MyCity » Ambulanta -> Arhiva Ambulante » Problem!!!!

Problem!!!!

Napisano na dan: 8.10.2007
2

Problem!!!!
Pagination Prethodna strana

Idi na vrh

Poslao: 09 Okt 2007 19:07
Idi na vrh
offline
  • Pridružio: 29 Nov 2005
  • Poruke: 8

One poruke vise nema,isti fajl(msspa.exe) ne mogu da pronadjem!!!Puno Hvala!!!!!

Dopuna: 09 Okt 2007 19:07

Ocekujem dalja uputstva oko daljeg ciscenja,ako je potrebno!



Poslao: 09 Okt 2007 20:06
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Skeniraj ponovo HijackThisom i stikliraj polja ispred sledecih linija:
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing)
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O8 - Extra context menu item: &Search - [Link mogu videti samo ulogovani korisnici]
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll (file missing)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - [Link mogu videti samo ulogovani korisnici]
O16 - DPF: {33331111-1111-1111-1111-615111193427} -
O23 - Service: perfmons Service (perfmons) - Unknown owner - C:\WINDOWS\system32\perfs.exe (file missing)

Klikni na Fix Checked

E sada, interesuje me sta je C:\Program Files\Webshots\WEBSHOTS.SCR
Nemam info o tom programu, tako da bih te zamolio da mi uploadujes taj fajl. Koristi onu formu za upload malwarea:
[Link mogu videti samo ulogovani korisnici]

Restartuj komp, pa posle restarta napravi nov hijackThis log i postavi ga ovde, da vidimo da li je sve OK.



Poslao: 09 Okt 2007 21:32
Idi na vrh
offline
  • Pridružio: 29 Nov 2005
  • Poruke: 8

Fajl je poslat!!!!


Logfile of HijackThis v1.99.1
Scan saved at 21:29:50, on 9.10.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HHVcdV5Sys\VC5SecS.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Webshots\WEBSHOTS.SCR
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Srdjan S\Desktop\New Folder\TR3.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn0\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Webshots Toolbar - {C17590D2-ECB4-4b15-8820-F58798DCC118} - C:\Program Files\Webshots\WSToolbar4IE.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\Launcher.exe
O8 - Extra context menu item: &Webshots Photo Search - [Link mogu videti samo ulogovani korisnici]\Program Files\Webshots\WSToolbar4IE.dll/MENUSEARCH.HTM
O8 - Extra context menu item: &Windows Live Search - [Link mogu videti samo ulogovani korisnici]\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: &Yahoo! Search - [Link mogu videti samo ulogovani korisnici]\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - [Link mogu videti samo ulogovani korisnici]
O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Open in new background tab - [Link mogu videti samo ulogovani korisnici]\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?789049dd2ffb4055828d5b1e81e78d8
O8 - Extra context menu item: Open in new foreground tab - [Link mogu videti samo ulogovani korisnici]\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?789049dd2ffb4055828d5b1e81e78d8
O8 - Extra context menu item: Yahoo! &Dictionary - [Link mogu videti samo ulogovani korisnici]\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - [Link mogu videti samo ulogovani korisnici]\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - [Link mogu videti samo ulogovani korisnici]\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - [Link mogu videti samo ulogovani korisnici]
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - [Link mogu videti samo ulogovani korisnici]
O17 - HKLM\System\CCS\Services\Tcpip\..\{4D60681C-10FD-4856-B8FE-43B24E966785}: NameServer = 194.247.192.1,194.247.192.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C7D36E4-E9DF-424A-BB3A-7ADB5C2DB86D}: NameServer = 194.106.162.2
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: perfmons Service (perfmons) - Unknown owner - C:\WINDOWS\system32\perfs.exe (file missing)
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Virtual CD v5 Security service (VC5SecS) - H+H Software GmbH - C:\Program Files\HHVcdV5Sys\VC5SecS.exe

Poslao: 09 Okt 2007 21:57
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Fajl je legitiman. Rekao bih da je sve u redu. Kako se tebi cini?

Poslao: 09 Okt 2007 22:17
Idi na vrh
offline
  • Pridružio: 29 Nov 2005
  • Poruke: 8

Sada nema pojavljivanja onih ranijih gresaka i restartovanja racunara,takodje nema ni onih ranijih problema oko EI(about:blank)!!!!!!Sada je cini se "cist ko suza"!!!!!Hvala Puno!!!!!!

MyCity » Ambulanta -> Arhiva Ambulante » Problem!!!!

Ko je trenutno na forumu
 

Ukupno su 1305 korisnika na forumu :: 158 registrovanih, 11 sakrivenih i 1136 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 100ka, 357magnum, 4thFlavian, ajo baba, Alooo, amadeus, AndrejPetar, Aristotle2002, Arsenije, Asteker, Avalon015, Azzo, babaroga, bagor10, bakovaca, bankulen, Ben Roj, bgs, bladesu, Bob.Rock, Bojan198527, bojank, bojankrstc, bokisha253, bolimejoli, Boris BM, Borski1977, Brana01, Brankojle, casual03, cemix, Cian, Cicumile, Crazzer, cvale, cvrle312, Dambi, darkkran, debeli, dejanbenkovic, Dimitrise93, Dioniss, Django777, Djokkinen, Djota1, Doca, Dolinc, doom83, Dorcolac, draganl, dragon_hv, drgrozozo, Drugsparrow, ds69, Duh sa sekirom, esko_hz, famoso, feanor, Feller, gagidjuric, glados, gobrad, Goksi95, goran.vvv, h8propaganda, HrcAk47, iceburn, ikan, Incognito, Iskander, ivan979, Jeremiah, Jezekijel, Jomini, JOntra, Kolimator, kolle.the.kid, Kriglord, Kubovac, kybonacci, Lelemood, ljubo70, LostInSpaceandTime, Mackomen, Manjane, Marko Marković, Marko03, marko308, matejman, mercedesamg, MGBRBG, Mi lao shu, milenko crazy north, milenko1980, MK10, N.e.m.a.nj.a., nebidrag, neko iz mase, nemkea71, nenooo, nisamBot, Orc, Paklenica, Panter, panzerwaffe, Pegggio, pfc74, pipanova, Plavi Jadran, Polifon, prikolica, Primus17, procesor, Rakenica, RAKITNICA, raptorsi, raso7, Romibrat, sale755, samo opusteno, sap, sasics, sasovsky, savaskytec, sekretar, Shadow soldier, shlauf, Sir Budimir, Sky diver 29, SOVO515, Sr.Stat., srle45, Srpska zauvjek, ss10, stalja, starlights, stegonosa, strelac07, synergia, tanakadzo, TBoy, The Boss, tomigun, varda, vargas, Velički, vidra1, Vrač, vukovi, Wrangler, zhuki8, zmajognjeniivan, zodiac94, zokizemun, Zorge, zziko, |_MeD_|, šumar bk2