desktop spyware

vxr180 · 10.12.2005., 15:36

kako ukloniti ovo, i promijeniti pozadinu?

sNNooPY · 10.12.2005., 15:57

http://forum.pcekspert.com/showthrea...threadid=20567
http://forum.pcekspert.com/showthrea...&threadid=9637

atha · 11.12.2005., 11:30

cwshredder. scanirati.

ad-aware, scanirati.

hijackthis. scanirati i postati log ovdje.

vxr180 · 11.12.2005., 22:46

atha da li si na ovo mislio?

Logfile of HijackThis v1.99.1
Scan saved at 22:45:57, on 11.12.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Sven\Local Settings\Temp\HijackThis.exe

R3 - Default URLSearchHook is missing
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SABHO - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll
O4 - HKLM\..\Run: [Ad-watch] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Hello from Picasa Capture - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in &Hello from Picasa - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://wanwanhouse.homeip.net/kxhcm10.ocx
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{46AC59EE-C7FC-492E-97D4-D698DBC861C5}: NameServer = 195.29.150.3,195.29.150.4
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: msctl32.dll - C:\WINDOWS\system32\msctl32.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: LckFldService - Unknown owner - C:\WINDOWS\system32\LckFldService.exe (file missing)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

atha · 12.12.2005., 08:15

ukloni slijedece:

R3 - Default URLSearchHook is missing
O2 - BHO: SABHO - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - (no file)
O3 - Toolbar: (no name) - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - (no file)
O3 - Toolbar: (no name) - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll

-------------------
download accelerator ti zaista nece pomoci, stoga predlazem njegov uninstall i uklanjanje slijedecih:

O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm

----------------
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://wanwanhouse.homeip.net/kxhcm10.ocx
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: msctl32.dll - C:\WINDOWS\system32\msctl32.dll

vidim da si nakupio masu govanaca sa interneta, odnosno volish skinuti sve sto ti ponude...

pripazi malo na to.

sto je ti ono sto se nalazi u "C:\Program Files\Hello\PicasaCapture" ?

ako ne koristish, preporucam da uklonish, i nakon toga za provjertu postaj josh jednom hijack this log.

jesi scanirao sa cwshredder?

vxr180 · 12.12.2005., 10:16

uklonio sam ono sto si mi napisao i sve je izgledalo kao da je ok dok nisam restartao komp. nakon sto sam otvorio IE i upisao neku adresu dosao je neki error: IE can not open this page.

a posto windowse nisam reinstralirao vise od 2 godine,pala je odluka na format c:

eh sada..kad vec idem ispocetka volio bi kad bi mi preporucio koji antivirus koristiti (dosad sam imao norton2005) i koje programe antispy..imao sam ad aware pro, i spyboot ali nisu mi se cinili previse dobri pa trazim preporuku. znam da si mi dao gore nekoliko linkova ali neznam da si mislio da ih sve skinem i koristim?

btw zelio bi nabracit backup ali neznam kako se to radi. kad sad usnimim sve drivere i sve potrebno to bih napravio u slucaju da mi se nesto smrda da samo vratim na to pocetno stanje. sa kojim programom?! kako? znam da je ovo podforum virusi ali da ne otvaram neki topic bezveze negdje..

malo sam razvukao al eto

hvala

atha · 12.12.2005., 10:39

samo si promijeni "home page" kada si u IE, idesh na tools --> internet options -- > home page.

ali svakako toplo preporucam format c: s obzirom da 2 godine nisi stavljao sustav na "fishko".
nemoj sada raditi nikakav backup, jedan duboko format ti treba, ponovno si podesi drivere,
samo si osobne podatke snimi na cd ili prebaci na drugu particiju ako je imash i to je to.

ako nemash xp, preporucam xp sa sp2.
antivirus: avg. jednosatavno mi se pokazao najbolji od svih antivirusa koje sam isprobavao.
sa time da niti avast niti nod32 nisu loshi.

ad-aware je meni najbolji tool za ciscenje spyware-a i odrazavnje racunala.
koristim i spybot s&d. takodjer sa cwshredderom preporucam tu i tamo sknenirati disk i sa hijack this.
ako ne znash samo sto uklonish, copy/pasteash log na forum.

od firewalla preporucam zone alarm. takodjer dobri su kerio i sygate personal firewall.

vxr180 · 12.12.2005., 12:20

evo osposobio sam sustav, imam sp2

zasad imam nortona jer zanjega imam cd key ali probat cu nabaviti avg .

e sada jos jedna stvar, imam spyboot ali kada htio downloadat updates nesto mi nije htio ovo ono..pogledat cu mozda ima novija verzija.

ali kod ad-aware pro. skinem update i vidim datum tog updateda je 2004 godina..nekako mi se to cini staro. probam opet update i kaze da nema novih. ???!!!

vxr180 · 12.12.2005., 12:21

e da, i jos jedno pitanje. kakav je ewido? vrijedili li to sta? naspram ad aware spyboota itd?

atha · 12.12.2005., 13:23

Citiraj:

Originally posted by vxr180
evo osposobio sam sustav, imam sp2

zasad imam nortona jer zanjega imam cd key ali probat cu nabaviti avg .

e sada jos jedna stvar, imam spyboot ali kada htio downloadat updates nesto mi nije htio ovo ono..pogledat cu mozda ima novija verzija.

ali kod ad-aware pro. skinem update i vidim datum tog updateda je 2004 godina..nekako mi se to cini staro. probam opet update i kaze da nema novih. ???!!!

osposobio si stari sustav ili si digao novi?

nabavi se ad-ware se personal. mislim da je verzija 1.06. cisto dovoljno i uredno update-a.

avg je potpuno free verzija, samo sto te svakih godinu dana pita da potvrdish besplatni key koji ti i dodijele prilikom instalacije.
imho, ad-aware ima prednost pred ostalima alatima za ciscenje spyware-a.

vxr180 · 12.12.2005., 13:29

digao novi. mislio sam osposobio, slozio da mogu na net,drivere i ostalo

ok nabavit cu avg.
i probat cu skinuti negdje taj adaware personal

tnx za sve informacije.

nego sad samo da usnimim jos neke gluposti onda cu postat ovdje log file pa me bas zanima da li imam vec nesto sto nije potrebno. sa hijackthi

atha · 12.12.2005., 13:41

imash tu na sofwtawareu neke teme i preporuke za osnovni software i podeshavanje sistema. koristi samo siguran i vec isproban sofftware od strane drugih korisnika sa iskustvima. ne instaliraj svasta sto ti se ponudi na netu, koristi samo ono sto ti treba, uz pravi AV te ostali software i utilitiese za sigurnost i odrzavanje, neces nikad imati vecih problema.

Moki · 12.12.2005., 21:12

Isto se i meni ovo desilo o i vxr180 i nista mi nije pomoglo nego format c:
Prije sam koristio Nortona a sad koriszim NOD u kombinaciji s ZA i Ad-Aware pa se nadam da da mi se ovo nece vise desiti. Usput evi i Hijacktis log pa ako mozes atha da ga provjeris.

Logfile of HijackThis v1.99.1
Scan

10.12.2005., 15:36	#1
vxr180 Registered User Datum registracije: Nov 2005 Lokacija: Zagreb-Munchen Postovi: 38	desktop spyware kako ukloniti ovo, i promijeniti pozadinu?

11.12.2005., 11:30	#3
atha Moderator Moj komp Datum registracije: Jan 2005 Lokacija: Rijeka Postovi: 8,918	cwshredder. scanirati. ad-aware, scanirati. hijackthis. scanirati i postati log ovdje. __________________ ___________ HTPC: Intel Core2Duo E8500 × ATI Sapphire HD4670 HDMI × 2x 1GB DDR2 × Samsung 160GB × Lenovo Key+Mouse × Philips 49PFS5501 LED TV × Technics SA-EH780 5.1 × Windows 10 Laptop1: Lenovo x100e w/Windows 10

12.12.2005., 08:15	#5
atha Moderator Moj komp Datum registracije: Jan 2005 Lokacija: Rijeka Postovi: 8,918	ukloni slijedece: R3 - Default URLSearchHook is missing O2 - BHO: SABHO - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - (no file) O3 - Toolbar: (no name) - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - (no file) O3 - Toolbar: (no name) - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - (no file) O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll ------------------- download accelerator ti zaista nece pomoci, stoga predlazem njegov uninstall i uklanjanje slijedecih: O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm ---------------- O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O15 - Trusted Zone: http://ny.contentmatch.net (HKLM) O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://wanwanhouse.homeip.net/kxhcm10.ocx O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: msctl32.dll - C:\WINDOWS\system32\msctl32.dll vidim da si nakupio masu govanaca sa interneta, odnosno volish skinuti sve sto ti ponude... pripazi malo na to. sto je ti ono sto se nalazi u "C:\Program Files\Hello\PicasaCapture" ? ako ne koristish, preporucam da uklonish, i nakon toga za provjertu postaj josh jednom hijack this log. jesi scanirao sa cwshredder? __________________ ___________ HTPC: Intel Core2Duo E8500 × ATI Sapphire HD4670 HDMI × 2x 1GB DDR2 × Samsung 160GB × Lenovo Key+Mouse × Philips 49PFS5501 LED TV × Technics SA-EH780 5.1 × Windows 10 Laptop1: Lenovo x100e w/Windows 10

12.12.2005., 10:39	#7
atha Moderator Moj komp Datum registracije: Jan 2005 Lokacija: Rijeka Postovi: 8,918	samo si promijeni "home page" kada si u IE, idesh na tools --> internet options -- > home page. ali svakako toplo preporucam format c: s obzirom da 2 godine nisi stavljao sustav na "fishko". nemoj sada raditi nikakav backup, jedan duboko format ti treba, ponovno si podesi drivere, samo si osobne podatke snimi na cd ili prebaci na drugu particiju ako je imash i to je to. ako nemash xp, preporucam xp sa sp2. antivirus: avg. jednosatavno mi se pokazao najbolji od svih antivirusa koje sam isprobavao. sa time da niti avast niti nod32 nisu loshi. ad-aware je meni najbolji tool za ciscenje spyware-a i odrazavnje racunala. koristim i spybot s&d. takodjer sa cwshredderom preporucam tu i tamo sknenirati disk i sa hijack this. ako ne znash samo sto uklonish, copy/pasteash log na forum. od firewalla preporucam zone alarm. takodjer dobri su kerio i sygate personal firewall. __________________ ___________ HTPC: Intel Core2Duo E8500 × ATI Sapphire HD4670 HDMI × 2x 1GB DDR2 × Samsung 160GB × Lenovo Key+Mouse × Philips 49PFS5501 LED TV × Technics SA-EH780 5.1 × Windows 10 Laptop1: Lenovo x100e w/Windows 10

12.12.2005., 13:41	#12
atha Moderator Moj komp Datum registracije: Jan 2005 Lokacija: Rijeka Postovi: 8,918	imash tu na sofwtawareu neke teme i preporuke za osnovni software i podeshavanje sistema. koristi samo siguran i vec isproban sofftware od strane drugih korisnika sa iskustvima. ne instaliraj svasta sto ti se ponudi na netu, koristi samo ono sto ti treba, uz pravi AV te ostali software i utilitiese za sigurnost i odrzavanje, neces nikad imati vecih problema. __________________ ___________ HTPC: Intel Core2Duo E8500 × ATI Sapphire HD4670 HDMI × 2x 1GB DDR2 × Samsung 160GB × Lenovo Key+Mouse × Philips 49PFS5501 LED TV × Technics SA-EH780 5.1 × Windows 10 Laptop1: Lenovo x100e w/Windows 10

10.12.2005., 15:57	#2
sNNooPY Premium Moj komp Datum registracije: Nov 2001 Lokacija: ZG Postovi: 1,860	http://forum.pcekspert.com/showthrea...threadid=20567 http://forum.pcekspert.com/showthrea...&threadid=9637

11.12.2005., 22:46	#4
vxr180 Registered User Datum registracije: Nov 2005 Lokacija: Zagreb-Munchen Postovi: 38	atha da li si na ovo mislio? Logfile of HijackThis v1.99.1 Scan saved at 22:45:57, on 11.12.2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\system32\devldr32.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\ICQLite\ICQLite.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\WINZIP\winzip32.exe C:\Documents and Settings\Sven\Local Settings\Temp\HijackThis.exe R3 - Default URLSearchHook is missing O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SABHO - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - (no file) O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - (no file) O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll O4 - HKLM\..\Run: [Ad-watch] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Hello from Picasa Capture - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll O9 - Extra 'Tools' menuitem: Share in &Hello from Picasa - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O15 - Trusted Zone: http://ny.contentmatch.net (HKLM) O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://wanwanhouse.homeip.net/kxhcm10.ocx O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{46AC59EE-C7FC-492E-97D4-D698DBC861C5}: NameServer = 195.29.150.3,195.29.150.4 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: msctl32.dll - C:\WINDOWS\system32\msctl32.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe O23 - Service: LckFldService - Unknown owner - C:\WINDOWS\system32\LckFldService.exe (file missing) O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

12.12.2005., 10:16	#6
vxr180 Registered User Datum registracije: Nov 2005 Lokacija: Zagreb-Munchen Postovi: 38	uklonio sam ono sto si mi napisao i sve je izgledalo kao da je ok dok nisam restartao komp. nakon sto sam otvorio IE i upisao neku adresu dosao je neki error: IE can not open this page. a posto windowse nisam reinstralirao vise od 2 godine,pala je odluka na format c: eh sada..kad vec idem ispocetka volio bi kad bi mi preporucio koji antivirus koristiti (dosad sam imao norton2005) i koje programe antispy..imao sam ad aware pro, i spyboot ali nisu mi se cinili previse dobri pa trazim preporuku. znam da si mi dao gore nekoliko linkova ali neznam da si mislio da ih sve skinem i koristim? btw zelio bi nabracit backup ali neznam kako se to radi. kad sad usnimim sve drivere i sve potrebno to bih napravio u slucaju da mi se nesto smrda da samo vratim na to pocetno stanje. sa kojim programom?! kako? znam da je ovo podforum virusi ali da ne otvaram neki topic bezveze negdje.. malo sam razvukao al eto hvala

12.12.2005., 12:20	#8
vxr180 Registered User Datum registracije: Nov 2005 Lokacija: Zagreb-Munchen Postovi: 38	evo osposobio sam sustav, imam sp2 zasad imam nortona jer zanjega imam cd key ali probat cu nabaviti avg . e sada jos jedna stvar, imam spyboot ali kada htio downloadat updates nesto mi nije htio ovo ono..pogledat cu mozda ima novija verzija. ali kod ad-aware pro. skinem update i vidim datum tog updateda je 2004 godina..nekako mi se to cini staro. probam opet update i kaze da nema novih. ???!!!

12.12.2005., 12:21	#9
vxr180 Registered User Datum registracije: Nov 2005 Lokacija: Zagreb-Munchen Postovi: 38	e da, i jos jedno pitanje. kakav je ewido? vrijedili li to sta? naspram ad aware spyboota itd?

12.12.2005., 13:29	#11
vxr180 Registered User Datum registracije: Nov 2005 Lokacija: Zagreb-Munchen Postovi: 38	digao novi. mislio sam osposobio, slozio da mogu na net,drivere i ostalo ok nabavit cu avg. i probat cu skinuti negdje taj adaware personal tnx za sve informacije. nego sad samo da usnimim jos neke gluposti onda cu postat ovdje log file pa me bas zanima da li imam vec nesto sto nije potrebno. sa hijackthi

12.12.2005., 21:12	#13
Moki Premium Moj komp Datum registracije: Dec 2004 Lokacija: Vrulja Postovi: 484	Isto se i meni ovo desilo o i vxr180 i nista mi nije pomoglo nego format c: Prije sam koristio Nortona a sad koriszim NOD u kombinaciji s ZA i Ad-Aware pa se nadam da da mi se ovo nece vise desiti. Usput evi i Hijacktis log pa ako mozes atha da ga provjeris. Logfile of HijackThis v1.99.1 Scan

Oglasni prostor
PC Ekspert Forum Oglas