Diskuse JPW: spyware pcsecuritylabs / personal security center

	Autor	Zpráva
	Nerghal Profil *	#1 · Zasláno: 3. 9. 2007, 11:31:48 Odpovědět Citovat uz si neviem dat rady, skusal som vsetky mozne programy - ad-aware, avg anti-spyware, spybot s&d, rogue remover, smitfraudfix - a neucinne: najde mi plno spyware, ktory ked odstranim, tak hned sa objavi znova... nemozem sa zbavit virusu ktory v system tray vyhodi zlty trojuholnik s vykricnikom a potom spusti bud stranku PCSecurityLabs.Com alebo vyhodi akoze varovne okno windows xp security center - pod nazvom Personal Security Center a pise, ze mam rozne spyware a mam si nainstalovat nejake programy na ich odinstalovanie (fake samozrejme) ... prikladam vypis z hijackthis Logfile of HijackThis v1.99.1 Scan saved at 11:24:37, on 3.9.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:Program FilesLavasoftAd-Aware 2007aawservice.exe C:WINDOWSsystem32spoolsv.exe C:WINDOWSExplorer.EXE C:WINDOWSsystem32spooldriversw32x863hpztsb07.exe C:Program FilesWinampwinampa.exe C:Program FilesEset od32kui.exe C:Program FilesJavajre1.6.0_02injusched.exe C:Program FilesLavasoftAd-Aware 2007AAWTray.exe C:WINDOWSsystem32 undll32.exe C:Program FilesSecCenterscprot4.exe C:WINDOWSsystem32ctfmon.exe C:Program FilesSpamihilatorspamihilator.exe C:Program FilesHewlett-PackardDigital Imaginginhpotdd01.exe C:Program FilesHewlett-PackardDigital Imaginginhpohmr08.exe C:Program FilesLast.fmLastFMHelper.exe C:Program FilesGrisoftAVG Anti-Spyware 7.5guard.exe c:apachemysqlinmysqld-nt.exe C:Program FilesEset od32krn.exe C:WINDOWSsystem32 vsvc32.exe C:WINDOWSsystem32svchost.exe C:Program FilesHewlett-PackardDigital Imaginginhpoevm08.exe C:Program FilesHewlett-PackardDigital ImagingBinhpoSTS08.exe C:Documents and SettingsNerghalDesktopstinger.exe C:Program FilesMozilla Firefoxfirefox.exe C: otalcmdTOTALCMD.EXE C:DOCUME~1NerghalLOCALS~1Temp\_tcHijackThis.exe O2 - BHO: (no name) - {00000000-d9e3-4bc6-a0bd-3d0ca4be5271} - (no file) O2 - BHO: (no name) - {029e02f0-a0e5-4b19-b958-7bf2db29fb13} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll O2 - BHO: (no name) - {2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71} - (no file) O2 - BHO: (no name) - {51641ef3-8a7a-4d84-8659-b0911e947cc8} - (no file) O2 - BHO: Alcohol Toolbar Helper - {52D06F97-5511-43FA-8FDA-C481864FD26E} - C:Program FilesAlcohol Toolbarv3.2.0.0Alcohol_Toolbar.dll (file missing) O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll O2 - BHO: (no name) - {54645654-2225-4455-44A1-9F4543D34546} - (no file) O2 - BHO: (no name) - {669695bc-a811-4a9d-8cdf-ba8c795f261e} - (no file) O2 - BHO: (no name) - {6abc861a-31e7-4d91-b43b-d3c98f22a5c0} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_02inssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: (no name) - {a4a435cf-3583-11d4-91bd-0048546a1450} - (no file) O2 - BHO: oembios32.msdn_hlp - {AB5FE6E5-7C72-4B89-85D0-D57E7AEAC236} - C:WINDOWSsystem32oembios32.dll O2 - BHO: (no name) - {b8875bfe-b021-11d4-bfa8-00508b8e9bd3} - (no file) O2 - BHO: (no name) - {c2680e10-1655-4a0e-87f8-4259325a84b7} - (no file) O2 - BHO: (no name) - {c4ca6559-2cf1-48b6-96b2-8340a06fd129} - (no file) O2 - BHO: (no name) - {ca1d1b05-9c66-11d5-a009-000103c1e50b} - (no file) O2 - BHO: (no name) - {d8efadf1-9009-11d6-8c73-608c5dc19089} - (no file) O2 - BHO: (no name) - {e9147a0a-a866-4214-b47c-da821891240f} - (no file) O2 - BHO: (no name) - {e9306072-417e-43e3-81d5-369490beef7c} - (no file) O4 - HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSsystem32spooldriversw32x863hpztsb07.exe O4 - HKLM..Run: [WinampAgent] "C:Program FilesWinampwinampa.exe" O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe O4 - HKLM..Run: [nod32kui] "C:Program FilesEset od32kui.exe" /WAITSERVICE O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.6.0_02injusched.exe" O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeQTTask.exe" -atboottime O4 - HKLM..Run: [nwiz] nwiz.exe /install O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit O4 - HKLM..Run: [AAWTray] C:Program FilesLavasoftAd-Aware 2007AAWTray.exe O4 - HKLM..Run: [tqzerifi] rundll32.exe "C:Program Files qzerifilebklkte.dll",Init O4 - HKLM..Run: [SC2] C:Program FilesSecCenterscprot4.exe O4 - HKLM..RunServices: [Ad-aware Soft] adasoftw.exe O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe O4 - HKCU..Run: [Spamihilator] "C:Program FilesSpamihilatorspamihilator.exe" O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: Last.fm Helper.lnk = C:Program FilesLast.fmLastFMHelper.exe O8 - Extra context menu item: Sothink SWF Catcher - C:Program FilesCommon FilesSourceTecSWF CatcherInternetExplorer.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_02inssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_02inssv.dll O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:Program FilesICQLiteICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:Program FilesICQLiteICQLite.exe O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:Program FilesCommon FilesSourceTecSWF CatcherInternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:Program FilesCommon FilesSourceTecSWF CatcherInternetExplorer.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {32305793-C19A-48E7-AD2F-D87FF7B264A4} (TenebrilSpywareScanner Control) - http://www.tenebril.com/assets/activeX/SpywareScannerV2.ocx O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (Ovládací prvek AcDcToday) - file://C:Program FilesAutoCAD LT 2000i CzAcDcToday.ocx O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.c ab O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Prvek AcPreview) - file://C:Program FilesAutoCAD LT 2000i CzAcPreview.ocx O17 - HKLMSystemCCSServicesTcpip..{29E2F064-B870-4E4F-A38E-101EA3DCEE2 5}: NameServer = 192.12.128.1,193.58.193.11 O17 - HKLMSystemCCSServicesTcpip..{B6DD4293-2B69-446D-A82B-1C2C86E58A7 D}: NameServer = 85.255.116.67,85.255.112.71 O17 - HKLMSystemCCSServicesTcpip..{CFB9E476-015A-48A8-B776-8817964B565 C}: NameServer = 85.255.116.67,85.255.112.71 O17 - HKLMSystemCS1ServicesTcpip..{29E2F064-B870-4E4F-A38E-101EA3DCEE2 5}: NameServer = 192.12.128.1,193.58.193.11 O17 - HKLMSystemCS2ServicesTcpip..{29E2F064-B870-4E4F-A38E-101EA3DCEE2 5}: NameServer = 192.12.128.1,193.58.193.11 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:PROGRA~1MSNMES~1MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:PROGRA~1MSNMES~1MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL O20 - Winlogon Notify: winmfi32 - C:WINDOWSSYSTEM32winmfi32.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:Program FilesLavasoftAd-Aware 2007aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:Program FilesGrisoftAVG Anti-Spyware 7.5guard.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:Program FilesCommon FilesMacromedia SharedServiceMacromedia Licensing.exe O23 - Service: MySql - Unknown owner - c:/apache/mysql/bin/mysqld-nt.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:Program FilesEset od32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32 vsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
	Zerog Profil	#2 · Zasláno: 3. 9. 2007, 22:54:54 Odpovědět Citovat hele pokud to je vir tak proste nejakej antvirir, k tomu ti vic neporadim. Ale pokud to je spy-ware tak mozna pomuze kdyz se mrknes na programy po spusteni, hlavne i v registrech. Bud jsou na to programy co ti ukazi kde v registrech to je nebo rucne a nebo kdyz das do command line "msconfig". Rucne to je na adresach : HKEY_LOCAL_MACHINESOFTWAREWindowsCurrentVersionRun a jeste HKEY_CURRENT_USERSoftwareMicrosofWindowsCurrentVersionRun Ja k tomu pozivam malej programek Startup Explorer ..
		Časová prodleva: 3 roky
	eiffell Profil *	#3 · Zasláno: 10. 4. 2010, 19:46:58 Odpovědět Citovat Neviem sa zbaviť nejakého samozvaného antiviru Personal security, neviete niekto, ako to spraviť ? Nemôžem ani otvoriť antivir, ktorí mám nainštalovaný, konkrétne Microsoft Security Essential
	preca1 Profil	#4 · Zasláno: 11. 4. 2010, 13:39:22 Odpovědět Citovat http://www.bleepingcomputer.com/virus-removal/remove-personal-security - návod je anglicky asi v půlce stránky
		Časová prodleva: 13 let

Vaše odpověď

Mohlo by se hodit