|
25.08.2007., 18:14 | #91 |
---
Datum registracije: May 2007
Lokacija: -
Postovi: 527
|
|
25.08.2007., 18:35 | #92 |
N00B
Datum registracije: Oct 2006
Lokacija: Split
Postovi: 3,886
|
Stormbreaker to je vec napisano na pocetku ove teme pogledaj prvu stranicu drugi post od Coste... |
|
|
Oglas
|
|
29.08.2007., 17:53 | #94 |
Premium
Datum registracije: Jan 2005
Lokacija: -
Postovi: 1,679
|
HijackThis - How To
Logfile of HijackThis v1.99.1 Scan saved at 17:54:18, on 29.8.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Security Tools\iesmn.exe C:\Program Files\Security Tools\imsmain.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe D:\Eset\nod32kui.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Security Tools\imsmn.exe C:\Program Files\VirusProtectPro 3.7\VirusProtectPro 3.7.exe C:\Program Files\Security Tools\iesmin.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe d:\Eset\nod32krn.exe C:\Program Files\ORL\VNC\WinVNC.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\tHe OnO\Desktop\HijackThis.exe O2 - BHO: (no name) - {5DDE5591-A8AB-4897-93EF-1E4E943F85A7} - C:\Program Files\Security Tools\iesplg.dll O2 - BHO: Editor plugin - {9AEE9C0D-FD38-45fc-B09A-BA9B6B614780} - barka.dll (file missing) O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - C:\WINDOWS\system32\__c00990E9.dat O3 - Toolbar: Protection Bar - {CC18AE76-7E65-4258-A193-9EA0C52DA6B8} - C:\Program Files\Security Tools\iesbpl.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [WinDVR SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe" O4 - HKLM\..\Run: [RAM Idle] C:\Program Files\Customizer XP\RAM_2K.exe O4 - HKLM\..\Run: [nod32kui] d:\Eset\nod32kui.exe /WAITSERVICE O4 - HKLM\..\Run: [VirusProtectPro 3.7] "C:\Program Files\VirusProtectPro 3.7\VirusProtectPro 3.7.exe" /h O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O20 - AppInit_DLLs: C:\WINDOWS\system32\__c005D552.dat O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\vhosts.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - d:\Eset\nod32krn.exe O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\ORL\VNC\WinVNC.exe" -service (file missing) Kaj izbrisati?? |
29.08.2007., 18:00 | #95 |
Soul Eater
Datum registracije: Jan 2007
Lokacija: Isolated
Postovi: 538
|
taj virusprotectpro ti je virus....briši : O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\ORL\VNC\WinVNC.exe" -service (file missing) O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\vhosts.exe i sve sa tim virusprotectpro... edit : a i ovo mi je sumnjivo : O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - C:\WINDOWS\system32\__c00990E9.dat |
29.08.2007., 18:20 | #96 |
Premium
Datum registracije: Jan 2005
Lokacija: -
Postovi: 1,679
|
Izbrisao sam ovo navedeno, ali nije to to...ovak dolje ikona me muči u trayu, evo slike kod otvaranja browsera... http://www.imagesforme.com/images/3779bezimena.JPG isprika moderatorima kaj nisam stavil u "Hijackthis - how to" |
29.08.2007., 19:24 | #97 |
Premium
Datum registracije: Jan 2005
Lokacija: -
Postovi: 1,679
|
pošto je to komp kod starog u školi i služi profesorima za surfanje, problem sam riješio pomoću system restora, još jedanput ispirka kaj nisam postao u određeni topic... |
30.08.2007., 17:44 | #98 |
Registered User
Datum registracije: Dec 2006
Lokacija: njemacka
Postovi: 24
|
global hook i ostale kuke
ljudi,ovako...problemcic kod mene je u tome sto mi se dosta cesto,nadasve je to islo preko IE7 al ni preko foxa nije puno rijedje...da mi se recimo explorer hoce konektirati preko na net,pa ak imam upaljen msn..hoce preko njega, il preko IE7 kojeg sam maknuo pa stavio foxa, pa hoce preko foxa, pa preko antivra...sva moguca cudesa koristi da se spoji na net, ja ga redovito comodom blokiram, al onda nemam koncekcije na net, pa moram srusit firefiox pa ga ponovo dignut da bih dobio vezu i tako stalno....kak da to iskljucim? jos da su mi windiwsi na engleskom, nekako bih i znao...valjda..al na njemackom...nemam blage veze sa vezom...ne kontam njemacki.. ne znam sta vam od sveg ovog trebam postat: R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file) O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Programme\Windows Desktop Search\dsWebAllow.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,Enable O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [THotkey] C:\Programme\Toshiba\Toshiba Applet\thotkey.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [Tvs] C:\Programme\TOSHIBA\Tvs\TvsTray.exe O4 - HKLM\..\Run: [SmoothView] C:\Programme\TOSHIBA\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe" O4 - HKLM\..\Run: [IntelWireless] "C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [emMON] emMON.exe O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Programme\Comodo\Firewall\CPF.exe" /background O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SpywareTerminator] "C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\QuickTime\qttask.exe" -atboottime O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TOSCDSPD] C:\Programme\TOSHIBA\TOSCDSPD\toscdspd.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: EMmon.lnk = ? O4 - Global Startup: Remote Control.lnk = C:\Programme\KWorld Multimedia\PVR-TV 300U Utilities\EMRCtl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{2C40D273-235F-4A81-93C7-4F01FAF679D1}: NameServer = 62.104.191.241 62.104.196.134 O22 - SharedTaskScheduler: arachnodacty - {80ced3d6-ece9-48ba-8df8-2503d8d87c2b} - (no file) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Programme\Comodo\Firewall\cmdagent.exe O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Programme\McAfee\Common Framework\FrameworkService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programme\Spyware Terminator\sp_rsser.exe O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Programme\Toshiba\TOSHIBA Applet\TAPPSRV.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe |
30.08.2007., 17:55 | #99 |
N00B
Datum registracije: Oct 2006
Lokacija: Split
Postovi: 3,886
|
Evo ovo možeš maknit O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file) O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file) O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [emMON] emMON.exe O22 - SharedTaskScheduler: arachnodacty - {80ced3d6-ece9-48ba-8df8-2503d8d87c2b} - (no file) |
30.08.2007., 18:16 | #100 |
Registered User
Datum registracije: Dec 2006
Lokacija: njemacka
Postovi: 24
|
maknuto, al tuneup sa tuneup 1 clicn maintenance sam maknuo,korigirao kaj znam, dosta problema----no, kako da se rijesim tih problema....sto mi se hoce spajat na net preko globalne kuke...explorer, folder lock, babilon sam imao pa sam ga maknuo, sa njim je sve pocelo, mislim on mi je prvi poceo koristit globalnu kuku da se spaja na net, ak blokiram, ode veza, pa moram ponovo...imal nacina da se to makne nekako...da ne moram stalnu rusiti firefox |
|
|
Oglas
|
|
31.08.2007., 08:00 | #101 |
Registered User
Datum registracije: Aug 2007
Lokacija: Zagreb
Postovi: 24
|
Molio bih da mi netko kaze kaj da maknem....HVALA Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 7:58:20, on 31.8.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\Program Files\Eset\nod32kui.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\WINDOWS\explorer.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Alcohol Toolbar Helper - {0ACF00E0-C1E4-4F6B-B290-10AC7505C47A} - C:\Program Files\Alcohol Toolbar\v3.0.0.0\AudioGizmo_Toolbar.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O3 - Toolbar: Alcohol Toolbar - {DC59A0D4-0ED6-4A73-B356-1B977F2A7725} - C:\Program Files\Alcohol Toolbar\v3.0.0.0\AudioGizmo_Toolbar.dll O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O22 - SharedTaskScheduler: andr - {3162ba5b-4f2d-40c5-8fb6-36c6a0d639e6} - C:\WINDOWS\system32\duznhje.dll (file missing) O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 4639 bytes |
31.08.2007., 11:16 | #102 |
---
Datum registracije: May 2007
Lokacija: -
Postovi: 527
|
mislim da ne trebaš ništa makniti....osim jedino ovoga: O22 - SharedTaskScheduler: andr - {3162ba5b-4f2d-40c5-8fb6-36c6a0d639e6} - C:\WINDOWS\system32\duznhje.dll (file missing) ali bolje da ništa ne diraš jer ti to nije prijetnja kažem, nemoj ništa micati dok još netko ne pregleda |
31.08.2007., 12:13 | #103 |
EMP moderator
Datum registracije: Apr 2005
Lokacija: Osijek
Postovi: 18,395
|
__________________ "Kako su krojači novog svjetskog poretka uspjeli u tako kratko vrijeme slomiti intelektualne sposobnosti društva, uništiti kritičku svijest i ljudima nametnuti izvrnutu logiku?"
|
08.09.2007., 19:23 | #105 |
Premium
Datum registracije: Dec 2005
Lokacija: Zagreb
Postovi: 141
|
poludit cu sisterki dao kom i našla rouge antyspywere i nemogu ga maknut Logfile of HijackThis v1.99.1 Scan saved at 19:20:10, on 8.9.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\WINDOWS\system32\wuauclt.exe H:\Documents and Settings\Segal\My Documents\HijackThis.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O2 - BHO: MSVPS System - {88418AA3-16F5-4FC2-A9D8-90B1266DF841} - C:\WINDOWS\nsduo.dll O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{51848130-9430-43FC-AA25-F50EFD4C5152}: NameServer = 208.67.220.220 208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\..\{5A918F98-BEBA-4150-8B5E-0DA65D0440EE}: NameServer = 208.67.220.220 208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\..\{653CA7F9-6460-4D1C-9C5A-0E6ACF9693F9}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\..\{8AC7542C-9AFD-417B-B19D-C3F3FBF5ED2B}: NameServer = 208.67.220.220,208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\..\{EEFD692C-E9A3-44D0-BEE3-266B1C752E17}: NameServer = 85.94.64.11 85.94.64.10 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 207.68.160.190 194.25.2.129 208.67.222.222 207.68.160.190 194.25.2.129 208.67.222.222 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 207.68.160.190 194.25.2.129 208.67.222.222 207.68.160.190 194.25.2.129 208.67.222.222 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 207.68.160.190 194.25.2.129 208.67.222.222 207.68.160.190 194.25.2.129 208.67.222.222 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: st3 - C:\WINDOWS\system32\st3.dll O21 - SSODL: flammei - {9d635a36-6b3c-4146-8625-f3aaf507bbf8} - (no file) O21 - SSODL: msmhost - {F39759B3-D9EF-4CEF-9953-472C38E52777} - C:\WINDOWS\msmhost.dll O21 - SSODL: msmdev - {656721E8-5CC6-4A4D-8707-F60825A4CB92} - C:\WINDOWS\msmdev.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
__________________
A64 3000+@2,5Ghz // Epox 9NPA+ // 512 MB Geil // XFX 6600 // Bara 120gb + WD 40gb // Chieftek 360W |
08.09.2007., 19:31 | #106 |
---
Datum registracije: May 2007
Lokacija: -
Postovi: 527
|
evo, ovako, briši ovo: O2 - BHO: MSVPS System - {88418AA3-16F5-4FC2-A9D8-90B1266DF841} - C:\WINDOWS\nsduo.dll O20 - Winlogon Notify: st3 - C:\WINDOWS\system32\st3.dll O21 - SSODL: flammei - {9d635a36-6b3c-4146-8625-f3aaf507bbf8} - (no file) e, sada...ne znam što je ovo tj. neznam treba li se to brisat: O17 - HKLM\System\CCS\Services\Tcpip\..\{EEFD692C-E9A3-44D0-BEE3-266B1C752E17}: NameServer = 85.94.64.11 85.94.64.10 O21 - SSODL: msmhost - {F39759B3-D9EF-4CEF-9953-472C38E52777} - C:\WINDOWS\msmhost.dll O21 - SSODL: msmdev - {656721E8-5CC6-4A4D-8707-F60825A4CB92} - C:\WINDOWS\msmdev.dll neka netko provjeri ove za koje ne znam što su |
09.09.2007., 05:05 | #107 |
Od nonine sestre kunjado
Datum registracije: Dec 2006
Lokacija: (Vinjro)
Postovi: 1,130
|
017 pusti ,, a 021 možeš brisat oba dva,,to su BadGuy-si : Postoji "alatka" koja se pokazala dobra za ROUGE infekcije. Rouge remover Pazi : taj FIX vrijedi samo za tu vrstu infekcije Evo uputa : Please put RogueRemover in it's own folder, (I create a new folder in C:\ named RogueRemover). You can do a Right Click on any open area on the desktop, New> Folder, then rename the folder RogueRemover. Go to where your RogueRemover.zip is and Right Click on RogueRemover.zip, select Cut, then open the new folder you just created (RogueRemove) Right Click in the folder and select paste. Double click on the file named RogueRemover.zip and unzip it to C:\RogueRemover Double click on the file named RogueRemover.exe and select Scan. The program will walk you through the remaining steps. |