PC Ekspert Forum - (riješeno) Virusi i bakterije

PC Ekspert Forum (https://forum.pcekspert.com/index.php)

- Softverski problemi (https://forum.pcekspert.com/forumdisplay.php?f=42)

- - (riješeno) Virusi i bakterije (https://forum.pcekspert.com/showthread.php?t=62422)

(riješeno) Virusi i bakterije

Ajd znalci pomagajte!

Nećak mi se poigrao pa natovario koječega od gamadi os xp, bitdefender, ad-aware i spyware doctor su obrambena linija no.....

Nakon velike i iscrpljujuće borbe dva su mi ostala i nemrem im niš vidi log...

C:\Documents and Settings\Barny\Local Settings\Temp\rtqygdjc.exe Detected: Adware.Vstoolbar.A
C:\Documents and Settings\Barny\Local Settings\Temp\rtqygdjc.exe Disinfection failed
C:\Documents and Settings\Barny\Local Settings\Temp\rtqygdjc.exe Moved
C:\Documents and Settings\Barny\Local Settings\Temp\swkgmvqn.dll Infected: Trojan.Juan.F
C:\Documents and Settings\Barny\Local Settings\Temp\swkgmvqn.dll Disinfection failed
C:\Documents and Settings\Barny\Local Settings\Temp\swkgmvqn.dll Moved
C:\Documents and Settings\Barny\Local Settings\Temp\yisqqbom.dll Infected: Trojan.Virtumod.DG
C:\Documents and Settings\Barny\Local Settings\Temp\yisqqbom.dll Disinfection failed
C:\Documents and Settings\Barny\Local Settings\Temp\yisqqbom.dll Moved
C:\WINDOWS\system32\mljji.dll Infected: MemScan:Trojan.Vundo.AH
C:\WINDOWS\system32\mljji.dll Disinfection failed
C:\WINDOWS\system32\mljji.dll Move failed
C:\WINDOWS\system32\nnnoonm.dll Infected: MemScan:Adware.VirtuMonde.DY
C:\WINDOWS\system32\nnnoonm.dll Disinfection failed
C:\WINDOWS\system32\nnnoonm.dll Move failed

Upomoć braćo po oružju osto sam bez metaka....

Probaj:
1) Safe mode
2) Izbrisat file-ove iz cistog DOS-a
2b) Hiren's Boot CD, pa pocistit nekim od antivirusa iz DOS-a

je kad bi ja to znao trebao bih malo detaljnije il pozvat nekog na pivkana..

U safe mod ulaziš tako da odmah nakon paljenja stišćeš F8 i odabereš Safe Mod kad ti se pojavi izbornik. Kad konačno uđeš, skeniraj ponovo. Ako opet ne možeš obrisat, ručno dođi do mjesta gdje su zaražene datoteke pa od tamo obriši.

Probao sam no ni tako. Jedini koji ga pronalazi je bitdef.
On se nasro u nekom nnnoonm.dll i ne mogu ga obrisati jednostavno se neda van iz nnnoonm.dll a zove se MemScan:Adware.VirtuMonde.DY
ak nije tlaka nekom da mi objasni kako iz reg. da ručno probam obrisati...

Snimi negdje i isprintaj ove upute jer možeš ostat bez internet veze.

Prvo skini Vundo Fix ili VirtumundoBegone (ako prvi ne bude radio). Možeš ih staviti na desktop.

Pokreni VundoFix.exe i klikni na Scan for Vundo. Kad završi, klikni na Remove Vundo nakon čega će te pitati da li želiš maknuti te datoteke pa ti klikneš YES. Desktop će se sada zacrniti i proces uklanjanja počinje. Na kraju ćeš morati resetirati komp.

Ako je problem ostao, odi u Safe Mod i pokreni VirtumundoBegone i slijedi upute na ekranu. Kad budeš gotov, vrati se u normal mode.

Zatim skini HijackThis, ovdje imaš upute gdje, šta i kako. Postaj log pa ćemo vidjeti što još treba maknuti.

Napomena: updateaj si Javu jer je to sranje upalo vjerojatno zbog stare verzije Jave.

klanjam se........

popodne slijedi izvještaj..............

EDIT: naime probao sam neki dan sa vundo fix i on ga ne kuži, pa bum sa ovim drugim.
Kažem samo ga bitdef. nalazi od svih mogućih i svako toliko javlja da ga je našao i da komp. nije zaražen ma što to značilo...al je dosadan ko proljev jer se javlja svaku minutu.

Evo ovako,

Vundo fix je našao, doista nije se zacrnio ekran već su samo nestale ikone i restartao je komp.
E sad
nakon toga sam pokrenuo bitdefender te ih je opet našao ali sada sa ovim uspjehom:
Summary:

C:\VundoFix Backups\nnnoonm.dll.bad Infected: MemScan:Adware.VirtuMonde.DY
C:\VundoFix Backups\nnnoonm.dll.bad Disinfection failed
C:\VundoFix Backups\nnnoonm.dll.bad Moved

Dali trebam još kaj radit ili je ovo gotovo.
Napravio sam Logfile od HijackThis ak je potrebno no velik je pa neznam dali da ga postam il je dovoljno samo nešto iz njega?

Vidiš da to što je BD našao pripada VundoFixovom backupu, bitno da ga nema tamo gdje je prije bio. Slobodno stavi log...

Dali ono što brišem označim u Hijack-u i stisnem fix checked il moram u reg.ručno?

ježit ga toliko je velik log da mi ga neda postat.......kaj sad bum u dva posta...

Logfile of HijackThis v1.99.1
Scan saved at 17:08:26, on 5.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\totalcmd\TOTALCMD.EXE
C:\WINDOWS\system32\notepad.exe
H:\sigurnosni\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0F01FF26-18F5-4613-BFD6-14DE2FBA24C3} - C:\WINDOWS\system32\nnnoonm.dll (file missing)
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: (no name) - {D38439EC-4A7F-42b4-90C2-D810D7778FDD} - C:\WINDOWS\system32\wqjxpftn.dll (file missing)
O2 - BHO: (no name) - {E8658363-94EA-4A98-B794-A1C0833970D0} - C:\WINDOWS\system32\mljji.dll (file missing)
O2 - BHO: WeeklyExecuter Class - {f015f320-ab08-11db-abbd-0800200c9a66} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O18 - Protocol: bw+0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Citiraj:

Dali ono što brišem označim u Hijack-u i stisnem fix checked il moram u reg.ručno?

Očekivao sam da si pročitao onu temu o HijackThisu, sad bi sve znao. Ukratko: skeniraš, staviš log (OK, stavio si) i opet skeniraš, ali bez loga te označiš ovo za uklanjanje:

O2 - BHO: (no name) - {0F01FF26-18F5-4613-BFD6-14DE2FBA24C3} - C:\WINDOWS\system32\nnnoonm.dll (file missing)

O2 - BHO: (no name) - {D38439EC-4A7F-42b4-90C2-D810D7778FDD} - C:\WINDOWS\system32\wqjxpftn.dll (file missing)

O2 - BHO: (no name) - {E8658363-94EA-4A98-B794-A1C0833970D0} - C:\WINDOWS\system32\mljji.dll (file missing)

O2 - BHO: WeeklyExecuter Class - {f015f320-ab08-11db-abbd-0800200c9a66} - (no file)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)

O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Imaš milijun unosa (Extra protocols and protocol hijackers) od Logitech Desktop Messengera kojeg nisi morao ni instalirati, ako ga ne koristiš.

Zašto imaš dva antivirusa? BitDefender i AVG? Nije ti nijedan firewall aktivan...

Ma pročito sam ja al nisam skužio to o označavanju i popravljanju.
Imam dva antivirusna nakon pokušaja da očistim komp od gamadi. No nije bar po meni loše imati različite samo kaj drugog uključujem po potrebi, mislim ak jedan omane jel...
a firewall imam kroz BD i uvjek je upaljen jedino možda kad sam log radio BD je mogao ostat iskopčan jer sam prije toga vrtio drugi antivirus.

E sad od svega mi je ostalo i neda se izbrisati ovo:
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1621B89-6EB6-43C9-A459-BE19B61B8EB6}: NameServer = 213.191.128.8 213.191.128.9
O18 - Protocol: bw+0 - {0448EEA0-2BC3-4099-8D45-4680A69A29BD} - C:\Program Files\Logitech\Desktop
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Nemrem obrisat ovo od BD.
Ajd još to pa si samnom gotov :respekt:

Pa tko ti je rekao da to brišeš? :stoopid: Pogledaj dobro gore...

O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Pa to si napisao al neide

Da budem jasniji svi od BD sa file missing neidu van ostalo je otišlo.

Onda OK, to i tako nije bitno. ;) Mislio sam da si htio to sve obrisat... :D

je ovca jesam al baš tolika... ha nikad se nezna...

Ok hvala ovo ostavim i za sad sam čist... moj naklon!

Hm, ipak mala napomena. Nikako, ali apsolutno nikako ne valja imati više od 1 antivirus programa. Iste komponente sistema trebaju dva anti virus programa i što misliš što se desi kada ne mogu doći do nečega jer ga onaj drugi AV svojata? Kuršlus, kratki spoj, ršum, sranje. Dobiješ totalno suprotan učinak od očekivanog; imam dva antivirusa; ne radi nijedan kako spada.
Jedan antivirus, pametno podešen, nešto protiv spay-a i obavezno, možda i važnije engo AV firewall. Comodo npr. poprilično dobar u zadnje vrijeme.:amen: