|
10.12.2005., 15:36 | #1 |
Registered User
Datum registracije: Nov 2005
Lokacija: Zagreb-Munchen
Postovi: 38
|
desktop spyware
|
10.12.2005., 15:57 | #2 |
Premium
Datum registracije: Nov 2001
Lokacija: ZG
Postovi: 1,860
|
|
|
|
Oglas
|
|
11.12.2005., 11:30 | #3 |
Moderator
Datum registracije: Jan 2005
Lokacija: Rijeka
Postovi: 8,918
|
cwshredder. scanirati. ad-aware, scanirati. hijackthis. scanirati i postati log ovdje.
__________________
___________ HTPC: Intel Core2Duo E8500 × ATI Sapphire HD4670 HDMI × 2x 1GB DDR2 × Samsung 160GB × Lenovo Key+Mouse × Philips 49PFS5501 LED TV × Technics SA-EH780 5.1 × Windows 10 Laptop1: Lenovo x100e w/Windows 10 |
11.12.2005., 22:46 | #4 |
Registered User
Datum registracije: Nov 2005
Lokacija: Zagreb-Munchen
Postovi: 38
|
atha da li si na ovo mislio? Logfile of HijackThis v1.99.1 Scan saved at 22:45:57, on 11.12.2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\WINDOWS\system32\devldr32.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\ICQLite\ICQLite.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\PROGRA~1\WINZIP\winzip32.exe C:\Documents and Settings\Sven\Local Settings\Temp\HijackThis.exe R3 - Default URLSearchHook is missing O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SABHO - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - (no file) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - (no file) O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: (no name) - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - (no file) O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll O4 - HKLM\..\Run: [Ad-watch] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [NAV CfgWiz] "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Hello from Picasa Capture - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll O9 - Extra 'Tools' menuitem: Share in &Hello from Picasa - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Program Files\Hello\PicasaCapture.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe O15 - Trusted Zone: http://ny.contentmatch.net (HKLM) O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://wanwanhouse.homeip.net/kxhcm10.ocx O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{46AC59EE-C7FC-492E-97D4-D698DBC861C5}: NameServer = 195.29.150.3,195.29.150.4 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: msctl32.dll - C:\WINDOWS\system32\msctl32.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe O23 - Service: LckFldService - Unknown owner - C:\WINDOWS\system32\LckFldService.exe (file missing) O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe |
12.12.2005., 08:15 | #5 |
Moderator
Datum registracije: Jan 2005
Lokacija: Rijeka
Postovi: 8,918
|
ukloni slijedece: R3 - Default URLSearchHook is missing O2 - BHO: SABHO - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - (no file) O3 - Toolbar: (no name) - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - (no file) O3 - Toolbar: (no name) - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - (no file) O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll ------------------- download accelerator ti zaista nece pomoci, stoga predlazem njegov uninstall i uklanjanje slijedecih: O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm ---------------- O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O15 - Trusted Zone: http://ny.contentmatch.net (HKLM) O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) - http://wanwanhouse.homeip.net/kxhcm10.ocx O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: msctl32.dll - C:\WINDOWS\system32\msctl32.dll vidim da si nakupio masu govanaca sa interneta, odnosno volish skinuti sve sto ti ponude... pripazi malo na to. sto je ti ono sto se nalazi u "C:\Program Files\Hello\PicasaCapture" ? ako ne koristish, preporucam da uklonish, i nakon toga za provjertu postaj josh jednom hijack this log. jesi scanirao sa cwshredder?
__________________
___________ HTPC: Intel Core2Duo E8500 × ATI Sapphire HD4670 HDMI × 2x 1GB DDR2 × Samsung 160GB × Lenovo Key+Mouse × Philips 49PFS5501 LED TV × Technics SA-EH780 5.1 × Windows 10 Laptop1: Lenovo x100e w/Windows 10 |
12.12.2005., 10:16 | #6 |
Registered User
Datum registracije: Nov 2005
Lokacija: Zagreb-Munchen
Postovi: 38
|
uklonio sam ono sto si mi napisao i sve je izgledalo kao da je ok dok nisam restartao komp. nakon sto sam otvorio IE i upisao neku adresu dosao je neki error: IE can not open this page. a posto windowse nisam reinstralirao vise od 2 godine,pala je odluka na format c: eh sada..kad vec idem ispocetka volio bi kad bi mi preporucio koji antivirus koristiti (dosad sam imao norton2005) i koje programe antispy..imao sam ad aware pro, i spyboot ali nisu mi se cinili previse dobri pa trazim preporuku. znam da si mi dao gore nekoliko linkova ali neznam da si mislio da ih sve skinem i koristim? btw zelio bi nabracit backup ali neznam kako se to radi. kad sad usnimim sve drivere i sve potrebno to bih napravio u slucaju da mi se nesto smrda da samo vratim na to pocetno stanje. sa kojim programom?! kako? znam da je ovo podforum virusi ali da ne otvaram neki topic bezveze negdje.. malo sam razvukao al eto hvala |
12.12.2005., 10:39 | #7 |
Moderator
Datum registracije: Jan 2005
Lokacija: Rijeka
Postovi: 8,918
|
samo si promijeni "home page" kada si u IE, idesh na tools --> internet options -- > home page. ali svakako toplo preporucam format c: s obzirom da 2 godine nisi stavljao sustav na "fishko". nemoj sada raditi nikakav backup, jedan duboko format ti treba, ponovno si podesi drivere, samo si osobne podatke snimi na cd ili prebaci na drugu particiju ako je imash i to je to. ako nemash xp, preporucam xp sa sp2. antivirus: avg. jednosatavno mi se pokazao najbolji od svih antivirusa koje sam isprobavao. sa time da niti avast niti nod32 nisu loshi. ad-aware je meni najbolji tool za ciscenje spyware-a i odrazavnje racunala. koristim i spybot s&d. takodjer sa cwshredderom preporucam tu i tamo sknenirati disk i sa hijack this. ako ne znash samo sto uklonish, copy/pasteash log na forum. od firewalla preporucam zone alarm. takodjer dobri su kerio i sygate personal firewall.
__________________
___________ HTPC: Intel Core2Duo E8500 × ATI Sapphire HD4670 HDMI × 2x 1GB DDR2 × Samsung 160GB × Lenovo Key+Mouse × Philips 49PFS5501 LED TV × Technics SA-EH780 5.1 × Windows 10 Laptop1: Lenovo x100e w/Windows 10 |
12.12.2005., 12:20 | #8 |
Registered User
Datum registracije: Nov 2005
Lokacija: Zagreb-Munchen
Postovi: 38
|
evo osposobio sam sustav, imam sp2 zasad imam nortona jer zanjega imam cd key ali probat cu nabaviti avg . e sada jos jedna stvar, imam spyboot ali kada htio downloadat updates nesto mi nije htio ovo ono..pogledat cu mozda ima novija verzija. ali kod ad-aware pro. skinem update i vidim datum tog updateda je 2004 godina..nekako mi se to cini staro. probam opet update i kaze da nema novih. ???!!! |
12.12.2005., 12:21 | #9 |
Registered User
Datum registracije: Nov 2005
Lokacija: Zagreb-Munchen
Postovi: 38
|
e da, i jos jedno pitanje. kakav je ewido? vrijedili li to sta? naspram ad aware spyboota itd? |
12.12.2005., 13:23 | #10 | |
Moderator
Datum registracije: Jan 2005
Lokacija: Rijeka
Postovi: 8,918
|
Citiraj:
nabavi se ad-ware se personal. mislim da je verzija 1.06. cisto dovoljno i uredno update-a. avg je potpuno free verzija, samo sto te svakih godinu dana pita da potvrdish besplatni key koji ti i dodijele prilikom instalacije. imho, ad-aware ima prednost pred ostalima alatima za ciscenje spyware-a.
__________________
___________ HTPC: Intel Core2Duo E8500 × ATI Sapphire HD4670 HDMI × 2x 1GB DDR2 × Samsung 160GB × Lenovo Key+Mouse × Philips 49PFS5501 LED TV × Technics SA-EH780 5.1 × Windows 10 Laptop1: Lenovo x100e w/Windows 10 |
|
|
|
Oglas
|
|
12.12.2005., 13:29 | #11 |
Registered User
Datum registracije: Nov 2005
Lokacija: Zagreb-Munchen
Postovi: 38
|
digao novi. mislio sam osposobio, slozio da mogu na net,drivere i ostalo ok nabavit cu avg. i probat cu skinuti negdje taj adaware personal tnx za sve informacije. nego sad samo da usnimim jos neke gluposti onda cu postat ovdje log file pa me bas zanima da li imam vec nesto sto nije potrebno. sa hijackthi |
12.12.2005., 13:41 | #12 |
Moderator
Datum registracije: Jan 2005
Lokacija: Rijeka
Postovi: 8,918
|
imash tu na sofwtawareu neke teme i preporuke za osnovni software i podeshavanje sistema. koristi samo siguran i vec isproban sofftware od strane drugih korisnika sa iskustvima. ne instaliraj svasta sto ti se ponudi na netu, koristi samo ono sto ti treba, uz pravi AV te ostali software i utilitiese za sigurnost i odrzavanje, neces nikad imati vecih problema.
__________________
___________ HTPC: Intel Core2Duo E8500 × ATI Sapphire HD4670 HDMI × 2x 1GB DDR2 × Samsung 160GB × Lenovo Key+Mouse × Philips 49PFS5501 LED TV × Technics SA-EH780 5.1 × Windows 10 Laptop1: Lenovo x100e w/Windows 10 |
12.12.2005., 21:12 | #13 |
Premium
Datum registracije: Dec 2004
Lokacija: Vrulja
Postovi: 484
|
Isto se i meni ovo desilo o i vxr180 i nista mi nije pomoglo nego format c: Prije sam koristio Nortona a sad koriszim NOD u kombinaciji s ZA i Ad-Aware pa se nadam da da mi se ovo nece vise desiti. Usput evi i Hijacktis log pa ako mozes atha da ga provjeris. Logfile of HijackThis v1.99.1 Scan |