dialer

biter

Početnik
Poruka
13
Imam sp2, aktiviran firewall, redovno apdejtujem adaware, spyboot i AvGard,ali sam nakon vrsljanja po nekim hakerskim sajtovima i skidanja kreke
navukao neku bedu u vidu neprestanog pokusaja
kacenja preko modema na broj 993718400515.
Nasao sam u task menageru usbn.exe da mi trosi CPU
i preko search ga nasao u c/windows/system32 i oteravsi ga iz task menagera obrisao ga.
Sva sreća pa imam ovu kilavu pulsnu liniju pa nije prosao.
Više ne grebucka po modemu, ali nisam siguran dali sam dobro uradio.
Šta vi mislite, i dali sam sve obrisao- možda postoji neki pelcer pa da ponovo izbije.. Hvala
 
Trebalo bi da instaliraš neki anti dialer program,kako bi sačuvao svoj budžet od moguće žešćeg telef.računa.Ako hoćeš,mogu ti poslati "check dialer",pa ga instaliraj na svom računaru.Pošalji mi tvoju e-mail adresu pp-om.Pozdrav.
 
Ajde bre kakvi hakerski sajtovi?
Oni stavljaju trojanca da bi znali da li ih juri nadležna služba zbog piraterije.
Reci ti nama sad lepo koji si sehu sajt ti obilazio?
Jel ti se pojavio onaj plavi ekran "trust this publisher" pre downloada?
Heh!
Dok je lepo ćute, sad kad je loše kukaju nama...
Ako si na pulsnoj šta kukaš?
Ako ne okreće znači da je disable-ovan...
A ima i par detalja samo prelistaj sve teme sa dialerima do sada...
 
Sucur:
Vjerovatno sajtovi sa pornografskim sadrzajem, jer oni su u 99% slucajeva nosioci dialera.

Ma neeeeeee.Ma otkud..Ma jooook breee.
Čovek ni ne zna da tako nešto i postoji.
I meni je tako ,ne znam odakle ,onomad , brat navukao nešto tako ali ja nikad nisam tamo bio........
SpyBot1.4 sa najnovijim definicijama,sken u safe modu sa isključenim oporavkom sistema, obrisati TEMP fajlove.
Instaliraj TeaTimer sa SpzBot om za zaštitu.
 
Pa dobro mozda covjek nekoristi jedini taj komp, al' ipak ako ga jos neko koristi, tebao bi mu uskratiti prava, jer ocito da nepazi ni 2%, a jos posjecuje sajtove koji su najopasniji po pitanju dialer-a, a svaki susret sa dialerom je gadan, jos ako je taj dialer odradio ono za sta je predvidjen, na*ebo si moj prijatelju.
 
GZ:
Pa ako ne moze nista drugo onda moze Hijak This program...

Opreznost velika pri koristenju...

Poz.

U slučaju "krljanja" ići u safe mod i na restore deleted objects...
Zgodan je onaj kucov - Win Patrol, samo ako hoćeš zaštitu mnogo laje tj smara...


Kada nadješ dialer-a potrudi se da nadješ IZVRŠNI fajl koji pokreće taj "servis" ako virus killer ne obriš a detektuje ga, zapiši putanju pa iz SAFE moda ručno obriši taj fajl...

Aman, zašto pod XP-om ne idete kao limitirani korisnici, virus se samo zakuca u temporary internet files-e?
Odatle ga je bar lako ukloniti, a da nešto nije u redu dobićeš porukom, "You have no administrator rights to install this program"...
 
Oce li neko konacno o ovome reci nesto na srpskom?:roll: I kod mene se pojavljuje taj dialer,valjda,a konektuje me na broj 55555555...a koliko znam,nisam posjecivala nikakve "sumnjive"sajtove...I sta koristiti od tih silnih antivirusnih programa?Instalisem "mekafija",blokira mi konekciju totalno...Posle toga "Kasperski"...nista ne pomaze...Spominjali ste onaj "hijack" ...i njega imam :-) ,ali sta znaci to..."koristiti oprezno"...mislim konkretno...Sta ne smijem da obrisem,ako bar ne znam sta smijem...:)
 
Za sve one koji se nisu susretali sa programom HIJAK THIS..

Dakle, da krenem od pocetka

Ovaj program da ne govorim mnogo puta je koristan veoma ali i veoma opasan ako se ne koristi kako valja..

dakle nista se nece promijeniti dok se skenira sa njim..

Nakon skeniranja ovaj program nadje mnogo stvari a medju njima najcesce budu neki drajveri, iz iskustva kazem jer najcesce nalazi i drajvere od grafike..

S toga skenirati sa ovim programom i polako pregledati datoteke koje je ovaj program skenirao..

Dakle, ako je u pitanju program DIALER.exe onda u skenu ovog programa treba da se pojavi ovaj ili slican naziv...

Selektovati samo to i to brisati..

Ukoliko niste sigurni sta je a sta ne... najbolje je da nak prikazete na ovoj stranici sken sa ovim programom pa cemo reci koji dialer vas muci..

Takodje pored ovog programa, probajte i CWSreder, (ne instalira se)...

Poz.
 
Je l mislis na ovo?:) :roll:

Logfile of HijackThis v1.98.2
Scan saved at 22:10:17, on 30.9.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\fhffkx.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\WINDOWS\System32\spooIsv.exe
C:\systhost.exe
C:\dsonic.exe
C:\WINDOWS\System32\ttnrpwoj.exe
C:\WINDOWS\iavrdwg.exe
C:\Program Files\SurfAccuracy\SAcc.exe
C:\luxor.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\PROGRA~1\YAHOO!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\AvpM.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\Avp32.exe
C:\WINDOWS\Explorer.exe
C:\Documents and Settings\z\My Documents\My eBooks\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.krstarica.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [Spooler SubSystem App] C:\WINDOWS\System32\spooIsv.exe
O4 - HKLM\..\Run: [tracert] C:\systhost.exe
O4 - HKLM\..\Run: [elos] C:\WINDOWS\exe82.exe
O4 - HKLM\..\Run: [REGRUN] C:\dsonic.exe
O4 - HKLM\..\Run: [sctype] C:\WINDOWS\System32\ttnrpwoj.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [q3pm] C:\WINDOWS\iavrdwg.exe
O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe
O4 - HKLM\..\Run: [lux] C:\luxor.exe
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe" /wait
O4 - HKLM\..\Run: [lypnbzj] C:\WINDOWS\System32\fhffkx.exe r
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Spyware Begone] c:\freescan\freescan.exe -FastScan
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Mail Scanner] C:\Program Files\PDG 3\mailscan.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsm32.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O15 - Trusted Zone: *.media-motor.net
O15 - Trusted Zone: *.popuppers.com
O16 - DPF: {10101010-1010-1111-1010-101010101011} - mhtml:C:\\WIN.MHT!http://216.240.137.41/webtraffic/countx/g.exe
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.tbcode.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {FE5B9F54-7764-4C01-89F0-4862601EE954} (DigWebHelper Class) - http://photos.msn.com/resources/neutral/controls/DigWebX2.cab?10,0,910,0
O18 - Protocol hijack: mhtml -
 
limunada:
Je l mislis na ovo?:) :roll:

Logfile of HijackThis v1.98.2
Scan saved at 22:10:17, on 30.9.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\fhffkx.exe .........OVO JE SUMNJIVO.......
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\WINDOWS\System32\spooIsv.exe
C:\systhost.exe
C:\dsonic.exe > NEPOZNATO>
C:\WINDOWS\System32\ttnrpwoj.exe... SUMNJIVO
C:\WINDOWS\iavrdwg.exe.. Nepoznato...
C:\Program Files\SurfAccuracy\SAcc.exe ... Nepoznato...
C:\luxor.exe
C:\Program Files\ISTsvc\istsvc.exe ....Virus-Spyware
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\PROGRA~1\YAHOO!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\AvpM.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\Avp32.exe
C:\WINDOWS\Explorer.exe
C:\Documents and Settings\z\My Documents\My eBooks\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.krstarica.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe ..Sumnjivo...
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)/// Trebaju li ti 2 AV u racunaru??
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll... Nepoznato...
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx... Moguci virus
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing) Ako ne koristis brisi
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Common Files\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT" Isto od Nortona ako ne koristis Brisi
O4 - HKLM\..\Run: [Spooler SubSystem App] C:\WINDOWS\System32\spooIsv.exe
O4 - HKLM\..\Run: [tracert] C:\systhost.exe
O4 - HKLM\..\Run: [elos] C:\WINDOWS\exe82.exe Moguci virus
O4 - HKLM\..\Run: [REGRUN] C:\dsonic.exe .. Provjeri da nijeod nekog tebi poznatog programa, meni nepoznato
O4 - HKLM\..\Run: [sctype] C:\WINDOWS\System32\ttnrpwoj.exe >>Moguci virus
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [q3pm] C:\WINDOWS\iavrdwg.exe
O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe .I ovo brisi
O4 - HKLM\..\Run: [lux] C:\luxor.exe >> AKo ne znas sta je brisi
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe Virus/brisi
O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe" /wait
O4 - HKLM\..\Run: [lypnbzj] C:\WINDOWS\System32\fhffkx.exe r Brisi
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe Nepoznato... Provjeri, lici na virus
O4 - HKCU\..\Run: [Spyware Begone] c:\freescan\freescan.exe -FastScan Brisi
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Mail Scanner] C:\Program Files\PDG 3\mailscan.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsm32.exe \Isto od Nortona
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O15 - Trusted Zone: *.media-motor.net// provjeri
O15 - Trusted Zone: *.popuppers.com ///provjeri///
O16 - DPF: {10101010-1010-1111-1010-101010101011} - mhtml:C:\\WIN.MHT!http://216.240.137.41/webtraffic/countx/g.exe . provjeri, ako ti ne treba brisi
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.tbcode.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {FE5B9F54-7764-4C01-89F0-4862601EE954} (DigWebHelper Class) - http://photos.msn.com/resources/neutral/controls/DigWebX2.cab?10,0,910,0
O18 - Protocol hijack: mhtml -

E sad vidi.. Ovde ima svega i svacega..

Orijentaciono sam samo pogledao sta sve ima ovde...

Mnogo toga mi je nepoznato i sad po sadrzaju pregledanog rekao bih da je ovde trazenos vega is vacega na netu..

S toga probaj ukoniti ovo pa cemo da vidimo... A racunar ti je pun svega i svacega..

javi rezultate...

Poz. :)
 
Gotovo da si sve potrefio!
luxor.exe

Elem, SKLANJAJ KRSTARICU I YAHOO startne strane.
Skloni GOOGLE TOOL bar (sve u vezi BHO), interesantni su im oni "feedback"-ovi...
Koje "dobrice"
U stavri Krstaricu možeš da ostaviš...

 
Hvala GZ, i tebi strvino...:)

Nesto obrisah,nesto nisam bila sigurna i evo sta ostade nakon ciscenja:
Logfile of HijackThis v1.98.2
Scan saved at 16:04:55, on 1.10.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\WINDOWS\System32\ttnrpwoj.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
C:\WINDOWS\System32\lnqcfk.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Documents and Settings\z\My Documents\My eBooks\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.krstarica.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [tracert] C:\systhost.exe
O4 - HKLM\..\Run: [elos] C:\WINDOWS\exe82.exe
O4 - HKLM\..\Run: [REGRUN] C:\dsonic.exe
O4 - HKLM\..\Run: [sctype] C:\WINDOWS\System32\ttnrpwoj.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe" /wait
O4 - HKLM\..\Run: [rnheyuu] C:\WINDOWS\System32\lnqcfk.exe r
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Mail Scanner] C:\Program Files\PDG 3\mailscan.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O15 - Trusted Zone: *.media-motor.net
O15 - Trusted Zone: *.popuppers.com
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.tbcode.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {FE5B9F54-7764-4C01-89F0-4862601EE954} (DigWebHelper Class) - http://photos.msn.com/resources/neutral/controls/DigWebX2.cab?10,0,910,0
O18 - Protocol hijack: mhtml -


Inace ovaj SAcc.exe se uvijek ponovo vraca,cim odem na internet,i pored toga sto ga obrisah...:roll: ,a u task menageru su mi ostali "sumnjivi":
wowexec.exe
fb_ngn.exe
ntvdm.exe
ttnrpwoj.exe
avpm.exe
inqcfk.exe
explore.exe tj njih nisam mogla naci na listi,na koju nabasah ovde :) :

http://www.liutilities.com/products/wintaskspro/processlibrary/
I jos jedno pitanje...treba li da izbrisem i ono pod 08 google toolbar ,sve?:roll:

ps.Kasperski javlja neki virus trojan.win32.favadd.f...ali nece da ga obrise...:?
 
Limunada:
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com Vec sam napisao za ovo
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = Blank strane brisi
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = Blank strane brisi
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch Treba li ti online Media Player, ako ne brisi
R3 - Default URLSearchHook is missing Brisi
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe Sumnjivo/brisi
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx Adobe Acrobat Rider
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll Help od SpyBot S&D
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll MSN
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll Koristis li ovaj Toolbar a ako ne brisi, ako ga koristis nemoj brisati
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll Sumnjivo/brisi
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx Ovo BRISI
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll Vec sam pisao za toolbar
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) Ovo je Yahoo toolbar
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe Drajveri za HP
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe Takodje
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE kamera
O4 - HKLM\..\Run: [tracert] C:\systhost.exe hmmmm... ne znam sta je ovo, lici na neki sistemski ali nisam bas sasvim siguran
O4 - HKLM\..\Run: [elos] C:\WINDOWS\exe82.exe Ovo je virus *pogeldaj u proram files imas li folder koji se zove 180 absolute solutions . brisi
O4 - HKLM\..\Run: [REGRUN] C:\dsonic.exe Brisi
O4 - HKLM\..\Run: [sctype] C:\WINDOWS\System32\ttnrpwoj.exe Brisi
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe kako je i receno NEro
O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe" /wait KAV
O4 - HKLM\..\Run: [rnheyuu] C:\WINDOWS\System32\lnqcfk.exe r BRisi
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe Ne diraj
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe -quiet Opet od YMessengera, do tebe je dal ostavljas ili brises
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe Brisi
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background MSN
O4 - HKCU\..\Run: [Mail Scanner] C:\Program Files\PDG 3\mailscan.exe Progi za skeniranje maila, mada ako takav imas ostavi a ako ne BRISI
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background MSN dva puta se pojavljuje.. Ako ne treba brisi
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe Opet od kamere nesto... Brisi, pa ako zastopa nesto sa kamerom nije problem instalisati ponovo...
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html Google toolbar . koliko samo toolbarova imas...cccc. odluci se , po meni mnogo ih je...
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html Google translator si koristio/la
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html Nepotrebno
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html Takodje
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html Takodje
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html Takodje
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE YMSN
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE Opet
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O15 - Trusted Zone: *.media-motor.net Pojma nemam sta je ovo.. ja bih obrisao
O15 - Trusted Zone: *.popuppers.com Pojma nemam sta je ovo.. ja bih obrisao
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab Ovo lici na virus zvani dl1.exe i tesko ga se kotarisati.. SAFE MODE
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab Ovo valjda znas sta je, uploadovao/la si sliku negdje
O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) - http://www.tbcode.com/ist/softwares/v4.0/0006_regular.cab Brisi
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab Brisi
O16 - DPF: {FE5B9F54-7764-4C01-89F0-4862601EE954} (DigWebHelper Class) - http://photos.msn.com/resources/neutral/controls/DigWebX2.cab?10,0,910,0
O18 - Protocol hijack: mhtml -


Inace ovaj SAcc.exe se uvijek ponovo vraca,cim odem na internet,i pored toga sto ga obrisah...:roll: ,a u task menageru su mi ostali "sumnjivi":
wowexec.exe... obisi ga... nesto lici na zvuk, ali ako te bude zezao dodati je lako, nadam se da imas sve instalacione drajvere... obicno je virus koji nosi slicne stvar za sobom ima ovaj naziv wmplay2.exe
fb_ngn.exe . nepoznato... brisi
ntvdm.exe . brisi
ttnrpwoj.exe... obavezno brisi
avpm.exe AVPmonitor . nediraj.. lici na AVASTA, ako je nekad bio avast ona brisi...
inqcfk.exe... brisi...
explore.exe tj njih nisam mogla naci na listi,na koju nabasah ovde :) :

http://www.liutilities.com/products/wintaskspro/processlibrary/
I jos jedno pitanje...treba li da izbrisem i ono pod 08 google toolbar ,sve?:roll: brisi

ps.Kasperski javlja neki virus trojan.win32.favadd.f...ali nece da ga obrise...:?


Sta jos da ti kazem sem da sve ovo treba da odradis u SAFE MODE tvog racunara i da javis rezultate, pored ovog prije upotrebe u safe mode prekontrolisi sa KAV-m i SpyBot-om...

Mnogo srece i nadam se da smo rijesili problem..

Pored toga zamolio bih te da se okanis IE...

Pozdrav. GZ
 
limunada:
Hvala GZ, i tebi strvino...:)

Nesto obrisah,nesto nisam bila sigurna i evo sta ostade nakon ciscenja:
Logfile of HijackThis v1.98.2
Scan saved at 16:04:55, on 1.10.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:

C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe drajver za HP
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe drajver za HP
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE drajver za kameru
C:\WINDOWS\System32\ttnrpwoj.exe Posto rece da je nepoznati brisi
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe KAV
C:\WINDOWS\System32\lnqcfk.exe Brisi
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\YAHOO!\MESSEN~1\ypager.exe Yahoo messenger. ako ti treba ostavi a ako ne brisi
C:\Program Files\MSN Messenger\MsnMsgr.Exe Yahoo messenger
C:\Program Files\Messenger\MSMSGS.EXE MSN
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe HP-ova kratica za Web / meni ne treba ja brisem to inace
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpcc.exe KAV
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpm.exe KAV
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ntvdm.exe Sumnjivo mi je, ne mogu da skontam sta je
C:\Documents and Settings\z\My Documents\My eBooks\HijackThis.exe Ovaj program u kome skeniras
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ycomp/defaults/sb/*http://www.yahoo.com/search/ie.html Ne znam sta ti je HomePage u tvom IE-u i da li je to default browser kod tebe, ako jeste onda pripazi na ovo.. ili ako zelis da ti bude home page treba da stoji www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.krstarica.com/ . Ovo je kako vids krstarica i rekao bih da je bezopasno
limunada:
Nije moglo da stane u jednu poruku pa sam ovako zbrzio... Nadam se da ces da se snadjes..

Pozdrav.
 
Hijack je veoma dobar program ali ga treba znatikoristiti.Nebih ti to preporucio jer mozes da unistis ceo sistem sa njim.On sluzi(meni)kada imam problem da taj problem pomocu Hijac.. programa postavim na internetu.O tome mozes detaljnije procitrati na sajtu www.supersajt.com
 

Back
Top