MyCity » Ambulanta -> Arhiva Ambulante » strasno usporen komp.

strasno usporen komp.

Napisano na dan: 17.1.2009

Strana:
1
2
3

strasno usporen komp.

Sledeća strana

Pagination

Odgovori

Strana:
1
2
3

Brano Poslao: 17 Jan 2009 14:45 Idi na vrh
offline Brano Super građanin Pridružio: 26 Dec 2008 Poruke: 1428 Gde živiš: Bijeljina	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sa ovim kompom dugo nisam izlazio na net, koristili su ga drugi, i primetio sam da je uzasno usporen...... Molim vas za pregled log-a, jer mislim da je "pokupio" nesto...... Unaperd hvala. Evp log: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:35:27, on 17.1.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Lexmark 2300 Series\lxcgmon.exe C:\Program Files\Lexmark 2300 Series\ezprint.exe C:\WINDOWS\vsnpstd.exe C:\Program Files\LClock\LClock.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\NCLAUNCH.EXe C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.exe C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN D:\programi\bluetooth adapter\BTNtService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PSIService.exe C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\lxcgcoms.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Mozilla Firefox\firefox.exe D:\programi\skeniranje virusa\New Folder\ono.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = .local R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe" O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe" O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe O4 - HKLM\..\Run: [LClock] C:\Program Files\LClock\LClock.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide O4 - HKLM\..\Run: [ISUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe O8 - Extra context menu item: E&xport to Microsoft Excel - [Link mogu videti samo ulogovani korisnici]*\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - D:\programi\bluetooth adapter\BTNtService.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: AutomatedSurfer (SurferService) - Unknown owner - C:\WINDOWS\system32\srvany.exe O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing) -- End of file - 10147 bytes

Profil

bobby Poslao: 17 Jan 2009 15:02 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Skini ComboFix sa jedne od sledecih adresa na Desktop: [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

Brano Poslao: 17 Jan 2009 16:31 Idi na vrh
offline Brano Super građanin Pridružio: 26 Dec 2008 Poruke: 1428 Gde živiš: Bijeljina	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-01-16.03 - user 2009-01-17 16:15:43.4 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.136 [GMT 1:00] Running from: d:\programi\skeniranje virusa\New Folder\ComboFix.exe AV: McAfee VirusScan On-access scanning enabled (Updated) FW: McAfee Personal Firewall enabled * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\IE4 Error Log.txt . ((((((((((((((((((((((((( Files Created from 2008-12-17 to 2009-01-17 ))))))))))))))))))))))))))))))) . 2009-01-14 17:08 . 2009-01-14 17:08 144 --a------ c:\windows\Eudcedit.ini 2009-01-12 23:12 . 2009-01-15 00:26 249,856 --------- c:\windows\Setup1.exe 2009-01-12 23:12 . 2009-01-15 00:26 73,216 --a------ c:\windows\ST6UNST.EXE 2009-01-12 23:06 . 2009-01-12 23:06 <DIR> d-------- c:\windows\system32\Adobe 2009-01-08 21:42 . 2008-12-11 12:57 333,184 -----c--- c:\windows\system32\dllcache\srv.sys 2009-01-08 21:30 . 2008-10-24 12:10 453,632 -----c--- c:\windows\system32\dllcache\mrxsmb.sys 2008-12-23 17:49 . 2008-12-23 17:49 <DIR> d-------- c:\windows\Logs 2008-12-23 17:46 . 2008-12-23 18:05 682,280 --a------ c:\windows\system32\pbsvc.exe 2008-12-23 17:46 . 2008-12-23 18:12 138,464 --a------ c:\windows\system32\drivers\PnkBstrK.sys 2008-12-23 17:46 . 2008-12-23 18:12 111,928 --a------ c:\windows\system32\PnkBstrB.exe 2008-12-23 17:46 . 2008-12-23 18:05 66,872 --a------ c:\windows\system32\PnkBstrA.exe 2008-12-23 17:46 . 2008-12-23 18:05 22,328 --a------ c:\documents and settings\user\Application Data\PnkBstrK.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-01-17 12:02 --------- d-----w c:\documents and settings\user\Application Data\OpenOffice.org2 2009-01-16 22:28 --------- d-----w c:\documents and settings\user\Application Data\Skype 2009-01-11 13:39 --------- d-----w c:\program files\Windows Live 2009-01-10 21:09 --------- d-----w c:\documents and settings\All Users\Application Data\Corel 2009-01-10 21:06 --------- d-----w c:\program files\BlazeVideo 2009-01-10 19:20 --------- d-----w c:\program files\Lx_cats 2009-01-06 10:16 88 --sh--r c:\documents and settings\All Users\Application Data\6F79CCAF5C.sys 2009-01-06 10:16 2,516 --sha-w c:\documents and settings\All Users\Application Data\KGyGaAvL.sys 2008-12-23 17:16 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-21 21:30 --------- d-----w c:\documents and settings\user\Application Data\FaxCtr 2008-12-11 11:57 333,184 ----a-w c:\windows\system32\drivers\srv.sys 2008-10-23 13:01 283,648 ----a-w c:\windows\system32\gdi32.dll 2008-09-19 17:27 14,298 ----a-w c:\program files\settings.dat 2006-11-14 07:42 152 --sh--r c:\windows\system32\495B68E769.sys 2007-04-07 09:30 8 --sh--r c:\windows\system32\8AF25EAEB4.sys 2007-04-06 22:38 56 --sh--r c:\windows\system32\B4AE5EF28A.sys 2007-05-24 11:30 5,852 --sha-w c:\windows\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-13 68856] "NCLaunch"="c:\windows\NCLAUNCH.EXe" [2007-11-24 40960] "Google Update"="c:\documents and settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-09-07 133104] "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-08-16 5728112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-02-22 339968] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920] "LXCGCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll" [2005-04-27 69632] "lxcgmon.exe"="c:\program files\Lexmark 2300 Series\lxcgmon.exe" [2005-05-05 200704] "EzPrint"="c:\program files\Lexmark 2300 Series\ezprint.exe" [2005-06-08 94208] "FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2005-05-03 299008] "snpstd"="c:\windows\vsnpstd.exe" [2003-12-31 40960] "LClock"="c:\program files\LClock\LClock.exe" [2004-09-20 65536] "PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-03-15 233472] "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2008-07-11 641208] "McENUI"="c:\progra~1\McAfee\MHN\McENUI.exe" [2008-06-13 1176808] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-02-16 185896] "SoundMan"="SOUNDMAN.EXE" [2004-12-22 c:\windows\SOUNDMAN.EXE] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-03 c:\windows\system32\bthprops.cpl] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] c:\documents and settings\user\Start Menu\Programs\Startup\ OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "UIHost"=hex(2):76,69,73,74,61,75,69,2e,65,78,65,00 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "VIDC.ACDV"= ACDV.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\lxcgcoms.exe"= "d:\\programi\\bluetooth adapter\\BlueSoleil.exe"= "c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [2007-01-29 24786] R1 hwinterface;hwinterface;c:\windows\system32\drivers\hwinterface.sys [2007-05-14 3026] S3 eusk3usb;SmartKey 3 USB;c:\windows\system32\drivers\eusk3usb.sys [2007-01-29 45534] S3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\DRIVERS\gflmouhid.sys --> c:\windows\system32\DRIVERS\gflmouhid.sys [?] S4 SurferService;AutomatedSurfer;c:\windows\system32\srvany.exe [2007-03-23 13312] S4 Teaacsrv;Teaacsrv; [x] . Contents of the 'Scheduled Tasks' folder 2009-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-682003330-616249376-2147069159-1003.job - c:\documents and settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-07 10:53] 2008-01-15 c:\windows\Tasks\McDefragTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2008-07-09 17:10] 2008-06-30 c:\windows\Tasks\McQcTask.job - c:\progra~1\mcafee\mqc\QcConsol.exe [2008-07-09 17:10] 2009-01-09 c:\windows\Tasks\Uniblue SpeedUpMyPC Nag.job - c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2008-05-03 22:39] 2008-05-03 c:\windows\Tasks\Uniblue SpeedUpMyPC.job - c:\program files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe [2008-05-03 22:39] 2008-05-07 c:\windows\Tasks\Uniblue SpyEraser.job - c:\program files\Uniblue\SpyEraser\SpyEraser.exe [2008-04-02 08:50] . - - - - ORPHANS REMOVED - - - - Notify-WgaLogon - (no file) . ------- Supplementary Scan ------- . uStart Page = [Link mogu videti samo ulogovani korisnici] mStart Page = [Link mogu videti samo ulogovani korisnici] uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = .local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\2gbr11hg.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]* FF - prefs.js: keyword.URL - [Link mogu videti samo ulogovani korisnici] FF - plugin: c:\documents and settings\user\Local Settings\Application Data\Google\Update\1.2.133.33\npGoogleOneClick7.dll . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2009-01-17 16:17:40 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(708-) c:\windows\system32\Ati2evxx.dll c:\windows\system32\cscui.dll . Completion time: 2009-01-17 16:22:59 ComboFix-quarantined-files.txt 2009-01-17 15:21:39 ComboFix2.txt 2008-02-09 20:06:37 Pre-Run: 890.933.248 bytes free Post-Run: 1,758,953,472 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect 163 --- E O F --- 2009-01-14 23:35:18

Profil

bobby Poslao: 17 Jan 2009 16:44 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi gmer.zip sa ovog linka i sačuvaj na Desktopu. Raspakuj ga u neki folder. Dupli klik na gmer.exe za početak: Izaberi Rootkit/Malware Tab na vrhu. Desni klik na sred forme programa. Pojaviće se menij u kojem je potrebno otići na Options i tu štiklirati opciju Only non MS files Klikni na Scan. Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati rezultate skeniranja u Clipboard. Iskoristi opciju Paste u Notepad-u da bi to prebacio u tekst. Snimi taj tekst iz Notepada kao fajl file3.txt Iskoristi opciju Prikači fajl ispod polja za pisanje poruke na forumu, i prikači nam ovde fajl koji smo malopre snimili. Dopuna: 17 Jan 2009 16:44 Jesi li sam instalirao program AutomatedSurfer, ili ti nije poznato? To je program koji sam surfuje internetom i klikce na linkove. Neki ga upotrebljavaju da bi na ovaj nacin zaradjivali od kliktanja na reklame na sajtovima.

Profil

Brano Poslao: 17 Jan 2009 17:01 Idi na vrh
offline Brano Super građanin Pridružio: 26 Dec 2008 Poruke: 1428 Gde živiš: Bijeljina	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Evo prikaceno, ne taj AutomatedSurfer mi nije poznat. A ne znam otkud taj vrag na komp-u..... [Link mogu videti samo ulogovani korisnici]

Profil

bobby Poslao: 17 Jan 2009 17:06 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nisi skenirao po uputstvu. Napisao sam ti gore da stikliras opciju Only non MS files Zamolio bih te da ponovis skeniranje, ali ovaj put sa tom opcijom.

Profil

Brano Poslao: 17 Jan 2009 17:16 Idi na vrh
offline Brano Super građanin Pridružio: 26 Dec 2008 Poruke: 1428 Gde živiš: Bijeljina	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: Izvini ali gmer mi sam skenira, nadam se da je sad kako treba. [Link mogu videti samo ulogovani korisnici]

Profil

bobby Poslao: 17 Jan 2009 17:24 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sada si pa iskljucio File version info, a i dalje nisi ukljucio opciju Only non MS files.

Profil

Brano Poslao: 17 Jan 2009 17:29 Idi na vrh
offline Brano Super građanin Pridružio: 26 Dec 2008 Poruke: 1428 Gde živiš: Bijeljina	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: evo: [Link mogu videti samo ulogovani korisnici]

Profil

bobby Poslao: 17 Jan 2009 17:39 Idi na vrh
offline bobby Administrator Pridružio: 04 Sep 2003 Poruke: 24135 Gde živiš: Wien	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ima ovde zanimljivih stvari koje zahtevaju malo vise vremena. Ja moram da izadjem iz stana, ali se javljam kasnije veceras (posle 9). U medjuvremenu, napravi mi jos sledeca dva GMER loga: Dupli klik na gmer.exe za početak: Izaberi Rootkit/Malware Tab na vrhu. Klikni na Scan. Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati rezultate skeniranja u Clipboard. Iskoristi opciju Paste u Notepad-u da bi to prebacio u tekst. Snimi taj tekst iz Notepada kao file1.txt. Ponovi ovo isto sa Autostart Tab-om. Snimi taj tekst iz Notepada kao file2.txt. Iskoristi opciju Prikači fajl ispod polja za pisanje poruke na forumu, i prikači nam ovde ta dva fajla koja smo malopre snimili.

Profil

MyCity » Ambulanta -> Arhiva Ambulante » strasno usporen komp.

Ko je trenutno na forumu

Ukupno su 2503 korisnika na forumu :: 72 registrovanih, 12 sakrivenih i 2419 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 20624 - dana 04 Apr 2026 04:18

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: Andrija357, Aristotle2002, beki76, Bobrock1, Bojan198527, Boris BM, BOXRR, BZ, carinko, Cirkon, coaaco, Comyymoc, crazydkure, cuvarkuca, Daba75, draganca, Draganeli, drale12, drimer, Džekson, FileFinder, galico, Istman, Jaz, Lester Freamon, LostInSpaceandTime, M74AB3, m94j, Mali Rambo, Marko Marković, markolopin, mercedesamg, metallac777, milanpb, milbos, Milos ZA, milos97, MilosKop, mixa99, mrdaak, mrgud2025, nenooo, Nepopravljivi, novator, opt1, Oscar2, Parker, Pekman, raster12, Ray1973, repac, rovac, sekretar, Sharpshooter, Sirius, SirOliver, skok, Solunac na steroidima, StankoVrankovic, stegonosa, superwhy, tanakadzo, Troja, vaci, vidra boy, virked, vrgudinac, Wehicle, zlizo, Zorge, zrno, 79693

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by