Zlob, smitfraud, pop-up prozora, crveni wallpaper promjene

**guccijana** · #1 28. Ruj 2007, 17:13

Moje ime je Tatjana a im očajne za pomoć, pokušao gotovo svaki virus skandirati outthere, ali ne i sreću. Pokušao sam skinuti smitfraud popraviti, ali on nije mogao biti izvorni safed jer nije mogao biti pronađen ", ili" nepoznata pogreška ".. isti problem kao točan ovog tipa" dobro sam držati uzimajući glupi pop up prozore govoreći moj pc je pod prijetnje putem traci / toolbara, i veliki crveni križ trepće na programskoj traci i wallpaper na mom desktopu promjene na crvenoj pozadini veliki simbol slike, a Norton licemjerje vidjeti ovaj, jedan od poskočiti mjehurića iz traci / toolbar govori svojim trojan32.looksky, i moj home page na IE je promijenjen u ucleaner.com, ultimate čistije 2007, whicjh je lažna stvar spyware skener / odstranjivač "
ugoditi pomoć mene!
moja prijava

Logfile of HijackThis v1.99.1
Scan spremljena u 7:26:18 Na 9/28/2007
Platforma: Windows XP SP2 (Winnt 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Pokretanje procesa:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ brsvc01a.exe
C: \ WINDOWS \ system32 \ brss01a.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Intel \ Intel Application Accelerator \ iaanotif.exe
C: \ Program Files \ Intel \ Modem Event Monitor \ IntelMEM.exe
C: \ Program Files \ Creative \ Sound Blaster Live! 24-bitni \ Surround mikser \ CTSysVol.exe
C: \ WINDOWS \ system32 \ Rundll32.exe
C: \ Program Files \ Dell \ Media Experience \ PCMService.exe
C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ybrwicon.exe
C: \ Program Files \ BroadJump \ Client Foundation \ CFD.exe
C: \ Program Files \ Adobe \ Photoshop Elements 4,0 \ apdproxy.exe
C: \ Program Files \ Yahoo! \ Yahoo! Music Engine \ ymetray.exe
C: \ Program Files \ Yahoo! \ Antivirus \ CAVTray.exe
C: \ Program Files \ Yahoo! \ Antivirus \ CAVRID.exe
C: \ programa ~ 1 \ Yahoo! \ YOP \ yop.exe
C: \ WINDOWS \ System32 \ spool \ drivers \ W32X86 \ 3 \ E_FATIA JA.EXE
C: \ Program Files \ QuickTime \ QTTask.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Webroot \ Spy minolovac \ SpySweeperUI.exe
C: \ Windows \ System32 \ WTablet \ TabUserW.exe
C: \ programa ~ 1 \ Yahoo! \ Messen ~ 1 \ ymsgr_tray.exe
C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ycommon.exe
C: \ Program Files \ APC \ APC PowerChute Personal Edition \ apcsystray.exe
C: \ Program Files \ Adobe \ Photoshop Elements 3,0 \ PhotoshopElementsFileAgent.exe
C: \ Program Files \ Adobe \ Photoshop Elements 4,0 \ PhotoshopElementsFileAgent.exe
C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ AOL \ ACS \ acsd.exe
C: \ Program Files \ APC \ APC PowerChute Personal Edition \ mainserv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Yahoo! \ Antivirus \ ISafe.exe
C: \ Program Files \ CIFPFiltering \ CIFPLogAggregator.exe
C: \ WINDOWS \ system32 \ CTsvcCDA.EXE
C: \ Program Files \ CIFPFiltering \ FilterService.exe
C: \ Program Files \ Intel \ Intel Application Accelerator \ iaantmon.exe
C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
c: \ programa ~ 1 \ mcafee.com \ VSO \ mcvsrte.exe
C: \ Program Files \ Eset \ nod32krn.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Tablet.exe
C: \ Program Files \ Yahoo! \ Antivirus \ VetMsg.exe
C: \ WINDOWS \ wanmpsvc.exe
C: \ Program Files \ Webroot \ Spy minolovac \ SpySweeper.exe
C: \ WINDOWS \ system32 \ MsPMSPSv.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ WINDOWS \ system32 \ wscntfy.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ Webroot \ Spy minolovac \ SSU.EXE
C: \ WINDOWS \ explorer.exe
C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ybrowser.exe
C: \ Program Files \ Hijackthis \ HijackThis.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://yahoo.sbc.com/dsl
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://yahoo.sbc.com/dsl
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Postavke, ProxyServer = 127.0.0.1:8080
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Postavke, ProxyOverride = lokalnih
N3 - Netscape 7: user_pref ( "browser.startup.homepage", "http://home.netscape.com/bookmark/7_2/home.html"); (C: \ Documents and Settings \ Tatjana Blazevic \ Application Data \ Mozilla \ Profiles \ default \ mhiwv3o3.slt \ prefs.js)
N3 - Netscape 7: user_pref ( "browser.search.defaultengine", "engine: / / C% 3A% 5CPROGRA% 7E1% 5CNETSCAPE% 5CNETSCAPE% 5Csearchpl ugins% 5CSBWeb_01.src"); (C: \ Documents and Settings \ TATJANA BLAŽEVIĆ \ Application Data \ Mozilla \ Profiles \ default \ mhiwv3o3.slt \ prefs.js)
O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 6,0 \ Reader \ ActiveX \ AcroIEHelper.dll
O2 - BHO: (no name) - (549B5CA7-4A86-11D7-A4DF-000874180BB3) - (no file)
O2 - BHO: UberButton Class - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: YahooTaggedBM Class - (65D886A2-7CA7-479B-BB95-14D1EFB7946A) - C: \ Program Files \ Yahoo! \ Common \ YIeTagBm.dll
O2 - BHO: SidebarAutoLaunch Class - (F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D) - C: \ Program Files \ Yahoo! \ Preglednik \ YSidebarIEBHO.dll
O2 - BHO: (no name) - (FDD3B846-8D59-4ffb-8758-209B6AD74ACC) - (no file)
O3 - Toolbar: McAfee VirusScan - (BA52B914-46c4-B692-B683-905236F6F655) - c: \ programa ~ 1 \ mcafee.com \ VSO \ mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Instalira \ cpn \ yt.dll
O4 - HKLM \ .. \ Run: [IAAnotif] "C: \ Program Files \ Intel \ Intel Application Accelerator \ iaanotif.exe"
O4 - HKLM \ .. \ Run: [ATIPTA] "C: \ Program Files \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe"
O4 - HKLM \ .. \ Run: [IntelMeM] "C: \ Program Files \ Intel \ Modem Event Monitor \ IntelMEM.exe"
O4 - HKLM \ .. \ Run: [CTSysVol] "C: \ Program Files \ Creative \ Sound Blaster Live! 24-bitni \ Surround mikser \ CTSysVol.exe" / r
O4 - HKLM \ .. \ Run: [P17Helper] rundll32 P17.dll, P17Helper
O4 - HKLM \ .. \ Run: [UpdReg] C: \ WINDOWS \ UpdReg.EXE
O4 - HKLM \ .. \ Run: [PCMService] "C: \ Program Files \ Dell \ Media Experience \ PCMService.exe"
O4 - HKLM \ .. \ Run: [DVDLauncher] "C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe"
O4 - HKLM \ .. \ Run: [UpdateManager] "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe" / r
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [YBrowser] C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ybrwicon.exe
O4 - HKLM \ .. \ Run: [BJCFD] "C: \ Program Files \ BroadJump \ Client Foundation \ CFD.exe"
O4 - HKLM \ .. \ Run: [VSOCheckTask] "C: \ programa ~ 1 \ mcafee.com \ VSO \ mcmnhdlr.exe" / checktask
O4 - HKLM \ .. \ Run: [VirusScan Online] C: \ programa ~ 1 \ mcafee.com \ VSO \ mcvsshld.exe
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Elements 4,0 \ apdproxy.exe"
O4 - HKLM \ .. \ Run: [ymetray] "C: \ Program Files \ Yahoo! \ Yahoo! Music Engine \ ymetray.exe"
O4 - HKLM \ .. \ Run: [CaAvTray] "C: \ Program Files \ Yahoo! \ Antivirus \ CAVTray.exe"
O4 - HKLM \ .. \ Run: [CAVRID] "C: \ Program Files \ Yahoo! \ Antivirus \ CAVRID.exe"
O4 - HKLM \ .. \ Run: [YOP] "C: \ programa ~ 1 \ Yahoo! \ YOP \ yop.exe" / autostart
O4 - HKLM \ .. \ Run: [gramofonska igla Foto EPSON R340 Series] "C: \ WINDOWS \ System32 \ spool \ drivers \ W32X86 \ 3 \ E_FATI AJA.EXE" / P30 "EPSON gramofonska igla Foto R340 Series" / O6 "USB002 "/ M" gramofonska igla Foto R340 "
O4 - HKLM \ .. \ Run: [nod32kui] "C: \ Program Files \ Eset \ nod32kui.exe" / WAITSERVICE
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [SpySweeper] "C: \ Program Files \ Webroot \ Spy minolovac \ SpySweeperUI.exe" / startintray
O4 - HKCU \ .. \ Run: [Yahoo! Pager] "C: \ programa ~ 1 \ Yahoo! \ Messen ~ 1 \ ypager.exe"-quiet
O4 - HKCU \ .. \ Run: [SpybotSD TeaTimer] "C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe"
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C: \ Program Files \ Common Files \ Adobe \ Kalibracija \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Program Files \ Common Files \ Adobe \ Kalibracija \ Adobe Gamma Loader.exe
O4 - Global Startup: America Online 9,0 Trake Icon.lnk = C: \ Program Files \ America Online 9,0 \ aoltray.exe
O4 - Global Startup: APC UPS Status.lnk =?
O4 - Global Startup: ColorVisionStartup.lnk = C: \ Program Files \ PANTONE COLORVISION \ Startup \ ColorVisionStartup.exe
O4 - Global Startup: TabUserW.exe.lnk = C: \ Windows \ System32 \ WTablet \ TabUserW.exe
O9 - Extra button: SBC Yahoo! Services - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc.dll
O9 - Extra button: (no name) - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - (no file)
O9 - Extra button: Web Player MUSICMATCH MX - (d81ca86b-ef63-42af-bee3-4502d9a03c2d) -- http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (9A9307A0-7DA4-4DAF-B042-5009F29E09E1) (ActiveScan Installer Class) -- http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: (DBA230D1-8467-4e69-987E-5FAE815A3B45) --
O20 - Winlogon Obavijesti: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll
O20 - Winlogon Obavijesti: WRNotifier - C: \ Windows \ System32 \ WRLogonNTF.dll
O21 - SSODL: mssql - 9516DDA8 (-E023-4472-A7C0-12A7A4834359) - C: \ WINDOWS \ mssql.dll
O21 - SSODL: syscore - (D5B03680-8880-4BC8-80A4-C9BAC2A7A341) - C: \ WINDOWS \ syscore.dll
O21 - SSODL: msmhost - (69F3A520-2471-4FF3-8139-ECFD56DED8DB) - C: \ WINDOWS \ msmhost.dll
O21 - SSODL: msmdev - (E8E8584D-8FA5-4641-A934-8A93158794E9) - C: \ WINDOWS \ msmdev.dll
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown vlasnika - C: \ Program Files \ Adobe \ Photoshop Elements 3,0 \ PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown vlasnika - C: \ Program Files \ Adobe \ Photoshop Elements 4,0 \ PhotoshopElementsFileAgent.exe
O23 - Service: AOL Povezivanje Service (ACS AOL) - America Online, Inc - C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ AOL \ ACS \ acsd.exe
O23 - Service: Usluga UPS APC - American Power Conversion Corporation - C: \ Program Files \ APC \ APC PowerChute Personal Edition \ mainserv.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: ati brza tipka Poller - Unknown vlasnika - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: BrSplService (SPL Brother XP Service) - brat Industries Ltd - C: \ WINDOWS \ system32 \ brsvc01a.exe
O23 - Service: CAISafe - Computer Associates International, Inc - C: \ Program Files \ Yahoo! \ Antivirus \ ISafe.exe
O23 - Service: CIFPLogAggregator - Unknown vlasnika - C: \ Program Files \ CIFPFiltering \ CIFPLogAggregator.exe
O23 - Service: Creative Servis za CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.EXE
O23 - Service: CyclopeInternetFilter - Unknown vlasnika - C: \ Program Files \ CIFPFiltering \ FilterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C: \ Program Files \ Intel \ Intel Application Accelerator \ iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Označavanje Service (LightScribeService) - Unknown vlasnika - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown vlasnika - C: \ programa ~ 1 \ mcafee.com \ VSO \ mcshield.exe
O23 - Service: McAfee.com VirusScan Online stvarnom Engine (MCVSRte) - Mreše Associates Technology, Inc - c: \ programa ~ 1 \ mcafee.com \ VSO \ mcvsrte.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C: \ Program Files \ Eset \ nod32krn.exe
O23 - Service: TabletService - Wacom tehnologije Corp - C: \ WINDOWS \ system32 \ Tablet.exe
O23 - Service: strukovnih Message Service (VETMSGNT) - Computer Associates International, Inc - C: \ Program Files \ Yahoo! \ Antivirus \ VetMsg.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc - C: \ WINDOWS \ wanmpsvc.exe
O23 - Service: Webroot Spy minolovac Engine (WebrootSpySweeperService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Spy minolovac \ SpySweeper.exe
O23 - Service: YPCService - Yahoo! Inc - C: \ Windows \ System32 \ YPCSER ~ 1.EXE

**evilfantasy** · #2 28. Ruj 2007, 17:55

Bok Tatjana, dobrodošli na TCF.

Važno * *
Hijackthis.exe Preimenujte datoteku Analyze.exe. To je važno zbog nekih novih oblika zlonamjernih programa može sakriti od HijackThis.exe. Desnom tipkom miša kliknite na datoteku u HijackThis.exe C: \ Program Files \ HijackThis i izaberite preimenovati. Upišite Analyze.exe i pritisnite tipku Enter.
Desni klik na datoteku i poslati Analyze.exe na radnoj površini stvorili prečac.
============================
Izgleda da imate više od jednog antivirusni instaliran. Ako je tako kliknite na Dodaj / Ukloni programe i deinstalirati sve osim jednog.
Imaju više od jednog antivirusnog je nepotrebna i može dovesti do sukoba.
============================
Onemogući Spybot-a TeaTimer.
Dok TeaTimer je odličan alat za sprečavanje spywarea, to ponekad može spriječi naše alate iz pričvršćivanje određene stvari.
Molimo vas onemogućiti TeaTimer za sada dok ne budete čisti. TeaTimer mogu biti ponovno aktiviran nakon vaše logove su čista.
* Open Spybot Search & Destroy.
* U načinu izborniku kliknite "Advanced mode"Ako nije već odabrana.
* Izaberite "Da"Upozorenje na redak.
* Povećaj "Alati"Izbornika.
* Kliknite na "Resident".
* Isključite "Resident "TeaTimer" (zaštita cjelokupnog sustava postavke) aktivna."Okvir.
* U izborniku Datoteka kliknite na link "Izlaz"Za izlaz Spybot Search & Destroy.
+ Možete ponovno omogućiti TeaTimer kada smo učinili.
=============================
Preuzmite ATF čistiju by Atribune. To će pomoći bilo koje pretražuje pokrenuti brže. ATF Cleaner.exe Ovaj program ne zahtijevaju instalaciju. Izvršnu zapravo pokreće program.

NAPOMENA: ATF čistiju će ukloniti sve datoteke iz predmeta koji se provjeravaju tako da ako imate neke kolačiće koje želite spremiti. Molimo vas da biste ih premjestili na drugu katalog prvi.
* Dvokliknite ATF-Cleaner.exe za pokretanje programa.
* Pod Glavna odaberite: Odaberi Sve
* Kliknite na Prazan Izdvojeno gumb.

Ako koristite Firefox preglednik
* Kliknite Firefox na vrhu i odaberite: Odaberi Sve
* Kliknite na Prazno Odabrana gumb.
NAPOMENA: Ako želite zadržati svoje spremljene lozinke, molimo Vas kliknite Ne na redak.

Ako koristite Opera preglednik
* Kliknite Opera na vrhu i odaberite: Odaberi Sve
* Kliknite na Prazan Izdvojeno gumb.
NAPOMENA: Ako želite zadržati svoje spremljene lozinke, molimo Vas kliknite Ne na redak.

Kliknite Izlaz na glavnom izborniku ATF čistiju zatvoriti program.
===============================
1. Preuzmi ovu datoteku combofix.exe
2. Dvaput kliknite combofix.exe i slijedite upute.
3. Kada završite, on će proizvesti prijava za vas. Pošta da se prijavite u vaš sljedeći odgovor.

Napomena:
Ne mouseclick combofix's prozor dok je pokrenut. Svibanj uzrokovati da ga zatajiti.
=====================================

U narednih post dodajte:
Combofix log
A svježa i preimenovana HijackThis log

**evilfantasy** · #3 28. Ruj 2007, 18:31

Također:
Pustiti mene znati kako stvari stoje sada.

**guccijana** · #4 29. Ruj 2007, 22:23

Hi-evilfantasy thx za brzi odgovor .. moj računalo je trčanje vrlo sporo i to je vrijeme objavljivanja ove .. Ja sam ono što mi je rekao da deinstaliran-nod32 AntiVirus, spysweeper i Yahoo online zaštitu ..

I combofix se prijaviti i ovdje je hijackthis log.

Logfile of HijackThis v1.99.1
Scan spremljena u 1:11:41 Na 9/30/2007
Platforma: Windows XP SP2 (Winnt 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Pokretanje procesa:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ brss01a.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ Adobe \ Photoshop Elements 3,0 \ PhotoshopElementsFileAgent.exe
C: \ Program Files \ Adobe \ Photoshop Elements 4,0 \ PhotoshopElementsFileAgent.exe
C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ AOL \ ACS \ acsd.exe
C: \ Program Files \ APC \ APC PowerChute Personal Edition \ mainserv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ CIFPFiltering \ CIFPLogAggregator.exe
C: \ WINDOWS \ system32 \ CTsvcCDA.EXE
C: \ Program Files \ CIFPFiltering \ FilterService.exe
C: \ Program Files \ Intel \ Intel Application Accelerator \ iaantmon.exe
C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Tablet.exe
C: \ WINDOWS \ wanmpsvc.exe
C: \ WINDOWS \ system32 \ MsPMSPSv.exe
C: \ WINDOWS \ system32 \ wscntfy.exe
C: \ Program Files \ Intel \ Intel Application Accelerator \ iaanotif.exe
C: \ Program Files \ Intel \ Modem Event Monitor \ IntelMEM.exe
C: \ Program Files \ Creative \ Sound Blaster Live! 24-bitni \ Surround mikser \ CTSysVol.exe
C: \ WINDOWS \ system32 \ Rundll32.exe
C: \ Program Files \ Dell \ Media Experience \ PCMService.exe
C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe
C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ybrwicon.exe
C: \ Program Files \ BroadJump \ Client Foundation \ CFD.exe
C: \ Program Files \ Adobe \ Photoshop Elements 4,0 \ apdproxy.exe
C: \ Program Files \ Yahoo! \ Yahoo! Music Engine \ ymetray.exe
C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ycommon.exe
C: \ WINDOWS \ System32 \ spool \ drivers \ W32X86 \ 3 \ E_FATIA JA.EXE
C: \ Program Files \ QuickTime \ QTTask.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe
C: \ Windows \ System32 \ WTablet \ TabUserW.exe
C: \ Program Files \ APC \ APC PowerChute Personal Edition \ apcsystray.exe
C: \ programa ~ 1 \ Yahoo! \ Messen ~ 1 \ ymsgr_tray.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ HijackThis \ Analyze.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://softwarereferral.com/jump.php...MjI6Ojg5&lid=2
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://yahoo.sbc.com/dsl
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Postavke, ProxyServer = 127.0.0.1:8080
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Postavke, ProxyOverride = lokalnih
N3 - Netscape 7: user_pref ( "browser.startup.homepage", "http://home.netscape.com/bookmark/7_2/home.html"); (C: \ Documents and Settings \ Tatjana Blazevic \ Application Data \ Mozilla \ Profiles \ default \ mhiwv3o3.slt \ prefs.js)
N3 - Netscape 7: user_pref ( "browser.search.defaultengine", "engine: / / C% 3A% 5CPROGRA% 7E1% 5CNETSCAPE% 5CNETSCAPE% 5Csearchpl ugins% 5CSBWeb_01.src"); (C: \ Documents and Settings \ TATJANA BLAŽEVIĆ \ Application Data \ Mozilla \ Profiles \ default \ mhiwv3o3.slt \ prefs.js)
O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 6,0 \ Reader \ ActiveX \ AcroIEHelper.dll
O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ programa ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: (no name) - (549B5CA7-4A86-11D7-A4DF-000874180BB3) - (no file)
O2 - BHO: UberButton Class - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: YahooTaggedBM Class - (65D886A2-7CA7-479B-BB95-14D1EFB7946A) - C: \ Program Files \ Yahoo! \ Common \ YIeTagBm.dll
O2 - BHO: SidebarAutoLaunch Class - (F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D) - C: \ Program Files \ Yahoo! \ Preglednik \ YSidebarIEBHO.dll
O2 - BHO: (no name) - (FDD3B846-8D59-4ffb-8758-209B6AD74ACC) - (no file)
O3 - Toolbar: McAfee VirusScan - (BA52B914-46c4-B692-B683-905236F6F655) - c: \ programa ~ 1 \ mcafee.com \ VSO \ mcvsshl.dll
O4 - HKLM \ .. \ Run: [IAAnotif] "C: \ Program Files \ Intel \ Intel Application Accelerator \ iaanotif.exe"
O4 - HKLM \ .. \ Run: [ATIPTA] "C: \ Program Files \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe"
O4 - HKLM \ .. \ Run: [IntelMeM] "C: \ Program Files \ Intel \ Modem Event Monitor \ IntelMEM.exe"
O4 - HKLM \ .. \ Run: [CTSysVol] "C: \ Program Files \ Creative \ Sound Blaster Live! 24-bitni \ Surround mikser \ CTSysVol.exe" / r
O4 - HKLM \ .. \ Run: [P17Helper] rundll32 P17.dll, P17Helper
O4 - HKLM \ .. \ Run: [UpdReg] C: \ WINDOWS \ UpdReg.EXE
O4 - HKLM \ .. \ Run: [PCMService] "C: \ Program Files \ Dell \ Media Experience \ PCMService.exe"
O4 - HKLM \ .. \ Run: [DVDLauncher] "C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe"
O4 - HKLM \ .. \ Run: [UpdateManager] "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe" / r
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [YBrowser] C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ybrwicon.exe
O4 - HKLM \ .. \ Run: [BJCFD] "C: \ Program Files \ BroadJump \ Client Foundation \ CFD.exe"
O4 - HKLM \ .. \ Run: [VSOCheckTask] "C: \ programa ~ 1 \ mcafee.com \ VSO \ mcmnhdlr.exe" / checktask
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Elements 4,0 \ apdproxy.exe"
O4 - HKLM \ .. \ Run: [ymetray] "C: \ Program Files \ Yahoo! \ Yahoo! Music Engine \ ymetray.exe"
O4 - HKLM \ .. \ Run: [gramofonska igla Foto EPSON R340 Series] "C: \ WINDOWS \ System32 \ spool \ drivers \ W32X86 \ 3 \ E_FATI AJA.EXE" / P30 "EPSON gramofonska igla Foto R340 Series" / O6 "USB002 "/ M" gramofonska igla Foto R340 "
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKCU \ .. \ Run: [Yahoo! Pager] "C: \ programa ~ 1 \ Yahoo! \ Messen ~ 1 \ ypager.exe"-quiet
O4 - HKCU \ .. \ Run: [SpybotSD TeaTimer] C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C: \ Program Files \ Common Files \ Adobe \ Kalibracija \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Program Files \ Common Files \ Adobe \ Kalibracija \ Adobe Gamma Loader.exe
O4 - Global Startup: America Online 9,0 Trake Icon.lnk = C: \ Program Files \ America Online 9,0 \ aoltray.exe
O4 - Global Startup: APC UPS Status.lnk =?
O4 - Global Startup: ColorVisionStartup.lnk = C: \ Program Files \ PANTONE COLORVISION \ Startup \ ColorVisionStartup.exe
O4 - Global Startup: TabUserW.exe.lnk = C: \ Windows \ System32 \ WTablet \ TabUserW.exe
O9 - Extra button: SBC Yahoo! Services - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc.dll
O9 - Extra button: (no name) - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - (no file)
O9 - Extra button: Web Player MUSICMATCH MX - (d81ca86b-ef63-42af-bee3-4502d9a03c2d) -- http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ programa ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra 'Tools' MENUITEM: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ programa ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (9A9307A0-7DA4-4DAF-B042-5009F29E09E1) (ActiveScan Installer Class) -- http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: (DBA230D1-8467-4e69-987E-5FAE815A3B45) --
O20 - Winlogon Obavijesti: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll
O21 - SSODL: mssql - 9516DDA8 (-E023-4472-A7C0-12A7A4834359) - C: \ WINDOWS \ mssql.dll
O21 - SSODL: syscore - (D5B03680-8880-4BC8-80A4-C9BAC2A7A341) - C: \ WINDOWS \ syscore.dll
O21 - SSODL: msmdev - (074897B2-6CAF-45A4-905A-C5A5FC626767) - C: \ WINDOWS \ msmdev.dll (file missing)
O21 - SSODL: msmhost - (70D6A632-39E2-4089-9E67-552ADB6B182D) - C: \ WINDOWS \ msmhost.dll (file missing)
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown vlasnika - C: \ Program Files \ Adobe \ Photoshop Elements 3,0 \ PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown vlasnika - C: \ Program Files \ Adobe \ Photoshop Elements 4,0 \ PhotoshopElementsFileAgent.exe
O23 - Service: AOL Povezivanje Service (ACS AOL) - America Online, Inc - C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ AOL \ ACS \ acsd.exe
O23 - Service: Usluga UPS APC - American Power Conversion Corporation - C: \ Program Files \ APC \ APC PowerChute Personal Edition \ mainserv.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: ati brza tipka Poller - Unknown vlasnika - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: BrSplService (SPL Brother XP Service) - brat Industries Ltd - C: \ WINDOWS \ system32 \ brsvc01a.exe
O23 - Service: CIFPLogAggregator - Unknown vlasnika - C: \ Program Files \ CIFPFiltering \ CIFPLogAggregator.exe
O23 - Service: Creative Servis za CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.EXE
O23 - Service: CyclopeInternetFilter - Unknown vlasnika - C: \ Program Files \ CIFPFiltering \ FilterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C: \ Program Files \ Intel \ Intel Application Accelerator \ iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Označavanje Service (LightScribeService) - Unknown vlasnika - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown vlasnika - C: \ programa ~ 1 \ mcafee.com \ VSO \ mcshield.exe
O23 - Service: McAfee.com VirusScan Online stvarnom Engine (MCVSRte) - Mreše Associates Technology, Inc - c: \ programa ~ 1 \ mcafee.com \ VSO \ mcvsrte.exe
O23 - Service: TabletService - Wacom tehnologije Corp - C: \ WINDOWS \ system32 \ Tablet.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc - C: \ WINDOWS \ wanmpsvc.exe

**evilfantasy** · #5 30. Ruj 2007, 00:49

Otvori HijackThis i odaberite "Da li je sustav skenirati samo"I stavit kvačica pored tih zapisa.
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://softwarereferral.com/jump.php...MjI6Ojg5&lid=2
O2 - BHO: (no name) - (549B5CA7-4A86-11D7-A4DF-000874180BB3) - (no file)
O2 - BHO: (no name) - (FDD3B846-8D59-4ffb-8758-209B6AD74ACC) - (no file)
O9 - Extra button: (no name) - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - (no file)
O9 - Extra button: Web Player MUSICMATCH MX - (d81ca86b-ef63-42af-bee3-4502d9a03c2d) -- http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O16 - DPF: (DBA230D1-8467-4e69-987E-5FAE815A3B45) --
Zatvorite sve prozore preglednika uključujući ovaj neki, a zatim kliknite "Fix checked"
Ponovno podizanje sustava računalo i post svježeg HijackThis log.

Reci mi kako stvari stoje sada.

**guccijana** · #6 30. Ruj 2007, 08:16

helllo, ahh moj računalo napokon nema pop-up dosadnih prozora upozorenja, i tri-virus skandirati simboli koji su bili instalirani na računalo također su otišli, yeeeah ..

Izgleda kao da je sve vrati normalno, crvene pozadine je također nestala. Ovdje se prijavite.

Logfile of HijackThis v1.99.1
Scan spremljena u 11:03:37, dana 9/30/2007
Platforma: Windows XP SP2 (Winnt 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Pokretanje procesa:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ system32 \ brss01a.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ Intel \ Intel Application Accelerator \ iaanotif.exe
C: \ Program Files \ Intel \ Modem Event Monitor \ IntelMEM.exe
C: \ Program Files \ Creative \ Sound Blaster Live! 24-bitni \ Surround mikser \ CTSysVol.exe
C: \ WINDOWS \ system32 \ Rundll32.exe
C: \ Program Files \ Dell \ Media Experience \ PCMService.exe
C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ybrwicon.exe
C: \ Program Files \ BroadJump \ Client Foundation \ CFD.exe
C: \ Program Files \ Adobe \ Photoshop Elements 4,0 \ apdproxy.exe
C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ycommon.exe
C: \ Program Files \ Yahoo! \ Yahoo! Music Engine \ ymetray.exe
C: \ Program Files \ Adobe \ Photoshop Elements 3,0 \ PhotoshopElementsFileAgent.exe
C: \ Program Files \ Adobe \ Photoshop Elements 4,0 \ PhotoshopElementsFileAgent.exe
C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ AOL \ ACS \ acsd.exe
C: \ Program Files \ APC \ APC PowerChute Personal Edition \ mainserv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ CIFPFiltering \ CIFPLogAggregator.exe
C: \ WINDOWS \ system32 \ CTsvcCDA.EXE
C: \ Program Files \ CIFPFiltering \ FilterService.exe
C: \ Program Files \ Intel \ Intel Application Accelerator \ iaantmon.exe
C: \ WINDOWS \ System32 \ spool \ drivers \ W32X86 \ 3 \ E_FATIA JA.EXE
C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ Program Files \ QuickTime \ QTTask.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe
C: \ Windows \ System32 \ WTablet \ TabUserW.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Tablet.exe
C: \ WINDOWS \ wanmpsvc.exe
C: \ WINDOWS \ system32 \ MsPMSPSv.exe
C: \ Program Files \ APC \ APC PowerChute Personal Edition \ apcsystray.exe
C: \ WINDOWS \ system32 \ wscntfy.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ HijackThis \ Analyze.exe

R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://yahoo.sbc.com/dsl
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Postavke, ProxyServer = 127.0.0.1:8080
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Postavke, ProxyOverride = lokalnih
N3 - Netscape 7: user_pref ( "browser.startup.homepage", "http://home.netscape.com/bookmark/7_2/home.html"); (C: \ Documents and Settings \ Tatjana Blazevic \ Application Data \ Mozilla \ Profiles \ default \ mhiwv3o3.slt \ prefs.js)
N3 - Netscape 7: user_pref ( "browser.search.defaultengine", "engine: / / C% 3A% 5CPROGRA% 7E1% 5CNETSCAPE% 5CNETSCAPE% 5Csearchpl ugins% 5CSBWeb_01.src"); (C: \ Documents and Settings \ TATJANA BLAŽEVIĆ \ Application Data \ Mozilla \ Profiles \ default \ mhiwv3o3.slt \ prefs.js)
O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 6,0 \ Reader \ ActiveX \ AcroIEHelper.dll
O2 - BHO: MSVPS System - (0D5227BF-0C5B-4EA8-833C-FE09F1496F39) - C: \ WINDOWS \ div32.dll
O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ programa ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: (no name) - (549B5CA7-4A86-11D7-A4DF-000874180BB3) - (no file)
O2 - BHO: UberButton Class - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: YahooTaggedBM Class - (65D886A2-7CA7-479B-BB95-14D1EFB7946A) - C: \ Program Files \ Yahoo! \ Common \ YIeTagBm.dll
O2 - BHO: MSVPS System - (88418AA3-16F5-4FC2-A9D8-90B1266DF841) - C: \ WINDOWS \ nsduo.dll
O2 - BHO: SidebarAutoLaunch Class - (F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D) - C: \ Program Files \ Yahoo! \ Preglednik \ YSidebarIEBHO.dll
O2 - BHO: (no name) - (FDD3B846-8D59-4ffb-8758-209B6AD74ACC) - (no file)
O3 - Toolbar: McAfee VirusScan - (BA52B914-46c4-B692-B683-905236F6F655) - c: \ programa ~ 1 \ mcafee.com \ VSO \ mcvsshl.dll
O4 - HKLM \ .. \ Run: [IAAnotif] "C: \ Program Files \ Intel \ Intel Application Accelerator \ iaanotif.exe"
O4 - HKLM \ .. \ Run: [ATIPTA] "C: \ Program Files \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe"
O4 - HKLM \ .. \ Run: [IntelMeM] "C: \ Program Files \ Intel \ Modem Event Monitor \ IntelMEM.exe"
O4 - HKLM \ .. \ Run: [CTSysVol] "C: \ Program Files \ Creative \ Sound Blaster Live! 24-bitni \ Surround mikser \ CTSysVol.exe" / r
O4 - HKLM \ .. \ Run: [P17Helper] rundll32 P17.dll, P17Helper
O4 - HKLM \ .. \ Run: [UpdReg] C: \ WINDOWS \ UpdReg.EXE
O4 - HKLM \ .. \ Run: [PCMService] "C: \ Program Files \ Dell \ Media Experience \ PCMService.exe"
O4 - HKLM \ .. \ Run: [DVDLauncher] "C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe"
O4 - HKLM \ .. \ Run: [UpdateManager] "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe" / r
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [YBrowser] C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ybrwicon.exe
O4 - HKLM \ .. \ Run: [BJCFD] "C: \ Program Files \ BroadJump \ Client Foundation \ CFD.exe"
O4 - HKLM \ .. \ Run: [VSOCheckTask] "C: \ programa ~ 1 \ mcafee.com \ VSO \ mcmnhdlr.exe" / checktask
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Elements 4,0 \ apdproxy.exe"
O4 - HKLM \ .. \ Run: [ymetray] "C: \ Program Files \ Yahoo! \ Yahoo! Music Engine \ ymetray.exe"
O4 - HKLM \ .. \ Run: [gramofonska igla Foto EPSON R340 Series] "C: \ WINDOWS \ System32 \ spool \ drivers \ W32X86 \ 3 \ E_FATI AJA.EXE" / P30 "EPSON gramofonska igla Foto R340 Series" / O6 "USB002 "/ M" gramofonska igla Foto R340 "
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKCU \ .. \ Run: [Yahoo! Pager] "C: \ programa ~ 1 \ Yahoo! \ Messen ~ 1 \ ypager.exe"-quiet
O4 - HKCU \ .. \ Run: [SpybotSD TeaTimer] C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C: \ Program Files \ Common Files \ Adobe \ Kalibracija \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Program Files \ Common Files \ Adobe \ Kalibracija \ Adobe Gamma Loader.exe
O4 - Global Startup: America Online 9,0 Trake Icon.lnk = C: \ Program Files \ America Online 9,0 \ aoltray.exe
O4 - Global Startup: APC UPS Status.lnk =?
O4 - Global Startup: ColorVisionStartup.lnk = C: \ Program Files \ PANTONE COLORVISION \ Startup \ ColorVisionStartup.exe
O4 - Global Startup: TabUserW.exe.lnk = C: \ Windows \ System32 \ WTablet \ TabUserW.exe
O9 - Extra button: SBC Yahoo! Services - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc.dll
O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ programa ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra 'Tools' MENUITEM: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ programa ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (9A9307A0-7DA4-4DAF-B042-5009F29E09E1) (ActiveScan Installer Class) -- http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: (DBA230D1-8467-4e69-987E-5FAE815A3B45) --
O20 - Winlogon Obavijesti: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll
O21 - SSODL: msmhost - (70D6A632-39E2-4089-9E67-552ADB6B182D) - C: \ WINDOWS \ msmhost.dll
O21 - SSODL: mssql - (A6B63875-F4DA-4705-B945-16F8C1FA3FBF) - C: \ WINDOWS \ mssql.dll
O21 - SSODL: syscore - (AF05D607-D0B5-4A61-8B71-A13F8997495B) - C: \ WINDOWS \ syscore.dll
O21 - SSODL: msmdev - (074897B2-6CAF-45A4-905A-C5A5FC626767) - C: \ WINDOWS \ msmdev.dll
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown vlasnika - C: \ Program Files \ Adobe \ Photoshop Elements 3,0 \ PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown vlasnika - C: \ Program Files \ Adobe \ Photoshop Elements 4,0 \ PhotoshopElementsFileAgent.exe
O23 - Service: AOL Povezivanje Service (ACS AOL) - America Online, Inc - C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ AOL \ ACS \ acsd.exe
O23 - Service: Usluga UPS APC - American Power Conversion Corporation - C: \ Program Files \ APC \ APC PowerChute Personal Edition \ mainserv.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: ati brza tipka Poller - Unknown vlasnika - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: BrSplService (SPL Brother XP Service) - brat Industries Ltd - C: \ WINDOWS \ system32 \ brsvc01a.exe
O23 - Service: CIFPLogAggregator - Unknown vlasnika - C: \ Program Files \ CIFPFiltering \ CIFPLogAggregator.exe
O23 - Service: Creative Servis za CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.EXE
O23 - Service: CyclopeInternetFilter - Unknown vlasnika - C: \ Program Files \ CIFPFiltering \ FilterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C: \ Program Files \ Intel \ Intel Application Accelerator \ iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Označavanje Service (LightScribeService) - Unknown vlasnika - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown vlasnika - C: \ programa ~ 1 \ mcafee.com \ VSO \ mcshield.exe
O23 - Service: McAfee.com VirusScan Online stvarnom Engine (MCVSRte) - Mreše Associates Technology, Inc - c: \ programa ~ 1 \ mcafee.com \ VSO \ mcvsrte.exe
O23 - Service: TabletService - Wacom tehnologije Corp - C: \ WINDOWS \ system32 \ Tablet.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc - C: \ WINDOWS \ wanmpsvc.exe

**evilfantasy** · #7 30. Ruj 2007, 08:35

Drago mi je bolje. No, tu su još uvijek nekim nasties na adresu.

Obrišite kopiju Combofix imate svjež i preuzeti kopiju.
Combofix stalno ažurira, tako da je uvijek dobro da dobijete novu kopiju.

1. Preuzmi ovu datoteku combofix.exe
2. Dvaput kliknite combofix.exe i slijedite upute.
3. Kada završite, on će proizvesti prijava za vas. Pošta da se prijavite u vaš sljedeći odgovor.

Napomena:
Ne mouseclick combofix's prozor dok je pokrenut. Svibanj uzrokovati da ga zatajiti.

U narednih ugoditi pošta dodati kao privitke. Možete dodati više od jednog privitka, samo ponovite korake:
Combofix log
Svježa HJT log

**guccijana** · #8 30. Ruj 2007, 09:03

Halo, JA pokušao da kliknete na link combofix.exe, ali to je ono što izađe
404 Not Found

Traženi '/ sUBs / combofix.exe' nije pronađena na ovom poslužitelju.

**evilfantasy** · #9 30. Ruj 2007, 09:12

Hvala. Imam revidirane moj link.

Ovdje je dobar download. Combofix.exe

**guccijana** · #10 30. Ruj 2007, 12:50

Poštovani / a, da da link radi, hvala ti ... crvenu pozadinu vratila: (i isto tako su i ikone pop up anyway .. ovdje je je combofix i HJT log.

Logfile of HijackThis v1.99.1
Scan spremljena u 3:37:03 Na 9/30/2007
Platforma: Windows XP SP2 (Winnt 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Pokretanje procesa:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ WINDOWS \ system32 \ brss01a.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ Adobe \ Photoshop Elements 3,0 \ PhotoshopElementsFileAgent.exe
C: \ Program Files \ Adobe \ Photoshop Elements 4,0 \ PhotoshopElementsFileAgent.exe
C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ AOL \ ACS \ acsd.exe
C: \ Program Files \ APC \ APC PowerChute Personal Edition \ mainserv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ CIFPFiltering \ CIFPLogAggregator.exe
C: \ WINDOWS \ system32 \ CTsvcCDA.EXE
C: \ Program Files \ CIFPFiltering \ FilterService.exe
C: \ Program Files \ Intel \ Intel Application Accelerator \ iaantmon.exe
C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Tablet.exe
C: \ WINDOWS \ wanmpsvc.exe
C: \ WINDOWS \ system32 \ MsPMSPSv.exe
C: \ WINDOWS \ system32 \ wscntfy.exe
C: \ Program Files \ Intel \ Intel Application Accelerator \ iaanotif.exe
C: \ Program Files \ Intel \ Modem Event Monitor \ IntelMEM.exe
C: \ Program Files \ Creative \ Sound Blaster Live! 24-bitni \ Surround mikser \ CTSysVol.exe
C: \ WINDOWS \ system32 \ Rundll32.exe
C: \ Program Files \ Dell \ Media Experience \ PCMService.exe
C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe
C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ybrwicon.exe
C: \ Program Files \ BroadJump \ Client Foundation \ CFD.exe
C: \ Program Files \ Adobe \ Photoshop Elements 4,0 \ apdproxy.exe
C: \ Program Files \ Yahoo! \ Yahoo! Music Engine \ ymetray.exe
C: \ WINDOWS \ System32 \ spool \ drivers \ W32X86 \ 3 \ E_FATIA JA.EXE
C: \ Program Files \ QuickTime \ QTTask.exe
C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ycommon.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe
C: \ Windows \ System32 \ WTablet \ TabUserW.exe
C: \ Program Files \ APC \ APC PowerChute Personal Edition \ apcsystray.exe
C: \ programa ~ 1 \ Yahoo! \ Messen ~ 1 \ ymsgr_tray.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ HijackThis \ Analyze.exe

R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://yahoo.sbc.com/dsl
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Postavke, ProxyServer = 127.0.0.1:8080
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Postavke, ProxyOverride = lokalnih
N3 - Netscape 7: user_pref ( "browser.startup.homepage", "http://home.netscape.com/bookmark/7_2/home.html"); (C: \ Documents and Settings \ Tatjana Blazevic \ Application Data \ Mozilla \ Profiles \ default \ mhiwv3o3.slt \ prefs.js)
N3 - Netscape 7: user_pref ( "browser.search.defaultengine", "engine: / / C% 3A% 5CPROGRA% 7E1% 5CNETSCAPE% 5CNETSCAPE% 5Csearchpl ugins% 5CSBWeb_01.src"); (C: \ Documents and Settings \ TATJANA BLAŽEVIĆ \ Application Data \ Mozilla \ Profiles \ default \ mhiwv3o3.slt \ prefs.js)
O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 6,0 \ Reader \ ActiveX \ AcroIEHelper.dll
O2 - BHO: MSVPS System - (0D5227BF-0C5B-4EA8-833C-FE09F1496F39) - C: \ WINDOWS \ div32.dll
O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ programa ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: (no name) - (549B5CA7-4A86-11D7-A4DF-000874180BB3) - (no file)
O2 - BHO: UberButton Class - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: YahooTaggedBM Class - (65D886A2-7CA7-479B-BB95-14D1EFB7946A) - C: \ Program Files \ Yahoo! \ Common \ YIeTagBm.dll
O2 - BHO: SidebarAutoLaunch Class - (F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D) - C: \ Program Files \ Yahoo! \ Preglednik \ YSidebarIEBHO.dll
O2 - BHO: (no name) - (FDD3B846-8D59-4ffb-8758-209B6AD74ACC) - (no file)
O3 - Toolbar: McAfee VirusScan - (BA52B914-46c4-B692-B683-905236F6F655) - c: \ programa ~ 1 \ mcafee.com \ VSO \ mcvsshl.dll
O4 - HKLM \ .. \ Run: [IAAnotif] "C: \ Program Files \ Intel \ Intel Application Accelerator \ iaanotif.exe"
O4 - HKLM \ .. \ Run: [ATIPTA] "C: \ Program Files \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe"
O4 - HKLM \ .. \ Run: [IntelMeM] "C: \ Program Files \ Intel \ Modem Event Monitor \ IntelMEM.exe"
O4 - HKLM \ .. \ Run: [CTSysVol] "C: \ Program Files \ Creative \ Sound Blaster Live! 24-bitni \ Surround mikser \ CTSysVol.exe" / r
O4 - HKLM \ .. \ Run: [P17Helper] rundll32 P17.dll, P17Helper
O4 - HKLM \ .. \ Run: [UpdReg] C: \ WINDOWS \ UpdReg.EXE
O4 - HKLM \ .. \ Run: [PCMService] "C: \ Program Files \ Dell \ Media Experience \ PCMService.exe"
O4 - HKLM \ .. \ Run: [DVDLauncher] "C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe"
O4 - HKLM \ .. \ Run: [UpdateManager] "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe" / r
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [YBrowser] C: \ programa ~ 1 \ Yahoo! \ Preglednik \ ybrwicon.exe
O4 - HKLM \ .. \ Run: [BJCFD] "C: \ Program Files \ BroadJump \ Client Foundation \ CFD.exe"
O4 - HKLM \ .. \ Run: [VSOCheckTask] "C: \ programa ~ 1 \ mcafee.com \ VSO \ mcmnhdlr.exe" / checktask
O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Elements 4,0 \ apdproxy.exe"
O4 - HKLM \ .. \ Run: [ymetray] "C: \ Program Files \ Yahoo! \ Yahoo! Music Engine \ ymetray.exe"
O4 - HKLM \ .. \ Run: [gramofonska igla Foto EPSON R340 Series] "C: \ WINDOWS \ System32 \ spool \ drivers \ W32X86 \ 3 \ E_FATI AJA.EXE" / P30 "EPSON gramofonska igla Foto R340 Series" / O6 "USB002 "/ M" gramofonska igla Foto R340 "
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKCU \ .. \ Run: [Yahoo! Pager] "C: \ programa ~ 1 \ Yahoo! \ Messen ~ 1 \ ypager.exe"-quiet
O4 - HKCU \ .. \ Run: [SpybotSD TeaTimer] C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C: \ Program Files \ Common Files \ Adobe \ Kalibracija \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Program Files \ Common Files \ Adobe \ Kalibracija \ Adobe Gamma Loader.exe
O4 - Global Startup: America Online 9,0 Trake Icon.lnk = C: \ Program Files \ America Online 9,0 \ aoltray.exe
O4 - Global Startup: APC UPS Status.lnk =?
O4 - Global Startup: ColorVisionStartup.lnk = C: \ Program Files \ PANTONE COLORVISION \ Startup \ ColorVisionStartup.exe
O4 - Global Startup: TabUserW.exe.lnk = C: \ Windows \ System32 \ WTablet \ TabUserW.exe
O9 - Extra button: SBC Yahoo! Services - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc.dll
O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ programa ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra 'Tools' MENUITEM: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ programa ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: (9A9307A0-7DA4-4DAF-B042-5009F29E09E1) (ActiveScan Installer Class) -- http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: (DBA230D1-8467-4e69-987E-5FAE815A3B45) --
O20 - Winlogon Obavijesti: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll
O21 - SSODL: mssql - (A6B63875-F4DA-4705-B945-16F8C1FA3FBF) - C: \ WINDOWS \ mssql.dll
O21 - SSODL: syscore - (AF05D607-D0B5-4A61-8B71-A13F8997495B) - C: \ WINDOWS \ syscore.dll
O21 - SSODL: msmhost - (70D6A632-39E2-4089-9E67-552ADB6B182D) - C: \ WINDOWS \ msmhost.dll (file missing)
O21 - SSODL: msmdev - (074897B2-6CAF-45A4-905A-C5A5FC626767) - C: \ WINDOWS \ msmdev.dll (file missing)
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown vlasnika - C: \ Program Files \ Adobe \ Photoshop Elements 3,0 \ PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown vlasnika - C: \ Program Files \ Adobe \ Photoshop Elements 4,0 \ PhotoshopElementsFileAgent.exe
O23 - Service: AOL Povezivanje Service (ACS AOL) - America Online, Inc - C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ AOL \ ACS \ acsd.exe
O23 - Service: Usluga UPS APC - American Power Conversion Corporation - C: \ Program Files \ APC \ APC PowerChute Personal Edition \ mainserv.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: ati brza tipka Poller - Unknown vlasnika - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: BrSplService (SPL Brother XP Service) - brat Industries Ltd - C: \ WINDOWS \ system32 \ brsvc01a.exe
O23 - Service: CIFPLogAggregator - Unknown vlasnika - C: \ Program Files \ CIFPFiltering \ CIFPLogAggregator.exe
O23 - Service: Creative Servis za CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.EXE
O23 - Service: CyclopeInternetFilter - Unknown vlasnika - C: \ Program Files \ CIFPFiltering \ FilterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C: \ Program Files \ Intel \ Intel Application Accelerator \ iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Označavanje Service (LightScribeService) - Unknown vlasnika - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown vlasnika - C: \ programa ~ 1 \ mcafee.com \ VSO \ mcshield.exe
O23 - Service: McAfee.com VirusScan Online stvarnom Engine (MCVSRte) - Mreše Associates Technology, Inc - c: \ programa ~ 1 \ mcafee.com \ VSO \ mcvsrte.exe
O23 - Service: TabletService - Wacom tehnologije Corp - C: \ WINDOWS \ system32 \ Tablet.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc - C: \ WINDOWS \ wanmpsvc.exe

PS Pokušao sam pridaje HJT dnevnik, ali to ne bi pridaju, ispričavam se!