MyCity » Ambulanta -> Arhiva Ambulante » svhost.exe

svhost.exe

Napisano na dan: 30.6.2013

Strana:
1
2

svhost.exe

Pagination

Prethodna strana

Odgovori

Strana:
1
2

juve7 Poslao: 30 Jun 2013 14:54 Idi na vrh
offline juve7 Građanin Pridružio: 25 Dec 2005 Poruke: 66	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png OTL logfile created on: 30.6.2013 14:30:37 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\XY\Desktop Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 0000141a \| Country: Bosna i Hercegovina \| Language: BSB \| Date Format: d.M.yyyy 1,60 Gb Total Physical Memory \| 0,77 Gb Available Physical Memory \| 48,06% Memory free 3,21 Gb Paging File \| 2,05 Gb Available in Paging File \| 63,87% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: \| %SystemRoot% = C:\Windows \| %ProgramFiles% = C:\Program Files Drive C: \| 100,05 Gb Total Space \| 83,47 Gb Free Space \| 83,43% Space Free \| Partition Type: NTFS Drive D: \| 197,94 Gb Total Space \| 197,14 Gb Free Space \| 99,60% Space Free \| Partition Type: NTFS Computer Name: XY-PC \| User Name: XY \| Logged in as Administrator. Boot Mode: Normal \| Scan Mode: Current user Company Name Whitelist: Off \| Skip Microsoft Files: Off \| No Company Name Whitelist: On \| File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.06.30 14:28:13 \| 000,602,112 \| ---- \| M] (OldTimer Tools) -- C:\Users\XY\Desktop\OTL.exe PRC - [2013.06.12 18:49:29 \| 001,855,880 \| ---- \| M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe PRC - [2013.05.24 12:31:35 \| 000,920,472 \| ---- \| M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2013.05.09 10:58:30 \| 004,858,968 \| ---- \| M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2013.05.09 10:58:30 \| 000,046,808 \| ---- \| M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2013.04.04 21:36:12 \| 000,607,744 \| ---- \| M] (MyCity) -- C:\Program Files\MCShield\MCShieldRTM.exe PRC - [2013.04.04 14:50:32 \| 000,701,512 \| ---- \| M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2013.04.04 14:50:32 \| 000,532,040 \| ---- \| M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2013.04.04 14:50:32 \| 000,418,376 \| ---- \| M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2011.08.03 10:57:54 \| 000,742,688 \| ---- \| M] (Broadcom Corporation.) -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe PRC - [2011.07.05 15:08:42 \| 000,401,408 \| ---- \| M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2011.07.05 15:08:18 \| 000,176,128 \| ---- \| M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2010.12.27 16:30:22 \| 001,817,088 \| ---- \| M] (Realsil Microelectronics Inc.) -- C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe PRC - [2009.07.14 03:14:42 \| 000,049,152 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009.07.14 03:14:20 \| 002,613,248 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009.07.14 03:14:15 \| 000,271,360 \| ---- \| M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe ========== Modules (No Company Name) ========== MOD - [2013.06.12 18:49:27 \| 016,033,160 \| ---- \| M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_224.dll MOD - [2013.05.24 12:31:33 \| 003,128,728 \| ---- \| M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2007.09.20 18:34:58 \| 000,129,024 \| ---- \| M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2006.05.14 06:23:40 \| 000,138,752 \| ---- \| M] () -- C:\Program Files\7-Zip\7-zip.dll ========== Services (SafeList) ========== SRV - [2013.06.29 18:07:48 \| 000,351,104 \| ---- \| M] (Sysinternals - sysinternals.com) [On_Demand \| Stopped] -- C:\Users\XY\AppData\Local\Temp\SSNOT.exe -- (SSNOT) SRV - [2013.06.29 18:07:33 \| 000,482,176 \| ---- \| M] (Sysinternals - sysinternals.com) [On_Demand \| Stopped] -- C:\Users\XY\AppData\Local\Temp\JBZXTYN.exe -- (JBZXTYN) SRV - [2013.06.12 18:49:39 \| 000,256,904 \| ---- \| M] (Adobe Systems Incorporated) [On_Demand \| Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.24 12:31:34 \| 000,117,144 \| ---- \| M] (Mozilla Foundation) [On_Demand \| Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.05.09 10:58:30 \| 000,046,808 \| ---- \| M] (AVAST Software) [Auto \| Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2013.04.04 14:50:32 \| 000,701,512 \| ---- \| M] (Malwarebytes Corporation) [Auto \| Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2013.04.04 14:50:32 \| 000,418,376 \| ---- \| M] (Malwarebytes Corporation) [Auto \| Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2011.08.03 10:57:54 \| 000,742,688 \| ---- \| M] (Broadcom Corporation.) [Auto \| Running] -- c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2011.07.05 15:08:18 \| 000,176,128 \| ---- \| M] (AMD) [Auto \| Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2010.12.27 16:30:22 \| 001,817,088 \| ---- \| M] (Realsil Microelectronics Inc.) [Auto \| Running] -- C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2009.07.14 03:16:13 \| 000,025,088 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:16:12 \| 001,004,544 \| ---- \| M] (Microsoft Corporation) [On_Demand \| Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 03:15:41 \| 000,680,960 \| ---- \| M] (Microsoft Corporation) [Auto \| Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - [2013.06.28 13:04:34 \| 000,175,176 \| ---- \| M] () [Kernel \| Boot \| Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm) DRV - [2013.06.28 13:04:33 \| 000,770,344 \| ---- \| M] (AVAST Software) [File_System \| System \| Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2013.06.28 13:04:33 \| 000,369,584 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2013.05.09 10:59:10 \| 000,061,680 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr) DRV - [2013.05.09 10:59:10 \| 000,056,080 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2013.05.09 10:59:10 \| 000,049,376 \| ---- \| M] () [Kernel \| Boot \| Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt) DRV - [2013.05.09 10:59:09 \| 000,066,336 \| ---- \| M] (AVAST Software) [File_System \| Auto \| Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2013.05.09 10:59:09 \| 000,021,576 \| ---- \| M] (AVAST Software) [Kernel \| System \| Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd) DRV - [2013.05.09 10:59:08 \| 000,029,816 \| ---- \| M] (AVAST Software) [File_System \| Auto \| Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2013.04.04 14:50:32 \| 000,022,856 \| ---- \| M] (Malwarebytes Corporation) [File_System \| On_Demand \| Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011.08.04 19:19:26 \| 000,142,632 \| ---- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Running] -- C:\Windows\System32\drivers\bcbtums.sys -- (bcbtums) DRV - [2011.08.04 19:19:26 \| 000,076,328 \| ---- \| M] (Broadcom Corporation.) [Kernel \| On_Demand \| Running] -- C:\Windows\System32\drivers\btwdpan.sys -- (BTWDPAN) DRV - [2011.07.05 15:49:22 \| 007,800,832 \| ---- \| M] (ATI Technologies Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2011.07.05 14:32:04 \| 000,245,760 \| ---- \| M] (Advanced Micro Devices, Inc.) [Kernel \| On_Demand \| Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2011.02.15 11:37:10 \| 000,251,496 \| ---- \| M] (Realtek Semiconductor Corp.) [Kernel \| On_Demand \| Running] -- C:\Windows\System32\drivers\RtsPStor.sys -- (RSPCIESTOR) DRV - [2009.07.14 03:19:10 \| 000,175,824 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2009.07.14 03:19:10 \| 000,040,896 \| ---- \| M] (Microsoft Corporation) [Kernel \| Boot \| Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2009.07.14 03:19:10 \| 000,028,224 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2009.07.14 01:28:47 \| 000,005,632 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009.07.14 01:28:45 \| 000,017,920 \| ---- \| M] (Microsoft Corporation) [Kernel \| On_Demand \| Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bs-ba IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 22 65 10 4C EB 50 CE 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - prefs.js..extensions.enabledItems: wrc@avast.com:7.0.1426 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.46: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\XY\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\XY\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2012.06.07 15:09:22 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.06.27 15:29:12 \| 000,000,000 \| ---D \| M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.24 12:31:19 \| 000,000,000 \| ---D \| M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.24 12:31:19 \| 000,000,000 \| ---D \| M] [2012.06.07 15:18:33 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\XY\AppData\Roaming\Mozilla\Extensions [2012.10.24 20:22:34 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Users\XY\AppData\Roaming\Mozilla\Firefox\Profiles\i31e245o.default\extensions [2013.05.24 12:31:36 \| 000,000,000 \| ---D \| M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions [2013.05.24 12:31:36 \| 000,000,000 \| ---D \| M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: google.com/ CHR - plugin: Google Update (Enabled) = C:\Users\XY\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll O1 HOSTS File: ([2009.06.10 23:39:37 \| 000,000,824 \| ---- \| M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKCU..\Run: [MCShield Monitor] C:\Program Files\MCShield\MCShieldRTM.exe (MyCity) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{63D7AF20-B609-4249-9CCD-7BCBF843D8CF}: DhcpNameServer = 87.250.98.250 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8507A0ED-4D85-48DD-A2B6-AC6835D5CA10}: NameServer = 195.222.60.60 195.222.32.30 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C9F81DFE-D939-454A-9374-F859C5527DB7}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 \| 000,000,024 \| ---- \| M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk ) O35 - HKLM\..comfile [open] -- "%1" % O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.30 14:28:05 \| 000,602,112 \| ---- \| C] (OldTimer Tools) -- C:\Users\XY\Desktop\OTL.exe [2013.06.30 11:18:07 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield [2013.06.30 11:18:06 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\MCShield [2013.06.30 11:18:05 \| 000,000,000 \| ---D \| C] -- C:\Program Files\MCShield [2013.06.30 10:35:43 \| 004,745,728 \| ---- \| C] (AVAST Software) -- C:\Users\XY\Desktop\aswMBR.exe [2013.06.30 10:09:14 \| 000,000,000 \| ---D \| C] -- C:\FRST [2013.06.30 10:07:50 \| 001,372,095 \| ---- \| C] (Farbar) -- C:\Users\XY\Desktop\FRST.exe [2013.06.29 17:56:04 \| 000,334,720 \| ---- \| C] (Sysinternals - sysinternals.com) -- C:\Users\XY\Desktop\RootkitRevealer.exe [2013.06.29 16:05:54 \| 002,756,800 \| ---- \| C] (Sysinternals - sysinternals.com) -- C:\Users\XY\Desktop\procexp.exe [2013.06.29 15:34:50 \| 000,000,000 \| ---D \| C] -- C:\Users\XY\AppData\Roaming\Process Hacker 2 [2013.06.29 15:28:04 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2 [2013.06.29 15:28:02 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Process Hacker 2 [2013.06.29 15:19:40 \| 000,000,000 \| ---D \| C] -- C:\Program Files\HitmanPro [2013.06.29 15:18:54 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\HitmanPro [2013.06.29 15:07:57 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\TEMP [2013.06.29 15:07:05 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Trojan Remover [2013.06.28 13:39:27 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.06.28 13:39:21 \| 000,022,856 \| ---- \| C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013.06.28 13:39:21 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013.06.27 18:12:16 \| 000,000,000 \| -HSD \| C] -- C:\$RECYCLE.BIN [2013.06.27 17:53:04 \| 000,000,000 \| ---D \| C] -- C:\Qoobox [2013.06.27 17:52:36 \| 000,000,000 \| ---D \| C] -- C:\Windows\erdnt [2013.06.27 17:39:18 \| 000,000,000 \| ---D \| C] -- C:\Users\XY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2013.06.27 17:39:17 \| 000,000,000 \| ---D \| C] -- C:\Program Files\Trend Micro [2013.06.27 15:30:30 \| 000,021,576 \| ---- \| C] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys [2013.06.27 15:27:22 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Spybot - Search & Destroy [2013.06.27 15:17:02 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security [2013.06.27 14:47:56 \| 000,000,000 \| ---D \| C] -- C:\Program Files\CCleaner [2013.06.27 14:14:56 \| 000,000,000 \| ---D \| C] -- C:\Users\XY\AppData\Roaming\Malwarebytes [2013.06.27 14:14:41 \| 000,000,000 \| ---D \| C] -- C:\ProgramData\Malwarebytes [2013.06.27 14:14:26 \| 000,000,000 \| ---D \| C] -- C:\Users\XY\AppData\Local\Programs ========== Files - Modified Within 30 Days ========== [2013.06.30 14:28:13 \| 000,602,112 \| ---- \| M] (OldTimer Tools) -- C:\Users\XY\Desktop\OTL.exe [2013.06.30 13:57:05 \| 000,000,896 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3277866314-1329371447-4143024899-1000UA.job [2013.06.30 13:57:05 \| 000,000,844 \| ---- \| M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3277866314-1329371447-4143024899-1000Core.job [2013.06.30 13:49:01 \| 000,000,830 \| ---- \| M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.30 13:45:12 \| 000,012,816 \| -H-- \| M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.30 13:45:12 \| 000,012,816 \| -H-- \| M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.30 13:38:50 \| 000,067,584 \| --S- \| M] () -- C:\Windows\bootstat.dat [2013.06.30 13:38:39 \| 1292,034,048 \| -HS- \| M] () -- C:\hiberfil.sys [2013.06.30 11:00:26 \| 000,000,512 \| ---- \| M] () -- C:\Users\XY\Desktop\MBR.dat [2013.06.30 10:41:31 \| 280,359,092 \| ---- \| M] () -- C:\Windows\MEMORY.DMP [2013.06.30 10:37:26 \| 004,745,728 \| ---- \| M] (AVAST Software) -- C:\Users\XY\Desktop\aswMBR.exe [2013.06.30 10:08:21 \| 001,372,095 \| ---- \| M] (Farbar) -- C:\Users\XY\Desktop\FRST.exe [2013.06.29 17:13:09 \| 000,001,821 \| ---- \| M] () -- C:\Users\Public\Desktop\HitmanPro.lnk [2013.06.29 15:28:04 \| 000,001,998 \| ---- \| M] () -- C:\Users\XY\Desktop\Process Hacker 2.lnk [2013.06.28 13:39:27 \| 000,001,071 \| ---- \| M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013.06.28 13:04:34 \| 000,175,176 \| ---- \| M] () -- C:\Windows\System32\drivers\aswVmm.sys [2013.06.28 13:04:34 \| 000,000,175 \| ---- \| M] () -- C:\Windows\System32\drivers\aswVmm.sys.sum [2013.06.28 13:04:34 \| 000,000,175 \| ---- \| M] () -- C:\Windows\System32\drivers\aswSP.sys.sum [2013.06.28 13:04:33 \| 000,770,344 \| ---- \| M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys [2013.06.28 13:04:33 \| 000,369,584 \| ---- \| M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys [2013.06.28 13:04:33 \| 000,000,175 \| ---- \| M] () -- C:\Windows\System32\drivers\aswSnx.sys.sum [2013.06.27 18:14:45 \| 000,000,069 \| ---- \| M] () -- C:\Windows\NeroDigital.ini [2013.06.27 17:41:01 \| 000,000,079 \| ---- \| M] () -- C:\Windows\wininit.ini [2013.06.27 17:39:18 \| 000,002,949 \| ---- \| M] () -- C:\Users\XY\Desktop\HiJackThis.lnk [2013.06.27 15:30:25 \| 000,002,577 \| ---- \| M] () -- C:\Windows\System32\config.nt [2013.06.27 15:17:03 \| 000,001,922 \| ---- \| M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk [2013.06.27 14:48:00 \| 000,000,969 \| ---- \| M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.06.20 00:03:49 \| 000,002,315 \| ---- \| M] () -- C:\Users\XY\Desktop\Google Chrome.lnk [2013.06.12 18:49:29 \| 000,692,104 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.06.12 18:49:29 \| 000,071,048 \| ---- \| M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.05.31 15:54:54 \| 002,756,800 \| ---- \| M] (Sysinternals - sysinternals.com) -- C:\Users\XY\Desktop\procexp.exe ========== Files Created - No Company Name ========== [2013.06.30 11:00:26 \| 000,000,512 \| ---- \| C] () -- C:\Users\XY\Desktop\MBR.dat [2013.06.30 10:41:31 \| 280,359,092 \| ---- \| C] () -- C:\Windows\MEMORY.DMP [2013.06.29 15:28:04 \| 000,001,998 \| ---- \| C] () -- C:\Users\XY\Desktop\Process Hacker 2.lnk [2013.06.29 15:19:41 \| 000,001,821 \| ---- \| C] () -- C:\Users\Public\Desktop\HitmanPro.lnk [2013.06.28 13:39:27 \| 000,001,071 \| ---- \| C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013.06.28 13:04:55 \| 000,000,175 \| ---- \| C] () -- C:\Windows\System32\drivers\aswVmm.sys.sum [2013.06.28 13:04:51 \| 000,000,175 \| ---- \| C] () -- C:\Windows\System32\drivers\aswSnx.sys.sum [2013.06.28 13:04:43 \| 000,000,175 \| ---- \| C] () -- C:\Windows\System32\drivers\aswSP.sys.sum [2013.06.27 17:40:47 \| 000,000,079 \| ---- \| C] () -- C:\Windows\wininit.ini [2013.06.27 17:39:18 \| 000,002,949 \| ---- \| C] () -- C:\Users\XY\Desktop\HiJackThis.lnk [2013.06.27 15:30:28 \| 000,175,176 \| ---- \| C] () -- C:\Windows\System32\drivers\aswVmm.sys [2013.06.27 15:30:27 \| 000,049,376 \| ---- \| C] () -- C:\Windows\System32\drivers\aswRvrt.sys [2013.06.27 15:17:03 \| 000,001,922 \| ---- \| C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk [2013.06.27 14:48:00 \| 000,000,969 \| ---- \| C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.01.09 20:16:13 \| 000,000,069 \| ---- \| C] () -- C:\Windows\NeroDigital.ini [2012.06.07 15:54:51 \| 000,000,000 \| ---- \| C] () -- C:\Windows\ativpsrm.bin [2012.06.07 15:02:52 \| 000,006,656 \| ---- \| C] () -- C:\Windows\System32\bcmwlrc.dll [2011.09.15 02:11:16 \| 001,048,576 \| ---- \| C] () -- C:\Windows\System32\syndata.bin ========== ZeroAccess Check ========== [2009.07.14 06:42:31 \| 000,000,227 \| RHS- \| M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 03:16:14 \| 012,866,560 \| ---- \| M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 \| 000,605,696 \| ---- \| M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 \| 000,342,528 \| ---- \| M] (Microsoft Corporation) "ThreadingModel" = Both < End of report >

Profil

TwinHeadedEagle Poslao: 30 Jun 2013 15:38 Idi na vrh
offline TwinHeadedEagle Anti Malware Fighter Rank 2 Pridružio: 09 Avg 2011 Poruke: 15879 Gde živiš: Beograd	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kao sto rekoh, malware nije prisutan na sistemu. Otvori temu u Windows potforumu i tamo iznesi problem... Da pocistimo alate: Preuzmi "Xplode"-ov DelFix i sačuvaj ga na Desktop Dvoklikom pokreni program. Štikliraj sledeće opcije: Remove disinfection tools Purge System Restore Reset system settings Klikni na dugme "Run" i pričekaj da program završi rad. Kada alat završi, otvoriće izvestaj u notepadu. Napomena: Izvestaj ce takodje biti sacuvan na C:\DelFix.txt MCShield obavezno zadrzi, u pitanju je mnogo bolji program od USB Disk Security i sasvim sigurno ce spreciti infekcije preko USB-ova. Obavezno poseti temu "Testirajte da li vam je pretraživač ranjiv", pročitaj i isprati link koji stoji u njoj. Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html Takode, isprati i temu "Kako izbeci i ukloniti toolbar-ove" , procitaj i isprati korake u njoj. Link do teme je: http://www.mycity.rs/Zastita/Kako-izbeci-i-ukloniti-toolbar-ove.html TwinHeadedEagle (AMF Tim)

Profil

juve7 Poslao: 30 Jun 2013 15:44 Idi na vrh
offline juve7 Građanin Pridružio: 25 Dec 2005 Poruke: 66	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ok hvala probacu u windows podforumu

Profil

MyCity » Ambulanta -> Arhiva Ambulante » svhost.exe

Ko je trenutno na forumu

Ukupno su 1274 korisnika na forumu :: 64 registrovanih, 7 sakrivenih i 1203 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, A.R.Chafee.Jr., airsuba, Apok, babaroga, Bojan85, bojcistv, Boris90, BSD, bufanje, cemix, CheefCoach, comi_pfc, CrazyDiablo, Dimitrise93, djboj, DonRumataEstorski, DPera, dule10savic, elenemste, GandorCC, Georgius, GORDI, gorican, goxin, ikan, Još malo pa deda, Klecaviks, Kubovac, kybonacci, milenko crazy north, mkukoleca, moldway, mrvica78, muaddib, nenad81, NoOneEver Dreams, novator, nuke92, opt1, ozzy, Parker, repac, rovac, scimitar19, shaja1, Smiljke, Srky Boy, Srle993, stalja, StepskiVuk, Tvrtko I, vasa.93, virked, VJ, Vlad000, vlad4, vladaa012, wizzardone, yrraf, YugoSlav, zillbg, |_MeD_|, 125

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by