Spyware
Prikazujem rezultate 1 do 10 od 10

Tema: Spyware

  1. #1
    Zainteresovan član Mateja_Bg (avatar)
    Učlanjen
    02.02.2006.
    Pol
    muški
    Lokacija
    Bg
    Poruke
    185
    Reputaciona moć
    45

    Podrazumevano Spyware

    Evo loga sa HT, sta dalje da radim? Hvala unapred.


    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 4:53:01 PM, on 9/28/2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Google\Gmail Notifier\gnotify.exe
    C:\Program Files\Eset\nod32kui.exe
    C:\WINDOWS\sv.exe
    C:\WINDOWS\svhoster.exe
    C:\WINDOWS\svzip.exe
    C:\WINDOWS\runsql.exe
    C:\Program Files\Spyware Doctor\SDTrayApp.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\Program Files\Spyware Doctor\swdsvc.exe
    C:\WINDOWS\System32\wdfmgr.exe
    C:\WINDOWS\System32\2052r.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Avant Browser\iexplore.exe
    C:\Documents and Settings\Mateja\Desktop\aaa.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\System32\spywarewarning.mht
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\sw g.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
    O4 - HKLM\..\Run: [dmozw.exe] C:\WINDOWS\System32\dmozw.exe
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [netsv32] C:\WINDOWS\sv.exe
    O4 - HKLM\..\Run: [net64] C:\WINDOWS\svhoster.exe
    O4 - HKLM\..\Run: [netzip] C:\WINDOWS\svzip.exe
    O4 - HKLM\..\Run: [runsql] C:\WINDOWS\runsql.exe
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: Add to AD Black List - C:\Program Files\Avant Browser\AddToADBlackList.htm
    O8 - Extra context menu item: Block All Images from the Same Server - C:\Program Files\Avant Browser\AddAllToADBlackList.htm
    O8 - Extra context menu item: Highlight - C:\Program Files\Avant Browser\Highlight.htm
    O8 - Extra context menu item: Open All Links in This Page... - C:\Program Files\Avant Browser\OpenAllLinks.htm
    O8 - Extra context menu item: Search - C:\Program Files\Avant Browser\Search.htm
    O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
    O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://news.beograd.com/AxisCamControl.ocx
    O17 - HKLM\System\CCS\Services\Tcpip\..\{03AFE20A-59F5-48E6-A41A-1D573DA2B54F}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\..\{03AFE20A-59F5-48E6-A41A-1D573DA2B54F}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS2\Services\Tcpip\..\{03AFE20A-59F5-48E6-A41A-1D573DA2B54F}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: Uninterruptible Power Supply UPSdmadmin (UPSdmadmin) - Unknown owner - C:\WINDOWS\System32\2052r.exe
    O23 - Service: Windows Management Instrumentation winmgmtALG (winmgmtALG) - Unknown owner - C:\WINDOWS\System32\rasx.exe

    --
    End of file - 6238 bytes
    Poslednji put ažurirao/la Mateja_Bg : 28.09.2007. u 16:58



  2. #2
    Aktivan član dr_Bora (avatar)
    Učlanjen
    27.12.2004.
    Pol
    muški
    Poruke
    1.248
    Reputaciona moć
    60

    Podrazumevano Re: Spyware

    Pokreni HT, skeniraj i čekiraj sledeće linije:

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\System32\spywarewarning.mht
    O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll
    O4 - HKLM\..\Run: [dmozw.exe] C:\WINDOWS\System32\dmozw.exe
    O4 - HKLM\..\Run: [netsv32] C:\WINDOWS\sv.exe
    O4 - HKLM\..\Run: [net64] C:\WINDOWS\svhoster.exe
    O4 - HKLM\..\Run: [netzip] C:\WINDOWS\svzip.exe
    O4 - HKLM\..\Run: [runsql] C:\WINDOWS\runsql.exe
    O17 - HKLM\System\CCS\Services\Tcpip\..\{03AFE20A-59F5-48E6-A41A-1D573DA2B54F}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS1\Services\Tcpip\..\{03AFE20A-59F5-48E6-A41A-1D573DA2B54F}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CS2\Services\Tcpip\..\{03AFE20A-59F5-48E6-A41A-1D573DA2B54F}: NameServer = 208.67.220.220,208.67.222.222
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
    O23 - Service: Uninterruptible Power Supply UPSdmadmin (UPSdmadmin) - Unknown owner - C:\WINDOWS\System32\2052r.exe
    O23 - Service: Windows Management Instrumentation winmgmtALG (winmgmtALG) - Unknown owner - C:\WINDOWS\System32\rasx.exe

    a zatim klikni na Fix Checked.

    -----------------------------------------------------------------

    Restartuj PC u Safe Mode ( pri paljenu PC-a pritiskuj F8 i izaberi Safe Mode iz menija ), a zatim obriši sledeće:

    C:\Program Files\ContextTool ( ceo folder ContextTool )
    C:\WINDOWS\System32\dmozw.exe
    C:\WINDOWS\sv.exe
    C:\WINDOWS\svzip.exe
    C:\WINDOWS\runsql.exe
    C:\WINDOWS\System32\2052r.exe
    C:\WINDOWS\System32\rasx.exe

    -----------------------------------------------------------

    Restartuj PC u normal mode i postavi novi HT log.

  3. #3
    Zainteresovan član Mateja_Bg (avatar)
    Učlanjen
    02.02.2006.
    Pol
    muški
    Lokacija
    Bg
    Poruke
    185
    Reputaciona moć
    45

    Podrazumevano Re: Spyware

    C:\WINDOWS\svzip.exe Nece da obrise, kaze access denied

    C:\WINDOWS\System32\dmozw.exe
    C:\WINDOWS\System32\rasx.exe
    Ova dva ne mogu da nadjem uopste pod tim imenom, da li da skeniram opet sada sa HT ili ne? Izvni prvi put ovo radim, pa nisam bas upucen u ove stvari

  4. #4
    Aktivan član dr_Bora (avatar)
    Učlanjen
    27.12.2004.
    Pol
    muški
    Poruke
    1.248
    Reputaciona moć
    60

    Podrazumevano Re: Spyware

    Daj novi log (napravljen u normal modu)...

  5. #5
    Zainteresovan član Mateja_Bg (avatar)
    Učlanjen
    02.02.2006.
    Pol
    muški
    Lokacija
    Bg
    Poruke
    185
    Reputaciona moć
    45

    Podrazumevano Re: Spyware

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 6:11:06 PM, on 9/28/2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Google\Gmail Notifier\gnotify.exe
    C:\Program Files\Eset\nod32kui.exe
    C:\Program Files\Spyware Doctor\SDTrayApp.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\Program Files\Spyware Doctor\swdsvc.exe
    C:\WINDOWS\System32\wdfmgr.exe
    C:\WINDOWS\System32\2052r.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\svzip.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Ahead\nero\nero.exe
    C:\Documents and Settings\Mateja\Desktop\aaa.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\System32\spywarewarning.mht
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\sw g.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
    O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://news.beograd.com/AxisCamControl.ocx
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
    O23 - Service: Uninterruptible Power Supply UPSdmadmin (UPSdmadmin) - Unknown owner - C:\WINDOWS\System32\2052r.exe
    O23 - Service: Windows Management Instrumentation winmgmtALG (winmgmtALG) - Unknown owner - C:\WINDOWS\System32\rasx.exe

    --
    End of file - 4730 bytes

  6. #6
    Aktivan član dr_Bora (avatar)
    Učlanjen
    27.12.2004.
    Pol
    muški
    Poruke
    1.248
    Reputaciona moć
    60

    Podrazumevano Re: Spyware

    Skini Avenger i raspakuj ga.
    Skini priloženi file skripta.txt.

    Pokreni Avenger:
    - obeleži opciju Load script from file
    - klikni na ikonicu folder-a i otvori file skripta.txt
    - zatvori sve pokrenute programe
    - klikni na ikonicu semafora
    - odgovori sa Yes na oba postavljena pitanja

    Nakon toga će se kompjuter dva puta restartovati - u međuvremenu nemoj bilo šta da radiš na kompjuteru.

    Kada sve bude gotovo, postavi ovde sadržaj file-a C:\avenger.txt kao i novi HT log.
    Priloženi fajlovi Priloženi fajlovi

  7. #7
    Zainteresovan član Mateja_Bg (avatar)
    Učlanjen
    02.02.2006.
    Pol
    muški
    Lokacija
    Bg
    Poruke
    185
    Reputaciona moć
    45

    Podrazumevano Re: Spyware

    Logfile of The Avenger version 1, by Swandog46
    Running from registry key:
    \Registry\Machine\System\CurrentControlSet\Service s\ujiyshfb

    *******************

    Script file located at: \??\C:\WINDOWS\obrofoec.txt
    Script file opened successfully.

    Script file read successfully

    Backups directory opened successfully at C:\Avenger

    *******************

    Beginning to process script file:

    Driver UPSdmadmin unloaded successfully.
    Driver winmgmtALG unloaded successfully.
    File C:\WINDOWS\System32\2052r.exe deleted successfully.
    File C:\WINDOWS\System32\rasx.exe deleted successfully.
    File C:\WINDOWS\svzip.exe deleted successfully.


    File C:\WINDOWS\System32\dmozw.exe not found!
    Deletion of file C:\WINDOWS\System32\dmozw.exe failed!

    Could not process line:
    C:\WINDOWS\System32\dmozw.exe
    Status: 0xc0000034


    Completed script processing.

    *******************

    Finished! Terminate.

  8. #8
    Zainteresovan član Mateja_Bg (avatar)
    Učlanjen
    02.02.2006.
    Pol
    muški
    Lokacija
    Bg
    Poruke
    185
    Reputaciona moć
    45

    Podrazumevano Re: Spyware

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 9:50:51 PM, on 9/28/2007
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Google\Gmail Notifier\gnotify.exe
    C:\Program Files\Eset\nod32kui.exe
    C:\Program Files\Spyware Doctor\SDTrayApp.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\Program Files\Spyware Doctor\svcntaux.exe
    C:\Program Files\Spyware Doctor\swdsvc.exe
    C:\WINDOWS\System32\wdfmgr.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Documents and Settings\Mateja\Desktop\aaa.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exe

    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\sw g.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
    O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://news.beograd.com/AxisCamControl.ocx
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe

    --
    End of file - 4251 bytes

  9. #9
    Aktivan član dr_Bora (avatar)
    Učlanjen
    27.12.2004.
    Pol
    muški
    Poruke
    1.248
    Reputaciona moć
    60

    Podrazumevano Re: Spyware

    Ovo izgleda dobro...

    Otvori Control Panel - System - System Restore: čekiraj: Turn Off System Restore on all drives.
    Restartuj kompjuter a zatim istu opciju dečekiraj (tj. uključi SR).

    Obriši folder C:\Avenger i sve privremene file-ove ( koristi Disk Cleanup ).

    Btw, bilo bi dobro da imaš instaliran SP2.

  10. #10
    Zainteresovan član Mateja_Bg (avatar)
    Učlanjen
    02.02.2006.
    Pol
    muški
    Lokacija
    Bg
    Poruke
    185
    Reputaciona moć
    45

    Podrazumevano Re: Spyware

    Ok, instaliracu SP2, hvala za sve

Slične teme

  1. Spyware
    Autor Wolfbrother u forumu Zanimljivi sajtovi
    Odgovora: 6
    Poslednja poruka: 09.04.2006., 21:31
  2. Spyware?!
    Autor zokij u forumu Softver
    Odgovora: 1
    Poslednja poruka: 02.01.2005., 10:48
  3. spyware
    Autor Justhappyface u forumu Sigurnost i zaštita
    Odgovora: 10
    Poslednja poruka: 07.12.2004., 22:32
  4. SPYWARE
    Autor Marko PG u forumu Sigurnost i zaštita
    Odgovora: 1
    Poslednja poruka: 18.09.2004., 22:53
  5. spyware
    Autor bravko jackass u forumu Zanimljivi sajtovi
    Odgovora: 1
    Poslednja poruka: 07.06.2004., 12:39

Pravila za slanje poruka

  • Ne možete kreirati novu temu
  • Ne možete poslati odgovor
  • Ne možete dodati priloge
  • Ne možete prepraviti svoju poruku
  •