PC Ekspert Forum

PC Ekspert Forum (https://forum.pcekspert.com/index.php)
-   Softverski problemi (https://forum.pcekspert.com/forumdisplay.php?f=42)
-   -   moze pregled (https://forum.pcekspert.com/showthread.php?t=22254)

ljicpu 26.06.2005. 12:13
moze pregled
 
Logfile of HijackThis v1.99.1
Scan saved at 11:04:45, on 26.6.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\svchost.exe
d:\Programi\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Siemens\Adsl\dslstat.exe
C:\Program Files\Siemens\Adsl\dslagent.exe
D:\Programi\Java\jre1.5.0_01\bin\jusched.exe
D:\Programi\ZoneAlarm\zlclient.exe
D:\Programi\NetLimiter\NetLimiter.exe
D:\Programi\Eset\nod32kui.exe
D:\Programi\Spyware Doctor\swdoctor.exe
C:\Documents and Settings\ljicpu\Desktop\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - D:\Programi\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - D:\Programi\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\Siemens\Adsl\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\Siemens\Adsl\dslagent.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Programi\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] d:\Programi\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NetLimiter] d:\Programi\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [nod32kui] "d:\Programi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [Spyware Cleaner] "C:\Program Files\Spyware Cleaner\SpywareCleaner.Exe" /boot
O4 - HKCU\..\Run: [Spyware Doctor] "D:\Programi\Spyware Doctor\swdoctor.exe" /Q
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programi\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programi\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - D:\Programi\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - D:\Programi\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - D:\Programi\ICQ\ICQ.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1117296383296
O17 - HKLM\System\CCS\Services\Tcpip\..\{FD1F4832-2D87-4070-B031-D42D00959405}: NameServer = 195.29.150.3 195.29.150.4
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - d:\Programi\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SpywareCleanerService - Unknown owner - C:\Program Files\Spyware Cleaner\SCService.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

imam jos jedan problem
svako malo mi se pojavljuju ovakvi prozorcici i to me zivcira a neznam kak da se toga rijesim

http://i5.photobucket.com/albums/y19...lipboard01.gif

Costa 26.06.2005. 13:24
Uploadaj file C:\WINDOWS\svchost.exe na http://www.virustotal.com/flash/index_en.html

Tamo ce biti skeniran s vise antivirusnih programa. Trebat ces pricekati neko vrijeme dok ne dodje rezultat.

Zasto nemas instaliran nikakav antivirusni program?

Uninstaliraj sve one antispyware programe koje imas stavljene (Spyware Cleaner...) i stavi Ad-aware i Spybot S&D jer oni su ti provjereno dobri. Imas sve ovdje.

Ta poruka koja ti se pokazuje je m$ov messenger servis koji je trebao sluziti adminima ali eto, nije :D

Iskljuci preko Control Panel > Administrative tools > Services
Potrazi Messenger i postavi mu "Startup type" na Disabled i usput ga zaustavi.

ljicpu 26.06.2005. 14:00
This is a report processed by VirusTotal on 06/26/2005 at 12:58:03 (CET) after scanning the file "svchost.exe" file.

Antivirus Version Update Result
AntiVir 6.31.0.7 06.24.2005 no virus found
Avira 6.31.0.7 06.24.2005 no virus found
BitDefender 7.0 06.25.2005 no virus found
ClamAV devel-20050501 06.25.2005 no virus found
DrWeb 4.32b 06.24.2005 modification of BackDoor.Generic.1005
eTrust-Iris 7.1.194.0 06.26.2005 no virus found
eTrust-Vet 11.9.1.0 06.24.2005 no virus found
Fortinet 2.36.0.0 06.25.2005 suspicious
Ikarus 2.32 06.24.2005 no virus found
Kaspersky 4.0.2.24 06.26.2005 Backdoor.Win32.VB.aea
McAfee 4521 06.24.2005 no virus found
NOD32v2 1.1154 06.25.2005 no virus found
Norman 5.70.10 06.23.2005 no virus found
Panda 8.02.00 06.25.2005 no virus found
Sybari 7.5.1314 06.26.2005 Backdoor.Win32.VB.aea
Symantec 8.0 06.25.2005 no virus found
TheHacker 5.8.2.059 06.25.2005 Backdoor/VB.aea
VBA32 3.10.4 06.26.2005 no virus found

nakon skeniranja svchost.exe mi je javio ovo..

kaj da ga izbrisem ili?

a za antivirus prog imam nod32 2.5
kaj da stavim neki drugi ili?

Costa 26.06.2005. 14:39
Ne kuzim kaj mi je doslo da nisam skuzio NOD-a :confused: :D

Izbrisi taj file jer on je 100% los s obzirom da se predstavlja kao sistemski koji se inace nalazi u sistemskom direktoriju.

Kad zavrsis s micanjem onih programa sto sam ti rekao i brisanjem C:\WINDOWS\svchost.exe ponovno restartaj komp pa ponovno posalji log.

ljicpu 26.06.2005. 14:59
ovako..maknuo sam one programe kaj si rekao

i onaj svchost.exe u windows direktoriju sam nekako zbrisao..mogao sam ga prvo "end task" pa onda zbrisati

i nakon resetiranja kompa..file se automatski stvori...tako da ako ga zbrisem nakon reset on je opet tamo

sta sad

a evo i log novi :

Logfile of HijackThis v1.99.1
Scan saved at 13:55:14, on 26.6.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\svchost.exe
C:\WINDOWS\System32\CTsvcCDA.exe
d:\Programi\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Siemens\Adsl\dslstat.exe
C:\Program Files\Siemens\Adsl\dslagent.exe
D:\Programi\Java\jre1.5.0_01\bin\jusched.exe
D:\Programi\ZoneAlarm\zlclient.exe
D:\Programi\NetLimiter\NetLimiter.exe
D:\Programi\Eset\nod32kui.exe
C:\Documents and Settings\ljicpu\Desktop\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\Siemens\Adsl\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\Siemens\Adsl\dslagent.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Programi\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] d:\Programi\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NetLimiter] d:\Programi\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [nod32kui] "d:\Programi\Eset\nod32kui.exe" /WAITSERVICE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programi\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programi\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - D:\Programi\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - D:\Programi\ICQ\ICQ.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1117296383296
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - d:\Programi\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SpywareCleanerService - Unknown owner - C:\Program Files\Spyware Cleaner\SCService.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

Costa 26.06.2005. 15:28
Idemo najprije jednostavniju metodu a to je da file posaljes meni na mail costa666@seznam.cz pa cu vidjeti kako se pokrece/uklanja.

ljicpu 26.06.2005. 20:59
nemogu ti poslati taj file
probao sam zipati i ovako ali nece đ


uvijel mi javi da poruka ne moze biti isporucena zbog tog fila

One or more of the attachments (svchost.exe, file.zip) are on
the list of unacceptable attachments for this site and will not have
been delivered.

Consider renaming the files to avoid this constraint.

The virus detector said this about the message:
Report: MailScanner: Executable DOS/Windows programs are dangerous in email (svchost.exe)
Report: MailScanner: Executable DOS/Windows programs are dangerous in email (svchost.exe)

Costa 26.06.2005. 22:19
Preimenuj u nesto.bla pa posalji.

ljicpu 27.06.2005. 12:42
poslao sam ti jucer..nadam se da si dobio file

Costa 27.06.2005. 12:46
Dobio sam file ali moci cu ti odgovoriti tek poslije ponoci jer danas malo duze radim.

Costa 28.06.2005. 01:51
Testirah i ovako stvari stoje.

Najprije End Task nad svchost.exe (Onaj kod kojeg pod Username pise trenutni user - kod sistemskog svchost ce pisati SYSTEM, Local Service ili Network Service)

Izbrises:
c:\WINDOWS\svchost.exe
c:\WINDOWS\system32\gldrv.exe

I u registriju maknes
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{C131CGB2-VLWS-QOC9-LUNY-F3DIDFAB5252}]
"StubPath"="C:\\WINDOWS\\system32\\gldrv.exe"

Znaci maknes cijeli {C131CGB2-VLWS-QOC9-LUNY-F3DIDFAB5252} kljuc.

ljicpu 28.06.2005. 02:02
evo to sam napravio i sad vise nema file-a
i resetirao sam komp i opet pokrenuo hijack pa evo pogledaj log pa reci jel sad sve ok

hvala

Logfile of HijackThis v1.99.1
Scan saved at 1:00:50, on 28.6.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Siemens\Adsl\dslstat.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Siemens\Adsl\dslagent.exe
D:\Programi\Java\jre1.5.0_01\bin\jusched.exe
d:\Programi\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
D:\Programi\ZoneAlarm\zlclient.exe
D:\Programi\NetLimiter\NetLimiter.exe
D:\Programi\Eset\nod32kui.exe
C:\Documents and Settings\ljicpu\Desktop\HijackThis.exe
C:\WINDOWS\System32\wuauclt.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\Siemens\Adsl\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\Siemens\Adsl\dslagent.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Programi\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] d:\Programi\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NetLimiter] d:\Programi\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [nod32kui] "d:\Programi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programi\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programi\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programi\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - D:\Programi\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - D:\Programi\ICQ\ICQ.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1117296383296
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - d:\Programi\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SpywareCleanerService - Unknown owner - C:\Program Files\Spyware Cleaner\SCService.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

Costa 28.06.2005. 02:13
Sve 5 :beer:

Veki-os 28.06.2005. 02:45
Da ne otvaram novu temu,jel možeš Costa pogledati moj log,nešt mi se čudno dešava ovih dana a moje antivirusna i antigamadska armija ne nalazi ništa:D

Logfile of HijackThis v1.99.1
Scan saved at 1:40:40, on 28.6.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Program Files\Eset\nod32kui.exe
C:\PROGRA~1\GENIUS~1\mouseElf.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Vedran\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe /WAITSERVICE
O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\GENIUS~1\mouseElf.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{E187EC54-7163-4718-869F-E63B7A4BD3FC}: NameServer = 195.29.150.3 195.29.150.4
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Program Files\Eset\nod32krn.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

I imam Firefox,ne koristim IE:)

Costa 28.06.2005. 03:08
Sve ti je u redu. Sto ti se tocno dogadja?

Router 29.06.2005. 00:51
Costa , jesi rijesio kaj sa onom prokletom memom?

Veki-os 29.06.2005. 02:00
Citiraj:
Originally posted by Costa
Sve ti je u redu. Sto ti se tocno dogadja?
S&D mi je stalno nalazio iste probleme al sad sam i to rješio.

Costa 29.06.2005. 07:03
Citiraj:
Originally posted by Router
Costa , jesi rijesio kaj sa onom prokletom memom?
Veceras idem po novu.


Sva vremena su GMT +2. Sada je 22:06.

Powered by vBulletin®
Copyright ©2000 - 2026, Jelsoft Enterprises Ltd.
© 1999-2024 PC Ekspert - Sva prava pridržana ISSN 1334-2940
Ad Management by RedTyger