[trayde]

Nedavno sam promijenio davatelja internet tako da sam mogao bolje GT brzinu. Od tada moj računalo je zamrzavanje. moj dvd voziti djela poput svojih pokušavate čitati, ali nema ništa u njoj, miš navika funkcionirati i ja morati isključiti računalo.
Imam trčanje skenira za virus i spyware uklonjen imam neki programi Mislio svibanj biti uzrok tome. ali ja se čuva događa. Tada sam mislio da će mi miht BitTorrent Downloader ali je smrznuta kada sam hve ne koristite.
ugoditi pomoć mene.
tvrtke Compaq presario sr5240an
AMD 64x2 dual core
3gb ram
320gb hdd

[Hybr! D]

Šanse su da se pomoću bitttorrent imate popunjen računalu sa spyware i virusa.

Imam preselio svoj post na taj forum, napišite hijackthis log i možemo početi.

Također ćete trebati ukloniti BitTorrent klijent prije nego što će dobiti pomoć ovdje, kao što su oni u osnovi koristi za ilegalne downloads.

[trayde]

Imam skenirani za viruse i spyware i ukloniti sve prijetnje i programi koji svibanj uzrok ovog uključujući BitTorrent računalni program još freezes pomoć.

[Hybr! D]

Morate napisati hijackthis log da bismo mogli vidjeti što nije u redu, ako ništa.

[Hybr! D]

HijackThis

Koristite Hijackthis (HJT) samo nakon popunjavanju iznad scans.

Preuzmite i preimenovanje HijackThis (HJT)

• Dvaput kliknite na HJTInstall.
• Kliknite na Instalacija gumb.
• Bit će automatski HJT mjesto u C: \ Program Files \ TrendMicro \ HijackThis \ HijackThis.exe
• Nakon instaliranja, HijackThis trebali otvoriti za vas.
  • Zatvoriti HijackThis i preimenovati ga.
  • Idi na C: \ Program Files \ Trend Micro \HijackThis.exe
  • Desnom tipkom miša kliknite na HijackThis.exe i odaberite Preimenovanje
  • Upišite sniper.exe i pritisnite Enter
  • Desnom tipkom miša kliknite na sniper.exe i odaberite Pošalji na > Desktop (stvoriti prečac)
• Iz otvorenih Hijackthis desktop.
• Ako koristite Windows Vista, Desni klik i Pokreni kao administrator
• Kliknite na Da li je sustav skenirati i spremanje log datoteku
• Hijackthis će skenirati a zatim i prijava će se otvoriti u Notepad.
• Kopirajte i zalijepite onda cijeli sadržaj se prijaviti u vaš post.
  • Ne Hijackthis su riješili ništa još. Većina onoga što će se pronađe bezopasni ili čak obavezna.

Napomena: Iako smo Preimenovali Hijackthis da snajper, mi ćemo i dalje se odnosi na to kako je Hijackthis ili HJT.

[trayde]

Ups

[trayde]

učinio sam na ovoj i kidnapovati posted rezultate ali to nije ljepljiv na thread

[trayde]

Logfile of Trend Micro HijackThis v2.0.2
Scan spremljena u 7:06:00, na 20/05/2008
Platforma: Windows Vista SP1 (Winnt 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Pokretanje procesa:
C: \ Windows \ system32 \ Dwm.exe
C: \ Windows \ Explorer.exe
C: \ Windows \ system32 \ taskeng.exe
C: \ Program Files \ WinFast \ WFDTV \ WFWIZ_vista.exe
C: \ hp \ SUPPORT \ hpsysdrv.exe
C: \ Program Files \ Hewlett-Packard \ OSD na ekranu Indicator \ OSD.exe
C: \ Windows \ RtHDVCpl.exe
C: \ Program Files \ Grisoft \ AVG7 \ avgcc.exe
C: \ Windows \ System32 \ rundll32.exe
C: \ Windows \ ehome \ ehtray.exe
C: \ Program Files \ NETGEAR \ MA111 Configuration Utility \ wlancfg4.exe
C: \ Windows \ ehome \ ehmsas.exe
C: \ Windows \ System32 \ rundll32.exe
C: \ Windows \ system32 \ jusched.exe
C: \ Windows \ System32 \ mobsync.exe
C: \ hp \ kbd \ kbd.exe
C: \ Program Files \ Windows Media Player \ wmpnscfg.exe
C: \ Program Files \ WinFast \ WFDTV \ DVBTAP.exe
C: \ Program Files \ Internet Explorer \ ieuser.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WLLoginProxy.exe
C: \ Windows \ system32 \ Macromed \ flash \ FlashUtil9e.exe
C: \ Windows \ system32 \ SearchFilterHost.exe
C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Postavke, ProxyOverride = *. lokalne
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
O1 - Hosts::: 1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_01 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O4 - HKLM \ .. \ Run: [Windows Defender]% ProgramFiles% \ Windows Defender \ MSASCui.exe-hide
O4 - HKLM \ .. \ Run: [hpsysdrv] c: \ hp \ SUPPORT \ hpsysdrv.exe
O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KbdStub.EXE
O4 - HKLM \ .. \ Run: [OsdMaestro] "C: \ Program Files \ Hewlett-Packard \ OSD na ekranu Indicator \ OSD.exe"
O4 - HKLM \ .. \ Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM \ .. \ Run: [HP Health Check Planer] C: \ Program Files \ Hewlett-Packard \ HP Health Check \ HPHC_Scheduler.exe
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / StartUp
O4 - HKLM \ .. \ Run: [PC Suite za smartfone] "C: \ Program Files \ Sony Ericsson \ Mobile4 \ Application Launcher \ Application Launcher.exe" / startoptions
O4 - HKLM \ .. \ Run: [Internet Explorer Poslužitelj Sadržaj] C: \ Program Files \ Internet Explorer \ Plugins \ cssrrh.exe
O4 - HKLM \ .. \ Run: [NvSvc] RUNDLL32.EXE C: \ Windows \ system32 \ nvsvc.dll, nvsvcStart
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ Windows \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ Windows \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [WinFast Schedule] C: \ Program Files \ WinFast \ WFTVFM \ WFWIZ.exe
O4 - HKLM \ .. \ RunOnce: [WinFast Schedule] C: \ Program Files \ WinFast \ WFDTV \ WFWIZ.exe
O4 - HKLM \ .. \ RunOnce: [WinFast Schedule2] C: \ Program Files (x86) \ WinFast \ WFDTV \ WFWIZ.exe
O4 - HKLM \ .. \ RunOnce: [WinFast Schedule3] C: \ Program Files \ WinFast \ WFTVFM \ WFWIZ.exe
O4 - HKLM \ .. \ RunOnce: [WinFast Schedule4] C: \ Program Files (x86) \ WinFast \ WFTVFM \ WFWIZ.exe
O4 - HKCU \ .. \ Run: [ehTray.exe] C: \ Windows \ ehome \ ehTray.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [AVG7_Run] C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [AVG7_Run] C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'Default user')
O4 - Global Startup: MA111 konfiguraciju Utility.lnk =?
O8 - Extra kontekst meni stavka: E & zvezi u Microsoft Excel - res: / / C: \ programa ~ 1 \ MICROS ~ 3 \ Office12 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_01 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_01 \ bin \ ssv.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ programa ~ 1 \ MICROS ~ 3 \ Office12 \ REFIEBAR.DLL
O13 - smolastoga Prefiks:
O16 - DPF: (6B75345B-AA36-438A-BBE6-4078B4C6984D) (HpProductDetection Class) -- http://h20270.www2.hp.com/ediags/gmn...tDetection.cab
O20 - AppInit_DLLs: C: \ Windows \ sysload32vh.dll
O20 - Winlogon Obavijesti: avgwlntf - C: \ Windows \ System32 \ avgwlntf.dll
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, sro - C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, sro - C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
O23 - Service: AVG7 Resident štit Service (AvgCoreSvc) - GRISOFT, sro - C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, sro - C: \ programa ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
O23 - Service: Id_String1.6844F930_1628_4223_B5CC_5BB94B879762 # # # # (Bonjour Service) - Apple Computer, Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Program Files \ Common Files \ Macrovision Shared \ FLEXnet Izdavač \ FNPLicensingService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C: \ Program Files \ Hewlett-Packard \ HP Health Check \ hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1150 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Označavanje Service (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C: \ Program Files \ Common Files \ Roxio Shared \ 9,0 \ SharedCOM \ RoxMediaDB9.exe
O23 - Service: Spyware Terminator stvarnom štit Service (sp_rssrv) - Crawler.com - C: \ Program Files \ Spyware Terminator \ sp_rsser.exe
O23 - Service: stllssvr - MicroVision Development, Inc - c: \ Program Files \ Common Files \ SureThing Shared \ stllssvr.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc - C: \ Program Files \ Common Files \ Ulead Systems \ DVD \ ULCDRSvr.exe
O23 - Service: XAudioService - Conexant Systems - C: \ Windows \ System32 \ Drivers \ xaudio.exe
--
End of file - 7880 bytes

[evilfantasy]

To ne izgledaju previše loš ali ima nekoliko upitno unosa potražite u.

• Važno: Rad korake u cilju.
• Ako ne razumijete korak zaustaviti i pitati!
• Imajte na sva pitanja / odgovora u istom nit.
• Nastavi da odgovori dok s obzirom na sve je jasno.

Hijackthis Otvori, a zatim odaberite Da li je sustav skenirati samo.

Stavite oznaku uz sljedeće stavke: (ako postoji)

O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)

Važno: Zatvori sve prozore osim Hijackthis a zatim kliknite Fix checked.

Izlaz Hijackthis.

----------

Download Combofix by sUBs jedan od linkova ispod.
(Isprobajte sve tri ako je potrebno)

• Link # 1
• Link # 2
• Link # 3

Važno! Combofix.exe MORA biti spremljene i otrča iz Desktop.

• Zatvori otvoriti bilo koju web preglednicima. (Firefox, Internet Explorer, etc) prije početka Combofix.
• Važno! Privremeno onemogućiti tvoj AntiVirus, Skripta za blokiranje i bilo koji protušpijunskih Zaštita u stvarnom vremenu prije obavlja scan.
  • Kliknite ovaj link da biste vidjeli popis sigurnosne programe, koji bi trebao biti onemogućen i kako onemogućiti ih.
  • Ako tvoj nije na popisu, a vi ne znate kako ga isključiti, molimo pitati.
• Upozorenje: Combofix disconnects vašem računalu s Interneta. Se veza automatski obnovljena prije Combofix izvrši njegove vožnji.
• Dvaput kliknite combofix.exe i slijedite upute.
  • Odaberite Da da biste prihvatili Disclaimers.[
• Kada završite, on će proizvesti prijava za vas.
• Pošta da se prijavite u vaš sljedeći odgovor.

Upozorenje: Ne mouseclick combofix's prozor dok je pokrenut. To svibanj uzrokovati da se štala

• Ako Combofix prometuje na poteškoće i prestaje preuranjeno, veza može biti ručno restored by ponovo pokrenuti računalo.
• Važno: Ne zaboravite ponovo uključili vaš protuvirusni i protušpijunski prije reconnecting na Internet.

Ako je potrebno, pogledajte ovo Combofix tutorial screenshot sa detaljima koje će se preuzeti i vođenje combofix više temeljito.

----------

Next post molimo dodaj
Combofix log

[trayde]

hvala hrpe radili.
računalo sada prikazuju ispravno.