mozda fejs virus

mozda fejs virus

offline
  • Dario V.
  • Pridružio: 10 Jan 2012
  • Poruke: 975

Posetio sam jedan link gde se tvrdilo da uzima sifre, imam aviru i anti malware bytes i nisu se upaliti kada sam usao na taj sajt!

Kompjuter ne steka nishta!

Brzina neta 1.5 Mbps


https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Skenirao sam sa Anti MalwareBytes i nasao jedan Adware pisali popup cnet adaware i obrisao sam samo !


Ima li sta sumnjivo da je uslo u poslednje vreme to jest u poslednji 3 sata.

Ako ima da idem mlatiti ga iako ga ne znam, nzm koji ce mi samo u prijateljima.
Palija je spremljena sa kuglom u sredini !

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Pozdrav, Nike992.
Pročitaj ponovo uputstvo za otvaranje teme, fali ti osnovni DDS.txt izveštaj koji ćeš kopirati u poruku.

offline
  • Dario V.
  • Pridružio: 10 Jan 2012
  • Poruke: 975

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_29
Run by Nike at 23:54:18 on 2012-02-01
Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.1535.302 [GMT 1:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Users\Nike\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Users\Nike\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Users\Nike\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nike\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nike\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nike\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Nike\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nike\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nike\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nike\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Nike\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Nike\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.searchqu.com/406
mSearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Google Update] "c:\users\Nike\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Facebook Update] "c:\users\Nike\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [EvJOWall] c:\program files\evjosoft\wallpaper changer\EvJOWall.exe
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [NBAgent] "c:\program files\nero\nero 10\nero backitup\NBAgent.exe" /WinStart
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
mRunOnce: [InnoSetupRegFile.0000000001] "c:\windows\is-QOD44.exe" /REG /REGSVRMODE
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1 192.168.0.1
TCP: Interfaces\{2EA3BAB8-7DB5-4BED-A3B9-E5FF1656A1F0} : DhcpNameServer = 192.168.1.1 192.168.0.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\Nike\appdata\roaming\mozilla\firefox\profiles\toqgjx3e.default\
FF - prefs.js: browser.search.selectedEngine - Search Results
FF - prefs.js: browser.startup.homepage - hxxp://www.searchqu.com/406
FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q=
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\Nike\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\Nike\appdata\local\google\update\1.3.21.99\npGoogleUpdate3.dll
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2011-12-4 36000]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-12-4 86224]
R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2011-12-4 110032]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-12-4 74640]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-1-12 20464]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-2-1 40776]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
.
=============== Created Last 30 ================
.
2012-02-01 22:52:40 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-02-01 22:52:21 709968 ----a-w- c:\windows\is-QOD44.exe
2012-02-01 11:13:39 -------- d-----w- c:\users\Nike\appdata\roaming\RealNetworks
2012-02-01 09:34:35 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{84a17d23-eb86-4f1e-9dfa-969c8a94e212}\offreg.dll
2012-01-31 23:00:16 -------- d-----w- c:\program files\common files\xing shared
2012-01-29 01:20:12 -------- d-----w- c:\users\Nike\appdata\roaming\EvJOWallpaper
2012-01-29 01:09:27 -------- d-----w- c:\users\Nike\appdata\roaming\IrfanView
2012-01-29 01:09:26 -------- d-----w- c:\program files\IrfanView
2012-01-22 13:20:53 548864 ----a-w- c:\program files\mozilla firefox\msvcp80.dll
2012-01-22 13:20:53 479232 ----a-w- c:\program files\mozilla firefox\msvcm80.dll
2012-01-22 13:20:53 43992 ----a-w- c:\program files\mozilla firefox\mozutils.dll
2012-01-22 13:20:52 626688 ----a-w- c:\program files\mozilla firefox\msvcr80.dll
2012-01-12 17:32:44 -------- d-----w- c:\program files\Rockstar Games
2012-01-12 17:30:59 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2012-01-12 17:30:58 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\ctor.dll
2012-01-12 17:30:58 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\DotNetInstaller.exe
2012-01-12 17:30:58 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iscript.dll
2012-01-12 17:30:58 180224 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iuser.dll
2012-01-12 17:30:57 749568 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iKernel.dll
2012-01-12 17:30:55 192644 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iGdi.dll
2012-01-12 17:30:53 323716 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\setup.dll
2012-01-12 09:15:25 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-12 09:15:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-12 08:59:43 -------- d-----w- c:\users\Nike\appdata\roaming\Malwarebytes
2012-01-12 08:59:36 -------- d-----w- c:\programdata\Malwarebytes
2012-01-10 18:10:15 -------- d-----w- c:\users\Nike\appdata\roaming\TrueCrypt
2012-01-10 18:09:25 231376 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2012-01-10 18:08:46 -------- d-----w- c:\program files\TrueCrypt
2012-01-03 11:55:31 -------- d-----w- c:\program files\BitTorrent
.
==================== Find3M ====================
.
2012-01-31 22:59:58 499712 ----a-w- c:\windows\system32\msvcp71.dll
2012-01-31 22:59:58 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-12-06 10:40:54 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-06 10:17:53 472808 ----a-w- c:\windows\system32\deployJava1.dll
.
============= FINISH: 23:55:50,04 ===============



https://www.mycity.rs/must-login.png

Evo i taj DDS fajl!

Znaci samo da mi se proveri!

Komp ne steka nishta i et zzz Surprised

offline
  • Pridružio: 04 Jul 2011
  • Poruke: 5424

Tvoj računar je čist što se malicioznih programa tiče.





Arrow Obavezno poseti temu Testirajte da li vam je pretraživač ranjiv, pročitaj i isprati link koji stoji u njoj.



Arrow Preporucujem da za zastitu USB memorijskih uredjaja koristis MCShield. Nema nikakve veze sa AntiVirus-om tj. nece ometati njegov rad a pokazao se kao jedan od najboljih vida zastite od malware-a koji se prenosi putem USB mem. uredjaja.

Skines, instaliras, ubodes USB mem. uredjaj, izvrsi se skeniranje nakon cega dobijes obavestenje da je uredjaj cist (ukoliko je stvarno tako); ili dobijes log u kome vidis informacije o malware-u koji je nadjen i obrisan.


Home Page MCShield-a: http://amf.mycity.rs/programs/mc/mcshield/

Vise o MCShield-u mozes saznati u ovoj temi: http://www.mycity.rs/Antispyware-programi/MCShield.html



Hvala što veruješ AMF timu.
Ivance95

Ko je trenutno na forumu
 

Ukupno su 571 korisnika na forumu :: 33 registrovanih, 2 sakrivenih i 536 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., arzak, bagor10, chichabg, dekan.m, Drug pukovnik, Georgius, HrcAk47, hyla, Istman, ivan979, kaptain, ladro, Lazarus, maiden6657, MB120mm, mb1213, mihajlot2013, miodrag, nevjerna beba, Njemac, Parker, RiV, rovac, S-lash, Shinobi, SlaKoj, solic, stegonosa, Van, vladom6, Vlajman1957, Zimbabwe