virusi

[SetH]

e ovako,pošto sam pokupio nekoliko virusa na najjadniji moguči način i sad dolaze problemi.zone alarm je našao dolje navedene viruse i kao uklonio ali imam problema kod npr. otvaranja najobičnijih programa ili system u control panelu ili mjenjanja brzine u neri. imate kakvu ideju?

[domy_os]

Uzmi neki pametniji antivirusni program (NOD32, Kaspersky,...) i napravi full scan u safe modu. Možeš staviti i HijackThis log...

[SetH]

probably unknown CRYPT.WIN32 virus found in operating memory. NOD32 cannot clean this infiltration. No action can be taken on a memory infiltration.

i s koje stranice mi može nod skinut svoj update?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:53:31, on 18.9.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
E:\Ad-Aware 2007\aawservice.exe
e:\Program Files\Eset\nod32krn.exe
D:\Program Files\Logitech\MouseWare\system\em_exec.exe
E:\Program Files\Eset\nod32kui.exe
D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\WINDOWS\system32\rundll32.exe
D:\WINDOWS\system32\ZoneLabs\isafe.exe
D:\WINDOWS\System32\alg.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Mozilla Firefox\firefox.exe
e:\Program Files\Eset\nod32.exe
e:\Program Files\Eset\nod32.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
D:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nod32kui] "e:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Funkuser] D:\DOCUME~1\SetH\APPLIC~1\MEOWAN~1\Iso meal.exe
O4 - HKCU\..\Run: [ICQ] "E:\Program Files\ICQ6\ICQ.exe" silent
O4 - Startup: Xfire.lnk = E:\Program Files\Xfire\xfire.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{526E0F32-CDBA-4365-A526-38F3A79BDD7D}: NameServer = 195.29.150.204 195.29.150.205
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - E:\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - D:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: iPod Service - Apple Computer, Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - e:\Program Files\Eset\nod32krn.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 4354 bytes

[deda_the_mraz]

probaj s avastom s njim ja riješavam ovakva sra**

[SetH]

nod32 nalazi jedno min.500 ovih virusa a avast ništa :S

[SetH]

samo 1700 virusa i većinom .exe fajlovi

[Joke]

Seth ajde makni ovo iz hijack loga
O4 - HKCU\..\Run: [Funkuser] D:\DOCUME~1\SetH\APPLIC~1\MEOWAN~1\Iso meal.exe
i jesi prije nego sta si poceso radit scan sa Nodom podesio prema ovim uputama http://www.wilderssecurity.com/showthread.php?t=37509 i možeš pustiti scan malo sa spybotom

[SetH]

budem,sad mi pola stvari u conrtol panelu nerade...sve poludilo

[domy_os]

Citiraj:

Autor seth

samo 1700 virusa i većinom .exe fajlovi

To je jedan te isti virus, ali u 1700 datoteka. Gadno... Je li NOD updatean? Skeniraj u safe modu, ono gore je normal mode. Iako će biti teško, ako ne i nemoguće vratiti sve na staro. Koliko vidim, zavukao se u sve exe datoteke.

[greenfly]

Probaj ugasit System Restore, pa scan sa nodom u safe modu.


Ako ne upali....Trial od Kasperskog...

[SetH]

mora ić format c: nažalost