Spyware za čije uklanjanje tražim pomoć.
Prikazujem rezultate 1 do 10 od 10

Tema: Spyware za čije uklanjanje tražim pomoć.

  1. #1
    Početnik
    Učlanjen
    16.12.2007.
    Poruke
    5
    Reputaciona moć
    0

    Podrazumevano Spyware za čije uklanjanje tražim pomoć.

    Moj problem je sledeći: pretpostavljam da sam zakačio neki spyware, ali ga se ne mogu rešiti. Problem se ogleda u tome što, kada otvorim IE, otvaraju se automatski i neke druge stranice, i to:

    http://fp.pc-on-internet.com/?id=50214&nums=N080WW7CZ-FBW.P60ADg&login=672125&mediaid_prefix=005&asked_billing_id=15&time=30
    http://fp.pc-on-internet.com/?id=50253&nums=N080WW7CZ-FBW.QkeABw&login=672125&mediaid_prefix=005&asked_billing_id=15&time=30
    http://fp.gad-network.com/?id=50252&nums=N080WW7CZ-FBW.QfvABw&login=672125&mediaid_prefix=005&asked_billing_id=15&time=30

    Prema opisima sam zaključio da se radi o spyware-u. Pokušao sam ga obrisati pomoću Spyware terminatora u Safe mode, ali, nije uspeo to odraditi, jer mi problem postoji i nakon vraćanja u normal mode. Ni NORTON ga nije uspeo eliminisati.

    HJ log:

    Logfile of HijackThis v1.99.1
    Scan saved at 1:33:54, on 16.12.2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
    C:\Program Files\Spyware Terminator\sp_rsser.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
    C:\Program Files\GrabClipSave\GrabClipSave.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\ObjectDock\ObjectDock.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Outlook Express\msimn.exe
    C:\Program Files\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
    O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
    O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
    O4 - HKCU\..\Run: [GCS] "C:\Program Files\GrabClipSave\GrabClipSave.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
    O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\ObjectDock\ObjectDock.exe
    O4 - Startup: Calentura.lnk = C:\Program Files\Calentura.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart17.exe
    O8 - Extra context menu item: Crawler Search - tbr:iemenu
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{2DA857BF-747B-4726-9249-636447FD2CAF}: NameServer = 217.26.64.130 217.26.64.131
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

    Imam WinXP SP2, wireless. Napominjem da sam relativni početnik sa računarom, a ovaj forum su mi preporučili prijatelji, koji su ovde dobili savet za neke svoje probleme. Zahvalan sam za svaku pomoć, i nadam se da će mi neko pomoći.



  2. #2
    Aktivan član dr_Bora (avatar)
    Učlanjen
    27.12.2004.
    Pol
    muški
    Poruke
    1.248
    Reputaciona moć
    60

    Podrazumevano Re: Spyware za čije uklanjanje tražim pomoć.

    Preuzmi ComboFix sa jednog od sledećih linkova i sačuvaj ga na Desktop-u:
    download link 1, download link 2
    • Privremeno isključi AV program kako ne bi ometao proces čišćenja
    • Dvoklikom pokreni ComboFix.exe i isprati uputstva
    • Nemoj klikati mišem u prozoru ComboFix-a dok radi!
    • Kada proces bude završen, logfile C:\ComboFix.txt će se otvoriti u Notepad-u
    • Iskopiraj sadržaj tog logfile-a u temu na forumu

  3. #3
    Početnik
    Učlanjen
    16.12.2007.
    Poruke
    5
    Reputaciona moć
    0

    Podrazumevano Re: Spyware za čije uklanjanje tražim pomoć.

    Učinio sam kako ste rekli, i evo loga:

    ComboFix 07-12-16.4 - Danijel 2007-12-17 3:28:29.1 - FAT32x86
    Running from: C:\Documents and Settings\Danijel\Desktop\ComboFix.exe
    * Created a new restore point
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\Documents and Settings\Danijel\Local Settings\Application Data\dbhfcafdty.dat
    C:\Documents and Settings\Danijel\Local Settings\Application Data\dbhfcafdty.exe
    c:\Documents and Settings\Danijel\Local Settings\Application Data\dbhfcafdty_nav.dat
    C:\Documents and Settings\Danijel\Local Settings\Application Data\dbhfcafdty_navps.dat
    C:\Program Files\webmediaplayer
    C:\Program Files\webmediaplayer\Privacy Policy.url
    C:\Program Files\webmediaplayer\resources\languages_v2.xml
    C:\Program Files\webmediaplayer\resources\webmedias
    C:\Program Files\webmediaplayer\skins\classic.skn
    C:\Program Files\webmediaplayer\sqlite3.dll
    C:\Program Files\webmediaplayer\Terms and conditions.url
    C:\Program Files\webmediaplayer\uninst.exe
    C:\Program Files\webmediaplayer\WebMediaPlayer.exe
    C:\Program Files\webmediaplayer\Website.url

    .
    ((((((((((((((((((((((((( Files Created from 2007-11-17 to 2007-12-17 )))))))))))))))))))))))))))))))
    .

    2007-12-16 21:41 . 2007-12-16 21:41 <DIR> d-------- C:\Program Files\Lavasoft
    2007-12-16 21:39 . 2007-12-16 21:39 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2007-12-14 17:24 . 2007-12-14 17:24 <DIR> d-------- C:\Program Files\WinClamAVShield
    2007-12-14 15:21 . 2007-12-14 15:21 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Spyware Terminator
    2007-12-14 03:10 . 2007-12-14 03:10 <DIR> d-------- C:\WINDOWS\system32\config\systemprofile\Applicati on Data\Spyware Terminator
    2007-12-14 03:09 . 2007-12-14 04:41 138,624 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
    2007-12-14 03:04 . 2007-12-14 03:04 <DIR> d-------- C:\Program Files\Spyware Terminator
    2007-12-14 03:04 . 2007-12-14 03:04 <DIR> d-------- C:\Program Files\Crawler
    2007-12-14 03:04 . 2007-12-14 03:04 <DIR> d-------- C:\Documents and Settings\Danijel\Application Data\Spyware Terminator
    2007-12-14 03:04 . 2007-12-14 03:04 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
    2007-12-14 01:03 . 2007-12-14 01:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2007-12-12 02:08 . 2007-12-12 02:08 <DIR> d--hs---- C:\Program Files\Common Files\WindowsLiveInstaller
    2007-12-12 02:07 . 2007-12-12 02:07 <DIR> d-------- C:\Program Files\Windows Live
    2007-12-12 02:06 . 2007-12-12 02:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
    2007-12-10 19:09 . 2007-12-10 19:09 <DIR> d-------- C:\Program Files\AnswerWorks 4.0
    2007-12-10 19:05 . 2007-12-10 19:05 <DIR> d-------- C:\Program Files\AutoCAD 2007
    2007-12-10 19:05 . 2007-12-10 19:05 <DIR> d-------- C:\Documents and Settings\Danijel\Application Data\Autodesk
    2007-12-10 19:05 . 2007-12-10 19:05 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Autodesk
    2007-12-10 18:55 . 2007-12-10 18:55 <DIR> d-------- C:\Program Files\Common Files\Autodesk Shared
    2007-12-10 18:54 . 2007-12-10 18:54 <DIR> d-------- C:\Program Files\Autodesk
    2007-12-10 15:11 . 2007-12-10 15:11 0 --a------ C:\WINDOWS\mngui.INI
    2007-12-09 18:23 . 2007-12-09 18:24 635 --a------ C:\WINDOWS\Rtcw.INI
    2007-11-28 02:51 . 2007-11-28 02:51 <DIR> d-------- C:\Documents and Settings\Danijel\Application Data\skypePM
    2007-11-28 02:51 . 2007-11-28 02:51 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat
    2007-11-28 02:30 . 2007-11-28 02:30 <DIR> d-------- C:\Documents and Settings\Danijel\Application Data\Skype
    2007-11-28 02:29 . 2007-11-28 02:29 <DIR> d-------- C:\Program Files\Skype
    2007-11-28 02:29 . 2007-11-28 02:29 <DIR> d-------- C:\Program Files\Common Files\Skype
    2007-11-28 02:28 . 2007-11-28 02:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype
    2007-11-26 00:37 . 2007-11-26 00:37 <DIR> d-------- C:\Program Files\Chronos
    2007-11-23 15:33 . 2007-11-23 15:33 <DIR> d-------- C:\Documents and Settings\Danijel\Application Data\Nvu
    2007-11-23 15:13 . 2007-11-23 15:13 <DIR> d-------- C:\Program Files\Hair Pro 2006 Light
    2007-11-23 15:10 . 2007-11-23 15:10 <DIR> d-------- C:\Program Files\Cheatbook Database 2006

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
    .
    2007-08-18 11:00 20,336 ----a-w C:\Documents and Settings\Danijel\Application Data\GDIPFONTCACHEV1.DAT
    2006-02-13 17:42 2,777,088 ----a-w C:\Program Files\PDF Reader.exe
    2007-08-03 17:02 32 --sha-w C:\WINDOWS\{CA7E0FE7-44E8-418D-904A-EA9762FDCAF5}.dat
    2007-08-03 17:02 32 --sha-w C:\WINDOWS\system32\{0E23646F-FCA5-45AA-BB4C-FDA41E2E0D6A}.dat
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\Au toCAD Digital Signatures Icon Overlay Handler]
    @={36A21736-36C2-4C11-8ACB-D4136F2B57BD}

    [HKEY_CLASSES_ROOT\CLSID\{36A21736-36C2-4C11-8ACB-D4136F2B57BD}]
    2006-03-05 03:55 185448 --a------ C:\WINDOWS\system32\AcSignIcon.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
    "GCS"="C:\Program Files\GrabClipSave\GrabClipSave.exe" [2003-04-14 09:15]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 22:56]
    "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2007-08-12 11:02]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.e xe" [2001-07-09 10:50]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
    "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 16:30]
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2002-08-19 22:22]
    "ccRegVfy"="C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe" [2002-08-19 22:23]
    "Advanced Tools Check"="C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE" [2002-08-26 22:35]
    "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 16:17]
    "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2007-08-12 11:02]
    "SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2007-12-14 04:35]
    "Ad-Watch"="C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Watch2007.exe" [2007-09-26 23:16]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 22:56]

    *Newly Created Service* - CATCHME
    *Newly Created Service* - PROCEXP90
    .
    ************************************************** ************************

    catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-17 03:33:53
    Windows 5.1.2600 Service Pack 2 FAT NTAPI

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    ************************************************** ************************
    .
    Completion time: 2007-12-17 3:34:51

    Dodajem da sam pokušao i sa Ad-aware i sa Spybot S&D prvo u Safe modu, a zatim i u normal modu, i 15-tak minuta je bilo sve u redu, da bi se problem ponovo pojavio.

    Pozdrav

  4. #4
    Aktivan član dr_Bora (avatar)
    Učlanjen
    27.12.2004.
    Pol
    muški
    Poruke
    1.248
    Reputaciona moć
    60

    Podrazumevano Re: Spyware za čije uklanjanje tražim pomoć.

    Kakvo je sada stanje (nakon pokretanja ComboFix-a)?



    Uradi i sledeće: skini http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe i instaliraj ga.

    Program pokreni dvoklikom na Navilog1.bat na desktopu.
    - odaberi jezik (npr. ukucaj E za engleski)
    - u naredna tri ekrana pritisni bilo koji taster
    - izaberi opciju 1 - Search
    - kada skeniranje bude gotovo, logfile će se otvoriti u notepadu - iskopiraj sadržaj toga file-a u temu na forumu.

  5. #5
    Početnik
    Učlanjen
    16.12.2007.
    Poruke
    5
    Reputaciona moć
    0

    Podrazumevano Re: Spyware za čije uklanjanje tražim pomoć.

    Nakon pokretanja Combofix-a, ne primećujem da mi se problem ponovo javlja.

    Ali, evo i loga koji ste tražili:

    Search Navipromo version 3.3.8 began on pon 17.12.2007 at 15:58:21,37

    !!! Warning, this report may include legitimate files/programs !!!
    !!! Post this report on the forum you are being helped !!!
    !!! Don't continue with removal unless instructed by an authorized helper !!!
    Fix running from C:\Program Files\navilog1
    Updated on 11.12.2007 at 18h00 by IL-MAFIOSO


    Microsoft Windows XP [Version 5.1.2600]
    Version Internet Explorer : 6.0.2900.2180
    Filesystem type : FAT32

    Done in normal mode

    *** Searching for installed Software ***




    *** Search folders in C:\WINDOWS ***



    *** Search folders in C:\Program Files ***



    *** Search folders in ***




    *** Search folders in "C:\Documents and Settings\Danijel\application data" ***


    *** Search folders in ***


    *** Search with Catchme-rootkit/stealth malware detector by gmer ***
    for more info : http://www.gmer.net

    No file found



    *** Search with GenericNaviSearch ***
    !!! Possibility of legitimate files in the result !!!
    !!! Must always be checked before manually deleting !!!

    * Scan in C:\WINDOWS\system32 *

    * Scan in "C:\Documents and Settings\Danijel\local settings\application data" *



    *** Search files ***




    *** Search specific Registry keys ***


    *** Complementary Search ***
    (Search specific files)

    1)Search new Instant Access files :


    2)Heuristic Search :

    * In C:\WINDOWS\system32 :


    * In "C:\Documents and Settings\Danijel\local settings\application data" :


    3)Certificates Search :

    Egroup certificate not found !

    4)Search known files :



    *** Search completed on pon 17.12.2007 at 16:00:18,95 ***


    Da li sam ga se konačno rešio?

  6. #6
    Aktivan član dr_Bora (avatar)
    Učlanjen
    27.12.2004.
    Pol
    muški
    Poruke
    1.248
    Reputaciona moć
    60

    Podrazumevano Re: Spyware za čije uklanjanje tražim pomoć.

    Da, rešeno je.

    Potrebno je resetovati System Restore:
    • Control Panel > System: na System Restore tabu: čekiraj Turn off System Restore on all drives
    • Restartuj kompjuter
    • Control Panel > System: na System Restore tabu: dečekiraj Turn off System Restore on all drives

    Gornji postupak će obrisati sadržaj System Restore foldera a time i malware koji se nalazi u njemu i kreirati novu, "čistu" tačku za oporavak sistema.


    To bi bilo to... Pozdrav...

  7. #7
    Početnik
    Učlanjen
    16.12.2007.
    Poruke
    5
    Reputaciona moć
    0

    Podrazumevano Re: Spyware za čije uklanjanje tražim pomoć.

    Zaista se ne pojavljuje više...

    Dr. Boro,

    Hvala Vam puno, na Vašem strpljenju i vremenu koje ste posvetili.

    Srdačan pozdrav!

  8. #8
    Početnik
    Učlanjen
    16.12.2007.
    Poruke
    5
    Reputaciona moć
    0

    Podrazumevano Re: Spyware za čije uklanjanje tražim pomoć.

    Dr. Boro

    Moram postaviti još jedno pitanje, koje je možda vezano za problem koji smo rešili.

    Naime, uz wireless, imam i staru modemsku konekciju, koju koristim kada wireless iz bilo kog razloga slabije radi. Naime, jutros sam se modemski konektovao, konekcija je prošla uobičajeno, ali mi je posle 2 minute veza prekinuta. Problem je u tome što mi računar i dalje pokazuje da je konektovan, kada pokušam da se diskonektujem klikom na "disconect", računar ne reaguje. Prikazuje da je konektovan, čak i kada izvadim kabl iz modema, tj. ikonica koja označava konekciju u donjem desnom uglu je i dalje ista, kao da je uredno konektovan. Jedino restart menja stvar. Tada se mogu ponovo konektovati, ali nakon 2-3 minute se dešava isto.

    Da li je ovo možda posledica operacije brisanja combofix.om, ili je nešto drugo u pitanju.?

  9. #9
    Aktivan član dr_Bora (avatar)
    Učlanjen
    27.12.2004.
    Pol
    muški
    Poruke
    1.248
    Reputaciona moć
    60

    Podrazumevano Re: Spyware za čije uklanjanje tražim pomoć.

    Sam proces uklanjanja malware-a nije ''poremetio'' ništa.

    E sad... Deo ove infekcije koju si imao nekada sadrži i dialer i moguće je da je sama infekcija ''čačkala'' po setovanjima za dial-up konekciju.

    Probaj da obrišeš tu konekciju koju sada imaš i da je ponovo napraviš - to bi možda moglo pomoći...

  10. #10
    Početnik
    Učlanjen
    16.12.2007.
    Poruke
    5
    Reputaciona moć
    0

    Podrazumevano Re: Spyware za čije uklanjanje tražim pomoć.

    To je bilo to.

    Sada je sve OK. Hvala još jednom dr. Boro.

    Svako dobro!

Slične teme

  1. Pomoc - spyware mi usao u kompjuter
    Autor nolle17 u forumu Sigurnost i zaštita
    Odgovora: 5
    Poslednja poruka: 28.05.2008., 17:24
  2. Pomoc za spyware worm svchost??
    Autor kosmos u forumu Sigurnost i zaštita
    Odgovora: 2
    Poslednja poruka: 28.06.2005., 20:54
  3. pomoc da uklonim spyware guard
    Autor dzorzd u forumu Sigurnost i zaštita
    Odgovora: 3
    Poslednja poruka: 15.10.2004., 03:12
  4. pomoc da uklonim spyware guard
    Autor dzorzd u forumu Sigurnost i zaštita
    Odgovora: 0
    Poslednja poruka: 08.10.2004., 19:48
  5. TRAZIM POMOC/SPYWARE
    Autor ona u forumu Sigurnost i zaštita
    Odgovora: 8
    Poslednja poruka: 16.08.2004., 18:54

Pravila za slanje poruka

  • Ne možete kreirati novu temu
  • Ne možete poslati odgovor
  • Ne možete dodati priloge
  • Ne možete prepraviti svoju poruku
  •