Forumi
Home Pravila i pomoć Članovi Kalendar Današnji postovi


Povratak   PC Ekspert Forum > Računala > Problemi > Softverski problemi
Osvježi stranicu moze pregled
Ime
Lozinka

Odgovori
 
Uređivanje
Staro 26.06.2005., 11:13   #1
ljicpu
Premium
 
Datum registracije: Jun 2005
Lokacija: Zagreb
Postovi: 29
moze pregled
Logfile of HijackThis v1.99.1
Scan saved at 11:04:45, on 26.6.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\svchost.exe
d:\Programi\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Siemens\Adsl\dslstat.exe
C:\Program Files\Siemens\Adsl\dslagent.exe
D:\Programi\Java\jre1.5.0_01\bin\jusched.exe
D:\Programi\ZoneAlarm\zlclient.exe
D:\Programi\NetLimiter\NetLimiter.exe
D:\Programi\Eset\nod32kui.exe
D:\Programi\Spyware Doctor\swdoctor.exe
C:\Documents and Settings\ljicpu\Desktop\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - D:\Programi\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - D:\Programi\SPYWAR~1\tools\iesdpb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\Siemens\Adsl\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\Siemens\Adsl\dslagent.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Programi\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] d:\Programi\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NetLimiter] d:\Programi\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [nod32kui] "d:\Programi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [Spyware Cleaner] "C:\Program Files\Spyware Cleaner\SpywareCleaner.Exe" /boot
O4 - HKCU\..\Run: [Spyware Doctor] "D:\Programi\Spyware Doctor\swdoctor.exe" /Q
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programi\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programi\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - D:\Programi\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - D:\Programi\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - D:\Programi\ICQ\ICQ.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1117296383296
O17 - HKLM\System\CCS\Services\Tcpip\..\{FD1F4832-2D87-4070-B031-D42D00959405}: NameServer = 195.29.150.3 195.29.150.4
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - d:\Programi\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SpywareCleanerService - Unknown owner - C:\Program Files\Spyware Cleaner\SCService.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

imam jos jedan problem
svako malo mi se pojavljuju ovakvi prozorcici i to me zivcira a neznam kak da se toga rijesim
ljicpu je offline   Reply With Quote
Staro 26.06.2005., 12:24   #2
Costa
Moderator
 
Costa's Avatar
 
Datum registracije: Aug 2003
Lokacija: Zagreb
Postovi: 3,193
Uploadaj file C:\WINDOWS\svchost.exe na http://www.virustotal.com/flash/index_en.html

Tamo ce biti skeniran s vise antivirusnih programa. Trebat ces pricekati neko vrijeme dok ne dodje rezultat.

Zasto nemas instaliran nikakav antivirusni program?

Uninstaliraj sve one antispyware programe koje imas stavljene (Spyware Cleaner...) i stavi Ad-aware i Spybot S&D jer oni su ti provjereno dobri. Imas sve ovdje.

Ta poruka koja ti se pokazuje je m$ov messenger servis koji je trebao sluziti adminima ali eto, nije

Iskljuci preko Control Panel > Administrative tools > Services
Potrazi Messenger i postavi mu "Startup type" na Disabled i usput ga zaustavi.
Costa je offline   Reply With Quote
Oglasni prostor
Oglas
 
Oglas
Staro 26.06.2005., 13:00   #3
ljicpu
Premium
 
Datum registracije: Jun 2005
Lokacija: Zagreb
Postovi: 29
This is a report processed by VirusTotal on 06/26/2005 at 12:58:03 (CET) after scanning the file "svchost.exe" file.

Antivirus Version Update Result
AntiVir 6.31.0.7 06.24.2005 no virus found
Avira 6.31.0.7 06.24.2005 no virus found
BitDefender 7.0 06.25.2005 no virus found
ClamAV devel-20050501 06.25.2005 no virus found
DrWeb 4.32b 06.24.2005 modification of BackDoor.Generic.1005
eTrust-Iris 7.1.194.0 06.26.2005 no virus found
eTrust-Vet 11.9.1.0 06.24.2005 no virus found
Fortinet 2.36.0.0 06.25.2005 suspicious
Ikarus 2.32 06.24.2005 no virus found
Kaspersky 4.0.2.24 06.26.2005 Backdoor.Win32.VB.aea
McAfee 4521 06.24.2005 no virus found
NOD32v2 1.1154 06.25.2005 no virus found
Norman 5.70.10 06.23.2005 no virus found
Panda 8.02.00 06.25.2005 no virus found
Sybari 7.5.1314 06.26.2005 Backdoor.Win32.VB.aea
Symantec 8.0 06.25.2005 no virus found
TheHacker 5.8.2.059 06.25.2005 Backdoor/VB.aea
VBA32 3.10.4 06.26.2005 no virus found

nakon skeniranja svchost.exe mi je javio ovo..

kaj da ga izbrisem ili?

a za antivirus prog imam nod32 2.5
kaj da stavim neki drugi ili?
ljicpu je offline   Reply With Quote
Staro 26.06.2005., 13:39   #4
Costa
Moderator
 
Costa's Avatar
 
Datum registracije: Aug 2003
Lokacija: Zagreb
Postovi: 3,193
Ne kuzim kaj mi je doslo da nisam skuzio NOD-a :confused:

Izbrisi taj file jer on je 100% los s obzirom da se predstavlja kao sistemski koji se inace nalazi u sistemskom direktoriju.

Kad zavrsis s micanjem onih programa sto sam ti rekao i brisanjem C:\WINDOWS\svchost.exe ponovno restartaj komp pa ponovno posalji log.
Costa je offline   Reply With Quote
Staro 26.06.2005., 13:59   #5
ljicpu
Premium
 
Datum registracije: Jun 2005
Lokacija: Zagreb
Postovi: 29
ovako..maknuo sam one programe kaj si rekao

i onaj svchost.exe u windows direktoriju sam nekako zbrisao..mogao sam ga prvo "end task" pa onda zbrisati

i nakon resetiranja kompa..file se automatski stvori...tako da ako ga zbrisem nakon reset on je opet tamo

sta sad

a evo i log novi :

Logfile of HijackThis v1.99.1
Scan saved at 13:55:14, on 26.6.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\svchost.exe
C:\WINDOWS\System32\CTsvcCDA.exe
d:\Programi\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Siemens\Adsl\dslstat.exe
C:\Program Files\Siemens\Adsl\dslagent.exe
D:\Programi\Java\jre1.5.0_01\bin\jusched.exe
D:\Programi\ZoneAlarm\zlclient.exe
D:\Programi\NetLimiter\NetLimiter.exe
D:\Programi\Eset\nod32kui.exe
C:\Documents and Settings\ljicpu\Desktop\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\Siemens\Adsl\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\Siemens\Adsl\dslagent.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Programi\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] d:\Programi\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NetLimiter] d:\Programi\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [nod32kui] "d:\Programi\Eset\nod32kui.exe" /WAITSERVICE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programi\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programi\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - D:\Programi\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - D:\Programi\ICQ\ICQ.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1117296383296
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - d:\Programi\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SpywareCleanerService - Unknown owner - C:\Program Files\Spyware Cleaner\SCService.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
ljicpu je offline   Reply With Quote
Staro 26.06.2005., 14:28   #6
Costa
Moderator
 
Costa's Avatar
 
Datum registracije: Aug 2003
Lokacija: Zagreb
Postovi: 3,193
Idemo najprije jednostavniju metodu a to je da file posaljes meni na mail costa666@seznam.cz pa cu vidjeti kako se pokrece/uklanja.
Costa je offline   Reply With Quote
Staro 26.06.2005., 19:59   #7
ljicpu
Premium
 
Datum registracije: Jun 2005
Lokacija: Zagreb
Postovi: 29
nemogu ti poslati taj file
probao sam zipati i ovako ali nece đ


uvijel mi javi da poruka ne moze biti isporucena zbog tog fila

One or more of the attachments (svchost.exe, file.zip) are on
the list of unacceptable attachments for this site and will not have
been delivered.

Consider renaming the files to avoid this constraint.

The virus detector said this about the message:
Report: MailScanner: Executable DOS/Windows programs are dangerous in email (svchost.exe)
Report: MailScanner: Executable DOS/Windows programs are dangerous in email (svchost.exe)
ljicpu je offline   Reply With Quote
Staro 26.06.2005., 21:19   #8
Costa
Moderator
 
Costa's Avatar
 
Datum registracije: Aug 2003
Lokacija: Zagreb
Postovi: 3,193
Preimenuj u nesto.bla pa posalji.
Costa je offline   Reply With Quote
Staro 27.06.2005., 11:42   #9
ljicpu
Premium
 
Datum registracije: Jun 2005
Lokacija: Zagreb
Postovi: 29
poslao sam ti jucer..nadam se da si dobio file
ljicpu je offline   Reply With Quote
Staro 27.06.2005., 11:46   #10
Costa
Moderator
 
Costa's Avatar
 
Datum registracije: Aug 2003
Lokacija: Zagreb
Postovi: 3,193
Dobio sam file ali moci cu ti odgovoriti tek poslije ponoci jer danas malo duze radim.
Costa je offline   Reply With Quote
Oglasni prostor
Oglas
 
Oglas
Staro 28.06.2005., 00:51   #11
Costa
Moderator
 
Costa's Avatar
 
Datum registracije: Aug 2003
Lokacija: Zagreb
Postovi: 3,193
Testirah i ovako stvari stoje.

Najprije End Task nad svchost.exe (Onaj kod kojeg pod Username pise trenutni user - kod sistemskog svchost ce pisati SYSTEM, Local Service ili Network Service)

Izbrises:
c:\WINDOWS\svchost.exe
c:\WINDOWS\system32\gldrv.exe

I u registriju maknes
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{C131CGB2-VLWS-QOC9-LUNY-F3DIDFAB5252}]
"StubPath"="C:\\WINDOWS\\system32\\gldrv.exe"

Znaci maknes cijeli {C131CGB2-VLWS-QOC9-LUNY-F3DIDFAB5252} kljuc.
Costa je offline   Reply With Quote
Staro 28.06.2005., 01:02   #12
ljicpu
Premium
 
Datum registracije: Jun 2005
Lokacija: Zagreb
Postovi: 29
evo to sam napravio i sad vise nema file-a
i resetirao sam komp i opet pokrenuo hijack pa evo pogledaj log pa reci jel sad sve ok

hvala

Logfile of HijackThis v1.99.1
Scan saved at 1:00:50, on 28.6.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Siemens\Adsl\dslstat.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Siemens\Adsl\dslagent.exe
D:\Programi\Java\jre1.5.0_01\bin\jusched.exe
d:\Programi\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
D:\Programi\ZoneAlarm\zlclient.exe
D:\Programi\NetLimiter\NetLimiter.exe
D:\Programi\Eset\nod32kui.exe
C:\Documents and Settings\ljicpu\Desktop\HijackThis.exe
C:\WINDOWS\System32\wuauclt.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programi\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\Siemens\Adsl\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\Siemens\Adsl\dslagent.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Programi\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\Run: [Zone Labs Client] d:\Programi\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [NetLimiter] d:\Programi\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [nod32kui] "d:\Programi\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programi\QuickTime\qttask.exe" -atboottime
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programi\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programi\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - D:\Programi\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - D:\Programi\ICQ\ICQ.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1117296383296
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - d:\Programi\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SpywareCleanerService - Unknown owner - C:\Program Files\Spyware Cleaner\SCService.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
ljicpu je offline   Reply With Quote
Staro 28.06.2005., 01:13   #13
Costa
Moderator
 
Costa's Avatar
 
Datum registracije: Aug 2003
Lokacija: Zagreb
Postovi: 3,193
Sve 5
Costa je offline   Reply With Quote
Staro 28.06.2005., 01:45   #14
Veki-os
Premium
Moj komp
 
Veki-os's Avatar
 
Datum registracije: Jun 2004
Lokacija: Osijek
Postovi: 3,996
Da ne otvaram novu temu,jel možeš Costa pogledati moj log,nešt mi se čudno dešava ovih dana a moje antivirusna i antigamadska armija ne nalazi ništa

Logfile of HijackThis v1.99.1
Scan saved at 1:40:40, on 28.6.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Program Files\Eset\nod32kui.exe
C:\PROGRA~1\GENIUS~1\mouseElf.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Vedran\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe /WAITSERVICE
O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\GENIUS~1\mouseElf.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{E187EC54-7163-4718-869F-E63B7A4BD3FC}: NameServer = 195.29.150.3 195.29.150.4
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Program Files\Eset\nod32krn.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

I imam Firefox,ne koristim IE
Veki-os je offline   Reply With Quote
Staro 28.06.2005., 02:08   #15
Costa
Moderator
 
Costa's Avatar
 
Datum registracije: Aug 2003
Lokacija: Zagreb
Postovi: 3,193
Sve ti je u redu. Sto ti se tocno dogadja?
Costa je offline   Reply With Quote
Staro 28.06.2005., 23:51   #16
Router
Hejter
 
Datum registracije: Mar 2005
Lokacija: ZG
Postovi: 6,521
Costa , jesi rijesio kaj sa onom prokletom memom?
Router je offline   Reply With Quote
Staro 29.06.2005., 01:00   #17
Veki-os
Premium
Moj komp
 
Veki-os's Avatar
 
Datum registracije: Jun 2004
Lokacija: Osijek
Postovi: 3,996
Citiraj:
Originally posted by Costa
Sve ti je u redu. Sto ti se tocno dogadja?
S&D mi je stalno nalazio iste probleme al sad sam i to rješio.
Veki-os je offline   Reply With Quote
Staro 29.06.2005., 06:03   #18
Costa
Moderator
 
Costa's Avatar
 
Datum registracije: Aug 2003
Lokacija: Zagreb
Postovi: 3,193
Citiraj:
Originally posted by Router
Costa , jesi rijesio kaj sa onom prokletom memom?
Veceras idem po novu.
Costa je offline   Reply With Quote
Oglasni prostor
Oglas
 
Oglas
Odgovori

« Prethodna tema | Sljedeća tema »


Pravila postanja
Vi ne možete otvarati nove teme
Vi ne možete pisati odgovore
Vi ne možete uploadati priloge
Vi ne možete uređivati svoje poruke
BB code je Uključeno
Smajlići su Uključeno
[IMG] kod je Uključeno
HTML je Isključeno
Idi na



© 1999-2024 PC Ekspert - Sva prava pridržana ISSN 1334-2940
Ad Management by RedTyger
Powered by vBulletin®
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.