MyCity » Ambulanta -> Arhiva Ambulante » Logfile na pregled

Logfile na pregled

Napisano na dan: 5.1.2008

Logfile na pregled

Sledeća strana

Pagination

Odgovori

nirre Poslao: 05 Jan 2008 16:56 Idi na vrh
offline nirre Super građanin Pridružio: 26 Mar 2005 Poruke: 1489 Gde živiš: Podgorica	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ljudi imam sledeci prob,naime kada se konektujem na net(samo tada) meni komp zna da zablokira(ne svaki put) i to ga drzi debelih 5-10min i za to vrijeme ne mogu nista da otvorim i onda nakon 5-10min sve se vrati u normalu.Komp sam skenirao sa NOD32 i nista nije nasao(I u safe mode).Isto sam skenirao sa nekim spyware prog ali nista. Takodje imam prob sa usporenim podizanjem sistema jer ona slicica NOD32 stoji minut dva i onda se ostale ikone pojave. Takodje isto da kazem da sam ranije koristio Kerio firewall I sklonio sam ga sada kada imam ESS ali prije vidim da je kerio u Services,pa kako ga otkloniti ili jednostavno da stavim disable. Log od HT Logfile of HijackThis v1.99.1 Scan saved at 16:39:53, on 1/5/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Program Files\ESET\ESET Smart Security\ekrn.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\ESET\ESET Smart Security\egui.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE D:\Documents and Settings\erin\My Documents\Erin\Windows\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Link mogu videti samo ulogovani korisnici] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Link mogu videti samo ulogovani korisnici] R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [Link mogu videti samo ulogovani korisnici] R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program Files\MP3 Player Utilities 4.00\AMVConverter\grab.html O8 - Extra context menu item: Add to Media Manager... - C:\Program Files\MP3 Player Utilities 4.00\MediaManager\grab.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - [Link mogu videti samo ulogovani korisnici] O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Profil

dr_Bora Poslao: 06 Jan 2008 01:43 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Ovaj log ne pokazuje aktivne infekcije. Proverićemo još nešto... Skini ComboFix sa jedne od sledecih adresa: [Link mogu videti samo ulogovani korisnici] [Link mogu videti samo ulogovani korisnici] Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log koji ces nam ovde iskopirati.

Profil

nirre Poslao: 06 Jan 2008 16:48 Idi na vrh
offline nirre Super građanin Pridružio: 26 Mar 2005 Poruke: 1489 Gde živiš: Podgorica	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 08-01-04.1 - erin 2008-01-06 16:39:46.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.61 [GMT 1:00]Running from: D:\Documents and Settings\erin\My Documents\Download\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\_000004_.tmp.dll C:\WINDOWS\system32\_000006_.tmp.dll C:\WINDOWS\system32\_000008_.tmp.dll C:\WINDOWS\system32\_000009_.tmp.dll C:\WINDOWS\system32\_000013_.tmp.dll C:\WINDOWS\system32\_000016_.tmp.dll C:\WINDOWS\system32\_000017_.tmp.dll C:\WINDOWS\system32\_000018_.tmp.dll C:\WINDOWS\system32\_000024_.tmp.dll C:\WINDOWS\system32\_000111_.tmp.dll . ((((((((((((((((((((((((( Files Created from 2007-12-06 to 2008-01-06 ))))))))))))))))))))))))))))))) . 2008-01-06 16:39 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe 2008-01-06 16:32 . 2008-01-06 16:32 <DIR> d-------- C:\Program Files\Kerio 2008-01-05 16:31 . 2008-01-05 16:31 <DIR> d-------- C:\Program Files\Opera 9 2008-01-05 16:10 . 2008-01-05 16:10 250 --a------ C:\WINDOWS\gmer.ini 2008-01-02 23:08 . 2008-01-04 15:46 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-01-02 23:08 . 2008-01-02 23:08 1,409 --a------ C:\WINDOWS\QTFont.for 2008-01-02 15:05 . 2008-01-02 15:05 <DIR> d-------- C:\Program Files\Microsoft ActiveSync 2008-01-02 15:04 . 2008-01-02 15:05 <DIR> d-------- C:\WINDOWS\SHELLNEW 2008-01-01 16:16 . 2008-01-01 16:16 <DIR> d-------- C:\Documents and Settings\erin\Application Data\ESET 2008-01-01 16:14 . 2008-01-01 16:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\ESET 2007-12-31 15:10 . 2002-04-15 12:28 102,912 --------- C:\WINDOWS\system32\drivers\FWDRV.SYS 2007-12-31 14:19 . 2007-12-31 14:21 <DIR> d-------- C:\Program Files\MSECache 2007-12-31 13:58 . 2008-01-02 13:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help 2007-12-31 13:23 . 2007-12-31 13:23 <DIR> d-------- C:\Program Files\uTorrent 2007-12-31 13:23 . 2008-01-01 18:56 <DIR> d-------- C:\Documents and Settings\erin\Application Data\uTorrent 2007-12-11 20:23 . 2004-08-04 00:56 17,408 --a------ C:\WINDOWS\system32\msyuv.dll 2007-12-11 20:23 . 2004-08-04 00:56 17,408 --a--c--- C:\WINDOWS\system32\dllcache\msyuv.dll 2007-12-11 20:23 . 2001-08-17 22:36 8,192 --a------ C:\WINDOWS\system32\tsbyuv.dll 2007-12-11 20:23 . 2001-08-17 22:36 8,192 --a--c--- C:\WINDOWS\system32\dllcache\tsbyuv.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-31 14:10 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-12-05 20:46 --------- d-----w C:\Documents and Settings\erin\Application Data\Skype 2007-12-04 18:44 --------- d-----w C:\Program Files\MSN Messenger 2007-11-18 22:37 45,056 ----a-w C:\WINDOWS\NCUNINST.EXE 2007-11-18 18:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Advanced Chemistry Development 2007-11-17 13:20 --------- d-----w C:\Program Files\Aardvark Digital 2007-11-14 14:06 30,728 ----a-w C:\WINDOWS\system32\drivers\epfwtdir.sys 2007-11-14 14:04 27,656 ----a-w C:\WINDOWS\system32\drivers\easdrv.sys 2007-11-14 14:03 33,800 ----a-w C:\WINDOWS\system32\drivers\eamon.sys 2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys 2007-10-29 22:35 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll 2007-10-27 16:40 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-11-14 15:05 1410304] R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-11-14 15:06] R1 fwdrv;Kerio Personal Firewall Driver;C:\WINDOWS\system32\Drivers\fwdrv.sys [2002-04-15 12:28] R3 SNPHV71;PC Camera (602a VGA);C:\WINDOWS\system32\DRIVERS\snphv71.sys [2002-11-08 16:24] S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2004-12-16 12:36] Newly Created Service - PROCEXP90 . ************************************************************************ catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [Link mogu videti samo ulogovani korisnici] Rootkit scan 2008-01-06 16:41:47 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . Completion time: 2008-01-06 16:42:47 ComboFix-quarantined-files.txt 2008-01-06 15:42:21 . 2007-12-13 00:02:06 --- E O F ---

Profil

dr_Bora Poslao: 06 Jan 2008 17:07 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pokreni HT, skeniraj i čekiraj sledeću liniju: O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present Klikni Fix Checked. ------------------------------------------------------------------------------------- Ovde (više) nema malware-a. Kerio FW driver je još uvek aktivan i vrlo je moguće da dolazi do konflikta sa Eset-ovim FW-om. Kerio Personal Firewall Driver možeš staviti na Disabled i nakon toga restartuj PC. nirre ::Takodje imam prob sa usporenim podizanjem sistema jer ona slicica NOD32 stoji minut dva i onda se ostale ikone pojave. Ovo nije neobično - AV prosto vrši startup scan i to traje određeno vreme. Zatim... Iskljucivanje System Restore-a Na Desktopu, desni klik na My Computer. Odaberite Properties. Odaberite System Restore tab. Stiklirajte Turn off System Restore. Kliknite na dugme Apply. Kliknite na dugme OK. Restartuj PC. Ukljucivanje System Restore-a Na Desktopu, desni klik na My Computer. Odaberite Properties. Odaberite System Restore tab. Destiklirajte Turn off System Restore. Kliknite na dugme Apply. Kliknite na dugme OK. ------------------------------------------------------------------------------------- To je sve...

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Logfile na pregled

Ko je trenutno na forumu

Ukupno su 1089 korisnika na forumu :: 134 registrovanih, 15 sakrivenih i 940 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 15694 - dana 01 Feb 2026 12:23

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 10x10.9, 357magnum, Aleksandar Šljivar, ALEXV, ambra, AndrejPetar, asdfjklc, Automaticar, Avalon015, avijacija, baltazar01, Banovo Brdo, bb929, bojan_t, bojank, bojanstros9, Bojcca, bojcistv, Bombona, Borkanović, Boroš, BSD, bukefal, celt, cikadeda, CikaKURE, CraniumWhite, cyprus, darionis, darkkran, DeerHunter, dejan.7951, deLacy, Dimitrije Paunovic, DJUNTA, Dogma21, Dolinc, dozorni, dule10savic, DuškoMraz, Džekson, Feller, Fog of War, fugasa, glados, IpMan, Jecmendo, Joint Chief, K2, Kajzer Soze, kapela, Kenanjoz, Komanca, kovinacc, kybonacci, ladro, lcc, Leonov, Litostroton, LjubisaR, ljubsz, lucko1, Makarid, Manjane, Marko Marković, maxim_von_burdengate, Mcdado, mean_machine, mige84, Milan A. Nikolic, milenko crazy north, MILO-VAN, Milometer, milos1231, mishkooo, mm1811, Mrav Obrad, mrm, nenad81, Neutral-M, nikola11, nixos, pablojepao, Papadubi, pavle_pzs, Pero Petković, Petrusci, pisac12, Plavi Jadran, Prečanin30, proka1ng, Ray1973, read-only, Rebel Frank, RED4G-304, Robin, rodoljub, Salence74, samo_citam, Seeker, Sharpshooter, ShtagodShtagod, Sin Boskic, Sir Budimir, Sky diver 29, Solunac na steroidima, sova72, Srki98, Srpska zauvjek, Stefan M, tachinni, The_new_Statesman, TheDictator, theNedjeljko, Tila Painen, Toper, TRZH92, umpah-pah, vaso1, vathra, Velizar Laro, veljko82, vjetar, vladaa012, voja64, VPV, Vrač, vukajlo71, vuksa72, vzd1389, wizzardone, yorov, zoran-ruma, Đurđevdan

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by