MyCity » Ambulanta -> Arhiva Ambulante » Pop-up problem

Pop-up problem

Napisano na dan: 2.6.2009

Pop-up problem

Sledeća strana

Pagination

Odgovori

Livescore Poslao: 02 Jun 2009 10:57 Idi na vrh
offline Livescore Novi MyCity građanin Pridružio: 02 Jun 2009 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Stalno mi iskacu neki prozori u Mozilli ... Pokretao sam silne skenere i programe za ciscenje ali bez uspjeha. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:56, on 2009-06-02 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16827) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\aswServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\IPSSVC.EXE C:\Program Files\Alwil Software\Avast4\AvAgent.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe c:\program files\lenovo\system update\suservice.exe C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe C:\Program Files\UPHClean\uphclean.exe C:\Program Files\Common Files\Lenovo\Logger\logmon.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ALWILS~1\Avast4\aswDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\DusanDj\Desktop\llu\llu.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = go.microsoft.com/fwlink/?LinkId=74005 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\aswDisp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: System Update - {DA320635-F48C-4613-8325-D75A933C549E} - C:\Program Files\Lenovo\System Update\sulauncher.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = BAS.local O17 - HKLM\Software\..\Telephony: DomainName = BAS.local O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = BAS.local O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = BAS.local O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = BAS.local O17 - HKLM\System\CS4\Services\Tcpip\Parameters: Domain = BAS.local O20 - Winlogon Notify: AwayNotify - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswMaiSv.exe O23 - Service: avast! NetAgent - ALWIL Software - C:\Program Files\Alwil Software\Avast4\AvAgent.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswWebSv.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe O23 - Service: System Update (SUService) - - c:\program files\lenovo\system update\suservice.exe O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe -- End of file - 6642 bytes

Profil

dr_Bora Poslao: 02 Jun 2009 22:03 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Preuzmi sUBs-ov ComboFix sa jedne od sledećih adresa na Desktop: Bleeping Computer . . . . . Geeks to Go! Klikni desnim tasterom na neki od linkova i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu); Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save. Kada preuzimanje programa bude završeno: zatvori pokrenute programe; deaktiviraj zaštitni softver (uputstvo); dvoklikom pokreni program ComboFix. U toku rada, ComboFix će:proveriti postoji li novija verzija programa: klikni Yes ako bude ponuđeno preuzimanje iste. prikazati DISCLAIMER OF WARRANTY ON SOFTWARE: klikni Yes kako bi proces bio nastavljen.ako Recovery Console nije instalirana, ponuditi instalaciju: prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja: prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta); na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu: klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All; klikni desnim tasterom miša na obeleženi tekst i izaberi Copy; klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste. Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt); Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku.

Profil

Livescore Poslao: 03 Jun 2009 08:25 Idi na vrh
offline Livescore Novi MyCity građanin Pridružio: 02 Jun 2009 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 03 Jun 2009 8:22 ComboFix 09-06-01.03 - dusandj 2009-06-03 8:21.4 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1463 [GMT 2:00] Running from: c:\documents and settings\DusanDj\Desktop\ComboFix.exe AV: avast! antivirus 4.8.1038 [VPS 090602-0] On-access scanning disabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} . ((((((((((((((((((((((((( Files Created from 2009-05-03 to 2009-06-03 ))))))))))))))))))))))))))))))) . 2009-06-02 07:16 . 2009-06-02 07:29 -------- d-----w- c:\program files\Navilog1 2009-05-27 07:16 . 2009-05-27 07:16 262144 ------w- c:\windows\system32\default_user_class.dat 2009-05-05 11:10 . 2009-05-05 11:10 -------- d-----w- c:\program files\Windows Live SkyDrive 2009-05-05 10:49 . 2009-05-06 05:47 -------- d-----w- c:\windows\SxsCaPendDel . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-01 05:50 . 2008-05-17 02:56 5427 ----a-w- c:\windows\system32\EGATHDRV.SYS 2009-05-13 12:29 . 2008-11-27 13:56 1264000 ------w- c:\windows\system32\aswBoot.exe 2009-05-13 12:25 . 2008-11-27 13:56 93296 ------w- c:\windows\system32\drivers\aswmon.sys 2009-05-13 12:25 . 2008-11-27 13:56 94032 ------w- c:\windows\system32\drivers\aswmon2.sys 2009-05-13 12:25 . 2008-12-08 06:56 114768 ------w- c:\windows\system32\drivers\aswSP.sys 2009-05-13 12:24 . 2008-12-08 06:56 20560 ------w- c:\windows\system32\drivers\aswFsBlk.sys 2009-05-13 12:23 . 2008-11-27 13:56 51376 ------w- c:\windows\system32\drivers\aswTdi.sys 2009-05-13 12:23 . 2008-11-27 13:56 23152 ------w- c:\windows\system32\drivers\aswRdr.sys 2009-05-13 12:22 . 2008-11-27 13:56 26944 ------w- c:\windows\system32\drivers\aavmker4.sys 2009-05-12 12:29 . 2008-11-27 13:56 97480 ------w- c:\windows\system32\AvastSSw.scr 2009-05-05 11:11 . 2009-01-15 13:37 -------- d-----w- c:\program files\Windows Live 2009-05-05 10:41 . 2008-05-17 03:09 71960 ------w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-05-04 06:06 . 2006-04-30 07:12 86327 ------w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-04-06 11:04 . 2009-04-06 11:04 -------- d-----w- c:\program files\UPHClean 2009-03-06 14:22 . 2006-04-30 06:55 284160 ------w- c:\windows\system32\pdh.dll 2009-01-28 12:17 . 2008-12-24 08:12 2516 --sh--w- c:\windows\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((( SnapShot_2009-05-27_07.13.44 ))))))))))))))))))))))))))))))))))))))))) . + 2009-06-03 06:01 . 2009-06-03 06:01 16384 c:\windows\Temp\Perflib_Perfdata_708.dat + 2009-05-27 07:17 . 2009-05-27 07:17 16384 c:\windows\Temp\Perflib_Perfdata_1d4.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="c:\progra~1\ALWILS~1\Avast4\aswDisp.exe" [2009-05-12 81000] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoWelcomeScreen"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AwayNotify] 2006-04-18 17:05 49152 ------w- c:\program files\Lenovo\AwayTask\AwayNotify.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-12-08 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-12-08 20560] R2 avast! NetAgent;avast! NetAgent;c:\program files\Alwil Software\Avast4\AvAgent.exe [2008-11-27 52160] R2 smi2;smi2;c:\program files\SMI2\smi2.sys [2006-05-13 3968] R3 pelmouse;Mouse Suite Driver;c:\windows\system32\drivers\PELMOUSE.SYS [2008-05-17 16384] R3 pelusblf;USB Mouse Low Filter Driver;c:\windows\system32\drivers\PELUSBLF.SYS [2008-05-17 9216] --- Other Services/Drivers In Memory --- Deregistered - uphcleanhlp [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . . ------- Supplementary Scan ------- . IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\DusanDj\Application Data\Mozilla\Firefox\Profiles\dqbfwvo8.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - google.com FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - component: c:\program files\Network Optimizer\1.1.0.1400\FF\components\NPFFAddOn.dll FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava11.dll FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava12.dll FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava13.dll FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava14.dll FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava32.dll FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPOJI610.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-06-03 08:22 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(944) c:\program files\Lenovo\AwayTask\AwayNotify.dll - - - - - - - > 'explorer.exe'(488-) c:\windows\system32\PROCHLP.DLL c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Completion time: 2009-06-03 8:23 ComboFix-quarantined-files.txt 2009-06-03 06:23 ComboFix2.txt 2009-05-05 08:30 ComboFix3.txt 2009-03-30 11:52 Pre-Run: 127,914,237,952 bytes free Post-Run: 127,905,783,808 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4 123 --- E O F --- 2009-05-13 13:44 Dopuna: 03 Jun 2009 8:25 Evo, dok sam postavljao ovaj Combo log, iskocio mi je ovaj prozor. Znaci, samo Mycity mi je bio otvoren.

Profil

dr_Bora Poslao: 03 Jun 2009 19:30 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Otvoriti Notepad i iskopirati sledeci tekst: `Folder:: c:\program files\Network Optimizer Firefox:: FF - ProfilePath - c:\documents and settings\DusanDj\Application Data\Mozilla\Firefox\Profiles\dqbfwvo8.default\ FF - component: c:\program files\Network Optimizer\1.1.0.1400\FF\components\NPFFAddOn.dll` Snimiti na Desktop fajl iz Notepada kao "CFScript" Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici. Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Profil

Livescore Poslao: 04 Jun 2009 08:18 Idi na vrh
offline Livescore Novi MyCity građanin Pridružio: 02 Jun 2009 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-06-01.03 - dusandj 2009-06-04 8:15.5 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1324 [GMT 2:00] Running from: c:\documents and settings\DusanDj\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\DusanDj\Desktop\CFScript.txt AV: avast! antivirus 4.8.1038 [VPS 090603-0] On-access scanning disabled (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Network Optimizer c:\program files\Network Optimizer\1.1.0.1400\Data\config.dat c:\program files\Network Optimizer\1.1.0.1400\FF\chrome.manifest c:\program files\Network Optimizer\1.1.0.1400\FF\chrome\content\NPAddOn.js c:\program files\Network Optimizer\1.1.0.1400\FF\chrome\content\NPAddOn.xul c:\program files\Network Optimizer\1.1.0.1400\FF\chrome\NPAddOn.jar c:\program files\Network Optimizer\1.1.0.1400\FF\components\NPFFAddOn.dll c:\program files\Network Optimizer\1.1.0.1400\FF\components\NPFFAddOn.xpt c:\program files\Network Optimizer\1.1.0.1400\FF\components\NPFFHelperComponent.js c:\program files\Network Optimizer\1.1.0.1400\FF\install.rdf c:\program files\Network Optimizer\1.1.0.1400\NPCommon.dll c:\program files\Network Optimizer\1.1.0.1400\NPIEAddOn.dll c:\program files\Network Optimizer\1.1.0.1400\unins000.dat c:\program files\Network Optimizer\1.1.0.1400\unins000.exe . ((((((((((((((((((((((((( Files Created from 2009-05-04 to 2009-06-04 ))))))))))))))))))))))))))))))) . 2009-06-02 07:16 . 2009-06-02 07:29 -------- d-----w- c:\program files\Navilog1 2009-05-27 07:16 . 2009-05-27 07:16 262144 ------w- c:\windows\system32\default_user_class.dat 2009-05-05 11:10 . 2009-05-05 11:10 -------- d-----w- c:\program files\Windows Live SkyDrive 2009-05-05 10:49 . 2009-05-06 05:47 -------- d-----w- c:\windows\SxsCaPendDel . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-01 05:50 . 2008-05-17 02:56 5427 ------w- c:\windows\system32\EGATHDRV.SYS 2009-05-13 12:29 . 2008-11-27 13:56 1264000 ------w- c:\windows\system32\aswBoot.exe 2009-05-13 12:25 . 2008-11-27 13:56 93296 ------w- c:\windows\system32\drivers\aswmon.sys 2009-05-13 12:25 . 2008-11-27 13:56 94032 ------w- c:\windows\system32\drivers\aswmon2.sys 2009-05-13 12:25 . 2008-12-08 06:56 114768 ------w- c:\windows\system32\drivers\aswSP.sys 2009-05-13 12:24 . 2008-12-08 06:56 20560 ------w- c:\windows\system32\drivers\aswFsBlk.sys 2009-05-13 12:23 . 2008-11-27 13:56 51376 ------w- c:\windows\system32\drivers\aswTdi.sys 2009-05-13 12:23 . 2008-11-27 13:56 23152 ------w- c:\windows\system32\drivers\aswRdr.sys 2009-05-13 12:22 . 2008-11-27 13:56 26944 ------w- c:\windows\system32\drivers\aavmker4.sys 2009-05-12 12:29 . 2008-11-27 13:56 97480 ------w- c:\windows\system32\AvastSSw.scr 2009-05-05 11:11 . 2009-01-15 13:37 -------- d-----w- c:\program files\Windows Live 2009-05-05 10:41 . 2008-05-17 03:09 71960 ------w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-05-04 06:06 . 2006-04-30 07:12 86327 ------w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-04-06 11:04 . 2009-04-06 11:04 -------- d-----w- c:\program files\UPHClean 2009-03-06 14:22 . 2006-04-30 06:55 284160 ------w- c:\windows\system32\pdh.dll 2009-01-28 12:17 . 2008-12-24 08:12 2516 --sh--w- c:\windows\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((( SnapShot_2009-05-27_07.13.44 ))))))))))))))))))))))))))))))))))))))))) . + 2009-06-04 05:49 . 2009-06-04 05:49 16384 c:\windows\Temp\Perflib_Perfdata_704.dat + 2009-06-04 05:49 . 2009-06-04 05:49 16384 c:\windows\Temp\Perflib_Perfdata_1cc.dat - 2009-05-05 08:33 . 2009-05-05 08:33 16384 c:\windows\Temp\Perflib_Perfdata_1cc.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast!"="c:\progra~1\ALWILS~1\Avast4\aswDisp.exe" [2009-05-12 81000] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoWelcomeScreen"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AwayNotify] 2006-04-18 17:05 49152 ------w- c:\program files\Lenovo\AwayTask\AwayNotify.dll [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-12-08 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-12-08 20560] R2 avast! NetAgent;avast! NetAgent;c:\program files\Alwil Software\Avast4\AvAgent.exe [2008-11-27 52160] R2 smi2;smi2;c:\program files\SMI2\smi2.sys [2006-05-13 3968] R3 pelmouse;Mouse Suite Driver;c:\windows\system32\drivers\PELMOUSE.SYS [2008-05-17 16384] R3 pelusblf;USB Mouse Low Filter Driver;c:\windows\system32\drivers\PELUSBLF.SYS [2008-05-17 9216] --- Other Services/Drivers In Memory --- Deregistered - uphcleanhlp [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . . ------- Supplementary Scan ------- . IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\DusanDj\Application Data\Mozilla\Firefox\Profiles\dqbfwvo8.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - google.com FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava11.dll FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava12.dll FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava13.dll FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava14.dll FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJava32.dll FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPJPI150_06.dll FF - plugin: c:\program files\Java\jre1.5.0_06\bin\NPOJI610.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll . ************************************************************************ catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-06-04 08:18 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(940) c:\program files\Lenovo\AwayTask\AwayNotify.dll . Completion time: 2009-06-04 8:18 ComboFix-quarantined-files.txt 2009-06-04 06:18 ComboFix2.txt 2009-06-03 06:23 ComboFix3.txt 2009-05-05 08:30 ComboFix4.txt 2009-03-30 11:52 Pre-Run: 128,424,075,264 bytes free Post-Run: 128,404,451,328 bytes free Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4 131 --- E O F --- 2009-05-13 13:44

Profil

dr_Bora Poslao: 04 Jun 2009 18:20 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sada stanje? Ima li reklamnih prozora?

Profil

Livescore Poslao: 05 Jun 2009 09:21 Idi na vrh
offline Livescore Novi MyCity građanin Pridružio: 02 Jun 2009 Poruke: 8	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Sve je u redu.Hvala Vam mnogo,najbolji ste!

Profil

dr_Bora Poslao: 05 Jun 2009 15:46 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: combofix /u Primeti da postoji razmak između "ComboFix" i "/u". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. I to bi bilo sve...

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Pop-up problem

Ko je trenutno na forumu

Ukupno su 1249 korisnika na forumu :: 58 registrovanih, 5 sakrivenih i 1186 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: 357magnum, _Petar, A.R.Chafee.Jr., Aleksandar Tomić, aramis s, bokisha253, brundo65, BSD, Bubimir, cer, cinoeye, delrey, DPera, Excalibur13, flash12, Frunze, gmlale, havoc995, HrcAk47, ivica976, JOntra, jukeboxer, Klecaviks, kokodakalo, Kubovac, kunktator, ljuba, LUDI, Marko Marković, mercedesamg, Ne doznajem se u oružje, Nemanja.M, nemkea71, novator, nuke92, oldtimer, ozzy, pacika, pein, robert1979, rovac, sasa87, Shinobi, SR-3m, Srki94, stegonosa, Toper, vladaa012, vladulns, vobo, voja64, wizzardone, Wrangler, yufighter, zeo, zixmix, zlaya011, šumar bk2

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by