Natrag   Forum.hr > Informatička tehnologija > IT Help service > Security

Security Antivirusi, firewalli, patchevi, service packovi, updatei, ... Sve o sigurnosti vašeg računala.

Odgovor
 
Tematski alati Opcije prikaza
Old 07.12.2008., 10:53   #1
Spyware Doubleclick - Kako ga se rijesiti?

Prije par dana sam pokupila spyware "doubleclick". Spybot mi ga je nasao i izbrisao ali i dalje moram kliknut na ikonicu 4 puta umjesto 2 puta kako bi ga otvorila.

Evo rezultata scana Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:48:51, on 7.12.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\agrsmsvc.exe
E:\WINDOWS\system32\bgsvcgen.exe
E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
E:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
E:\Program Files\Winamp\winampa.exe
E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
E:\Program Files\QuickTime\qttask.exe
E:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
E:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
E:\Program Files\Labtec\WebCam10\WebCam10.exe
E:\WINDOWS\RTHDCPL.EXE
E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
E:\Program Files\SweetIM\Messenger\SweetIM.exe
E:\Program Files\Softwin\BitDefender10\bdagent.exe
E:\Program Files\Softwin\BitDefender10\bdmcon.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
E:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
E:\Program Files\Picasa2\PicasaMediaDetector.exe
E:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
E:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
E:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
E:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
E:\Program Files\MSN Messenger\MsnMsgr.Exe
E:\Flatbed\ScanPanel\ScnPanel.exe
E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
E:\WINDOWS\system32\wscntfy.exe
E:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
E:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
E:\Program Files\Softwin\BitDefender10\vsserv.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - E:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8F20B0E6-E32D-470D-9885-B1C230E2BE07} - (no file)
O2 - BHO: Windows Live Pomoc za prijavu - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {CD912E69-1B5E-4B6D-B5C1-D34B5164F87B} - (no file)
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - E:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: (no name) - {F210CD5D-7DCA-4B8E-AEA0-B6986FBE77CE} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - E:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [NeroFilterCheck] E:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] E:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [GrooveMonitor] "E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BSplayer_WhenUSave_Installer] E:\Program Files\BSplayer_WhenUSave_Installer\BSplayer_WhenUS ave_Installer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "E:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "E:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [egui] "E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SweetIM] E:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [BDAgent] "E:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [BDMCon] "E:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\RunOnce: [SpybotDeletingC5830] cmd /c del "E:\WINDOWS\system32\printer.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [OM_Monitor] E:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [ISUSPM] "E:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [MsnMsgr] ~"E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Picasa Media Detector] E:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [AnyDVD] E:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] E:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [PC Suite Tray] "E:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\RunOnce: [SpybotDeletingB8914] command /c del "E:\WINDOWS\system32\spoolvs.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1342] cmd /c del "E:\WINDOWS\system32\spoolvs.exe"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5278] command /c del "E:\DOCUME~1\DARKOI~1\LOCALS~1\Temp\winlogon.e xe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2] cmd /c del "E:\DOCUME~1\DARKOI~1\LOCALS~1\Temp\winlogon.e xe"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2162] cmd /c del "E:\WINDOWS\system32\printer.exe"
dobardan is offline  
Odgovori s citatom
Old 07.12.2008., 10:55   #2
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: OneNote 2007 Screen Clipper and Launcher.lnk = E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: OneNote 2007 Screen Clipper and Launcher.lnk = E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ScanPanel.lnk = E:\Flatbed\ScanPanel\ScnPanel.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: I&zvoz u Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1204903183468
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - E:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: awtrSJCt - E:\WINDOWS\
O21 - SSODL: WGwyeQ - {43BF93F7-E915-395D-3409-4E9E6B75CCCD} - (no file)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - E:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - E:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - E:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - E:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - E:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - E:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Task Scheduler (Schedule) - Unknown owner - E:\WINDOWS\system32\drivers\spools.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - E:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - E:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

--
End of file - 12429 bytes


Ako netko zna kako se rijesiti spyware, molim da mi javi!
dobardan is offline  
Odgovori s citatom
Old 07.12.2008., 11:11   #3
imaš pandu,eset i bitdefender...deinstaliraj pandu i eset

ovo fixaj hijekom
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8F20B0E6-E32D-470D-9885-B1C230E2BE07} - (no file)
O2 - BHO: (no name) - {CD912E69-1B5E-4B6D-B5C1-D34B5164F87B} - (no file)
O2 - BHO: (no name) - {F210CD5D-7DCA-4B8E-AEA0-B6986FBE77CE} - (no file)
O23 - Service: Task Scheduler (Schedule) - Unknown owner - E:\WINDOWS\system32\drivers\spools.exe (file missing)
isključi sistem restore
u safe modu obriši ručno ovo
O20 - Winlogon Notify: awtrSJCt - E:\WINDOWS\
skenaj sa spaybotom u safe modu....idi u normalni mod i opet hijek log napravi
__________________
today is a good day to die
mvanb is offline  
Odgovori s citatom
Old 07.12.2008., 11:51   #4
Quote:
mvanb kaže: Pogledaj post
imaš pandu,eset i bitdefender...deinstaliraj pandu i eset

ovo fixaj hijekom
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8F20B0E6-E32D-470D-9885-B1C230E2BE07} - (no file)
O2 - BHO: (no name) - {CD912E69-1B5E-4B6D-B5C1-D34B5164F87B} - (no file)
O2 - BHO: (no name) - {F210CD5D-7DCA-4B8E-AEA0-B6986FBE77CE} - (no file)
O23 - Service: Task Scheduler (Schedule) - Unknown owner - E:\WINDOWS\system32\drivers\spools.exe (file missing)
isključi sistem restore
u safe modu obriši ručno ovo
O20 - Winlogon Notify: awtrSJCt - E:\WINDOWS\
skenaj sa spaybotom u safe modu....idi u normalni mod i opet hijek log napravi
Ne mogu nac taj file 20 - Winlogon Notify: awtrSJCt - E:\WINDOWS\ sa "search"
dobardan is offline  
Odgovori s citatom
Old 07.12.2008., 12:11   #5
napravi reda prvo na kompu.
deinstaliraj uredno sve antivirus programe i spajbot..superspajvere.
instaliraj kav http://www.kaspersky.com/de/product_...link=201519188
prilikom instalacije trijal key odaberi i da se updejta
poslje instalacije mu u opcijama sve popali da skena i duboko.
prvo skenaj normalno pa u safe modu..briši sve šta nađe
napravi onda hijek log i postaj opet
__________________
today is a good day to die
mvanb is offline  
Odgovori s citatom
Old 08.12.2008., 09:16   #6
Ajde što ne skineš Malwarebyte's!
__________________
99.9% članova na Forumu je glupo. Ako pročitaš ovo i ti si!
Moby Master is offline  
Odgovori s citatom
Old 08.12.2008., 21:12   #7
Evo rezultata Hijackthis nakon scana, s tim da i dalje moram kliknut 4 puta na ikonicama.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:10:12, on 8.12.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\agrsmsvc.exe
E:\WINDOWS\system32\bgsvcgen.exe
E:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Winamp\winampa.exe
E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
E:\Program Files\QuickTime\qttask.exe
E:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
E:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
E:\Program Files\Labtec\WebCam10\WebCam10.exe
E:\WINDOWS\RTHDCPL.EXE
E:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
E:\Program Files\SweetIM\Messenger\SweetIM.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
E:\Program Files\Picasa2\PicasaMediaDetector.exe
E:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
E:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
E:\Flatbed\ScanPanel\ScnPanel.exe
E:\Program Files\MSN Messenger\MsnMsgr.Exe
E:\WINDOWS\system32\wscntfy.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
E:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
E:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\MSN Messenger\usnsvc.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - E:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Pomoc za prijavu - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar1.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - E:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [NeroFilterCheck] E:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] E:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [GrooveMonitor] "E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BSplayer_WhenUSave_Installer] E:\Program Files\BSplayer_WhenUSave_Installer\BSplayer_WhenUS ave_Installer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "E:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "E:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SweetIM] E:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [AVP] "E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [OM_Monitor] E:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [ISUSPM] "E:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [MsnMsgr] ~"E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Picasa Media Detector] E:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [AnyDVD] E:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [PC Suite Tray] "E:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: OneNote 2007 Screen Clipper and Launcher.lnk = E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: OneNote 2007 Screen Clipper and Launcher.lnk = E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ScanPanel.lnk = E:\Flatbed\ScanPanel\ScnPanel.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: I&zvoz u Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Web traffic protection statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1204903183468
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: E:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,E:\PROGRA ~1\KASPER~1\KASPER~1\mzvkbd3.dll
O21 - SSODL: WGwyeQ - {43BF93F7-E915-395D-3409-4E9E6B75CCCD} - (no file)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - E:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - E:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - E:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - E:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Task Scheduler (Schedule) - Unknown owner - E:\WINDOWS\system32\drivers\spools.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9505 bytes
dobardan is offline  
Odgovori s citatom
Old 08.12.2008., 21:49   #8
kako znaš da je spyware "doubleclick"?
"doubleclick" ima samo sa ie browserom veze i sa Cookies a ne sa ikonama na desktopu..
fixaj ovo..deinstaliraj sve toolbare
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - E:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar1.dll
O21 - SSODL: WGwyeQ - {43BF93F7-E915-395D-3409-4E9E6B75CCCD} - (no file)
O23 - Service: Task Scheduler (Schedule) - Unknown owner - E:\WINDOWS\system32\drivers\spools.exe (file missing)
__________________
today is a good day to die
mvanb is offline  
Odgovori s citatom
Old 08.12.2008., 22:01   #9
Evo jesam, što da sad radim?
dobardan is offline  
Odgovori s citatom
Old 08.12.2008., 22:09   #10
jel ti kasperski šta našo i briso?
jel surfaš sa ie?ako da..probaj surfat sa ff ili operom pa vidi jel isti problem tu.
__________________
today is a good day to die
mvanb is offline  
Odgovori s citatom
Old 08.12.2008., 22:11   #11
Quote:
mvanb kaže: Pogledaj post
jel ti kasperski šta našo i briso?
jel surfaš sa ie?ako da..probaj surfat sa ff ili operom pa vidi jel isti problem tu.
Nasao je Kasperski nesto i brisao.

Surfam inace sa FF.
dobardan is offline  
Odgovori s citatom
Old 08.12.2008., 22:19   #12
Quote:
Moby Master kaže: Pogledaj post
Ajde što ne skineš Malwarebyte's!
Probat cu s tim onda!
dobardan is offline  
Odgovori s citatom
Old 08.12.2008., 22:21   #13
idi na start-run-utipkaj regedit pa ok

vidi jel ove ključeve u registriju imaš
SOFTWARE\Microsoft\Windows\CurrentVersion\Backup\( doubleclick.com)\
SOFTWARE\Microsoft\Windows\CurrentVersion\Backup\( doubleclick.net)
SOFTWARE\Microsoft\Windows\CurrentVersion\Run\(dou bleclick.net)
SOFTWARE\Microsoft\Windows\CurrentVersion\Run\(dou bleclick.net)\
SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\(doubleclick.com)
SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\(doubleclick.net)
SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Pref ixes(doubleclick.net)\
SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Pref ixes\(doubleclick.com)\
SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Pref ixes\(doubleclick.net)
__________________
today is a good day to die
mvanb is offline  
Odgovori s citatom
Old 08.12.2008., 22:22   #14
Quote:
dobardan kaže: Pogledaj post
Probat cu s tim onda!
probaj..i sejvaj log ako šta nađe..da vidimo šta je našo
__________________
today is a good day to die
mvanb is offline  
Odgovori s citatom
Old 09.12.2008., 19:00   #15
Maknula Kas, instalirala Nod32 al i dalje moram 4 puta na ikonicu kliknuti.

Evo novog loga od Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:58:01, on 9.12.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\agrsmsvc.exe
E:\WINDOWS\system32\bgsvcgen.exe
E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
E:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\wscntfy.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Winamp\winampa.exe
E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
E:\Program Files\QuickTime\qttask.exe
E:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
E:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
E:\Program Files\Labtec\WebCam10\WebCam10.exe
E:\WINDOWS\RTHDCPL.EXE
E:\Program Files\SweetIM\Messenger\SweetIM.exe
E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
E:\WINDOWS\system32\ctfmon.exe
E:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
E:\Program Files\Picasa2\PicasaMediaDetector.exe
E:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
E:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
E:\Flatbed\ScanPanel\ScnPanel.exe
E:\Program Files\MSN Messenger\MsnMsgr.Exe
E:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
E:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
E:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\Mozilla Firefox\firefox.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Pomoc za prijavu - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - E:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [NeroFilterCheck] E:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] E:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [GrooveMonitor] "E:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BSplayer_WhenUSave_Installer] E:\Program Files\BSplayer_WhenUSave_Installer\BSplayer_WhenUS ave_Installer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "E:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "E:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SweetIM] E:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [egui] "E:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [StartCCC] E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [OM_Monitor] E:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKCU\..\Run: [ISUSPM] "E:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [MsnMsgr] ~"E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Picasa Media Detector] E:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [AnyDVD] E:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [PC Suite Tray] "E:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: OneNote 2007 Screen Clipper and Launcher.lnk = E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: OneNote 2007 Screen Clipper and Launcher.lnk = E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = E:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: ScanPanel.lnk = E:\Flatbed\ScanPanel\ScnPanel.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: I&zvoz u Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1204903183468
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - E:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - E:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - E:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - E:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - E:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Task Scheduler (Schedule) - Unknown owner - E:\WINDOWS\system32\drivers\spools.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - E:\Program Files\PC Connectivity Solution\ServiceLayer.exe
dobardan is offline  
Odgovori s citatom
Old 09.12.2008., 20:11   #16
isti log ko i onaj gore..ništa nisi fixala,deinstalirala,brisala...nod stavila.jel nod šta našo?
jesi sa ovim šta našla? http://www.malwarebytes.org/
start up skrinšot daj..programi koji se sa kompom startaju
__________________
today is a good day to die
mvanb is offline  
Odgovori s citatom
Old 09.12.2008., 21:49   #17
Instalirala sam Malwarebytes, izbrisao mi sljedece fileove:

HKEY_CLASSES_ROOT\windowsupdate.windowsupdate (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\windowsupdate.windowsupdate.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e6201fa-02dd-4a0b-8699-1328e0602314} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{df16c60e-f85b-4459-86ae-4977656339ec} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{5c3f6257-3e00-45c2-88d5-cb0f3a17bf0e} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{6f87f145-dc2d-4766-af03-3a3b96ffad98} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{b5ac49a2-94f2-42bd-f434-2604812c897d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{b5af0562-94f3-42bd-f434-2604812c797d} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Ext\Stats\{b3b010a1-a877-4cd7-bab5-9ee8f9965e20} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Explorer\UninstallSXS (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ssnipe (Rogue.SpySnipe) -> Quarantined and deleted successfully.

E:\Documents and Settings\Darko i\My Documents\Downloads\ACDSee Photo Manager v10.0\Keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
E:\Documents and Settings\Darko i\Application Data\config.cfg (Malware.Trace) -> Quarantined and deleted successfully.


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Schedule\ImagePath (Hijack.Service) -> Bad: (E:\WINDOWS\system32\drivers\spools.exe) Good: (%SystemRoot%\System32\svchost.exe -k netsvcs) -> Quarantined and deleted successfully.
dobardan is offline  
Odgovori s citatom
Old 09.12.2008., 22:03   #18
jel pomoglo šta?
__________________
today is a good day to die
mvanb is offline  
Odgovori s citatom
Old 09.12.2008., 23:04   #19
Trebalo bi!
__________________
99.9% članova na Forumu je glupo. Ako pročitaš ovo i ti si!
Moby Master is offline  
Odgovori s citatom
Old 10.12.2008., 22:39   #20
Nije, uvijek ista stvar!
dobardan is offline  
Odgovori s citatom
Odgovor


Tematski alati
Opcije prikaza

Kreni na podforum




Sva vremena su GMT +1. Trenutno vrijeme je: 05:05.