mozila i chrome traze kod kod pretrazivanja

mozila i chrome traze kod kod pretrazivanja

offline
  • Pridružio: 16 Avg 2007
  • Poruke: 315
  • Gde živiš: Srbija

Kao sto sam naveo u naslovu, kada hocu da izvrsim pretragu preko googla u oba pretrazivaca mi trazi da unesem po dvaput verifikacioni kod. Evo sta napise u google chromu
We're sorry...
... but your computer or network may be sending automated queries. To protect our users, we can't process your request right now.
See Google Help for more information.
Pretpostavljam da je u pitanju neka zaraza
Pozdrav i unapred hvala

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.9.2
Run by Boban at 10:32:39 on 2013-05-23
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3071.2048 [GMT 2:00]
.
AV: ESET Smart Security 6.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 6.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NETGATE\Registry Cleaner\RegistryCleanerSrv.exe
C:\Windows\system32\PrintIsolationHost.exe
C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\NETGATE\Registry Cleaner\RegistryCleaner.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [NETGATERegistryCleaner] "c:\program files\netgate\registry cleaner\RegistryCleaner.exe"
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\update~1.lnk - c:\program files\eset\minodlogin\launcher.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.1 8.8.8.8
TCP: Interfaces\{159B5123-37A3-4F86-B0D5-C6545115460C} : DHCPNameServer = 192.168.1.1 8.8.8.8
TCP: Interfaces\{EA0107CF-8647-4F03-900B-3FFBE81A06DE} : NameServer = 192.168.1.1,8.8.8.8
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\boban\appdata\roaming\mozilla\firefox\profiles\kinlniph.default\
FF - prefs.js: Keyword.Enabled - true
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP21DF&PC=UP21&dt=022413&q=
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\users\boban\appdata\local\google\update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_202.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=0c01154d00000000000000064f98b665&q=
FF - user.js: extensions.BabylonToolbar.id - 0c01154d00000000000000064f98b665
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15690
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.4.9
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.4.9
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.4.919:36:45
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar_i.excTlbr - false
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=116784&tt=5012_4
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar.rvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
.
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2013-2-20 47568]
R1 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2013-2-20 171680]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\drivers\EpfwLWF.sys [2013-1-10 46056]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2013-3-4 1341664]
R2 NGRegClnSrv;NETGATE Registry Cleaner Service;c:\program files\netgate\registry cleaner\RegistryCleanerSrv.exe [2012-12-13 464752]
R3 rtl819xp;Realtek RTL8190/RTL8192E 802.11n Wireless LAN (Mini-)PCI NIC NT Driver;c:\windows\system32\drivers\rtl819xp.sys [2010-2-1 557088]
R3 WFLR6654;WinFast TV2000 XP Global/Global TV (XC2028);c:\windows\system32\drivers\wfeaglxt.sys [2009-10-21 433920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [2011-5-13 30312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-8-22 15872]
S3 rtl8190p;Realtek RTL8190 802.11n Wireless LAN (Mini-)PCI NIC NT Driver;c:\windows\system32\drivers\rtl8190p.sys [2012-12-10 430080]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2011-5-13 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2011-5-13 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2011-5-13 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [2011-5-13 114280]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-11-17 52224]
S4 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2013-3-2 3027840]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service; [x]
.
=============== Created Last 30 ================
.
2013-05-22 07:45:22 -------- d-----w- c:\program files\Avago-HP
2013-05-22 07:45:16 293888 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\HP1006S.DLL
2013-05-22 07:44:49 65536 ----a-w- c:\windows\system32\HPPLVS.dll
2013-05-22 07:44:48 286720 ----a-w- c:\windows\system32\HP1006LM.DLL
2013-05-22 07:44:45 -------- d-----w- c:\program files\HP
2013-05-21 08:05:43 7016152 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{a7bc7d73-2059-47f2-9728-c74ca69a80e2}\mpengine.dll
2013-05-20 07:18:10 18944 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
2013-05-20 07:18:10 17920 ----a-w- c:\windows\system32\mdimon.dll
2013-05-20 07:17:16 -------- d-----w- c:\program files\Microsoft ActiveSync
2013-05-15 14:00:14 -------- d-----w- c:\windows\AutoKMS
2013-05-15 13:28:26 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 13:28:26 186368 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 13:28:23 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-05-15 13:28:17 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 13:28:17 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 13:27:57 1796096 ----a-w- c:\windows\system32\authui.dll
2013-05-15 13:27:57 101720 ----a-w- c:\windows\system32\consent.exe
2013-05-15 13:27:56 47104 ----a-w- c:\windows\system32\appinfo.dll
2013-05-13 15:11:23 -------- d-----w- c:\users\boban\appdata\roaming\Malwarebytes
2013-05-13 15:11:15 -------- d-----w- c:\programdata\Malwarebytes
2013-05-09 09:29:47 417936 ----a-w- C:\M0.EXE
2013-05-01 10:41:51 -------- d-----w- C:\FI550
2013-04-25 08:27:53 -------- d-----w- c:\program files\Microsoft Synchronization Services
2013-04-25 08:27:22 -------- d-----w- c:\windows\PCHEALTH
2013-04-25 08:27:22 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-04-25 08:26:30 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2013-04-25 08:25:57 -------- d-----w- c:\program files\Microsoft Analysis Services
2013-04-25 08:18:27 -------- d-----w- c:\program files\UltraISO
2013-04-25 08:18:27 -------- d-----w- c:\program files\common files\EZB Systems
2013-04-24 07:53:30 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
==================== Find3M ====================
.
2013-05-22 13:11:00 2 ----a-w- c:\windows\system32\Dvbpws.dll
2013-05-15 14:10:57 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-15 14:10:57 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-02 00:06:08 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-13 04:45:16 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-05 05:28:24 1767424 ----a-w- c:\windows\system32\wininet.dll
2013-04-05 05:26:26 2877440 ----a-w- c:\windows\system32\jscript9.dll
2013-04-05 05:26:21 61440 ----a-w- c:\windows\system32\iesetup.dll
2013-04-05 05:26:21 109056 ----a-w- c:\windows\system32\iesysprep.dll
2013-04-05 04:29:45 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-04-05 03:38:25 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-03-19 05:04:13 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:04:10 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 04:48:45 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 02:49:16 69632 ----a-w- c:\windows\system32\smss.exe
2013-03-14 16:44:18 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2009-12-06 17:18:14 26624 --sh--w- c:\windows\bfcs2.dll
.
============= FINISH: 10:33:27.11 ===============

https://www.mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Preuzmite program GMER sa donjeg linka na Desktop:


GMER download
Kliknite dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberite Desktop i kliknite Save.



Dvoklikom pokrenite GMER.
Sačekajte da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, kliknite No;

kliknite Scan i sačekajte da skeniranje bude završeno;

kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer1);

kliknite desnim tasterom u prozor programa Gmer i odaberite Options > 3rd party - kliknite Scan;

po završetku skeniranja kliknite Save ... - izveštaj sačuvajte na Desktop (pod nazivom Gmer2);

kliknite taster >>> i odaberite Autostart karticu;

po završetku kratkotrajnog skeniranja, kliknite Copy;

otvorite Notepad i u njega postavite kopirani tekst - izveštaj sačuvajte na Desktop (pod nazivom Gmer3);


Slikoviti prikaz postupka

Priložite sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

offline
  • Pridružio: 16 Avg 2007
  • Poruke: 315
  • Gde živiš: Srbija

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Delete] i pricekaj da program zavrsi.
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt





Pokreni ATF
Štikliraj Select All i nakon toga klikni na Empty Selected.
Kada se pojavi poruka Done Cleaning, zatvori program.


Ima li poboljsanja?

offline
  • Pridružio: 16 Avg 2007
  • Poruke: 315
  • Gde živiš: Srbija

Izgleda da je sve u redu sada, pretraga radi normalno.
Evo i izvestaja.


https://www.mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

OK, malware nemas.

Preporucujem ti da obrises NETGATERegistryCleaner, ja nisam vuo za njega a sa tim cleanerima mozes napraviti problem sam sebi.

Umesto njega instaliraj CCleaner i pobrisi kes, kukije i istoriju pretrazivaca.
http://www.filehippo.com/download_ccleaner/




Idea Preporucujem ti da koristiš program MCShield za zaštitu od zaraženih USB memorijskih uredaja.

offline
  • Pridružio: 16 Avg 2007
  • Poruke: 315
  • Gde živiš: Srbija

Hvala. Uravo sam instalirao oba programa i na desktop i na laptop.
pozdrav

Ko je trenutno na forumu
 

Ukupno su 1067 korisnika na forumu :: 47 registrovanih, 5 sakrivenih i 1015 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: _Petar, A.R.Chafee.Jr., AleksSE, Asparagus, Battlehammer, bokisha253, Boris BM, Cassius Clay, cvrle312, dijica, Dimitrije Paunovic, draganca, FOX, Georgius, hologram, hyla, ivan1973, Ivica1102, janbo, JOntra, Kriglord, Kubovac, KUZMAR, Leonov, Lieutenant, ljuba, lord sir giga, Luka Blažević, Magistar78, MikeHammer, milos.cbr, milutin134, Misirac, nebidrag, nebkv, opt1, Outis, procesor, raptorsi, sevenino, stegonosa, taz1cl, Trpe Grozni, Vatreni Zmaj, VJ, wolf431, Zerajic