Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.

Problem...Nesto, neka aplikacija, virus ili nesto trece se pokrene na sekundu i nestane?

[es] :: Zaštita :: Problem...Nesto, neka aplikacija, virus ili nesto trece se pokrene na sekundu i nestane?
(Zaključana tema (lock), by Aleksandar Maletic)

[ Pregleda: 2991 | Odgovora: 12 ] > FB > Twit

Postavi temu

Autor

Pretraga teme: Traži
Markiranje Štampanje RSS

ststeva
Stevan Stevanovic
Arandjelovac

Član broj: 91371
Poruke: 280
*.adsl.verat.net.



+21 Profil

icon Problem...Nesto, neka aplikacija, virus ili nesto trece se pokrene na sekundu i nestane?10.01.2012. u 15:10 - pre 148 meseci
U zadnje vreme je pocelo da me izludjuje, recimo u toku filma, ako ima jos neki otvoren prozor u pozadini on ga postavi ispred filma....
Ili kad radim u programu Virtual DJ u full screen rezimu i imam otvoren My computer(ili bilo koji drugi prozor) on ga izbaci iz full screena i pokaze ga...ili nekad ne samo ga izbaci iz full screen-a.
Kad nema nista otvoreno na svakih 15-estak minuta se otvori "nesto" pokaze u taskbar-u i nestane ne stignem da vidim sta je.
Skenirao sam sa Eset Smart Security i nista nije pronasao.

Sta moze da bude i kako da ga uklonim?


Ako sam promasio forum molim moderatore da pomere temu tamo gde ona odgovara.

Hvala!
DJ STEVASSY
 
0

Dashkes

Član broj: 90973
Poruke: 845



+27 Profil

icon Re: Problem...Nesto, neka aplikacija, virus ili nesto trece se pokrene na sekundu i nestane?10.01.2012. u 15:39 - pre 148 meseci
Skinite program HijackThis.
Kada ga preuzmete, preimenujte fajl u bilo sta, npr. “blabla.exe”. Pokrenite ga i kliknite “Do a system scan and save a logfile”. Taj log iskopirajte ovde. :)
 
0

ststeva
Stevan Stevanovic
Arandjelovac

Član broj: 91371
Poruke: 280
*.adsl.verat.net.



+21 Profil

icon Re: Problem...Nesto, neka aplikacija, virus ili nesto trece se pokrene na sekundu i nestane?10.01.2012. u 15:59 - pre 148 meseci
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:58:39 PM, on 1/10/2012
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Users\Stevassy\AppData\Local\Google\Update\1.3.21.79\GoogleCrashHandler.exe
C:\Program Files (x86)\DU Meter\DUMeter.exe
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Stevassy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Stevassy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Stevassy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Stevassy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Stevassy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Stevassy\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Stevassy\AppData\Local\Google\Chrome\Application\chrome.exe

D:\Downloads\loger.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [DU Meter] C:\Program Files (x86)\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Stevassy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia....ockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{401D9BBA-AF2A-45A0-B9DD-BBC6B0A60A16}: NameServer = 217.65.192.101 217.65.192.102
O17 - HKLM\System\CCS\Services\Tcpip\..\{F139CFDE-55D0-42B5-81AE-EE7AF57C5923}: NameServer = 217.65.192.101 217.65.192.102
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KLS Backup 2009 Professional Service (KLSBackup2009Pro) - KLS Soft - C:\Program Files (x86)\KLS Soft\KLS Backup 2009 Professional\klsbservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Scrybe Updater (ScrybeUpdater) - Synaptics, Inc. - C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Telenor Internet. OUC (Telenor Internet. RunOuc) - Unknown owner - C:\Program Files (x86)\Telenor Internet\UpdateDog\ouc.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIP_Serbia Wave Modem Device Helper - Unknown owner - C:\Program Files (x86)\Vip Internet\BackgroundService\ServiceManager.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12450 bytes

DJ STEVASSY
 
0

ststeva
Stevan Stevanovic
Arandjelovac

Član broj: 91371
Poruke: 280
*.aDSL.Verat.Net.



+21 Profil

icon Re: Problem...Nesto, neka aplikacija, virus ili nesto trece se pokrene na sekundu i nestane?10.01.2012. u 18:19 - pre 148 meseci
Evo i loga iz OTL-a
DJ STEVASSY
Prikačeni fajlovi
 
0

ststeva
Stevan Stevanovic
Arandjelovac

Član broj: 91371
Poruke: 280
*.aDSL.Verat.Net.



+21 Profil

icon Re: Problem...Nesto, neka aplikacija, virus ili nesto trece se pokrene na sekundu i nestane?10.01.2012. u 20:13 - pre 148 meseci
Aaaa koliko me je sad izludelo, klikcem nesto u exelu (koje kolone da mi izostavi u prikazu (ima jedno 200 kolona)) pojavi se to u taskbaru i sve sto sam selektovao mi ponisti....
DJ STEVASSY
 
0

Aleksandar Maletic
System administrator

Moderator
Član broj: 235887
Poruke: 1138
*.mbb.telenor.rs.



+89 Profil

icon Re: Problem...Nesto, neka aplikacija, virus ili nesto trece se pokrene na sekundu i nestane?10.01.2012. u 21:31 - pre 148 meseci
Napravi Screenshot tog prozora i okači ovde da vidimo o čemu se radi.
Ukoliko ne znaš da napraviš screenshot, postupak je sledeći:
Kada ti se pojavi na desktopu taj prozor pritisni taster PrintScreen.
Zatim otvori Paint, selektuj karticu Edit i odaberi Paste.
Sliku odnosno screenshot sačuvaj na desktopu i nakon toga je prikači ovde uz novu poruku.
A wolf is weaker than a lion and a tiger, but doesn't play in the circus.
 
0

ststeva
Stevan Stevanovic
Arandjelovac

Član broj: 91371
Poruke: 280
*.aDSL.Verat.Net.



+21 Profil

icon Re: Problem...Nesto, neka aplikacija, virus ili nesto trece se pokrene na sekundu i nestane?10.01.2012. u 21:49 - pre 148 meseci
Kako mislis da napravim screenshot kad se to pojavi na trenutak, milisekundu. Ako ide muzika ona secne.
DJ STEVASSY
 
0

Aleksandar Maletic
System administrator

Moderator
Član broj: 235887
Poruke: 1138
*.mbb.telenor.rs.



+89 Profil

icon Re: Problem...Nesto, neka aplikacija, virus ili nesto trece se pokrene na sekundu i nestane?10.01.2012. u 22:06 - pre 148 meseci
Preuzmi OSAM Autorun Manager, raskapuj ga i pokreni skeniranje.
Kada program završi sa skeniranjem sačuvaj log i kopiraj ga ovde.
A wolf is weaker than a lion and a tiger, but doesn't play in the circus.
 
0

ststeva
Stevan Stevanovic
Arandjelovac

Član broj: 91371
Poruke: 280
*.aDSL.Verat.Net.



+21 Profil

icon Re: Problem...Nesto, neka aplikacija, virus ili nesto trece se pokrene na sekundu i nestane?11.01.2012. u 09:59 - pre 148 meseci
evo loga
DJ STEVASSY
Prikačeni fajlovi
 
0

Dashkes

Član broj: 90973
Poruke: 845



+27 Profil

icon Re: Problem...Nesto, neka aplikacija, virus ili nesto trece se pokrene na sekundu i nestane?11.01.2012. u 10:15 - pre 148 meseci
Citat:
ststeva: evo loga

Log je čini mi se čist.
Jeste li pokušali da pogasite sve programe u pozadini pa da eliminacijom dođete do onog koji pravi problem? Primetio sam da imate KLS Backup 2009, da ne pravi on možda problem?

[Ovu poruku je menjao Dashkes dana 11.01.2012. u 11:28 GMT+1]
 
0

valjan
Janko Valencik
Software Deployer
Schneider Electric
Novi Sad

Moderator
Član broj: 158605
Poruke: 3531
*.dynamic.sbb.rs.



+553 Profil

icon Re: Problem...Nesto, neka aplikacija, virus ili nesto trece se pokrene na sekundu i nestane?11.01.2012. u 12:12 - pre 148 meseci
Jedan od načina da ga uhvatiš je da skineš SysInternalsov Process Explorer, pokreneš ga (ne instalira se) i pustiš ga da radi. Kada se pojavi taj tvoj proces, uđeš u Process Explorer i pogledaš sve one obeležene crvenom bojom, i to bi trebalo da je taj tvoj. Pod Options > Difference Highlight Duration možeš podesiti vreme u sekundama koliko dugo će novi procesi biti obojeni zelenom, odnosno ugašeni crvenom bojom, pa tu možeš podesiti malo duži timeout ako ti proces suviše brzo pobegne pa ga ni u Process Exploreru ne vidiš.

Preporučujem ti i da pod View > Select Columns odabereš i Image Path, olakšaće ti potragu za lokacijom odakle se pokrenuo, posle će ti biti lakše da po registryju tražiš gde se sve pojavljuje.
 
0

ststeva
Stevan Stevanovic
Arandjelovac

Član broj: 91371
Poruke: 280
*.adsl.verat.net.



+21 Profil

icon Re: Problem...Nesto, neka aplikacija, virus ili nesto trece se pokrene na sekundu i nestane?11.01.2012. u 15:47 - pre 148 meseci
Mislim da sam ga "uhvatio"
Pokretao se, ne znam zbog cega, update proces Telenor interneta.....
Uninstalirao sam ceo program jer ga ne koristim...za sad se ne desava ono sto se desavalo, ako se ponovi javicu.

Hvala svima koji su se potrudili da mi pomognu!
DJ STEVASSY
 
0

Dashkes

Član broj: 90973
Poruke: 845



+27 Profil

icon Re: Problem...Nesto, neka aplikacija, virus ili nesto trece se pokrene na sekundu i nestane?11.01.2012. u 16:01 - pre 148 meseci
Dobro je, ja sam se već pribojavao da je to neki opasan virus kojeg ne možemo da uhvatimo. :)
 
0

[es] :: Zaštita :: Problem...Nesto, neka aplikacija, virus ili nesto trece se pokrene na sekundu i nestane?
(Zaključana tema (lock), by Aleksandar Maletic)

[ Pregleda: 2991 | Odgovora: 12 ] > FB > Twit

Postavi temu

Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.