Problem sa spyware stvarima
Prikazujem rezultate 1 do 3 od 3

Tema: Problem sa spyware stvarima

  1. #1
    Početnik
    Učlanjen
    24.11.2003.
    Pol
    muški
    Lokacija
    Beograd
    Poruke
    8
    Reputaciona moć
    0

    Podrazumevano Problem sa spyware stvarima

    Imam uporan problem.Stalno mi se pojavljuju coolwebsearch spywareovi uglavnom isti.Verovatno kao posledica toga ne pojavljuju mi se web stranice,na netu sam ali ne mogu nista da dobijem.Obrisem iz adawarea sve spyware,ali to je privremeno.Kada se samo makar privremeno zakacim na net ponovo ih dobijem.Mislim da nema potrebe za novim programom za uklanjanje,samo treba da ih sprecim da mi se ponovo pojavljuju.Imam adaware,spybot search & destroy,hijack,secretmaker,spywareblaster.
    EVO loga iz adaware sa pomenutim coolwebsearch:
    COOLWEBSEARCH
    »»»»»»»»»»»»»»»»»»»»»»»»» »»»»»»»»»»»»»
    obj[0]=Process : C:\WINDOWS\System32\mshi.dll
    obj[1]=Regkey : software\microsoft\windows\currentversion\hd
    obj[2]=RegValue : software\microsoft\windows\currentversion\hd ""
    obj[3]=RegValue : software\microsoft\windows\currentversion\hd "Name"
    obj[4]=RegValue : software\microsoft\internet explorer "SExpire"
    obj[5]=RegValue : software\microsoft\internet explorer "LExpire"
    obj[6]=RegValue : software\microsoft\internet explorer "Version"
    obj[7]=RegValue : software\microsoft\internet explorer "Init"
    obj[8]=File : C:\WINDOWS\System32\taskopen.exe
    obj[9]=File : C:\WINDOWS\balloon.wav
    obj[10]=File : C:\WINDOWS\System32\wbem\logs\wbemess.log

    Takodje mi se pojavljuje u hijacku dva kljuca odnosno vrednosti:O2-BHO (noname) (no file).Posledica toga je da ne mogu da skidam web stranice ili bilo sta.Kada obrisem sve je u redu,ali kada sam na internetu opet mi se pojavljuju.To se dogadja I kada koristim mozilu firefox.Mozda trebam jos neke vrednosti da uklonim.
    EVO loga iz hijacka:
    Logfile of HijackThis v1.99.1
    Scan saved at 11:10:38, on 24.7.2005
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
    C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
    C:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE
    C:\Program Files\Panda Software\Panda Antivirus Platinum\apvxdwin.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Panda Software\Panda Antivirus Platinum\pavProxy.exe
    C:\Program Files\ICQ\NDetect.exe
    C:\Program Files\Real\RealPlayer\realplay.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\Plaxo\1.5.2.32\InstallStub.exe
    C:\Program Files\NewsStand\Reader\ADLSched.exe
    C:\WINDOWS\System32\ctfmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Secretmaker\secretmaker.exe
    C:\Program Files\1-Click Answers\answers.exe
    C:\PROGRA~1\COMMON~1\GURUNE~1\agtserv.exe
    C:\Documents and Settings\Sale\Desktop\hijack this\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 192.168.1.1:8080
    O2 - BHO: (no name) - {20F0E075-CA4C-4CB8-AD05-F78C5041AA22} - (no file)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\Program Files\FlashGet\jccatch.dll
    O2 - BHO: (no name) - {EE0ADEBF-D70B-4FA1-8B1C-633A7CA6F103} - C:\WINDOWS\System32\mshi.dll
    O2 - BHO: (no name) - {FDD64A7C-8902-412B-A7A1-5BE4F8F6A94F} - (no file)
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
    O3 - Toolbar: NewsStand Toolbar - {6E94ACD5-2C6A-48AC-84EF-A4DE746D385F} - C:\Program Files\NewsStand\Reader\NSIETool.dll
    O3 - Toolbar: 1-Click Answers - {7754C418-F62E-44aa-B169-E719E718BCFD} - C:\PROGRA~1\1-CLIC~1\IEToolbar\AnswersToolbarU.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    O4 - HKLM\..\Run: [Mirabilis ICQ] C:\Program Files\ICQ\NDetect.exe
    O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Antivirus Platinum\Inicio.exe"
    O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE" /s
    O4 - HKLM\..\Run: [ImInstaller_IncrediMail] C:\DOCUME~1\Sale\LOCALS~1\Temp\ImInstaller\Incredi Mail\imloader.exe -startup -product IncrediMail
    O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\realplay.exe SYSTEMBOOTHIDEPLAYER
    O4 - HKLM\..\RunOnce: [qappsrvc32.exe] qappsrvc32.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [IECHECK.EXE] C:\WINDOWS\iecheck.exe
    O4 - HKCU\..\Run: [PlaxoUpdate] C:\WINDOWS\Plaxo\1.5.2.32\InstallStub.exe -a
    O4 - HKCU\..\Run: [NewsStand.Scheduler] "C:\Program Files\NewsStand\Reader\ADLSched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: SECRETMAKER.lnk = C:\Program Files\Secretmaker\secretmaker.exe
    O4 - Global Startup: 1-Click Answers.lnk = C:\Program Files\1-Click Answers\answers.exe
    O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
    O8 - Extra context menu item: Answers... - file:C:\Program Files\1-Click Answers\Html\atiemenu.htm
    O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O8 - Extra context menu item: Download ALL with IDA - C:\Program Files\IDA\idaieall.htm
    O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Download with IDA - C:\Program Files\IDA\idaie.htm
    O8 - Extra context menu item: Radar - C:\Program Files\Internet Radar\Radar.html
    O8 - Extra context menu item: Sledeci - C:\Program Files\Internet Radar\Sledeci.html
    O8 - Extra context menu item: Subscribe in Desktop Sidebar - res://C:\Program Files\Desktop Sidebar\sbhelp.dll/menuhandler.html
    O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
    O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
    O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
    O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
    O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROProj.dll
    O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
    O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
    O9 - Extra button: O sajtu - {A33D72F1-0CA3-4522-AF0E-DBCAC81F29C2} - C:\Program Files\Internet Radar\InternetRadar.dll
    O9 - Extra button: Radar - {A727176C-7630-49d5-ACC0-EDA518EA0D73} - C:\Program Files\Internet Radar\Radar.html
    O9 - Extra button: Sledeci - {A8B4C482-2491-431d-90CC-19590FB1D12E} - C:\Program Files\Internet Radar\Sledeci.html
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe
    O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
    O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q330995.exe
    O16 - DPF: {15D0E439-4E58-45E1-A9C1-0B1B16749A3C} - http://akamai.downloadv3.com/binaries/IA/netcmp32_EN_XP.cab
    O16 - DPF: {3B0EA9E6-7003-4B38-B398-9B1B6DF439C5} -
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by19fd.bay19.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://software.newsstand.com/reader/live/Disk1/isetupml.cab
    O16 - DPF: {74F5614A-8A8C-43B4-8CC2-4B4EFAF4A6C5} (TSCCInstall Class) - http://www.techsmith.com/codec/tsccinst.cab
    O16 - DPF: {8B936702-C234-40D0-B69C-A2F669A33978} - http://akamai.downloadv3.com/binaries/LiveService/LiveService_7_EN_XP.cab
    O16 - DPF: {BFC9677B-8006-4336-9D49-2C797AEFCB9E} - http://akamai.downloadv3.com/binaries/EGDAccess/EGDACCESS_1058_XP.cab
    O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab
    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
    O16 - DPF: {F72BC3F0-6C20-4793-9DDA-258589D8A907} - http://akamai.downloadv3.com/binaries/IA/netslv32_EN_XP.cab
    O17 - HKLM\System\CS1\Services\VxD\MSTCP: NameServer = 69.50.176.156,195.225.176.31
    O17 - HKLM\System\CS2\Services\VxD\MSTCP: NameServer = 69.50.176.156,195.225.176.31
    O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 69.50.176.156,195.225.176.31
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Network Client (nwclntc) - Unknown owner - C:\WINDOWS\system32\netclnc.exe (file missing)
    O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
    O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe

    Ako neko zaista zna kako da resim ovo spasio bih se muka.



  2. #2
    Zainteresovan član mmmm25 (avatar)
    Učlanjen
    27.03.2005.
    Pol
    muški
    Poruke
    224
    Reputaciona moć
    49

    Podrazumevano

    firewall bi trebao da sprecava takve stvari da uopste udju u komp. a postoji mogucnost da imas trojanca, kako vidim tvoj antivirus ja panda, probaj sa sophosom 3.93, 3.94, 3.95, 3.96... mogu da garantujem da imas virus koji ti pravi problem

  3. #3
    Primećen član
    Učlanjen
    01.03.2005.
    Pol
    muški
    Lokacija
    Vranje
    Poruke
    708
    Reputaciona moć
    54

    Podrazumevano /

    Pogledaj to vazi i za tebe temu iznad pod nazivom greska za greskom ta uputstva vaze i za tebe.

Slične teme

  1. Problem Spyware Doctor
    Autor sandra guzvanj u forumu Sigurnost i zaštita
    Odgovora: 10
    Poslednja poruka: 14.08.2008., 21:29
  2. Problem sa virusom ili spyware-om II
    Autor Aleksandar_ČA u forumu Sigurnost i zaštita
    Odgovora: 36
    Poslednja poruka: 05.11.2007., 18:28
  3. Problem sa virusom ili spyware-om
    Autor Aleksandar_ČA u forumu Sigurnost i zaštita
    Odgovora: 47
    Poslednja poruka: 06.09.2007., 21:16
  4. Problem sa spyware search&destroy
    Autor kosmos u forumu Sigurnost i zaštita
    Odgovora: 3
    Poslednja poruka: 15.01.2006., 15:44
  5. Problem sa Spyware-om
    Autor gost 42348 u forumu Sigurnost i zaštita
    Odgovora: 13
    Poslednja poruka: 14.11.2005., 08:21

Pravila za slanje poruka

  • Ne možete kreirati novu temu
  • Ne možete poslati odgovor
  • Ne možete dodati priloge
  • Ne možete prepraviti svoju poruku
  •