Problem sa IE7 (http://runonce.msn.com/runonce3.aspx)

Problem sa IE7 (http://runonce.msn.com/runonce3.aspx)

offline
  • cat007 
  • Novi MyCity građanin
  • Pridružio: 16 Okt 2007
  • Poruke: 13

Nekim cudom sam zaradio nekog trojanca/ili sta jos... konkretno nesto iz Vitumonde (TotalSecure2009.exe za down) i nekontrolisano otvaranje lokacija i drajvova... a mislim da je to proizaslo iz instlacije Opere 9.6.

To sam resio ali sada se javio-imam problem sa IE7 jer otvara sledece stranice kao pocetne iako ih brisem u podesavanju-i stvljam about:blank a obrisao sam i istoriju i temp, i kolacice. i stavio 0-mb da cuva,). ali on i dalje nudi default stranice:
go.microsoft.com/fwlink/?LinkId=7400 a onda ode na
runonce.msn.com/runonce3.aspx
Odradio i preinstalaciju IE7.ali isto ostalo.(takodje i search opcija ne radi u IE).

Komp.sam trtirao (new definicije):
NOD32 (3)
Spybot - Search & Destroy
Spyware Terminator
Ad-Aware SE Professional
Malicious Software Removal Tool (win.kb890830.v2.2).exe
Ali i dalje problem: Molim za neku pomoc-info.

----------------------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 19:42, on 2008-10-21
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Softver\Internet\Miranda IM (v0.77)\Miranda32.exe
C:\WINDOWS\system32\slserv.exe
F:\DOWN\ZASTITA\Spyware Terminator 2.0.0.187\Spyware Terminator RUN\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\CAT\Desktop\CAT159\cat-159.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = go.microsoft.com/fwlink/?LinkId=54843
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [egui NOD32 (3.0)] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Miranda 0.77.lnk = C:\Softver\Internet\Miranda IM (v0.77)\Miranda32.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Softver\D-Link Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Softver\D-Link Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com/windowsupdate/v6/V.....4091686765
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - dl8-cdn-01.sun.com/s/ESD44/JSCDL/jdk/6u7/ji.....586-jc.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: dimsntfy - C:\WINDOWS\
O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe (file missing)
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - F:\DOWN\ZASTITA\Spyware Terminator 2.0.0.187\Spyware Terminator RUN\sp_rsser.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

----------------------------------------------------------------------------------
Pozzdrav

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Poz...



Pokreni HijackThis, skeniraj i čekiraj sledeću liniju:

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present

Klikni Fix checked.


Restartuj PC.

Kakvo je sada stanje?

offline
  • cat007 
  • Novi MyCity građanin
  • Pridružio: 16 Okt 2007
  • Poruke: 13

Uklonjena linija (O6 - HKLM\--\Control Panel present ) pa restart
ali i dalje isto stanje-problem.

Sta li je problem s ovim. Dal mozda nije neki problem s Javom?
u Control panelu ima samo (Java TM 6 update 7) a u IE pod I.Options >> tab Programs >> Manage add-ons Java plug-in - DISABLED.
Opera je deinstalirana i radi kao COPY-run program.(i tu sve disablovano)

Koji je ovo problem-vrag. Izgleda oce da mu dam Format.(al me zao "posla")

Nevezano od ovoga kako ukloniti liniju (recimo: O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe (file missing) sto je deinstalirno) Obelezim je i kazem FIX ali ona ostane.
Hvala i pozz.

offline
  • dr_Bora  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 24 Jul 2007
  • Poruke: 12280
  • Gde živiš: Höganäs, SE

Šta je problem? Otvaranje run once stranice?

Kada se stranica otvori, potrebno je sačuvati podešavanja.

Ako to ne pomaže, skini ovaj file na Desktop:


https://www.mycity.rs/must-login.png


Dvoklikni na njega i kada se pojavi upit, klikni Yes.

Sada?

offline
  • cat007 
  • Novi MyCity građanin
  • Pridružio: 16 Okt 2007
  • Poruke: 13

Odradjeno. resen problem sa stranicom uz IE7fix.reg (za otvaranje stranice) ovo radi. HVALA.
Ostaje problem s Search pretragom (ne radi)
2. Otkrio sam detetov-zenin nalog radi OK. Hteo sam da kreiram 2 profil ali nema vise nicega u USER ACCAUNT (nema cak ni u Safe Modu. pod admin.)

Danas mi je "pukao film" i resio sam problem s new instal XP-(sp3).
Zahvaljujem se na pomoci svima.
Pozz i HVALA..

Ko je trenutno na forumu
 

Ukupno su 1069 korisnika na forumu :: 57 registrovanih, 5 sakrivenih i 1007 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: arsa, babaroga, bojank, dane007, dankisha, Dannyboy, DeerHunter, djboj, Djokislav, Djokkinen, doklevise, DonRumataEstorski, Dorcolac, dragoljub11987, dule10savic, GandorCC, gorican, havoc995, ikan, Istman, Još malo pa deda, Klecaviks, kovinacc, kybonacci, lord sir giga, Luka Blažević, Lukaaa, mercedesamg, Metanoja, mgolub, milenko crazy north, Misirac, mkukoleca, mnn2, mrav pesadinac, Nemanja.M, nemkea71, Neretva, oldtimer, pein, raptorsi, sap, sasa87, slonic_tonic, Stoilkovic, vathra, VJ, Vlad000, vladulns, voja64, Volkhov-M, wolverined4, Wrangler, yufighter, zixmix, zlaya011, 79693