Pomoc

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Samo da vas pitam, je li moguce da mi je neko hakovao racunar..jer nisam mogla misem da upravljam...jedva sam iskljucila net...i ukljucila sam antivirus..i pronasao je Trojan.Agent.ck , i neki virus PULL.brain... koji sam uspjela da izbrisem...ako sam dobro napisala...Sad mi je racunar mnogo usporen... Znaci racunar se ponasao isto kao kad dopustim nekome da mi udje u racunar pomocu TeamViewer-a...


DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.10.2
Run by xxx at 22:06:46 on 2013-01-23
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.387.1033.18.2038.980 [GMT 1:00]
.
AV: ESET Smart Security 6.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 6.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.babylon.com/?affID=115881&tt=4512_3&babsrc=HP_ss&mntrId=04db62cf00000000000000197eef1311
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://home.allgameshome.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{93836CDE-C9C6-481C-AB8E-B9BBD7247DCC} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{93836CDE-C9C6-481C-AB8E-B9BBD7247DCC}\5525F435 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{93836CDE-C9C6-481C-AB8E-B9BBD7247DCC}\A5F4E414020516C6560283 : DHCPNameServer = 10.0.0.1 87.250.98.250 8.8.8.8
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\24.0.1312.52\installer\setup.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2012-6-14 50664]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2012-8-29 18544]
R1 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2012-6-14 171168]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\drivers\EpfwLWF.sys [2012-6-14 33696]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2012-6-14 1288104]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\drivers\ATSwpWDF.sys [2012-8-29 475136]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 OS Selector;Acronis OS Selector activator;c:\users\xxx\documents\acr\oss\reinstall_svc.exe --> c:\users\xxx\documents\acr\oss\reinstall_svc.exe [?]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2013-1-12 49664]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-9-12 1512448]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2013-1-3 14848]
S3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\Synth3dVsc.sys [2010-11-21 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2013-1-3 24064]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2013-1-3 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2013-1-3 27136]
S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 112640]
S3 UsbFltr;Razer Copperhead Driver;c:\windows\system32\drivers\copperhd.sys [2005-11-2 11596]
.
=============== Created Last 30 ================
.
2013-01-23 20:58:13 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-23 20:58:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-23 20:56:08 -------- d-----w- c:\program files\CCleaner
2013-01-23 15:49:38 -------- d-----w- c:\users\xxx\appdata\local\Programs
2013-01-23 14:38:48 -------- d-----r- c:\program files\Skype
2013-01-22 10:44:30 6991832 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{0469199a-10c4-41d7-883d-be9a39f88280}\mpengine.dll
2013-01-19 11:35:01 96664 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe
2013-01-19 11:35:01 157712 ----a-w- c:\program files\mozilla firefox\webapp-uninstaller.exe
2013-01-19 11:34:57 562032 ----a-w- c:\program files\mozilla firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor13.dll
2013-01-15 18:04:57 -------- d-----w- c:\users\xxx\appdata\roaming\Windows Live Writer
2013-01-15 18:04:57 -------- d-----w- c:\users\xxx\appdata\local\Windows Live Writer
2013-01-14 23:46:41 -------- d-----w- C:\bd4967e6109fb225017b811ea467
2013-01-14 09:27:43 -------- d-----w- C:\a6fa87dbf028e4f5306c97902bdd50
2013-01-13 10:56:36 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-13 10:56:35 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-01-13 10:56:32 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-01-13 10:54:06 46592 ----a-w- c:\windows\system32\fpb.rs
2013-01-13 10:53:21 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-13 10:53:16 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-01-12 22:05:53 -------- d-----w- c:\program files\Mozilla Firefox.bak
2013-01-12 22:04:18 -------- d-----w- c:\users\xxx\Tracing
2013-01-12 21:51:58 -------- d-----w- c:\windows\en
2013-01-12 21:51:31 49664 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2013-01-12 21:50:46 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-01-12 21:49:18 -------- d-----w- c:\windows\PCHEALTH
2013-01-12 21:47:43 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2013-01-12 21:47:43 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2013-01-12 21:47:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2013-01-12 21:46:57 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2013-01-12 21:46:23 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2013-01-12 21:45:29 5659096 -c--a-w- c:\program files\common files\windows live\.cache\e63256571cdf10d03\skydrivesetup.exe
2013-01-12 21:45:29 -------- d-----w- c:\program files\Microsoft SkyDrive
2013-01-12 21:45:24 -------- d-----r- c:\users\xxx\SkyDrive
2013-01-12 21:44:56 -------- d-----w- c:\programdata\Microsoft SkyDrive
2013-01-12 21:44:03 89944 -c--a-w- c:\program files\common files\windows live\.cache\ee79e7801cdf10d05\DSETUP.dll
2013-01-12 21:44:03 537432 -c--a-w- c:\program files\common files\windows live\.cache\ee79e7801cdf10d05\DXSETUP.exe
2013-01-12 21:44:03 1801048 -c--a-w- c:\program files\common files\windows live\.cache\ee79e7801cdf10d05\dsetup32.dll
2013-01-12 21:43:44 525656 -c--a-w- c:\program files\common files\windows live\.cache\dfd251011cdf10d02\DXSETUP.exe
2013-01-12 21:43:44 1691480 -c--a-w- c:\program files\common files\windows live\.cache\dfd251011cdf10d02\dsetup32.dll
2013-01-12 21:43:43 94040 -c--a-w- c:\program files\common files\windows live\.cache\dfd251011cdf10d02\DSETUP.dll
2013-01-12 21:43:33 537432 -c--a-w- c:\program files\common files\windows live\.cache\d9fb05ac1cdf10d01\DXSETUP.exe
2013-01-12 21:43:32 1801048 -c--a-w- c:\program files\common files\windows live\.cache\d9fb05ac1cdf10d01\dsetup32.dll
2013-01-12 21:43:31 89944 -c--a-w- c:\program files\common files\windows live\.cache\d9fb05ac1cdf10d01\DSETUP.dll
2013-01-12 21:43:24 -------- d-----w- c:\users\xxx\appdata\local\Windows Live
2013-01-12 21:43:13 -------- d-----w- c:\program files\common files\Windows Live
2013-01-03 13:24:12 166976 ----a-w- c:\windows\system32\drivers\snapman.sys
2013-01-03 12:53:04 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-01-03 12:53:04 247808 ----a-w- c:\windows\system32\schannel.dll
2013-01-03 12:53:04 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-01-03 12:53:03 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-01-03 12:53:00 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-12-31 21:16:43 -------- d-----w- c:\programdata\4shared Desktop
2012-12-29 11:15:04 -------- d-----w- c:\users\xxx\appdata\roaming\SYSTEMAX Software Development
2012-12-29 11:15:04 -------- d-----w- c:\programdata\SYSTEMAX Software Development
.
==================== Find3M ====================
.
2013-01-09 13:38:51 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-09 13:38:51 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-16 14:13:28 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-07 12:26:17 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-11-30 04:53:34 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-11-30 04:47:45 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-11-30 02:55:25 271360 ----a-w- c:\windows\system32\conhost.exe
2012-11-30 02:38:59 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-28 09:35:22 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42:49 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-02 05:11:31 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 04:47:54 1389568 ----a-w- c:\windows\system32\msxml6.dll
.
============= FINISH: 22:07:52,61 ===============

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Pozdrav, potrebno je da dostavis i GMER izvestaje...kao i Attach.txt

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 23 Jan 2013 22:28

imam problema oko Gmer-a//nece da se pokrene skeniranje kad klinem autostart...

Dopuna: 23 Jan 2013 22:29

Evo i Attach.txt
mycity.rs/must-login.png

Dopuna: 23 Jan 2013 22:41

mycity.rs/must-login.png

mycity.rs/must-login.png

Dopuna: 23 Jan 2013 22:43

Problem je sa trecim Gmer-om...ima li ko da mi pomogne ?

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Imas ostatke Avast antivirusa, koje je potrebno uklonite jer usled prisustva dva antivirusa na sistemu moze doci do problema, kao na primer usporavanje rada sistema.

- Preuzmi aswclear.exe na Desktop.

- Restartuj sistem u Safe Mode po ovom uputstvu.

- Pokreni aswclear.exe, odaberi verziju koja je bila instalirana, a nakon toga klikni na Uninstall.

- Kada postupak bude zavrsen, restartuj racunar.




Nakon toga postavi Screen Shot detekcija koje je Eset prijavio.

Kako postaviti Screen Shot --> http://www.mycity.rs/Pitanja-i-predlozi/Pravljenje-screenshota.html

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 24 Jan 2013 11:50

Ne mogu da udjem u Safe Mode, nikako..Sad nemam ni neta...samo crna podloga na monitoru...i ogromne ikonice..Ne ynam sad ovo objasniti...

Dopuna: 24 Jan 2013 12:03

Sad je sve u redu...ja sam pogresno procitala...

• 1Ovo se svidja korisniku: g[h]ost
  
  Registruj se da bi pohvalio/la poruku!

To je normalno, nemas internet i rezolucija je takva, zato sto samo vitalni servisi rade u Safe Mode...

Koncentrisi se samo na postupak

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napisano: 24 Jan 2013 15:29

Odradila sam i to..ESET je detektovao 3 neka virusa...ili sta vec...Ne razumijem se bas u racunare..i ako nesto lupim..ne zamjerite

Dopuna: 24 Jan 2013 15:31

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi "Xplode"-ov AdwCleaner i sacuvaj ga na Desktop
Dvoklikom pokreni program i klikni na dugme [Search] .
Kada program zavrsi analizu otvorice notepad sa izvestajem. Zatvori taj notepad.

Klikni na dugme [Delete] i pricekaj da program zavrsi.
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok
Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"
Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Evo i to odradjeno...Sta je u pitanju ?
mycity.rs/must-login.png

• 1Ovo se svidja korisniku: g[h]ost
  
  Registruj se da bi pohvalio/la poruku!

Na racunaru nije prisutan malware, niti neki vid hakovanja. Uklonili smo moguce uzroke problema. Ima li poboljsanja?



Postavi mi jos jednom svez DDS.txt za proveru...