MyCity » Ambulanta -> Arhiva Ambulante » Logfile of HijackThis v1.99.1

Logfile of HijackThis v1.99.1

Napisano na dan: 5.1.2008

Logfile of HijackThis v1.99.1

Sledeća strana

Pagination

Odgovori

vesnaNikolic Poslao: 05 Jan 2008 02:36 Idi na vrh
offline vesnaNikolic Novi MyCity građanin Pridružio: 05 Jan 2008 Poruke: 2	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of HijackThis v1.99.1 Scan saved at 1:55:11, on 5.1.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\FarStone\VirtualDrive\VDTask.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\LimeWire\LimeWire.exe C:\WINDOWS\system32\WISPTIS.EXE C:\WINDOWS\explorer.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\system32\usnhost.exe C:\PROGRA~1\Grisoft\AVG7\avgwb.dat C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\n\Desktop\vesna\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/http://www.yahoo.com/ext/search/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = us.rd.yahoo.com/customize/ie/defaults/su/msgr8/http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/http://www.yahoo.com/ext/search/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/http://www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = yahoo.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = us.rd.yahoo.com/customize/ie/defaults/su/msgr8/http://www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Service Pack 3 Internet Explorer R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [VirtualDrive] "C:\Program Files\FarStone\VirtualDrive\VDTask.exe" /AutoRestore O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [User Hosting Service] usnhost.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Steam] C:\Valve\Steam\Steam.exe -silent O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: PowerReg Scheduler.exe O4 - Global Startup: BlueSoleil.lnk = ? O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe Dopuna: 05 Jan 2008 2:31 otvara sam neke foldere i nece da ih izbrise kako da uklonim ovaj virus Dopuna: 05 Jan 2008 2:36 kako da ocistim kompjuter od ovog virusotvara foldere neke i salje prijateljima!?

Profil

dr_Bora Poslao: 05 Jan 2008 03:26 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Pošalji mi sledeći file: C:\WINDOWS\system32\usnhost.exe preko ovog linka: http://www.mycity.rs/ambulanta-upload.php ------------------------------------------------------------------------------------- Skini ComboFix sa jedne od sledecih adresa i sačuvaj ga na desktopu: http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log koji ces nam ovde iskopirati.

Profil

vesnaNikolic Poslao: 05 Jan 2008 13:53 Idi na vrh
offline vesnaNikolic Novi MyCity građanin Pridružio: 05 Jan 2008 Poruke: 2	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-01-04.1 - n 2008-01-05 13:45:54.1 - NTFSx86 Running from: C:\F_R_I_E_N_D_S\neke SAM0!! moJe sliCicE!\vesna\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((( Files Created from 2007-12-05 to 2008-01-05 ))))))))))))))))))))))))))))))) . 2008-01-05 13:42 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe 2008-01-04 22:23 . 2008-01-04 21:00 72,704 -r-hs---- C:\WINDOWS\system32\usnhost.exe 2008-01-04 19:50 . 2008-01-04 19:51 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-01-04 19:50 . 2008-01-04 19:51 1,409 --a------ C:\WINDOWS\QTFont.for 2007-12-30 12:59 . 2007-12-30 12:59 268 --ah----- C:\sqmdata05.sqm 2007-12-30 12:59 . 2007-12-30 12:59 244 --ah----- C:\sqmnoopt05.sqm 2007-12-30 12:28 . 2007-12-30 12:28 268 --ah----- C:\sqmdata04.sqm 2007-12-30 12:28 . 2007-12-30 12:28 244 --ah----- C:\sqmnoopt04.sqm 2007-12-29 22:15 . 2007-12-29 22:15 244 --ah----- C:\sqmnoopt03.sqm 2007-12-29 22:15 . 2007-12-29 22:15 232 --ah----- C:\sqmdata03.sqm 2007-12-29 17:28 . 2007-12-29 17:28 244 --ah----- C:\sqmnoopt02.sqm 2007-12-29 17:28 . 2007-12-29 17:28 232 --ah----- C:\sqmdata02.sqm 2007-12-29 16:57 . 2007-12-29 16:57 244 --ah----- C:\sqmnoopt01.sqm 2007-12-29 16:57 . 2007-12-29 16:57 232 --ah----- C:\sqmdata01.sqm 2007-12-29 12:29 . 2007-12-29 12:29 244 --ah----- C:\sqmnoopt00.sqm 2007-12-29 12:29 . 2007-12-29 12:29 232 --ah----- C:\sqmdata00.sqm 2007-12-15 21:31 . 2007-12-19 14:47 <DIR> d-------- C:\Program Files\LimeWire 2007-12-15 21:31 . 2008-01-03 15:09 <DIR> d-------- C:\Documents and Settings\n\Shared 2007-12-15 21:31 . 2008-01-03 15:09 <DIR> d-------- C:\Documents and Settings\n\Incomplete 2007-12-15 21:31 . 2008-01-04 23:01 <DIR> d-------- C:\Documents and Settings\n\Application Data\LimeWire 2007-12-15 03:03 . 2007-12-15 03:03 <DIR> d-------- C:\Program Files\MSXML 4.0 2007-12-15 03:02 . 2006-01-13 02:24 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2007-12-15 00:35 . 2007-07-09 14:16 582,656 --------- C:\WINDOWS\system32\DllCache\rpcrt4.dll 2007-12-15 00:22 . 2006-12-07 05:14 2,330,624 --------- C:\WINDOWS\system32\DllCache\wmvcore.dll 2007-12-15 00:17 . 2007-12-15 00:17 <DIR> d---s---- C:\Documents and Settings\n\UserData 2007-12-15 00:05 . 2008-01-05 01:50 <DIR> d-------- C:\Documents and Settings\n\Application Data\Yahoo! 2007-12-15 00:05 . 2007-12-15 00:05 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion 2007-12-14 23:14 . 2008-01-05 13:35 <DIR> d-------- C:\Documents and Settings\n\Application Data\AVG7 2007-12-14 23:09 . 2007-12-14 23:09 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\AVG7 2007-12-14 23:09 . 2007-12-14 23:09 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2007-12-14 22:31 . 2007-12-14 22:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! 2007-12-14 22:25 . 2007-12-14 22:30 <DIR> d-------- C:\Program Files\Yahoo! 2007-12-14 21:56 . 2007-12-14 23:17 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avg7 2007-12-14 21:14 . 2007-12-14 21:14 <DIR> d-------- C:\WINDOWS\Sun 2007-12-14 21:07 . 2007-12-14 21:07 <DIR> d-------- C:\Program Files\Java 2007-12-14 21:07 . 2007-09-24 22:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl 2007-12-14 21:03 . 2007-12-14 21:03 <DIR> d-------- C:\Program Files\Common Files\Java 2007-12-14 19:40 . 2007-12-14 19:40 <DIR> d-------- C:\Program Files\Winamp Toolbar 2007-12-14 19:40 . 2007-12-14 19:40 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Winamp Toolbar 2007-12-14 19:34 . 2007-12-16 02:43 <DIR> d-------- C:\Documents and Settings\n\Application Data\Winamp 2007-12-14 19:34 . 2007-03-08 00:51 129,784 --------- C:\WINDOWS\system32\pxafs.dll 2007-12-14 19:34 . 2007-03-08 00:51 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys 2007-12-14 19:34 . 2007-03-08 00:51 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys 2007-12-14 19:18 . 2007-12-29 22:10 <DIR> d-------- C:\Documents and Settings\n\Contacts 2007-12-14 19:08 . 2007-12-14 19:16 <DIR> d-------- C:\Program Files\Windows Live 2007-12-14 19:08 . 2007-12-14 19:10 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2007-12-14 19:08 . 2007-12-14 19:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2007-12-14 19:06 . 2007-07-30 18:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2007-12-14 19:05 . 2007-07-30 18:18 34,136 --a------ C:\WINDOWS\system32\wucltui.dll.mui 2007-12-14 19:05 . 2007-07-30 18:19 25,944 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui 2007-12-14 19:05 . 2007-07-30 18:19 25,944 --a------ C:\WINDOWS\system32\wuapi.dll.mui 2007-12-14 19:05 . 2007-07-30 18:18 20,312 --a------ C:\WINDOWS\system32\wuaueng.dll.mui 2007-12-14 17:53 . 2007-12-14 17:54 <DIR> d-------- C:\Documents and Settings\n\Application Data\SumatraPDF . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-15 02:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2007-12-14 18:41 --------- d-----w C:\Program Files\Winamp 2007-12-01 18:09 --------- d-----w C:\Documents and Settings\n\Application Data\Teleca 2007-12-01 18:08 --------- d-----w C:\Program Files\Sony Ericsson 2007-12-01 18:08 --------- d-----w C:\Program Files\Common Files\Teleca Shared 2007-12-01 18:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Teleca 2007-12-01 18:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony Ericsson 2007-12-01 18:06 94,064 ----a-w C:\WINDOWS\system32\drivers\k510mdm.sys 2007-12-01 18:06 85,408 ----a-w C:\WINDOWS\system32\drivers\k510mgmt.sys 2007-12-01 18:06 83,344 ----a-w C:\WINDOWS\system32\drivers\k510obex.sys 2007-12-01 18:06 8,336 ----a-w C:\WINDOWS\system32\drivers\k510mdfl.sys 2007-12-01 18:06 6,176 ----a-w C:\WINDOWS\system32\drivers\k510cmnt.sys 2007-12-01 18:06 6,176 ----a-w C:\WINDOWS\system32\drivers\k510cm.sys 2007-12-01 18:06 58,288 ----a-w C:\WINDOWS\system32\drivers\k510bus.sys 2007-12-01 18:06 5,808 ----a-w C:\WINDOWS\system32\drivers\k510whnt.sys 2007-12-01 18:06 5,808 ----a-w C:\WINDOWS\system32\drivers\k510wh.sys 2007-11-14 07:26 450,560 ------w C:\WINDOWS\system32\DllCache\jscript.dll 2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-10-30 09:55 3,065,856 ------w C:\WINDOWS\system32\DllCache\mshtml.dll 2007-10-29 22:35 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll 2007-10-29 22:35 1,287,680 ------w C:\WINDOWS\system32\DllCache\quartz.dll 2007-10-27 16:39 228,864 ----a-w C:\WINDOWS\system32\wmasf.dll 2007-10-27 16:39 228,864 ------w C:\WINDOWS\system32\DllCache\wmasf.dll 2007-10-26 03:34 8,460,288 ----a-w C:\WINDOWS\system32\DllCache\shell32.dll 2007-10-18 09:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll 2007-10-11 05:57 96,256 ------w C:\WINDOWS\system32\DllCache\inseng.dll 2007-10-11 05:57 666,112 ------w C:\WINDOWS\system32\DllCache\wininet.dll 2007-10-11 05:57 617,984 ------w C:\WINDOWS\system32\DllCache\urlmon.dll 2007-10-11 05:57 55,808 ------w C:\WINDOWS\system32\DllCache\extmgr.dll 2007-10-11 05:57 532,480 ------w C:\WINDOWS\system32\DllCache\mstime.dll 2007-10-11 05:57 474,112 ------w C:\WINDOWS\system32\DllCache\shlwapi.dll 2007-10-11 05:57 449,024 ------w C:\WINDOWS\system32\DllCache\mshtmled.dll 2007-10-11 05:57 39,424 ------w C:\WINDOWS\system32\DllCache\pngfilt.dll 2007-10-11 05:57 357,888 ------w C:\WINDOWS\system32\DllCache\dxtmsft.dll 2007-10-11 05:57 251,904 ------w C:\WINDOWS\system32\DllCache\iepeers.dll 2007-10-11 05:57 205,824 ------w C:\WINDOWS\system32\DllCache\dxtrans.dll 2007-10-11 05:57 16,384 ------w C:\WINDOWS\system32\DllCache\jsproxy.dll 2007-10-11 05:57 151,040 ------w C:\WINDOWS\system32\DllCache\cdfview.dll 2007-10-11 05:57 146,432 ------w C:\WINDOWS\system32\DllCache\msrating.dll 2007-10-11 05:57 1,498,112 ------w C:\WINDOWS\system32\DllCache\shdocvw.dll 2007-10-11 05:57 1,054,208 ------w C:\WINDOWS\system32\DllCache\danim.dll 2007-10-11 05:57 1,024,000 ------w C:\WINDOWS\system32\DllCache\browseui.dll 2007-10-10 10:48 18,432 ------w C:\WINDOWS\system32\DllCache\iedw.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}] 2007-10-04 21:06 1135968 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} {EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2007-10-04 21:06 1135968] [HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1] [HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}] [HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-01-13 02:13 15360] "Steam"="C:\Valve\Steam\Steam.exe" [2007-12-14 19:17 1266936] "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-07-26 20:14 1867776] "Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 17:43 4670704] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SkyTel"="SkyTel.EXE" [2006-05-16 11:04 2879488 C:\WINDOWS\SkyTel.exe] "PCTVOICE"="pctspk.exe" [2004-08-11 05:42 176128 C:\WINDOWS\system32\pctspk.exe] "RTHDCPL"="RTHDCPL.EXE" [2006-06-28 07:54 16248320 C:\WINDOWS\RTHDCPL.exe] "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-11-08 23:00 128920] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648] "VirtualDrive"="C:\Program Files\FarStone\VirtualDrive\VDTask.exe" [2003-03-29 08:53 90112] "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47 31016] "BluetoothAuthenticationAgent"="bthprops.cpl" [2006-01-13 02:51 110592 C:\WINDOWS\system32\bthprops.cpl] "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 15:17 159744] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-10-10 06:28 36352] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496] "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-21 09:50 579072] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-11-11 13:47 7311360] "nwiz"="nwiz.exe" [2005-11-11 13:47 1519616 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-11-11 13:47 86016] "User Hosting Service"="usnhost.exe" [2008-01-04 21:00 72704 C:\WINDOWS\system32\usnhost.exe] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "msnsc"="C:\WINDOWS\system32\msnsc.exe" [2006-01-13 02:36 62054] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-01-13 02:13 15360] "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-12-15 17:30 219136] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nlsf"="cmd.exe" [2006-01-13 02:49 388608 C:\WINDOWS\system32\cmd.exe] "tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2006-01-13 02:25 44544] C:\Documents and Settings\n\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54] PowerReg Scheduler.exe [2007-06-13 12:59:46] C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-08-16 10:58:39] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PV92TRAY] PV92Tray.exe R1 cdawdm;CDAWDM;C:\WINDOWS\system32\DRIVERS\CDAWDM.sys [2003-02-25 10:38] S3 k510bus;Sony Ericsson K510 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\k510bus.sys [2007-12-01 19:06] S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k510mdfl.sys [2007-12-01 19:06] S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\k510mdm.sys [2007-12-01 19:06] S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\k510mgmt.sys [2007-12-01 19:06] S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\k510obex.sys [2007-12-01 19:06] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d9516922-0df9-11dc-83c4-95125059cc9e}] \Shell\AutoRun\command - H:\LaunchU3.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f16c65a0-9b55-11db-91eb-806d6172696f}] \Shell\AutoRun\command - E:\ctrun\ctrun.exe Newly Created Service - PROCEXP90 . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-01-05 13:48:51 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-01-05 13:50:56 . 2007-12-22 12:43:41 --- E O F ---

Profil

dr_Bora Poslao: 06 Jan 2008 01:36 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! dr_Bora ::Pošalji mi sledeći file: C:\WINDOWS\system32\usnhost.exe preko ovog linka: http://www.mycity.rs/ambulanta-upload.php ...

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Logfile of HijackThis v1.99.1

Ko je trenutno na forumu

Ukupno su 894 korisnika na forumu :: 24 registrovanih, 5 sakrivenih i 865 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Apok, asdfjklc, bojankrstc, dzoni19, GandorCC, Georgius, ivan1973, Jeremiah, JimmyNapoli, lord sir giga, Lucky_Bastard, Milometer, MiroslavD, mkukoleca, mnn2, nikoladim, raptorsi, Romibrat, saputnik plavetnila, sasa87, Sirius, stegonosa, Trpe Grozni, VP6919

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by