Forumi


Povratak   PC Ekspert Forum > Računala > Problemi > Softverski problemi
Ime
Lozinka

Odgovori
 
Uređivanje
Staro 25.08.2007., 18:14   #91
Stormbreaker
Premium
Moj komp
 
Stormbreaker's Avatar
 
Datum registracije: May 2007
Lokacija: TrashBin
Postovi: 527
ovdje si možete provjeriti svoj log:

http://www.hijackthis.de/
__________________
What the heart gives away is never gone ...
It is kept in the hearts of others.
~ by Robin St. John
~
Stormbreaker je offline   Reply With Quote
Staro 25.08.2007., 18:35   #92
Joke
N00B
Moj komp
 
Joke's Avatar
 
Datum registracije: Oct 2006
Lokacija: Split
Postovi: 3,873
Stormbreaker to je vec napisano na pocetku ove teme pogledaj prvu stranicu drugi post od Coste...
Joke je offline   Reply With Quote
Oglasni prostor
Oglas
 
Oglas
Staro 25.08.2007., 23:29   #93
Stormbreaker
Premium
Moj komp
 
Stormbreaker's Avatar
 
Datum registracije: May 2007
Lokacija: TrashBin
Postovi: 527
Citiraj:
Autor Olymp Pregled postova
Stormbreaker to je vec napisano na pocetku ove teme pogledaj prvu stranicu drugi post od Coste...
aha, sorry, nisam vidio...
__________________
What the heart gives away is never gone ...
It is kept in the hearts of others.
~ by Robin St. John
~
Stormbreaker je offline   Reply With Quote
Staro 29.08.2007., 17:53   #94
Mr.Black
Premium
 
Mr.Black's Avatar
 
Datum registracije: Jan 2005
Lokacija: -
Postovi: 1,580
HijackThis - How To

Logfile of HijackThis v1.99.1
Scan saved at 17:54:18, on 29.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Security Tools\iesmn.exe
C:\Program Files\Security Tools\imsmain.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
D:\Eset\nod32kui.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Security Tools\imsmn.exe
C:\Program Files\VirusProtectPro 3.7\VirusProtectPro 3.7.exe
C:\Program Files\Security Tools\iesmin.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
d:\Eset\nod32krn.exe
C:\Program Files\ORL\VNC\WinVNC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\tHe OnO\Desktop\HijackThis.exe

O2 - BHO: (no name) - {5DDE5591-A8AB-4897-93EF-1E4E943F85A7} - C:\Program Files\Security Tools\iesplg.dll
O2 - BHO: Editor plugin - {9AEE9C0D-FD38-45fc-B09A-BA9B6B614780} - barka.dll (file missing)
O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - C:\WINDOWS\system32\__c00990E9.dat
O3 - Toolbar: Protection Bar - {CC18AE76-7E65-4258-A193-9EA0C52DA6B8} - C:\Program Files\Security Tools\iesbpl.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [WinDVR SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [RAM Idle] C:\Program Files\Customizer XP\RAM_2K.exe
O4 - HKLM\..\Run: [nod32kui] d:\Eset\nod32kui.exe /WAITSERVICE
O4 - HKLM\..\Run: [VirusProtectPro 3.7] "C:\Program Files\VirusProtectPro 3.7\VirusProtectPro 3.7.exe" /h
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c005D552.dat
O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\vhosts.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - d:\Eset\nod32krn.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\ORL\VNC\WinVNC.exe" -service (file missing)

Kaj izbrisati??
Mr.Black je offline   Reply With Quote
Staro 29.08.2007., 18:00   #95
WichitaQ
Soul Eater
 
WichitaQ's Avatar
 
Datum registracije: Jan 2007
Lokacija: Isolated
Postovi: 538
taj virusprotectpro ti je virus....briši :

O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\ORL\VNC\WinVNC.exe" -service (file missing)
O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\vhosts.exe
i sve sa tim virusprotectpro...

edit : a i ovo mi je sumnjivo :
O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - C:\WINDOWS\system32\__c00990E9.dat
WichitaQ je offline   Reply With Quote
Staro 29.08.2007., 18:20   #96
Mr.Black
Premium
 
Mr.Black's Avatar
 
Datum registracije: Jan 2005
Lokacija: -
Postovi: 1,580
Izbrisao sam ovo navedeno, ali nije to to...ovak dolje ikona me muči u trayu, evo slike kod otvaranja browsera...

http://www.imagesforme.com/images/3779bezimena.JPG

isprika moderatorima kaj nisam stavil u "Hijackthis - how to"
Mr.Black je offline   Reply With Quote
Staro 29.08.2007., 19:24   #97
Mr.Black
Premium
 
Mr.Black's Avatar
 
Datum registracije: Jan 2005
Lokacija: -
Postovi: 1,580
pošto je to komp kod starog u školi i služi profesorima za surfanje, problem sam riješio pomoću system restora, još jedanput ispirka kaj nisam postao u određeni topic...
Mr.Black je offline   Reply With Quote
Staro 30.08.2007., 17:44   #98
nano
Registered User
 
Datum registracije: Dec 2006
Lokacija: njemacka
Postovi: 24
global hook i ostale kuke

ljudi,ovako...problemcic kod mene je u tome sto mi se dosta cesto,nadasve je to islo preko IE7 al ni preko foxa nije puno rijedje...da mi se recimo explorer hoce konektirati preko na net,pa ak imam upaljen msn..hoce preko njega, il preko IE7 kojeg sam maknuo pa stavio foxa, pa hoce preko foxa, pa preko antivra...sva moguca cudesa koristi da se spoji na net, ja ga redovito comodom blokiram, al onda nemam koncekcije na net, pa moram srusit firefiox pa ga ponovo dignut da bih dobio vezu i tako stalno....kak da to iskljucim? jos da su mi windiwsi na engleskom, nekako bih i znao...valjda..al na njemackom...nemam blage veze sa vezom...ne kontam njemacki..
ne znam sta vam od sveg ovog trebam postat:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Programme\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NVRotateSysTray] rundll32.exe C:\WINDOWS\system32\nvsysrot.dll,Enable
O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [THotkey] C:\Programme\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [Tvs] C:\Programme\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Programme\TOSHIBA\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [emMON] emMON.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Programme\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Programme\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: EMmon.lnk = ?
O4 - Global Startup: Remote Control.lnk = C:\Programme\KWorld Multimedia\PVR-TV 300U Utilities\EMRCtl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{2C40D273-235F-4A81-93C7-4F01FAF679D1}: NameServer = 62.104.191.241 62.104.196.134
O22 - SharedTaskScheduler: arachnodacty - {80ced3d6-ece9-48ba-8df8-2503d8d87c2b} - (no file)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programme\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Programme\Comodo\Firewall\cmdagent.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Programme\McAfee\Common Framework\FrameworkService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Programme\Spyware Terminator\sp_rsser.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Programme\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
nano je offline   Reply With Quote
Staro 30.08.2007., 17:55   #99
Joke
N00B
Moj komp
 
Joke's Avatar
 
Datum registracije: Oct 2006
Lokacija: Split
Postovi: 3,873
Evo ovo možeš maknit
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - (no file)
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [emMON] emMON.exe
O22 - SharedTaskScheduler: arachnodacty - {80ced3d6-ece9-48ba-8df8-2503d8d87c2b} - (no file)
Joke je offline   Reply With Quote
Staro 30.08.2007., 18:16   #100
nano
Registered User
 
Datum registracije: Dec 2006
Lokacija: njemacka
Postovi: 24
maknuto, al tuneup sa tuneup 1 clicn maintenance sam maknuo,korigirao kaj znam, dosta problema----no, kako da se rijesim tih problema....sto mi se hoce spajat na net preko globalne kuke...explorer, folder lock, babilon sam imao pa sam ga maknuo, sa njim je sve pocelo, mislim on mi je prvi poceo koristit globalnu kuku da se spaja na net, ak blokiram, ode veza, pa moram ponovo...imal nacina da se to makne nekako...da ne moram stalnu rusiti firefox
nano je offline   Reply With Quote
Oglasni prostor
Oglas
 
Oglas
Staro 31.08.2007., 08:00   #101
elo
Registered User
 
Datum registracije: Aug 2007
Lokacija: Zagreb
Postovi: 24
Molio bih da mi netko kaze kaj da maknem....HVALA

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:58:20, on 31.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Alcohol Toolbar Helper - {0ACF00E0-C1E4-4F6B-B290-10AC7505C47A} - C:\Program Files\Alcohol Toolbar\v3.0.0.0\AudioGizmo_Toolbar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O3 - Toolbar: Alcohol Toolbar - {DC59A0D4-0ED6-4A73-B356-1B977F2A7725} - C:\Program Files\Alcohol Toolbar\v3.0.0.0\AudioGizmo_Toolbar.dll
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: andr - {3162ba5b-4f2d-40c5-8fb6-36c6a0d639e6} - C:\WINDOWS\system32\duznhje.dll (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 4639 bytes
elo je offline   Reply With Quote
Staro 31.08.2007., 11:16   #102
Stormbreaker
Premium
Moj komp
 
Stormbreaker's Avatar
 
Datum registracije: May 2007
Lokacija: TrashBin
Postovi: 527
mislim da ne trebaš ništa makniti....osim jedino ovoga:

O22 - SharedTaskScheduler: andr - {3162ba5b-4f2d-40c5-8fb6-36c6a0d639e6} - C:\WINDOWS\system32\duznhje.dll (file missing)

ali bolje da ništa ne diraš jer ti to nije prijetnja

kažem, nemoj ništa micati dok još netko ne pregleda
__________________
What the heart gives away is never gone ...
It is kept in the hearts of others.
~ by Robin St. John
~
Stormbreaker je offline   Reply With Quote
Staro 31.08.2007., 12:13   #103
domy_os
EMP moderator
 
domy_os's Avatar
 
Datum registracije: Apr 2005
Lokacija: Zagreb - Osijek
Postovi: 15,622
Stormbreaker, budi dobar pa makni taj sig i pročitaj pravila.

http://forum.pcekspert.com/faq.php
__________________
Member Of FKT Team


MBO: ASRock Z68 Pro3
CPU: Intel Pentium G630 + Arctic Cooling Freezer 7 Pro
RAM: 2 x 2 GB G.Skill DDR3-1600 Low Voltage
VGA: Intel HD Graphics
SB: Creative X-Fi Xtreme Music
TV Tuner: Leadtek WinFast DTV1800 H
SSD: Samsung 840 Pro 128 GB
HDD: 3 x WD Caviar Green 2 TB
ODD: LG GSA-H62N
PSU: Corsair VX450W
Case: Sharkoon Rebel 9 Economy Edition > Link To Case Mod
OS: Windows 10 Home x64

LCD monitor: LG 27MA73D + LG L1920P Flatron
LCD TV: Philips 26PFL3312
Keyboard: Logitech Wave Cordless
Mice: Logitech MX1100 Cordless Laser
Remote: iMON Inside Black
Gamepad: Logitech Cordless Rumblepad 2
Speakers 1: Creative Labs Inspire T6100
Speakers 2: Aiwa P22 Amplifier + C22 Preamplifier & 2 x Pioneer 80 W @ 8 Ohm
Headphones: Canyon CN-HS2
Printers: Canon Pixma iP4300 + MP240 & HP LaserJet 6L
Scanner: Canon CanoScan 4400F + CanoScan LiDE 60
External storage: Sharkoon SATA QuickPort Pro + 2 x Samsung SpinPoint F1 1 TB + 2 x WD Caviar Green 1 TB + WD Caviar Green 2 TB
AP/Router: Linksys WRT54GL rev. 1.1 with DD-WRT v24-sp2 (08/12/10) vpn

Connected To B.net



HP ENVY x360 - 15-w100nm

CPU: Intel Core i7-6500U @ 2.5 GHz
RAM: 2 x 8 GB Crucial DDR3-1600
VGA: Intel HD Graphics 520 + nVIDIA GeForce 930M
HDD: Samsung 850 Evo 1 TB
LCD: 15.6" LG Philips IPS @ 1920 x 1080
Other: Intel Dual Band Wireless-AC 7265, Realtek RTL8168/8111 Gigabit-LAN, Bluetooth 4.0, 2 x USB 3.0 + 1 x USB 2.0, HDMI, SD card reader, accelerometer, compass, gyroscope,...
OS: Windows 10 Home x64

Mice: Logitech VX Nano
External HDD: Hitachi Travelstar 5K1000 1 TB in LC Power LC-25USB3-II

domy_os je offline   Reply With Quote
Staro 31.08.2007., 13:03   #104
Stormbreaker
Premium
Moj komp
 
Stormbreaker's Avatar
 
Datum registracije: May 2007
Lokacija: TrashBin
Postovi: 527
evo, maknio sam...
Stormbreaker je offline   Reply With Quote
Staro 08.09.2007., 19:23   #105
grizli
Premium
 
Datum registracije: Dec 2005
Lokacija: Zagreb
Postovi: 141
poludit cu sisterki dao kom i našla rouge antyspywere i nemogu ga maknut


Logfile of HijackThis v1.99.1
Scan saved at 19:20:10, on 8.9.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\wuauclt.exe
H:\Documents and Settings\Segal\My Documents\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: MSVPS System - {88418AA3-16F5-4FC2-A9D8-90B1266DF841} - C:\WINDOWS\nsduo.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{51848130-9430-43FC-AA25-F50EFD4C5152}: NameServer = 208.67.220.220 208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{5A918F98-BEBA-4150-8B5E-0DA65D0440EE}: NameServer = 208.67.220.220 208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{653CA7F9-6460-4D1C-9C5A-0E6ACF9693F9}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{8AC7542C-9AFD-417B-B19D-C3F3FBF5ED2B}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{EEFD692C-E9A3-44D0-BEE3-266B1C752E17}: NameServer = 85.94.64.11 85.94.64.10
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 207.68.160.190 194.25.2.129 208.67.222.222 207.68.160.190 194.25.2.129 208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 207.68.160.190 194.25.2.129 208.67.222.222 207.68.160.190 194.25.2.129 208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 207.68.160.190 194.25.2.129 208.67.222.222 207.68.160.190 194.25.2.129 208.67.222.222
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: st3 - C:\WINDOWS\system32\st3.dll
O21 - SSODL: flammei - {9d635a36-6b3c-4146-8625-f3aaf507bbf8} - (no file)
O21 - SSODL: msmhost - {F39759B3-D9EF-4CEF-9953-472C38E52777} - C:\WINDOWS\msmhost.dll
O21 - SSODL: msmdev - {656721E8-5CC6-4A4D-8707-F60825A4CB92} - C:\WINDOWS\msmdev.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
__________________
A64 3000+@2,5Ghz // Epox 9NPA+ // 512 MB Geil // XFX 6600 // Bara 120gb + WD 40gb // Chieftek 360W
grizli je offline   Reply With Quote
Staro 08.09.2007., 19:31   #106
Stormbreaker
Premium
Moj komp
 
Stormbreaker's Avatar
 
Datum registracije: May 2007
Lokacija: TrashBin
Postovi: 527
evo, ovako, briši ovo:

O2 - BHO: MSVPS System - {88418AA3-16F5-4FC2-A9D8-90B1266DF841} - C:\WINDOWS\nsduo.dll

O20 - Winlogon Notify: st3 - C:\WINDOWS\system32\st3.dll

O21 - SSODL: flammei - {9d635a36-6b3c-4146-8625-f3aaf507bbf8} - (no file)


e, sada...ne znam što je ovo tj. neznam treba li se to brisat:

O17 - HKLM\System\CCS\Services\Tcpip\..\{EEFD692C-E9A3-44D0-BEE3-266B1C752E17}: NameServer = 85.94.64.11 85.94.64.10

O21 - SSODL: msmhost - {F39759B3-D9EF-4CEF-9953-472C38E52777} - C:\WINDOWS\msmhost.dll

O21 - SSODL: msmdev - {656721E8-5CC6-4A4D-8707-F60825A4CB92} - C:\WINDOWS\msmdev.dll

neka netko provjeri ove za koje ne znam što su
__________________
What the heart gives away is never gone ...
It is kept in the hearts of others.
~ by Robin St. John
~
Stormbreaker je offline   Reply With Quote
Staro 09.09.2007., 05:05   #107
greenfly
Od nonine sestre kunjado
Moj komp
 
greenfly's Avatar
 
Datum registracije: Dec 2006
Lokacija: (Vinjro)
Postovi: 1,129
017 pusti ,, a 021 možeš brisat oba dva,,to su BadGuy-si :



Postoji "alatka" koja se pokazala dobra za ROUGE infekcije.

Rouge remover Pazi : taj FIX vrijedi samo za tu vrstu infekcije

Evo uputa :

Please put RogueRemover in it's own folder, (I create a new folder in C:\ named RogueRemover).
You can do a Right Click on any open area on the desktop, New> Folder, then rename the folder RogueRemover.

Go to where your RogueRemover.zip is and Right Click on RogueRemover.zip, select Cut, then open the new folder you just created (RogueRemove) Right Click in the folder and select paste.

Double click on the file named RogueRemover.zip and unzip it to C:\RogueRemover

Double click on the file named RogueRemover.exe and select Scan.
The program will walk you through the remaining steps.
greenfly je offline   Reply With Quote
Staro 09.09.2007., 09:13   #108
Stormbreaker
Premium
Moj komp
 
Stormbreaker's Avatar
 
Datum registracije: May 2007
Lokacija: TrashBin
Postovi: 527
svejedno je hijackthis najbolji
__________________
What the heart gives away is never gone ...
It is kept in the hearts of others.
~ by Robin St. John
~
Stormbreaker je offline   Reply With Quote
Staro 09.09.2007., 10:28   #109
grizli
Premium
 
Datum registracije: Dec 2005
Lokacija: Zagreb
Postovi: 141
puno vam hvala ali iso sam bas na stranu spywera sazno kak se zove i na 04 mi se pojavio bas taj program njega sam zbriso i sve je OK puno hvala na pomoci. Htio postaviti samo jos jedno pitanje na stranici tog spywera pise da je najboji nacin za micanje njega preko XoftspySE ja taj program imam ali ga nije mogao naci to ne kuzim, full je update-an ali ga nije mogo nac samo hijak tako da se slazem sa stormbreaker-om
__________________
A64 3000+@2,5Ghz // Epox 9NPA+ // 512 MB Geil // XFX 6600 // Bara 120gb + WD 40gb // Chieftek 360W
grizli je offline   Reply With Quote
Staro 09.09.2007., 12:15   #110
Milentije
Adrenaline junkie
Moj komp
 
Milentije's Avatar
 
Datum registracije: Apr 2006
Lokacija: Doboj - Banja Luka / Republika Srpska
Postovi: 3,500
Ajde ako naleti neko kome nije mrsko pregeldati ovaj "mali" log neka da koji komentar sta brisati,...
Log je stavljen u attachment zbog velicine (zauzimao je tri posta zbog broja karaktera ).

hijackthis.txt
__________________
Lenovo ThinkPad W530 - Core i7 3840QM, 32 GB RAM, SSD Samsung 512 GB, nVidia Quadro K1000M 2 GB, 15.6" 1920x1080 IPS, baterija 9 ćelija

Zadnje izmijenjeno od: Milentije. 09.09.2007. u 12:35.
Milentije je offline   Reply With Quote
Staro 09.09.2007., 15:01   #111
greenfly
Od nonine sestre kunjado
Moj komp
 
greenfly's Avatar
 
Datum registracije: Dec 2006
Lokacija: (Vinjro)
Postovi: 1,129
Citiraj:
Autor Stormbreaker Pregled postova
svejedno je hijackthis najbolji
U to nitko ne sumnja.......

Ali moraš gledati te stvari sa druge perspektive,,grizli je imao sreću da mogao maknut sa HJT-om,,,koji mu je izbrisao Startup tog s**nja iz registry-a..
To je sitnica,,,,koja se kao prvo niti nije vidjela u logu pod 04 entry-a.

Želim samo reći da HJT koristi kod takvih "sitnica",, a što da je bila neka infekcija recimo kao : about blank 1/3 ili 2/4,,,ili PEPPER,,,ili LOOK 2 ME ili nedajbože LOP,,Vuno, Virtmunde,Navipromo Rootkit......i sto soma drugih koje HJT vidi ali trebaju posebni alati i načini lječenja tih infekcija....
Nitko ne sumnja u HJT,ali mora nam bit jasno da njega treba znat čitat i prepoznat razno-razne infekcije po njegovim stavkama........
greenfly je offline   Reply With Quote
Staro 09.09.2007., 17:55   #112
Joke
N00B
Moj komp
 
Joke's Avatar
 
Datum registracije: Oct 2006
Lokacija: Split
Postovi: 3,873
Milentije vecinom je ok osim ovo dvoje
F3 - REG:win.ini: load=
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
Joke je offline   Reply With Quote
Staro 09.09.2007., 19:00   #113
Stormbreaker
Premium
Moj komp
 
Stormbreaker's Avatar
 
Datum registracije: May 2007
Lokacija: TrashBin
Postovi: 527
Citiraj:
Autor greenfly Pregled postova
Nitko ne sumnja u HJT,ali mora nam bit jasno da njega treba znat čitat i prepoznat razno-razne infekcije po njegovim stavkama........
da, ovo sa očitavanjem njegovih logova je "mali" problem
__________________
What the heart gives away is never gone ...
It is kept in the hearts of others.
~ by Robin St. John
~
Stormbreaker je offline   Reply With Quote
Staro 09.09.2007., 19:25   #114
greenfly
Od nonine sestre kunjado
Moj komp
 
greenfly's Avatar
 
Datum registracije: Dec 2006
Lokacija: (Vinjro)
Postovi: 1,129
Citiraj:
Autor Stormbreaker Pregled postova
da, ovo sa očitavanjem njegovih logova je "mali" problem
Upravo tako,,lako je kopirat log pejstat u analyze field,click na analyze i brisat X-eve i upitnike ,a što ustvari to znači za komp i za net ?????

Evo samo jednog primjera LOP-infekcije koja dolazi sa instalacijom Messengera plus...
Zahvača R1 , 02 i 04 sekcije ,,znači usmjerava te na stranicu koju želi(R1),,,,,,,dodaje razne Browser Helper Objecte u naš Browser (02),,,,i pokreće programe ili aplikacije koje sam stvori ili koje zove preko neta(04)..

Sad....lako je stavit kvačicu na to i fix,,,ali stvar je u tome da onaj tko stvarno zna čitat log ZNA da ta infekcija dolazi sa tim programom i da mora maknut :


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.fmgdfrbbwolkcsujdqsdmg.ne...pa6xDG9BI4.cgi
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cenzunjgsodceudthxojah.ne...tu_Am/mGG.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.anhmrajywkhelucsdxto.net/...QLkDVwAM2Q.php
O2 - BHO: (no name) - {19B89A8F-57A9-5E97-9B02-F2CA701ED8DE} - C:\DOCUME~1\Owner\APPLIC~1\SIXTHD~1\Bold okay.exe
O2 - BHO: (no name) - {E0F2DF9F-B79F-15E0-FBFE-402D1D7D3EE1} - C:\DOCUME~1\Dad\APPLIC~1\LICENS~1\First Drv.exe
O2 - BHO: (no name) - {D74EAF21-F030-988F-6324-4BB6FA9B03D2} - C:\DOCUME~1\DON\APPLIC~1\WINSTO~1\TransPlay.exe
O4 - HKLM\..\Run: [skip stupid audio free] C:\Documents and Settings\All Users\Application Data\bows corn skip stupid\pokeadmin.exe
O4 - HKCU\..\Run: [objloud] C:\DOCUME~1\Dad\APPLIC~1\MOVEAT~1\coalheart.exe
O4 - HKLM\..\Run: [burn owns bags corn] C:\Documents and Settings\All Users\Application Data\ItchWinBurnOwns\Heck Setup.exe
O4 - HKLM\..\Run: [GridShimInterMath] C:\Documents and Settings\All Users\Application Data\downloadgluegridshim\onestyle.exe

I onda slijedi :

Fix

You have a LOP infection that often comes together with Messenger Plus. To remove it we will try the simple way first.

1. Go to Add/Remove programs. Double click on "Messenger Plus!" (or click on Remove)

2. The "Messenger Plus! - Setup" is now displayed. Click on the Uninstall button. Note: options displayed on the first screen are not related to the sponsor program.

3. The sponsor screen is now displayed (if you don't see it, search for it in your Task Bar). To prove that someone is currently reading the screen, you have to type the code that is displayed. Once you enter the code, press Uninstall.

4. If you entered the code properly, the program will ask you to confirm that you want to uninstall. You must answer "Yes" to this question, else, you won't have another chance of uninstalling.

5. To complete the uninstallation, follow the instructions that are displayed (the first one is to close all your Internet Explorer windows, that's very important). When everything is complete, restart your computer and, hopefully voila one nasty infection is gone.

Jer bez deinstalacije Mess.plus Infekcija se vrača za pol sata neta.
Eto...a takvih stvari ima mali milion,,,,,,,Dobro je dok su to sitnice.......
greenfly je offline   Reply With Quote
Staro 09.09.2007., 22:18   #115
Stormbreaker
Premium
Moj komp
 
Stormbreaker's Avatar
 
Datum registracije: May 2007
Lokacija: TrashBin
Postovi: 527
meni messenger plus ne stvara probleme
__________________
What the heart gives away is never gone ...
It is kept in the hearts of others.
~ by Robin St. John
~
Stormbreaker je offline   Reply With Quote
Staro 09.09.2007., 22:32   #116
greenfly
Od nonine sestre kunjado
Moj komp
 
greenfly's Avatar
 
Datum registracije: Dec 2006
Lokacija: (Vinjro)
Postovi: 1,129
Citiraj:
Autor Stormbreaker Pregled postova
meni messenger plus ne stvara probleme

Nije stvar u svakom Messengeru,,nego onaj tko zna za tu infekciju,zna i da mora izbrisat Messengr+ ,jer se u njega NAJČEŠČE usađuje,pa se savjetuje obavezno njegovo uklanjanje...
greenfly je offline   Reply With Quote
Staro 10.09.2007., 14:04   #117
Stormbreaker
Premium
Moj komp
 
Stormbreaker's Avatar
 
Datum registracije: May 2007
Lokacija: TrashBin
Postovi: 527
pa znam da meni niti pravi problema niti mi ikoji program (a imam zaštitu boli glava) išta prikazuje, tako da
__________________
What the heart gives away is never gone ...
It is kept in the hearts of others.
~ by Robin St. John
~
Stormbreaker je offline   Reply With Quote
Staro 24.09.2007., 15:36   #118
mali_ceh
Registered User
 
mali_ceh's Avatar
 
Datum registracije: Jul 2007
Lokacija: Neverland
Postovi: 2
Cini mi se da mi je komp hakiran, pa molim, ako imate vremena da pogledate moj log sta da brisem

Logfile of HijackThis v1.99.1
Scan saved at 21:25:23, on 23.9.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis\HijackThis.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Outpost Firewall] "C:\Program Files\Agnitum\Outpost Firewall\outpost.exe" /waitservice
O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dumps_startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Unaprijed hvala!
mali_ceh je offline   Reply With Quote
Staro 24.09.2007., 16:05   #119
Joke
N00B
Moj komp
 
Joke's Avatar
 
Datum registracije: Oct 2006
Lokacija: Split
Postovi: 3,873
mali_ceh možeš samo ovo obrisat O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
Joke je offline   Reply With Quote
Staro 24.09.2007., 16:31   #120
mali_ceh
Registered User
 
mali_ceh's Avatar
 
Datum registracije: Jul 2007
Lokacija: Neverland
Postovi: 2
puno hvala

brzi ste
mali_ceh je offline   Reply With Quote
Oglasni prostor
Oglas
 
Oglas
Odgovori


Uređivanje

Pravila postanja
Vi ne možete otvarati nove teme
Vi ne možete pisati odgovore
Vi ne možete uploadati priloge
Vi ne možete uređivati svoje poruke

BB code je Uključeno
Smajlići su Uključeno
[IMG] kod je Uključeno
HTML je Isključeno

Idi na