PDA

View Full Version : i was infected a backdoor trojan named blackcore help me!


livingdeads
2007-06-20, 23:24
people please help me

zone alarm internet security says it is win32/nebuler.bl or bi but

when i searched with spybot s&d it shows me "blackcore"

i observed some things about this

for ex. i can't update antispyware in zone alarm

some times internet slows down


IN OBLIVION GAME , PC RESTARTS SOME TIMES I THINK THIS CAUSES
IT.
livingdeads
2007-06-20, 23:30
here is hijackthis report


Logfile of HijackThis v1.99.1
Scan saved at 00:29:54, on 21.06.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ZoneLabs\isafe.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Documents and Settings\TES 4 Oblivion\Desktop\VundoFix.exe
C:\Program Files\HijackThis\HijackThis.exe

O4 - HKLM\..\Run: [CM-SmWizard] C:\WINDOWS\System\SmWizard.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [eTrustPPAP] "C:\Program Files\CA\eTrust Internet Security Suite\eTrust PestPatrol Anti-Spyware\PPActiveDetection.exe"
O4 - HKLM\..\RunOnce: [eISS_cleanup] "C:\DOCUME~1\TES4OB~1\LOCALS~1\Temp\cacu_001.exe" /cleanup
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - C:\WINDOWS\system32\ZoneLabs\isafe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
livingdeads
2007-06-21, 20:42
any answers ?
tashi
2007-06-21, 21:11
Hello.

Perhaps you did not see our sticky topics?

Posting three times to your own topic, one of them being a *bump*, may have the effect of delaying assistance. Helpers look for new topics that don't appear to be answered, which is one reason the sticky topics are provided. ;)

Please see: "BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)

If you have waited four days for advice post here. (http://forums.spybot.info/showthread.php?p=4836#post4836) :)