MyCity » Ambulanta -> Arhiva Ambulante » Problem sa nekim trojancem???

Problem sa nekim trojancem???

Napisano na dan: 14.9.2007

Strana:
1
2
3
4

Problem sa nekim trojancem???

Pagination

Prethodna strana

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3
4

Evil Ghost Poslao: 16 Sep 2007 23:04 Idi na vrh
offline Evil Ghost Ugledni građanin Pridružio: 15 Feb 2007 Poruke: 443	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Evo ovako: Nije mi izbacio nikakva obaveštenja osim da je uspešno sve uradio. Evo screenshot-a ako si na ovo mislio Na desktop izbacio mi je txt i zip. Evo txt: catchme 0.3.1160 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2007-09-16 22:52:47 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Vax347s\Config\jdgg40] "ujdew"=hex:20,02,00,00,7e,5d,79,65,27,0b,21,ae,9a,0e,60,72,03,28,ad,f0,d9,.. "ljej40"=hex:9f,2f,ec,92,25,52,76,06,45,74,ba,84,4a,c2,19,4f,6a,6c,08,6b,65,.. scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}] "DisplayName"="Alcohol 120%" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\4\27\xb0] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\4\27\xb0\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x158 \xb0] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x158 \xb0\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\24J\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\24J\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xb4p\20] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xb4p\20\COMCTL32.DLL] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ls\6] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\Ls\6\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x159u\xb0] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x159u\xb0\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\30\x104\x2122\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\30\x104\x2122\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\30\xa7\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\30\xa7\22\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ \xa8\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ \xa8\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\\xa9\23] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\\xa9\23\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xb8\x15e\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xb8\x15e\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xa0\xae\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xa0\xae\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x15a\xb1\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x15a\xb1\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xb8\xb6\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xb8\xb6\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\X\xb7\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\X\xb7\22\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x159\xb7\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x159\xb7\22\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\@\xb8\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\@\xb8\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\,\x15f\x98\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\,\x15f\x98\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\20\xbb\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\20\xbb\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xb4\xc2\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xb4\xc2\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\|\x10c\xe1\3\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\|\x10c\xe1\3\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xa0\xc9\6] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xa0\xc9\6\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xac\x118\6] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xac\x118\6\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\8\xcb\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\8\xcb\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\$\x11a\a] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\$\x11a\a\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\|\x11a\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\|\x11a\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\t\xcd\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\t\xcd\22\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x90\x00ceC\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x90\x00ceC\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\D\x10e\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\D\x10e\22\COMCTL32.DLL] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x90\x10e\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x90\x10e\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xa4\x110\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xa4\x110\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x11b\x143\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x11b\x143\22\COMCTL32.DLL] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\T\x147\xd4\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\T\x147\xd4\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\T\x147\xdf\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\T\x147\xdf\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\T\x147]\5\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\T\x147]\5\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\T\x147\x162\5\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\T\x147\x162\5\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ \xd3\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ \xd3\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x10d\xd3\r] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x10d\xd3\r\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\$\xd4\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\$\xd4\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\0\x150\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\0\x150\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x88\x150\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x88\x150\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xdc\xd6\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xdc\xd6\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\D\xd7\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\D\xd7\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\H\xd7\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\H\xd7\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\`\x158\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\`\x158\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xac\x158\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xac\x158\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x110\x158\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x110\x158\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x10d\x158\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x10d\x158\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\t\x16e\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\t\x16e\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\0\xdc\a] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\0\xdc\a\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x10d\xdd\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x10d\xdd\22\COMCTL32.DLL] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xf4\x162\a] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xf4\x162\a\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x159\x162\a] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x159\x162\a\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x90\xdf\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x90\xdf\22\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xfc\xdf\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xfc\xdf\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\34\x155\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\34\x155\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x158\xe1\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x158\xe1\22\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x111\xe4#\2\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x111\xe4#\2\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x98\x107\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x98\x107\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x10d\x010dD\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x10d\x010dD\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\$\xe9\x20ac\5\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\$\xe9\x20ac\5\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xd4\xe9\6] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xd4\xe9\6\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ \x119\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ \x119\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\b\x11b\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\b\x11b\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\\x11b\a] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\\x11b\a\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\30\xed\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\30\xed\22\comctl32.DLL] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\|\xed\a] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\|\xed\a\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xe4\xed\6] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xe4\xed\6\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ \xee\a] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\ \xee\a\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\x107] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\x107\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\xe7] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\xe7\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\x10d] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\x10d\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\xe9] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\xe9\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\x147] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\x147\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\x158] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\x158\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\xda] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\xda\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\xfd] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\xfd\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\31\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\31\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\e\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\e\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\36\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\36\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee)\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee)\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xeek\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xeek\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\x15f\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\x15f\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\x102\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\x102\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\xc4\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\xc4\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\a\2\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\a\2\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\e\2\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee\e\2\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee+\3\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee+\3\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee-\3\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee-\3\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee/\3\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xee/\3\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\x00ee9\3\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\x00ee9\3\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x11a\x111G\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x11a\x111G\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x11a\x111K\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x11a\x111K\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x11a\x111\x2d9] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x11a\x111\x2d9\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x110\x111\x2022\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x110\x111\x2022\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x110\x111\x104\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x110\x111\x104\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x15b\x144\x171] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x15b\x144\x171\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x15b\x144\xf7] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x15b\x144\xf7\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x15b\x144G\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x15b\x144G\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x15b\x144K\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x15b\x144K\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x15b\x144\x2d9] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x15b\x144\x2d9\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x15b\x144\x141\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x15b\x144\x141\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xb4\x144\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xb4\x144\22\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xe4\x144\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xe4\x144\22\COMCTL32.DLL] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\`\x148\6] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\`\x148\6\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\h\xf4\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\h\xf4\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\b\x151\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\b\x151\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\$\x151\a] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\$\x151\a\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\0\x151\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\0\x151\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xf6\x2122\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x20ac\xf6\x2122\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x15b\xf6G\1\x2022\b\x2018\|] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\x15b\xf6G\1\x2022\b\x2018\|\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\f\xf7\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\f\xf7\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\0\xf7\6] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\0\xf7\6\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xa4\x159\a] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xa4\x159\a\comctl32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xc4\x159\22] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\xc4\x159\22\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\24\xfa\a] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\MUILanguages\FileVersions\\24\xfa\a\COMCTL32.dll] "MUIVer"=hex(b):84,08,54,0b,00,00,06,00 "000600000b540ba6"=dword:00000000 scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 file zipped: C:\Windows\System32\vturo.dll -> catchme.zip -> vturo.dll ( 244832 bytes ) PE file "C:\Windows\System32\vturo.dll" killed successfully Evo i zipa ne raspakovanog: [Link mogu videti samo ulogovani korisnici] Ali koliko ja vidim još uvek je fajl vturo.dll u system32

Profil

DEMIAN Poslao: 16 Sep 2007 23:08 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jesi li restartovao racunar ? Uradi to ako već nisi pa proveri. Stvarno mi je cudno da ga nista ne briše a i u zadnjem logu piše da je obrisan. Postavi i HijackThis log..

Profil

Evil Ghost Poslao: 16 Sep 2007 23:23 Idi na vrh
offline Evil Ghost Ugledni građanin Pridružio: 15 Feb 2007 Poruke: 443	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jesam i još uvek je tu! Logfile of HijackThis v1.99.1 Scan saved at 23:25:59, on 16.9.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Bluetooth\BTNtService.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\PrintCtrl.exe C:\Program Files\Cyberlink\Shared files\RichVideo.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\PowerDVD\PDVDServ.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Bluetooth\BlueSoleil.exe C:\Program Files\ASUS USB ADSL Modem\ASUS USB ADSL Modem\dslmon.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\Opera 9.5 alpha\opera.exe E:\M U Z I K A\Nenarezani programi\TR3.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: (no name) - {733E9132-53CA-4C97-9AC9-145C4502FA20} - C:\WINDOWS\system32\yaywvss.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {BDD53433-53BB-4366-B7B8-8DFFA0C7DA42} - C:\WINDOWS\system32\vturo.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" -osboot O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: DSLMON.lnk = ? O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{7C316C31-68E5-49BD-9B6D-3B8F479592FF}: NameServer = 80.74.160.14 80.74.160.38 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\Bluetooth\BTNtService.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: lmab_device - Unknown owner - C:\WINDOWS\system32\LMabcoms.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Printer Control - Unknown owner - C:\WINDOWS\system32\PrintCtrl.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Profil

DEMIAN Poslao: 17 Sep 2007 19:21 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Treba mi lista servisa koji ti se pokreću/rade. Skini ovu [url=https://www.mycity.rs/must-login.png i raspakuj je u zaseban folder. Pokreni fajl "Lista_servisa.bat" i pojaviće ti se txt dokument. Kopiraj mi njegov sadržaj na forum ili iskoristi opciju "Prikači fajl" uz poruku da bi mi je poslao.

Profil

Evil Ghost Poslao: 17 Sep 2007 20:06 Idi na vrh
offline Evil Ghost Ugledni građanin Pridružio: 15 Feb 2007 Poruke: 443	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Evo ga log: [Link mogu videti samo ulogovani korisnici] Dopuna: 17 Sep 2007 20:06 Evo screenshot-a: Evo i zip-a: [Link mogu videti samo ulogovani korisnici]

Profil

DEMIAN Poslao: 19 Sep 2007 19:15 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jesi li postupio po onim dodatnim uputstvima koje sam ti dao ? Daj novi HJT log.

Profil

Evil Ghost Poslao: 19 Sep 2007 19:25 Idi na vrh
offline Evil Ghost Ugledni građanin Pridružio: 15 Feb 2007 Poruke: 443	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jesam i evo loga: Logfile of HijackThis v1.99.1 Scan saved at 19:24:31, on 19.9.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Bluetooth\BTNtService.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Eset\nod32krn.exe C:\Program Files\Cyberlink\Shared files\RichVideo.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\PowerDVD\PDVDServ.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Bluetooth\BlueSoleil.exe C:\Program Files\ASUS USB ADSL Modem\ASUS USB ADSL Modem\dslmon.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\WINDOWS\system32\wuauclt.exe E:\M U Z I K A\Nenarezani programi\TR3.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" -osboot O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [PrintDisp] C:\WINDOWS\system32\PrintDisp.exe O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: DSLMON.lnk = ? O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: &Search - [Link mogu videti samo ulogovani korisnici] O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O17 - HKLM\System\CCS\Services\Tcpip\..\{7C316C31-68E5-49BD-9B6D-3B8F479592FF}: NameServer = 80.74.160.14 80.74.160.38 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\Bluetooth\BTNtService.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: lmab_device - Unknown owner - C:\WINDOWS\system32\LMabcoms.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Profil

DEMIAN Poslao: 19 Sep 2007 19:47 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jaooo.. Taman se rešismo one prve infekcije na koju si se žalio - ti instaliraš novi spyware Ajde i ovo sredi.. Pokreni HijackThis, opet skeniraj i štikliraj sledeće linije: R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe O8 - Extra context menu item: &Search - [Link mogu videti samo ulogovani korisnici] zatim klikni na Fix Checked. Restartuj kompjuter i obriši folder: C:\Program Files\MyWebSearch Posle toga postavi novi log da proverim da li si sve izbrisao.

Profil

Evil Ghost Poslao: 19 Sep 2007 20:08 Idi na vrh
offline Evil Ghost Ugledni građanin Pridružio: 15 Feb 2007 Poruke: 443	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nisam ništa radio, nema toga. Evo najnovijeg loga: Logfile of HijackThis v1.99.1 Scan saved at 20:07:50, on 19.9.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Bluetooth\BTNtService.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Eset\nod32krn.exe C:\Program Files\Cyberlink\Shared files\RichVideo.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\system32\mqtgsvc.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\PowerDVD\PDVDServ.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Bluetooth\BlueSoleil.exe C:\Program Files\ASUS USB ADSL Modem\ASUS USB ADSL Modem\dslmon.exe C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\Opera 9.5 alpha\Opera.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Winamp\winamp.exe C:\WINDOWS\system32\wuauclt.exe E:\M U Z I K A\Nenarezani programi\TR3.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [MsgCenterExe] "C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" -osboot O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [PrintDisp] C:\WINDOWS\system32\PrintDisp.exe O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll O4 - HKLM\..\RunOnce: [MyWebSearch bar Uninstall] rundll32 C:\PROGRA~1\UNINST~1.DLL,O -3 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: DSLMON.lnk = ? O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe O8 - Extra context menu item: &Search - [Link mogu videti samo ulogovani korisnici] O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O17 - HKLM\System\CCS\Services\Tcpip\..\{7C316C31-68E5-49BD-9B6D-3B8F479592FF}: NameServer = 80.74.160.14 80.74.160.38 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\Bluetooth\BTNtService.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: lmab_device - Unknown owner - C:\WINDOWS\system32\LMabcoms.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Profil

DEMIAN Poslao: 19 Sep 2007 20:16 Idi na vrh
offline DEMIAN Legendarni građanin IT Manager Pridružio: 25 Mar 2005 Poruke: 3706 Gde živiš: The darkest place on earth..	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Evil Ghost ::Nisam ništa radio, nema toga. Ja sam linije prepisao iz onog predzadnjeg loga. U ovom zadnjem nema ničeg spornog. Sad je čisto.. Tema ostaje još par dana otvorena pa ide u arhivu, ako se slučajno infekcija "povrati" osveži temu.. Pozz

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Problem sa nekim trojancem???

Ko je trenutno na forumu

Ukupno su 2028 korisnika na forumu :: 93 registrovanih, 6 sakrivenih i 1929 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 6018 - dana 19 Dec 2025 13:41

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 015, _Sale, A.R.Chafee.Jr., alberto, avijacija, bbrasnjo3, Bivan, Bo96, Bobrock1, bojanM84, bokicacar, Borkanović, boromir, borya90, bpop, Buzdovan, Cirkon, cvrle312, darcaud, darkojbn, Dimitrise93, Django777, djonsule, drpera, Džekson, Fabius, famoso, fireball021, Fog of War, Frunze, gobrad, Gogi_avio, goranperović66, GrobarPovratak, halkin gol, HrcAk47, iceburn, IQ116, ivan1973, Jelly4183, K2, Kenanjoz, kovinacc, Kubovac, Levi, Logic005, Macalone, markolopin, mean_machine, mercedesamg, Michellefromrezistance, Miha79, mikrimaus, Miler88, mileta4, MiloradKomadic, Milos1389, Mr. Majevica, nebkv, nebojsag, nenad81, niksa517, Ognjen D., pavle_pzs, Petarvu, PlayerOne, Pohovani_00, RajkoB, raso76, sap, sarma, scout81, shlauf, SlaKoj, stemark, suton, Tandrkalo, tomo2, tooljan, Topaz9, Troja, ulogovan, vaci, veljko82, vidra1, VonDrobac, VX1, wolf431, zeka013, Zimbabwe, zokizemun, zubri, Zvlade

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by