MyCity » Ambulanta -> Arhiva Ambulante » Imam neku muku

Imam neku muku

Napisano na dan: 15.3.2007

Imam neku muku
Sledeća strana Pagination

Idi na vrh

Poslao: 15 Mar 2007 20:35
Idi na vrh
offline
  • sgoran 
  • Novi MyCity građanin
  • Pridružio: 15 Mar 2007
  • Poruke: 1

Pozdrav svima.

Nesto mi usporava internet vezu. Neki put se desi da racunar prvih par minuta pri uspostavljanju veze ne reaguje ni na tastaturu ni na misa. Kada citam e-mail veza se prekida "sama od sebe". Povremeno se (kada nisam na internetu) iz cista mira otvori prozor za konekciju i pocne da bira telefonski broj provajdera.
Evo sta je Hijack pronasao na mom racunaru. Posto ne znam sta je sve od procesa stvarno bitno a sta ne da li bi neko mogao da mi pomogne?

Unapred hvala.
Goran

-------

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 20:32:01, on 15.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\PROGRA~1\MICROS~4\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Media Key\MagicKey.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\Media Key\OSD.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
D:\_bitno\programi\hijack\HiJackThis_v2.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Corel Graphics Suite 1117] C:\Program Files\Corel\Corel Graphics 11\Register\registration.exe /title="Corel Graphics Suite 11" /date=032907 serial=DR11CRD-0012082-DGW
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~4\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Media Key.lnk = C:\Program Files\Media Key\MagicKey.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{41F7E96E-104B-4504-954E-8542749BFD86}: NameServer = 212.124.160.1 212.124.160.2
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

--
End of file - 4300 bytes



Poslao: 15 Mar 2007 22:27
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Nista neobicno se ne vidi u logu.
Mozemo probati ewido micro, za slucaj da je nesto sto se ne pojavljuje u HJT logovima.
Skini Ewido micro (150kb + 8Mb pri prvom ukljucivanju) :
[Link mogu videti samo ulogovani korisnici]

Kako se radi sa Ewido micro:
- na prvom ekranu odaberi sve particije (štikliraj polja ispred njih)
- klikni na dugme Start Scan
- nakon završenog skeniranja klikni na Save Report i snimi log fajl na sigurno mesto
- klikni na Remove Infections
- iskopiraj nam ovde sadržaj log fajla koji je malopre snimljen

Nakon skeniranja sa Ewidom i postavljanja log fajla, postavi nam i svez log programa HijackThis.



MyCity » Ambulanta -> Arhiva Ambulante » Imam neku muku

Ko je trenutno na forumu
 

Ukupno su 1868 korisnika na forumu :: 118 registrovanih, 13 sakrivenih i 1737 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 5623 - dana 13 Dec 2025 19:56

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: AC-DC, Adaminho1985, AleksandarFKS, aleksmajstor, amaterSRB, Beardonitch, Betta, Bivan, black venom, Bobrock1, Bole72, Borkanović, boromir, BORUTUS, borya90, brufen, brundo65, BSD, Cicumile, cole77, comi_pfc, crnitrn, croato, Cvijo_ue, dac445, DavidA, Deki Duga Devetka, Demi87, DIJALOG, djile1, doloress, dragan_mig31, draganl, DrMrPr, dusan.l, Dzigy, Electron, ElvisP, eulereix, gaga23, gasha, Giskard, Goldman, GORDI, goxin, HrcAk47, IQ116, Ivoo, jeen yuhs, Jester, Jozo74, kondenzator, koom0001, kovacicbozo, Kubovac, Lance Guest, Leonov, leopard83, lord sir giga, luka35, M74AB3, Macalone, Magistar78, Malahit, Manjane, mat, mercedesamg, MGBRBG, Miki01, MiljanXD, Milovan Dinic, MiroslavD, mrvica78, Nasegorelist, Naturelo, Ne doznajem se u oružje, oddsock, opt1, Osmatrač, Otto Grunf, pein, prle122, probisic, randja26, Ray1973, redstar72, royst33, sales, Samo gledam, sap, Savantije, septembar, Sevetar, ShtagodShtagod, SOVO515, Srpska zauvjek, Stanlio, tajvankanasta, tamno.nebo, Tandrčak, tanzanija, tooooom, V-98, vaci, vaso1, Velibor Radoja, Velizar, Velizar Laro, VJ, Vlad000, VladaKG1980, Vlado82, vranjanac29, zastavnik, zombicar153, zoran77, zubri, šumar bk2