Skriveni Virus?
Prikazujem rezultate 1 do 7 od 7

Tema: Skriveni Virus?

  1. #1
    Obećava TheWisher (avatar)
    Učlanjen
    24.09.2006.
    Pol
    muški
    Poruke
    88
    Reputaciona moć
    42

    Podrazumevano Skriveni Virus?

    Na mom kompu ima nešto što mi ne dozvoljava da na netu budem više od 10 min i što mi znatno usporava vezu! Kasperski i sa najnovijim definicijama ga ne detektuje...
    Molim one koji se razumeju da mi pomognu u razotkrivanju nepoželjnih stvari!
    Evo postavljam HijackThis Log, pa mi napišite koje stavke da obrišem...
    Obratite pažnju na outpost.exe /waitservice i /dumps_startup na mom Firewallu! Tek to je sumnjivo! Ali prepuštam vama... Puno hvala

    Logfile of HijackThis v1.99.1
    Scan saved at 3:07:15 PM, on 6/27/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Media Key\MagicKey.exe
    C:\Program Files\Media Key\OSD.EXE
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
    C:\Program Files\Executive Software\Diskeeper\DkService.exe
    C:\Program Files\Borland\InterBase Corp\bin\ibguard.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Virtual CD v4\System\vcdsecs.exe
    C:\Program Files\Borland\InterBase Corp\bin\ibserver.exe
    C:\Program Files\Opera\Opera.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\korisnik\Desktop\Konfigurisanje\HijackThi s\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
    O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Encarta Web Companion Helper Object - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O2 - BHO: (no name) - {A0DFD26D-9FC1-491E-9062-9F44963E8102} - (no file)
    O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
    O3 - Toolbar: (no name) - {EC52BEDA-CCF3-45E1-AFFD-03618DB9F10A} - (no file)
    O3 - Toolbar: Encarta Web Companion - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O3 - Toolbar: Protection Bar - {bf1ced2c-4b3f-4079-a330-864eda5a4cff} - (no file)
    O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
    O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dumps_startup
    O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Run a DLL as an App] C:\WINDOWS\system32\rundll32.exe
    O4 - Global Startup: Media Key.lnk = C:\Program Files\Media Key\MagicKey.exe
    O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
    O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_10\bin\npjpi142_10.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_10\bin\npjpi142_10.dll
    O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
    O12 - Plugin for .cdx: C:\Program Files\Internet Explorer\PLUGINS\Npcdp32.dll
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: {75DC891D-D4CB-48f7-BDD1-C1E56C64250E} - C:\WINDOWS\
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ATI Technologies Inc. - (no file)
    O23 - Service: AVP Control Centre Service (AVPCC) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe" /service (file missing)
    O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InterBase Guardian (InterBaseGuardian) - InterBase Software Corp. - C:\Program Files\Borland\InterBase Corp\bin\ibguard.exe
    O23 - Service: InterBase Server (InterBaseServer) - InterBase Software Corp. - C:\Program Files\Borland\InterBase Corp\bin\ibserver.exe
    O23 - Service: KAV Monitor Service (KAVMonitorService) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpm.exe" /service (file missing)
    O23 - Service: License Management Service ESD - element5 - C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe
    O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
    O23 - Service: Power Manager (PowerManager) - Unknown owner - (no file)
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: VCDSecS - H+H Software GmbH - C:\Program Files\Virtual CD v4\System\vcdsecs.exe



  2. #2
    Aktivan član dr_Bora (avatar)
    Učlanjen
    27.12.2004.
    Pol
    muški
    Poruke
    1.248
    Reputaciona moć
    60

    Podrazumevano Re: Skriveni Virus?

    Ovo se čini OK. Mada mi se čini da je pre bilo nekog malware-a . Treba da preimenuješ HijackThis ( u bilo šta ) i onda opet postavi log. Takođe pronađi C:\WINDOWS\system32\rundll32.exe i napiši nam tačnu veličinu fajla ( to tražim jer ne vidim tačno čemu služi ovde ).
    Što se tiče Outposta, to je u redu. Command line treba da izgleda tako.

  3. #3
    Obećava TheWisher (avatar)
    Učlanjen
    24.09.2006.
    Pol
    muški
    Poruke
    88
    Reputaciona moć
    42

    Podrazumevano Re: Skriveni Virus?

    rundll.exe je 32.5 kb... Preimenovao sam i evo:

    Logfile of HijackThis v1.99.1
    Scan saved at 4:46:11 PM, on 6/27/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Media Key\MagicKey.exe
    C:\Program Files\Media Key\OSD.EXE
    C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
    C:\Program Files\Executive Software\Diskeeper\DkService.exe
    C:\Program Files\Borland\InterBase Corp\bin\ibguard.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Virtual CD v4\System\vcdsecs.exe
    C:\Program Files\Borland\InterBase Corp\bin\ibserver.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Opera\Opera.exe
    C:\Program Files\TC PowerPack\totalcmd.exe
    C:\Documents and Settings\korisnik\Desktop\Konfigurisanje\HijackThi s\OsakacenaDivokoza.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
    O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Encarta Web Companion Helper Object - {955BE0B8-BC85-4CAF-856E-8E0D8B610560} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O2 - BHO: (no name) - {A0DFD26D-9FC1-491E-9062-9F44963E8102} - (no file)
    O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
    O3 - Toolbar: (no name) - {EC52BEDA-CCF3-45E1-AFFD-03618DB9F10A} - (no file)
    O3 - Toolbar: Encarta Web Companion - {147D6308-0614-4112-89B1-31402F9B82C4} - C:\Program Files\Common Files\Microsoft Shared\Encarta Web Companion\ENCWCBAR.DLL
    O3 - Toolbar: Protection Bar - {bf1ced2c-4b3f-4079-a330-864eda5a4cff} - (no file)
    O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
    O4 - HKLM\..\Run: [OutpostFeedBack] C:\Program Files\Agnitum\Outpost Firewall\feedback.exe /dumps_startup
    O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Run a DLL as an App] C:\WINDOWS\system32\rundll32.exe
    O4 - Global Startup: Media Key.lnk = C:\Program Files\Media Key\MagicKey.exe
    O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
    O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_10\bin\npjpi142_10.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_10\bin\npjpi142_10.dll
    O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
    O12 - Plugin for .cdx: C:\Program Files\Internet Explorer\PLUGINS\Npcdp32.dll
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{EC39EA3D-2078-4579-8E68-CAA234365E7F}: NameServer = 194.106.162.2 194.106.162.3
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: {75DC891D-D4CB-48f7-BDD1-C1E56C64250E} - C:\WINDOWS\
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ATI Technologies Inc. - (no file)
    O23 - Service: AVP Control Centre Service (AVPCC) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe" /service (file missing)
    O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InterBase Guardian (InterBaseGuardian) - InterBase Software Corp. - C:\Program Files\Borland\InterBase Corp\bin\ibguard.exe
    O23 - Service: InterBase Server (InterBaseServer) - InterBase Software Corp. - C:\Program Files\Borland\InterBase Corp\bin\ibserver.exe
    O23 - Service: KAV Monitor Service (KAVMonitorService) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpm.exe" /service (file missing)
    O23 - Service: License Management Service ESD - element5 - C:\Program Files\Common Files\element5 Shared\Service\Licence Manager ESD.exe
    O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Program Files\Agnitum\Outpost Firewall\outpost.exe
    O23 - Service: Power Manager (PowerManager) - Unknown owner - (no file)
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: VCDSecS - H+H Software GmbH - C:\Program Files\Virtual CD v4\System\vcdsecs.exe

    I?
    Mislim da se razlikuju u O17 - HKLM\System\CCS\Services\Tcpip\..\{EC39EA3D-2078-4579-8E68-CAA234365E7F}: NameServer = 194.106.162.2 194.106.162.3
    Poslednji put ažurirao/la TheWisher : 27.06.2007. u 16:50

  4. #4
    Aktivan član dr_Bora (avatar)
    Učlanjen
    27.12.2004.
    Pol
    muški
    Poruke
    1.248
    Reputaciona moć
    60

    Podrazumevano Re: Skriveni Virus?

    Ovo su neispravne reference i mogu se ukloniti:
    O2 - BHO: (no name) - {57E218E6-5A80-4f0c-AB25-83598F25D7E9} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {A0DFD26D-9FC1-491E-9062-9F44963E8102} - (no file)
    O3 - Toolbar: (no name) - {EC52BEDA-CCF3-45E1-AFFD-03618DB9F10A} - (no file)
    O3 - Toolbar: Protection Bar - {bf1ced2c-4b3f-4079-a330-864eda5a4cff} - (no file)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)
    O23 - Service: Power Manager (PowerManager) - Unknown owner - (no file)
    Evo me najviše zanimalo:
    O4 - HKCU\..\Run: [Run a DLL as an App] C:\WINDOWS\system32\rundll32.exe
    Po veličini i po činjenici da nije među aktivnim procesima, može se pretpostaviti da nije malware. No, sa ovakvom komandnom linijom, definitivno ne služi ničemu. Verovatno je zaostalo nakon neke deinstalacije. Stoga ukloni i to.
    Znači, ovde nema ništa konkretno. Bar ja ništa ne vidim. Sačekaj još koje mišljenje...
    Nego, zar nisi rekao da sa novim modemom sve radi?

  5. #5
    Obećava TheWisher (avatar)
    Učlanjen
    24.09.2006.
    Pol
    muški
    Poruke
    88
    Reputaciona moć
    42

    Podrazumevano Re: Skriveni Virus?

    E, jel mi veruješ da čim sam napisao da je sve ok, diskonektovalo mi je! Odmah sam pomislio da je virus... I kasnije mi diskonektovalo nekoliko puta ali znatno kasnije, posle oko 15 min neta.... Sad mi ređe diskonektuje, ali ipak diskonektuje! Pa sam hteo da proverim to... Ali nema vez... Pokušaću da izdržim sa ovakvom konekcijom do oktobra...

  6. #6
    Zainteresovan član marko antonije (avatar)
    Učlanjen
    03.11.2005.
    Pol
    muški
    Lokacija
    *****
    Poruke
    168
    Reputaciona moć
    46

    Podrazumevano Re: Skriveni Virus?

    Ajde da se i ja nadovezem, iz preventivnih razloga TheWisher skini Dr.Web Cureit!, smesti ga na desktopu i sa njim skeniraj kompjuter na sledeci nacin:
    • udji u Safe Mode,
    • dvoklikom pokreni cureit.exe nakon cega ce se pojaviti uvodni prozor, onda pretisni dugme Start,
    • opet ce se pojaviti jos jedan prozor, izaberi OK,
    • sacekaj nekoliko minuta da Dr.Web izvrsi uvodno skeniranje memorije,
    • klikom misa obelezi particije za skeniranje, obelezene su kada se na njima nalazi crvena loptica,
    • u gornjem levom uglu programa idi na Options->Change settings F9 i uradi kao sto je objasnjeno na slici -> ovde,
    • na desnoj strani programa pretisni Start i Dr.Web ce zapoceti skeniranje.

  7. #7
    Zainteresovan član marko antonije (avatar)
    Učlanjen
    03.11.2005.
    Pol
    muški
    Lokacija
    *****
    Poruke
    168
    Reputaciona moć
    46

    Podrazumevano Re: Skriveni Virus?

    Pre negoli skeniras komp Dr.Webom uradi ovo, jer strasno me interesuje da li ce se veza opet diskonektovati. TheWisher udji u Safe Mode with Networking, predpostavljam da znas kako, ali za svaki slucaj:
    • restartuj kompjuter,
    • prilikom dizanja sistema pretiskaj uporno dugme F8,
    • pojavice se crna pozadina sa opcijama, od kojih je jedna Safe Mode with Networking,


    Pokusaj sto duze da surfujes ovako, da vidimo da li ce opet veza da ti se diskonektuje, naravno u Safe Mode with Networking stalna zastita tvog antivirusa kao i sam firewall nece raditi, te nemoj da posecujes svakakve sajtove, sajtove sa nekim tetama na primer.
    Poslednji put ažurirao/la marko antonije : 28.06.2007. u 10:30

Slične teme

  1. Skriveni keshijer
    Autor sinnke u forumu Ljubav i seks
    Odgovora: 23
    Poslednja poruka: 22.05.2008., 14:12
  2. Skriveni GLASAChI
    Autor sceliano u forumu Politika
    Odgovora: 24
    Poslednja poruka: 18.01.2008., 21:50
  3. skriveni pozivi sa 064
    Autor steplight u forumu Mobilna telefonija
    Odgovora: 7
    Poslednja poruka: 14.04.2007., 22:53
  4. Skriveni brojevi
    Autor Zeone u forumu Mobilna telefonija
    Odgovora: 1
    Poslednja poruka: 28.03.2005., 11:15
  5. Skriveni poziv
    Autor Mico1 u forumu Mobilna telefonija
    Odgovora: 3
    Poslednja poruka: 24.01.2004., 15:11

Pravila za slanje poruka

  • Ne možete kreirati novu temu
  • Ne možete poslati odgovor
  • Ne možete dodati priloge
  • Ne možete prepraviti svoju poruku
  •