Da li postoji problem

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 25 Feb 2011 14:35

Nisam imao ideju za bolji naslov teme pa sam je zato ovako nazvao.


Pozdrav meicinskom osoblju Ambulante

Posto zivim na selu neinteresantnom za razne velike internet provajdere imam samo 2 mogucnosti internet konekcije. To je dial-up i neki od bezicnih 3G modema mobilnih operatera. Moj kraj je pre 2,5 godine bio lose pokriven Telenor i VIP signalom pa sam se onda, logicno, odlucio za MTS.

I sve bi to bilo lepo da mi povremeno ne stizu preveliki racuni. Najsveziji slucaj je racun za januar u po kome sam potrosio 17 GB (koristim paket kome je u pretplatu uracunato 15GB). Posto svakog prvog u mesecu, pre nego sto zapocnem prvu konekciju toga dana, proveravam stanje na brojacu aplikacije, to mi se ucinilo sumnjivim. U decembru sam po brojacu potrosio 13,9 GB i dobio sam racun na kome nije bilo prikazano nikakvo prekoracenje, da bi u januaru po brojacu potrosio tacno 14 GB a po racunu mi prikazano pomenutih 17.

Svaki put kada se tako nesto dogodi objasnjenje je isto: GRESKA U ZAOKRUZIVANJU NA 100 KB. Medjutim u celoj toj prici jako je cudno to sto se 2-3 meseca stanje na racunu poklapa sa stanjem na brojacu da bi onda naglo ta greska iznosila i po 2-3 GB.

Sinoc sam dobio savet da preuzmem DU meter kako bih proverio svoju sumnju da mi se tokom ovog meseca nesto cudno desava sa potrosnjim onih 15 GB. Imama utisak da sam mnogo brze stigao do potrosenih 11 GB nego obicno iako sam ovog meseca izbegavao bilo kakava download muzike, knjiga, programa (sto sam do sada redovno radio), smanjio sam i gledanje YT i ostalog video sadrzaja (ovaj mesec sam pogledao 2-3 video klipa cije je ukupno trajanje bilo 5-6 minuta) a smanjio sam i kolicnu postova na forumima na kojima sam prisutan. Sve to u cilju provere opravdanosti moje sumnje da mi neko kradeinternet saobracaj.

Dakle preuzeo sam DU meter, iskljucio web-pregledac, iskljucio skajp i umesto da mi rezultati budu jednaki nuli oni su u narednih 10-ak minuta izgledali ovako.








Po uputstvu sam odradio i DDS a trenutno radim i GMER pa ako bude neophodno postavicu izvestaj

mycity.rs/must-login.png



DDS (Ver_10-12-12.02) - NTFSx86
Run by radenko at 13:18:06,53 on pet 25.02.2011
Internet Explorer: 6.0.2900.2180 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2940.1847 [GMT 1:00]

AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

============== Running Processes ===============

D:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
D:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
svchost.exe
D:\Program Files\AGI\core\4.2.0.10753\AGCoreService.exe
D:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
D:\Program Files\DU Meter\DUMeterSvc.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32\svchost.exe -k imgsvc
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
D:\Program Files\Winamp\winampa.exe
D:\WINDOWS\RTHDCPL.EXE
D:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Program Files\Logia\eSnipsDownloader\eSnips_Downloader.exe
D:\Program Files\ScanSoft\OmniPageSE\opware32.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\mts\mtsSetup\mts.exe
D:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
D:\PROGRA~1\DUMETE~1\DUMeter.exe
D:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
D:\Program Files\Skype\Plugin Manager\skypePM.exe
D:\Program Files\MODEM Mobile Connection\MODEM Mobile Connection.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
F:\Prijemi\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2776682
mStart Page = hxxp://eis.esnips.com/page/search/?client_uuid=bda82ac0-85c3-4b48-b0d2-41fde8d1391d
uURLSearchHooks: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
uURLSearchHooks: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - d:\program files\brothersoft_extreme\tbBrot.dll
mURLSearchHooks: Winamp Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - d:\program files\winamp toolbar\winamptb.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - d:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx
BHO: agihelper.AGUtils: {0bc6e3fa-78ef-4886-842c-5a1258c4455a} - mscoree.dll
BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - d:\program files\winamp toolbar\winamptb.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - d:\program files\conduitengine\ConduitEngine.dll
BHO: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - d:\program files\brothersoft_extreme\tbBrot.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - d:\progra~1\micros~2\office12\GRA8E1~1.DLL
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - d:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: eSnipsBHO Class: {b530a9a4-1722-4d16-aad6-aa85e3ad2ade} - d:\program files\logia\esnipsdownloader\eSnipsBHO.dll
BHO: Foxit Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - d:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - d:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Foxit Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - d:\program files\ask.com\GenericAskToolbar.dll
TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - d:\program files\winamp toolbar\winamptb.dll
TB: BrotherSoft Extreme Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - d:\program files\brothersoft_extreme\tbBrot.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - d:\program files\conduitengine\ConduitEngine.dll
uRun: [ctfmon.exe] d:\windows\system32\ctfmon.exe
uRun: [Skype] "d:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [mtsStartup] d:\program files\mts\mtssetup\mts.exe
uRun: [NVIDIA driver monitor] d:\windows\nvsvc32.exe
uRun: [DU Meter] d:\program files\du meter\DUMeter.exe
mRun: [egui] "d:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [WinampAgent] "d:\program files\winamp\winampa.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [Camera Assistant Software] "d:\program files\camera assistant software for toshiba\traybar.exe" /start
mRun: [GrooveMonitor] "d:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [NeroFilterCheck] d:\windows\system32\NeroCheck.exe
mRun: [SunJavaUpdateSched] "d:\program files\common files\java\java update\jusched.exe"
mRun: [eSnips_Downloader] "d:\program files\logia\esnipsdownloader\eSnips_Downloader.exe" -startup
mRun: [Omnipage] d:\program files\scansoft\omnipagese\opware32.exe
StartupFolder: d:\docume~1\radenko\startm~1\programs\startup\pravos~1.lnk - d:\program files\pravoslavac\pravoslavac.exe
StartupFolder: d:\docume~1\radenko\startm~1\programs\startup\websho~2.lnk - d:\program files\webshots daily features\Webshots Daily Features.exe
StartupFolder: d:\docume~1\radenko\startm~1\programs\startup\webshots.lnk - d:\program files\webshots\3.1.5.7619\Launcher.exe
StartupFolder: d:\docume~1\radenko\startm~1\programs\startup\websho~1.lnk - d:\program files\webshots daily features\Webshots Daily Features.exe
StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - d:\program files\mcafee security scan\2.0.181\SSScheduler.exe
StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\pravos~1.lnk - d:\program files\pravoslavac\pravoslavac.exe
StartupFolder: d:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - d:\program files\winzip\WZQKPICK.EXE
IE: &Winamp Search - d:\documents and settings\all users\application data\winamp toolbar\ietoolbar\resources\en-us\local\search.html
IE: E&xport to Microsoft Excel - d:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - d:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - d:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - d:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
TCP: {306E8FAD-F505-4CAC-A6BF-57D3211C01E9} = 195.178.38.3 195.178.38.8
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - d:\progra~1\micros~2\office12\GR99D3~1.DLL
Handler: ic32pp - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - d:\windows\wc98pp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - d:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - d:\progra~1\common~1\skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - d:\progra~1\micros~2\office12\GRA8E1~1.DLL

================= FIREFOX ===================

FF - ProfilePath - d:\docume~1\radenko\applic~1\mozilla\firefox\profiles\3aw0wz9s.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2776682&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://sr.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:sr:official
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=
FF - component: d:\documents and settings\radenko\application data\mozilla\firefox\profiles\3aw0wz9s.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\components\RadioWMPCore.dll
FF - component: d:\documents and settings\radenko\application data\mozilla\firefox\profiles\3aw0wz9s.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}\components\RadioWMPCoreGecko19.dll
FF - component: d:\documents and settings\radenko\application data\mozilla\firefox\profiles\3aw0wz9s.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
FF - component: d:\documents and settings\radenko\application data\mozilla\firefox\profiles\3aw0wz9s.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
FF - component: d:\documents and settings\radenko\application data\mozilla\firefox\profiles\3aw0wz9s.default\extensions\engine@conduit.com\components\RadioWMPCore.dll
FF - component: d:\documents and settings\radenko\application data\mozilla\firefox\profiles\3aw0wz9s.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - component: d:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - plugin: d:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: d:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: d:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: d:\program files\mozilla firefox\plugins\npwachk.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - d:\program files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Fast Youtube Downloader: fastYoutubeDownloader@yevgenyandrov.net - %profile%\extensions\fastYoutubeDownloader@yevgenyandrov.net
FF - Ext: Zynga Toolbar: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - %profile%\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: BrotherSoft Extreme Community Toolbar: {51a86bb3-6602-4c85-92a5-130ee4864f13} - %profile%\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}
FF - Ext: Java Quick Starter: jqs@sun.com - d:\program files\java\jre6\lib\deploy\jqs\ff

============= SERVICES / DRIVERS ===============

R1 ehdrv;ehdrv;d:\windows\system32\drivers\ehdrv.sys [2010-4-28 114984]
R1 epfwtdir;epfwtdir;d:\windows\system32\drivers\epfwtdir.sys [2010-6-24 95896]
R2 AGCoreService;AG Core Services;d:\program files\agi\core\4.2.0.10753\AGCoreService.exe [2010-11-25 20480]
R2 DUMeterSvc;DU Meter Service;d:\program files\du meter\DUMeterSvc.exe [2011-2-24 1412488]
R2 ekrn;ESET Service;d:\program files\eset\eset nod32 antivirus\ekrn.exe [2010-6-24 810144]
R3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver;d:\program files\du meter\DUM_XP32.sys [2011-2-24 14992]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;d:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;d:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 McComponentHostService;McAfee Security Scan Component Host Service;d:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

=============== Created Last 30 ================

2011-02-24 17:23:07 -------- d-----w- d:\docume~1\alluse~1\applic~1\Hagel Technologies
2011-02-24 17:23:06 -------- d-----w- d:\program files\DU Meter
2011-02-07 18:31:22 -------- d-----w- d:\program files\PhotoZoom Pro 4
2011-02-03 19:58:10 -------- d-----w- d:\docume~1\radenko\locals~1\applic~1\Help
2011-02-01 14:04:28 -------- d-----w- d:\docume~1\alluse~1\applic~1\PDF Writer
2011-02-01 14:04:27 -------- d-----w- d:\docume~1\radenko\locals~1\applic~1\PDF Writer
2011-02-01 14:04:27 -------- d-----w- d:\docume~1\radenko\applic~1\PDF Writer
2011-02-01 13:54:50 227840 ----a-w- d:\windows\system32\bzFlRdr.dll
2011-02-01 13:54:50 135168 ----a-w- d:\windows\system32\bzpdfc.dll
2011-02-01 13:54:50 103424 ----a-w- d:\windows\system32\bzDCT.dll
2011-02-01 13:54:50 -------- d-----w- d:\program files\common files\Bullzip
2011-02-01 13:54:47 196096 ----a-w- d:\windows\system32\bzpdf.dll
2011-02-01 13:54:46 140288 ----a-w- d:\windows\system32\comdlg32.OCX
2011-02-01 13:54:46 -------- d-----w- d:\program files\Bullzip
2011-01-31 14:22:57 51712 ----a-w- d:\windows\wc98pp.dll
2011-01-30 09:29:16 15104 -c--a-w- d:\windows\system32\dllcache\usbscan.sys
2011-01-30 09:29:16 15104 ----a-w- d:\windows\system32\drivers\usbscan.sys
2011-01-30 09:19:46 -------- d-----w- d:\program files\Canon
2011-01-30 09:19:36 -------- d-----w- d:\documents and settings\radenko\WINDOWS
2011-01-30 09:18:40 -------- d-----w- d:\docume~1\alluse~1\applic~1\SSScanWizard
2011-01-30 09:18:40 -------- d-----w- d:\docume~1\alluse~1\applic~1\SSScanAppDataDir
2011-01-30 09:18:35 -------- d-----w- d:\program files\common files\ScanSoft Shared
2011-01-30 09:18:18 -------- d-----w- d:\program files\ScanSoft
2011-01-30 09:17:42 53248 ------w- d:\program files\common files\installshield\engine\6\intel 32\msihook.dll
2011-01-30 09:17:41 126976 ------w- d:\program files\common files\installshield\engine\6\intel 32\knlwrap.exe
2011-01-30 09:17:41 114688 ------w- d:\program files\common files\installshield\engine\6\intel 32\scpthdlr.dll
2011-01-30 09:16:59 212480 ----a-w- d:\windows\pcdlib32.dll
2011-01-30 09:16:36 77312 ----a-w- d:\windows\system32\TWAIN_32.DLL
2011-01-30 09:16:36 212480 ----a-w- d:\windows\system32\PCDLIB32.DLL
2011-01-30 09:16:17 225280 ------w- d:\program files\common files\installshield\iscript\iscript.dll
2011-01-30 09:16:17 176128 ------w- d:\program files\common files\installshield\engine\6\intel 32\iuser.dll
2011-01-30 09:16:16 77824 ----a-w- d:\program files\common files\installshield\engine\6\intel 32\ctor.dll
2011-01-30 09:16:16 32768 ------w- d:\program files\common files\installshield\engine\6\intel 32\objectps.dll
2011-01-30 09:16:15 610436 ------w- d:\program files\common files\installshield\engine\6\intel 32\IKernel.exe
2011-01-30 09:15:53 103344 ----a-w- d:\program files\mozilla firefox\plugins\nppdf32.dll
2011-01-30 09:15:51 -------- d-----w- d:\windows\Profiles
2011-01-30 09:15:50 270336 ----a-w- d:\program files\internet explorer\plugins\NPDocBox.dll
2011-01-30 09:15:50 103344 ------w- d:\program files\internet explorer\plugins\nppdf32.dll
2011-01-30 09:15:49 -------- d-----w- d:\windows\system32\Adobe
2011-01-30 09:15:39 306688 ----a-w- d:\windows\IsUninst.exe
2011-01-30 09:15:02 339968 ----a-w- d:\windows\system32\N124UFW.dll
2011-01-30 09:15:02 327740 ----a-w- d:\windows\system32\UCS32P.DLL
2011-01-30 09:15:02 32768 ----a-w- d:\windows\system32\CNQU70.DLL
2011-01-30 09:14:59 -------- d--h--w- D:\CanoScan
2011-01-29 18:57:05 139264 ----a-w- d:\windows\NeoUninstall.exe
2011-01-29 18:57:01 -------- d-----w- d:\program files\Neoact

==================== Find3M ====================

2005-09-21 06:19:20 718320 ----a-w- d:\program files\ABBYY FineReader 8.0 Professional Edition.msi
2005-09-20 18:38:32 356352 ----a-w- d:\program files\setup.exe
2003-04-21 13:09:50 245408 ----a-w- d:\program files\unicows.dll
2002-03-11 10:06:30 1822520 ----a-w- d:\program files\instmsiW.exe

============= FINISH: 13:18:36,81 ===============

Dopuna: 25 Feb 2011 15:36

Evo i GMER
mycity.rs/must-login.png

mycity.rs/must-login.png

mycity.rs/must-login.png

• 1Ovo se svidja korisniku: Springfield
  
  Registruj se da bi pohvalio/la poruku!

Pozdrav kuzmar!









Dodatna provera ...


Preuzmi instalaciju za program Malwarebytes Anti-Malware sa sledećeg linka:
http://www.besttechie.net/tools/mbam-setup.exe

Dvoklikom pokreni instalaciju - na samom kraju procesa, proveri da su obeležene opcije:
Update Malwarebytes' Anti-Malware;
Launch Malwarebytes Anti-Malware;
a zatim klikni Finish.

Nakon završenog ažuriranja program će se pokrenuti.

Izaberi opciju Perform Quick Scan i klikni Scan.

Po završetku procesa klikni OK, Show Results: u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected.

Po završetku procesa, logfile će se otvoriti u Notepad-u; iskopiraj ga u temu na forumu.
Ukoliko program zatraži restart kako bi se završio proces čišćenja, obavezno ga dozvoliti.

Napomena: ako dođe do restarta na kraju procesa čišćenja, logfile će biti dostupan na Logs kartici (obeleži ga i klikni Open).







Predlozi ....


- Deinstaliraj sve aplikacije koje ne koristis (start -> control panel -> Add or Remove programs);
- Imas instaliran Adobe Acrobat 5.0 koji je prastara verzija podlozna malware-u. Preporucujem ti da je deinstaliras s'obzirom da imas instaliranu i alternativu a to je Foxit Reader;
- Deinstaliraj ukoliko ne koristis sledece toolbar-ove: Ask Toolbar, BrotherSoft Extreme Toolbar, Conduit Engine, McAfee Security Scan Plus, Skype Toolbars, Winamp Toolbar;
- Imas instaliran Open Office i Microsoft Office. Svakako jedan paket trebas deinstalirati;
- Defragmentuj hard disk;
- Procisti sistem nekim registry i junk cleanerom tipa CCleaner i Vit Registry Fix;
- Sredi startup sekciju svog racunara (start -> run -> msconfig -> kartica StartUp. Destikliraj sve sem Anti-Virusa i programa koje zelis da ti se startuju sa sistemom; sto vise programa, to sporiji sistem);
- Update-uj Java-u na racunaru. Poseti sledecu temu: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html









goran9888 (AMF Tim)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 28 Feb 2011 20:59

Hvala. Pa da krenem u akciju.

Dopuna: 01 Mar 2011 15:20

Malwarebytes' Anti-Malware 1.46
malwarebytes.org

Verzija baze: 4052

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

1.3.2011 15:19:30
mbam-log-2011-03-01 (15-19-30).txt

Naèin skeniranja: Brzo skeniranje
Skeniranih objekata 114838
Proteklo vreme 3 minuta(e), 50 sekundi

Inficirani procesi u memoriji: 0
Inficirani moduli u memoriji: 0
Inficirani kljuèevi u registru: 1
Inficirane vrednosti u registru: 0
Inficirani podaci u registru: 0
Inficirane fascikle: 0
Inficirane datoteke: 1

Inficirani procesi u memoriji:
(Maliciozne stavke nisu pronaðene)

Inficirani moduli u memoriji:
(Maliciozne stavke nisu pronaðene)

Inficirani kljuèevi u registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.

Inficirane vrednosti u registru:
(Maliciozne stavke nisu pronaðene)

Inficirani podaci u registru:
(Maliciozne stavke nisu pronaðene)

Inficirane fascikle:
(Maliciozne stavke nisu pronaðene)

Inficirane datoteke:
D:\Program Files\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Tvoj racunar je cist sto se malware-a tice.



U svakom slucaju, tebi treba aplikacija putem koje ces ti videti koji to procesi (od koje aplikacije) vucu download. Putem DU Metar-a, ti to ne mozes videti.

Programi koji bi ti mogli biti od pomoci su: Net Balancer ili Net Limiter.

http://www.seriousbit.com/netbalancer/
http://www.netlimiter.com/



Ukoliko imas bilo kakva pitanja otvori novu temu u odgovarajucem potforumu, jer ovde problem nije do malware-a.





----------------------------------------------------

- Preporucujem ti da instaliras Service Pack 3 za Windows XP tj. update-ujes svoj Operativni Sistem. Necu govoriti o njegovim prednostima u odnosu na Service Pack 2. Te informacije mozes naci na MS-ovom sajtu. Uglavnom, MS je 13.jula 2010 prekinuo podrsku za Service Pack 2 koji je instaliran na tvom racunaru.

Sta to znaci? Pogledaj link: http://windows.microsoft.com/en-US/windows/help/what-does-end-of-support-mean;

**** Ukoliko se odlucis na ovaj korak (instaliranje SP3), preporucujem ti da prethodno uradis backup svih bitnih podataka.



- Toplo ti preporucujem da za zastitu USB memorijskih uredjaja koristis MCShield. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja.

Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan.


Home Page MCShield-a: http://amf.mycity.rs/programs/mc/mcshield/

Vise o MCShield-u mozes saznati u ovoj temi: http://www.mycity.rs/Antispyware-programi/MCShield.html





----------------------------------------

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 01 Mar 2011 15:39

Malware sam skinuo i odradio, izvestaj je gore postavljen. Neke startne programe sam uklonio kao i neke programe koje ne koristim ali iako sam hteo da iz startnih programa uklonim (deaktiviram) i Webshot aplikacije i obelezio ih one su i dalje prisutne.
Adobe Acrobat 5.0 je uklonjen, medjutim na listi programa ne mogu da pronadjem Ask Toolbar i Conduit Engine.

Open Office je takodje uklonjen i izvrsena defragmentacija particija C, D i E, ostala je jos da se odradi F particija. Odradio sam CCleaner, i posetio link u vezi Jave itd. I to sam odradio osim 2 stvari, nisam fiksirao windows media pleyer (koji inace i ne koristim) i Microsoft Windows XP Professional (posto mi nije legalan, pa racunam da nesto ne zeznem sam sebe ili me oni zeznu).

Ako kazete da je ok da i to fiksiram no problemo odradicu.

Dopuna: 01 Mar 2011 15:41

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

O nelegalnim stvarima necemo da diskutujemo.


Procitaj PRAVILNIK MyCity foruma!



Dao sam ti sve potrebne smernice u prethodnoj poruci tako da u ovoj temi zavrsavamo dalju diskusiju.










Pozdrav,
goran9888 (AMF Tim)