MyCity » Ambulanta -> Arhiva Ambulante » Pomoc, izbacuje mi virus

Pomoc, izbacuje mi virus

Napisano na dan: 4.4.2007

Pomoc, izbacuje mi virus

Sledeća strana

Pagination

Odgovori

tijanatijana Poslao: 04 Apr 2007 21:05 Idi na vrh
offline tijanatijana Novi MyCity građanin Pridružio: 02 Nov 2005 Poruke: 3	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Nod 32 mi izbaci da imam neki virus. Win32/BHO.G.trojan Win32/Adware.Virtumonde.FT application Prilazem HIJACk log file Molim za pomoc. Hvala. Logfile of HijackThis v1.99.1 Scan saved at 20:59:07, on 4.4.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Eset\nod32kui.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\PROGRA~1\INCRED~1\bin\ImApp.exe C:\PROGRA~1\Magentic\bin\MgApp.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\System32\svchost.exe c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\Program Files\Canon\CAL\CALMAIN.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Pinnacle\Shared Files\Programs\PclePvr\VideoControl.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\XoftSpySE\XoftSpy.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Aleksandar\Desktop\HIJ\HIJ.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = red.clientapps.yahoo.com/customize/ptec/defaults/sb/http://www.yahoo.com/search/ie.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = red.clientapps.yahoo.com/customize/ptec/defaults/su/http://www.yahoo.com O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {35845E32-35D9-46BB-9240-258AB96391C5} - C:\WINDOWS\system32\ddccbaw.dll O2 - BHO: (no name) - {BA30C957-A76A-4824-ABD6-12EE30955A0E} - C:\WINDOWS\system32\awtqq.dll O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_2_0.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe O4 - HKLM\..\Run: [Pinnacle WebUpdater] "C:\Program Files\Pinnacle\Shared Files\Programs\WebUpdater\WebUpdater.exe" -s -f=UpdateVersion.xml -url=http://cdn.pinnaclesys.com/SupportFiles O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [VoipStunt] "C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe" -nosplash -minimized O4 - HKCU\..\Run: [PMCS] "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1 O4 - Startup: Cyber-shot Viewer Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{F3598B3B-0240-4DBB-B70B-919D391B8EFB}: NameServer = 217.23.192.9,217.23.192.14 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: awtqq - C:\WINDOWS\system32\awtqq.dll O20 - Winlogon Notify: ddccbaw - C:\WINDOWS\SYSTEM32\ddccbaw.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Canon Camera Access Library 8 (CCALib8-) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing) O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing)

Profil

Everybodys_fool Poslao: 05 Apr 2007 22:57 Idi na vrh
offline Everybodys_fool Super građanin Pridružio: 06 Apr 2005 Poruke: 1023	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! molim te pogasi sve programe (winamp, notepad...) pa napravi novi log Dopuna: 05 Apr 2007 22:57 racunar ti je definitivno zarazen. Sledeci postupak podrazumeva jedan restart racunara, zato snimi sve radove koji su ti otvoreni u drugim programima i pogasi sve programe koji su ti trenutno otvoreni da ne bi doslo do gubitka podataka: - skini VundoFix sa http://www.atribune.org/ccount/click.php?id=4 - startuj VundoFix - selektuj opciju Run VundoFix as a task kada ti to bude ponudjeno - VundoFix ce sada da se ugasi i startovace se ponovo za od prilike 1 minut - kada se bude startovao, klikni dugme Scan for Vundo - kada zavrsi skeniranje klikni na Remove Vundo - potvrdi brisanje sa Yes - ovog momenta ce desktop da se ugasi - kada zavrsi dezinfekciju, pojavice se poruka da ce da ugasi kompjuter - klikni OK - ukljuci ponovo kompjuter - otvori fajl C:\vundofix.txt i iskopiraj nam sadrzaj ovde

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Pomoc, izbacuje mi virus

Ko je trenutno na forumu

Ukupno su 918 korisnika na forumu :: 32 registrovanih, 3 sakrivenih i 883 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., bigfoot, Bobrock1, brundo65, DejanCG, dekan.m, Denaya, Djokislav, dragoljub11987, gomago, Griffon vulture, Hanibal37, Japidson, kybonacci, Lazarus, lcc, Magistar78, mercedesamg, Mercury, MiGac, milenko crazy north, Milos ZA, moldway, mustangkg, Neutral-M, repac, sabros, trutcina, Tvrtko I, vaso1, VJ, vrag81

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by