pogledajte

pogledajte

offline
  • Pridružio: 23 Dec 2011
  • Poruke: 290

Nakon desetam minuta rada na računaru počinje da stopa, kada odem na net po 2 minuta mu treba da očita stranicu, pa opet dodje u normalu, pa se sve kroz odredjeno vreme ponavlja .često je u velikom opterećenju i kada ništa ne radim
Najčudnije mi je sto virusi mi upadaju u računar tako lako kao da nemam anti vuirus. pozdrav



.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Vladan at 22:59:06 on 2012-01-16
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.479 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\D-Link\Bluetooth Software\bin\btwdins.exe
C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\MCShield\MCShieldRTM.exe
C:\Program Files\MCShield\MCShieldTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\D-Link\Bluetooth Software\BTTray.exe
C:\Documents and Settings\Vladan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Vladan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Vladan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Vladan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Vladan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Vladan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.facemoods.com/?a=ddrnw
uSearchAssistant =
mSearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.5.3.17\bh\BabylonToolbar.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - c:\program files\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.5.3.17\BabylonToolbarTlbr.dll
TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - c:\program files\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
uRun: [Google Update] "c:\documents and settings\vladan\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [MCShield] c:\program files\mcshield\MCShieldRTM.exe
uRun: [MCShieldTray] c:\program files\mcshield\MCShieldTray.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [facemoods] "c:\program files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\d-link\bluetooth software\BTTray.exe
mPolicies-system: EnableSecureUIAPaths = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\d-link\bluetooth software\btsendto_ie_ctx.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\d-link\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{9A9DA7AA-5954-410F-BA11-7CC00D0A2505} : DhcpNameServer = 192.168.1.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
Hosts: 127.0.0.2
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\vladan\application data\mozilla\firefox\profiles\oc38iv22.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?AF=109130&babsrc=HP_ss&mntrId=205cf23d0000000000000001295006e2
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?AF=109130&babsrc=adbartrp&mntrId=205cf23d0000000000000001295006e2&q=
FF - plugin: c:\documents and settings\vladan\application data\mozilla\firefox\profiles\oc38iv22.default\extensions\{7d2fb79e-e58c-4db5-a36f-ac1c73967f4d}\plugins\npqbc.dll
FF - plugin: c:\documents and settings\vladan\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npvsharetvplg.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar_i.id - 205cf23d0000000000000001295006e2
FF - user.js: extensions.BabylonToolbar_i.hardId - 205cf23d0000000000000001295006e2
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15349
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.170:39:52
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109130
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
============= SERVICES / DRIVERS ===============
.
R0 fasttrak;fasttrak;c:\windows\system32\drivers\Fasttrak.sys [2011-6-1 73088]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-6-1 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-6-1 314456]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files\hwinfo32\HWiNFO32.SYS [2011-12-14 21624]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-6-1 20568]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-7-21 44768]
S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;\??\c:\program files\msi\live update 5\msibios32_100507.sys --> c:\program files\msi\live update 5\msibios32_100507.sys [?]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;\??\c:\program files\msi\live update 5\ntiolib.sys --> c:\program files\msi\live update 5\NTIOLib.sys [?]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2011-12-6 27064]
S4 0113731313089885mcinstcleanup;McAfee Application Installer Cleanup (0113731313089885);c:\docume~1\vladan\locals~1\temp\011373~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service --> c:\docume~1\vladan\locals~1\temp\011373~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?]
.
=============== Created Last 30 ================
.
2012-01-14 13:37:11 479232 ----a-w- c:\program files\mozilla firefox\msvcm80.dll
2012-01-14 13:37:11 43992 ----a-w- c:\program files\mozilla firefox\mozutils.dll
2012-01-14 13:37:10 626688 ----a-w- c:\program files\mozilla firefox\msvcr80.dll
2012-01-14 13:37:10 548864 ----a-w- c:\program files\mozilla firefox\msvcp80.dll
2012-01-14 13:33:06 -------- d-----w- c:\documents and settings\vladan\application data\facemoods.com
2012-01-13 21:05:26 -------- d-----w- c:\program files\facemoods.com
2012-01-10 23:40:09 -------- d-----w- c:\program files\BabylonToolbar
2012-01-07 16:11:41 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-26 22:59:02 -------- d-----w- c:\program files\JDownloader
2011-12-26 22:59:02 -------- d-----w- c:\program files\common files\i4j_jres
2011-12-26 18:47:02 -------- d-----w- c:\windows\SxsCaPendDel
2011-12-25 16:41:40 -------- d-----w- c:\documents and settings\vladan\Bluetooth Software
2011-12-24 13:33:48 -------- d-----w- c:\documents and settings\vladan\application data\Foxit Software
2011-12-18 11:41:56 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-12-18 11:41:15 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-12-18 11:39:04 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-12-18 11:35:49 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-12-18 11:35:43 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-12-18 11:32:24 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys
2011-12-18 11:31:40 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-12-17 22:15:37 75776 -c----w- c:\windows\system32\dllcache\strmfilt.dll
2011-12-17 22:15:37 25088 -c----w- c:\windows\system32\dllcache\httpapi.dll
2011-12-17 22:15:36 265728 -c----w- c:\windows\system32\dllcache\http.sys
2011-12-17 22:08:47 136192 -c----w- c:\windows\system32\dllcache\msv1_0.dll
.
==================== Find3M ====================
.
2011-12-26 23:10:08 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-12-26 23:10:07 472808 -c--a-w- c:\windows\system32\deployJava1.dll
2011-12-23 22:39:31 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-28 18:01:25 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 17:53:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-18 12:35:08 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-04 19:20:51 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:20:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:20:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23:59 385024 ----a-w- c:\windows\system32\html.iec
2011-11-03 15:28:36 386048 ----a-w- c:\windows\system32\qdvd.dll
2011-11-03 15:28:36 1292288 ----a-w- c:\windows\system32\quartz.dll
2011-11-01 16:07:10 1288704 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-25 13:33:08 2192768 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 12:52:03 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe
.
============= FINISH: 23:04:17,53 ===============








https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Pozdrav šemahenry23!












- Idi u Start -> Control Panel -> Add or Remove programs
Deinstaliraj: Babylon toolbar on IE, Facemoods Toolbar, Windows iLivid Toolbar

Takodje deinstaliraj i sve ostale aplikacije koje ne koristis. Npr imas:

Revo Uninstaller 1.93
Revo Uninstaller Pro 2.5.7

Jedan od te dve verzije ti ne treba. Odluci se koju ces ostaviti a koju obrisati sa sistema.





Nakon toga isprati ovo uputstvo ...



Arrow

Preuzmi instalaciju za program Malwarebytes Anti-Malware sa sledećeg linka:
http://www.besttechie.net/tools/mbam-setup.exe

Dvoklikom pokreni instalaciju - na samom kraju procesa, proveri da su obeležene opcije:
Update Malwarebytes' Anti-Malware;
Launch Malwarebytes Anti-Malware;

a zatim klikni Finish.

Nakon završenog ažuriranja program će se pokrenuti.

Izaberi opciju Perform Quick Scan i klikni Scan.

Po završetku procesa klikni OK, Show Results: u listi detektovanog malware-a, obeleži sve stavke i klikni Remove Selected.

Po završetku procesa, logfile će se otvoriti u Notepad-u; iskopiraj ga u temu na forumu.
Ukoliko program zatraži restart kako bi se završio proces čišćenja, obavezno ga dozvoliti.

Napomena: ako dođe do restarta na kraju procesa čišćenja, logfile će biti dostupan na Logs kartici (obeleži ga i klikni Open).






goran9888 (AMF Tim)

offline
  • Pridružio: 23 Dec 2011
  • Poruke: 290

https://www.mycity.rs/must-login.png

offline
  • Pridružio: 02 Feb 2008
  • Poruke: 14018
  • Gde živiš: Nish

Tvoj sistem je cist sto se malware-a tice.





------------------------------------------




- Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop.
Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje.
Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Dozvoli mu.

Napomena: Kada zavrsis sa ciscenjem temp fajlova,program mozes obrisati ili ga sacuvati za kasniju upotrebu.


- Iskljuci pa ponovo ukljuci System Restore. Ovde imas detaljno uputstvo: http://www.mycity.rs/MyCity-Laboratorija/Kako-iskl.....sta-7.html


- Koristis Adobe Reader 6.0.1 koji je prastara a ujedno i kriticna verzija ovog PDF citaca zbog propusta u sigurnosti. Svakako ti je moj predlog da instaliras najnoviju verziju (Reader X (verzija 10)) ili predjes na alternativu tipa Foxit Reader, Nitro PDF Reader, itd ...;


- Obavezno poseti temu "Testirajte da li vam je pretrazivac ranjiv", procitaj i isprati link koji stoji u njoj. Imas staru verziju Jave koju moras nadograditi zbog sigurnosnih propusta u njoj. U svakom slucaju, bilo koji dodatak da je stare verzije, bilo bi pozeljno nadograditi ga na najnoviju. Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html








Otvori temu u Windows potforumu ukoliko imas i dalje problema sa sistemom: http://www.mycity.rs/Windows/









Ko je trenutno na forumu
 

Ukupno su 945 korisnika na forumu :: 31 registrovanih, 7 sakrivenih i 907 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Bane san, bbogdan, celik, ceman, crnitrn, Excalibur13, HogarStrashni, ivica976, Kubovac, kunktator, kybonacci, ladro, LUDI, Marko Marković, mercedesamg, mile23, milenko crazy north, Nikola00, oganj123, ozzy, pein, raketaš, rovac, ShurikSST, stegonosa, strelac07, suponik, Trpe Grozni, vathra, Vlad000, Zeks