MyCity » Ambulanta -> Arhiva Ambulante » Provjera

Provjera

Napisano na dan: 4.1.2009

Provjera
Sledeća strana Pagination

Idi na vrh

Poslao: 04 Jan 2009 20:25
Idi na vrh
offline
  • Pridružio: 20 Mar 2009
  • Poruke: 300
  • Gde živiš: Republic Of Srpska Banjaluka

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:57, on 1/4/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\ClocX\ClocX.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\PST\Desktop\New Folder\TR3.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Cyber-shot Viewer Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{81D323A9-3773-4DF3-972D-1E5BD598DEAB}: NameServer = 62.68.96.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

--
End of file - 4637 bytes

mozda cete reci da sam dosadan vise al samo provjeru molim
radio sam neka ciscenja po uputstvima sa vaseg sajta i usput sam srusio recovery konzolu po uputstvima sa windows podforuma ali neki fajlovi i folderi koji su se trebali obrisati ne mogu se obrisati
pa samo jos kad sam sve to odradio da i na malware bacite pogled
pri podizanju sistema opet se desava kao prije da kad se sve ucita desktop zaledi bez ijedne ikone i tako stoji nekih minut dva

Poslao: 04 Jan 2009 20:57
Idi na vrh
offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Pozdrav...


Log je (još uvek) čist. Ustvari, ni poslednji put kada si otvorio temu, na tvom kompjuteru nije bilo aktivnog malware-a.

A Recovery Console doista nisi morao da uklanjaš - sem zadrške od 2 sekunde pri startovanju Windows-a, RC nema nikakav uticaj na rad kompjutera.

Poslao: 04 Jan 2009 21:12
Idi na vrh
offline
  • Pridružio: 20 Mar 2009
  • Poruke: 300
  • Gde živiš: Republic Of Srpska Banjaluka

pa pitao sam ih na windows pod forumu da li da ne diram i niko nista nije rekao tako da sam je srusio a posledica je ta sto sad ne mogu doci do safe moda preko f8 jer mi ne daje nikakvu listu samo windows
naime prvo mi izbaci neku listu pa moram selektovati disk pa enter f8 i tu mi samo daje opciju za dizanje windowsa nema drugih kao npr last know god configuration itd itd a izmedju ostalih i safe moda mada sam njega nasao na system utulity nebitno
dodje mi da ponovo pokrenem combo fix i da opet prihvatim instalaciju

ok dr bora mozda sam malo paranoican i opet hvala za tvoje utroseno vrijeme
veliki pozdrav

MyCity » Ambulanta -> Arhiva Ambulante » Provjera

Ko je trenutno na forumu
 

Ukupno su 862 korisnika na forumu :: 43 registrovanih, 9 sakrivenih i 810 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Apok, ArmyBoss, Ben Roj, bojcistv, bokisha253, Boris BM, Buzdovan, d bos, Denaya, dika69, draganca, Excalibur13, FOX, Georgius, gomago, Karla, Kubovac, kybonacci, ladro, laurusri, Leonov, Lošmi, Marko Marković, mercedesamg, Mercury, milos.cbr, milutin134, MiroslavD, mocnijogurt, NoOneEver Dreams, nuke92, opt1, raptorsi, RJ, robertino, sasa87, Srle993, stalja, vathra, voja64, wizzardone, šumar bk2