MyCity » Ambulanta -> Arhiva Ambulante » Pomoć oko brzine interneta

Pomoć oko brzine interneta

Napisano na dan: 26.1.2008

Strana:
1
2

Pomoć oko brzine interneta

Sledeća strana

Pagination

Odgovori

Strana:
1
2

Brok Poslao: 26 Jan 2008 08:32 Idi na vrh
offline Brok Moderator foruma Mihajlo Bogdanović Linux driver - fighter - warrior Pridružio: 04 Maj 2005 Poruke: 3259	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kao što možete videti iz naslova poslednjih dana mi je strašno usporila interen konekcija (kabal 256/128 kB/s), i nije problem u provajderu kao što to zna biti, sada je brzina oko 4 kB/s. Inače moju sumnju da je sistem zaražen je probudila ta činjenica što mi je najednom dosta usporio rad, pa sam onda preskenirao sve u programu Spybot - Search & Destroy gde mi je dao čak 55 grešaka od kojih je popravio sam 49 a 5 nije uspeo da ukloni ni posle restarta sistema i ponovnog pokretanja Spybota. Imam još jedan problem, idem po uputstvima da bih postavio log ali kada kliknem u HijackThisu na "Do a system scan and save a logfile" neotvori mi se Notepad, tako da nemogu kopirati njegov sadržaj i postaviti ga ovde.

Profil

dr_Bora Poslao: 26 Jan 2008 10:06 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Skini ComboFix sa jedne od sledecih adresa na Desktop: http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

Brok Poslao: 26 Jan 2008 12:15 Idi na vrh
offline Brok Moderator foruma Mihajlo Bogdanović Linux driver - fighter - warrior Pridružio: 04 Maj 2005 Poruke: 3259	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ipak sam nekako uspeo da postavim log od HijackThisa, valja nije problem. Logfile of HijackThis v1.99.1 Scan saved at 12:02, on 2008-01-26 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\WINDOWS\SYSTEM32\SRPSKEY.EXE C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\ClocX\ClocX.exe C:\Program Files\IObit\Advanced WindowsCare V2\MemCleaner.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Raxco\PerfectDisk\PDAgent.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Documents and Settings\Administrator\Desktop\Nova fascikla\TR3.exe.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll R3 - URLSearchHook: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files\Torrent-Search\tbTor1.dll R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: IE7Pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IE7Pro\IE7Pro.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files\Torrent-Search\tbTor1.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll O3 - Toolbar: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Program Files\Torrent-Search\tbTor1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKLM\..\Run: [srpskey] C:\WINDOWS\SYSTEM32\SRPSKEY.EXE O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe O4 - HKLM\..\Run: [SmartRAM] C:\Program Files\IObit\Advanced WindowsCare V2\MemCleaner.exe /m O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll O11 - Options group: [INTERNATIONAL] International O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing) O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

Profil

dr_Bora Poslao: 26 Jan 2008 12:35 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Isprati uputstvo za ComboFix (HT log je čist). Napiši i šta to SpyBot ne može da odradi - nazivi file-ova, lokacije...

Profil

Brok Poslao: 26 Jan 2008 15:37 Idi na vrh
offline Brok Moderator foruma Mihajlo Bogdanović Linux driver - fighter - warrior Pridružio: 04 Maj 2005 Poruke: 3259	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Inače tokom skeniranja sa ComboFix-om dva puta se oglašavao AV. Evo ComboFix loga: ComboFix 08-01-23.1C - Administrator 2008-01-26 15:04:30.3 - NTFSx86 Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Previous Run ------- . C:\Documents and Settings\Administrator\Application Data\inst.exe . ((((((((((((((((((((((((( Files Created from 2007-12-26 to 2008-01-26 ))))))))))))))))))))))))))))))) . 2008-01-26 12:17 . 2008-01-26 12:18 <DIR> d-------- C:\WINDOWS\system32\ana ivanovic dir 2008-01-26 12:17 . 2008-01-26 12:17 512,000 --a------ C:\WINDOWS\system32\ana ivanovic.scr 2008-01-26 10:55 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe 2008-01-25 06:35 . 2008-01-25 06:35 <DIR> d-------- C:\WINDOWS\Sun 2008-01-25 06:22 . 2008-01-25 09:44 <DIR> d-------- C:\Program Files\Visual Web Spider 2008-01-23 21:07 . 2008-01-26 14:46 377 --a------ C:\WINDOWS\wininit.ini 2008-01-20 13:12 . 2008-01-20 13:12 <DIR> d-------- C:\Enter 2008-01-17 18:06 . 2008-01-17 18:06 <DIR> d-------- C:\Program Files\Jocsoft 2008-01-13 20:25 . 2001-08-17 13:48 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2008-01-13 20:25 . 2001-08-17 13:48 12,160 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys 2008-01-12 08:06 . 2004-08-03 23:10 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys 2008-01-12 08:06 . 2004-08-03 23:10 85,376 --a--c--- C:\WINDOWS\system32\dllcache\nabtsfec.sys 2008-01-12 08:06 . 2004-08-03 23:10 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys 2008-01-12 08:06 . 2004-08-03 23:10 17,024 --a--c--- C:\WINDOWS\system32\dllcache\ccdecode.sys 2008-01-12 08:05 . 2005-07-29 22:55 90,624 --a------ C:\WINDOWS\system32\kswdmcap.ax 2008-01-12 08:05 . 2005-07-29 22:55 90,624 --a--c--- C:\WINDOWS\system32\dllcache\kswdmcap.ax 2008-01-12 08:05 . 2004-08-04 00:56 61,952 --a------ C:\WINDOWS\system32\kstvtune.ax 2008-01-12 08:05 . 2004-08-04 00:56 61,952 --a--c--- C:\WINDOWS\system32\dllcache\kstvtune.ax 2008-01-12 08:05 . 2004-08-04 00:56 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll 2008-01-12 08:05 . 2004-08-04 00:56 53,760 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll 2008-01-12 08:05 . 2004-08-04 00:56 43,008 --a------ C:\WINDOWS\system32\ksxbar.ax 2008-01-12 08:05 . 2004-08-04 00:56 43,008 --a--c--- C:\WINDOWS\system32\dllcache\ksxbar.ax 2008-01-12 08:05 . 2004-08-04 00:56 28,672 --a------ C:\WINDOWS\system32\vidcap.ax 2008-01-12 08:05 . 2004-08-04 00:56 28,672 --a--c--- C:\WINDOWS\system32\dllcache\vidcap.ax 2008-01-12 07:53 . 2008-01-12 08:20 <DIR> d-------- C:\WINDOWS\PAC207 2008-01-12 07:53 . 2008-01-12 07:53 <DIR> d-------- C:\Program Files\PC Camera 2008-01-12 07:53 . 2008-01-12 07:53 <DIR> d-------- C:\Program Files\Common Files\PCCamera 2008-01-11 19:48 . 2008-01-11 19:48 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared 2008-01-07 16:56 . 2008-01-07 16:56 <DIR> d-------- C:\Program Files\Common Files\HP 2008-01-07 16:55 . 2008-01-07 16:56 <DIR> d-------- C:\Program Files\Hewlett-Packard 2008-01-07 16:54 . 2008-01-07 16:54 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard 2008-01-07 16:49 . 2008-01-07 16:56 <DIR> d-------- C:\Program Files\HP 2008-01-07 16:47 . 2008-01-07 16:57 116,998 --a------ C:\WINDOWS\hpoins11.dat . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-26 14:11 47,683,360 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat 2008-01-26 14:10 1,602,848 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat 2008-01-26 10:41 643,760 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2008-01-26 10:41 154,088 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx 2008-01-25 06:41 --------- d-----w C:\Program Files\IObit 2008-01-23 23:05 --------- d-----w C:\Program Files\ICQToolbar 2008-01-17 20:19 --------- d-----w C:\Program Files\TubeSucker 2008-01-17 18:53 --------- d-----w C:\Program Files\FreeGamePick.com 2008-01-17 18:20 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-01-15 10:31 --------- d-----w C:\Program Files\Google 2008-01-11 19:02 --------- d-----w C:\Program Files\Common Files\Adobe 2008-01-06 02:33 --------- d-----w C:\Program Files\Opera 9 2008-01-01 05:05 --------- d-----w C:\Program Files\Banner Maker Pro 6 2007-12-26 06:58 --------- d-----w C:\Program Files\XVideoConverter 2007-12-26 06:17 --------- d-----w C:\Program Files\Advanced System Optimizer 2007-12-20 18:33 91,492 ----a-w C:\WINDOWS\system32\drivers\klin.dat 2007-12-19 00:11 --------- d-----w C:\Program Files\Opera 2007-12-18 22:35 --------- d-----w C:\Program Files\VeryPDF PDF2Word v3.0 2007-12-18 22:32 --------- d-----w C:\Program Files\ElcomSoft 2007-12-16 05:22 --------- d-----w C:\Program Files\Common Files\Raxco 2007-12-14 15:22 --------- d-----w C:\Program Files\Your Uninstaller 2008 2007-12-13 22:10 --------- d-----w C:\Program Files\Common Files\InstallShield 2007-12-13 22:06 98,304 ----a-w C:\WINDOWS\system32CmdLineExt.dll 2007-12-12 19:42 85,860 ----a-w C:\WINDOWS\system32\drivers\klick.dat 2007-12-10 07:00 --------- d-----w C:\Program Files\Oddin Software 2007-12-09 02:20 --------- d-----w C:\Program Files\Yahoo! 2007-12-08 23:21 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll 2007-12-08 19:16 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys 2007-12-04 15:06 --------- d-----w C:\Program Files\TC PowerPack 2007-12-02 10:56 --------- d-----w C:\Program Files\MegauploadToolbar 2007-11-26 21:21 --------- d-----w C:\Program Files\Windows Media Connect 2 2007-11-26 09:52 --------- d-----w C:\Program Files\JLC's Software 2007-11-06 07:37 227,592 ----a-w C:\WINDOWS\system32\PDBoot.exe 2007-11-04 10:56 7,851 ----a-w C:\WINDOWS\system32\winupsvc.exe 2007-11-04 10:56 7,851 ----a-w C:\WINDOWS\system32\winsvcup.exe 2007-11-04 10:56 7,851 ----a-w C:\WINDOWS\system32\mswinup.exe 2007-10-10 23:28 2,568 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 25088] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:21 1825792] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "SpybotDeletingB8123"="command /c del C:\WINDOWS\SchedLgU.Txt_tobedeleted" [ ] "SpybotDeletingD8495"="cmd /c del C:\WINDOWS\SchedLgU.Txt_tobedeleted" [ ] "SpybotDeletingB8904"="command /c del C:\WINDOWS\SchedLgU.Txt_tobedeleted" [ ] "SpybotDeletingD194"="cmd /c del C:\WINDOWS\SchedLgU.Txt_tobedeleted" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [2007-01-29 22:02 200768] "srpskey"="C:\WINDOWS\SYSTEM32\SRPSKEY.EXE" [2007-05-04 13:24 35840] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 15:30 81920] "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 15:30 249856] "ClocX"="C:\Program Files\ClocX\ClocX.exe" [2004-01-21 15:42 103936] "SmartRAM"="C:\Program Files\IObit\Advanced WindowsCare V2\MemCleaner.exe" [2007-10-29 16:43 662016] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "SpybotDeletingA9381"="command /c del C:\WINDOWS\SchedLgU.Txt_tobedeleted" [ ] "SpybotDeletingC7416"="cmd /c del C:\WINDOWS\SchedLgU.Txt_tobedeleted" [ ] "SpybotDeletingA8858"="command /c del C:\WINDOWS\SchedLgU.Txt_tobedeleted" [ ] "SpybotDeletingC1454"="cmd /c del C:\WINDOWS\SchedLgU.Txt_tobedeleted" [ ] "SpybotSnD"="C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" [2005-05-31 00:04 4393096] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:56 25088] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveSearch"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "UIHost"="LogonUI.EXE" R3 IntelS51;Intel(R) 536EP Modem;C:\WINDOWS\system32\DRIVERS\IntelS51.sys [2004-12-23 09:52] S3 EverestDriver;Lavalys EVEREST Kernel Driver;C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.172\kerneld.wnt [] . Contents of the 'Scheduled Tasks' folder "2008-01-26 03:15:00 C:\WINDOWS\Tasks\Advanced WindowsCare V2 Personal.job" - C:\PROGRA~1\IObit\ADVANC~1\Awcl.exe "2008-01-25 06:45:19 C:\WINDOWS\Tasks\SmartDefrag.job" - C:\Program Files\IObit\IObit SmartDefrag\schedule.exe "2008-01-26 10:32:27 C:\WINDOWS\Tasks\User_Feed_Synchronization-{61EDF5FA-C82B-4023-8C2B-44D92736E24F}.job" - C:\WINDOWS\system32\msfeedssync.exe . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-26 15:11:02 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-01-26 15:13:51 ComboFix-quarantined-files.txt 2008-01-26 14:13:41 Evo na kraju najbolje uslikano stanje iz Spybota: Dopuna: 26 Jan 2008 15:37 Mislim da se AV zbog ovoga oglasio (to su zadnja dva): detected: riskware Trojan.generic Running process: E:\Instalacioni programi za podizanje O.S.-a\Srpskey.exe i detected: riskware Invader Running process: C:\WINDOWS\system32\srpskey.exe Koliko vidim ovde se AV javio zbog malog programčeta Srpskey (40-tak KB) kog koeistim sigurno već sve godine i misim da on nepravi probleme, inače i prilikom instalace programa AV se javljao, programčić služi za lakše unošenje slova kao što su Š Ž Č Ć i Đ.

Profil

dr_Bora Poslao: 26 Jan 2008 16:00 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Za početak restartuj kompjuter, a zatim... Isključi AV pre sledećeg koraka. Otvoriti Notepad i iskopirati sledeci tekst: `File:: C:\WINDOWS\system32\winupsvc.exe C:\WINDOWS\system32\winsvcup.exe C:\WINDOWS\system32\mswinup.exe` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

Brok Poslao: 26 Jan 2008 16:35 Idi na vrh
offline Brok Moderator foruma Mihajlo Bogdanović Linux driver - fighter - warrior Pridružio: 04 Maj 2005 Poruke: 3259	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-01-23.1C - Administrator 2008-01-26 16:24:51.4 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.92 [GMT 1:00] Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe Command switches used :: C:\Documents and Settings\Administrator\Desktop\CFScript.txt * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE C:\WINDOWS\system32\mswinup.exe C:\WINDOWS\system32\winsvcup.exe C:\WINDOWS\system32\winupsvc.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Autorun.inf C:\WINDOWS\system32\mswinup.exe C:\WINDOWS\system32\winsvcup.exe C:\WINDOWS\system32\winupsvc.exe . ((((((((((((((((((((((((( Files Created from 2007-12-26 to 2008-01-26 ))))))))))))))))))))))))))))))) . 2008-01-26 12:17 . 2008-01-26 12:18 <DIR> d-------- C:\WINDOWS\system32\ana ivanovic dir 2008-01-26 12:17 . 2008-01-26 12:17 512,000 --a------ C:\WINDOWS\system32\ana ivanovic.scr 2008-01-26 10:55 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe 2008-01-25 06:35 . 2008-01-25 06:35 <DIR> d-------- C:\WINDOWS\Sun 2008-01-25 06:22 . 2008-01-25 09:44 <DIR> d-------- C:\Program Files\Visual Web Spider 2008-01-23 21:07 . 2008-01-26 14:46 377 --a------ C:\WINDOWS\wininit.ini 2008-01-20 13:12 . 2008-01-20 13:12 <DIR> d-------- C:\Enter 2008-01-17 18:06 . 2008-01-17 18:06 <DIR> d-------- C:\Program Files\Jocsoft 2008-01-13 20:25 . 2001-08-17 13:48 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2008-01-13 20:25 . 2001-08-17 13:48 12,160 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys 2008-01-12 08:06 . 2004-08-03 23:10 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys 2008-01-12 08:06 . 2004-08-03 23:10 85,376 --a--c--- C:\WINDOWS\system32\dllcache\nabtsfec.sys 2008-01-12 08:06 . 2004-08-03 23:10 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys 2008-01-12 08:06 . 2004-08-03 23:10 17,024 --a--c--- C:\WINDOWS\system32\dllcache\ccdecode.sys 2008-01-12 08:05 . 2005-07-29 22:55 90,624 --a------ C:\WINDOWS\system32\kswdmcap.ax 2008-01-12 08:05 . 2005-07-29 22:55 90,624 --a--c--- C:\WINDOWS\system32\dllcache\kswdmcap.ax 2008-01-12 08:05 . 2004-08-04 00:56 61,952 --a------ C:\WINDOWS\system32\kstvtune.ax 2008-01-12 08:05 . 2004-08-04 00:56 61,952 --a--c--- C:\WINDOWS\system32\dllcache\kstvtune.ax 2008-01-12 08:05 . 2004-08-04 00:56 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll 2008-01-12 08:05 . 2004-08-04 00:56 53,760 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll 2008-01-12 08:05 . 2004-08-04 00:56 43,008 --a------ C:\WINDOWS\system32\ksxbar.ax 2008-01-12 08:05 . 2004-08-04 00:56 43,008 --a--c--- C:\WINDOWS\system32\dllcache\ksxbar.ax 2008-01-12 08:05 . 2004-08-04 00:56 28,672 --a------ C:\WINDOWS\system32\vidcap.ax 2008-01-12 08:05 . 2004-08-04 00:56 28,672 --a--c--- C:\WINDOWS\system32\dllcache\vidcap.ax 2008-01-12 07:53 . 2008-01-12 08:20 <DIR> d-------- C:\WINDOWS\PAC207 2008-01-12 07:53 . 2008-01-12 07:53 <DIR> d-------- C:\Program Files\PC Camera 2008-01-12 07:53 . 2008-01-12 07:53 <DIR> d-------- C:\Program Files\Common Files\PCCamera 2008-01-11 19:48 . 2008-01-11 19:48 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared 2008-01-07 16:56 . 2008-01-07 16:56 <DIR> d-------- C:\Program Files\Common Files\HP 2008-01-07 16:55 . 2008-01-07 16:56 <DIR> d-------- C:\Program Files\Hewlett-Packard 2008-01-07 16:54 . 2008-01-07 16:54 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard 2008-01-07 16:49 . 2008-01-07 16:56 <DIR> d-------- C:\Program Files\HP 2008-01-07 16:47 . 2008-01-07 16:57 116,998 --a------ C:\WINDOWS\hpoins11.dat . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-01-26 15:28 47,815,968 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat 2008-01-26 15:28 1,605,920 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat 2008-01-26 15:12 645,944 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx 2008-01-26 15:12 154,544 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx 2008-01-25 06:41 --------- d-----w C:\Program Files\IObit 2008-01-23 23:05 --------- d-----w C:\Program Files\ICQToolbar 2008-01-17 20:19 --------- d-----w C:\Program Files\TubeSucker 2008-01-17 18:53 --------- d-----w C:\Program Files\FreeGamePick.com 2008-01-17 18:20 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-01-15 10:31 --------- d-----w C:\Program Files\Google 2008-01-11 19:02 --------- d-----w C:\Program Files\Common Files\Adobe 2008-01-06 02:33 --------- d-----w C:\Program Files\Opera 9 2008-01-01 05:05 --------- d-----w C:\Program Files\Banner Maker Pro 6 2007-12-26 06:58 --------- d-----w C:\Program Files\XVideoConverter 2007-12-26 06:17 --------- d-----w C:\Program Files\Advanced System Optimizer 2007-12-20 18:33 91,492 ----a-w C:\WINDOWS\system32\drivers\klin.dat 2007-12-19 00:11 --------- d-----w C:\Program Files\Opera 2007-12-18 22:35 --------- d-----w C:\Program Files\VeryPDF PDF2Word v3.0 2007-12-18 22:32 --------- d-----w C:\Program Files\ElcomSoft 2007-12-16 05:22 --------- d-----w C:\Program Files\Common Files\Raxco 2007-12-14 15:22 --------- d-----w C:\Program Files\Your Uninstaller 2008 2007-12-13 22:10 --------- d-----w C:\Program Files\Common Files\InstallShield 2007-12-13 22:06 98,304 ----a-w C:\WINDOWS\system32CmdLineExt.dll 2007-12-12 19:42 85,860 ----a-w C:\WINDOWS\system32\drivers\klick.dat 2007-12-10 07:00 --------- d-----w C:\Program Files\Oddin Software 2007-12-09 02:20 --------- d-----w C:\Program Files\Yahoo! 2007-12-08 23:21 218,624 ----a-w C:\WINDOWS\system32\uxtheme.dll 2007-12-08 19:16 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys 2007-12-04 15:06 --------- d-----w C:\Program Files\TC PowerPack 2007-12-02 10:56 --------- d-----w C:\Program Files\MegauploadToolbar 2007-11-26 21:21 --------- d-----w C:\Program Files\Windows Media Connect 2 2007-11-26 09:52 --------- d-----w C:\Program Files\JLC's Software 2007-11-06 07:37 227,592 ----a-w C:\WINDOWS\system32\PDBoot.exe 2007-10-10 23:28 2,568 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((( snapshot@2008-01-26_15.12.36.46 ))))))))))))))))))))))))))))))))))))))))) . - 2008-01-26 09:56:59 1,458,176 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT + 2008-01-26 15:24:39 1,458,176 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT - 2008-01-26 09:56:59 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat + 2008-01-26 15:24:39 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat - 2008-01-26 09:57:01 7,647,232 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT + 2008-01-26 15:24:39 7,647,232 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT + 2008-01-26 15:24:39 1,458,176 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\NTUSER.DAT + 2008-01-26 15:24:39 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\UsrClass.dat - 2008-01-26 09:57:02 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat + 2008-01-26 15:24:39 344,064 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 25088] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:21 1825792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [2007-01-29 22:02 200768] "srpskey"="C:\WINDOWS\SYSTEM32\SRPSKEY.EXE" [2007-05-04 13:24 35840] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 15:30 81920] "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 15:30 249856] "ClocX"="C:\Program Files\ClocX\ClocX.exe" [2004-01-21 15:42 103936] "SmartRAM"="C:\Program Files\IObit\Advanced WindowsCare V2\MemCleaner.exe" [2007-10-29 16:43 662016] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:56 25088] "Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveSearch"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "UIHost"="LogonUI.EXE" R3 IntelS51;Intel(R) 536EP Modem;C:\WINDOWS\system32\DRIVERS\IntelS51.sys [2004-12-23 09:52] S3 EverestDriver;Lavalys EVEREST Kernel Driver;C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX01.172\kerneld.wnt [] . Contents of the 'Scheduled Tasks' folder "2008-01-26 03:15:00 C:\WINDOWS\Tasks\Advanced WindowsCare V2 Personal.job" - C:\PROGRA~1\IObit\ADVANC~1\Awcl.exe "2008-01-25 06:45:19 C:\WINDOWS\Tasks\SmartDefrag.job" - C:\Program Files\IObit\IObit SmartDefrag\schedule.exe "2008-01-26 10:32:27 C:\WINDOWS\Tasks\User_Feed_Synchronization-{61EDF5FA-C82B-4023-8C2B-44D92736E24F}.job" - C:\WINDOWS\system32\msfeedssync.exe . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-01-26 16:28:37 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-01-26 16:30:24 ComboFix-quarantined-files.txt 2008-01-26 15:30:07 ComboFix2.txt 2008-01-26 14:13:53

Profil

dr_Bora Poslao: 26 Jan 2008 17:24 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Jesi li možda u međuvremenu spajao neki USB drive na PC? Odradi sledeće... Preuzmi program Flash_Disinfector. program se pokreće dvoklikom na Flash_Disinfector.exe kada se pojavi poruka sa obaveštenjem, potrebno je priključiti inficirane USB flash drive-ove (pri tome držati pritisnut taster Shift kako bi se izbegao autoplay) kliknuti na OK i sačekati da se proces završi kada se pojavi poruka Done !!, kliknuti na OK. Kakvo je trenutno stanje?

Profil

Brok Poslao: 26 Jan 2008 18:04 Idi na vrh
offline Brok Moderator foruma Mihajlo Bogdanović Linux driver - fighter - warrior Pridružio: 04 Maj 2005 Poruke: 3259	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Mislim da te baš nerazumem baš najbolje, koji inficirane USB flash drive treba da priključim. Jedino što sam spajao na USB je modem, ustvari nisam ga spajao i otpajao nego sam mu isključio (restartovao) pa uključio napajanje, jer nisam ima dobru net konekciju, nisam nikako mogao da upostujem log. Imam na USB sledeće stvari: štampač, modem, tastaturu, jedan USB razvodnik, kabal od foto aparata (koji je stalno nakačen) i jedanu USB memoriju 2 GB koju nisam koristio jedno 10-tak dana. Dopuna: 26 Jan 2008 18:04 I da zaboraovio sam, čini mi se da je sada bolje stanje.

Profil

dr_Bora Poslao: 26 Jan 2008 18:22 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl:

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Pomoć oko brzine interneta

Ko je trenutno na forumu

Ukupno su 1153 korisnika na forumu :: 55 registrovanih, 9 sakrivenih i 1089 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: avijacija, Bluper, Bobrock1, Bojadin Strumski, bojan_t, bojankrstc, brundo65, Bubimir, cvrle312, darios, DejanSt, djordje92sm, dok80, Dorcolac, DPera, Excalibur13, FOX, havoc995, HogarStrashni, Karla, Kibice, kraJo, Lucije Kvint, Marko Marković, MB120mm, Mediator, menges, mercedesamg, Miki01, mikrimaus, milenko crazy north, minmatar34957, Miškić, mkukoleca, moldway, nikoladim, ObelixSRB, oganj123, ozzy, pein, Povratak1912, proka89, RED4G-304, royst33, samsung, sol, srbijaiznadsvega, ss10, stegonosa, Tila Painen, Tragač, Tvrtko I, Yellow Pinky, zdrebac, 2001

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by