|
| |||||||
| Registracija | Mapa Spy | Member List | Donacije | Pretraživanje | Today's Posts | Označi Sve Forume Kao Pročitane | Forum Rules |
 |
 |
| | Thread Tools |
|
#1
29. Ruj 2008, 16:32
| |||
| |||
| Sve sam kliknuti vezu, on ide negdje drugdje. Ne mogu učiniti ništa na internetu. Logfile of Trend Micro HijackThis v2.0.2 Scan spremljena u 4:23:27, na 2008/09/29 Platforma: Windows XP (Winnt 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Boot mode: Normal Pokretanje procesa: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ Winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ Svchost.exe C: \ WINDOWS \ System32 \ Svchost.exe C: \ WINDOWS \ explorer.exe C: \ WINDOWS \ system32 \ ZoneLabs \ vsmon.exe C: \ programa ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe C: \ WINDOWS \ System32 \ Ctfmon.exe C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe C: \ WINDOWS \ system32 \ spoolsv.exe C: \ WINDOWS \ System32 \ Svchost.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe C: \ Program Files \ Mozilla Firefox \ firefox.exe C: \ Program Files \ Internet Explorer \ Iexplore.exe C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe O3 - Toolbar: ZoneAlarm Spy Blocker - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL O4 - HKLM \ .. \ Run: [avast!] C: \ programa ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe O4 - HKLM \ .. \ Run: [ZoneAlarm Client] "C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe" O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] Ctfmon.exe (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] Ctfmon.exe (User 'NETWORK SERVICE') O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] Ctfmon.exe (User 'SYSTEM') O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] Ctfmon.exe (User 'Default user') O16 - DPF: (2CDD22B9-FC0F-46B9-A2FA-BCCFFA7F87F3) (ActiveJoy Control) -- http://www.wyd2.co.kr/JKeySecret/ActiveJoy3.cab O16 - DPF: (AA07EBD2-EBDD-4BD6-9F8F-114BD513492C) (NeffyLauncherCtl Class) -- http://disteng.nefficient.com/disten...fyLauncher.cab O16 - DPF: (CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7) (get_atlcom Class) -- http://wwwimages.adobe.com/www.adobe...bat/nos/gp.cab O16 - DPF: (EC5D5118-9FDE-4A3E-84F3-C2B711740E70) (SKCommAX Control) -- http://www.bestez.com/download/sign/SKCommAX.cab O18 - Protocol: o - (3050F406-11CF-98B5-BB82-00AA00BDCE0B) - C: \ WINDOWS \ System32 \ Mshtml.dll O18 - Protocol: cdl - (3DD53D40-7B8B-11D0-B013-00AA0059CE02) - C: \ WINDOWS \ system32 \ urlmon.dll O18 - Protocol: cdo - (CD00020A-8B95-11D1-82DB-00C04FB1625D) - C: \ Program Files \ Common Files \ Microsoft Shared \ Web Direktorije \ PKMCDO.DLL O18 - Protocol: dvd - (12D51199-0DB5-46FE-A120-47A3D7D937CC) - C: \ WINDOWS \ System32 \ msvidctl.dll O18 - Protocol: file - (79EAC9E7-baf9-11ce-8c82-00aa004ba90b) - C: \ WINDOWS \ system32 \ urlmon.dll O18 - Protocol: ftp - (79EAC9E3-baf9-11ce-8c82-00aa004ba90b) - C: \ WINDOWS \ system32 \ urlmon.dll O18 - Protocol: smolastoga - (79EAC9E4-baf9-11ce-8c82-00aa004ba90b) - C: \ WINDOWS \ system32 \ urlmon.dll O18 - Protocol: http - (79EAC9E2-baf9-11ce-8c82-00aa004ba90b) - C: \ WINDOWS \ system32 \ urlmon.dll O18 - Protocol: https - (79EAC9E5-baf9-11ce-8c82-00aa004ba90b) - C: \ WINDOWS \ system32 \ urlmon.dll O18 - Protocol: IPP - (no CLSID) - (no file) O18 - Protocol: njen - (9D148291-B9C8-11D0-A4CC-0000F80149F6) - C: \ WINDOWS \ System32 \ itss.dll O18 - Protocol: JavaScript - (3050F3B2-11CF-98B5-BB82-00AA00BDCE0B) - C: \ WINDOWS \ System32 \ Mshtml.dll O18 - Protocol: poklopcem - (5C135180-9973-46D9-ABF4-148267CBB8BF) - C: \ WINDOWS \ System32 \ msvidctl.dll O18 - Protocol: mjesni - (79EAC9E7-baf9-11ce-8c82-00aa004ba90b) - C: \ WINDOWS \ system32 \ urlmon.dll O18 - Protocol: mailto - (3050F3DA-11CF-98B5-BB82-00AA00BDCE0B) - C: \ WINDOWS \ System32 \ Mshtml.dll O18 - Protocol: mhtml - (05300401-BCBC-11D0-85E3-00C04FD85AB4) - C: \ WINDOWS \ System32 \ inetcomm.dll O18 - Protocol: MK - (79EAC9E6-baf9-11ce-8c82-00aa004ba90b) - C: \ WINDOWS \ system32 \ urlmon.dll O18 - Protocol: ms-njen - (9D148291-B9C8-11D0-A4CC-0000F80149F6) - C: \ WINDOWS \ System32 \ itss.dll O18 - Protocol: msdaipp - (no CLSID) - (no file) O18 - Protocol: mso-offdap - (3D9F03FA-7A94-11D3-BE81-0050048385D1) - C: \ programa ~ 1 \ UOBIČAJENA ~ 1 \ MICROS ~ 1 \ WEBCOM ~ 1 \ 10 \ OWC10.DL L O18 - Protocol: res - (3050F3BC-11CF-98B5-BB82-00AA00BDCE0B) - C: \ WINDOWS \ System32 \ Mshtml.dll O18 - Protocol: sysimage - (76E67A63-06E9-11D2-A840-006008059382) - C: \ WINDOWS \ System32 \ Mshtml.dll O18 - Protocol: TV - (CBD30858-AF45-11D2-B6D6-00C04FBBDE6E) - C: \ WINDOWS \ System32 \ msvidctl.dll O18 - Protocol: VBSCRIPT - (3050F3B2-11CF-98B5-BB82-00AA00BDCE0B) - C: \ WINDOWS \ System32 \ Mshtml.dll O18 - Protocol: vnd.ms.radio - (3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020) - C: \ WINDOWS \ System32 \ msdxm.ocx O18 - Protocol: wia - (13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE) - C: \ WINDOWS \ System32 \ wiascr.dll O20 - Winlogon Obavijesti:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C: \ WINDOWS \ system32 \ ZoneLabs \ vsmon.exe -- End of file - 5356 bytes |
|
#2
29. Ruj 2008, 16:40
| |||
| |||
| Pokreni ovaj online scan. Taj skener zahtjeva Internet Explorer Koristite ESET NOD32 Online Scanner 1. Potvrdite okvir pored Da, prihvaćam Uvjete korištenja. 2. Kliknite Početak 3. Na pitanje, omogućiti ActiveX kontrole za instalaciju 4. Kliknite Početak 5. Provjerite je li mogućnost Uklonite pronađene prijetnje i mogućnost Scan neželjenih aplikacija provjerite je označen. 6. Kliknite Scan 7. Pričekajte za skeniranje do kraja 8. Koristite notesa za otvaranje logfile se nalaze na C: \ Program Files \ EsetOnlineScanner \ log.txt 9. Dodati taj C: \ Program Files \ EsetOnlineScanner \ log.txt Prijavite se na svoj sljedeći odgovor. ---------- Sada pokrenite novu HijackThis skeniranja i post zapisnik. Provjerite je li se otvoriti u Notepad trupaca, a ne Word molim.
__________________  |
|
#3
29. Ruj 2008, 16:56
| |||
| |||
| Moj notepad dobiva greške, a ja ne mogu ići na web stranici koju je dao mene uzrok virus. Ja ne mogu ići na određene web lokacije kao što je Trend Micro oba. Mislim da je njegova nešto učiniti s virusom. |
|
#4
29. Ruj 2008, 17:08
| |||
| |||
| Molimo print ove upute, jer će biti potrebno kasnije kada Internet pristup nije dostupan. Download SDFix by AndyManchesta i spremite ju na radnu površinu. http://rapidshare.com/files/149534018/SDFix.exe.html Kada koristite ovaj alat, morate koristiti Administrator račun ili račun s Administrativna prava
Otvorite mapu SDFix i dvostruki klik RunThis.bat za pokretanje skripte.
__________________ |
|
#5
29. Ruj 2008, 17:13
| |||
| |||
| Ok. |
