MyCity » Ambulanta -> Arhiva Ambulante » IE sam otvara veliki broj tabova

IE sam otvara veliki broj tabova

Napisano na dan: 30.1.2008
2

IE sam otvara veliki broj tabova
Pagination Prethodna strana

Idi na vrh

Poslao: 02 Feb 2008 16:03
Idi na vrh
offline
  • Pridružio: 24 Feb 2006
  • Poruke: 435

Ne ispostavlja nikakav log, samo nakon sto zavrsi napise "Done!!" i to je sve od Flash disinfectora.


Bila bih najsrecnija da mogu da onesposobim Norton da "izbacuje" takve prozore i da me ni o cemu ne obavestava. Ako to moze, samo mi reci na koji nacin da iskljucim.

Poslao: 02 Feb 2008 16:11
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Nisam imao kontakta sa Nortonom vec 3 godine, tako da tesko mogu da pomognem... Sad

Napravi mi novi ComboFix log, da vidim gde smo stigli.

Poslao: 02 Feb 2008 17:26
Idi na vrh
offline
  • Pridružio: 24 Feb 2006
  • Poruke: 435

ComboFix 08-01-30.6 - zerocool 2008-02-02 17:16:18.3 - NTFSx86
Running from: C:\Documents and Settings\zerocool\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-01-02 to 2008-02-02 )))))))))))))))))))))))))))))))
.

2008-01-30 23:01 . 2008-01-30 23:01 250 --a------ C:\WINDOWS\gmer.ini
2008-01-28 11:13 . 2008-01-28 11:13 <DIR> d-------- C:\Program Files\Mayoko
2008-01-23 15:22 . 2008-01-23 18:32 <DIR> d-------- C:\Documents and Settings\zerocool\amsn
2008-01-23 15:21 . 2008-01-23 15:22 <DIR> d-------- C:\Program Files\aMSN
2008-01-22 15:25 . 2008-01-24 19:22 <DIR> d-------- C:\Program Files\Windows Live Toolbar
2008-01-22 15:25 . 2008-01-22 15:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-01-22 12:49 . 2008-01-24 11:12 374 --a------ C:\Documents and Settings\zerocool\Application Data\internaldb6334.dat
2008-01-22 12:49 . 2008-02-02 13:56 0 --a------ C:\WINDOWS\wininit.ini
2008-01-22 12:48 . 2008-01-24 11:11 18,432 --a------ C:\Documents and Settings\zerocool\Application Data\internaldb41.dat
2008-01-22 12:48 . 2008-01-24 11:11 555 --a------ C:\Documents and Settings\zerocool\Application Data\internaldb8467.dat
2008-01-08 12:18 . 2006-09-06 17:43 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-01-08 12:17 . 2008-01-08 12:17 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-01-03 12:34 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-01-03 12:34 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-02 16:14 --------- d-----w C:\Documents and Settings\zerocool\Application Data\uTorrent
2008-02-02 11:02 --------- d-----w C:\Program Files\dellete
2008-01-26 06:31 --------- d-----w C:\Documents and Settings\zerocool\Application Data\LimeWire
2008-01-22 18:29 --------- d-----w C:\Program Files\Valve
2008-01-22 18:25 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-01-22 14:24 --------- d-----w C:\Program Files\MSN Messenger
2008-01-22 13:42 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-10 14:00 --------- d-----w C:\Program Files\GameHouse
2008-01-01 17:42 --------- d-----w C:\Program Files\Winamp
2007-12-30 21:58 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-22 14:58 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-17 18:31 --------- d-----w C:\Program Files\Opera
2007-12-13 16:06 --------- d-----w C:\Program Files\Common Files\DirectX
2007-12-08 22:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2007-12-08 10:33 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2007-12-08 10:21 --------- d-----w C:\Program Files\Windows Live
2007-12-08 10:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-22 21:21 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2007-11-14 11:09 212 ----a-w C:\delete.bat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NWEReboot"="" []
"NAV Agent"="C:\PROGRA~1\NORTON~1\NORTON~1\navapw32.exe" [2001-07-21 09:09 50256]
"WFXSwtch"="C:\PROGRA~1\NORTON~1\WinFax\WFXSWTCH.exe" [2001-07-19 08:04 26624]
"WinFaxAppPortStarter"="wfxsnt40.exe" [2001-07-19 08:04 43520 C:\WINDOWS\system32\WFXSNT40.EXE]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-11-22 22:21 185896]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="LogonUI.EXE"

R3 KCIRDA;%KCIRDA.ServiceDesc%;C:\WINDOWS\system32\DRIVERS\KCIrNet.sys [2001-10-04 09:23]
R3 NPDriver;Norton Unerase Protection Driver;C:\WINDOWS\system32\Drivers\NPDRIVER.SYS [2001-07-26 06:00]
R3 QDFSDRV;QDFSDRV;C:\WINDOWS\system32\drivers\qdfsdrv.sys [2001-07-26 11:17]
R3 SiS7012;Service for AC'97 Sample Driver (WDM);C:\WINDOWS\system32\drivers\sis7012.sys [2001-10-11 07:51]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ca8d210-c9da-11dc-8fc8-0007951fccfb}]
\Shell\AutoRun\command - fooool.exe
\Shell\explore\Command - fooool.exe
\Shell\open\Command - fooool.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-01-25 19:39:40 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer.job"
- C:\PROGRA~1\NORTON~1\NORTON~1\NAVW32.exeG/task:C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\NORTON~1\Tasks\mycomp.sca
"2008-02-01 16:30:00 C:\WINDOWS\Tasks\Norton SystemWorks One Button Checkup.job"
- C:\Program Files\Common Files\Symantec Shared\NMAIN.EXEK /dat:C:\Program Files\Norton SystemWorks\swplugin.nsi /NSWCMD:OBCSchedule
"2008-02-02 13:18:56 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-02 17:18:46
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-02 17:20:57
ComboFix-quarantined-files.txt 2008-02-02 16:20:54
ComboFix2.txt 2007-11-06 00:33:56

Poslao: 02 Feb 2008 19:04
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Otvoriti Notepad i iskopirati sledeci tekst:

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1ca8d210-c9da-11dc-8fc8-0007951fccfb}]


Snimiti na Desktop fajl iz Notepada kao "CFScript"




Prevuci snimljeni skript/tekst na ComboFix ikonicu kao na slici.
Postaviti u sledecoj poruci log koji bude bio napravljen na kraju ciscenja/skeniranja.

Poslao: 02 Feb 2008 20:05
Idi na vrh
offline
  • Pridružio: 24 Feb 2006
  • Poruke: 435

ComboFix 08-01-30.6 - zerocool 2008-02-02 19:53:40.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.216 [GMT 1:00]
Running from: C:\Documents and Settings\zerocool\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\zerocool\Desktop\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-01-02 to 2008-02-02 )))))))))))))))))))))))))))))))
.

2008-01-30 23:01 . 2008-01-30 23:01 250 --a------ C:\WINDOWS\gmer.ini
2008-01-28 11:13 . 2008-01-28 11:13 <DIR> d-------- C:\Program Files\Mayoko
2008-01-23 15:22 . 2008-01-23 18:32 <DIR> d-------- C:\Documents and Settings\zerocool\amsn
2008-01-23 15:21 . 2008-01-23 15:22 <DIR> d-------- C:\Program Files\aMSN
2008-01-22 15:25 . 2008-01-24 19:22 <DIR> d-------- C:\Program Files\Windows Live Toolbar
2008-01-22 15:25 . 2008-01-22 15:25 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2008-01-22 12:49 . 2008-01-24 11:12 374 --a------ C:\Documents and Settings\zerocool\Application Data\internaldb6334.dat
2008-01-22 12:49 . 2008-02-02 13:56 0 --a------ C:\WINDOWS\wininit.ini
2008-01-22 12:48 . 2008-01-24 11:11 18,432 --a------ C:\Documents and Settings\zerocool\Application Data\internaldb41.dat
2008-01-22 12:48 . 2008-01-24 11:11 555 --a------ C:\Documents and Settings\zerocool\Application Data\internaldb8467.dat
2008-01-08 12:18 . 2006-09-06 17:43 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-01-08 12:17 . 2008-01-08 12:17 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-01-03 12:34 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-01-03 12:34 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-02 16:42 --------- d-----w C:\Documents and Settings\zerocool\Application Data\uTorrent
2008-02-02 11:02 --------- d-----w C:\Program Files\dellete
2008-01-26 06:31 --------- d-----w C:\Documents and Settings\zerocool\Application Data\LimeWire
2008-01-22 18:29 --------- d-----w C:\Program Files\Valve
2008-01-22 18:25 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-01-22 14:24 --------- d-----w C:\Program Files\MSN Messenger
2008-01-22 13:42 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-10 14:00 --------- d-----w C:\Program Files\GameHouse
2008-01-01 17:42 --------- d-----w C:\Program Files\Winamp
2007-12-30 21:58 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-22 14:58 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-17 18:31 --------- d-----w C:\Program Files\Opera
2007-12-13 16:06 --------- d-----w C:\Program Files\Common Files\DirectX
2007-12-08 22:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2007-12-08 10:33 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2007-12-08 10:21 --------- d-----w C:\Program Files\Windows Live
2007-12-08 10:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-22 21:21 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2007-11-14 11:09 212 ----a-w C:\delete.bat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 23:56 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NWEReboot"="" []
"NAV Agent"="C:\PROGRA~1\NORTON~1\NORTON~1\navapw32.exe" [2001-07-21 09:09 50256]
"WFXSwtch"="C:\PROGRA~1\NORTON~1\WinFax\WFXSWTCH.exe" [2001-07-19 08:04 26624]
"WinFaxAppPortStarter"="wfxsnt40.exe" [2001-07-19 08:04 43520 C:\WINDOWS\system32\WFXSNT40.EXE]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-11-22 22:21 185896]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="LogonUI.EXE"

R3 KCIRDA;%KCIRDA.ServiceDesc%;C:\WINDOWS\system32\DRIVERS\KCIrNet.sys [2001-10-04 09:23]
R3 NPDriver;Norton Unerase Protection Driver;C:\WINDOWS\system32\Drivers\NPDRIVER.SYS [2001-07-26 06:00]
R3 QDFSDRV;QDFSDRV;C:\WINDOWS\system32\drivers\qdfsdrv.sys [2001-07-26 11:17]
R3 SiS7012;Service for AC'97 Sample Driver (WDM);C:\WINDOWS\system32\drivers\sis7012.sys [2001-10-11 07:51]

.
Contents of the 'Scheduled Tasks' folder
"2008-01-25 19:39:40 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer.job"
- C:\PROGRA~1\NORTON~1\NORTON~1\NAVW32.exeG/task:C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec\NORTON~1\Tasks\mycomp.sca
"2008-02-01 16:30:00 C:\WINDOWS\Tasks\Norton SystemWorks One Button Checkup.job"
- C:\Program Files\Common Files\Symantec Shared\NMAIN.EXEK /dat:C:\Program Files\Norton SystemWorks\swplugin.nsi /NSWCMD:OBCSchedule
"2008-02-02 16:45:29 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-02 19:56:34
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-02 19:57:26
ComboFix-quarantined-files.txt 2008-02-02 18:57:22
ComboFix2.txt 2008-02-02 16:20:58
ComboFix3.txt 2007-11-06 00:33:56

Poslao: 02 Feb 2008 20:09
Idi na vrh
offline
  • Pridružio: 04 Sep 2003
  • Poruke: 24135
  • Gde živiš: Wien

Kako se sada ponasa IE?

Poslao: 02 Feb 2008 21:36
Idi na vrh
offline
  • Pridružio: 24 Feb 2006
  • Poruke: 435

Trenutno ne uocavam nikakve nepravilnosti u radu, izgleda da je sve ok.

MyCity » Ambulanta -> Arhiva Ambulante » IE sam otvara veliki broj tabova

Ko je trenutno na forumu
 

Ukupno su 1280 korisnika na forumu :: 50 registrovanih, 5 sakrivenih i 1225 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., aramis s, babaroga, bojank, Brana01, cavatina, celik, cenejac111, crnitrn, darkangel, Denaya, djboj, Djokislav, draganca, gomago, goxin, HogarStrashni, HrcAk47, hyla, Ilija Cvorovic, Klecaviks, kokodakalo, Krvava Devetka, kunktator, ljubacv, maiden6657, Marko Marković, mercedesamg, Mercury, mikrimaus, milenko crazy north, milimoj, milutin134, mnn2, oganj123, opt1, panzerwaffe, rasok, royst33, ruma, ruso, S1Mk3, Shinobi, Sićko, SR-3m, stankolich, vathra, VJ, Vlad000, zeo