virus i trojan-log file

Mr.Black · 29.08.2007., 17:53

Logfile of HijackThis v1.99.1
Scan saved at 17:54:18, on 29.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Security Tools\iesmn.exe
C:\Program Files\Security Tools\imsmain.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
D:\Eset\nod32kui.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Security Tools\imsmn.exe
C:\Program Files\VirusProtectPro 3.7\VirusProtectPro 3.7.exe
C:\Program Files\Security Tools\iesmin.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
d:\Eset\nod32krn.exe
C:\Program Files\ORL\VNC\WinVNC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\tHe OnO\Desktop\HijackThis.exe

O2 - BHO: (no name) - {5DDE5591-A8AB-4897-93EF-1E4E943F85A7} - C:\Program Files\Security Tools\iesplg.dll
O2 - BHO: Editor plugin - {9AEE9C0D-FD38-45fc-B09A-BA9B6B614780} - barka.dll (file missing)
O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - C:\WINDOWS\system32\__c00990E9.dat
O3 - Toolbar: Protection Bar - {CC18AE76-7E65-4258-A193-9EA0C52DA6B8} - C:\Program Files\Security Tools\iesbpl.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [WinDVR SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [RAM Idle] C:\Program Files\Customizer XP\RAM_2K.exe
O4 - HKLM\..\Run: [nod32kui] d:\Eset\nod32kui.exe /WAITSERVICE
O4 - HKLM\..\Run: [VirusProtectPro 3.7] "C:\Program Files\VirusProtectPro 3.7\VirusProtectPro 3.7.exe" /h
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c005D552.dat
O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\vhosts.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - d:\Eset\nod32krn.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\ORL\VNC\WinVNC.exe" -service (file missing)

Kaj izbrisati??

WichitaQ · 29.08.2007., 18:00

taj virusprotectpro ti je virus....briši :

O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\ORL\VNC\WinVNC.exe" -service (file missing)
O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\vhosts.exe
i sve sa tim virusprotectpro...

edit : a i ovo mi je sumnjivo :
O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - C:\WINDOWS\system32\__c00990E9.dat

Mr.Black · 29.08.2007., 18:20

Izbrisao sam ovo navedeno, ali nije to to...ovak dolje ikona me muči u trayu, evo slike kod otvaranja browsera...

http://www.imagesforme.com/images/3779bezimena.JPG

isprika moderatorima kaj nisam stavil u "Hijackthis - how to"

Mr.Black · 29.08.2007., 19:24

pošto je to komp kod starog u školi i služi profesorima za surfanje, problem sam riješio pomoću system restora, još jedanput ispirka kaj nisam postao u određeni topic...

domy_os · 29.08.2007., 21:26

Tamo je...

http://forum.pcekspert.com/showthread.php?t=29285

29.08.2007., 17:53	#1
Mr.Black Premium Datum registracije: Jan 2005 Lokacija: - Postovi: 1,679	virus i trojan-log file Logfile of HijackThis v1.99.1 Scan saved at 17:54:18, on 29.8.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Security Tools\iesmn.exe C:\Program Files\Security Tools\imsmain.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe D:\Eset\nod32kui.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Security Tools\imsmn.exe C:\Program Files\VirusProtectPro 3.7\VirusProtectPro 3.7.exe C:\Program Files\Security Tools\iesmin.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe d:\Eset\nod32krn.exe C:\Program Files\ORL\VNC\WinVNC.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\tHe OnO\Desktop\HijackThis.exe O2 - BHO: (no name) - {5DDE5591-A8AB-4897-93EF-1E4E943F85A7} - C:\Program Files\Security Tools\iesplg.dll O2 - BHO: Editor plugin - {9AEE9C0D-FD38-45fc-B09A-BA9B6B614780} - barka.dll (file missing) O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - C:\WINDOWS\system32\__c00990E9.dat O3 - Toolbar: Protection Bar - {CC18AE76-7E65-4258-A193-9EA0C52DA6B8} - C:\Program Files\Security Tools\iesbpl.dll O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [WinDVR SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe" O4 - HKLM\..\Run: [RAM Idle] C:\Program Files\Customizer XP\RAM_2K.exe O4 - HKLM\..\Run: [nod32kui] d:\Eset\nod32kui.exe /WAITSERVICE O4 - HKLM\..\Run: [VirusProtectPro 3.7] "C:\Program Files\VirusProtectPro 3.7\VirusProtectPro 3.7.exe" /h O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O20 - AppInit_DLLs: C:\WINDOWS\system32\__c005D552.dat O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\vhosts.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - d:\Eset\nod32krn.exe O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\ORL\VNC\WinVNC.exe" -service (file missing) Kaj izbrisati??

29.08.2007., 21:26	#5
domy_os EMP moderator Datum registracije: Apr 2005 Lokacija: Osijek Postovi: 18,819	Tamo je... http://forum.pcekspert.com/showthread.php?t=29285 __________________ "Kako su krojači novog svjetskog poretka uspjeli u tako kratko vrijeme slomiti intelektualne sposobnosti društva, uništiti kritičku svijest i ljudima nametnuti izvrnutu logiku?"

29.08.2007., 18:00	#2
WichitaQ Soul Eater Datum registracije: Jan 2007 Lokacija: Isolated Postovi: 538	taj virusprotectpro ti je virus....briši : O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\ORL\VNC\WinVNC.exe" -service (file missing) O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\vhosts.exe i sve sa tim virusprotectpro... edit : a i ovo mi je sumnjivo : O2 - BHO: (no name) - {C6039E6C-BDE9-4de5-BB40-768CAA584FDC} - C:\WINDOWS\system32\__c00990E9.dat

29.08.2007., 18:20	#3
Mr.Black Premium Datum registracije: Jan 2005 Lokacija: - Postovi: 1,679	Izbrisao sam ovo navedeno, ali nije to to...ovak dolje ikona me muči u trayu, evo slike kod otvaranja browsera... http://www.imagesforme.com/images/3779bezimena.JPG isprika moderatorima kaj nisam stavil u "Hijackthis - how to"

29.08.2007., 19:24	#4
Mr.Black Premium Datum registracije: Jan 2005 Lokacija: - Postovi: 1,679	pošto je to komp kod starog u školi i služi profesorima za surfanje, problem sam riješio pomoću system restora, još jedanput ispirka kaj nisam postao u određeni topic...

Oglasni prostor
PC Ekspert Forum Oglas

Oglasni prostor
PC Ekspert Forum Oglas