MyCity » Ambulanta -> Arhiva Ambulante » provera kompa

provera kompa

Napisano na dan: 6.9.2008

provera kompa

Sledeća strana

Pagination

Odgovori

Slaven980 Poslao: 06 Sep 2008 21:49 Idi na vrh
offline Slaven980 Novi MyCity građanin Pridružio: 04 Sep 2008 Poruke: 27	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 9:45:18 PM, on 9/6/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Google\Google Talk\googletalk.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Opera\Opera.exe C:\Documents and Settings\element\Desktop\1234.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_05) - O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_05) - O17 - HKLM\System\CCS\Services\Tcpip\..\{D9EDD87B-B362-4ECE-B7B1-6868C4B9147C}: NameServer = 77.105.0.18,77.105.0.19 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe -- End of file - 5117 bytes Druga interesuje dal ima neki malware... zali se na sporiji rad racunara

Profil

bobby Poslao: 06 Sep 2008 22:02 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sto drug ne postavi sam temu?

Profil

Slaven980 Poslao: 06 Sep 2008 22:06 Idi na vrh
offline Slaven980 Novi MyCity građanin Pridružio: 04 Sep 2008 Poruke: 27	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! malo je pocetnik... a i ucinio mi nesto... mada po mom misljenju nema malware... ako ima napravicu mu nalog

Profil

bobby Poslao: 06 Sep 2008 22:11 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! U tom logu nema nikakvog vidljivog malwarea. Za svaki slucaj, daj jos i sledeci log: Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

Slaven980 Poslao: 06 Sep 2008 22:17 Idi na vrh
offline Slaven980 Novi MyCity građanin Pridružio: 04 Sep 2008 Poruke: 27	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-09-05.02 - element 2008-09-06 22:11:46.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1457 [GMT 2:00] Running from: C:\Documents and Settings\element\Desktop\4321.exe * Created a new restore point * Resident AV is active WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-08-06 to 2008-09-06 ))))))))))))))))))))))))))))))) . 2008-08-18 16:27 . 2008-08-18 16:27 <DIR> d-------- C:\WINDOWS\system32\LogFiles . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-09-06 20:11 --------- d-----w C:\Program Files\ESET 2008-09-06 20:00 --------- d-----w C:\Documents and Settings\element\Application Data\Skype 2008-09-06 14:01 --------- d-----w C:\Documents and Settings\element\Application Data\skypePM 2008-09-01 15:34 --------- d-----w C:\Program Files\vdownloader 2008-07-25 20:56 --------- d-----w C:\Program Files\Google 2008-06-12 22:44 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2008-04-17 15:12 284 ----a-w C:\Documents and Settings\element\Application Data\ViewerApp.dat 2004-10-25 03:33 56 -csh--r C:\WINDOWS\system32\C790D59C4A.sys 2008-04-26 20:09 8 --sh--r C:\WINDOWS\system32\fgxp8.dll 2004-10-25 03:33 1,682 -csha-w C:\WINDOWS\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15360] "Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-04-23 22058792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DiskeeperSystray"="C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2005-11-22 221184] "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-12-14 950664] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352] "googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.ACDV"= ACDV.dll "VIDC.YV12"= yv12vfw.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2008-01-11 23:16 39792 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD] --a------ 2007-07-12 11:03 380928 C:\Program Files\ASUS\GamerOSD\GamerOSD.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] --a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] --a------ 2004-11-02 21:24 32768 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC] --a------ 2006-11-10 13:35 90112 C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"= "C:\\Program Files\\Google\\Google Talk\\googletalk.exe"= "C:\\Program Files\\Skype\\Phone\\Skype.exe"= R3 asusgsb;ASUS Virtual Video Capture Device Driver;C:\WINDOWS\system32\drivers\asusgsb.sys [2007-07-12 12416] R3 PAC7311;VGA USB Camera;C:\WINDOWS\system32\DRIVERS\PA707UCM.SYS [2006-11-08 530304] R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D32.sys [2007-07-12 10752] S3 SetupNTGLM7X;SetupNTGLM7X;E:\NTGLM7X.sys [ ] Newly Created Service - PROCEXP90 . Contents of the 'Scheduled Tasks' folder . - - - - ORPHANS REMOVED - - - - HKLM-Run-RTHDCPL - RTHDCPL.EXE MSConfigStartUp-SkyTel - SkyTel.EXE . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\element\Application Data\Mozilla\Firefox\Profiles\bj8xgyhq.default\ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com/ . ************************************************************************ catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2008-09-06 22:12:52 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-09-06 22:13:26 ComboFix-quarantined-files.txt 2008-09-06 20:13:22 Pre-Run: 27,401,969,664 bytes free Post-Run: 27,385,335,808 bytes free 96 NOD32 se nesto bunio nisam vido sta.... evo log

Profil

bobby Poslao: 06 Sep 2008 22:21 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Cisto. NOD je najverovatnije obrisao to sto je nasao. Mozes deinstalirati ComboFix: Klikni START a zatim RUN U liniju za unos teksta ukucaj Combofix /u i klikni OK Sačekaj da se proces deinstalacije završi Gornja procedura će: Obrisati sledeće: ComboFix i njegove file-ove i foldere VundoFix Backups folder, ako postoji C:\Deckard folder, ako postoji C:\OtMoveIt folder, ako postoji Resetovati podešavanja sata na kompjuteru Sakriti ekstenzije file-ova, ako je potrebno Sakriti sistemske/skrivene file-ove/foldere, ako je potrebno Resetovati System Restore

Profil

Slaven980 Poslao: 06 Sep 2008 22:28 Idi na vrh
offline Slaven980 Novi MyCity građanin Pridružio: 04 Sep 2008 Poruke: 27	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! fala.... pretpostavio sam da je cist... moracu da vidim sto je usporio. PS kako da se prikljucim vasem kruzoku popravljaca windowsa, tj. skidanja malwarea... recimo da me interesuje

Profil

MyCity » Ambulanta -> Arhiva Ambulante » provera kompa

Ko je trenutno na forumu

Ukupno su 954 korisnika na forumu :: 20 registrovanih, 4 sakrivenih i 930 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., Bickoooo, bojan_t, CrazySerb_MLD, esx66, Frunze, GandorCC, Još malo pa deda, Kaplar2, kybonacci, Mi lao shu, milutin134, miodrag, Mlav, mocnijogurt, MrNo, raptorsi, royst33, vathra, ZetaMan

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by