Šta je novo?
Od:
Filteri

Popup reklame

forsaken demon

forsaken demon

Čuven
Učlanjen(a)
03.07.2002
Poruke
2,139
Poena
690
Moja oprema  
CPU & Cooler
Intel 13600K
Matična ploča
DeepCool AK620 White
RAM
64 GB Kingston Fury Renegade DDR4 3600 Mhz
GPU
Gigabyte GeForce 3060Ti Gaming OC 8GB
Storage
KC3000 PCIe 4.0 NVMe M.2 SSD 2 TB, Seagate Firecuda 530 M.2 SSD 2 TBCrucial® MX100 SSD 512 GB, Western Digital, Western Digital Caviar Green WD20EARX 2 TB
PSU
CHIEFTEC CTG-650C 650W A80 series Full
Monitor
Dell 24"
Mobilni telefon
Samsung A52S
Pristup internetu
  1. Optički internet
Svaki put kada se povežem na net posle par sekundi mi se otvori prozor sa nekakvom reklamom. Skenirao sam sistem i sa Spybotom i sa Adaware-om ali ništa ne pomaže. Kako bih mogao se rešim ovoga?
 
Takodje pokusaj sa programom HijackThis! (aktuelna verzija je bila 1.99 pre neki dan). Skeniraj i snimi log fajl pa postuj log ovde da ti kazem sta da izbacis.
 
CWShredder ne pomaže (nije našao ništa), nemam taj coolweb nego Paypopup čini mi se. Evo i loga Hijack This

Logfile of HijackThis v1.99.0
Scan saved at 11:13:05, on 3.2.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\CTsvcCDA.exe
D:\Program Files\Executive Software\Diskeeper\DkService.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\Program Files\Photodex\CompuPicPro\ScsiAccess.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\MsPMSPSv.exe
D:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
D:\Program Files\D-Tools\daemon.exe
D:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
D:\WINDOWS\System32\CTHELPER.EXE
D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
D:\WINDOWS\iexplore.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
D:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
D:\Program Files\Yzshadow\YzShadow.exe
D:\Program Files\Mobydock DX\Mobydock.exe
D:\Program Files\Total Commander\TOTALCMD.EXE
D:\Program Files\Winamp\winamp.exe
D:\PROGRA~1\DVDREG~1\DVDRegionFree.exe
D:\Program Files\Total Commander\TOTALCMD.EXE
C:\INTERNET\PROGRAMI\Virtual Drive\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = cache.sezampro.yu:80
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - D:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\fgiebar.dll
O4 - HKLM\..\Run: [NVCLOCK] rundll32 nvclock.dll,fnNvclock
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WheelMouse] D:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CTSysVol] D:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [RemoteControl] "D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [Explorer] D:\WINDOWS\iexplore.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [VirtualDrive] D:\Program Files\FarStone\VirtualDrive\vdtask.exe /AutoRestore
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [RemoteCenter] D:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [STYLEXP] D:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - Startup: YzShadow.lnk = D:\Program Files\Yzshadow\YzShadow.exe
O4 - Startup: Mobydock DX.lnk = D:\Program Files\Mobydock DX\Mobydock.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NaturalColorLoad.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://d:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://d:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://d:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Preuzmi sa FlashGet-om - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Preuzmi sve sa FlashGet-om - D:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15009/CTSUEng.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1093209593968
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15009/CTPID.cab
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - D:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScsiAccess - Unknown - D:\Program Files\Photodex\CompuPicPro\ScsiAccess.exe
O23 - Service: StyleXPService - Unknown - D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
 
Skeniraj ga sa nekim AV-om,cisto sumnjam da mozes resiti problem sa S&D-om.
 
Skenirao sam sistem sa AVG-om (najnovija definicija) ali nije nasao nista.

Jedino sto sam za sada uspeo jeste da blokiram tu reklamu preko Ad-watcha, ali ne mogu da sprecim pokusaj njenog ucitavanja.
 
Ovo treba da ubijes:

O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe

Posle toga ne bi bilo lose da obrises ceo taj folder. Pogledaj ovde za malo vise informacija. Videces da ima jos jedan folder za brisanje.
Naravno, nakon restarta mozes da poteras sfc /scannow da ti proveri da nije slucajno Internet Explorer nesto zbingovan od tog sr@nja.
Takodje, preporucujem da koristis Firefox umesto IE -- nema glava da te boli.
 
Start/Run/services.msc i isključi Messenger service.
 
FireFox je rešenje! ;)
 
jddipqd je napisao(la):
Start/Run/services.msc i isključi Messenger service.
Kliknite za proširenje...

Njemu se popup prozori otvaraju iz IE i vec sam mu rekao u cemu je problem i sta da uradi mada od viska glava ne boli.

Slayer je napisao(la):
http://housecall.trendmicro.com/

prilicno dobar online antivirus...
Kliknite za proširenje...

NIJEDAN antivirus (za sada) ne pronalazi spyware.

Slayer je napisao(la):
druga alternativa je Opera :D
Kliknite za proširenje...

Opera je slaba alternativa Firefox-u. Jeste malko brza od njega ali download manageri se mnogo bolje integrisu u Firefox (rade isto kao sa IE) pa je lakse preci na Firefox nego na Operu, manje navika moras da menjas. Pride ko nije otkrio AdBlock ekstenziju za Firefox ne zna sta propusta (znam, moze to i Proxomitron, ali ne ovako dobro).
 
nisam ja rekao da ce otkriti spyware... mozda i nije spyware...

Opera je meni bolja od Firefox-a, a da treba vremena da se naviknes - treba... meni dobrih 2-3 meseca... ali vredelo je
 
audiofreak je napisao(la):
Ovo treba da ubijes:

O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe

Posle toga ne bi bilo lose da obrises ceo taj folder. Pogledaj ovde za malo vise informacija. Videces da ima jos jedan folder za brisanje.
Naravno, nakon restarta mozes da poteras sfc /scannow da ti proveri da nije slucajno Internet Explorer nesto zbingovan od tog sr@nja.
Takodje, preporucujem da koristis Firefox umesto IE -- nema glava da te boli.
Kliknite za proširenje...

"Ubio sam" to adresu, deinstalirao LiveUpdate, obrisao direktorijum. Međutim, ništa se nije promenilo, i dalje mi iskaču reklame :(

sfc /scannow komanda mi ne radi, konstantno mi prijavljuje da sam ubacio pogrešan disk.
 
forsaken demon je napisao(la):
"Ubio sam" to adresu, deinstalirao LiveUpdate, obrisao direktorijum. Međutim, ništa se nije promenilo, i dalje mi iskaču reklame :(
Kliknite za proširenje...
Jesi ugasio messengera?
 
Da te ne razocharam, ali ja sam lichno ubio jedan popap (koji je preziveo sve ono shto i ti sad radish) tako shto je bilo format c: :D
 
Poslednja izmena:
da ne koristis mozda radlight? mislim i pored svega on sa svojim "save-om" me je ubijao
 
forsaken demon je napisao(la):
"Ubio sam" to adresu, deinstalirao LiveUpdate, obrisao direktorijum. Međutim, ništa se nije promenilo, i dalje mi iskaču reklame :(

sfc /scannow komanda mi ne radi, konstantno mi prijavljuje da sam ubacio pogrešan disk.
Kliknite za proširenje...

Taj LiveUpdate izgleda patch-uje Internet Explorer (verovatno IEXPLORE.EXE direktno). Probaj rucno da izvuces doticni fajl iz instalacije Windows-a i da ga uporedis sa onim koji trenutno imas u sistemu.

Ne bilo ti tesko daj ponovo skeniraj sa HijackThis i postuj log da vidim jesi li ga skinuo kako treba?

Ako nista ne pomogne, uvek pomaze format c: :crash:
 
e-walker je napisao(la):
da ne koristis mozda radlight? mislim i pored svega on sa svojim "save-om" me je ubijao
Kliknite za proširenje...

Ne koristim Rad Light već godinama, nikada ga nisam ni instalirao u XP. Znam za taj save, znao sam da ga eleminišem.
 
audiofreak je napisao(la):
Taj LiveUpdate izgleda patch-uje Internet Explorer (verovatno IEXPLORE.EXE direktno). Probaj rucno da izvuces doticni fajl iz instalacije Windows-a i da ga uporedis sa onim koji trenutno imas u sistemu.

Ne bilo ti tesko daj ponovo skeniraj sa HijackThis i postuj log da vidim jesi li ga skinuo kako treba?

Ako nista ne pomogne, uvek pomaze format c: :crash:
Kliknite za proširenje...

Pokušaću da pogledam taj IEXPLORE.EXE, a postovaću kasnije log ovde.

Sigurno neću formatirati disk zbog te sitnice, a i XP mi je sekundarni OS, imam i 98SE, tako da to ne smem da uradim.
 
Dobro de nisam mislio bukvalno da formatiras, to se samo tako kaze :D
Ako nista drugo ne pomogne onda odes lepo u 98SE, bekapujes fajlove iz Documents and Settings, obrises direktorijume Windows i Program Files od XP-a i reinstaliras ga sa CD-a pritom mu kazes da ti ne dira postojeci sistem.
 
Logfile of HijackThis v1.99.0
Scan saved at 23:05:51, on 12.2.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\CTsvcCDA.exe
D:\Program Files\Executive Software\Diskeeper\DkService.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\Program Files\Photodex\CompuPicPro\ScsiAccess.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\MsPMSPSv.exe
D:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
D:\Program Files\D-Tools\daemon.exe
D:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
D:\WINDOWS\System32\CTHELPER.EXE
D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
D:\WINDOWS\iexplore.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
D:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
D:\Program Files\Yzshadow\YzShadow.exe
D:\Program Files\Mobydock DX\Mobydock.exe
D:\Program Files\Total Commander\TOTALCMD.EXE
D:\WINDOWS\System32\wuauclt.exe
D:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
D:\Program Files\Hijack This\HijackThis.exe
D:\Program Files\Photodex\CompuPicPro\compupic.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = cache.sezampro.yu:80
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FLASHGET\jccatch.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - D:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\fgiebar.dll
O4 - HKLM\..\Run: [NVCLOCK] rundll32 nvclock.dll,fnNvclock
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WheelMouse] D:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CTSysVol] D:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [RemoteControl] "D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Explorer] D:\WINDOWS\iexplore.exe
O4 - HKLM\..\Run: [Openwares LiveUpdate] C:\Program Files\LiveUpdate\LiveUpdate.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [VirtualDrive] D:\Program Files\FarStone\VirtualDrive\vdtask.exe /AutoRestore
O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [RemoteCenter] D:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [STYLEXP] D:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - Startup: YzShadow.lnk = D:\Program Files\Yzshadow\YzShadow.exe
O4 - Startup: Mobydock DX.lnk = D:\Program Files\Mobydock DX\Mobydock.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NaturalColorLoad.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://d:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://d:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://d:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Preuzmi sa FlashGet-om - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Preuzmi sve sa FlashGet-om - D:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15009/CTSUEng.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1093209593968
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15009/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{27A9254D-1F62-437B-B2D9-C3628461DAFF}: NameServer = 194.247.192.33 194.247.192.1
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - D:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - D:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScsiAccess - Unknown - D:\Program Files\Photodex\CompuPicPro\ScsiAccess.exe
O23 - Service: StyleXPService - Unknown - D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe


Skroz sam zaboravio ovo da okačim, eto koliko koristim XP i koliko mi je ovaj problem bitan:) Ad watch uspeva da blokira reklamu, problem 100% pravi www2.paypopup.com. Znači, Ad watch ga blokira, Ad aware može da ga očisti, ali se on svaki put vrati.

Nisam proveravao da li mi je iexplore.exe izmenjen, ali imali potrebe za tim s obzirom da se reklama startuje čak i kada ne radim ništa? Čini mi se da kada se konektujem na net startuje još nešto što pokreće tu reklamu, ali sam 100% siguran da nemam virusa.

Ako treba da proverim iexplore.exe - ima li smisla da ga upoređujem sa verzijom na CD-u, s obzirom da sam skidao patcheve za njega? Da li ti patchevi menjanju exe?

Hvala ti u svakom slučaju na upornosti da mi pomogneš.
 
Morate se prijaviti ili registrovati da odgovorite ovde.
Vrh Dno