Srodne teme
Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.

Facebook, pop-up i zastita AP-a

[es] :: Zaštita :: Facebook, pop-up i zastita AP-a

[ Pregleda: 2457 | Odgovora: 10 ] > FB > Twit

Postavi temu Odgovori

Autor
Pretraga teme: Traži
Markiranje Štampanje RSS

benjo_1

Član broj: 143528
Poruke: 234
85.158.33.*



+1 Profil

icon Facebook, pop-up i zastita AP-a05.02.2010. u 17:06 - pre 172 meseci
prvo sto zelim da pitam je li vam ovo poznato...fejs mi se promijenio sumnjam na virus :S jeidno je meni tkao... kada dobijem par odgovoa na ovo sljedece pitanje ce biti o pop-upu koji mi iskace kada se pojavi ss cu da stavim...
slika u prilogu

EDIT: sto se tice fejsa ode je objasnjeno...moja panika je neosnovana al kad imam dosta informacija na drugom compu a tek sam postavio wiralles AP jbga brine se covjek...
Sada cu da skeniram sa hjack pa da dam report pa da provjerite...hvala

Citat:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:19:39, on 5.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\sstray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Innovative Solutions\DriverMax\devices.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ba/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DriverMax] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -agent
O4 - HKCU\..\Run: [DriverMax_RESTART] "C:\Program Files\Innovative Solutions\DriverMax\devices.exe" -RESTART
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: GetRight.lnk = C:\Program Files\GetRight\GetRight.exe
O8 - Extra context menu item: Download with GetRight Pro - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Pro Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{7D5B815B-F176-44FA-A224-2D1613DD4C84}: NameServer = 217.75.192.10 217.75.192.11
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe (file missing)
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd. - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

--
End of file - 5608 bytes


Avast Home Edition korsitim zadnji upadet sve skenirano ok


[Ovu poruku je menjao Goran Mijailovic dana 05.02.2010. u 20:59 GMT+1]
!TTV!vNAIDnLMWUpc13GgogBWsH1qQAWcBA2bMqmYJiVOqQvQl3Ga9zELlwCuZJUpWyTt!TTV!
Prikačeni fajlovi
elv.JPG elv.JPG - 134.68k
 
Odgovor na temu

Sc0rp10
Virtual

Član broj: 150826
Poruke: 327



+16 Profil

icon Re: Facebook, pop-up i zastita AP-a05.02.2010. u 21:13 - pre 172 meseci
Log ti je cist, mada mozes da fixujes ovo dvoje:
Code:

O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll (file missing)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
Divide et impera.

Android power!
 
Odgovor na temu

benjo_1

Član broj: 143528
Poruke: 234
85.158.38.*



+1 Profil

icon Re: Facebook, pop-up i zastita AP-a07.02.2010. u 14:30 - pre 172 meseci
hvalana interesovanju na temu te za odgovor!

Fix uradnej za ta dva te evo ss zadrugi problem. Inace ovo je program sam instalriao te poslije korsitenja uredno izbrisao ali sada iskace ovaj pop-up....

!TTV!vNAIDnLMWUpc13GgogBWsH1qQAWcBA2bMqmYJiVOqQvQl3Ga9zELlwCuZJUpWyTt!TTV!
 
Odgovor na temu

benjo_1

Član broj: 143528
Poruke: 234
85.158.38.*



+1 Profil

icon Re: Facebook, pop-up i zastita AP-a07.02.2010. u 14:47 - pre 172 meseci
druga stvar je...AP u wisp client router modu...
Da li se AP vidi ( da li se komsija moze nakaciti ili samo LAN vezom mu se moze pristupiti ?=) pitam jer mi u statistici wiralles stoji nepoznata amcc adresa kao da je neko konektovan....

Druga stvar, da li se AP vidi na interentu da li neko moze mu pristupiti, njemu i podacima ?
!TTV!vNAIDnLMWUpc13GgogBWsH1qQAWcBA2bMqmYJiVOqQvQl3Ga9zELlwCuZJUpWyTt!TTV!
 
Odgovor na temu

Sc0rp10
Virtual

Član broj: 150826
Poruke: 327



+16 Profil

icon Re: Facebook, pop-up i zastita AP-a07.02.2010. u 17:02 - pre 172 meseci
Sto se tice prvog pitanja idi Start>All Programs>Accessories>System Tools>Scheduled Tasks.Tu treba da bude ParetoLogic Registration.Izbrisi taj task.

A odgovori na pitanja iz drugog posta (trebalo bi da pitas na drugom delu foruma)
Ako ti stoji ta nepoznata MAC adresa, verovatno se moze nakaciti na njega i koristiti tvoj net.Pretpostavljam da ne koristis nikakav vid zastite tipa WEP,WPA/WPA2?

Ne razumem kako to mislis da li se ap vidi na netu?Tvoj ap "vide" samo oni korisnici do cijih pc/laptopova doseze signal tvog apa.
Divide et impera.

Android power!
 
Odgovor na temu

benjo_1

Član broj: 143528
Poruke: 234
85.158.34.*



+1 Profil

icon Re: Facebook, pop-up i zastita AP-a07.02.2010. u 18:08 - pre 172 meseci
hvala!
Prvi dio uradjen :)

Sto se tice AP.a mozda je to Mac adresa onog AP od ISP-a na koji sam ja zakcio sovj AP ? to ne znam :)

a pitam za interent jer sam odcekirao ovu opciju
Code:
Remote Management :
If you enable this feature, you can manage the DAP-1160 from anywhere on the Internet.
     
Enable Remote Management:       
!TTV!vNAIDnLMWUpc13GgogBWsH1qQAWcBA2bMqmYJiVOqQvQl3Ga9zELlwCuZJUpWyTt!TTV!
 
Odgovor na temu

Sc0rp10
Virtual

Član broj: 150826
Poruke: 327



+16 Profil

icon Re: Facebook, pop-up i zastita AP-a08.02.2010. u 14:07 - pre 172 meseci
Da ne nastavljamo dalje posto je ovo tema za zastitu.Otvori novu temu u wireless delu.
Divide et impera.

Android power!
 
Odgovor na temu

benjo_1

Član broj: 143528
Poruke: 234
91.191.24.*



+1 Profil

icon Re: Facebook, pop-up i zastita AP-a27.02.2010. u 14:17 - pre 172 meseci
pozdrav...
posto imam dva racunara evo log od drugog, dosao sam kuci i vidim racunar spor kaooooooo...moguce je zato sto ima samo 256 RAMA ali kada sam sa avastom skenirao svo virijeme je bio na 0% tako ima li koji sumnjiv proces ? hvala

Code:
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 3:15:34 PM, on 2/27/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Benja\Desktop\USDownloader.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ba/
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe 
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p
O4 - HKUS\S-1-5-21-1454471165-1935655697-682003330-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'amina')
O4 - HKUS\S-1-5-21-1454471165-1935655697-682003330-1004\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'amina')
O4 - HKUS\S-1-5-21-1454471165-1935655697-682003330-1004\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'amina')
O4 - HKUS\S-1-5-21-1454471165-1935655697-682003330-1004\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized (User 'amina')
O4 - HKUS\S-1-5-21-1454471165-1935655697-682003330-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'fuad')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{E3BD3506-9573-43D9-99C8-4F03166FCA15}: NameServer = 87.250.98.250 208.67.222.222
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 5955 bytes
!TTV!vNAIDnLMWUpc13GgogBWsH1qQAWcBA2bMqmYJiVOqQvQl3Ga9zELlwCuZJUpWyTt!TTV!
 
Odgovor na temu

Sc0rp10
Virtual

Član broj: 150826
Poruke: 327



+16 Profil

icon Re: Facebook, pop-up i zastita AP-a28.02.2010. u 09:05 - pre 172 meseci
Log je cist.Ako hoces uradi scan sa malwarebytes, pa okaci ovde log.
Divide et impera.

Android power!
 
Odgovor na temu

benjo_1

Član broj: 143528
Poruke: 234
91.191.24.*



+1 Profil

icon Re: Facebook, pop-up i zastita AP-a28.02.2010. u 18:17 - pre 172 meseci
malwarebytes nije nsao nsita ( osim odchekiranog AU ) :)

Da li treba da provjerim sa necim jos ?
!TTV!vNAIDnLMWUpc13GgogBWsH1qQAWcBA2bMqmYJiVOqQvQl3Ga9zELlwCuZJUpWyTt!TTV!
 
Odgovor na temu

Sc0rp10
Virtual

Član broj: 150826
Poruke: 327



+16 Profil

icon Re: Facebook, pop-up i zastita AP-a28.02.2010. u 21:16 - pre 172 meseci
Pa mislim da nema potrebe posto vec ni hjt ni malwarebytes nisu nasli nista, a ti nemas neki specifican problem koji bi ukazao na postojanje malwarea, osim sto ti racunar usporeno radi, a to je verovatno problem do rama kao sto si i naveo.
Divide et impera.

Android power!
 
Odgovor na temu

[es] :: Zaštita :: Facebook, pop-up i zastita AP-a

[ Pregleda: 2457 | Odgovora: 10 ] > FB > Twit

Postavi temu Odgovori

Srodne teme
Navigacija
Lista poslednjih: 16, 32, 64, 128 poruka.