moj hijack file i sta dalje??

moj hijack file i sta dalje??

offline
  • firuza 
  • Novi MyCity građanin
  • Pridružio: 20 Nov 2008
  • Poruke: 2

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:54:50 PM, on 11/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\3CX VoIP Client\3CXTunnel.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer3\TeamViewer_Service.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\3CX VoIP Client\3CXVoIPClient.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =

go.microsoft.com/fwlink/?LinkId=74005
R3 - URLSearchHook: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program

Files\Mininova\tbMini.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program

Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program

Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} -

C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll
O2 - BHO: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program

Files\Mininova\tbMini.dll
O2 - BHO: MyCentria Internet Mate v2.0 - {FFFC57DB-1DE3-4303-B24D-CEE6DCDD3D86} -

C:\PROGRA~1\MYCENT~1\InfoBar\MYCENT~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program

files\google\googletoolbar2.dll
O3 - Toolbar: Mininova Toolbar - {f592709f-ff4a-4862-b659-4afabda56312} - C:\Program

Files\Mininova\tbMini.dll
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE

C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide

/waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"

-osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [3CXPhone] "C:\Program Files\3CX VoIP Client\3CXVoIPClient.exe"
O4 - HKCU\..\Run: [swg] C:\Program

Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LowRateVoip] "C:\Program Files\LowRateVoip\LowRateVoip.exe" -nosplash

-minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL

SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx

nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK

SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx

nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx

nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx

nLite.inf,C,,4,N (User 'Default user')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration -

{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) -

picasaweb.google.com/s/v/e/37.09/HboD-mApHAo/uploader2.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -

C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: 3CX PhoneSystem SIP/RTP Tunneling Proxy (3CXTunnel) - 3CX Software Ltd. -

C:\Program Files\3CX VoIP Client\3CXTunnel.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32

Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32

Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program

Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero

BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -

C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program

Files\Spyware Doctor\pctsAuxs.exe (file missing)
O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - C:\Program

Files\Spyware Doctor\pctsSvc.exe (file missing)
O23 - Service: TeamViewer 3 (TeamViewer) - TeamViewer GmbH - C:\Program

Files\TeamViewer3\TeamViewer_Service.exe

--
End of file - 5994 bytes

offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Tvoja tema je prebacena ovde:
http://www.mycity.rs/VoIP/Voipdiscount-login-problem.html

Kolega je utvrdio da je log cist, i da tvoj problem nije prouzrokovan malwareom, pa je temu prebacio u odgovarajuci forum.

20 Nov 2008 20:49 bobby Zaključavanje topica Razlog: Ovaj topic je dupliran  
Ko je trenutno na forumu
 

Ukupno su 1234 korisnika na forumu :: 96 registrovanih, 12 sakrivenih i 1126 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., aleksandarbl, amaterSRB, Arsenije, arzak, babaroga, bojcistv, Boter, brundo65, cavatina, cifra, Cigi, darios, draganl, dragonserbia, DucicM, Duh sa sekirom, dule10savic, eulereix, Futurama, geo.dule, GogiA, gomago, goran.vvv, Griffon vulture, HrcAk47, ikan, Istman, Japidson, JOntra, Jovan Nenad, koom0001, liman, Mackomen, maiden6657, Marko Marković, Markoni29, mercedesamg, Mercury, mgolub, micke83, mige, Mikulino, miodrag, Miskohd, Mixelotti, mnn2, moldway, MrNo, naki011, nebkv, Neutral-M, ofbeyond, oganj123, operniki, opt1, pacika, Panter, panzerwaffe, pedja63, procesor, raptorsi, Ray1973, RiV, rkekoke, RobinHood12, Rocker, savaskytec, Shinobi, Singidunumac, slonic_tonic, solic, srbijaiznadsvega, Srle993, Sterilizacija, taz1cl, tesa, tmanda323, Toni, trajkoni018, TripleTwo, tubular, Vajezatha, vathra, VJ, vladom6, vsn111, vukovi, Wrangler, YU-UKI, zastavnik, zdrebac, ZoranB., |_MeD_|, Žukov, 1107