b_btn-kupnje [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ spacer [4]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ AJAX [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ G92ZKB2T \ označite [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CX8VSB4B \ bottom_r [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ kripti [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ LO76ZR17 \ errsnd [1]. Swf
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CX8VSB4B \ bottom_l [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i53b_brd-top-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ kripti [2]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ AHGZAXI5 \ secpan [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_btn kuće [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ CAUJABA1.htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ AC_ActiveX [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_line3 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ chec [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i53b_icon1 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ AJAX [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_btn-download [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ ZLGK0BFB \ x [2]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ CA3MKJZH.htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_BG [1]. Jpg
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_line1 [1]. Jpg
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i701_brd-bot-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_pc [1]. Jpg
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_boton2 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ i53b_brd-bot-1 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_bg4 [1]. Jpg
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ menadžeri [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i53b_btn ažuriranja [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ menadžeri [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ UR2NQ1UR \ alert [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ flash [1]. Js
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 4P6RS5MF \ i701_spacer [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ AL6HK9M7 \ main_06 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ head_r_back [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ LO76ZR17 \ Štit [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ i701_line3 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ i701_boton2 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ flash_detect [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ M1Q5EV4X \ play [1]. Js
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ UR2NQ1UR \ main_10 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ M1Q5EV4X \ main_05 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ QX8BMXM5 \ križ [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ G92ZKB2T \ main_07 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ EJ23EDUF \ closebutton [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ 8NKJEV4R \ main_03 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ ban_2 [1]. Swf
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ logo2 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ WTAN0PYF \ data [1]. Htm
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ LO76ZR17 \ off_back [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ AL6HK9M7 \ download [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ M1Q5EV4X \ main_04 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ W9AJSLIB \ popup [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ CTY381ER \ left_3 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ QX8BMXM5 \ bottom_l_2 [1]. Gif
C: \ Documents and Settings \ Roz \ Local Settings \ Temporary Internet Files \ Content.IE5 \ Z81HJ8WK \ right_2 [1]. Gif

Malwarebytes' Anti-zaštita od zlonamjernih programa 1,10
Database version: 592
Scan type: Full Scan (A: \ | C: \ | D: \ | E: \ | H: \ | I: \ | J: \ |)
Objekti skenirane: 336027
Proteklo vrijeme: 1 sat (a), 8 minute (s), 1 sekundu (s)
Memory Processes zaraženih: 5
Memorijske module zaraženih: 0
Ključevi registra zaraženih: 10
Registry Values zaraženih: 7
Registry Data Items zaraženih: 0
Mape zaraženih: 0
Zaražene datoteke: 11
Memory Processes zaraženih:
C: \ Windows \ System32 \ Drivers \ Ctfmon.exe (Trojan.Agent) -> istovaren proces uspješno.
C: \ Windows \ System32 \ Drivers \ Ctfmon.exe (Trojan.Agent) -> istovaren proces uspješno.
C: \ Documents and Settings \ Danny \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> istovaren proces uspješno.
C: \ Documents and Settings \ Danny \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> istovaren proces uspješno.
C: \ Documents and Settings \ Danny \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> istovaren proces uspješno.
Memorijske module zaraženih:
(Nema stavki otkrivenih zlonamjernih)
Ključevi registra zaraženih:
HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet001 \ Services \ s chedule (Trojan.Agent) -> karanteni i uspješno izbrisan.
HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet002 \ Services \ s chedule (Trojan.Agent) -> karanteni i uspješno izbrisan.
HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Servic es \ raspored (Trojan.Agent) -> karanteni i uspješno izbrisan.
HKEY_CURRENT_USER \ Software \ Microsoft \ affri (Malware.Trace) -> karanteni i uspješno izbrisan.
HKEY_CURRENT_USER \ Software \ Microsoft \ affltid (Malware.Trace) -> karanteni i uspješno izbrisan.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ affltid (Malware.Trace) -> karanteni i uspješno izbrisan.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ affri (Malware.Trace) -> karanteni i uspješno izbrisan.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ MS Juan (Malware.Trace) -> karanteni i uspješno izbrisan.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ FCOVM (Trojan.Vundo) -> karanteni i uspješno izbrisan.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RemoveRP (Trojan.Vundo) -> karanteni i uspješno izbrisan.
Registry Values zaraženih:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ BMafb2445c (Trojan.Agent) -> karanteni i uspješno izbrisan.
HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run \ ntuser (Trojan.Agent) -> karanteni i uspješno izbrisan.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ ntuser (Trojan.Agent) -> karanteni i uspješno izbrisan.
HKEY_USERS \. DEFAULT \ SOFTWARE \ Microsoft \ Windows \ Cur rentVersion \ Run \ ntuser (Trojan.Agent) -> karanteni i uspješno izbrisan.
HKEY_USERS \. DEFAULT \ SOFTWARE \ Microsoft \ Windows \ Cur rentVersion \ Run \ autoload (Trojan.Agent) -> karanteni i uspješno izbrisan.
HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run \ autoload (Trojan.Agent) -> karanteni i uspješno izbrisan.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ autoload (Trojan.Agent) -> karanteni i uspješno izbrisan.
Registry Data Items zaraženih:
(Nema stavki otkrivenih zlonamjernih)
Mape zaraženih:
(Nema stavki otkrivenih zlonamjernih)
Zaražene datoteke:
C: \ Documents and Settings \ LocalService \ Local Settings \ Temporary Internet Files \ Content.IE5 \ GHIJKLMN \ krugova [1]. Jpg (Trojan.Madcode) -> karanteni i uspješno izbrisan.
C: \ System Volume Information \ _restore (B4EDD13F-A6F1-41A1-814E-E5C94DDA45B5) \ RP8 \ A0002994.exe (Trojan.Downloader) -> karanteni i uspješno izbrisan.
C: \ WINDOWS \ system32 \ iupdate.exe (Trojan.Madcode) -> karanteni i uspješno izbrisan.
C: \ WINDOWS \ system32 \ kchkioor.dll (Trojan.Agent) -> Delete na ponovno podizanje sustava.
C: \ Windows \ System32 \ Drivers \ Ctfmon.exe (Trojan.Agent) -> karanteni i uspješno izbrisan.
C: \ WINDOWS \ system32 \ pac.txt (Malware.Trace) -> karanteni i uspješno izbrisan.
C: \ Windows \ System32 \ Drivers \ spools.exe (Trojan.Agent) -> karanteni i uspješno izbrisan.
C: \ Documents and Settings \ Danny \ cftmon.exe (Trojan.Agent) -> karanteni i uspješno izbrisan.
C: \ Documents and Settings \ Roz \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> karanteni i uspješno izbrisan.
C: \ Documents and Settings \ LocalService \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> karanteni i uspješno izbrisan.
C: \ Documents and Settings \ Danny \ Local Settings \ Application Data \ spool.exe (Trojan.Agent) -> karanteni i uspješno izbrisan.

Logfile of Trend Micro HijackThis v2.0.2
Scan spremljena u 08:45:34, dana 05/04/2008
Platforma: Windows XP SP2 (Winnt 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Pokretanje procesa:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ AMD \ RAIDXpert \ kej \ extra \ Win32 \ Wrapper.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
C: \ Program Files \ AMD \ RAIDXpert \ _jvm \ bin \ java.exe
C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
C: \ WINDOWS \ system32 \ RunDll32.exe
C: \ Program Files \ btbb_wcm \ McciTrayApp.exe
C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ybrwicon.exe
C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
C: \ Program Files \ Logitech \ MediaLife \ MediaLifeService.exe
C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
C: \ WINDOWS \ Samsung \ LaserSMMgr \ ssmmgr.exe
C: \ programa ~ 1 \ Yahoo! \ YOP \ yop.exe
C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ycommon.exe
C: \ Program Files \ SPAMfighter \ SFAgent.exe
C: \ Program Files \ Desktop BT Širokopojasni Pomoć \ bin \ BTHelpNotifier.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
C: \ Program Files \ SPAMfighter \ sfus.exe
C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Statični \ MOM.EXE
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 4.exe
C: \ WINDOWS \ System32 \ wltrysvc.exe
C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgcc.exe
C: \ programa ~ 1 \ MI948F ~ 1 \ GAMECO ~ 1 \ Common \ SWTrayV4.exe
C: \ WINDOWS \ System32 \ bcmwltry.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe
C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe
C: \ Program Files \ Microsoft IntelliType Pro \ dpupdchk.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
C: \ Program Files \ DNA \ btdna.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ programa ~ 1 \ Yahoo! \ YOP \ SSDK02.exe
C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ Windows \ System32 \ Msiexec.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
C: \ Program Files \ NETGEAR WG311v2 Adapterski \ wlancfg5.exe
C: \ Program Files \ Desktop BT Širokopojasni Pomoć \ bin \ mpbtn.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ javaw.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Statični \ ccc.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://news.bbc.co.uk/sport1/hi/football/default.stm
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Postavke, ProxyOverride = 127.0.0.1; *. lokalne
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn0 \ yt.dll
O2 - BHO: (no name) - (3CAB59B4-55A3-4737-9FD5-B93C6430BF75) - C: \ WINDOWS \ system32 \ sjmxcfmu.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn0 \ yt.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - c: \ program files \ google \ googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ AskSBar \ bar \ 1.bin \ ASKSBAR.DLL
O4 - HKLM \ .. \ Run: [C6501Sound] rundll32 c6501.cpl, CMICtrlWnd
O4 - HKLM \ .. \ Run: [btbb_wcm_McciTrayApp] C: \ Program Files \ btbb_wcm \ McciTrayApp.exe
O4 - HKLM \ .. \ Run: [YBrowser] C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ybrwicon.exe
O4 - HKLM \ .. \ Run: [HPHUPD08] C: \ Program Files \ HP \ Digital Imaging \ (33D6CC28-9F75-4d1b-A11D-98895B3A3729) \ hphupd08.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [MediaLifeService] "C: \ Program Files \ Logitech \ MediaLife \ MediaLifeService.exe"
O4 - HKLM \ .. \ Run: [Samsung SM LBP] "C: \ WINDOWS \ Samsung \ LaserSMMgr \ ssmmgr.exe" / autorun
O4 - HKLM \ .. \ Run: [YOP] C: \ programa ~ 1 \ Yahoo! \ YOP \ yop.exe / autostart
O4 - HKLM \ .. \ Run: [SPAMfighter agentu] "C: \ Program Files \ SPAMfighter \ SFAgent.exe" update odgađanja 60
O4 - HKLM \ .. \ Run: [btbb_McciTrayApp] C: \ Program Files \ Desktop BT Širokopojasni Pomoć \ bin \ BTHelpNotifier.exe
O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Statični \ CLIStart.exe"
O4 - HKLM \ .. \ Run: [amd_dc_opt] C: \ Program Files \ AMD \ Dual-Core Optimizator \ amd_dc_opt.exe
O4 - HKLM \ .. \ Run: [HPDJ traci Utility] C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 4.exe
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / StartUp
O4 - HKLM \ .. \ Run: [SideWinderTrayV4] C: \ programa ~ 1 \ MI948F ~ 1 \ GAMECO ~ 1 \ Common \ SWTrayV4.exe
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [itype] "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe" / minimizirane
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [swg] C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "C: \ Program Files \ DNA \ btdna.exe"
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user')
O4 - Startup: MP3 Rocket (minimiziran). Lnk = C: \ Program Files \ MP3 Rocket \ MP3Rocket.exe
O4 - Global Startup: BT Širokopojasni Desktop Help.lnk = C: \ Program Files \ Desktop BT Širokopojasni Pomoć \ bin \ matcli.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
O4 - Global Startup: NETGEAR WG311v2 Smart Configuration.lnk = C: \ Program Files \ NETGEAR WG311v2 Adapterski \ wlancfg5.exe
O8 - Extra kontekst meni stavka: Clean & Tragovi - C: \ Program Files \ pecati \ privatnosti Package \ dapcleanerie.htm
O8 - Extra kontekst meni stavka: & & s pecati Download - C: \ Program Files \ pecati \ dapextie.htm
O8 - Extra kontekst meni stavka: Download & all s pecati - C: \ Program Files \ pecati \ dapextie2.htm
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra button: BT Yahoo! Services - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ programa ~ 1 \ Yahoo! \ Common \ yiesrvc.dll
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (Installation Support) - C: \ Program Files \ Yahoo! \ Common \ Yinsthelper20073151.dll
O16 - DPF: (6F15128C-E66A-490C-B848-5000B5ABEEAC) (HP Download Manager) -- https: / / h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
O16 - DPF: (BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B) (Zylom Igre Player) -- http://game07.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...nt/swflash.cab
O20 - Winlogon Obavijesti:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O20 - Winlogon Obavijesti: tuvsqpq - tuvsqpq.dll (file missing)
O20 - Winlogon Obavijesti: yaywuvw - yaywuvw.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
O23 - Service: AMD RAIDXpert (AMDRAIDXpert) - Unknown vlasnika - C: \ Program Files \ AMD \ RAIDXpert \ kej \ extra \ Win32 \ Wrapper.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: ati brza tipka Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: ATI Smart - Unknown vlasnika - C: \ WINDOWS \ system32 \ ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT sro - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, sro - C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, sro - C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, sro - C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: Pml Driver HPZ12 - Unknown vlasnika - C: \ WINDOWS \ system32 \ HPZipm12.exe (file missing)
O23 - Service: SPAMfighter Update Service - SPAMfighter APS - C: \ Program Files \ SPAMfighter \ sfus.exe
O23 - Service: WLTRYSVC - Unknown vlasnika - C: \ WINDOWS \ System32 \ wltrysvc.exe
O23 - Service: YPCService - Yahoo! Inc - C: \ WINDOWS \ system32 \ YPCSER ~ 1.EXE
--
End of file - 10856 bytes

Mnogo hvala

**evilfantasy** · #7 5. travanj 2008, 01:27

Izgleda je bilo puno uklonjen, još uvijek postoje neke upitno unose u Hijackthis log pa nam je potrebna za pokretanje nekih različitih alata.

Preuzimanje Vundofix.exe na radnu površinu.

Dvokliknite VundoFix.exe da ga vode.
Kada VundoFix otvori, kliknite na Scan for Vundo gumb.
Nakon što je učinio za skeniranje, kliknite na Remove Vundo gumb.
Primit ćete brz molba ako želite ukloniti datoteke, kliknite DA
Nakon što kliknete na Yes, vaš desktop će ići prazan jer počinje uklanjanjem Vundo.
Kad je završio, on će zatražiti da će to shutdown računalo, kliknite na U redu.
Okrenite se na vaše računalo.
Molimo post sadržaj C: \vundofix.txt i novu HiJackThis log.

Napomena: Moguće je da je naišao VundoFix datoteku ga nije mogao ukloniti. U ovom slučaju, VundoFix će se izvoditi na ponovno podizanje sustava, jednostavno slijedite gornje upute počevši od "Kliknite gumb Scan for Vundo" kada se pojavljuje na VundoFix ponovno podizanje sustava.

Javite Vundo završiti, ponekad može potrajati i više prolaza

----------

Preuzimanje SDFix.exe i spremite je na svoj Desktop.

Dvaput kliknite na SDFix.exe i ona će ekstrakt datoteke u% systemdrive%
(Pogon koji sadrži Windows Directory, obično C: \ SDFix)

Molimo, a zatim ponovo pokrenuti računalo u Safe Mode tako da učinite sljedeće:

Ponovo pokrenite računalo
Nakon rasprave vaše računalo bip jednom prilikom pokretanja, ali prije nego što Windows ikonu pojavi fleka tipku F8 neprekidno;
Umjesto Windows učitava kao normalno, "Napredne opcije Meni trebaju pojaviti;
Odaberite prvu opciju, to trčanje Windows u sigurnom načinu rada, a zatim pritisnite Enter.
Izaberite Vaš uobičajeni račun.
Otvorite mapu i izlučene SDFix Dvoklik RunThis.bat za pokretanje skripte.
Vrsta Y da biste započeli proces čišćenje.
To će ukloniti sve Trojanski Usluge i stavke registra da pronađe potom od vas zatražiti da pritisnete bilo koju tipku da biste ponovno podizanje sustava.
Pritisnite bilo koju tipku, te će ponovo pokrenuti računalo.
Kada se računalo ponovo pokreće se Fixtool će ponovno pokrenuti i dovršili postupak uklanjanja, zatim prikaz Završeno, Pritisnite bilo koju tipku da biste prekinuli učitavanje skripte i vaš desktop ikona.
Jednom desktopu ikone učitati SDFix izvještaj na ekranu će se otvoriti i spremiti u mapu SDFix kao Report.txt
(Report.txt će se kopirati u međuspremnik).
Na kraju dodati sadržaj tog Report.txt u slijedećem postu.

----------

Sada pokrenite novu Hijackthis skenirati i post puno prijava, zajedno sa ostalima.

Također javite mi kako stvari stoje sada.

**RB211** · #8 5. travanj 2008, 02:23

OK Sljedeća dva.

VundoFix V7.0.3
Scan započeo u 10:07:05 05/04/2008
Popis datoteka pronađena pri pretraživanju ....
C: \ WINDOWS \ system32 \ anthkpru.dll
Počev uklanjanje ...
Pokušavate izbrisati C: \ WINDOWS \ system32 \ anthkpru.dll
C: \ WINDOWS \ system32 \ anthkpru.dll je izbrisan!
Izvođenje Popravke u registar.
Učinjeno!

Logfile of Trend Micro HijackThis v2.0.2
Scan spremljena u 10:18:53, dana 05/04/2008
Platforma: Windows XP SP2 (Winnt 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Pokretanje procesa:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ AMD \ RAIDXpert \ kej \ extra \ Win32 \ Wrapper.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
C: \ Program Files \ AMD \ RAIDXpert \ _jvm \ bin \ java.exe
C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
C: \ WINDOWS \ system32 \ RunDll32.exe
C: \ Program Files \ btbb_wcm \ McciTrayApp.exe
C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ybrwicon.exe
C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
C: \ Program Files \ Logitech \ MediaLife \ MediaLifeService.exe
C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ycommon.exe
C: \ WINDOWS \ Samsung \ LaserSMMgr \ ssmmgr.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ programa ~ 1 \ Yahoo! \ YOP \ yop.exe
C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
C: \ Program Files \ SPAMfighter \ SFAgent.exe
C: \ Program Files \ SPAMfighter \ sfus.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ wltrysvc.exe
C: \ WINDOWS \ System32 \ bcmwltry.exe
C: \ Program Files \ Desktop BT Širokopojasni Pomoć \ bin \ BTHelpNotifier.exe
C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Statični \ MOM.EXE
C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 4.exe
C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgcc.exe
C: \ programa ~ 1 \ MI948F ~ 1 \ GAMECO ~ 1 \ Common \ SWTrayV4.exe
C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe
C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe
C: \ Program Files \ Microsoft IntelliPoint \ dpupdchk.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ programa ~ 1 \ Yahoo! \ YOP \ SSDK02.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
C: \ Program Files \ DNA \ btdna.exe
C: \ Windows \ System32 \ Msiexec.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Statični \ ccc.exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ Desktop BT Širokopojasni Pomoć \ bin \ mpbtn.exe
C: \ Program Files \ NETGEAR WG311v2 Adapterski \ wlancfg5.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ javaw.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://news.bbc.co.uk/sport1/hi/football/default.stm
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Postavke, ProxyOverride = 127.0.0.1; *. lokalne
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn0 \ yt.dll
O2 - BHO: (no name) - (3CAB59B4-55A3-4737-9FD5-B93C6430BF75) - C: \ WINDOWS \ system32 \ sjmxcfmu.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn0 \ yt.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - c: \ program files \ google \ googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ AskSBar \ bar \ 1.bin \ ASKSBAR.DLL
O4 - HKLM \ .. \ Run: [C6501Sound] rundll32 c6501.cpl, CMICtrlWnd
O4 - HKLM \ .. \ Run: [btbb_wcm_McciTrayApp] C: \ Program Files \ btbb_wcm \ McciTrayApp.exe
O4 - HKLM \ .. \ Run: [YBrowser] C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ybrwicon.exe
O4 - HKLM \ .. \ Run: [HPHUPD08] C: \ Program Files \ HP \ Digital Imaging \ (33D6CC28-9F75-4d1b-A11D-98895B3A3729) \ hphupd08.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [MediaLifeService] "C: \ Program Files \ Logitech \ MediaLife \ MediaLifeService.exe"
O4 - HKLM \ .. \ Run: [Samsung SM LBP] "C: \ WINDOWS \ Samsung \ LaserSMMgr \ ssmmgr.exe" / autorun
O4 - HKLM \ .. \ Run: [YOP] C: \ programa ~ 1 \ Yahoo! \ YOP \ yop.exe / autostart
O4 - HKLM \ .. \ Run: [SPAMfighter agentu] "C: \ Program Files \ SPAMfighter \ SFAgent.exe" update odgađanja 60
O4 - HKLM \ .. \ Run: [btbb_McciTrayApp] C: \ Program Files \ Desktop BT Širokopojasni Pomoć \ bin \ BTHelpNotifier.exe
O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Statični \ CLIStart.exe"
O4 - HKLM \ .. \ Run: [amd_dc_opt] C: \ Program Files \ AMD \ Dual-Core Optimizator \ amd_dc_opt.exe
O4 - HKLM \ .. \ Run: [HPDJ traci Utility] C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 4.exe
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / StartUp
O4 - HKLM \ .. \ Run: [SideWinderTrayV4] C: \ programa ~ 1 \ MI948F ~ 1 \ GAMECO ~ 1 \ Common \ SWTrayV4.exe
O4 - HKLM \ .. \ Run: [itype] "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe" / minimizirane
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [swg] C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "C: \ Program Files \ DNA \ btdna.exe"
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user')
O4 - Startup: MP3 Rocket (minimiziran). Lnk = C: \ Program Files \ MP3 Rocket \ MP3Rocket.exe
O4 - Global Startup: BT Širokopojasni Desktop Help.lnk = C: \ Program Files \ Desktop BT Širokopojasni Pomoć \ bin \ matcli.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
O4 - Global Startup: NETGEAR WG311v2 Smart Configuration.lnk = C: \ Program Files \ NETGEAR WG311v2 Adapterski \ wlancfg5.exe
O8 - Extra kontekst meni stavka: Clean & Tragovi - C: \ Program Files \ pecati \ privatnosti Package \ dapcleanerie.htm
O8 - Extra kontekst meni stavka: & & s pecati Download - C: \ Program Files \ pecati \ dapextie.htm
O8 - Extra kontekst meni stavka: Download & all s pecati - C: \ Program Files \ pecati \ dapextie2.htm
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra button: BT Yahoo! Services - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ programa ~ 1 \ Yahoo! \ Common \ yiesrvc.dll
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (Installation Support) - C: \ Program Files \ Yahoo! \ Common \ Yinsthelper20073151.dll
O16 - DPF: (6F15128C-E66A-490C-B848-5000B5ABEEAC) (HP Download Manager) -- https: / / h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
O16 - DPF: (BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B) (Zylom Igre Player) -- http://game07.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...nt/swflash.cab
O20 - Winlogon Obavijesti:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O20 - Winlogon Obavijesti: tuvsqpq - tuvsqpq.dll (file missing)
O20 - Winlogon Obavijesti: yaywuvw - yaywuvw.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
O23 - Service: AMD RAIDXpert (AMDRAIDXpert) - Unknown vlasnika - C: \ Program Files \ AMD \ RAIDXpert \ kej \ extra \ Win32 \ Wrapper.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: ati brza tipka Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: ATI Smart - Unknown vlasnika - C: \ WINDOWS \ system32 \ ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT sro - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, sro - C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, sro - C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, sro - C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: Pml Driver HPZ12 - Unknown vlasnika - C: \ WINDOWS \ system32 \ HPZipm12.exe (file missing)
O23 - Service: SPAMfighter Update Service - SPAMfighter APS - C: \ Program Files \ SPAMfighter \ sfus.exe
O23 - Service: WLTRYSVC - Unknown vlasnika - C: \ WINDOWS \ System32 \ wltrysvc.exe
O23 - Service: YPCService - Yahoo! Inc - C: \ WINDOWS \ system32 \ YPCSER ~ 1.EXE
--
End of file - 10853 bytes

**evilfantasy** · #9 5. travanj 2008, 02:36

SDFix prijaviti?

**RB211** · #10 5. travanj 2008, 02:51

OK SDFix i najnovije snajper:

Živjeli

SDFix: 1,166 Version
Run by Danny na 05/04/2008 at 10:38
Microsoft Windows XP [Version 5/1/2600]
Running From: C: \ sdfix \ SDFix
Provjera Usluge :

Vraćanjem Windows Registry Values
Vraćanjem sustava Windows Default Hosts File
Postupak ponovne inicijalizacije operacijskog sust

Provjera Files :
Trojanski Files Pronađeno:
C: \ WINDOWS \ Temp \ 1852.tmp.lst - Obrisana
C: \ WINDOWS \ Temp \ 2723.tmp.lst - Obrisana
C: \ WINDOWS \ Temp \ 2F76.tmp.lst - Obrisana
C: \ WINDOWS \ Temp \ 541A.tmp.lst - Obrisana
C: \ WINDOWS \ Temp \ 580D.tmp.lst - Obrisana
C: \ WINDOWS \ Temp \ 6E54.tmp.lst - Obrisana
C: \ WINDOWS \ fetchuserid.exe - Obrisana

Mapu C: \ Program Files \ drmupgds - Odstranjena

Uklanjanje Temp Files
Provjerite REKLAME :

Završna Provjeri :
catchme 0.3.1344.2 W2K/XP/Vista - rootkit / potaja detector by Gmer zlonamjernih programa, http://www.gmer.net
Rootkit scan 2008-04-05 10:44:19
5/1/2600 Windows Service Pack 2 NTFS
skeniranja skrivenih procesa ...
skeniranja skrivenih i usluge Grozd sustava ...
skeniranja skrivenih stavki registra ...
skeniranja skrivenih datoteka ...
scan uspješno završena
skriveni procesi: 0
skriven usluge: 0
skrivenih datoteka: 0

Preostali Usluge :

Ovlašteni Aplikacija Ključ Izvoz:
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servic ES \ sharedaccess \ Parameters \ firewallpolicy \ standardnih profila \ authorizedapplications \ list]
"C: \ \ Program Files \ \ BitTorrent \ \ bittorrent.exe" = "C: \ \ Program Files \ \ BitTorrent \ \ bittorrent.exe: *: Omogućen: BitTor najam"
"C: \ \ Program Files \ \ DNA \ \ btdna.exe" = "C: \ \ Program Files \ \ DNA \ \ btdna.exe: *: Omogućen: DNA"
"C: \ \ Program Files \ \ ICQ \ \ Icq.exe" = "C: \ \ Program Files \ \ ICQ \ \ Icq.exe: *: Omogućen: ICQ"
"C: \ \ Program Files \ \ Yahoo! \ \ Messenger \ \ YahooMessenger.exe" = "C: \ \ Program Files \ \ Yahoo! \ \ Messenger \ \ YahooMessenger.exe: *: Ena Bled: Yahoo Messenger"
"C: \ \ Program Files \ \ LimeWire \ \ LimeWire.exe" = "C: \ \ Program Files \ \ LimeWire \ \ LimeWire.exe: *: Omogućen: LimeWire»
"D: \ \ Program Files \ \ Microsoft Games \ \ Flight Simulator 9 \ \ fs9.exe" = "D: \ \ Program Files \ \ Microsoft Games \ \ Flight Simulator 9 \ \ fs9.exe: *: Omogućen: Microsoft Flight Simulator "
"C: \ \ WINDOWS \ \ system32 \ \ dpnsvr.exe" = "C: \ \ WINDOWS \ \ system32 \ \ dpnsvr.exe: *: Omogućen: Microsoft DirectPlay8 Server"
"C: \ \ Program Files \ \ Kontiki \ \ KService.exe" = "C: \ \ Program Files \ \ Kontiki \ \ KService.exe: *: Omogućen: Delivery Manager Service"
"C: \ \ Program Files \ \ Ubisoft \ \ mjenjača Software \ \ BrothersInArmsEiB \ \ System \ \ EiB.exe" = "C: \ \ Program Files \ \ Ubisoft \ \ mjenjača Software \ \ BrothersInArmsEiB \ \ System \ \ EIB . exe: *: Ena Bled: Brothers In Arms Zarađeni u krvi "
"C: \ \ Ventil \ \ Condition Zero \ \ czero.exe" = "C: \ \ Ventil \ \ Condition Zero \ \ czero.exe: *: Omogućen: Condition Zero Launcher"
"C: \ \ Program Files \ \ Java \ \ jre1.6.0_04 \ \ bin \ \ javaw.exe" = "C: \ \ Pro gram Files \ \ Java \ \ jre1.6.0_04 \ \ bin \ \ javaw. exe: *: Omogućen: Java (TM) Platforma SE binarno "
"C: \ \ Program Files \ \ pecati \ \ DAP.exe" = "C: \ \ Program Files \ \ pecati \ \ DAP.exe: *: Omogućen: Download Accelerator Plus (pecati)"
"% windir% \ \ system32 \ \ sessmgr.exe" = "% windir% \ \ syste m32 \ \ sessmgr.exe: *: enabled: @ xpsp2res.dll, -22019"
"C: \ \ Program Files \ \ SpeedBit Video Accelerator \ \ VideoAccelerator.exe" = "C: \ \ Program Files \ \ SpeedBit Video Accelerator \ \ VideoAccelerator.exe: *: Omogućen: VideoA ccelerator"
"C: \ \ Program Files \ \ SpeedBit Video Accelerator \ \ VideoAcceleratorEngine.exe" = "C: \ \ Prog ram Files \ \ SpeedBit Video Accelerator \ \ VideoAcceleratorEngine.exe: *: Omogućen: VideoAcceleratorService"
"C: \ \ Program Files \ \ Java \ \ jre1.6.0_05 \ \ bin \ \ javaw.exe" = "C: \ \ Pro gram Files \ \ Java \ \ jre1.6.0_05 \ \ bin \ \ javaw. exe: *: Omogućen: Java (TM) Platforma SE binarno "
"C: \ \ Program Files \ \ iTunes \ \ iTunes.exe" = "C: \ \ Program Files \ \ iTunes \ \ iTunes.exe: *: Omogućen: iTunes"
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servic ES \ sharedaccess \ Parameters \ firewallpolicy \ domainpr ofile \ authorizedapplications \ list]
"% windir% \ \ system32 \ \ sessmgr.exe" = "% windir% \ \ syste m32 \ \ sessmgr.exe: *: enabled: @ xpsp2res.dll, -22019"
Preostali Files :

Datoteke sigurnosne kopije: - C: \ sdfix \ SDFix \ sigurnosne kopije \ backups.zip
Skrivene datoteke s Svojstva :
Utorak 5. veljača 2008 4348 A.SH. --- "C: \ Documents and Settings \ All Users \ DRM \ DRMv1.bak"
Ponedjeljak 28 siječanj, 2008 0 A.SH. --- "C: \ Documents and Settings \ All Users \ DRM \ Cache \ Indiv01.tmp"
Završeno!

i

Logfile of Trend Micro HijackThis v2.0.2
Scan spremljena u 10:48:43, dana 05/04/2008
Platforma: Windows XP SP2 (Winnt 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Pokretanje procesa:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ csrss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ AMD \ RAIDXpert \ kej \ extra \ Win32 \ Wrapper.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
C: \ Program Files \ AMD \ RAIDXpert \ _jvm \ bin \ java.exe
C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
C: \ Program Files \ SPAMfighter \ sfus.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ wltrysvc.exe
C: \ WINDOWS \ System32 \ bcmwltry.exe
C: \ WINDOWS \ explorer.exe
C: \ WINDOWS \ System32 \ alg.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ WINDOWS \ system32 \ RunDll32.exe
C: \ Program Files \ btbb_wcm \ McciTrayApp.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ybrwicon.exe
C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ycommon.exe
C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ Program Files \ Logitech \ MediaLife \ MediaLifeService.exe
C: \ WINDOWS \ Samsung \ LaserSMMgr \ ssmmgr.exe
C: \ programa ~ 1 \ Yahoo! \ YOP \ yop.exe
C: \ Program Files \ SPAMfighter \ SFAgent.exe
C: \ Program Files \ Desktop BT Širokopojasni Pomoć \ bin \ BTHelpNotifier.exe
C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Statični \ MOM.EXE
C: \ Windows \ System32 \ Msiexec.exe
C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 4.exe
C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgcc.exe
C: \ programa ~ 1 \ MI948F ~ 1 \ GAMECO ~ 1 \ Common \ SWTrayV4.exe
C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe
C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe
C: \ Program Files \ Microsoft IntelliType Pro \ dpupdchk.exe
C: \ programa ~ 1 \ Yahoo! \ YOP \ SSDK02.exe
C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ wbem \ wmiprvse.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ DNA \ btdna.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ Program Files \ Desktop BT Širokopojasni Pomoć \ bin \ mpbtn.exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
C: \ Program Files \ NETGEAR WG311v2 Adapterski \ wlancfg5.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ javaw.exe
C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Statični \ ccc.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ WINDOWS \ system32 \ wbem \ wmiprvse.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://news.bbc.co.uk/sport1/hi/football/default.stm
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Postavke, ProxyOverride = 127.0.0.1; *. lokalne
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn0 \ yt.dll
O2 - BHO: (no name) - (3CAB59B4-55A3-4737-9FD5-B93C6430BF75) - C: \ WINDOWS \ system32 \ sjmxcfmu.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn0 \ yt.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - c: \ program files \ google \ googletoolbar1.dll
O3 - Toolbar: Ask Toolbar - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ AskSBar \ bar \ 1.bin \ ASKSBAR.DLL
O4 - HKLM \ .. \ Run: [C6501Sound] rundll32 c6501.cpl, CMICtrlWnd
O4 - HKLM \ .. \ Run: [btbb_wcm_McciTrayApp] C: \ Program Files \ btbb_wcm \ McciTrayApp.exe
O4 - HKLM \ .. \ Run: [YBrowser] C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ybrwicon.exe
O4 - HKLM \ .. \ Run: [HPHUPD08] C: \ Program Files \ HP \ Digital Imaging \ (33D6CC28-9F75-4d1b-A11D-98895B3A3729) \ hphupd08.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [MediaLifeService] "C: \ Program Files \ Logitech \ MediaLife \ MediaLifeService.exe"
O4 - HKLM \ .. \ Run: [Samsung SM LBP] "C: \ WINDOWS \ Samsung \ LaserSMMgr \ ssmmgr.exe" / autorun
O4 - HKLM \ .. \ Run: [YOP] C: \ programa ~ 1 \ Yahoo! \ YOP \ yop.exe / autostart
O4 - HKLM \ .. \ Run: [SPAMfighter agentu] "C: \ Program Files \ SPAMfighter \ SFAgent.exe" update odgađanja 60
O4 - HKLM \ .. \ Run: [btbb_McciTrayApp] C: \ Program Files \ Desktop BT Širokopojasni Pomoć \ bin \ BTHelpNotifier.exe
O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Statični \ CLIStart.exe"
O4 - HKLM \ .. \ Run: [amd_dc_opt] C: \ Program Files \ AMD \ Dual-Core Optimizator \ amd_dc_opt.exe
O4 - HKLM \ .. \ Run: [HPDJ traci Utility] C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 4.exe
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / StartUp
O4 - HKLM \ .. \ Run: [SideWinderTrayV4] C: \ programa ~ 1 \ MI948F ~ 1 \ GAMECO ~ 1 \ Common \ SWTrayV4.exe
O4 - HKLM \ .. \ Run: [itype] "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe" / minimizirane
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [swg] C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "C: \ Program Files \ DNA \ btdna.exe"
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user')
O4 - Startup: MP3 Rocket (minimiziran). Lnk = C: \ Program Files \ MP3 Rocket \ MP3Rocket.exe
O4 - Global Startup: BT Širokopojasni Desktop Help.lnk = C: \ Program Files \ Desktop BT Širokopojasni Pomoć \ bin \ matcli.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
O4 - Global Startup: NETGEAR WG311v2 Smart Configuration.lnk = C: \ Program Files \ NETGEAR WG311v2 Adapterski \ wlancfg5.exe
O8 - Extra kontekst meni stavka: Clean & Tragovi - C: \ Program Files \ pecati \ privatnosti Package \ dapcleanerie.htm
O8 - Extra kontekst meni stavka: & & s pecati Download - C: \ Program Files \ pecati \ dapextie.htm
O8 - Extra kontekst meni stavka: Download & all s pecati - C: \ Program Files \ pecati \ dapextie2.htm
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra button: BT Yahoo! Services - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ programa ~ 1 \ Yahoo! \ Common \ yiesrvc.dll
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (Installation Support) - C: \ Program Files \ Yahoo! \ Common \ Yinsthelper20073151.dll
O16 - DPF: (6F15128C-E66A-490C-B848-5000B5ABEEAC) (HP Download Manager) -- https: / / h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
O16 - DPF: (BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B) (Zylom Igre Player) -- http://game07.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...nt/swflash.cab
O20 - Winlogon Obavijesti:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O20 - Winlogon Obavijesti: tuvsqpq - tuvsqpq.dll (file missing)
O20 - Winlogon Obavijesti: yaywuvw - yaywuvw.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
O23 - Service: AMD RAIDXpert (AMDRAIDXpert) - Unknown vlasnika - C: \ Program Files \ AMD \ RAIDXpert \ kej \ extra \ Win32 \ Wrapper.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: ati brza tipka Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: ATI Smart - Unknown vlasnika - C: \ WINDOWS \ system32 \ ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT sro - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, sro - C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, sro - C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, sro - C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: Pml Driver HPZ12 - Unknown vlasnika - C: \ WINDOWS \ system32 \ HPZipm12.exe (file missing)
O23 - Service: SPAMfighter Update Service - SPAMfighter APS - C: \ Program Files \ SPAMfighter \ sfus.exe
O23 - Service: WLTRYSVC - Unknown vlasnika - C: \ WINDOWS \ System32 \ wltrysvc.exe
O23 - Service: YPCService - Yahoo! Inc - C: \ WINDOWS \ system32 \ YPCSER ~ 1.EXE
--
End of file - 11044 bytes