Par problema

basist · 05.05.2006., 18:40

0. Buraz je s neta skinuo neko smeće dok je tražio neki crack. Smeće sam maknuo, ali nisam uspio sve, pa sad trpim par posljedica

1. U HijackThisu sam "zdravorazumski" fixao entryje (npr. extra 'tools' menuitem javascript:{document.location=sexmax.com}; nije točno to, ali otprilike). Problem: taj menutiem je ostao. Kaj je zanimljivo, ne pojavljuje se uvijek, npr. iznad rarova, foldera i recycle bina, ali ne i exe i txt fileova.
2. U HijackThisu sam maknuo i slijedeći entry
O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (file missing)
Problem: svaki put se ponovno učita
Dodatak: Ostatak loga je na dnu. Slijedio sam sticky i maknuo neke gluposti, tako da sumnjam da će išta više biti za odstrel.
Hvala

Logfile of HijackThis v1.99.1
Scan saved at 18:32:23, on 5.5.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Inet\Apache2\bin\Apache.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\CTSvcCDA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Inet\Apache2\bin\ApacheMonitor.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Inet\Apache2\bin\Apache.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Temp\New Folder\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [avast!] "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Monitor Apache Servers.lnk = C:\Inet\Apache2\bin\ApacheMonitor.exe
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{7FC2E488-EDBC-443F-AA21-01FDC79A1522}: NameServer = 161.53.114.135 161.53.114.145
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apache2 - Unknown owner - C:\Inet\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Defcon.OS · 05.05.2006., 19:13

Meni se log cini OK.
Imas jedino
023 - Service: Apache2 - Unknown owner - C:\Inet\Apache2\bin\Apache.exe" -k runservice (file missing)

MDM iskljuci iz Internet Options>Advanced tab>ukljuci Disable Script Debugging ili pomocu msconfig-services.

05.05.2006., 18:40	#1
basist Registered User Datum registracije: Dec 2004 Lokacija: Zagreb Postovi: 13	Par problema 0. Buraz je s neta skinuo neko smeće dok je tražio neki crack. Smeće sam maknuo, ali nisam uspio sve, pa sad trpim par posljedica 1. U HijackThisu sam "zdravorazumski" fixao entryje (npr. extra 'tools' menuitem javascript:{document.location=sexmax.com}; nije točno to, ali otprilike). Problem: taj menutiem je ostao. Kaj je zanimljivo, ne pojavljuje se uvijek, npr. iznad rarova, foldera i recycle bina, ali ne i exe i txt fileova. 2. U HijackThisu sam maknuo i slijedeći entry O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (file missing) Problem: svaki put se ponovno učita Dodatak: Ostatak loga je na dnu. Slijedio sam sticky i maknuo neke gluposti, tako da sumnjam da će išta više biti za odstrel. Hvala Logfile of HijackThis v1.99.1 Scan saved at 18:32:23, on 5.5.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Inet\Apache2\bin\Apache.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\CTSvcCDA.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\UAService7.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Inet\Apache2\bin\ApacheMonitor.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Inet\Apache2\bin\Apache.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe D:\Temp\New Folder\HijackThis.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll O4 - HKLM\..\Run: [avast!] "C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Monitor Apache Servers.lnk = C:\Inet\Apache2\bin\ApacheMonitor.exe O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{7FC2E488-EDBC-443F-AA21-01FDC79A1522}: NameServer = 161.53.114.135 161.53.114.145 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apache2 - Unknown owner - C:\Inet\Apache2\bin\Apache.exe" -k runservice (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

05.05.2006., 19:13	#2
Defcon.OS Contra bonos mores Datum registracije: May 2006 Lokacija: Osijek Postovi: 159	Meni se log cini OK. Imas jedino 023 - Service: Apache2 - Unknown owner - C:\Inet\Apache2\bin\Apache.exe" -k runservice (file missing) MDM iskljuci iz Internet Options>Advanced tab>ukljuci Disable Script Debugging ili pomocu msconfig-services. Zadnje izmijenjeno od: Defcon.OS. 05.05.2006. u 22:20.

Oglasni prostor
PC Ekspert Forum Oglas