Malware ili Hardware problem

Malware ili Hardware problem

offline
  • Pridružio: 21 Apr 2008
  • Poruke: 102
  • Gde živiš: Maklosevac, Nasice, Hrvatska

Pozdrav svima!

U zadnja 2 dana mi se veza sa internetom dosta usporila. Ja nisam siguran da li je nesto uletilo od "internet smeca" ili je problem u samoj mojoj konkciji sa internetom. Zato vas molim za pomoc, ako nije problem. Internet brzina mi je oko 5 kbs normalno, ali sad je nesto sporija na oko pola toga. I sto je najvaznije, skoro svaki puta dodje do kratkog zastoja u komunikaciji sa net-om, tj. nema standardne konstantnosti.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:44:35, on 21.5.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
C:\Program Files\Netropa\Onscreen Display\OSD.exe
C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Trend Micro\HijackThis\zr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = start/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = crawler.com/search/ie.aspx?tb_id=60327
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe

--
End of file - 3873 bytes

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Pozdrav...


Log je čist, a ako želiš dodatnu proveru, instaliraj antivirus i odradi skeniranje (to je obično prilično dobar način za proveru kompjutera na malware).

offline
  • Pridružio: 21 Apr 2008
  • Poruke: 102
  • Gde živiš: Maklosevac, Nasice, Hrvatska

Napisano: 21 Maj 2009 15:20

Imao sam do sada PC-Cillin, Avast i AVG i uvjek je nesto prolazilo pokraj njih (naravno niti jednom nisu oba dva bila instalirana zajedno). Otkad koristim sam Spybot, puno bolje obavlja svoj posao. Imam ga vec 6 mjeseci samog i do sada, u tih 6 mjeseci nije bilo problema. Nasao sam neke nove fileove u CF Logu za koje nisam siguran da li su legitimni. Pa ako moze mala pomoc.


((((((((((((((((((((((((( Files Created from 2009-04-21 to 2009-05-21 )))))))))))))))))))))))))))))))
.
2009-05-08 14:19 . 1998-04-23 20:00 123664 ----a-w c:\windows\system32\msjint35.dll
2009-05-08 14:19 . 1999-09-28 14:42 1050896 ----a-w c:\windows\system32\msjet35.dll
2009-05-08 14:19 . 1998-04-23 20:00 24848 ----a-w c:\windows\system32\msjter35.dll
2009-05-08 14:19 . 1998-04-26 20:00 570128 ----a-w c:\windows\system32\dao350.dll
2009-05-01 15:40 . 2004-03-09 14:36 89360 ----a-r c:\windows\system32\VB5DB.DLL
2009-04-23 13:00 . 2001-08-17 20:36 5632 ----a-w c:\windows\system32\ptpusb.dll
2009-04-23 13:00 . 2004-08-03 22:56 159232 ----a-w c:\windows\system32\ptpusd.dll

Dopuna: 23 Maj 2009 18:08

Hvala na trudu! Ali snaso sam se. Fileovi su legitimni.

Ko je trenutno na forumu
 

Ukupno su 978 korisnika na forumu :: 35 registrovanih, 13 sakrivenih i 930 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., antonije64, bojcistv, Boris90, Brana01, Cassius Clay, cvrle312, Dimitrije Paunovic, Dorcolac, Ivica1102, Još malo pa deda, Karla, Krvava Devetka, Lieutenant, loon123, Lord Nem, Metanoja, milutin134, Misirac, Mitraljeta, Mixelotti, naki011, nenad81, pera bager, powSrb, procesor, S2M, Srle993, Steeeefan, vladulns, Yugol33, zbazin, zlaya011, |_MeD_|, 79693